Re: [Puppet Users] Re: How do I "cd" (change directory) with Puppet's exec?

2012-07-06 Thread Hendrik Jäger
Hi, On Thu, 5 Jul 2012 22:33:00 -0700 (PDT) Benjamin Lei wrote: > Specifically, when I have "cd" in command => ".." it says it cannot > find the command "cd". Because it is a builtin command in the shell. Either let a shell execute your command or use the pwd (or cwd?) parameter. Best regards

[Puppet Users] Puppet not "refreshing" its session (from Vagrant maybe)?

2012-07-06 Thread Benjamin Lei
So I have added a config in Puppet to replace my OS's old Ruby version with a newer one. Unfortunately, it seems that if I run vagrant provision again (which essentially does a puppet apply), Vagrant (or Puppet) reuses the same ssh session or bash shell or whatever it is. As such, for my config

[Puppet Users] Re: Puppet not "refreshing" its session (from Vagrant maybe)?

2012-07-06 Thread Benjamin Lei
This is also a big problem because I want to also install Rails and the default Ruby version on the OS won't allow me to install that gem... as such once thew newer version of Ruby is installed and Puppet tries to install Rails, it still complains about Rails requiring a higher Ruby version (>=

[Puppet Users] How to use thin_storeconfigs

2012-07-06 Thread Bernd Adamowicz
Which is the right way to use thin_storeconfigs? Currently I'm about to try this: storeconfigs = true thin_storeconfigs = true Or should it be only a single line containing the 'thin_storeconfigs' directive without 'storeconfigs=true'? Thanks Bernd -- You received this message because you ar

[Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martinus
I have a problem on 3 out of ~40 servers that gives the following error: err: Could not request certificate: SSL_connect returned=1 errno=0 state=unknown state: sslv3 alert handshake failure >From previous posts, I made sure that SSLVerifyClient is set to optional. I also cleared /var/lib/pupp

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martin Alfke
Hi, - check time on client and server - check ruby version on the 3 server which fail - check SSLDir configuration in /etc/puppet/puppet.conf on the 3 systems. Martin On 06.07.2012, at 09:57, Martinus wrote: > I have a problem on 3 out of ~40 servers that gives the following error: > > err: Co

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martinus
Martin, Right. Time is good (NTP) on all 3 clients and server. And I double checked just now with ntpq -p (largest offset was -20). There are different time zones, but then so has the working systems different time zones. Ruby version on all 3 clients and server: ruby 1.8.7 (2011-06-30 patchl

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martin Alfke
On puppet master: puppet cert --clean on client: rm -fr /var/lib/puppet/ssl/* puppet agent --test check on master for signing request: puppet cert --list On 06.07.2012, at 10:25, Martinus wrote: > Martin, > > Right. > > Time is good (NTP) on all 3 clients and server. And I double checked j

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martinus
There is nothing to clean, as "puppet cert --list" or "puppet cert --list --all" does not have an entry for those 3 particular servers. Deleting the client side ssl* makes no difference either. The client will recreate the ssl (good) and the same error pops up, without anything showing up on t

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martin Alfke
On 06.07.2012, at 11:09, Martinus wrote: > There is nothing to clean, as "puppet cert --list" or "puppet cert --list > --all" does not have an entry for those 3 particular servers. > > Deleting the client side ssl* makes no difference either. The client will > recreate the ssl (good) and the

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martinus
Martin, No, the clients fail again with exactly the same error once I switch apache back on. Your configuration is slightly different than what I have: ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY Now lets see what happens if I use your example ... Nope, th

Re: [Puppet Users] How to use thin_storeconfigs

2012-07-06 Thread Brice Figureau
On Fri, 2012-07-06 at 09:43 +0200, Bernd Adamowicz wrote: > Which is the right way to use thin_storeconfigs? Currently I'm about to try > this: > > storeconfigs = true > thin_storeconfigs = true > > Or should it be only a single line containing the 'thin_storeconfigs' > directive without 'store

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Matthew Burgess
> As an additional note, when I stop apache and start puppetmaster with its > inbuilt web server, then these 3 clients are happy. Ah, that triggered a memory! http://projects.puppetlabs.com/projects/1/wiki/Using_Passenger has an example Apache config stanza for the puppetmaster virtualhost. In i

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martinus
Martin, Everything is worth a try ! But it did not work :( I commented out that line (SSLCARevocationFile) and restarted apache. No change on the working servers, good. No change on the broken servers, bad. Martinus. On Friday, 6 July 2012 11:02:10 UTC+1, Matthew Burgess wrote: > > > As an

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martinus
It would also help if I call people by their right name, sorry Matt :) On Friday, 6 July 2012 11:02:10 UTC+1, Matthew Burgess wrote: > > > As an additional note, when I stop apache and start puppetmaster with > its > > inbuilt web server, then these 3 clients are happy. > > Ah, that triggered a

Re: [Puppet Users] Multiple execs within a class

2012-07-06 Thread Peter Bukowinski
On Jul 6, 2012, at 12:53 AM, Mike Reed wrote: > Hello all, > > I'm looking to run multiple commands via exec within a single class like so: > > class boost_install { > # This will place the gzip locally in /tmp. File is pulled from > puppet. > file { "/tmp/boost_1_41_0.tar.bz2

Re: [Puppet Users] Automated deployement with puppet

2012-07-06 Thread mouhcine MOULOU
Hi Pete, Thanks for your reply, i thought it demand another resource type, i'll manage it with the file resource Thanks for your help, Le vendredi 6 juillet 2012 01:14:30 UTC+2, Pete a écrit : > > Hi Mouhcine, > > I find that if you can script it you can manage it with puppet and I > haven

[Puppet Users] Re: is nodes.pp a default file?

2012-07-06 Thread jcbollinger
On Thursday, July 5, 2012 9:57:55 PM UTC-5, Hai wrote: > > Hi, > > is nodes.pp a default file,like sites.pp, or I have to import it in > puppet.conf? > If you use a nodes.pp file then you have to import it manually. Typically, that takes the form of import 'nodes.pp' at the top of your mai

Re: [Puppet Users] sslv3 alert handshake failure

2012-07-06 Thread Martin Alfke
>From http://projects.puppetlabs.com/projects/1/wiki/Certificates_And_Security Check certificate and validity: openssl x509 -text -noout -in /var/lib/puppet/ssl/certs/hostname.tld.pem How do you specifiy the puppetmaster on the clients? Do you have a server= line in puppet.conf? How do the thr

[Puppet Users] Puppet not upgrading to newer version of Ruby

2012-07-06 Thread Benjamin Lei
I have upgraded my default Ruby (1.8.6) to a newer one (1.8.7). But whenever I run Puppet, it seems to somehow constantly run under Ruby 1.8.6. How do I fix this? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the w

Re: [Puppet Users] Re: How do I "cd" (change directory) with Puppet's exec?

2012-07-06 Thread jcbollinger
On Friday, July 6, 2012 2:10:13 AM UTC-5, Hendrik Jäger wrote: > > [...] let a shell > execute your command [...] > Which you can do fairly easily by adding "provider => 'sh'" to your Exec's parameters. Or if you need a non-default shell or you just like doing things the hard way, then you c

Re: [Puppet Users] Multiple execs within a class

2012-07-06 Thread jcbollinger
On Friday, July 6, 2012 6:52:01 AM UTC-5, pmbuko wrote: > > > Puppet manifests do not run in a top-down manner, but instead run > semi-randomly. Because your file and exec resources need to run in a > specific order, you need to define that order specifically. You can > accomplish this by keep

[Puppet Users] Node not find

2012-07-06 Thread pierre-emmanuel degand
Hi, my new server doesn't find his node *whereas i did the same for my others servers and it works on them*. My key is generated and signed by my master (i had had to add my puppetmaster in /etc/hosts). My node : *node 'vpsX.ovh.net' { * * * *}* * * It's save in vpsX.ovh.net.pp in pupp

[Puppet Users] Have puppet store updated facts in couchdb without updating configuration

2012-07-06 Thread ZJE
We have a test puppet environment where we use couchDB as a facts terminus. We are thinking of using facter+couch as our new inventory system and would like to be able to pull inventory without having to resolve puppet configurations on our servers (we have very strict change management procedu

Re: [Puppet Users] Node not find

2012-07-06 Thread Dan Bode
On Fri, Jul 6, 2012 at 4:22 AM, pierre-emmanuel degand < pierreemmanuel.deg...@gmail.com> wrote: > Hi, my new server doesn't find his node *whereas i did the same for my > others servers and it works on them*. My key is generated and signed by > my master (i had had to add my puppetmaster in /etc/

[Puppet Users] Intermittent problem with compiling catalog on puppet 2.7.17

2012-07-06 Thread Stephanie Jackson
Hi all, Ran into a weird problem today. Puppet's been working in a non-daemonized environment for several weeks now without issue. We regularly run puppet with the --onetime flag to update our environment. This is running on Centos 6.2. Catalogs have been compiling in 1 - 5 seconds generall

Re: [Puppet Users] Have puppet store updated facts in couchdb without updating configuration

2012-07-06 Thread Dan Bode
On Fri, Jul 6, 2012 at 9:01 AM, ZJE wrote: > We have a test puppet environment where we use couchDB as a facts > terminus. We are thinking of using facter+couch as our new inventory system > and would like to be able to pull inventory without having to resolve > puppet configurations on our serve

Re: [Puppet Users] Puppet not upgrading to newer version of Ruby

2012-07-06 Thread Peter Bukowinski
On Jul 6, 2012, at 11:01 AM, Benjamin Lei wrote: > I have upgraded my default Ruby (1.8.6) to a newer one (1.8.7). But whenever > I run Puppet, it seems to somehow constantly run under Ruby 1.8.6. How do I > fix this? What is the output of 'which ruby' and 'which puppet'? -- Peter Bukowinski

[Puppet Users] puppet agent won't recognize configuration

2012-07-06 Thread catshirt
hi all, just started using puppet and i think it's great. but i'm having a number of problems surrounding the authentication of the servers. on a fresh master, when i create a new client using the node_aws cloud provisioner (using --certname), the agent doesn't respect the generated configurat

[Puppet Users] Re: puppet agent won't recognize configuration

2012-07-06 Thread catshirt
i should add, i tried changing ownership (recursively) for /etc/puppet, to both my user, and the puppet user, to no avail. On Friday, July 6, 2012 12:35:17 PM UTC-4, catshirt wrote: > > hi all, > > just started using puppet and i think it's great. but i'm having a number > of problems surroundin

[Puppet Users] can the puppet client version be older than the server's?

2012-07-06 Thread Hai Tao
If I upgrade my puppet server to a new version, do I have to upgrade all the client to the same version? -- Hai Tao -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubsc

[Puppet Users] Re: puppet with stored configurations mysql connection error

2012-07-06 Thread Derek Higgins
Hi, selinux may be preventing puppetmaster from talking to mysql, try > setenforce 0 also if this works and you want to leave selinux running, it looks like there is a boolean to allow this (on RHEL at least) > setenforce 1 > setsebool puppetmaster_use_db on Hope this helps, Derek -- You re

[Puppet Users] Re: can the puppet client version be older than the server's?

2012-07-06 Thread catshirt
it depends on what version you were on, and which you upgraded to. the master and agent versions don't necessarily have to match, as long as the agent is *not* a more recent version than your master. discussion: https://groups.google.com/forum/?fromgroups#!topic/puppet-users/6WVfdgsEp-0 On Fri

[Puppet Users] Re: puppet with stored configurations mysql connection error

2012-07-06 Thread ashrith
Thanks for the reply Derek, but I have already disabled SELINUX as well as iptables!. So that wasn't clearly the problem here. On Friday, July 6, 2012 9:53:14 AM UTC-7, Derek Higgins wrote: > > Hi, >selinux may be preventing puppetmaster from talking to mysql, try > > setenforce 0 > > also if

[Puppet Users] Re: on puppet master server , puppet agent can't connect to itself

2012-07-06 Thread Clay
On Wednesday, 4 July 2012 13:56:10 UTC-7, Clay wrote: > > on my puppet master server (v 2.7.17 , both server and client version) , > the puppet agent can't connect to itself. other clients connected to this > puppet server are working fine. > the hostname is puppet.domain.com > > [root@puppet

[Puppet Users] Re: on puppet master server , puppet agent can't connect to itself

2012-07-06 Thread Clay
I don't have to have the puppet agent on the puppet server up , but when setting up puppetdb , I got this error from clients: # puppet agent --test err: Could not retrieve catalog from remote server: Error 400 on SERVER: Failed to submit 'replace facts' command for client1.domain.com to Puppe

[Puppet Users] install require a lower version of glibc-common

2012-07-06 Thread Hai
I got a strange error when I installed puppet on CentOS 6.2, that it asks for a glibc-common = 2.12-1.7.el6 while I have glibc-common-2.12-1.47.el6.x86_64 installed. why 2.12-1.47 cannot be used? Error: Package: glibc-2.12-1.7.el6.i686 (base-tn60) Requires: glibc-common = 2.12-1.7.el

Re: [Puppet Users] install require a lower version of glibc-common

2012-07-06 Thread Christopher Wood
On Fri, Jul 06, 2012 at 10:21:52AM -0700, Hai wrote: >I got a strange error when I installed puppet on CentOS 6.2, that it asks >for a glibc-common = 2.12-1.7.el6 while I have >glibc-common-2.12-1.47.el6.x86_64 installed. > >why 2.12-1.47 cannot be used? Sounds like you might want

[Puppet Users] puppetdb listening on ipv6 port 8081 , not ipv4

2012-07-06 Thread Clay
trying to deploy puppetdb , puppet server is RHEL 6.1 , [root@puppet ~]# rpm -qa|grep puppet puppetdb-0.9.1-2.el6.noarch puppet-dashboard-1.2.9-1.el6.noarch puppet-server-2.7.17-1.el6.noarch puppetdb-terminus-0.9.1-2.el6.noarch puppet-2.7.17-1.el6.noarch on the clients, got an error for puppet

[Puppet Users] Re: How to get an input file to a facter ?

2012-07-06 Thread eduardo
Hi john, This data are need for check a valid users on nodes. We are pretending massive load accounts by ENC. The batch (json) is prepare by external program which, in our scenario is a normal way to create accounts. But users can create new accounts by 'hand' when they log in because they have su

Re: [Puppet Users] Re: on puppet master server , puppet agent can't connect to itself

2012-07-06 Thread Deepak Giridharagopal
On Fri, Jul 6, 2012 at 11:21 AM, Clay wrote: > I don't have to have the puppet agent on the puppet server up , but when > setting up puppetdb , I got this error from clients: > > # puppet agent --test > err: Could not retrieve catalog from remote server: Error 400 on SERVER: > Failed to submit

Re: [Puppet Users] puppet-server-3.0.0-0.1rc3.2 with foreman-1.0.0-0.4

2012-07-06 Thread Ohad Levy
On Wed, Jul 4, 2012 at 6:49 PM, pdpinfo wrote: > Hi all, > > just trying a lab with newest versions: > > - puppet-server: 3.0.0-0.1rc3.2 > - passenger: 3.0.12-1 > - foreman: 1.0.0-0.4 > > I hit problems with foreman 1.0 not able to work with Puppet 3.0. > > Foreman 1.0 worked correctly with pup

Re: [Puppet Users] puppet-server-3.0.0-0.1rc3.2 with foreman-1.0.0-0.4

2012-07-06 Thread Eric Shamow
Ohad, Without poking too deeply, the "Could not find value for $confdir" raises an eyebrow - possible that you are referencing a global, which will be deprecated in the next major release. You'll need to fully qualify scope: http://docs.puppetlabs.com/guides/scope_and_puppet.html This should b

[Puppet Users] Certificate problems.

2012-07-06 Thread llow...@oreillyauto.com
I'm setting up a dev / test environment using a couple of Ubuntu 12.04 VMs. I have puppet installed on one of them, and am trying to get it to sync against itself to get certain things in place to distribute with the nodes. However, I am having some issues. # puppet agent --test info: Creating

[Puppet Users] Re: How to get an input file to a facter ?

2012-07-06 Thread jcbollinger
On Friday, July 6, 2012 1:05:47 PM UTC-5, eduardo wrote: > > Hi john, This data are need for check a valid users on nodes. We are > pretending massive load accounts by ENC. The batch (json) is prepare > by external program which, in our scenario is a normal way to create > accounts. But users

[Puppet Users] Re: Multiple execs within a class

2012-07-06 Thread Mike Reed
Hey Guys, Thank you Peter and John for your continued input into this one. I absolutely agree with both of you about building our own packages and as I've been working with puppet and trying to configure these systems, it's become apparent that our own internal repository would be beneficial

Re: [Puppet Users] puppetdb listening on ipv6 port 8081 , not ipv4

2012-07-06 Thread Deepak Giridharagopal
On Fri, Jul 6, 2012 at 11:48 AM, Clay wrote: > trying to deploy puppetdb , puppet server is RHEL 6.1 , > > [root@puppet ~]# rpm -qa|grep puppet > puppetdb-0.9.1-2.el6.noarch > puppet-dashboard-1.2.9-1.el6.noarch > puppet-server-2.7.17-1.el6.noarch > puppetdb-terminus-0.9.1-2.el6.noarch > puppet-

Re: [Puppet Users] puppetdb listening on ipv6 port 8081 , not ipv4

2012-07-06 Thread Deepak Giridharagopal
On Fri, Jul 6, 2012 at 11:48 AM, Clay wrote: > trying to deploy puppetdb , puppet server is RHEL 6.1 , > > [root@puppet ~]# rpm -qa|grep puppet > puppetdb-0.9.1-2.el6.noarch > puppet-dashboard-1.2.9-1.el6.noarch > puppet-server-2.7.17-1.el6.noarch > puppetdb-terminus-0.9.1-2.el6.noarch > puppet-

Re: [Puppet Users] puppet-server-3.0.0-0.1rc3.2 with foreman-1.0.0-0.4

2012-07-06 Thread Matthaus Litteken
This commit may also be useful in figuring out what has changed: https://github.com/puppetlabs/puppet/commit/0cea47ec90e77e81c27ffbedbd46bb5357a45d66 (it was part of this ticket: https://projects.puppetlabs.com/issues/14609) The sample config.ru for puppet under rack was updated for Telly because

[Puppet Users] Re: Certificate problems.

2012-07-06 Thread llow...@oreillyauto.com
Just as an update, I found a workaround by setting certname to the IP, but I was still wondering if this is the best solution when there isn't a "real" hostname on the system(s)? On Friday, July 6, 2012 2:22:51 PM UTC-5, llo...@oreillyauto.com wrote: > > I'm setting up a dev / test environment u

[Puppet Users] Re: How to get an input file to a facter ?

2012-07-06 Thread eduardo
John I really appreciate all your effort to help me. You are very close to my scenario (points 1 , 2 , 3) > I still don't see the point of relying on a client-side whitelist, though. > Why do you need to filter whitelisted users from the fact value on the > client side? Why can't you do it on t

Re: [Puppet Users] Re: Multiple execs within a class

2012-07-06 Thread Peter Bukowinski
On Jul 6, 2012, at 3:26 PM, Mike Reed wrote: > Hey Guys, > > Thank you Peter and John for your continued input into this one. I > absolutely agree with both of you about building our own packages and as I've > been working with puppet and trying to configure these systems, it's become > appa

[Puppet Users] Re: puppetdb listening on ipv6 port 8081 , not ipv4

2012-07-06 Thread Clay
here's the jetty.ini . [jetty] # Hostname to list for clear-text HTTP. Default is localhost #host = localhost # Port to listen on for clear-text HTTP. port = 8080 ssl-host = puppet.domain.com ssl-port = 8081 ... -- You received this message because you are subscribed to the Google Groups "

[Puppet Users] Re: Certificate problems.

2012-07-06 Thread catshirt
quite new with puppet myself so take this for what it's worth; if you didn't configure puppet so that it points to the correct server, it will by default look for the machine named `puppet`. presumably, if you're not modifying DNS, you'll need to reconfigure your agent to connect to the correct

Re: [Puppet Users] Re: Certificate problems.

2012-07-06 Thread Jan Ivar Beddari
On 06. juli 2012 22:17, llow...@oreillyauto.com wrote: Just as an update, I found a workaround by setting certname to the IP, but I was still wondering if this is the best solution when there isn't a "real" hostname on the system(s)? echo "192.168.1.1 puppet" | sudo tee -a /etc/hosts and read

[Puppet Users] Access denied for user 'dashboard'@'localhost' to database 'dashboard_production'

2012-07-06 Thread Hai
followed the instruction for installing dashboard, and created user mysql -pmy_password -e "CREATE DATABASE dashboard CHARACTER SET utf8;CREATE USER 'dashboard'@'localhost' IDENTIFIED BY 'my_password'; GRANT ALL PRIVILEGES ON dashboard.* TO 'dashboard'@'localhost';" however, I keep getting acce

Re: [Puppet Users] Access denied for user 'dashboard'@'localhost' to database 'dashboard_production'

2012-07-06 Thread Peter Bukowinski
On Jul 6, 2012, at 5:08 PM, Hai wrote: > followed the instruction for installing dashboard, and created user > > mysql -pmy_password -e "CREATE DATABASE dashboard CHARACTER SET utf8;CREATE > USER 'dashboard'@'localhost' IDENTIFIED BY 'my_password'; GRANT ALL > PRIVILEGES ON dashboard.* TO 'das

[Puppet Users] Re: Intermittent problem with compiling catalog on puppet 2.7.17

2012-07-06 Thread Eric Sorenson
Hi, a few things that come to mind: - Is DNS OK? Any NFS involved on your master? kind of seems like an underlying network related issue - Do you use storedconfigs/puppetdb? If so how's the DB looking? - Are you using passenger/apache or some other web server combo? Are there tons of processes s

[Puppet Users] Re: on puppet master server , puppet agent can't connect to itself

2012-07-06 Thread Clay
Thanks. I already disabled puppetdb and still got the above 403 "Forbidden" error, also tried remove /etc/puppet/ssl and restarted puppet master, same error. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To view this discussion on the w

Re: [Puppet Users] Puppet not upgrading to newer version of Ruby

2012-07-06 Thread Benjamin Lei
By me: /usr/local/bin/ruby /usr/bin/puppet By puppet: /usr/bin/ruby /usr/bin/puppet Huh that's weird :/ How do I make it so that ruby installs under /usr/bin then? Here's what I currently do: > exec { "unload-ruby": > command => "wget > ftp://ftp.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p370.tar.g

[Puppet Users] Re: How to get an input file to a facter ?

2012-07-06 Thread eduardo
Hi John, I build a custom function to filter whitelisted. I didn't realized that custom functions can call facter by lookupvar. Thanks you for your suggestions. Best Regards, eduardo. On 6 jul, 16:34, eduardo wrote: >  John I really appreciate all your effort to help me. >  You are very