Re: [Puppet Users] Puppet hiera variable

[Peter Bukowinski]

Jagga,

It’s a simple error. You need to remove the square brackets from around your 
conditional test. Puppet is evaluating it as an array, and since puppet treats 
all non-boolean values (other than undef) as true, you will never get to the 
else block.

—
Peter

> On Apr 3, 2018, at 10:13 PM, Jagga Soorma  wrote:
> 
> Hi Guys,
> 
> I am using foreman and puppet to provision/manage systems.  I have a simple 
> motd module that I was using for all my systems but now have a need to setup 
> a different motd for a specific hostgroup/type of systems.  So, I though I 
> would use the hostgroup hiera setup from foreman/puppet to decide which motd 
> to use.  I wrote something quickly to test but have unexpected results and 
> was hoping someone here can help me make sense of this:
> 
> --
> my hostgroup for system 1 is CSOE73_Prod/hpc/misc and for system 2 is 
> CSOE73_Prod/hpc/compute.  So I decided to write the code this way:
> 
> if [$hostgroup == 'CSOE73_Prod/hpc/misc'] {
>   file { "/etc/motd":
> ensure => file,
> content => template('clientos/motd.erb')
>  }
> } 
> else {
>   file { "/etc/motd":
> ensure => file,
> source => 'puppet:///modules/clientos/etc/motd 
> ',
> mode => 644,
> owner => 'root',
> group => 'root',
> }
> }
> --
> 
> However, for both systems the motd.erb template is being applied.  However, 
> my expectation was that for system 2 it would just use the files/etc/motd 
> file.  Is it maybe the backslash in CSOE73_Prod/hpc/misc that might be 
> throwing it off?  Am I going about this totally the wrong way?  
> 
> Any help would be greatly appreciated!
> 
> Thanks,
> -J

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2019AE2E-05AC-4964-AC10-AD3A712ADD49%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Custom Facts using awk

[Peter Bukowinski]

Hi Warron,

Puppet executes the script directly, so you need the shebang line and you must 
ensure the file is executable.

-- Peter

> On Mar 27, 2017, at 2:25 PM, warron.french <warron.fre...@gmail.com> wrote:
> 
> Peter, perhaps I misunderstood you; but, I thought I was supposed to be able 
> to use bash or sh scripting to generate facters of my own without the use of 
> Ruby.
> 
> The link you provided refers to a python script example.  It also adds a 
> shebang line at the top of the script; do I need the shebang line, or will 
> Puppet simply execute the shell script with:
> 
> sh scriptname.sh
> 
> Thanks for the feedback,
> 
> --
> Warron French
> 
> 
>> On Wed, Mar 22, 2017 at 7:07 PM, Peter Bukowinski <pmb...@gmail.com> wrote:
>> Hi Warron,
>> 
>> I'd consider using an external, executable fact to avoid ruby altogether.
>> 
>>   
>> https://docs.puppet.com/facter/3.6/custom_facts.html#executable-facts-unix
>> 
>> Basically, you can write a bash script (or use any language you want),
>> drop it into '//facts.d/' on your puppet server,
>> and it will be synced to all your nodes (assuming you use pluginsync).
>> 
>> The only requirement for executable fact scripts is that they must
>> return key/value pairs in the format 'key=value'. Multiple keys/values
>> get their own line. In your case, you could do something like this:
>> 
>> -
>> #!/bin/bash
>> 
>> key="qty_monitors_total"
>> value=$(your parsing command for /var/log/Xorg.0.log here)
>> 
>> echo "${key}=${value}"
>> -
>> 
>> Save the file as an executable script in the above mentioned path and
>> it should be available on the next puppet run.
>> 
>> On Wed, Mar 22, 2017 at 3:24 PM, warron.french <warron.fre...@gmail.com> 
>> wrote:
>> > Hello, I have finally learned how to write a Custom Fact; and duplicated 
>> > the
>> > syntax several times over inside the same .rb file.
>> >
>> > I am using syntax that looks like the following:
>> >
>> > Facter.add('qty_monitors_total') do
>> >   setcode  do
>> >  Facter::Util::Resolution.exec('/bin/grep " connected"
>> > /var/log/Xorg.0.log | cut -d\) -f2,3,4 | grep GPU |sort -u | wc -l')
>> >   end
>> > end
>> >
>> > I don't know of any other way to do this yet; but that's not my concern 
>> > yet.
>> >
>> > What I would like to know is how can I use an awk command within the
>> > Facter::Util::Resolution.exec('.') line.
>> >
>> > I have a need to essentially reproduce the line above but drop   wc -l and
>> > add awk '{ print $2"_"$3"_on_"$1$4 }'
>> >
>> > I need the awk command to pretty much look like this; the problem is awk
>> > uses its own single quotes (') and it will break the ruby code.
>> >
>> > I am not a ruby developer; so if someone could either tell me:
>> >
>> > It's just not possible; or
>> > do it this way
>> >
>> >
>> > That would be greatly appreciated.  Thank you,
>> >
>> > --
>> > Warron French
>> >
>> > --
>> > You received this message because you are subscribed to the Google Groups
>> > "Puppet Users" group.
>> > To unsubscribe from this group and stop receiving emails from it, send an
>> > email to puppet-users+unsubscr...@googlegroups.com.
>> > To view this discussion on the web visit
>> > https://groups.google.com/d/msgid/puppet-users/CAJdJdQmZXQAd%2Bo%2Bnp-NHqxGHnXubf%2Bac-dP5FPoy4QYMEVuBuA%40mail.gmail.com.
>> > For more options, visit https://groups.google.com/d/optout.
>> 
>> --
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/CAJA1CN9aFH4Eza-FoxzrfXDWiGCUHXE%2BGFt2Nu%3DjK2eDzV4upg%40mail.gmail.com.
>> For more options, visit https://groups.google.com/d/optout.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAJdJdQnAbguKzz0S2O_NJfp2nzjeev77Ld7PHBEAOBH8_CZPsw%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/F53C3C7F-916F-4DB1-896F-8FF0F7F54BD6%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Custom Facts using awk

[Peter Bukowinski]

Hi Warron,

I'd consider using an external, executable fact to avoid ruby altogether.

  https://docs.puppet.com/facter/3.6/custom_facts.html#executable-facts-unix

Basically, you can write a bash script (or use any language you want),
drop it into '//facts.d/' on your puppet server,
and it will be synced to all your nodes (assuming you use pluginsync).

The only requirement for executable fact scripts is that they must
return key/value pairs in the format 'key=value'. Multiple keys/values
get their own line. In your case, you could do something like this:

-
#!/bin/bash

key="qty_monitors_total"
value=$(your parsing command for /var/log/Xorg.0.log here)

echo "${key}=${value}"
-

Save the file as an executable script in the above mentioned path and
it should be available on the next puppet run.

On Wed, Mar 22, 2017 at 3:24 PM, warron.french  wrote:
> Hello, I have finally learned how to write a Custom Fact; and duplicated the
> syntax several times over inside the same .rb file.
>
> I am using syntax that looks like the following:
>
> Facter.add('qty_monitors_total') do
>   setcode  do
>  Facter::Util::Resolution.exec('/bin/grep " connected"
> /var/log/Xorg.0.log | cut -d\) -f2,3,4 | grep GPU |sort -u | wc -l')
>   end
> end
>
> I don't know of any other way to do this yet; but that's not my concern yet.
>
> What I would like to know is how can I use an awk command within the
> Facter::Util::Resolution.exec('.') line.
>
> I have a need to essentially reproduce the line above but drop   wc -l and
> add awk '{ print $2"_"$3"_on_"$1$4 }'
>
> I need the awk command to pretty much look like this; the problem is awk
> uses its own single quotes (') and it will break the ruby code.
>
> I am not a ruby developer; so if someone could either tell me:
>
> It's just not possible; or
> do it this way
>
>
> That would be greatly appreciated.  Thank you,
>
> --
> Warron French
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/puppet-users/CAJdJdQmZXQAd%2Bo%2Bnp-NHqxGHnXubf%2Bac-dP5FPoy4QYMEVuBuA%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CAJA1CN9aFH4Eza-FoxzrfXDWiGCUHXE%2BGFt2Nu%3DjK2eDzV4upg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Basic syntax and learning problems

[Peter Bukowinski]

>> On Jun 17, 2016, at 9:50 AM, Edward Ned Harvey (puppet) 
>> <pup...@nedharvey.com> wrote:
>> 
>> From: puppet-users@googlegroups.com [mailto:puppet-
>> us...@googlegroups.com] On Behalf Of Peter Bukowinski
>> 
>> Hi Edward,
>> 
>> With puppet 3.7, all facts are "stringified" by default, meaning hashes are
>> flattened to strings. If you've got facter 2.0 or greater, you can change 
>> this
>> behavior do you can access hash keys individually.
> 
> Thanks very much for the help. Unfortunately, I'm learning, and working, in 
> an environment with several hundred machines in production using puppet. I 
> can't really expect to upgrade or reconfigure the environment. All I'm trying 
> to do is ensure some ssh files exist in a particular user's home directory, 
> so I thought I would use $facts to determine if the user exists, and get 
> their home directory path, and create the files in there.
> 
> Is there a way to parse the $os string into a hash, so I can access its 
> members? (Besides wanting to access users' home directories, it would also be 
> useful to just get the OS major number, for a different purpose.) I tried 
> parsejson(), but it doesn't like the => instead of :, and it didn't seem 
> right to substitute : for =>. I figured there *should* be a way to parse the 
> string the right way.
> 
> If not via $facts, how else would puppet put some files into a user's home 
> directory?

Fortunately, facter has separate facts for most items in the os fact hash. Keep 
in mind you can see all the facts available to your client by running ‘sudo 
facter -p’. Here are the facts you can use to directly access some of the facts 
in the os hash.

# facter os
{"name"=>"Ubuntu", "family"=>"Debian", "release"=>{"major"=>"13.10", 
"full"=>"13.10"}, "lsb"=>{"distcodename"=>"saucy", "distid"=>"Ubuntu", 
"distdescription"=>"Ubuntu 13.10", "distrelease"=>"13.10", 
"majdistrelease"=>"13.10”}}

# facter osfamily
Debian

# facter lsbmajdistrelease
13.10

# facter lsbdistcodename
saucy


The easiest way to install files into a particular user’s home directory (if 
the path to that directory is consistent across all your machines) is to create 
a package that does it for you. Then you can use puppet to ensure that the 
package is installed without it having to worry about the particulars.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/55109213-7A87-4BA1-8705-137BA3F0D072%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Basic syntax and learning problems

[Peter Bukowinski]

Hi Edward,

With puppet 3.7, all facts are "stringified" by default, meaning hashes are 
flattened to strings. If you've got facter 2.0 or greater, you can change this 
behavior do you can access hash keys individually.

https://docs.puppet.com/puppet/3.7/reference/lang_facts_and_builtin_vars.html#data-types

Be sure to also read the next section below the one I linked for some gotchas. 
Also, if you want to access $facts as a hash, make sure to set he option notes 
here:

https://docs.puppet.com/puppet/3.7/reference/lang_facts_and_builtin_vars.html#the-factsfactname-hash

-- Peter (from phone)

> On Jun 17, 2016, at 8:42 AM, Edward Ned Harvey (puppet) 
>  wrote:
> 
> Running puppet 3.7.4
> 
> I am new to puppet, and learning the syntax. For learning, I open up two 
> terminals, where I "vi foo.pp" in one terminal, and I "puppet apply foo.pp" 
> on the other terminal.
> 
> Using this:
> node default {
>notify{"syntax1":
>message => $facts['osfamily']
>}
> }
> 
> I got this result:
> Error: facts is not a hash or array when accessing it with osfamily at 
> /root/foo.pp:3 on node...
> 
> So then, using this:
> node default {
>notify{"syntax1":
>message => $facts
>}
> }
> 
> I get this result:
> Notice: /Stage[main]/Main/Node[default]/Notify[syntax1]/message: defined 
> 'message' as 'syntax1'
> 
> Question 1: Why can't I access $facts?
> 
> So I wondered if maybe facts weren't available because I'm running "puppet 
> apply" instead of "puppet agent -t" but when I look here:
> https://docs.puppet.com/puppet/3.7/reference/lang_facts_and_builtin_vars.html
> 
> They say "Before requesting a catalog (or compiling one with puppet apply), 
> Puppet will collect system information with Facter. Puppet receives this 
> information as facts..."
> 
> So I would expect $facts to be available.
> 
> Using this:
> node default {
>notify{"syntax1":
>message => $os
>}
> }
> 
> I get this result:
> Notice: /Stage[main]/Main/Node[default]/Notify[syntax1]/message: defined 
> 'message' as '{"name"=>"RedHat", "family"=>"RedHat", 
> "release"=>{"major"=>"7", "minor"=>"2", "full"=>"7.2"}}'
> 
> So it seems, yes, at least *some* facts are available.
> 
> Using this:
> node default {
>notify{"syntax1":
>message => $os['name']
>}
> }
> 
> I get this:
> Error: os is not a hash or array when accessing it with name at 
> /root/foo.pp:3 on node ...
> 
> Question #2: What's wrong with my syntax to access the OS name? I would 
> expect to be able to access $os['release']['major'] to get the result "7"
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/BY1PR0401MB1255B576DD0E2274E7825A2EDC570%40BY1PR0401MB1255.namprd04.prod.outlook.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3405DEFF-AE12-4A4F-9620-A8BDCF74997F%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] exec not executing

[Peter Bukowinski]

It looks like it's the quotes in your command. The entire command is wrapped in 
double quotes, and the actual mysql command should be wrapped in single quotes, 
but isn't. Also you have admin, localhost, and secret in single quotes that 
aren't escaped. You will need to escape all the single quotes inside the mysql 
command, and also add an unescaped quote after the semicolon to match with the 
si glee quote after the '-e'. E.g.

command => "mysql -e 'grant all privileges on *.* to \'admin\'@\'localhost\' 
identified by \'secret\';'",

--
Peter

> On Feb 21, 2016, at 11:14 PM, Tim Dunphy  wrote:
> 
> Hey guys,
> 
>  I wrote an exec class for one of my modules. And for some reason, on puppet 
> runs it's not executing.
> 
> Here's the class:
> 
> class bacula::exec {
> 
> exec { 'create.mysql.admin.user':
> path => "/bin",
> command => "mysql -e 'grant all privileges on *.* to 'admin'@'localhost' 
> identified by 'secret';",
> refreshonly => true,
> }
> 
> }
> 
> This is my init file:
> 
> class bacula {
> 
> include bacula::install, bacula::service, bacula::cron, bacula::config, 
> bacula::exec
> 
> }
> 
> Any thoughts or opininions welcomed!
> 
> Tim
> 
> 
> -- 
> GPG me!!
> 
> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAOZy0eky4KpzhZ4NS2BUQSSb7HK6L4HyEpPJAoRaaGK2dYW64w%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CEC4C999-D8D3-4134-8864-0C4B406793E3%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Puppet 101: How to make it go?

[Peter Bukowinski]

I suggest downloading the Learning VM and working through the tutorial. 

https://puppetlabs.com/download-learning-vm

-- Peter Bukowinski

> On Dec 1, 2015, at 9:42 AM, John Oliver <jno...@gmail.com> wrote:
> 
> I downloaded and installed the open-source puppet on a CentOS 6 virtual 
> machine.  I downloaded and installed the client on a Mac OS X 10.10
> 
> So... how do I make it do something?
> 
> The docs on the puppet site are pretty useless for this... the docs for open 
> source wind up looping back to refer to the enterprise product, and they go 
> into great detail about installing, and then about all these wonderful things 
> you can do, but not a single word about how to do a "Hello World!" and just 
> see one client checking in.
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/100d6f13-e4e4-4338-a564-97725453d582%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5C82D1ED-4B7E-4C6E-AB93-1833154D7CEE%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Regex and Hyphen in node definitions

[Peter Bukowinski]

Is consider removing the ^ and $ anchors. I think I you'll find it works 
without them.

-- Peter

> On Nov 17, 2015, at 9:57 AM, Matt Shields  wrote:
> 
> If there are any other suggestions on how to regex the nodes, that would be 
> extremely helpful.  We name our hosts like. 
> 
> {clientname}-{purpose}{001-999}
> Ex.
> ops-db001 -> uses db profile
> ops-bidb001 -> uses bidb profile
> ops-sdb001 -> uses sdb profile
> ops-web001 -> uses web profile
> 
> client1-db001
> client1-bidb001
> client1-sdb001
> client1-web001
> 
> Thanks
> Matt
> 
>> On Tuesday, November 17, 2015 at 10:22:03 AM UTC-5, Matt Shields wrote:
>> I just updated to 3.8.4-1 and I'm still seeing the same issue
>> 
>>> On Tuesday, November 17, 2015 at 8:38:33 AM UTC-5, Matt Shields wrote:
>>> I'm running Puppet 3.7.4-1
>>> 
 On Monday, November 16, 2015 at 10:50:00 PM UTC-5, Henrik Lindberg wrote:
 On 2015-16-11 13:44, Matt Shields wrote: 
 > I'm having an issue with trying to use regex with hostnames that have a 
 > hyphen in their name.  How can I get this to work? 
 > 
 > node /^(.*)-(db00)(.*)$/ { 
 >include role::db 
 > } 
 > 
 > [root@ops-db001 ~]# puppet agent -t 
 > Info: Retrieving pluginfacts 
 > Info: Retrieving plugin 
 > Info: Loading facts 
 > Error: Could not retrieve catalog from remote server: Error 400 on 
 > SERVER: Invalid tag '-db00.' on node ops-db001.example.dom 
 > Warning: Not using cache on failed catalog 
 > Error: Could not retrieve catalog; skipping run 
 > 
 
 Which version of Puppet are you using? This problem sounds familiar and 
 may have be fixed in a more recent version of Puppet. 
 
 - henrik 
 
 -- 
 
 Visit my Blog "Puppet on the Edge" 
 http://puppet-on-the-edge.blogspot.se/ 
 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e8a7c513-3026-4166-86f8-48658b135700%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9BA35B73-387F-4F44-A235-F1CAB1A865C6%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Custom facts in facter

[Peter Bukowinski]

> On Oct 21, 2015, at 12:56 PM, Hugo Deprez  wrote:
> 
> Hello,
> 
> I created a custom fact with the following procedure :
> 
> mkdir -p /etc/puppet/modules/facts/lib/facter
> touch apache.rb
> 
> Content of apache.rb file :
> Facter.add('apache') do
>   setcode do
>  apache_package = Facter::Core::Execution.exec('which apache2')
>  
> # if 'which apache2' exits with an error, jruby_path will be an empty 
> string
> if apache_package == ""
>   false
> else
>   true
> end
>   end
> end
> 
> this is working when I use the $apache in templates, but when I do :
> #facter apache 
> 
> I got an empty answer.
> 
> How can I add the value to facter ?
> 
> Best regards,
> 
> Hugo


To load puppet-provided facts, you need to add the '-p' option. 'facter -p 
apache' should work.

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6A5B1F20-D1EC-4E30-B74A-5C1A22095A6C%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] file absent in config manifest fails

[Peter Bukowinski]

Tim,

> On Oct 14, 2015, at 10:14 PM, Tim Dunphy  wrote:
> 
> Hey guys,
> 
>  On puppet server 3.8.2 here. And I have a file definition that I want to set 
> as 'absent'. For example, this is what I have:
> 
>   file { '/etc/newrelic/newrelic.cfg':
> ensure  => absent,
> path=> '/etc/newrelic/newrelic.cfg',
> content => template('newrelic/newrelic.cfg.erb'),
> before  => Service[$newrelic_php_service],
> notify  => Service[$newrelic_php_service],
>   }

If you specify 'ensure => absent' then you should not have a 'content' line. 
They are contradictory parameters. (Also, but unrelated, the path parameter is 
duplicative since specifying the path as the file resource name serves the same 
purpose.)

> And if I remove the file I want on the target host:
> 
> [root@ops3:~] #rm -fv /etc/newrelic/newrelic.cfg
> removed ‘/etc/newrelic/newrelic.cfg’
> 
> And then run the puppet agent again:
> 
> [root@ops3:~] #puppet agent --test
> Info: Retrieving pluginfacts
> Info: Retrieving plugin
> Info: Loading facts
> Could not retrieve fact='nr_java_found', resolution='': undefined 
> method `start_with?' for nil:NilClass
> Info: Caching catalog for ops3.jokefire.com 
> Info: Applying configuration version '1444874991'
> Notice: 
> /Stage[main]/Newrelic::Agent::Php/File[/etc/newrelic/newrelic.cfg]/ensure: 
> created
> Info: /Stage[main]/Newrelic::Agent::Php/File[/etc/newrelic/newrelic.cfg]: 
> Scheduling refresh of Service[newrelic-daemon]
> Notice: /Stage[main]/Newrelic::Agent::Php/Service[newrelic-daemon]: Triggered 
> 'refresh' from 1 events
> Notice: /Stage[main]/Mcollective::Service/Service[mcollective]/ensure: ensure 
> changed 'stopped' to 'running'
> Info: /Stage[main]/Mcollective::Service/Service[mcollective]: Unscheduling 
> refresh on Service[mcollective]
> Notice: /Stage[main]/Apache::Service/Service[httpd]/ensure: ensure changed 
> 'stopped' to 'running'
> Info: /Stage[main]/Apache::Service/Service[httpd]: Unscheduling refresh on 
> Service[httpd]
> Notice: /Stage[main]/Puppet::Service/Service[puppet]/ensure: ensure changed 
> 'stopped' to 'running'
> Info: /Stage[main]/Puppet::Service/Service[puppet]: Unscheduling refresh on 
> Service[puppet]
> Notice: Finished catalog run in 7.17 seconds
> 
> Notice the newrelic.cfg file that I want to be 'absent' is created 
> nontheless. 
> 
> Is this some kind of flaw in the version of puppet I'm using? Or could I be 
> doing something wrong?
> 
> Because this is not at all the way I understand the 'absent' value of the 
> ensure setting is supposed to work!
> 
> I guess in the meantime I can comment out the file definition entirely. But I 
> would like to understand why the 'absent' setting isn't working the way it's 
> supposed to!
> 
> Thanks,
> Tim

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/266E9C53-C845-474F-B3AD-54CA5D3D86B1%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Running a daemon only during certain hours of the day

[Peter Bukowinski]

On Apr 9, 2015, at 1:26 AM, Gabriel Filion gabs...@lelutin.ca wrote:
 
 Hello,
 
 A client of mine needs to be able to control which hours during the day
 a certain daemon is running and which hours it is not.
 
 So far I can think of hiera for controlling the on/off periods + some
 math magic to determine in the puppet manifests whether we are currently
 in the On or Off period (which would ensure either running or stopped).

This seems like an overly-complex approach.

 The other option could be a custom fact (which would make manifests less
 complicated), but I'm unsure of how control over the on/off time periods
 could be achieved in this case.
 
 Am I more or less on to something with the above or am I trying to do
 something with the wrong tool? One of the downsides of using puppet is
 that runs are only once per hour (in that case) so the starting and
 stopping times might be unreliable :\

Puppet is really good at managing steady states. Why not have puppet manage 
cron entries responsible for starting and stopping the daemon? A custom fact 
could be used to return the current on/off state (accurate as of the last 
puppet run, or course) of the daemon for auditing purposes.

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7DA458FE-70F8-4A5E-857F-6140FE49523E%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] forcing a variable to be lower case?

[Peter Bukowinski]

 On Feb 25, 2015, at 3:20 PM, Peter Bukowinski pmb...@gmail.com wrote:
 
 
 On Feb 25, 2015, at 2:26 PM, Peter Berghold salty.cowd...@gmail.com wrote:
 
 I have a situation where there is an uppercase letter in a client's host 
 name. When Puppet creates the certificate for the host the resultant name 
 for the is in all lower case as I'd expect.
 
 The trouble comes in where I am managing the /etc/puppet/puppet.conf file. 
 In my template I have 
certname = %= certname %
 
 and in my class I have certname defined as 
 
 $certname = downcase($fqdn)
 
 This is not working.  How should I attack this? 
 
 Since templates let you use normal ruby functions, I would do your downcasing 
 in there:
 
   certname = % certname.downcase %
 
Correction:

certname = %= certname.downcase %

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/DB8C41A8-AA82-4769-83C5-7B0D19AC7CBE%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] forcing a variable to be lower case?

[Peter Bukowinski]

 On Feb 25, 2015, at 2:26 PM, Peter Berghold salty.cowd...@gmail.com wrote:
 
 I have a situation where there is an uppercase letter in a client's host 
 name. When Puppet creates the certificate for the host the resultant name for 
 the is in all lower case as I'd expect.
 
 The trouble comes in where I am managing the /etc/puppet/puppet.conf file. In 
 my template I have 
 certname = %= certname %
 
 and in my class I have certname defined as 
 
  $certname = downcase($fqdn)
 
 This is not working.  How should I attack this? 

Since templates let you use normal ruby functions, I would do your downcasing 
in there:

certname = % certname.downcase %

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/E92AFA0D-1939-41A4-8B13-27195FD7E994%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Have Facter always return a result

[Peter Bukowinski]

 On Jan 30, 2015, at 12:02 PM, Brian Morris nomadicextre...@gmail.com wrote:
 
 Hello all,
 
 I cannot seem to get Facter to always return a value. In this instance I am 
 pulling the Java version from our systems, but would like there to be an 
 entry that says null within the facts of systems that don't have any Java 
 clients installed. Here is the basic facter that pulls the Java version, and 
 it works as expected:
 
 Facter.add(java_version) do
  confine :osfamily = Debian   
  setcode do
  Facter::Util::Resolution.exec(java -version 21 | grep Runtime | sed 
 s/\[\\(\\)]//g | cut -d ' ' -f6)
 
  end
 
 end
 
 
 
 However, this returns nothing at all if no Java clients are installed. This 
 fact is simply absent from those system's inventories. I have tried various 
 if/else cases, such as this, just for testing purposes:
 
 Facter.add(java_version) do
  confine :osfamily = Debian   
  setcode do
  if :osfamily == Debian
 Facter::Util::Resolution.exec(java -version 21 | grep Runtime | sed 
 s/\[\\(\\)]//g | cut -d ' ' -f6)
  else
  null
  end
  end
 end
 
 ... but this always resolves to null, even when run on a platform that 
 shows osfamily = Debian. Does anone have some ideas on how to return the 
 JAva client version when it is present, but to populate this fact with null 
 if no client is present?

The easiest way to do it is to first assign null to a variable, then assign 
the output of your version command to that variable and return the variable. If 
the version command is nonexistent, then it won't be able to overwrite the 
value you initially assigned to it.

Also, in order to avoid the convoluted grep/sed/cut, you may as well make use 
of ruby's handy match method to pull out the version string for you. Here's how 
I'd write the fact:

Facter.add('java_version') do
  setcode do
version = null
if stdout = Facter::Util::Resolution.exec(java -version 21)
  stdout.each_line do |line|
version = $1 if /Runtime.+\((.+)\)$/.match(line)
  end 
end 
version
  end 
end

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/DC73F33A-B395-4CE5-B6D2-35F24FE49525%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] inherits deprecated in puppet 4.x

[Peter Bukowinski]

 On Jan 9, 2015, at 2:52 PM, Jason Price japr...@gmail.com wrote:
 
 This doesn't make me happy, but fine. Major versions let you have breaking 
 changes.
 
 My question is this: What do I replace it with?
 
 My use case is as follows:
 
 
 node default {
class{ 'ntp': }
class{ 'dns': }
class{ 'monitoring': }
class{ 'puppet_agent': }
 }
 
 node 'myweb' inherits default {
class{ 'web': }
 }
 
 node 'mydb' inherits default {
class{ 'db': }
 }
 ---
 
 This has several very useful features:
 1) Everything 'standard' is nicely encapsulated in the 'default' node.  
 2) Everything in 'default' resolves and is complete before anything in 'web' 
 or 'db' is done. This means I don't have to go crazy about 'requires' and 
 'notify' for these resources. They're already done.
 
 So: What do I do instead which handles the two features?  I could easily 
 build a new class with everything in the default node... But that fails the 
 second piece. I'd have to build a nasty anchor pattern in every node to 
 ensure that everything in default resolves first... which is ugly.
 
 Thoughts?


Here's a quick-and-dirty rejiggering that keeps the same functionality:

class default_class {
   class{ 'ntp': }
   class{ 'dns': }
   class{ 'monitoring': }
   class{ 'puppet_agent': }
}

node 'myweb' {
   require default_class
   class{ 'web': }
}

node 'mydb' {
   require default_class
   class{ 'db': }
}

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3C142BDD-4652-4BFF-AC67-BE88CDDC7603%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Case Statement for setting IP addresses

[Peter Bukowinski]

 On Dec 11, 2014, at 2:23 PM, James Taylor jameskirk.tay...@gmail.com wrote:
 
 default:{
 
 notice { Vendor item in hostname is out of scope.},
 err { Vendor item in hostname is out of scope.},

Using parentheses for the notice and err functions instead of braces should get 
you past the syntax error.

 notice(Vendor item in hostname is out of scope.),
 err(Vendor item in hostname is out of scope.),


--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/D6C9A09C-9CF9-41BC-B378-50953CA33FB3%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] My first module

[Peter Bukowinski]

On Sep 30, 2014, at 2:50 PM, Nicolas lino nicolasli...@gmail.com wrote:

 Hello and sorry for my English.
 
 I have my first module but I have a prblem:
 
 My manifest:
 #
 #
 #
 class nginx {
   $nginx_conf = '/etc/nginx/conf.d'
 
   service { 'nginx':
 ensure = running,
 enable = true,
 hasrestart = true,
 require= File['/etc/nginx/nginx.conf'],
 restart= '/etc/init.d/nginx reload'
   }
 
   file { '/etc/nginx/nginx.conf':
 ensure  = latest,
 mode= '0644',
 owner   = 'root',
 group   = 'root',
 source = puppet:///modules/nginx/nginx.conf,
   }line22

Hi Nicolas,

You cannot use 'latest' for the file resource's ensure parameter. That value 
only applies to package resources. Puppet will always ensure that the file on a 
client matches whatever version of file exists at the path specified in the 
manifest. You should use one of the following values for the ensure parameter: 
file, directory, link, absent. 'present' is also supported, but I encourage you 
to avoid it and be explicit by specifying the type of file. In your case, 
'file' is the correct choice.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/03CD5EC4-82D9-42C5-ABDE-A8034273AA63%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Duplicate Declarations - Puppet

[Peter Bukowinski]

On Sep 8, 2014, at 8:31 AM, Pedro César pedrocesar...@gmail.com wrote:

 I'm not sure if I'm doing right or something I've done is stupid, but I have 
 a question.
 
 I have multiple hosts and multiple modules to manage these hosts, but 
 eventually, I have same resources for different modules and the Puppet 
 complaint about it.
 
 I mean, I have two different modules that guarantee a folder be created, one 
 of those modules I use to couple hosts and another one I use for the other 
 hosts. However I need use both modules for one particular host and then my 
 nightmare starts, because always Puppet complaint, saying: Error 400 on 
 SERVER: Duplicate declaration.
 
 I know is duplicated, but it's different modules and I have to guarantee both 
 modules declare that resours.
 
 Is there any way to skip this problem?

The easiest way to resolve the problem is to move the folder resource into a 
separate class and make it a virtual resource. Then inside your two existing 
modules, include the virtual resource class, and then realize the virtual 
resource. Like all other resource declarations, you can only declare a virtual 
resource once, but you can realize it any number of times.

This puppet doc should give you all the information you need:
https://docs.puppetlabs.com/puppet/latest/reference/lang_virtual.html

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0114B394-5FED-4E9C-BAE9-92A201844022%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Facter unable to parse custom fact

[Peter Bukowinski]

On Jul 15, 2014, at 10:10 AM, Maxim Nikolaev m...@maximnik.com wrote:

 Hello
 
 I have strange experience with facter on newly installed servers.
 
 Puppet: 3.6.2
 Facter: 2.1.0
 OS: Amazon Linux
 
 when I set custom fact to /etc/facter/facts.d and run facter locally I get 
 following error
 Fact file /etc/facter/facts.d/services.rb was parsed but returned an empty 
 data set
 
 
 When I copy same file to 
 /usr/lib/ruby/site_ruby/1.8/facter/
 and run same command - facter works ok.
 
 
 Can someone advise why thi can happen?

When using external facts -- those placed into /etc/facter/facts.d -- on linux, 
you can use either structured data (yaml, json, or txt), or executable files 
(shell/ruby/python/perl/etc) to generate facts, but the content/output of these 
executable files must be in 'key=value'.

If you are unable to run '/etc/facter/facts.d/services.rb' directly from the 
terminal and have it generate STDOUT in the form of 'factname=factvalue' then 
you must modify it so that it does. Check that you have a shebang line (like 
'#!/usr/bin/env ruby') at the top and that the file is executable.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/52582ED6-48CD-44F6-BEAA-A1C9E7A2BBA4%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] multiple VMs from a single node.pp file

[Peter Bukowinski]

On Jul 15, 2014, at 3:09 PM, randal cobb rco...@gmail.com wrote:

 Hello, all...
 
 I have a scenario where all of our developers (spread geographically around 
 the world) use a VMWare or VirtualBox VM on their local desktop to develop 
 portions of a single product.  I've seemed to inherit this nightmare of a 
 process and believe I can make it much simpler, quicker, and cleaner using 
 Puppet.  Currently, they have to download an 80Gb VM image from a single 
 server in the US; so, because of the massive size of the VM, most developers 
 never upgrade their VMs to the latest image.   I know that Puppet can fix 
 this for me, but I have a few questions I'm hoping y'all can help answer 
 (I've used puppet for a few months to manage some infrastructure servers, so 
 concepts aren't alien to me).  Here are my questions:
 
 Supposed I have 200 different machines (VMs) sitting on each developer's 
 desktop (rather in their VMware hypervisor)... 
 1) can they all have the same certname, so I only have to maintain a single 
 node.pp manifest?

No. Each vm/puppet agent needs a unique cert.

 2) If so, how are SSL certs maintained, given there would be 200 different 
 VMs trying to use the same set of certs.  Or, does that even matter from a 
 node perspective?
 3) If not, do I REALLY have to maintain 200 different manifests; all 
 identical to each other?

You don't need to maintain 200 different manifests. If you organize the 
resources you wish to manage into one or more classes (or modules), you can 
solve your problem without having to specify any puppet clients.

 I've been able to put together a single node.pp file that sets up everything 
 for them, so they only download a 2.8Gb bare VM image and puppet does the 
 rest.  But, when firing up subsequent VMs, of course the client gets all 
 confused because the generated certs don't match up.
 
 Any suggestions for a better solution, or workaround to this one?  (I've 
 thought about using NAT and a fixed MAC address, but with so many developers 
 out there, I'm sure some will re-create MAC addresses at some point during 
 their initial setup, or change their networking type for the VM and start 
 flooding the network with duplicated mac errors).

A simple way to take what you have now and make it work for all 200 instances 
of the VM is to wrap all the resources you have now in your nodes.pp file into 
a class. Then include that class in the default node definition. Your new 
nodes.pp file should resemble this:

class vm_config {
# All your existing puppet code
# should go inside here. You may wish to subdivide
# the resources logically into separate classes.
# If you do this, also include those classes
# below.
}

node default {
include vms
}

The default node definition will apply to any node that hasn't matched any 
other node definition. Since this is the only one -- remove any other node 
definitions -- it will apply to all puppet nodes.

 I'm sure I'm not the first person who's wanted to do something like this, so 
 I turn to the seasoned puppet veterans for guidance!   I HAVE googled for 
 solutions, but I may just not be using the right terminology to search with; 
 because I keep coming up blank on how best to tackle this.

My suggestion above isn't the best way to go about it, either. If you ever want 
to manage anything besides these VMs, you'll need to modify the nodes.pp file. 
However, at that time, you may have a better grasp of puppet.

 Thanks in advance!
 Randy

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/41B3B810-11C5-4B36-BA0D-F5383D0E07A7%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Conditional Creates Attribute

[Peter Bukowinski]

On May 29, 2014, at 10:23 AM, Mark McFate summitt.dwel...@gmail.com wrote:

 I'm probably going about this all wrong, but I have an instance where I've 
 employed a Puppet module and need to sometimes add a creates attribute to 
 one of the exec's defined there.  My code (below) is probably all wrong, but 
 I think you'll see what I am trying to do...
 
   if $creates != nil {
 exec { drush-${title} :
   command = drush ${command} ${root_option} ${uri_option} 
 ${force_option} ${additional_options},
   path= [ '/bin', '/usr/bin' ],
   creates = $creates, 
 }
   } else {
 exec { drush-${title} :
   command = drush ${command} ${root_option} ${uri_option} 
 ${force_option} ${additional_options},
   path= [ '/bin', '/usr/bin' ],
 }
   }
  
 This doesn't work and neither does specifying an empty or nil attribute, like 
 creates = '' or creates = nil.  
 
 If nothing else, I will create two different exec's, one with and the other 
 without a creates attribute.  Can anyone suggest a more elegant solution?
 
 Thanks in advance.


This can likely be solved with the defined() function. 
http://docs.puppetlabs.com/references/latest/function.html#defined

exec { drush-${title} :
command = drush ${command} ${root_option} ${uri_option} ${force_option} 
${additional_options},
path= [ '/bin', '/usr/bin' ],
if defined('$creates') {
creates = $creates,
}
}

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2E296E12-92B7-4CB3-B32A-B23653FB4519%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Revert configuration file to old state if content changes

[Peter Bukowinski]

On May 2, 2014, at 9:25 AM, jcbollinger john.bollin...@stjude.org wrote:

 
 
 On Thursday, May 1, 2014 9:06:52 AM UTC-5, Peter Bukowinski wrote:
 On May 1, 2014, at 9:29 AM, contactp...@gmail.com wrote: 
 
  Hi, 
  
  I am using puppet enterprise 3.x . I have a manifest used to install and 
  manage custom application on my client node. 
  Part of manifest is :- 
  
 file { 'app_config': 
  ensure  = directory, 
  mode= 0644, 
  path= '/etc/cmas/app_config', 
  source  = 'puppet:///modules/cmas/app_config', 
  recurse = true, 
  } 
  
  file { 'config.xml': 
audit   = content, 
path= '/etc/cmas/app_config/config.xml', 
 } 
  
  I want if file config.xml is changed, it should get back to old one from 
  source in next puppet run. 
  is it possible to do it ? 
 
 This is the default behavior of puppet, but by telling puppet to audit the 
 config.xml file, you are preventing it from managing that file's content.
 
 
 Not exactly.  Only unmanaged resource properties can be audited, but enabling 
 auditing on a property that was eligible for it in the first place (because 
 it was unmanaged) doesn't prevent Puppet from doing what it wasn't going to 
 do anyway.  Going the other way, disabling auditing on a property that was 
 eligible for auditing in the first place does not in itself make that 
 property managed.

Thanks for clarifying and correcting my assumption. I'm slapping my forehead.

 Puppet's normal behavior is to leave unmanaged resource properties alone.  It 
 sounds like the OP may be hoping to get Puppet to revert content changes 
 based on a record of the last content it saw, rather than managing the 
 content to a state asserted by the master.  The latter is Puppet's behavior 
 when managing file content via File's 'content' property or 'source' 
 parameter.  The former is not among Puppet's features.
 
  
 As a result, the first file resource that recursively puts the app_config 
 directory in place will actually *skip* creating the config.xml file. You'll 
 get a notice like this: 
 
 
 
 Puppet may skip creating the file, yes, because an explicit File resource is 
 honored instead of any implicit File resource arising from a recursive File 
 resource, and because no 'ensure' parameter is specified in the explicit 
 declaration of File[/etc/cmas/app_config/config.xml].  Puppet might also 
 create it as an empty, normal file; I don't recall at the moment which.  
 That's not directly related to auditing the file content.
 
  
 Notice: /Stage[main]/cmas/File[/etc/cmas/app_config/config.xml]/content: 
 audit change: newly-recorded value absent 
 
 If you want puppet to manage the content of that file and revert any changes, 
 you'll need to stop auditing it. 
 
 
 
 Well, yes, because only unmanaged properties can be audited.  But in addition 
 to turning off auditing of the content, it is also necessary to specify an 
 appropriate 'content' or 'source' parameter if the File's content is to be 
 managed.

More forehead slapping.

 And as for auditing changes in a more general sense, Puppet will log when it 
 changes the file content, and, if desired, the 'show_diff' parameter can be 
 used to make it log the exact changes it makes.  Those will also make it into 
 the agent's if reporting is enabled.
 
 
 John

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5487047E-0ABE-4A59-87A8-5F285B78CA26%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Revert configuration file to old state if content changes

[Peter Bukowinski]

On May 1, 2014, at 9:29 AM, contactpunitj...@gmail.com wrote:

 Hi,
 
 I am using puppet enterprise 3.x . I have a manifest used to install and 
 manage custom application on my client node.
 Part of manifest is :-
 
file { 'app_config':
 ensure  = directory,
 mode= 0644,
 path= '/etc/cmas/app_config',
 source  = 'puppet:///modules/cmas/app_config',
 recurse = true,
 }
 
 file { 'config.xml':
   audit   = content,
   path= '/etc/cmas/app_config/config.xml',
}
 
 I want if file config.xml is changed, it should get back to old one from 
 source in next puppet run.
 is it possible to do it ?

This is the default behavior of puppet, but by telling puppet to audit the 
config.xml file, you are preventing it from managing that file's content. As a 
result, the first file resource that recursively puts the app_config directory 
in place will actually *skip* creating the config.xml file. You'll get a notice 
like this:

Notice: /Stage[main]/cmas/File[/etc/cmas/app_config/config.xml]/content: audit 
change: newly-recorded value absent

If you want puppet to manage the content of that file and revert any changes, 
you'll need to stop auditing it.

 Thanks and Regards,
 Punit

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5D8BFC09-9C04-40D9-8AED-6EBAAD64F076%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Using a fact in onlyif

[Peter Bukowinski]

'onlyif' is not a valid parameter for puppet 'file' type. Conditional logic is 
handled by one of puppet's conditional statements 
(http://docs.puppetlabs.com/puppet/latest/reference/lang_conditional.html).  In 
this case, wrapping your file resource in an 'if' statement will suffice, but I 
encourage you to read the linked document to see what else is possible.

if $::operatingsystemrelease == 10.04 {
file { /var/lib/nfs/rpc_pipefs :
ensure   = link ,
target= /run/rpc_pipefs ,
}
}

--
Peter Bukowinski

On Apr 22, 2014, at 2:09 PM, estonfer eston...@gmail.com wrote:

 Since this shells out you could do something like this
 
 
 onlyif  = [ '${::operatingsystemrelease}' = '10.04' ],
 
 
 Thanks
 Eric
 
 
 On Apr 22, 2014, at 2:00 PM, Mike Reed mjohn.r...@gmail.com wrote:
 
 Hello all,
 
 I've been stumped by this one and I was hoping for a little help.  I'd like 
 the below snippet to run only if the operating system is a specific 
 version.  Because facter already has the operatingsystemrelease variable, 
 I figured I'd use that but haven't had any luck getting it actually work.  
 Does anybody know how I would add the onlyif in the below snippet using 
 the operatingsystemrelease fact? 
 
 I also suspect this could be the wrong way to do this and any advice would 
 be greatly appreciated.
 
 file { /var/lib/nfs/rpc_pipefs :
  ensure   = link ,
  onlyif = ${operatingsystemrelease} == 10.04 
 ,
  target= /run/rpc_pipefs ,
   }
 
 *note: this onlyif does not work...just added for clarity in terms of what 
 I'm trying to achieve
 
 Thanks in advance for the help.
 
 Cheers,
 
 Mike
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/e27094d3-6774-4e21-bfe4-fe83895b84aa%40googlegroups.com.
 For more options, visit https://groups.google.com/d/optout.
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/1BD3237B-4FB1-4FFC-B0CF-1CA999A71D98%40gmail.com.
 For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3E97F4C9-17B9-4F12-81A6-DB4C8922C435%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: How to handle multiple modules requiring the same packages

[Peter Bukowinski]

I do the same currently. I have a module that installs/updates an 
in-house-developed scientific application with many os package (yum) and python 
module (pip) dependencies. I recently wrote a second module for another 
scientific application with overlapping dependencies and saw duplicate resource 
declaration errors when I first tested it.

My workaround was to pool the package requirements from both modules into a 
separate module and simply include it in my application modules. It sollved the 
issue, but nodes that only need one of the two applications will get more 
packages than they require. I suppose I should tag each package with the name 
of the application that requires it and use virtual resources to only realize 
the necessary packages, but I'm satisfied with the current solution since the 
overlap is pretty significant.

--
Peter Bukowinski

On Mar 28, 2014, at 11:18 AM, Bruno Léon nonolem...@gmail.com wrote:

 For this kind of stuff i created a package module that only ships packages 
 potentially shared (python lib, curl, etc...).
 I  virtually déclare un thé module ans realie un the main modules
 
 Le 27 mars 2014 15:03, och ach och...@gmail.com a écrit :
 same problem here. just find that razor module has static def of package curl.
 what is the best practice?
 
 for now i have deleted the definition from module and included my virtual 
 packages definitions but would love to solve it not dirty fix it
 
 On Saturday, 21 January 2012 15:02:27 UTC+1, bel wrote:
 I find it confusing that Puppet defines modules as reusable code yet, 
 when it comes to packages, you have to have prior knowledge of what 
 other package resources are defined. 
 
 Thank you for all the proposed solutions but does anyone know if 
 Puppet has a best practice they recommend in this case? Otherwise, I'm 
 going with defining new classes for the packages. 
 
 On Jan 17, 4:11 am, Steve Shipway s.ship...@auckland.ac.nz wrote: 
  You can make the package resource definition conditional. 
  
  class foo { 
   if ! defined( Package[gcc] ) { 
package { gcc: ensure=installed; } 
   }} 
  
  class bar { 
   if ! defined( Package[gcc] ) { 
package { gcc: ensure=installed; } 
   } 
  
  } 
  
  Or, define a new class for the package(s) and include that 
  
  class pkg::gcc { 
package { gcc: ensure=installed; }} 
  
  class foo { 
  include pkg::gcc} 
  
  class bar { 
  include pkg::gcc 
  
  } 
  
  Second method is more elegant IMHO; but if its a one-off then first might 
  be simpler. 
  
  Steve 
  
  Steve Shipway 
  University of Auckland ITS 
  UNIX Systems Design Lead 
  s.ship...@auckland.ac.nz 
  Ph: +64 9 373 7599 ext 86487
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/df5d4469-4bd5-4f48-b7d4-a221aadc0edd%40googlegroups.com.
 For more options, visit https://groups.google.com/d/optout.
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/CAJgpziV%2BNwR2Jht%2BtkY8zibsctombqQ7HVqhv13-K9QudK822g%40mail.gmail.com.
 For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/16AC7D3E-F3EF-4A77-871E-F9EE3D208EDA%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Announce: Puppet 3.5.0-rc2 Available.

[Peter Bukowinski]

 On Mar 25, 2014, at 6:57 PM, David Mesler david.mes...@gmail.com wrote:
 
 Currently I use the common import nodes/* method. With that I've always had 
 to restart the puppet master processes in order to process new node files. 
 Will that still be necessary with the new manifest directory behavior?

Instead of restarting the master, a just 'touch site.pp' to get puppet to see 
new node files.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/EB739A85-477F-49CD-A157-9E72FAB7934D%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: mount point directory permissions

[Peter Bukowinski]

That's what the notify parameter in the mount resource does.

-- Peter

 On Mar 24, 2014, at 5:38 AM, Dirk Heinrichs d...@recommind.com wrote:
 
 Am 21.03.2014 18:48, schrieb Peter Bukowinski:
 
 exec { 'fix_mount_perms':
   command = 'chmod 2755 /app_dir  chown root:root /app_dir',
   refreshonly = true,
 }
 
 Setting the exec's refreshonly parameter to true prevents it from running 
 every time, but it will run any time the mount resource changes.
 
 Shouldn't you add subscribe=Mount['/app_dir'], then? Otherwise, there's 
 nothing that triggers the refresh.
 
 Bye...
 
 Dirk
 -- 
 Logo.gif
 Dirk Heinrichs, Senior Systems Engineer, Engineering Solutions
 Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
 Tel: +49 2226 159 (Ansage) 1149
 Email: d...@recommind.com
 Skype: dirk.heinrichs.recommind
 www.recommind.com
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/532FFD22.9040502%40recommind.com.
 For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/CF965776-EECC-482E-B415-F8BC8D9A0604%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] passing more parameters to define

[Peter Bukowinski]

On Mar 24, 2014, at 2:46 AM, A. Gorlov gorlo...@gmail.com wrote:

 Hi All.
 How I post more parameters to define,  for example key type and fqdn   in 
 this sample?
 
 $keys = [[ key1, key2 ]
 pubkey { $keys: user = $login  }
 
 define pubkey($user) {
   ssh_authorized_key { ${user}@fqdn-${name}:
 ensure = present,
 key= $name,
 user   = $user,
 type   = dsa,
   }
 }


Parameters can be passed in as a comma-separated list:

define pubkey ($user, $key_type, $fqdn) { ... }

You can also set defaults for the parameters where it makes sense:

define my_type ($param1 = foo , $param2 = bar, $param3) { ... }

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/48D8443B-898E-4CB8-952C-89DE2C120D77%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: mount point directory permissions

[Peter Bukowinski]

It may not be the nicest way to handle it, but it's not all that cumbersome. If 
your mount command is modifying the permissions, than you can tell it to notify 
an exec resource that fixes the perms.

file { '/app_dir':
  ensure  = 'directory' 
  owner   = 'app_user' 
  group   = 'app_group' 
  mode   = '2775'
} mount { '/app_dir': 
  ensure = mounted,
  atboot = true, 
  device = /dev/mapper/lv_app, 
  fstype = ext3, 
  options = 'defaults', 
  dump = '1', 
  pass = '2',
  require = File['/app_dir'],
  notify = Exec['fix_mount_perms'],
}
exec { 'fix_mount_perms':
  command = 'chmod 2755 /app_dir  chown root:root /app_dir',
  refreshonly = true,
}

Setting the exec's refreshonly parameter to true prevents it from running every 
time, but it will run any time the mount resource changes.

--
Peter Bukowinski

On Mar 21, 2014, at 1:42 PM, Paolo Supino paolo.sup...@gmail.com wrote:

 Hi Guto 
 Too cumbersome: Have to setup a check for ownership, groupship and 
 permissions... :-(
 
 
 On Fri, Mar 21, 2014 at 6:28 PM, guto carvalho gutocarva...@gmail.com wrote:
 Try to use paramters like unless, refreshonly or onlyinf to trigger the 
 command in specific conditions, not every time, inside your exec.
 
 http://docs.puppetlabs.com/references/latest/type.html#exec-attributes
 http://docs.puppetlabs.com/references/latest/type.html#exec-attribute-refreshonly
 http://docs.puppetlabs.com/references/latest/type.html#exec-attribute-unless
 http://docs.puppetlabs.com/references/latest/type.html#exec-attribute-onlyif
 
 
 On Fri, Mar 21, 2014 at 2:19 PM, Paolo Supino paolo.sup...@gmail.com wrote:
 Hi Renan 
 
 between the solutions I tried was something like this, only that the exec fix 
 permissions got executed on every run of puppet... 
 
 
 On Fri, Mar 21, 2014 at 5:53 PM, Renan Vicente renanv...@gmail.com wrote:
 you can use notify for a Exec and use a exec { 'fix permission':
command = 
 'chmod 0755 /app_dir ; chown root:root /app_dir'
}
 something like that, I didn't test but I guess that you work :D
 
 
 On Friday, March 21, 2014 1:41:25 PM UTC-3, Paolo wrote:
 Hi 
 
 I have the following problem: in a certain module I need to set permissions 
 on a directory after the mount was executed. If I do the following 
 
 file { '/app_dir':
   ensure  = 'directory' 
   owner   = 'app_user' 
   group   = 'app_group' 
   mode   = '2775'
 } mount { '/app_dir': 
   ensure = mounted,
   atboot = true, 
   device = /dev/mapper/lv_app, 
   fstype = ext3, 
   options = 'defaults', 
   dump = '1', 
   pass = '2',
   require = File['/app_dir'],
 }
 
 This would require 2 rounds of puppet: round 1 to setup directory, mount the 
 filesystem and round 2 to fix permissions set to root:root,0755 by the mount 
 command... 
 
 In looking for a solution I found the following link: 
 https://projects.puppetlabs.com/issues/4815 that asks for the option to add 
 permission settings to mount resource. The request was rejected and in the 
 comments 
  Eric Sorenson writes that it would be trivial to accomplish with a defined 
 type, but without going into details... :-( Can any one give me some details 
 on how to do it with a defined type? 
 
 
 
 TIA
 Paolo 
 
 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/bc2954ad-6c52-4772-8f67-a22d98d81c56%40googlegroups.com.
 For more options, visit https://groups.google.com/d/optout.
 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/CA%2BB25BzXeMtPFpbAK3f5MwjfXSGoZJC1%2BfzsQvyVbTZRjVjCbA%40mail.gmail.com.
 
 For more options, visit https://groups.google.com/d/optout.
 
 
 
 -- 
 [s]
 Guto Carvalho
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/CAHTbNE4ZLzh1Ojy7xsjCFaTXMSyPp-5AYYkwHNC2n4JeRuA5%3DA%40mail.gmail.com.
 
 For more options, visit https://groups.google.com/d/optout.
 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit

Re: [Puppet Users] conditional statement in config.pp

[Peter Bukowinski]

On Mar 20, 2014, at 1:26 PM, John sami.st...@gmail.com wrote:

 Below is a my current config,.pp file  I'm trying to create a condition 
 that says
 
 if (/etc/ldap.conf contains the string host1.mydomain.com or 
 host2.mydomain.com)
   Then install an sshd_ldap.erb template
  else if (/etc/ldap.conf contains the string hostB.mydomain.com or 
 hostA.mydomain.com)
  Then install an sshd_freeIPA.erb template
else  install a standard template.
 
 The code does not work as written.  Any advice to suggestions would be 
 greatly appreciated.
 
 Thanks in advance.
 
 class ssh::config inherits ssh {
   file_content { '/etc/ldap.conf':
 ensure = file,
   }

I understand what you're trying to do here, but you seem to have made up some 
puppet code that it won't know how to handle. You're trying to define a 
variable by using puppet's resource language. That's not going to work.

What you'll need to do is write a custom facter fact, e.g. 'ldapserver', that 
will contain the name(s) of the configured ldap server(s). I do this in my 
environment with the following code, which I place into a puppet module named 
'custom' (as documented here 
http://docs.puppetlabs.com/guides/plugins_in_modules.html):

# ldapservers.rb
Facter.add(:ldapservers) do
setcode do
osfam = Facter.value('osfamily')
case osfam
when /RedHat/
%x{authconfig --test | grep -Fwm 1 'LDAP server' | awk -F\\ 
'{gsub(ldap:,);gsub(/,);print $2}'}.chomp
when /Debian/
%x{awk '/^uri/{print $2,$3}' /etc/ldap.conf}.chomp
end 
end 
end

With this fact in place, you can use a selector instead of an if statement to 
make your code much more concise:

class ssh::config inherits ssh {
$ssh_type = $::ldapservers ? {
/host(1|2).mydomain.com/ = ldap,
/host(B|A).mydomain.com/ = ipa,
default = standard,
}
file { '/etc/ssh/sshd_config':
ensure = present,
owner = $owner,
group = $group,
mode = '0644',
backup = false,
content = template(sshd_config_${$ssh_type}.erb),
}
file { '/etc/ssh/ssh_config':
ensure = present,
owner = $owner,
group = $group,
mode = '0644',
backup = false,
content = template(ssh_config_${$ssh_type}.erb),
}
}

   if $file_content == host1.mydomain.com || host2.mydomain.com
   {
 file { '/etc/ssh/sshd_config':
 ensure = present,
 owner = $owner,
 group = $group,
 mode = '0644',
 backup = false,
 content = template(sshd_config_ldap.erb),
   }
   file { '/etc/ssh/ssh_config':
 ensure = present,
 owner = $owner,
 group = $group,
 mode = '0644',
 backup = false,
 content = template(ssh_config_ldap.erb),
   }
   }
   elsif $file_content == hostB.mydomain.com || hostA.mydomain.com
   {
 file { '/etc/ssh/sshd_config':
 ensure = present,
 owner = $owner,
 group = $group,
 mode = '0644',
 backup = false,
 content = template(sshd_config_ipa.erb),
   }
   file { '/etc/ssh/ssh_config':
 ensure = present,
 owner = $owner,
 group = $group,
 mode = '0644',
 backup = false,
 content = template(ssh_config_ipa.erb),
   }
   }
   else
   {
 file { '/etc/ssh/sshd_config':
 ensure = present,
 owner = $owner,
 group = $group,
 mode = '0644',
 backup = false,
 content = template(sshd_config_standard.erb),
   }
   file { '/etc/ssh/ssh_config':
 ensure = present,
 owner = $owner,
 group = $group,
 mode = '0644',
 backup = false,
 content = template(ssh_config_standard.erb),
   }
   }
 }

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/B87E3C1D-B65E-4895-B7D8-C70B6F7E162F%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Most trivial site.pp throwing errors

[Peter Bukowinski]

On Mar 18, 2014, at 1:20 PM, Sam K sreeram...@gmail.com wrote:

  No help?  Anyone have any ideas why I'm getting this error. 

Oh eager-to-be helped one, please see my reponses in-line below.

 On Monday, March 17, 2014 10:48:43 PM UTC-7, Sam K wrote:
 Hello All. 
 
   My very first post and a Super-noob puppet user checking in.  I have been 
 using puppet for just a week or so and have had moderate success with 2 
 ubuntu master/agent setup. 
 
   Now, I want to test it on a production system, but its driving me nuts.  I 
 have a Ubuntu 12.04 system running puppetmaster and a couple of Redhat 6.0 
 running the agent.  I have them talking and both can ping by FQDN, IP, etc. 
 the master was able to find and sign the agent's certificate as well.  I am 
 trying to create/delete a username called katie.  
 
 This site.pp works perfectly! 
 
 user { 'katie':
 ensure = 'present',
 home = '/home/katie-home',
 shell = '/bin/csh'
 }
 
 
 While this does work on this node, on another node, it does not even work.  
 
 class add-user {
 
 user { 'katie':
 ensure = 'present',
 home = '/home/katie-home',
 shell = '/bin/csh'
 }
 }
 
 node 'bb10-x64-rhel60' {
 import add-user
 }
 
 But most annoying is this error.  Why is this error coming up and why does it 
 work even with errors. 
 
 Error: Could not retrieve catalog from remote server: Error 400 on SERVER: 
 Could not parse for environment production: Syntax error at 'add-user'; 
 expected '}' at /etc/puppet/manifests/site.pp:11 on node bb10-x64-rhel60

You must use 'include' and not 'import' here. 'import' can only specify files, 
not classes. See the docs here: 
http://docs.puppetlabs.com/puppet/latest/reference/lang_import.html

 On the agent, each time I modify site.pp, I am running 'puppet agent 
 --no-daemonize --onetime --verbose' 
 
 Thanks
 Sam

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/A9F34A78-D637-4AD7-8426-027480BBA408%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Make sure folder is fully copied

[Peter Bukowinski]

The best way I've found to handle folders that contain items puppet later needs 
to act on is to use fpm to turn them into an rpm/deb and add them to a repo. 
This way you're not using puppet as a file server -- something you should avoid 
wherever possible. Puppet can use a package resource to install the entire 
folder, and then notify an exec resource that runs the script.

If you'd rather not have the package in a repo, you can put the package in 
place using a file resource and have the package resource require the file 
resource.

--
Peter Bukowinski

 On Mar 17, 2014, at 6:03 AM, Stelian Iancu stelian.ia...@gmail.com wrote:
 
 Hi all,
 
 I am new to Puppet and I'm trying to accomplish a fairly simple task. I need 
 to deploy a folder to the server and, once it's copied, I need to run a shell 
 script in that folder.
 
 Basically I have something like this:
 
 file { /home/user/res:
   ensure = directory,
   owner  = user,
   group  = user,
   recurse = true,
   ignore  = [logs, downloads],
   purge  = true,
   mode   = 0750,
   source = puppet:///files/res/,
   }
 
  exec { start_res:
  command = /home/user/res/run.sh
  }
 
  File['/home/user/res'] - Exec['start_res']
 
 The problem is that the deploymnet of the res folder is not treated 
 atomically. So once a few of the files have been copied, puppet tries to 
 execute the run.sh script which is not there at that moment.
 
 Is there any way I can make sure that run.sh is executed only after the 
 deployment of the folder has finished?
 
 Thanks!
 
 S.
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/0a6f9509-984d-45e2-808a-60987ea9d297%40googlegroups.com.
 For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/B9C42CA2-8FBD-41A6-BB5E-BEB8C10340CB%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] What are puppetd and puppetca?

[Peter Bukowinski]

The video must be fairly old. Those commands are deprecated. Instead of 
'puppetd', it's now 'puppet agent'. Instead of 'puppetca', it's now 'puppet 
cert'.

-- Peter 

 On Mar 14, 2014, at 1:04 AM, pengyu...@gmail.com wrote:
 
 Hi,
 
 The following video mentioned puppetd and puppetca (it is on ubuntu 12.04). 
 But I don't find these commands on ubuntu 13.10 (the one I'm trying puppet 
 on). Does anybody know what these commands become? Thanks.
 
 https://www.youtube.com/watch?v=l86W-WKzhBo
 
 Regards,
 Peng 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/e0b9e0a4-8537-4a11-9b54-78c56ba307ce%40googlegroups.com.
 For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/998F8710-BC64-4162-9D77-26D6C78729F2%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] add user to certain hosts

[Peter Bukowinski]

On Mar 13, 2014, at 2:33 PM, Philippe Conway philippe.con...@gmail.com wrote:

 Hey Guys,
 
 I am wanting to add certain users to certain hosts. I was thinking of listing 
 it in my users module. Here is an example:
 
  user {'llane':
 if $fqdn = 'node1.example.com' {
   ensure = present,
 }else{
   ensure = absent,
 }
 home   = '/home/llane',
 managehome = true,
 uid= '1003',
 shell  = '/bin/bash',
 comment= 'Lois Lane',
   }
 
 Basically looking to add Lois Lane to ONLY node1.example.com.
 
 However Puppet is saying I can't do it because of a syntax error. To me the 
 code looks correct, but I may be just tired and not noticing the error. Any 
 suggestions? Thanks
 
 - Philippe

You may already be aware that putting node-specific logic in your puppet 
manifests is not a best practice, but I'll help you with the syntax error. Your 
if conditional needs to use '==' to test the fact value, not a single equal 
which is used for assigning values.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/96E58085-4C33-4EFB-8AEF-1E62511390DF%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] exclusion/exception in server.pp file

[Peter Bukowinski]

On Mar 12, 2014, at 12:40 PM, puppetstan stanislas.lev...@gmail.com wrote:

 Hello 
 
 I have define in my server.pp file diferent zone and I defined my dns servers 
 (resolv_servers). for my /etc/resolv.conf for this zone 
 
 
 #Zone 1
 if $::ipaddress =~ /^172.17.3./ {
 $ntp_heure = ntp.domain.fr
 $fusioninventory_proxy = http://proxy.domain.fr:8080;
 $resolv_servers = [ '172.30.12.11', '172.30.12.2' ]
 $resolv_search = domain.fr
 $yumconf_proxy = http://proxy.domain.fr:8080;
 $yumconf_exclude = kernel*
 include base::minimal
 }
 
 The problem is that in this zone one server (172.17.3.4) that does not have 
 the same dns. Is it possible to make an exclusion on this server and specify 
 other addresses ips in this config file? 
 
 thank you in advance

One way to add an exclusion for a single value is to use a selector to assign a 
unique value for $resolv_servers based on ip address. Non-matching hosts get 
the default.

if $::ipaddress =~ /^172.17.3./ {
$ntp_heure = ntp.domain.fr
$fusioninventory_proxy = http://proxy.domain.fr:8080;
$resolv_servers = $::ipaddress ? {
'172.17.3.4' = [ 'a.b.c.d', 'w.x.y.z' ],
default = [ '172.30.12.11', '172.30.12.2' ],
}
$resolv_search = domain.fr
$yumconf_proxy = http://proxy.domain.fr:8080;
$yumconf_exclude = kernel*
include base::minimal
}

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/90C33C86-BCB2-4467-96FA-FBE77E03D75E%40gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [Puppet Users] Re: Bug(?) in puppetlabs-firewall module prevents successful install/upgrade to PE 3.2

[Peter Bukowinski]

On Mar 6, 2014, at 4:58 PM, Paul Greenbank paul.greenb...@gmail.com wrote:

 Hey Peter
 
 As a work around I've downloaded the latest 1.0.2 firewall module from 
 puppetforge backed up the broken module in the installer module directory 
 copied the 1.0.2 version into the modules directory renamed it (yes this is 
 probably a very bad thing !) to 1.0.0 which the installer expects and re-run 
 the install and presto the install completes.
 
 You maybe able to hack the installer script to use the 1.0.2 file name but 
 I'm working on a test box so a quick and dirty hack with the file name did 
 the job for me.
 
 Cheers

Paul,

As I discovered later, you don't even need to rename the module. The installer 
reads the installer_root/modules/install_modules.txt file to get the module 
names that it should install, but the file doesn't include version information. 
Just drop your updated module into the same folder and either move the old one 
out or rename it by prepending some text to it so that puppetlabs-firewall* 
doesn't match it, e.g. DISABLED-puppetlabs-firewall-1.0.0.tar.gz.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/AC8CE5E8-6D77-4093-9090-00D0BAA14363%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Bug(?) in puppetlabs-firewall module prevents successful install/upgrade to PE 3.2

[Peter Bukowinski]

When upgrading my master from 3.1 to 3.2 (on a Scientific Linux 6.3 server), 
the install fails during the puppetlabs-firewall module installation with this 
error:

** /opt/puppet/bin/puppet module install 
/misc/local/pe/puppet-enterprise-3.2.0-el-6-x86_64/modules/puppetlabs-firewall-1.0.0.tar.gz
 --force --ignore-dependencies --modulepath /opt/puppet/share/puppet/modules
Notice: Preparing to install into /opt/puppet/share/puppet/modules ...
Notice: Installing -- do not interrupt ...
Error: No such file or directory - 
/opt/puppet/share/puppet/modules/firewall/spec/acceptance/nodesets/default.yml

When I look in the nodesets directory, I see a broken symlink that looks like 
it may be missing a -pe in its name:

ls -la /opt/puppet/share/puppet/modules/firewall/spec/acceptance/nodesets/
total 20
drwxr-xr-x 2 root root 4096 Mar  4 12:40 .
drwxr-xr-x 3 root root 4096 Mar  4 12:40 ..
-r--r--r-- 1 root root  282 Jan 30 12:12 centos-64-x64-pe.yml
lrwxrwxrwx 1 root root   17 Mar  4 12:40 default.yml - centos-64-x64.yml
-r--r--r-- 1 root root  254 Jan 30 12:12 sles-11sp1-x64.yml
-r--r--r-- 1 root root  285 Jan 30 12:12 ubuntu-server-10044-x64.yml

Has anyone else run into this? In any case, I'd recommend waiting to upgrade 
until you hear otherwise. 

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/F9979BCD-D5CE-4906-91DD-6DE388D6665E%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] problem with File[path]

[Peter Bukowinski]

On Feb 5, 2014, at 11:39 PM, Peter Romfeld peter.romfeld...@gmail.com wrote:
 
 hi,
 
 i get the following error:
 
 Parameter path failed on File[${nagiospluginsdir}/${pname}]: File paths must 
 be fully qualified, not '${nagiospluginsdir}/${pname}'
 
 plugin.pp:
 
 define nrpeplugins::plugin(
   $nagiospluginsdir = $nrpeplugins::params::nagiospluginsdir,
   $nrpepluginsdir = $nrpeplugins::params::nrpepluginsdir,
   $nrpeservice = $nrpeplugins::params::nrpeservice,
   $pname = $title
 ) {
 
   file { '${nrpepluginsdir}/${pname}.cfg':
 #  file { 'newnrpe':
 #path = '${nrpepluginsdir}/${pname}.cfg',
 ensure = file,
 owner = root,
 group = root,
 mode = '0644',
 content = template('nrpeplugins/nrped.erb'),
 notify = Service['${nrpeservice}']
   }
 
   file { '${nagiospluginsdir}/${pname}':
 #  file { 'newscript':
 #path = '${nagiospluginsdir}/${pname}',
 ensure = file,
 owner = root,
 group = root,
 mode = '0755',
 source  = 'puppet:///modules/nrpeplugins/${pname}'
   }
 
 }
 
 thanks,
 peter

You're getting the error because you've used single quotes in the file 
definition. If you want puppet to interpret variables when it compiles the 
catalog, you must use double quotes. 

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/A2EE8146-86B7-4184-8C0D-919982890F0B%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet jobs list?

[Peter Bukowinski]

I get pinged by headhunters via LinkedIn. Have you tried posting/searching 
there?

-- Peter

 On Feb 1, 2014, at 10:14 AM, Jason Antman ja...@jasonantman.com wrote:
 
 Is there a puppet jobs list or board anywhere? (not jobs at PL, jobs
 dealing with Puppet)
 
 If not, where would you advertise/post (or look, I guess) for engineers
 with strong puppet skills, both on the usage/admin side, and skilled
 ruby devs (preferably with some Puppet experience)?
 
 We'er hiring, and having abysmal luck with wherever our internal and
 external recruiters have posted.
 
 Thanks for any tips/ideas,
 Jason
 
 -- 
 
 Jason Antman | Systems Engineer | CMGdigital - Atlanta, GA, USA
 jason.ant...@coxinc.com | p: 678-645-4155
 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To view this discussion on the web visit 
 https://groups.google.com/d/msgid/puppet-users/52ED0F41.6060607%40jasonantman.com.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/28446510-7635-48A7-974C-D6AEEF82338A%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] First time Puppet user, need installation assistance

[Peter Bukowinski]

On Jan 9, 2014, at 10:10 AM, J Neitzey janeit...@rockingham.k12.va.us wrote:

 Hoping to get Puppet to work to kick off usage of Simian/Munki, which I am 
 also in the process of learning. I want to use Puppet to distribute the 
 Simian certificates for the computers.
 
 When installing the Enterprise Puppet on a Mac server, I get hung up running 
 the installer. I tried suppling an example answer file in /answers, as shown 
 in the Mac installer webinar that Puppet did, but I got the same result.
 
 co-munki:tmp admin$ cd puppet-enterprise-3.1.1-el-6-x86_64
 co-munki:puppet-enterprise-3.1.1-el-6-x86_64 admin$ ls
 LICENSE.txt   support
 README.markdown   supported_platforms
 VERSION   
 tmp.puppet-enterprise-installer.12etvR
 answers   
 tmp.puppet-enterprise-installer.C35oi5
 db_import_export.rake tmp.puppet-enterprise-installer.ghpWfS
 erb   tmp.puppet-enterprise-installer.mOUoJr
 gpg   tmp.puppet-enterprise-installer.sGArx9
 modules   
 tmp.puppet-enterprise-installer.thJCEH
 noask tmp.puppet-enterprise-installer.uQhXb3
 packages  util
 puppet-enterprise-installer   utilities
 puppet-enterprise-uninstaller
 co-munki:puppet-enterprise-3.1.1-el-6-x86_64 admin$ 
 ./puppet-enterprise-installer
 ./utilities: line 172: [: 
 /var/folders/7k/lnz61c0j649g9dsmtz2pmdsrgn/T/-d.3Wjpv5z0: binary operator 
 expected
 awk: invalid -v option
 
 
 
 
 
 awk: invalid -v option
 
 co-munki:puppet-enterprise-3.1.1-el-6-x86_64 admin$ 
 
 I'm not sure what the awk is for. 
 
 If anyone can offer assistance, it would be greatly appreciated.
 
 Thanks!

You're likely seeing that error because Mac OS is not a supported platform for 
Puppet Enterprise. Supported platforms are listed here: 
http://puppetlabs.com/puppet/requirements. You'll need to use Puppet Open 
Source.

--
Peter Bukowinski


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5196B659-50AF-4ADC-A2CC-C7716CB07A51%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet installation help

[Peter Bukowinski]

On Jan 9, 2014, at 10:04 AM, mehmet hasdemir banne...@gmail.com wrote:

 hi,
 we'd like to install puppet and use it on our system. i installed 
 puppet-server on my puppet machine and puppet on client machine. machines are 
 oracle linux 6. 
 on some  videos  there are puppetd puppetca commands  but i havent seen 
 that yet.  why ? and what will i do ?

Those comands ('puppetd' and 'puppetca' were from pre-2.6 versions of puppet. 
For versions 2.6 and later, you should use 'puppet agent' and 'puppet cert', 
respectively. A full list of commands that changed in puppet 2.6 is listed 
here: http://docs.puppetlabs.com/guides/tools.html

--
Peter Bukowinski



-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/C5E049B3-F0D5-4F25-B3BC-719A204F5DB6%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] First time Puppet user, need installation assistance

[Peter Bukowinski]

On Jan 9, 2014, at 10:30 AM, J Neitzey janeit...@rockingham.k12.va.us wrote:

 I downloaded Puppet 2.7.x from http://puppetlabs.com/misc/download-options.
 
 This is just a package installer.
 
 I don't see Mac Enterprise to download any where. Is that the correct 
 installation?


Yes, either the 2.7.x or the 3.x version is the one you want.

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/817ADD9E-9F1A-4822-87C0-178F4AC58EBB%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] First time Puppet user, need installation assistance

[Peter Bukowinski]

On Jan 9, 2014, at 10:45 AM, J Neitzey janeit...@rockingham.k12.va.us wrote:

 I installed the 2.7.x version package. Am I supposed to be able to go to an 
 internal server website now and see the console? 
 
 I'm guessing now that the video webinar is not a Mac.
 http://puppetlabs.com/webinars/special-topic-using-puppet-mac-management

Correct. In the video, the puppet master uses Puppet Enterprise on a Linux VM. 
If you want to install the puppet master on a Mac, you'll need to use the open 
source version and you'll also have to install and configure puppet dashboard 
(https://github.com/sodabrew/puppet-dashboard).

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/DCF9A28D-DD85-4CE0-BD3A-68786C0D856A%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Re: nodes.pp on puppetmaster vs. puppet agent on puppet client

[Peter Bukowinski]

No. An agent need not be aware of what classes are assigned to it before it 
contacts the puppetmaster. As long as your agent is configured to run on a 
regular interval, it will automatically get the latest configuration on the 
very next run. If you want to manually run the agent to apply those latest 
changes immediately, you can use 'puppet agent -t' instead of restarting the 
service.

--
Peter Bukowinski

 On Nov 26, 2013, at 12:08 AM, Stuart Cracraft smcracr...@me.com wrote:
 
 But it has to be activated in nodes
 to fetch, no?
 
 On Nov 25, 2013, at 9:05 PM, Rahul Khengare rahulk1...@gmail.com wrote:
 
 Hi Stuart, 
 You don't have to do /etc/init.d/puppet restart on client machine, 
 whenever puppet agent run/ fetches the catalog from PM using latest 
 manifests. 
 
 
 Thanks, 
 Rahul Kheng
 NTT DATA OSS Center, Pune, India.
 
 
 On Tuesday, November 26, 2013 4:17:16 AM UTC+5:30, Stuart Cracraft wrote:
 
 If I change nodes.pp on the PM, do I have to do an /etc/init.d/puppet 
 restart on the puppet client
 to get it to receive the changes? I.e. does it have the old 
 manifests/modules until the restart is done?

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/F6361662-D7C6-4747-8B0E-D66062530B92%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet class if

[Peter Bukowinski]

On Oct 11, 2013, at 5:48 AM, Jakub Bittner rex...@gmail.com wrote:

 Hello,
 
 I created puppet class and I want the file operation to be executed on all 
 servers but not on server with hostname 'server1.domain.com. I tried this 
 class, but it does not work. Is there any other way? Thanks
 
 
 class test {
 if $hostname != 'server1.domain.com' {
 file { /etc/ntp.conf:
 owner   = root,
 group   = root,
 mode= 644,
 source  = puppet:///files/server/ntp.conf,
 }
 }
 }
 

You have a couple errors in your if statement. For comparing a literal string, 
you need to use double-equals in your test:

if $hostname == 'server1.domain.com' { ... }

For a regex match, you'd use the equal-tilde:

if $hostname =~ /^server/ { ... }

To negate a match, you put the not (!) in front of the entire comparison, e.g.

if ! $hostname == 'server1.domain.com' { ... }

I like to add parentheses around my comparisons for visual clarity:

if ( $hostname =~ /^server/ ) and ! ( $virtual == 'vmware' ) { ... } 

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet class if

[Peter Bukowinski]

On Oct 11, 2013, at 9:06 AM, Werner Flamme werner.fla...@ufz.de wrote:

 Peter Bukowinski [11.10.2013 14:39]:
 On Oct 11, 2013, at 5:48 AM, Jakub Bittner rex...@gmail.com wrote:
 
 Hello,
 
 I created puppet class and I want the file operation to be executed on all 
 servers but not on server with hostname 'server1.domain.com. I tried this 
 class, but it does not work. Is there any other way? Thanks
 
 
 class test {
if $hostname != 'server1.domain.com' {
file { /etc/ntp.conf:
owner   = root,
group   = root,
mode= 644,
source  = puppet:///files/server/ntp.conf,
}
}
 }
 
 
 You have a couple errors in your if statement. For comparing a literal 
 string, you need to use double-equals in your test:
 
if $hostname == 'server1.domain.com' { ... }
 
 For a regex match, you'd use the equal-tilde:
 
if $hostname =~ /^server/ { ... }
 
 To negate a match, you put the not (!) in front of the entire comparison, 
 e.g.
 
if ! $hostname == 'server1.domain.com' { ... }
 
 I like to add parentheses around my comparisons for visual clarity:
 
if ( $hostname =~ /^server/ ) and ! ( $virtual == 'vmware' ) { ... } 
 
 
 I do not see a couple of errors. But I'm a novice, so you can enlarge
 my knowledge easily ;-)
 
 You show only one error by mentioning that the if statement may not have
 an inequality sign: To negate a match, you put the not (!) in front of
 the entire comparison. Where can I find this in the puppet language
 description?
 
 First, I looked at
 http://docs.puppetlabs.com/puppet/3/reference/lang_conditional.html#if-statements.
 Under the caption Conditions I find - among others - Expressions. So
 I follow that link, and on the linked page under
 http://docs.puppetlabs.com/puppet/3/reference/lang_expressions.html#non-equality
 I find the != operator. I do not find any hint that one has to prepend
 the nagation to the whole statement. In the contrary, in the Syntax
 section I see a sample for a comparison with an inequality sign:
 ($operatingsystem != 'Solaris').
 
 Where do I find that != is not allowed in this case?
 
 BTW, I'd never write a class like that, I'd rather use different node
 declarations... ;-)
 
 Regards,
 Werner


I've been using the convention where the not (!) is separate from the equals 
sign and it works well for me, so I suspect your only error was using a single 
equal sign rather than a the required double.

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

[Puppet Users] Re: quiet exec script output

[Peter Bukowinski]

Puppet is doing what it is supposed to do: report changed resources. Puppet 
isn't aware of the content of your script, so it treats each run (that has 
an exit code of 0) as if something has changed. I'm guessing that your 
script is currently executing each time puppet runs?  Can you describe what 
this script is doing in general detail? If it's looking for a certain 
situation and doing something if it finds it (and doing nothing if it finds 
nothing), for example:

if [ $(uptime | awk '{print $3}') -gt 7 ]; then echo 'OMG! I have been up 
more than a week!'; fi

then I'd recommend putting the looking for portion of the script into the 
'onlyif' parameter of the exec and the doing something portion in the 
'command' parameter. For example:

exec { 'uptime_test':
command = echo 'OMG! My uptime is abysmal!'  /etc/motd,
onlyif = '[ $(uptime | awk \'{print $3}\') -lt 7 ]',
}

Here, puppet will only report that the Exec[uptime_test] resource executed 
successfully if the computer has been up for less than 7 days. Once the 
uptime exceeds that condition, you'll see no notice from this resource on 
your puppet reports.

--
Peter


On Monday, September 30, 2013 1:52:55 PM UTC-4, Geoff Galitz wrote:


 Hi.

 One of the scripts we run for systems management causes puppet to say:

 
 notice:  /Stage[main]//Exec[script]/returns:  executed successfully
 

 How can I suppress or quiet this output?  

 -G







 -- 
 ---
 Geoff Galitz, gga...@shutterstock.com javascript:
 WebOps 
 Shutterstock Images
  

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Generating a variable based on the hostname

[Peter Bukowinski]

A custom fact that uses regex to grab the fourth, dash-separated value from the 
hostname seems like a good way to go as it would make the $env value accessible 
globally.

Alternatively, you can use a selector within your manifests:

$env = $hostname ? {
/-dev-/   = 'dev',
/-int-/ = 'int',
/-qa-/= 'qa',
/-prod-/ = 'prod',
}

-- Peter

 On Sep 27, 2013, at 5:47 AM, Romain Pelisse bela...@gmail.com wrote:
 
 Hi all,
 
 I'm wondering what would be the best approach to extract a value from the 
 hostname. In my case, the hostname contains the type of environment (dev, 
 int, qa, prod) and I would like to have a variable called $env which contains 
 will be extracted from such FQDNs: 
 
 - vm-role-app-prod-1
 - vm-role-app-qa-1
 ...
 
 I've tried using split, but it was not really practical. Any better idea ? 
 Short to deploy a custom fact to add this value to the facts..
 
 PS: I'm using Puppet 2.7.21

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] System manifests parse order

[Peter Bukowinski]

On Sep 26, 2013, at 8:37 AM, Bret Wortman bret.wort...@damascusgrp.com wrote:

 Is there a way to set up my system so that I can do something like this in my 
 site.pp file:
 
 import 'nodes/*.pp'
 import 'node-groups/*.pp'
 
 What I'm looking for is a way to have a node-groups/webserver.pp file which 
 specifies the default configuration for a web server. Then, if I have a 
 one-off web server which requires a different configuration, I can drop it 
 into nodes/web1.pp and have that manifest be the one which is used for the 
 named host
 
 Within the node-groups/*.pp files, nodes are specified using regexes. Within 
 the nodes/*.pp files, they'd be specified using exact strings.
 
 I'm doing this now, but have discovered that quite often, the group manifest 
 gets used in preference to the individual manifest. How can I reverse this 
 behavior? Is it even possible?
 
 
 Bret Wortman

If your regex-matched node definition is being applied in preference to an 
fqdn-matched node definition, then something isn't right. Puppet is supposed to 
apply the most specific node definition. For example, if your fqdn is 
web12.domain.org, then this declaration

node 'web12.domain.org' { include specific_class }

should always be applied instead of this

node /^web\d+.*/ { include general_class }

Take a look at the Matching section on this page to see how decides which node 
definition to use when more than one can apply:

http://docs.puppetlabs.com/puppet/2.7/reference/lang_node_definitions.html#matching

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] All nodes stopped reporting to puppet enterprise console

[Peter Bukowinski]

On Sep 18, 2013, at 6:55 PM, getSurreal ja...@getsurreal.com wrote:

 My install was working for a couple of months until I rebooted my puppet 
 server.  The clients do not report an error when I run puppet agent -t.   
 I've attempted to remove certificates and renew.  The clients get new 
 certificates, but the console still does not update.  Even the puppet server 
 itself is not updating as a client.  After reboot the only thing I have 
 noticed that changed was selinux got re-enabled.  I set it back to disabled 
 and rebooted, but no change.  The iptables service is stopped.  I've scanned 
 all the pe- logs, but I don't see anything that stands out. 
 
 Any help would be appreciated.
 
 [root@Puppet ~]# getenforce
 Disabled
 [root@Puppet ~]# puppet agent -t
 info: Retrieving plugin
 info: Loading facts in 
 /etc/puppetlabs/puppet/modules/firewall/lib/facter/iptables_persistent_version.rb
 info: Loading facts in 
 /etc/puppetlabs/puppet/modules/firewall/lib/facter/iptables_version.rb
 info: Loading facts in 
 /etc/puppetlabs/puppet/modules/firewall/lib/facter/ip6tables_version.rb
 info: Loading facts in 
 /etc/puppetlabs/puppet/modules/win_facts.old/lib/facter/operatingsystemversion.rb
 info: Loading facts in 
 /etc/puppetlabs/puppet/modules/win_facts.old/lib/facter/windows_systemtype.rb
 info: Loading facts in 
 /etc/puppetlabs/puppet/modules/win_facts.old/lib/facter/windows_productkey.rb
 info: Loading facts in 
 /etc/puppetlabs/puppet/modules/win_facts.old/lib/facter/windows_sid.rb
 info: Loading facts in 
 /opt/puppet/share/puppet/modules/stdlib/lib/facter/puppet_vardir.rb
 info: Loading facts in 
 /opt/puppet/share/puppet/modules/stdlib/lib/facter/pe_version.rb
 info: Loading facts in 
 /opt/puppet/share/puppet/modules/stdlib/lib/facter/facter_dot_d.rb
 info: Loading facts in 
 /opt/puppet/share/puppet/modules/stdlib/lib/facter/root_home.rb
 info: Loading facts in 
 /opt/puppet/share/puppet/modules/concat/lib/facter/concat_basedir.rb
 info: Loading facts in 
 /opt/puppet/share/puppet/modules/auth_conf/lib/facter/custom_auth_conf.rb
 info: Loading facts in 
 /var/opt/lib/pe-puppet/lib/facter/iptables_persistent_version.rb
 info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/iptables_version.rb
 info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/ip6tables_version.rb
 info: Caching catalog for puppet
 info: Applying configuration version '1379543327'
 notice: Finished catalog run in 0.07 seconds
 [root@Puppet ~]# service iptables status
 iptables: Firewall is not running.


Do you get similar output when you do a puppet run on other nodes? I don't see 
any errors, so from a node perspective it appears that the puppet server is 
still doing its job. The console is an entirely separate animal that relies on 
a separate service called 'pe-puppet-dashboard-workers' to process the incoming 
reports into its database.

Do you see a large number of pending jobs in the Background Tasks section in 
the upper-left corner of the console? If so, start or restart the 
'pe-puppet-dashboard-workers' service (and make sure it's set to run at boot 
time) and you'll see the number of pending tasks decrease and run node statuses 
start to update in the console.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] if/or regex entry

[Peter Bukowinski]

On Sep 18, 2013, at 12:33 PM, Mike Reed mjohn.r...@gmail.com wrote:

 Hello all,
 
 I've been fighting a pesky regex issue and I was hoping somebody might have a 
 solution handy.  I'm trying to evaluate the hostname variable based on a few 
 regex entries and apply some configurations accordingly.
 
 Here's what I've got:
 
 if ($hostname == '/^([a-z]*[-]\d{2,})*$/') or ($hostname == 
 '/^([a-zA-Z0-9])*$/') {
 
 another variant: 
 
 if ($hostname == '/^([a-z]*[-]\d{2,})*$/') || ($hostname == 
 '/^([a-zA-Z0-9])*$/') {
 
 I expect the second option to work as it seems - according to my reading - to 
 be more ruby friendly.
 
 Has anybody used this syntax successfully in the past?  Additionally, I 
 suspect I could be bastardizing this as I'm not familiar with ruby.
 
 Thanks in advance for the help.
 
 Cheers,
 
 Mike

Since you're doing regex matching you need to use the '=~' operator instead of 
'==', like so:

if ( $::hostname =~ /^foo/ ) or ( $::hostname =~ /^bar/ ) {

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Puppet agent and puppet master

[Peter Bukowinski]

Adeel,

This is already how puppet operates by default if your manifest is written 
correctly. You should not be explicitly telling puppet to restart your service 
each time the agent runs. Instead, you should create a dependency relationship 
between the service and its configuration file (and even its package). For 
example, the following code ties together three resource types into one class:

class webserver {

  package { 'httpd':
ensure = installed,
  }

  file { '/etc/httpd/conf/httpd.conf':
owner = 'root',
group = 'root',
mode = '0644',
require = Package['httpd'],
  }

  service { 'httpd':
ensure = running,
enable = true,
hasstatus = true,
hasrestart = true,
subscribe = File['/etc/httpd/conf/httpd.conf'],
  }
}

Notice how the file resource requires the package resource, and the service 
resource subscribes to the file resource. This sets up a logical dependency 
chain. That the httpd service subscribes to the httpd.conf configuration file 
is particularly important, because this is what tells puppet that it should 
restart the httpd service any time it notices and copies over a changed 
httpd.conf file. An exec resource containing a service httpd restart command 
is not required.

--
Peter Bukowinski

On Sep 16, 2013, at 8:40 AM, Adeel Bhatti adeelarifbha...@gmail.com wrote:

 Thanks for your reply !
 This would be really cool if the agent can look and identify the manifect 
 changes !
 I have a service restart in my class, so I want to execute that only if there 
 is some change in the configuration/manifest !
 Regards
 Adeel
 
 
 
 On Monday, September 16, 2013 2:20:24 PM UTC+2, Rahul Khengare wrote:
 Hi Adeel,
First time you have to access the puppet agent and do the certificate 
 generation and signing on puppet master.
 After that you can set the runinterval parameter in pupet.conf file( puppet 
 agent request the puppet master manifests at defined time interval). 
 This will automatically request the manifests from puppet master continuously.
 
 puppet.conf 
 
 runinterval =XX (default 30 minute)
 
 This setting can be a time interval in seconds(30 or 30s), minutes (30m), 
 hours (6h), days (2d), or year (5y).
 
 For the report or status refer files present in  /var/lib/puppet/state 
 directory.
  
 Thanks and Regards,
 Rahul Khengare,
 NTT DATA OSS Center, Pune, India.
  
 
 On Monday, September 16, 2013 4:27:54 PM UTC+5:30, Adeel Bhatti wrote:
 Hi,
  Is it nesseccary to access the client machine and execute the agent command 
 manually to take in configuration ? or if the agent can know itsself that the 
 server has some changes for it !!
 
 secondly, can't we have agent's logs/status of taking in 
 changes/configurations ?
 I am using open source puppet master !
 
 Adeel
 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet dashboard

[Peter Bukowinski]

Postgres will be supported in Dashboard 2.0, but it has not been released yet. 
When it is released, you will find it here:
https://github.com/sodabrew/puppet-dashboard

While you're waiting, you can watch the talk that Dashboard's new lead 
developer gave at PuppetConf last month:
http://www.youtube.com/watch?v=xcc131s_Rtk

--
Peter

On Sep 5, 2013, at 10:08 AM, Ankit Mittal ankit.lnc...@gmail.com wrote:

 Dear All,
 
 Please help to find the latest version of puppet Dashboard in which i can use 
 postgre database.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] best practice

[Peter Bukowinski]

To run puppet manually, you should first disable the service:

puppet apply -e 'service { puppet: ensure = stopped, enable = false }'

To manually apply a manifest, point it at a local manifest like so:

puppet apply /path/to/manifest.pp

-- Peter (from phone)

On Sep 5, 2013, at 6:44 PM, Stuart Cracraft smcracr...@me.com wrote:

 Hi everybody!
 
 So for non-automated physical/manual application of single specific patterns 
 or sets of puppet patterns on an entirely manual basis, what is best practice 
 and/or where is it described?
 
 Meaning what is the way to stop the
 puppet agent from running automatically and instead require a manual command 
 for puppet to exercise on that node. 
 
 If it is as simple as 
 
  puppet apply path-to-pp
 
 with the puppet agent up but somehow disabled for automatic operation, I can 
 work with that or equivalent. Forgive me if I have misphrased the syntax. 
 
 I am asking you how you did that. 
 
 This is for deployments of software
 which are manually extremely intensive. 
 
 Thanks. 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet dashboard database options

[Peter Bukowinski]

Postgres is an option in Puppet Dashboard 2.0, which is due to be released 
*very soon* (according to the session I attended at Puppet Conf last week).

https://github.com/sodabrew/puppet-dashboard

--
Peter


On Aug 28, 2013, at 9:15 AM, Ankit Mittal ankit.lnc...@gmail.com wrote:

 Dear All,
 
 Please help to find other database option in puppet dashboard , other that 
 MySql.
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] puppet dashboard failed tasks every night

[Peter Bukowinski]

Do you have any daily cron jobs that occur overnight?

--
Peter

On Aug 27, 2013, at 1:08 PM, Felipe Salum fsa...@gmail.com wrote:

 Hi guys.
 
 I'm trying to find the root cause of my puppet dashboard report failed tasks 
 that happen every night. It works without any error all day long but when I 
 connect in the morning to check it has around 3000 failed tasks from the 
 night before.
 
 Any advice what could be impacting puppet dashboard reports only during the 
 night ?
 
 Regards,
 Felipe
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Using file and mount more efficiently

[Peter Bukowinski]

You define an array-containing variable like this:

$mounts = [ 'directory1', 'directory2', 'directory3' ]

You can also put newlines after the commas for easier reading. The following 
code should be functional:

class test_case {
$mounts = [
'directory1',
'directory2',
'directory3',
]
define my_mounts {
file { /home/${name}:
ensure = directory,
owner = $name,
mode = 0755,
}
mount { /home/${name}:
device   = our-thumper.domain.com:/export/${name},
atboot   = yes,
fstype   = nfs,
options  = tcp,hard,intr,rw,bg,
name = /home/${name},
ensure   = mounted,
remounts = true,
pass = 0,
require = File[/home/${name}], 
}
}
my_mounts { $mounts: }
}

Of course, instead of defining the $mounts variable in the manifest itself, you 
can get that array via a custom fact or from hiera.

--
Peter

On Aug 21, 2013, at 2:55 PM, Forrie for...@gmail.com wrote:

 So I would need to define $mounts, presumably as:
 
 $mounts = directory1 directory2 directory3 
 
 ?
 
 Where is $name being defined here.
 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] First time puppet agent setup on FreeBSD -- SSL_connect error when requesting certificate.

[Peter Bukowinski]

Stefan,

If you do not have cert auto-signing enabled, the first time an agent connects 
to the master, you should use the -w option, e.g.:

puppet agent -t -w 30

This will tell the agent to wait for the master (you) to sign the cert request. 
Once that's done, the rest of the puppet run should kick off.

(I'm at PuppetConf, too.)

-- Peter (from phone)

On Aug 21, 2013, at 5:23 PM, Stefan Lasiewski ste...@stefanco.com wrote:

 I am at Puppetconf today. I just set up a new VM running a brand new version 
 of FreeBSD 9.2 . I created my Puppetmaster during a Puppet course today, 
 using a VM from puppetlabs.com .
 
 When I attempt to acquire a certificate from the Puppetmaster, I get a 
 strange error. The agent  master can both ping each other, and their system 
 clocks are within seconds of each other (but different timezones, which 
 shouldn't matter).
 
 The agent can ping and connect to the master, but the connection fails during 
 the SSL connection. Any idea what is going on?
 
 From the agent:
 
 root@agent2:~ # date
 Wed Aug 21 17:13:03 PDT 2013
 root@agent2:~ # puppet --version
 3.2.3
 
 root@agent2:~ # ping puppetmaster
 PING puppetmaster.puppetlabs.vm (172.16.68.129): 56 data bytes
 64 bytes from 172.16.68.129: icmp_seq=0 ttl=64 time=0.297 ms
 ...
 root@agent2:~ # puppet agent --test
 Error: Could not request certificate: SSL_connect returned=1 errno=0 
 state=SSLv2/v3 read server hello A: (null)
 Exiting; failed to retrieve certificate and waitforcert is disabled
 
 And looking from the Puppet master side:
 
 [root@puppetmaster ~]# date
 Thu Aug 22 00:13:01 UTC 2013
 [root@stefan ~]# puppet --version
 3.2.2 (Puppet Enterprise 3.0.0)
 [root@puppetmaster ~]# ping agent2
 PING agent2.puppetlabs.vm (172.16.68.131) 56(84) bytes of data.
 64 bytes from agent2.puppetlabs.vm (172.16.68.131): icmp_seq=1 ttl=64 
 time=1.84 ms
 
 I have a third, brand new VM running CentOS 6.4, and it was able to request a 
 certificate without any problems.
 
 -= Stefan
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Puppet: chaining and conditionals

[Peter Bukowinski]

If you don't mind a hacky workaround, you can accomplish this with the help of 
an empty class:

node nodename1, nodename2, nodename3, nodename4 {
if $fqdn == nodename2 {
$class2 = class2
} else {
$class2 = null_class
}
class { class1: } -
class { $class2: } -
class { class3: } -
class { class4: }
}
class null_class { }

--
Peter Bukowinski

On Aug 15, 2013, at 1:33 PM, Sergey Arlashin sergeyarl.maill...@gmail.com 
wrote:

 Thank you for your reply.
 This looks nice only if I have 4 classes. That was just an example. In 
 reality I have a huge number of classes assigned to this group of nodes. So I 
 want to avoid (if it is possible of course) declaring classes twice.   
 
 
 
 
 
 On Aug 15, 2013, at 9:27 PM, Arthur Furlan afur...@afurlan.org wrote:
 
 Have you tried putting all the classes in the conditional?
 
 node nodename1, nodename2, nodename3, nodename4 {
  if $fqdn == nodename2 {
 class { class1: } -
 class { class2: } -
 class { class3: } -
 class { class4: }
  } else {
 class { class1: } -
 class { class3: } -
 class { class4: }
  }
 }
 
 
 -- Arthur Furlan
 
 
 On Thu, Aug 15, 2013 at 2:17 PM, Sergey Arlashin
 sergeyarl.maill...@gmail.com wrote:
 Hi!
 
 I'm using the following way to define the order and assign classes to nodes:
 
 node nodename1, nodename2, nodename3, nodename4 {
  class { class1: } -
  class { class2: } -
  class { class3: } -
  class { class4: }
 }
 
 I'm fully delighted with it.
 
 But at the moment I need class2 to be executed only on nodename2. The 
 following construction doesn't work
 
 node nodename1, nodename2, nodename3, nodename4 {
  class { class1: } -
  if $fqdn == nodename2 {
 class { class2: } -
  }
  class { class3: } -
  class { class4: }
 }
 
 And this construction breaks the order:
 
 node nodename1, nodename2, nodename3, nodename4 {
  class { class1: }
  if $fqdn == nodename2 {
 Class[class1] - class { class2: }
  }
  class { class3: } -
  class { class4: }
 }
 
 What do I do in a situation like this?
 
 
 Thanks in advance.
 
 Sergey.
 
 
 --
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Recommended method of running puppet periodically on mac os x

[Peter Bukowinski]

On Jul 11, 2013, at 5:19 AM, Paul Tötterman paul.totter...@gmail.com wrote:

 I just responded to you ask.puppetlabs.com post, but I'll duplicate the 
 reply here. 
 
 Thank you Peter, much appreciated.
 
 You wouldn't happen to know of a resource that collects puppet  osx wisdom?
  
 Cheers,
 Paul

Other than one or two puppet employees and pages that come up when you goole 
'mac os x puppet'? No.

-- Peter (from phone)

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] How to download host specific file

[Peter Bukowinski]

On Jul 9, 2013, at 8:36 PM, Mani Devarajan manidevara...@gmail.com wrote:

 Hello,
  We have close to 10 nodes running puppet agent, and currently all of them 
 download same file from puppet master.
 
 Current definition:
 file { /etc/test.conf:
 mode = 440, 
 owner = root,
 group = root, 
  content = template('vem/test.conf.erb')
 }
 
 New definition:
 We want this file to be download host specific. so that unique file is 
 downloaded for each host based on the host name.
 Is this doable. Appreciate any guidance with this problem.
 
 Thanks,
 Mani

Mani, this is where facts come into play. If your requirements per hostname are 
fairly unique, you can have a different template for each hostname, using 
something like this:

$test_template = vem/test.conf-${hostname}.erb

file { '/etc/test.conf':
ensure = file, 
owner = 'root',
group = 'root',
mode = '0440', 
content = template($test_template)
}

This would populate the /etc/test.conf file on a node named node1 with the 
contents of, for example, the vem/test.conf-node1.erb template. If the 
differences between each hostname's conf file are small, you should put your 
logic within the existing test.conf.erb template:

# exact match example
% if @hostname == (node1) then -%
option1 = %= some_facter_fact %
% end -%

# inverse match example
% if @hostname != (node1) then -%
option1 = %= another_facter_fact %
% end -%

# this or that match
% if @hostname == (node3 or node4) then -%
option2 = %= a_different_facter_fact %
% end -%

You can get a list of all the facts puppet knows about by running 'facter 
--puppet' on your nodes.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Recommended method of running puppet periodically on mac os x

[Peter Bukowinski]

On Jul 10, 2013, at 4:32 AM, Paul Tötterman paul.totter...@gmail.com wrote:

 Hi,
 
 I tried asking this question on ask.puppetlabs.com, but haven't got any 
 responses yet:
 
 https://ask.puppetlabs.com/question/1975/recommended-method-of-running-puppet-periodically-on-mac-os-x/
 
 Is there some source of puppet  mac os x knowledge that I'm unaware of? I 
 was kind of hoping that the 'osx' tag on ask.puppetlabs.com would become that.
 
 Cheers,
 Paul

Hi Paul,

I just responded to you ask.puppetlabs.com post, but I'll duplicate the reply 
here.

The puppet.conf file controls how often the agent checks in with the master 
(via the runinterval value, measured in seconds). All you need to do is get the 
agent to start up at boot time. The best way to do this is via launchd. 
Puppet's has a doc to walk you through this step here: 
http://docs.puppetlabs.com/guides/installation.html#with-launchd

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Puppet Razor doesn't recognize Scientific Linux?

[Peter Bukowinski]

Actually, you get a different error pointing to init.pp. You also need to 
modify manifests/init.pp on line 42 to include 'Scientific'.

--
Peter Bukowinski

On Jul 10, 2013, at 8:36 PM, Stefan Lasiewski lasiew...@gmail.com wrote:

 I am using Scientific Linux 6.4. Scientific Linux is a derivative of Red Hat 
 Enterprise Linux, similar to CentOS.
 
 I am following the instructions at 
 http://forge.puppetlabs.com/puppetlabs/razor to install Puppet Razor on my 
 new Puppet Master node. The instructions say:
 
 Installation
 
 Install puppetlabs-razor module and dependencies into module_path:
 
  $ puppet module install puppetlabs-razor
 Preparing to install into /etc/puppet/modules ...
 Downloading from http://forge.puppetlabs.com ...
 Installing -- do not interrupt ...
 /etc/puppet/modules
 ...
  
 Puppet apply, apply test manifests:
 
 puppet apply razor/tests/init.pp 
 
 However, when I try this I get an error:
 
 root@sl6:/etc/puppet/modules # puppet apply razor/tests/init.pp
 Class nodejs does not support Scientific at 
 /etc/puppet/modules/nodejs/manifests/params.pp:55 on node sl6.example.org
 
 I thought that the actual cause of this error was line 26 in 
 /etc/puppet/modules/nodejs/manifests/params.pp , which includes RHEL, CentOS 
  Oracle Enterprise Linux, but not Scientific Linux:
 
 class nodejs::params {
 
   case $::operatingsystem {
   ...
   ...
 
 'RedHat', 'CentOS', 'OEL', 'OracleLinux': {
   $majdistrelease = $::lsbmajdistrelease ? {
 ''  = regsubst($::operatingsystemrelease,'^(\d+)\.(\d+)','\1'),
 
 
 I tried to fix this by modifying line 26 to include strings for Scientific 
 Linux:
 
 #'RedHat', 'CentOS', 'OEL', 'OracleLinux': {
 'RedHat', 'CentOS', 'OEL', 'OracleLinux', 'Scientific Linux', 
 'Scientific': {
   $majdistrelease = $::lsbmajdistrelease ? {
 ''  = regsubst($::operatingsystemrelease,'^(\d+)\.(\d+)','\1'),
 
 But I get the same error:
 
 root@sl6:/etc/puppet/modules # puppet apply razor/tests/init.pp
 Class nodejs does not support Scientific at 
 /etc/puppet/modules/nodejs/manifests/init.pp:59 on node sl6.example.org
 
 
 Any ideas how to get Razor to recognize Scientific Linux?
 
 -= Stefan
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.
  
  

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] Puppet for Cassandra cluster automation

[Peter Bukowinski]

Besides MCollective, which is the ideal choice, any tool that allows you to run 
a shell command -- in this case, 'puppet agent -t' -- on remote systems will 
work. Even -- perish the thought! -- an ssh for loop. :) 

--
Peter

On Jul 2, 2013, at 7:56 PM, Jingyan Wang jingyan1...@gmail.com wrote:

 Hi,
 
 I am using Puppet to set up (and later resize) a Cassandra cluster, where I 
 would like to have the configuration changes applied immediately instead of 
 after a certain time interval.
 
 Is MCollective the only method to push configuration changes from master to 
 clients (since puppet kick is deprecated)? What are the possible ways to 
 achieve this Cassandra deployment?
 
 
 Thanks!
 
 
 -Jingyan
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.
  
  

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] New to Puppet bash: command not found

[Peter Bukowinski]

Make sure the puppet binaries are in your path. 

-- Peter (from phone)

 On Jun 15, 2013, at 12:11 PM, gfdadd...@gmail.com wrote:
 
 I have installed PE 2.8 server
 None of the commands work =, for example... puppet --server list, puppet 
 agent --test,puppet agent --test --server=`hostname`, 
 puppetca, I get the following error:
 bash: puppetca: command not found   I get this no matter which command I 
 try to run.
  
 lease help, extremely frustrated.
 I have installed the server without issue and the agent on another server 
 without issue. I am stuck like chuck.
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users.
 For more options, visit https://groups.google.com/groups/opt_out.
  
  

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] How to indicate multiple dependency?

[Peter Bukowinski]

On May 8, 2013, at 6:52 AM, Bret Wortman bret.wort...@damascusgrp.com wrote:

 What's the right/best way to indicate that a particular entry in a manifest 
 (a file in this case) depends on successful installation of over 30 packages, 
 all indicated in the same manifest? I could do this, but it seems cumbersome:
 
 package { 'pkg1': }
 Package['pkg1'] - File['file1']
 
 package { 'pkg2': }
 Package['pkg2'] - File['file2']
 :
 :
 file { 'file2':
 path = '/path/to/file2',
 :
 }
 
 There must be a better way that I'm just not seeing. Thanks!
 
 
 Bret Wortman

Bret,

Puppet lets you use arrays to make your manifests more concise. In this case, 
if these 30 package resources differ only in name, i.e. all their parameters 
are the same except for the package name, then you can use this following to 
make the dependency declaration less cumbersome:

package { [ pkg1,
pkg2,
.
.
pkg30 ]:
  ensure = installed,
  before = File['file2'],
}
file { 'file2':
  ensure  = file,
  path= /path/to/file2,
  content = I exist only after all 30 packages are installed.,
}

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] How to indicate multiple dependency?

[Peter Bukowinski]

The 'before' metaparameter is an inverse version of the 'require' 
metaparameter. Where the 'require' parameter forces the parent resource to sync 
*after* the indicated resource, the 'before' parameter acts as a pause button 
on the indicated resource (in this case, file2), preventing it from syncing 
until the parent resource(s) have synced.

--
Peter

On May 8, 2013, at 10:14 AM, Bret Wortman bret.wort...@damascusgrp.com wrote:

 I wasn't sure how the before would work in that instance -- and my 
 experimental facilities are limited. But if the before really won't trigger 
 until all the members of the array complete, then that sounds like the 
 perfect solution for me. Thanks!
 
 On Wednesday, May 8, 2013 9:57:19 AM UTC-4, pmbuko wrote:
 On May 8, 2013, at 6:52 AM, Bret Wortman bret.w...@damascusgrp.com wrote:
 
 What's the right/best way to indicate that a particular entry in a manifest 
 (a file in this case) depends on successful installation of over 30 
 packages, all indicated in the same manifest? I could do this, but it seems 
 cumbersome:
 
 package { 'pkg1': }
 Package['pkg1'] - File['file1']
 
 package { 'pkg2': }
 Package['pkg2'] - File['file2']
 :
 :
 file { 'file2':
 path = '/path/to/file2',
 :
 }
 
 There must be a better way that I'm just not seeing. Thanks!
 
 
 Bret Wortman
 
 Bret,
 
 Puppet lets you use arrays to make your manifests more concise. In this case, 
 if these 30 package resources differ only in name, i.e. all their parameters 
 are the same except for the package name, then you can use this following to 
 make the dependency declaration less cumbersome:
 
 package { [ pkg1,
 pkg2,
 .
 .
 pkg30 ]:
   ensure = installed,
   before = File['file2'],
 }
 file { 'file2':
   ensure  = file,
   path= /path/to/file2,
   content = I exist only after all 30 packages are installed.,
 }
 
 --
 Peter
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To unsubscribe from this group and stop receiving emails from it, send an 
 email to puppet-users+unsubscr...@googlegroups.com.
 To post to this group, send email to puppet-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/puppet-users?hl=en.
 For more options, visit https://groups.google.com/groups/opt_out.
  
  

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] How to have one file depend on many packages

[Peter Bukowinski]

On May 7, 2013, at 12:38 PM, Bret Wortman bret.wort...@damascusgrp.com wrote:

 Here's a puzzler (though I'm sure the answer is obvious and I'm just not 
 seeing it):
 
 I have a manifest where I'm listing about 40-50 packages that I want the 
 system to remove, and a file that I want to create only after successful 
 removal of all the packages.
 
 What's the best way to show this dependency so that the file is only created 
 after all the packages are removed?
 
 Thanks!
 
 
 Bret

The simplest method is to use the 'before' metaparameter in each of the package 
resources that must be synced before you want the file created. E.g.

package { [ a, b, c ]:
ensure = absent,
before = File[/some/file],
}

file { /some/file:
ensure  = file,
content = Where did all the packages go?,
}

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-users@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.

Re: [Puppet Users] How to install a module from master to agent node?

[Peter Bukowinski]

No modules or classes are applied by default so you will need to tell puppet 
what to do.

In this case, you can run the following from the agent (where module_class is 
the name of the class the module applies):

puppet apply -e 'include module_class'

Alternatively, you can put the following in site.pp and your node will pick up 
the module class automatically:

node 'nodename.domain.org' {
  include module_class
}

-- Peter (from phone)

On Jan 8, 2013, at 7:43 AM, lalit jangra lalit.j.jan...@gmail.com wrote:

 Hi,
 
 I have a module which i have deployed under /opt/puppet/modules folder  i 
 want to deploy it to agent node.
 
 I tried using puppet agent -t but module was not installed. Can anybody 
 help me on how to install a module from master to agent node?
 
 Regards.
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To view this discussion on the web visit 
 https://groups.google.com/d/msg/puppet-users/-/F22Kq1vEnKgJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] puppet dashboard inventory

[Peter Bukowinski]

On Dec 13, 2012, at 4:55 PM, vioilly wrote:

 Hi,
 
 I believe I have done that.
 
 So on my puppet master (puppet-server1) I have modified the puppet.conf file 
 and added the following:
 
 [master]
 
 storeconfigs = true
 storeconfigs_backend = puppetdb
 
 Also puppetdb.conf
 
 [master]
   storeconfigs = true
   storeconfigs_backend = puppetdb
 
 
 and added the route.yaml file
 
 I did also edit the auth.conf file - do I need to do on the puppetmaster ?
 
 On the dashboard server I have turned on the inventory service and added the 
 puppetdb server as the invenory_server - wher else would it know how to 
 connect to the puppetdb ?
 
 I have also made sure all the certs have been signed by the puppet CA server 
 and are valid
 
 Thanks,
 Oli

The puppetdb plugins you installed on your puppetmaster handle the 
communication with puppetdb. Instead of storying inventory data in a local 
database, your puppetmaster will send them to puppetdb. So inventory_server in 
dashboard's settings.yml should be pointing at your puppetmaster, not the 
puppetdb server.

Once you have all the settings correct, just make sure auth.conf on your 
puppetmaster is configured to allow access to facts. Mine inventory-related 
entry looks like this:

  path /facts
  auth yes 
  method find, search
  allow dashboard, puppet

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: puppet dashboard inventory

[Peter Bukowinski]

On Dec 13, 2012, at 4:09 PM, vioilly wrote:

 Just trying to get help here.
 
 My puppetdb server is called puppet-server3. My dashboard server is 
 puppet-server2. I can run inventory commands against my puppetdb and get 
 results.
 
 For example - i have a puppet-client2.test.net machine running the puppet 
 agent
 
 [root@puppet-server3 ~]# curl -H Accept: application/json 
 'http://localhost:8080/status/nodes/puppet-client2.test.net'
 {
   name : puppet-client2.test.net,
   deactivated : null,
   catalog_timestamp : 2012-12-13T17:55:28.704Z,
   facts_timestamp : 2012-12-13T17:55:28.534Z
 
 So that tells me the puppetdb is holding facts about my puppet agent
 
 For the dashboard, what inventory server do I specify in settings.yml? It is 
 the puppetdb server (puppet-server3.test.net)
 
 # Hostname of the inventory server.
 inventory_server: 'puppet-server3.test.net'
 
 # Port for the inventory server.
 inventory_port: 8081
 
 Do I need to set up SSL certs between the dashboard server and the puppetdb 
 server?
 
 Any help would be appreciated
 
 Cheers,
 Oli

You do not need to make any changes to your dashboard server. Instead, you need 
to modify two files and add one file to your puppet master. See step 2 on this 
page for the details: 
http://docs.puppetlabs.com/puppetdb/1/connect_puppet_master.html#step-2-edit-config-files

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] How does facter get ipaddress?

[Peter Bukowinski]

On Nov 29, 2012, at 3:16 PM, Bret Wortman wrote:

 I think the problem I'm having with not being able to run puppet for up to 90 
 minutes after a reboot is related to this error, which goes away some time in 
 that time period:
 
 # puppet agent -t
 Info: Retrieving plugin
 Timed out seeking value for ipaddress
 Timed out seeking value for ipaddress
 
 What exactly is facter doing that doesn't work immediately after the boot, 
 but does start working at some point after? Is there a package that isn't 
 getting installed except as a dependency somewhere once things start creeping 
 forward?

That depends on your operating system. Perusing 
https://github.com/puppetlabs/facter/blob/master/lib/facter/ipaddress.rb will 
show you exactly what it's doing. If you're using a *nix variant, facter uses 
ifconfig. If windows, it uses the socket library.

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] case statement exec

[Peter Bukowinski]

On Oct 31, 2012, at 8:52 AM, Eugene Vilensky wrote:

 Hello,
 
 I'm trying to send parameters to an Exec (exec1) based on values, using a 
 case statement.   I've tried putting the two versions of the exec in a case 
 block, which failed (exec1 is a dependency of exec2, and exec2 complained it 
 could not find exec1), and a case statement can't go directly directly into 
 the parameters of the Exec itself
 
 Google helped me with this thread: 
 http://comments.gmane.org/gmane.comp.sysutils.puppet.user/20597
 
 But I wonder if there is a more modern way of doing it with 2.7.19 (or 3.0)?
 
 Many thanks,
 Eugene

You may find the following example useful. It's a syslog class I use that uses 
case statements to set values for variables that are different depending on the 
operating system:

class syslog {
case $operatingsystem {
'Fedora': {
$servicename = 'rsyslog'
$config = '/etc/rsyslog.conf'
}
'RedHat','Scientific': {
case $operatingsystemrelease {
/^6.*/: {
$servicename = 'rsyslog'
$config = '/etc/rsyslog.conf'
}
default: {
$servicename = 'syslog'
$config = '/etc/syslog.conf'
}
}
}
}
service { $servicename:
ensure = running,
enable = true,
hasrestart = true,
hasstatus  = true,
}
exec { echo '*.*;local4.none   @rsyslog'  ${config}:
unless  = grep -e '^\*\.\*;local4.none.*rsyslog$' ${config},
notify  = Service[$servicename],
}
file { '/tmp/.syslog_restarted':
ensure  = file,
content = '.',
notify  = Service[$servicename],
}
}

If this doesn't help, can paste your code here so we give more specific 
feedback?

-- 
Peter Bukowinski


-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Systems Provisioning

[Peter Bukowinski]

On Sep 17, 2012, at 2:16 PM, Douglas Garstang wrote:

 I probably should have been clearer with my question. I was more
 interested in how people are managing certificates? Even if you use
 autosign, you still need to clean certificates manually.
 
 Doug.

Doug,

We autosign certs for hosts in our datacenter (based on the subdomain wildcard 
*.domain.org) and manually sign certs for desktops. All our datacenterhosts are 
set to try network booting first, so it's easy to redeploy any of them at any 
time. I wrote a re/deployment script that automates all the necessary 
deployment steps for linux hosts in our datacenter:

  1. It lists the available PXE configs and links the
 host's address to the one you select.
  2. It reboots the host using ipmi.
  3. It schedules the removal of the PXE link (so the
 host doesn't stay in a permanent install cycle.)
  4. It cleans the host's existing puppet cert.

I have this script up on github, if you want to see how I'm doing it. It pushes 
the limits of bash sanity, but it works well.

https://github.com/pmbuko/misc-scripts/blob/master/deployserv.sh

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Dashboard fails to import report from Fedora 17 node

[Peter Bukowinski]

No, it's still unresolved. I only have one Fedora 17 client at the moment so 
it's not a big deal yet, but it's only a matter of time until I have more. I'll 
submit it as a bug so it gets some attention.

-- Peter Bukowinski

On Sep 8, 2012, at 4:47 PM, tmv li...@tvieira.com wrote:

 
 Hi,
 
 Did you solve this issue? I'm experiencing the same problem on a Fedora 17 
 box. The report it generates fails when imported to the dashboard:
 
 Importing report report-20291-1.yaml at 2012-09-08 20:37 UTC
 undefined method `each' for nil:NilClass
 Backtrace
 /opt/puppet/share/puppet-dashboard/lib/puppet/report.rb:202:in `extended'
 /opt/puppet/share/puppet-dashboard/lib/puppet/report.rb:200:in `each'
 /opt/puppet/share/puppet-dashboard/lib/puppet/report.rb:200:in `extended'
 /opt/puppet/share/puppet-dashboard/lib/puppet/report.rb:114:in `extend'
 /opt/puppet/share/puppet-dashboard/lib/puppet/report.rb:114:in `extended'
 /opt/puppet/share/puppet-dashboard/app/models/report.rb:107:in `extend'
 /opt/puppet/share/puppet-dashboard/app/models/report.rb:107:in 
 `create_from_yaml'
 /opt/puppet/share/puppet-dashboard/app/models/report.rb:86:in 
 `create_from_yaml_file'
 
 I can't get this machine to display on the dashboard.
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To view this discussion on the web visit 
 https://groups.google.com/d/msg/puppet-users/-/8qpqilzd7eMJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet-Dashboard nodes showing up as unreported

[Peter Bukowinski]

Adam, in dashboard's upper-left corner, do you see any pending tasks listed in 
the Background Tasks section? If so, then you simply need to start the delayed 
job workers 
(http://docs.puppetlabs.com/dashboard/manual/1.2/bootstrapping.html#starting-and-managing-delayed-job-workers)
 and they will start processing the backlogged puppet reports.

-- Peter Bukowinski

On Aug 29, 2012, at 1:19 PM, Adam Hamner adamhamne...@gmail.com wrote:

 Hello,
   I have followed the documentation at 
 http://docs.puppetlabs.com/dashboard/manual/1.2/bootstrapping.html to try to 
 setup dashboard but after I manually add a node it shows up as unreported. 
 The agent has successfully completed a very basic catalog run just adding a 
 file to the file-system.
 
 Dashboard v1.2
 Puppet   puppet-server.noarch2.7.19-1.el6
 
 
 SERVER:
 -bash-4.1$ cat /etc/puppet/puppet.conf
 [main]
 # The Puppet log directory.
 # The default value is '$vardir/log'.
 logdir = /var/log/puppet
 
 # Where Puppet PID files are kept.
 # The default value is '$vardir/run'.
 rundir = /var/run/puppet
 
 # Where SSL certificates are kept.
 # The default value is '$confdir/ssl'.
 ssldir = $vardir/ssl
 [master]
 reports = store, http
 reporturl = http://us3sm2ppt001.comp.prod.local:3000/reports/upload
 [agent]
 # The file in which puppetd stores a list of the classes
 # associated with the retrieved configuratiion.  Can be loaded in
 # the separate ``puppet`` executable using the ``--loadclasses``
 # option.
 # The default value is '$confdir/classes.txt'.
 classfile = $vardir/classes.txt
 
 # Where puppetd caches the local configuration.  An
 # extension indicating the cache format is added automatically.
 # The default value is '$confdir/localconfig'.
 localconfig = $vardir/localconfig
 certname = us3sm2ppt001.comp.prod.local
 server = us3sm2ppt001.comp.prod.local
 report = true
 
 
 AGENT
 -bash-4.1$ cat /etc/puppet/puppet.conf
 [main]
 # The Puppet log directory.
 # The default value is '$vardir/log'.
 logdir = /var/log/puppet
 
 # Where Puppet PID files are kept.
 # The default value is '$vardir/run'.
 rundir = /var/run/puppet
 
 # Where SSL certificates are kept.
 # The default value is '$confdir/ssl'.
 ssldir = $vardir/ssl
 [agent]
 # The file in which puppetd stores a list of the classes
 # associated with the retrieved configuratiion.  Can be loaded in
 # the separate ``puppet`` executable using the ``--loadclasses``
 # option.
 # The default value is '$confdir/classes.txt'.
 classfile = $vardir/classes.txt
 
 # Where puppetd caches the local configuration.  An
 # extension indicating the cache format is added automatically.
 # The default value is '$confdir/localconfig'.
 localconfig = $vardir/localconfig
 server = us3sm2ppt001.comp.prod.local
 certname = us3sm2nn010r07.comp.prod.local
 report = true
 
 I am uncertain about where the master should be configured to send reports 
 to. reports/upload doesn't seem to exist and I just followed the default 
 location in the documentation.
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To view this discussion on the web visit 
 https://groups.google.com/d/msg/puppet-users/-/xNNacEjU660J.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Autosign frequency

[Peter Bukowinski]

How many nodes is your puppetmaster currently servicing? I have one servicing 
about 700 nodes, splayed over an hour check-in interval, and any new nodes I 
add (that fall into my autosign subdomain) get signed immediately on their 
first puppet run.

-- Peter Bukowinski

On Aug 29, 2012, at 8:50 PM, John Warburton jwarbur...@gmail.com wrote:

 Hi Puppet Gurus
 
 I am running puppet 2.6.16, ruby 1.8.7-p249, on puppet server with passenger 
 on Apache. These are my gems:
 builder (2.1.2)
 fastthread (1.0.7)
 mysql (2.8.1)
 passenger (2.2.14)
 rack (1.1.0)
 rake (0.8.7)
 
 We manually manage autosign.conf to allow new builds to continue so 
 certificates can be signed automatically. This has been working well for a 
 couple of years, but I've always wondered what triggers the puppet master to 
 sign the certificate. We can wait 5-10 minutes for a signing request to be 
 fulfilled.
 
 We made a change last week to now use short names as the certificate names 
 (not FQDN) and now we're looking closer to 30 minutes for a request to be 
 signed :-(
 
 The only correlation I can see in the logs is that just before a request is 
 signed, a new puppetmasterd is spawned by passenger:
 
 Aug 28 22:15:09 engnadm010 puppet-master[26047]: [ID 702911 daemon.notice] 
 labcsvr004 has a waiting certificate request
 Aug 28 22:24:06 engnadm010 puppet-master[26031]: [ID 702911 daemon.notice] 
 Compiled catalog for engnadm010.bfm.com in environment lab in 19.65 seconds
 Aug 28 22:37:11 engnadm010 puppet-master[26031]: [ID 702911 daemon.notice] 
 labcsvr004 has a waiting certificate request
 Aug 28 22:39:47 engnadm010 puppet-master[27717]: [ID 702911 daemon.notice] 
 Starting Puppet master version 2.6.16
 Aug 28 22:40:52 engnadm010 puppet-master[26047]: [ID 702911 daemon.notice] 
 Signed certificate request for labcsvr004
 
 Here are my passenger Apache config entries:
 PassengerHighPerformance on
 PassengerMaxPoolSize 15
 PassengerPoolIdleTime 300
 PassengerUseGlobalQueue on
 PassengerStatThrottleRate 120
 RackAutoDetect Off
 RailsAutoDetect Off
 
 Is there any way I can speed up things so that puppet signs the request 
 immediately?
 
 Thanks
 
 John
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Dashboard fails to import report from Fedora 17 node

[Peter Bukowinski]

Greetings,

I'm testing Fedora 17 in our environment and have come across an 
interesting/annoying issue (that may or may not be isolated to my environment). 
Puppet runs fine on the test node but the reports are failing to import to 
dashboard and are showing up as background task failures with these details:


Importing report report-19732-119.yaml at 2012-08-17 09:01 EDT
undefined method `each' for nil:NilClass

Backtrace:
  /opt/puppet-dashboard/lib/puppet/report.rb:202:in `extended'
  /opt/puppet-dashboard/lib/puppet/report.rb:200:in `each'
  /opt/puppet-dashboard/lib/puppet/report.rb:200:in `extended'
  /opt/puppet-dashboard/lib/puppet/report.rb:114:in `extend'
  /opt/puppet-dashboard/lib/puppet/report.rb:114:in `extended'
  /opt/puppet-dashboard/app/models/report.rb:107:in `extend'
  /opt/puppet-dashboard/app/models/report.rb:107:in `create_from_yaml'
  /opt/puppet-dashboard/app/models/report.rb:86:in `create_from_yaml_file'


Anyone have any ideas why this might be occurring?

The Fedora 17 node and the puppetmaster are running puppet 2.7.18.
My puppetmaster has ruby enterprise 1.8.7 (patch level 334), the node has ruby 
1.9.3p194.
Puppetmaster is hosting puppet-dashboard version 1.2.10. OS is Scientific Linux 
5.5.


-- 
Peter M. Bukowinski
Sr. Systems Engineer
Janelia Farm Research Campus, HHMI

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] exec executes remote command but the actual script not run

[Peter Bukowinski]

On Aug 10, 2012, at 9:04 AM, jcbollinger john.bollin...@stjude.org wrote:

 
 
 On Thursday, August 9, 2012 7:24:23 AM UTC-5, pmbuko wrote:
 Adding this parameter to your file resource,
 
 notify = Exec['Deploy Code'],
 
 and these parameters to your exec resource,
 
 require= File['/var/tmp/deploy.tar'],
 refreshonly = true,
 
 will create the appropriate dependency.  Basically, it makes sure the file 
 resource must run before the exec. Puppet manifests do not run in a top down 
 manner, do it's important to specify the order of resouces when necessary.
 
 Technically, either the 'notify' on one side or the 'require' on the other is 
 sufficient to create a relationship, and 'refreshonly' is a tangential issue. 
  I prefer to avoid specifying relationships redundantly, as it complicates 
 maintenance.  The Exec's relationship to the File is a true dependency, so I 
 would express the relationship on that side.
 
 Inasmuch as it makes sense to deploy the code only when the tarball changes, 
 'refreshonly' is a good choice.  In that case, I would use:
 
 In the File:
 # nothing special
 
 In the Exec:
 refreshonly = true,
 listen = File['/var/tmp/deploy.tar']
 
 Note also that if you're going to use this means to deploy code then you 
 should probably put the tarball in a permanent location and plan on leaving 
 it there.  If you delete it after the deployment then Puppet will copy it 
 back down (and trigger a new deployment) on its next run.
 
 
 John

The listen parameter is new to me. Good to know!

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] exec executes remote command but the actual script not run

[Peter Bukowinski]

Adding this parameter to your file resource,

notify = Exec['Deploy Code'],

and these parameters to your exec resource,

require= File['/var/tmp/deploy.tar'],
refreshonly = true,

will create the appropriate dependency.  Basically, it makes sure the file 
resource must run before the exec. Puppet manifests do not run in a top down 
manner, do it's important to specify the order of resouces when necessary.

--
Peter

On Aug 9, 2012, at 4:51 AM, duckegg01 duckegg...@gmail.com wrote:

 Hi Peter 
 
 I managed to get this working by have the cwd in place, but im interested in 
 your point with regards to setting up the dependency any chance you can 
 provide an example of this based on what I have at present. 
 
 On Wednesday, August 8, 2012 5:29:06 PM UTC+1, pmbuko wrote:
 On Aug 8, 2012, at 5:40 AM, duckegg01 wrote: 
 
  Hi 
  
  I have wriiten a class to deploy a tra file and extract on a remote puppet 
  client. The tar file gets copied across fine and it seems to puppet the 
  thet tar extraction suceeds, but when I check the client I dont see the 
  extracted files 
  
  exec { Deploy Code: 
  command = /bin/tar -xvf /var/tmp/deploy.tar, 
  onlyif = [ 
  /usr/bin/test -d /var/tmp/test/#just 
  testing this 
] 
  } 
 
 I see two possible issues. First, you either need to give the exec resource a 
 working directory via the 'cwd' parameter, or you need to use tar's -C option 
 to specify where to extract the files. Without either of these, files will 
 extract into the home of whichever user is running puppet. So either add this 
 parameter: 
 
 cwd = '/var/tmp/, 
 
 or use this as your tar command ( -- # note that I skipped the verbose switch 
 since it's not interactive): 
 
 /bin/tar -xf /var/tmp/deploy.tar -C /var/tmp 
 
 Another possible issue: If you want /var/tmp/deploy.tar to extract to 
 /var/tmp/test, then you need to leave off the 'onlyif' parameter. Currently, 
 the exec will only run if /var/tmp/test already exists. 
 
 One last thing. If you haven't done so already, set up a dependency between 
 the file resource that copies the tar file to the node and the exec resource 
 that extracts it -- either via a notify parameter in the file resource or a 
 require parameter in the exec resource. 
 
 -- 
 Peter Bukowinski 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To view this discussion on the web visit 
 https://groups.google.com/d/msg/puppet-users/-/gOIxni7fKGIJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] exec executes remote command but the actual script not run

[Peter Bukowinski]

On Aug 8, 2012, at 5:40 AM, duckegg01 wrote:

 Hi 
 
 I have wriiten a class to deploy a tra file and extract on a remote puppet 
 client. The tar file gets copied across fine and it seems to puppet the thet 
 tar extraction suceeds, but when I check the client I dont see the extracted 
 files
 
 exec { Deploy Code:
 command = /bin/tar -xvf /var/tmp/deploy.tar,
 onlyif = [
 /usr/bin/test -d /var/tmp/test/#just 
 testing this
   ]
 }

I see two possible issues. First, you either need to give the exec resource a 
working directory via the 'cwd' parameter, or you need to use tar's -C option 
to specify where to extract the files. Without either of these, files will 
extract into the home of whichever user is running puppet. So either add this 
parameter:

cwd = '/var/tmp/,

or use this as your tar command ( -- # note that I skipped the verbose switch 
since it's not interactive):

/bin/tar -xf /var/tmp/deploy.tar -C /var/tmp

Another possible issue: If you want /var/tmp/deploy.tar to extract to 
/var/tmp/test, then you need to leave off the 'onlyif' parameter. Currently, 
the exec will only run if /var/tmp/test already exists.

One last thing. If you haven't done so already, set up a dependency between the 
file resource that copies the tar file to the node and the exec resource that 
extracts it -- either via a notify parameter in the file resource or a require 
parameter in the exec resource. 

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] service resource type

[Peter Bukowinski]

Yes, you should have the ensure parameter in there:

service { 'myservice':
ensure = running,
start  = '/root/myinit_script.sh',
}

Since you're using a custom start script, you may need to also specify custom 
status and restart scripts so that puppet can better control the process if the 
httpd config file ever changes and you want the service to restart 
automatically.

--
Peter

On Aug 6, 2012, at 5:03 PM, Rost wrote:

 hi Peter,
 
 Thanks for watching .
 Actually that's all my service resource without the ensure = running. Should 
 I use that parameter to have puppet launch my script?
 Here is the content of myinit_script.sh.
 
 #!/bin/sh
 echo Starting Apache2
 /opt/apache2/bin/apachectl -f /opt/apache2/conf/httpd -k start
 
 Thanks a lot.
 
 
 Le lundi 6 août 2012 21:39:23 UTC+2, pmbuko a écrit :
 On Aug 6, 2012, at 2:45 PM, Rost wrote:
 
 Hi everbody !!!
 
 I would like to know how to use the parameter start of the service resource 
 type. Because i want to use my own script to start my service.
 I have tried 2 cases and did'nt work.
 
 Here are the cases :
 
 service { 'myservice':
start = '/root/myinit_script.sh'
 }
 
 service { 'myservice':
start = /root/myinit_script.sh
 }
 
 
 Do you have any idea on how to use this parameter?
 
 Thans very much for help.
 
 Rost,
 
 Is what you pasted about the entire 'myservice' resource definition or did 
 you leave our the 'ensure' lines for brevity? Make sure you have an 'ensure 
 = running, line in the service definition if you want puppet to ensure that 
 state. There might also be  a problem with your init script. Can you please 
 post the contents of myinit_script.sh here?
 
 -- 
 Peter Bukowinski
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To view this discussion on the web visit 
 https://groups.google.com/d/msg/puppet-users/-/o_m0fn9FLnAJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: mcollective puppetd plugin does not work

[Peter Bukowinski]

The agent enable/disable is documented in the output of 'puppet help agent' as 
well as here:

http://docs.puppetlabs.com/man/agent.html

Your output of 'puppet agent --server=puppet --test --noop' shows that you have 
a 'puppetdlock' file (in /var/lib/puppet/state by default), but that puppet is 
interpreting the lock file's presence as a run in progress. If there is no run 
in progress when you disable the agent, then you should be seeing this output 
when you try to run puppet (with version 2.6+) :

notice: Skipping run of Puppet configuration client; administratively disabled; 
use 'puppet agent --enable' to re-enable.

If you try 'puppet agent --enable' does the puppetdlock file disappear from 
this location? It should.

--
Peter

On Jul 30, 2012, at 12:23 PM, Hai Tao wrote:

 This makes sense and is interesting. I was suspecting disable means
 turning off in chkconfig, but it is not as I checked.
 
 # puppet agent --server=puppet --test --noop
 notice: Run of Puppet configuration client already in progress; skipping
 
 so can you explain what administratively disables mean, and where I
 can find doc for this?
 
 Thanks.
 
 Hai T.
 
 
 On Mon, Jul 30, 2012 at 8:27 AM, pmbuko pmb...@gmail.com wrote:
 On Monday, July 30, 2012 12:17:33 AM UTC-4, Hai wrote:
 
 I used the puppetd plugin to disable the puppet service on a node,
 however the puppet is still running on the node. Can someone explain
 why?
 
 # mco puppetd -I test-01 disable
 
 * [  ] 1 / 1
 
 
 test-01  Request Aborted
   Already disabled
 
 Finished processing 1 / 1 hosts in 64.07 ms
 # mco puppetd -I test-01 status
 
 * [  ] 1 / 1
 
 test-01  Currently disabled; last
 completed run 1550 seconds ago
 
 Finished processing 1 / 1 hosts in 60.37 ms
 
 
 Hai,
 
 When you tell mcollective to disable puppet on a node, it *administratively
 disables* the agent but it does not stop the puppetd process. If you try
 'puppet agent -t' on an node that has been administratively disabled you
 will see that puppet won't actually run.
 
 --
 Peter
 
 
 --
 You received this message because you are subscribed to the Google Groups
 Puppet Users group.
 To view this discussion on the web visit
 https://groups.google.com/d/msg/puppet-users/-/AFPGM7_T5SwJ.
 
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at
 http://groups.google.com/group/puppet-users?hl=en.
 
 
 
 -- 
 Hai Tao
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.
 

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: problems with puppetdb

[Peter Bukowinski]

How did you install/upgrade it? Mine runs on RHEL6. The config files I set when 
I installed the initial version did not get modified during the upgrade 
process. My ports are still as expected.

-- Peter

On Jul 15, 2012, at 10:09 PM, Peter Brown rendhal...@gmail.com wrote:

 It also seems to be ignoring my port settings.
 It seems to be listening on 1099 and 55752.
 are these the new default ports?
 
 On 16 July 2012 12:01, Peter Brown rendhal...@gmail.com wrote:
 I gave puppetdb write permissions to /usr/share/puppetdb an it starts
 now but it's not making me happy leaving it with write access to a
 system directory.
 
 On 16 July 2012 11:42, Peter Brown rendhal...@gmail.com wrote:
 Hi everyone,
 
 I got the new version installed and am now having a strange issue.
 my puppetdb server seems to start but then dies after a few seconds
 with no logging that i can find.
 I tried setting the log level to DEBUG but still nothing.
 
 I tried running by hand and discovered it couldn't read it's config
 files so i fixed that.
 It also wants write access to /usr/share/puppetdb
 This seems like strange place it would need write access to.
 Is the really necessary?
 It is also ringing security bells in my head so I am a bit hesitant to
 give it write access without knowing why.
 
 My puppetdb is running on latest ubuntu with latest openjdk 6
 
 Thanks in advance.
 
 Pete.
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.
 

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] execute a command if a package isn't installed, then install the package

[Peter Bukowinski]

On Jul 14, 2012, at 5:19 PM, loki77 lok...@gmail.com wrote:

 Hi, I'm trying to install the 'unbound' dns resolver in ubuntu via
 puppet and I'm running into some issues.  The issue isn't that the
 package doesn't install, but rather that apt automatically starts the
 daemon - and when the daemon starts, it updates resolv.conf in a way
 that breaks DNS.
 
 There's a command, 'resolvconf --disable-updates' that will stop
 unbound from making the change it wants to.  What I'd like to do is:
 
 - If unbound isn't installed, then execute --disable-updates
 - Then install unbound
 - Then --enable-updates
 
 Is there anyway to do this?  Thanks.

You can either write a custom fact that gets set when unbound is 
installed/active and use that in an if block around the stop-install-start 
procedure, or use the 'resolvconf --disable-updates' exec resource's 'unless' 
parameter to test for a running unbound daemon prior to installing the package.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Multiple execs within a class

[Peter Bukowinski]

On Jul 6, 2012, at 12:53 AM, Mike Reed mjohn.r...@gmail.com wrote:

 Hello all,
 
 I'm looking to run multiple commands via exec within a single class like so:
 
 class boost_install {
 # This will place the gzip locally in /tmp.  File is pulled from 
 puppet.
 file { /tmp/boost_1_41_0.tar.bz2 :
 source  = puppet:///boost_install/boost_1_41_0.tar.bz2 ,
 ensure  = present ,
 }
 
 # This will extract the boost gzip to the /tmp directory.
 # This will untar only if the /tmp/boost_1_41_0 directory does not 
 exist.
 exec { tar -xjvf /tmp/boost_1_41_0.tar.bz2 :
 cwd = /tmp/ ,
 creates = /tmp/boost_1_41_0 ,
 path= [/bin , /usr/sbin] ,
 }
 
 # This will run the boost bootstrapper. bjam should be run after this.
 # This will only run if the ls command returns a 1.
 # The unless will have to be redone because we have no way of 
 upgrading easily and this is sloppy.
 exec{ /tmp/boost_1_41_0/bootstrap.sh :
 unless  = 'ls /usr/local/include/boost' ,
 path= [/bin/ , /sbin/ , /usr/bin/ , /usr/sbin/] ,
 }
 
 # This will run the boost bjam modifier and should run only after the 
 bootstrap.sh has been run
 # This will only run if the ls command returns a 1.
 # This unless  will have to be redone because we have no way of 
 upgrading easily and this is sloppy.
 exec { /tmp/boost_1_41_0/bjam cxxflags=-fPIC install :
 unless  = 'ls /usr/local/include/boost' ,
 path= [/bin/ , /sbin/ , /usr/bin/ , /usr/sbin/]  
 ,
 }
 }
 
 However, after running the above class, I get the following:
 
 err: /Stage[main]/Boost_install/Exec[/tmp/boost_1_41_0/bootstrap.sh]/returns: 
 change from notrun to 0 failed: /tmp/boost_1_41_0/bootstrap.sh returned 1 
 instead of one of [0] at 
 /etc/puppet/modules/boost_install/manifests/init.pp:18
 err: /Stage[main]/Boost_install/Exec[/tmp/boost_1_41_0/bjam cxxflags=-fPIC 
 install]/returns: change from notrun to 0 failed: /tmp/boost_1_41_0/bjam 
 cxxflags=-fPIC install returned 1 instead of one of [0] at 
 /etc/puppet/modules/boost_install/manifests/init.pp:21
 notice: Finished catalog run in 1.31 seconds
 
 I was under the impression that I should be getting the install returned 1 
 output but it's usually silent and the command doesn't run.  I'm assuming 
 that neither the bootstrap or bjam commands should run as the 
 /usr/local/include/boost directories exist on the machine and I'm expecting 
 the ls to return a 0; which it does on the machine because those 
 directories exist.
 
 I'm obviously missing something here and I'm looking for some direction.
 
 I do suspect that this can be done in a more elegant fashion especially since 
 the bjam command is dependent upon the bootstrap.sh script running but I was 
 hoping to at least get this working.
 
 Thanks in advance for the thoughts.

Puppet manifests do not run in a top-down manner, but instead run 
semi-randomly. Because your file and exec resources need to run in a specific 
order, you need to define that order specifically. You can accomplish this by 
keeping the order you have and simply adding a 'require' parameter to each that 
points to the previous resource.

Even better would be to convert the entire thing into a single package/rpm that 
you keep in a repository and have puppet install it with a single 'package' 
resource.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet not upgrading to newer version of Ruby

[Peter Bukowinski]

On Jul 6, 2012, at 11:01 AM, Benjamin Lei wrote:

 I have upgraded my default Ruby (1.8.6) to a newer one (1.8.7). But whenever 
 I run Puppet, it seems to somehow constantly run under Ruby 1.8.6. How do I 
 fix this?

What is the output of 'which ruby' and 'which puppet'?

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Multiple execs within a class

[Peter Bukowinski]

On Jul 6, 2012, at 3:26 PM, Mike Reed wrote:

 Hey Guys,
 
 Thank you Peter and John for your continued input into this one.   I 
 absolutely agree with both of you about building our own packages and as I've 
 been working with puppet and trying to configure these systems, it's become 
 apparent that our own internal repository would be beneficial for a number of 
 reasons.
 
 With that said, I'm quite new to the 'nix world and I suspect building out 
 packages/repository would take a little time and probably a few days of 
 googl'in.  So for the very immediate future, I'd like to get this working so 
 I can get our initial puppet build going.  packages/repository are definitely 
 on my list tho.

I get need to prioritize your to-do list, but do it sooner rather than later. :)

 I'd like to quickly mention that the impetus behind this is that I'd like to 
 run this against machines that we've built up without puppet and if possible, 
 I'd like to refrain from things like the below manifest being run on a 
 machine which already has boost installed, albeit manually without puppet.
 
 I changed the class to the following:
 
 class boost_install {
 # This will place the gzip locally in /tmp.  File is pulled from 
 puppet.
 file { /tmp/boost_1_41_0.tar.bz2 :
 source  = puppet:///boost_install/boost_1_41_0.tar.bz2 ,
 ensure  = present ,
 }
 
 # This will extract the boost gzip to the /tmp directory.
 exec { untar_boost :
 command = tar -xjvf /tmp/boost_1_41_0.tar.bz2 ,
 cwd = /tmp/ ,
 creates = /tmp/boost_1_41_0 ,
 path= [/bin , /usr/sbin] ,
 require = File[/tmp/boost_1_41_0.tar.bz2] ,
 }
 
 # This will run the boost bootstrapper
 exec { /tmp/boost_1_41_0/bootstrap.sh :
 subscribe = Exec[untar_boost] ,
 }
 }
 
 From the above code, I expect a few things to happen:
 1. The exec untar_boost should only fire if /tmp/boost_1_41_0.tar.bz2 is 
 present

Correct, and because of your 'creates' parameter, it won't run again on 
consecutive runs.

 2. The exec /tmp/boost_1_41_0/bootstrap.sh should only fire if the untar 
 boost occurs, which I believe is dependent upon the file being in that 
 location.

Correct.

 (I'm thinking this will work as a temporary dependency as I'm not sure how to 
 make a dependency for the initial file being pulled down.  In other words, I 
 expect the file to be pulled down on every run which I guess is something 
 I'll have to fix later).  I'm thinking if I change from /tmp to something 
 like /usr/src/puppet_pkgs then the files won't be deleted upon reboot and I 
 can use them as a temporary placeholder until I figure out a more elegant 
 solution to this hack that I've put together.

The file won't be pulled down on every run unless is gets removed from /tmp. 
Because you can't count on files sticking around in /tmp, I don't like to use 
it as a destination for any of my file resources. Your /usr/src/puppet_pkgs 
idea is a good one -- at least until you start packaging your software 
deployments. I recommend putting start using fpm on your to-do list, as well: 
https://github.com/jordansissel/fpm/ -- It's a huge time-saver and makes 
package creation dead-simple.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Access denied for user 'dashboard'@'localhost' to database 'dashboard_production'

[Peter Bukowinski]

On Jul 6, 2012, at 5:08 PM, Hai wrote:

 followed the instruction for installing dashboard, and created user
 
 mysql -pmy_password -e CREATE DATABASE dashboard CHARACTER SET utf8;CREATE 
 USER 'dashboard'@'localhost' IDENTIFIED BY 'my_password'; GRANT ALL 
 PRIVILEGES ON dashboard.* TO 'dashboard'@'localhost';
 
 however, I keep getting access denied error:
 
 # rake RAILS_ENV=production db:migrate
 (in /usr/share/puppet-dashboard)
 rake aborted!
 Access denied for user 'dashboard'@'localhost' to database 
 'dashboard_production'
 
 (See full trace by running task with --trace)
 
 
 please help!

Your created a database 'dashboard'. Make sure to put that name into the 
'production:' section of your [dashboad_root]/config/database.yml file.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Nvidia driver install - condition for install

[Peter Bukowinski]

On Jun 29, 2012, at 3:49 PM, Nan Liu wrote:

 On Fri, Jun 29, 2012 at 12:23 PM, Dan White y...@comcast.net wrote:
 - Mike Reed mjohn.r...@gmail.com wrote:
 Hello all,
 
 I'd like to use puppet to install an Nvidia driver on a local workstation.
  I've written the following manifest for this puprpose:
 
 class nvidia_driver {
 # This will place the nvidia installer locally in /tmp.  File is
 pulled from puppet.
 file { /tmp/NVIDIA-Linux-x86_64-295.53.run :
 source  =
 puppet:///modules/nvidia_driver/NVIDIA-Linux-x86_64-295.53.run ,
 ensure  = present ,
 }
 
 # This will run the nvidia installer locally on the machine.
 exec { /tmp/NVIDIA-Linux-x86_64-295.53.run -s -X --opengl-headers
 --no-distro-scripts --force-tls-compat32=new :  }
 
 }
 
 Upon the initial run of the manifest on the target machine, everything
 works great (although I do believe there is some room for improvement of
 the code above; particularly on the exec portion) and the driver then gets
 installed.  The issue occurs on subsequent puppet runs on the same machine
 and I'm getting the following error during my second puppet run from the
 client:
 
 err: /Stage[main]/Nvidia_driver/Exec[/tmp/NVIDIA-Linux-x86_64-295.53.run -s
 -X --opengl-headers --no-distro-scripts --force-tls-compat32=new]/returns:
 change from notrun to 0 failed: /tmp/NVIDIA-Linux-x86_64-295.53.run -s -X
 --opengl-headers --no-distro-scripts --force-tls-compat32=new returned 1
 instead of one of [0] at
 /etc/puppet/modules/nvidia_driver/manifests/init.pp:12
 
 It appears to me that the above error is occurring because the
 nvidia_driver class is running on each subsequent run and since the driver
 is already installed, I'm getting an exit status of 1 instead of 0, which
 to my knowledge would be expected.
 
 So, what I'd like to do is put some sort of condition that will look to see
 if the driver is installed and if it is, the class nvidia_driver won't
 run.  I'm having a hard time figuring this one out and I was hoping to get
 a few opinions on how this might be accomplished.
 
 Would this potentially be a job for a shell script that does the checking?
  Maybe just adding the shell script into the nvidia_driver manifest?
 
 Thanks in advance for everybody's assistance and the help is very much
 appreciated.
 
 Cheers,
 
 Mike
 
 I am working with the same kind of drivers and I have a suggestion:
 
 The driver only needs to be re-installed when the kernel changes version.
 
 I am not sure how to implement this idea, but it is something to check 
 against.
 If I have any revelations, I will post here.
 
 Seems like a custom fact to detect nvidia driver version is the most
 sensible thing since it will also alleviate the need to download the
 binary file in the first place.
 
 Nan

I use a couple custom facts to handle video cards and driver versions.

This fact will return the vendor for all video cards installed in the machine. 
Each card actually gets its own fact named videocard[n], where n starts at 0.
- - - - -
# videocards.rb 

  

controllers = []
output = %x{lspci}
output.each {|s|
controllers.push($1) if s =~ /VGA compatible controller: (.*)/
}

for vc in 0...controllers.length
thecard = videocard + vc.to_s
Facter.add(thecard) do
setcode do
controllers[vc]
end
end
end
- - - - -

This fact gets the driver version for the first video card only. (This 
restriction makes sense in my environment. It might not in yours.) The if 
statement is necessary to allow for the presence and/or success (some cards 
don't work with it) of the nvidia-smi tool.
- - - - -
# nvidiadriver.rb   

   

Facter.add(nvidiadriver) do
setcode do
if Facter.value(:videocard0) =~ /nVidia/
smitest = %x{/usr/bin/nvidia-smi -q}.chomp
if smitest.empty?
%x{awk -F'Driver  ' '/X Driver/{print $2}' /var/log/Xorg.0.log 
| awk '{print $1}'}
elsif smitest.match(/^nvidia-smi/)
%x{awk -F'Driver  ' '/X Driver/{print $2}' /var/log/Xorg.0.log 
| awk '{print $1}'}
else
%x{/usr/bin/nvidia-smi -q -x -i 0 | awk -F'' 
'/driver_version/{gsub(/.*$,);print $2}'}
end
elsif Facter.value(:videocard0) =~ /ATI|AMD/
%x{yum list installed xorg-x11-drv-catalyst.x86_64 | awk 
'/catalyst/{print $2}'}
end
end
end
- - - - -

I use the nvidiadriver fact to restrict where my nvidia driver class runs, e.g.

class nv_driver {
if ! ( $nvidiadriver == '295.59' ) {
file { '/root/NVIDIA-Linux-x86_64-295.59.run':  
   

Re: [Puppet Users] exclude puppetmaster from default

[Peter Bukowinski]

On May 30, 2012, at 12:13 PM, Andrei-Florian Staicu wrote:

 Hi all,
 
 Can you tell me if the puppetmaster (which is also a puppet node) can
 be excluded from the default node definition?
 The idea is that new unclassified nodes should get the puppet.conf and
 auth.conf files by default, but these files are pretty different on
 the master.
 
 Thanks.


The default node definition is only applied to nodes that aren't included in 
any other node definitions. As long as your puppetmaster node is included in 
any other node definition — either explicitly (e.g. 'puppet.domain.org') or by 
glob (e.g. /^puppet/) — the default node definition will not affect it.

-- 
Peter M. Bukowinski
Sr. Systems Engineer
Janelia Farm Research Campus, HHMI

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet not applying my config

[Peter Bukowinski]

On May 24, 2012, at 8:05 PM, macmichael01 macmichae...@gmail.com wrote:

 Hello,
 
 I am running puppet 2.7.11 on my puppet client and puppet master.
 I generated and signed my certs but for some reason my configurations
 are not
 being applied on my client box.
 
 When running the following command it appears to be pulling the
 configurations
 but does not apply them. Is there a special command that I need to
 run
 initially to make this happen?
 
 puppetd --server puppet.example.com --waitforcert 60 --test
 info: Retrieving plugin
 err: /File[/var/lib/puppet/lib]: Could not evaluate: Could not
 retrieve information from environment production source(s)
 puppet://puppet.example.com/plugins
 info: Caching catalog for roxann
 info: Applying configuration version '1337314498'
 notice: Finished catalog run in 0.08 seconds
 
 Here is the configuration that I am trying to apply:
 
 /etc/puppet/manifests/site.pp
 node default {
file { /srv/test_file.txt:
owner = 'root',
group = 'root',
mode  = '0777',
}
 }
 
 Thanks in advance!

Try adding an 'ensure = file,' attribute to the beginning of the file resource 
block. I believe puppet's default behavior is to *not* create a resource unless 
ensure is used to specify it.

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Using Puppet to manage preexisting servers

[Peter Bukowinski]

My first experience with puppet was puppetizing an already deployed 500-node 
HPC cluster. The cluster admin was kind enough to pull a node out of the 
cluster so I could test my manifest/modules on it without affecting production 
nodes. Once I was confident I had it dialed in, I converted while racks at a 
time until all nodes were under puppet's watchful eye.

If this is not possible for you, you could use VMware or Virtualbox and clone a 
server to a VM during a maintenance window and use that for your development. 
Snapshots are very nice to have when testing your manifests as they allow rapid 
and complete undos.

As for reverting changes on non-virtual servers, you can use puppet's 
filebucket -- it is well documented. I, however, am a great fan of having 
regular, non-puppet backups from which to restore original files.

-- Peter (from phone)

On May 16, 2012, at 8:07 AM, Mister IT Guru misteritg...@gmx.com wrote:

 Good Afternoon Puppet List,
 
 I'm investigating the possibility of using puppet to take over an already 
 existing cluster of servers. Ordinarily this doesn't sound like anything out 
 the ordinary, but I've had my hands tied by the cluster owner saying he 
 doesn't want anything to break/fail while I'm wrestling the cluster to be 
 under my control.
 
 Ordinarily, I'd say lets upgrade your working practices while we're at it, 
 and properly manage your whole workflow, manage access and manage who can 
 make changes. Lets start by rebuilding your boxes to specification, and 
 migrating your existing data over. Sounds great, Client says no huh? - Now 
 I need to rethink my strategy.
 
 I was planning on using my current manifests, but I think I'll end up over 
 writing some config file that had a critical setting in it, or change a 
 password somewhere. Usually, I'm not too worried about that, but it did occur 
 to me that I don't have any real sanity checks in my modules.
 
• Are there any recommended ways of using puppet to take over a production 
 environment?
• How can I ensure that when I'm spreading my manifests across the globe, 
 I mean cluster, that any changes can be reverted?
• I understand that every file puppet changes, gets backed up? Where? 
 (embarrassed he doesn't know!)
• Finally, can I force puppet to replace changed files, or is this a 
 manual process?
 
 Thanks,
 -- Mister Guru
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.
 

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] What is the false directory?

[Peter Bukowinski]

Reported.

http://projects.puppetlabs.com/issues/14173

--
Peter

On Apr 24, 2012, at 5:04 PM, Krzysztof Wilczynski wrote:

 Hi,
 
 On Tuesday, April 24, 2012 6:38:27 PM UTC+1, Nigel Kersten wrote:
 This should get reported as a bug though.
 
 We should probably only accept absolute paths for the 'path' parameter, and 
 false should get interpreted as the boolean.
 
 +1
 
 KW 

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] What is the false directory?

[Peter Bukowinski]

Looks like you have an error in your filebucket definition. Did you, perhaps, 
put quotes around false when you defined the path?

-- Peter

On Apr 24, 2012, at 8:13 AM, Sans r.santanu@gmail.com wrote:

 Dear all,
 
 Since last night, Puppet is started creating a directory, named false in the 
 present working directory, if I run puppetd -t manually on the puppet agent. 
 The directory contents are like this:
 
 8/3/e/5/8/6/5/9/83e586594432759eb7aed007e888a172/contents
 8/3/e/5/8/6/5/9/83e586594432759eb7aed007e888a172/path
 
 
 does any one know what are these and why they are being created? Cheers!! 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To view this discussion on the web visit 
 https://groups.google.com/d/msg/puppet-users/-/nKerekDGmcoJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] What is the false directory?

[Peter Bukowinski]

Glad you got it sorted. You've discovered the importance of quoting and *not* 
quoting. The best practice is to single quote any string that does not contain 
a variable. If you're using a variable, use double quotes so it gets 
interpreted properly. Quotes should *not* be used around any of puppet's native 
values, e.g. true/running, false/stopped, present, absent, file, directory, 
link latest, absent, purged, etc.

--
Peter

On Apr 24, 2012, at 9:21 AM, Sans wrote:

 Thanks Peter! Got it now!
 
 You were absolutely right - I had path   = 'false' for filebucket (in the 
 site.pp). 
 But I thought, Puppet recommends to quote around everything (apart from 
 variables). That's not true, I see. Cheers!!
 
 
 
 On Tuesday, April 24, 2012 2:12:02 PM UTC+1, Sans wrote:
 I don't know what exactly you mean: I don't have any path defined with 
 false in it.
 Just figured out that whenever the content of a file is being modified, the 
 false directory is being created with the old file (as content) in it. 
 So, looks like it's actually not modifying the file (in question) at all but 
 replacing with the new one and keeping the old (i.e. original) one in the 
 false directory. Am I making any sense here at all? Cheers!!
 
 
 
 
 On Tuesday, April 24, 2012 1:39:16 PM UTC+1, pmbuko wrote:
 Looks like you have an error in your filebucket definition. Did you, perhaps, 
 put quotes around false when you defined the path?
 
 -- Peter
 
 On Apr 24, 2012, at 8:13 AM, Sans r.santanu@gmail.com wrote:
 
 Dear all,
 
 Since last night, Puppet is started creating a directory, named false in the 
 present working directory, if I run puppetd -t manually on the puppet agent. 
 The directory contents are like this:
 
 8/3/e/5/8/6/5/9/83e586594432759eb7aed007e888a172/contents
 8/3/e/5/8/6/5/9/83e586594432759eb7aed007e888a172/path
 
 
 does any one know what are these and why they are being created? Cheers!! 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To view this discussion on the web visit 
 https://groups.google.com/d/msg/puppet-users/-/nKerekDGmcoJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.
 
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To view this discussion on the web visit 
 https://groups.google.com/d/msg/puppet-users/-/M9LXUDvJXtYJ.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.

--
Peter

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Case statements in a file directive

[Peter Bukowinski]

Looks like you're missing a question mark in the selector in your source 
parameter. It should look like this:

source = $::architecture ? {
 /(i386|i586|i686)/ = puppet:///files/32/usr/local/nagios/libexec,
x86_64 = puppet:///files/64/usr/local/nagios/libexec,
}

--
Peter

On Apr 17, 2012, at 7:44 PM, Geoff Davis wrote:

 Yup, I fat-fingered my response.
 
 On Apr 17, 2012, at 4:10 PM, Denmat tu2bg...@gmail.com wrote:
 
  /(i386|i586|i686/) = 
 should be
  /(i386|i586|i686)/ = 
 shouldn't it?
 
 Den
 On 18/04/2012, at 9:01, Forrie for...@gmail.com wrote:
 
 So, it's choking on this still at the line with the conditional:
 
 Apr 17 18:58:17 test-system puppet-agent[7590]: Could not retrieve
 catalog from remote server: Error 400 on SERVER: Could not parse for
 environment production: Syntax error at '{'; expected '}' at /etc/
 puppet/manifests/classes/nagios-client-test.pp:20 on node test-
 system.my-domain.com
 
 The brackets look balanced to me.
 
 
  file { /usr/local/nagios/libexec:
  require = File['/usr/local/nagios'],
  ensure  = directory,
  owner   = 'root',
  group   = 'root',
  mode= 655,
  recurse = true,
  source  = $::architecture {
  /(i386|i586|i686/) = puppet:///files/32/usr/local/
 nagios/libexec,
  x86_64 = puppet:///files/64/usr/local/
 nagios/libexec,
  }
  }

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] How can I get puppet onto a closed network ?

[Peter Bukowinski]

I'd copy down from the yum.puppetlabs.com site all the packages in the products 
and dependencies repos and set up your own local repos. Point your rhel boxes 
at it and install that way.

The repos would be easier to mirror locally if puppetlabs setup an rsync server 
for them, but right now scraping them with curl/wget or manually downloading is 
your only option.

--
Peter

On Mar 22, 2012, at 6:52 PM, BigCod mar...@gmail.com wrote:

 I've a network of RHEL5.3 servers with no internet acess  that I'd
 like to get puppet onto.
 
 All I have is the RHEL5.3 DVD media set up as a yum repo.
 
 Is there some way I can download puppet and all its dependencies so I
 can bundle them together and install them on my closed network ?
 
 I'm thinking  I could install centos on a machine with net access,
 download and save all the puppet rpms to that ad copy accross to my
 closed network, is this the correct method ?
 
 -- 
 You received this message because you are subscribed to the Google Groups 
 Puppet Users group.
 To post to this group, send email to puppet-users@googlegroups.com.
 To unsubscribe from this group, send email to 
 puppet-users+unsubscr...@googlegroups.com.
 For more options, visit this group at 
 http://groups.google.com/group/puppet-users?hl=en.
 

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] import manifest inside subdirectory

[Peter Bukowinski]

On Mar 20, 2012, at 12:47 PM, Pablo Fernandez wrote:

 Hi,
  
 I am trying to import some manifests manually (outside the modules tree) and 
 it does not seem to work fine. I have the files:
 manifests/site.pp
 manifests/data/file1.pp
  
 Inside site.pp I do:
 import data/file1.pp
  
 And that doesn't work. But if I rename data/file1.pp by data_file1.pp, and 
 place it in the same directory as site.pp (so, no subdirectories), it works.
  
 I was reading the language guide, and it seems like import should work the 
 way I use it, but it does not, at least in my case.
  
 Any clue?
  
 Thanks,
 Pablo


Individual files can only be imported from the same directory as the site.pp. 
If you want to import from a subdirectory you'll need use globbing:

import 'data/*'

This is covered in the Importing Manifests section of the language guide.
http://docs.puppetlabs.com/guides/language_guide.html#importing-manifests

-- 
Peter M. Bukowinski
Sr. Systems Engineer
Janelia Farm Research Campus, HHMI

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Disable polling interval

[Peter Bukowinski]

On Mar 17, 2012, at 11:44 AM, Afroz Hussain hussainaph...@gmail.com wrote:

 I have created a script which restart the services . Since by default
 the polling interval is 30 min, Hence it is getting restarted every 30
 min.. Is there any away to force that script to run as per our
 requirement.
 In another word, How to stop that script to make any changes on the
 agent without removing from nodes.pp
 
 Thanks
 Afroz Hussain

Are you using an exec resource to run the script? Why not let puppet keep 
running on its regular interval and use a cron resource to schedule the script 
as required?

--
Peter Bukowinski

-- 
You received this message because you are subscribed to the Google Groups 
Puppet Users group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.