First thing I would do is use 'augtool' on the command line and checking
for any errors trying to parse your current /etc/hosts.allow file:
augtool
ls /augeas/files/etc/hosts.allow/error
(maybe *errors* plural, can't remember off the top of my head ... play with
the path as I may have typo'd
If that seemed to help maybe you need to tune your mysql server(s)? I've
tuned mine quite a bit from default OS distro settings using
http://mysqltuner.pl/mysqltuner.pl as I myself am not a mysql expert.
I've also separated mysql to a different server then what my puppetmasters
run on.
Try something like the following instead (added 'incl' and 'lens' and
removed context as its default based on incl is what you had) :
augeas { 'homeLV':
incl = '/etc/fstab',
lens = 'Fstab.lns',
changes = [
'set *[file = /home]/dump 0',
'set *[file = /home]/passno 0',
],
onlyif
Ohad,
Thanks very much for the reply. Functionally we do not use storeconfigs
(no exported resources). We just like having all of the facts available to
query/search against (CMDBish). I guess since we use Foreman this means we
really don't need to use storeconfigs to do what we want, but
I'm trying to figure out if there is a common/working setup that people are
using to host puppet in remote sites.
At first our setup was that we have several puppetmasters (PM) in site A
and a couple in our smaller site B. In site A we are also hosting Foreman
and our mysql DB for
I'm going to admit I don't have the best setup here! :) There are things
I want to do to improve what I have now, just need to get room on the plate
to do it.
Right now my 'CA PM' is also a PM for the other PMs ... :-\ So my PMs that
are behind HAproxy have a puppet::master class assigned
Check my reply in
https://groups.google.com/forum/?fromgroups#!searchin/puppet-users/USPS/puppet-users/q3bFvenGueI/hQExZ1X7pcwJ
I'll add that we do loadbalance across multiple puppetmasters. At first we
were using DNS round-robin to do it, and now use haproxy which a good
article on
:39 PM, Jake - USPS wrote:
I'll add that we do loadbalance across multiple puppetmasters. At first
we were using DNS round-robin to do it, and now use haproxy which a good
article on utilizing was written up not too long
ago http://blog.ronvalente.net/blog/2012/05/19/puppet
if others wanted to know the bug I filed:
https://projects.puppetlabs.com/issues/14399
Thanks again for your help with this!!
Jake
On Friday, May 11, 2012 8:08:52 AM UTC-5, jcbollinger wrote:
On May 10, 8:15 am, Jake - USPS jacob.m.mcc...@usps.gov wrote:
John,
I've made everything
Does that mean there is currently not a way to do this straight in foreman?
This is something I would like also (as of yesterday :P). I don't really
want to script my own solution based off foreman data ... cause maybe my
'defaults' will change and I would love to have that tracked in foreman
Continuing discussion at thread in foreman users @
https://groups.google.com/forum/?fromgroups#!topic/foreman-users/uhW_EwO4LLg
--
You received this message because you are subscribed to the Google Groups
Puppet Users group.
To view this discussion on the web visit
John,
I've made everything fully qualified as you suggested, and also split the
define to its own file as you suggested. I've restarted my master as you
suggested. I'm still running into the issue. :(
I think now I will try the latest version of puppet to see if this is
something that was
I was getting timeouts before as well. Usually had to do with apache
MaxClients being reached (running apache/passenger setup) so then increased
that if the system could handle some more load. Other times it was from
too much load on our puppetmasters so needed to increase # of CPU and
John,
Thanks so much for the response. It sounds to me like what I am trying to
do should be working, but because you can not verify a couple things you
can't comment on if I've implemented it correctly or not.
So firstly, I am including the class 'oracle_db::hugepages'. This is
assigned to
Should I be able to override a parameter in a define? I've been searching
the group and found answers both saying you can and can't
CAN:
https://groups.google.com/forum/?fromgroups#!searchin/puppet-users/override$20define/puppet-users/Jb9Xr02dR7U/_LzailkL5-0J
CANT:
So we are trying to use async_storeconfigs. It seems when I get it
all up and running the hosts.ip for an agent gets its hosts.ip entry
in the DB set to the puppetmaster that it got its catalog from instead
of its own IP.
If I turn async_storeconfigs off and re-run puppet agent on the node
that
So recently I deployed some new puppet code in our environment and
noticed CPU utilization on our puppetmasters went up a bit. This lead
me to wonder what exactly did I add to cause catalog compiling to
utilize more CPU? I was wondering if there is a way to check how long
different parts in a
We have an environment of thousands of servers. Up to this point we
have been using puppet to manage resources common to all systems (ntp,
ssh, etc) which are managed automatically (without manually assigning
class/module to a system) and also resources for applications that
make up a majority of
:
inline
On Fri, Nov 18, 2011 at 07:26:45AM -0800, Jake - USPS wrote:
We have an environment of thousands of servers. Up to this point we
have been using puppet to manage resources common to all systems (ntp,
ssh, etc) which are managed automatically (without manually assigning
class
for that group), or if someone has a better solution overall
disregarding what I've done.
Thanks!
Jake
On Nov 18, 10:11 am, Jake - USPS jacob.m.mcc...@usps.gov wrote:
Thank you both for your responses.
I do already have a define for adding items to limits.conf and
sysctl.conf (using augeas). So
to screw up any recipes.
Regards,
Jake
On Aug 31, 10:05 am, Jake - USPS jacob.m.mcc...@usps.gov wrote:
Just updated to 2.7.3 from 2.6.9. That's when 'Could not retrieve
operatingsystem: undefined method `+' for nil:NilClass' started
popping up. It doesn't seem to be causing any real issues
Just updated to 2.7.3 from 2.6.9. That's when 'Could not retrieve
operatingsystem: undefined method `+' for nil:NilClass' started
popping up. It doesn't seem to be causing any real issues, but its
there.
hostname:/etc/puppet # puppet agent --test
info: Retrieving plugin
Could not retrieve
I think there is a version issue. I had Eclipse Galileo (3.5.2)
installed from Ubuntu (11.04) and had similar issues (dependency
issues, different 'pacakges'). I downloaded Indigo (3.7) and don't
have issues now.
One thing I noticed was in the Geppetto 'repo' it has a list of
plugins other then
For the item:
Notice Changed Manifests on the First Try
---
During the 2.6.x series, puppet agent would sometimes require two
runs
to receive new configurations when puppet master was running under
Passenger. This persistent bug has been dealt with. (This change will
also be appearing in the
I'm trying to use environments and seem to be failing. Right now I
have 4 defined environments: production, cat, development, beta
They are defined as follows on my puppetmaster:
cat /etc/puppet/puppet.conf
[main]
pluginsync = true
vardir = /var/lib/puppet
manifest =
Nan,
Thanks for your help. That seems to be the issue for me. I'll have
to consider that when doing some of the things I do!
Thanks everyone for your responses!
Regards,
Jake
On Jun 1, 1:48 pm, Nan Liu n...@puppetlabs.com wrote:
On Wed, Jun 1, 2011 at 11:31 AM, Jake - USPS jacob.m.mcc
Maybe if you edit /foreman-location/config/settings.yaml and
uncomment :modulepath and set it to your modulepath and then restart
the webserver? This is just an educated guess as I use a standard
location, but that seems like a good start. Otherwise, if you have
more questions about foreman you
I'm running into an issue where I have a resource (package ipwatchd)
dependent on another resource (exec fix_sle_sdk_pool_repo), but the
resource that its dependent on isn't being included into the catalog.
What's where is that the ipwatchd resource is actually dependent on 5
different exec
other modules/manifests to make sure I didn't have usps-
ipwatchd somewhere else also and its not. So I'm not sure that is the
issue.
Thanks,
Jake
On May 20, 10:44 am, Nigel Kersten ni...@puppetlabs.com wrote:
On Fri, May 20, 2011 at 8:29 AM, Jake - USPS jacob.m.mcc...@usps.govwrote:
I'm
!
Jake
On May 3, 12:53 pm, Matt Wise w...@wiredgeek.net wrote:
the ttl setting is 'ca_ttl' i think in puppet.conf.. and yes, you'll
ultimately need to re-sign the certs for clients when they expire. the
default is 1 year though, so it[ll be a while.
On Apr 29, 2011, at 10:32 AM, Jake - USPS
Levy ohadl...@gmail.com wrote:
On Tue, May 3, 2011 at 9:29 PM, Jake - USPS jacob.m.mcc...@usps.gov wrote:
Thanks for the response. I found it in the genconf now. Looks like
default is 5y. I'll be changing it for my needs.
note that the CA itself is signed for 5 years too... (and it seems
for clients when they expire. the
default is 1 year though, so it[ll be a while.
On Apr 29, 2011, at 10:32 AM, Jake - USPS wrote:
Yea, I'm new to puppet ... sounds like now I have to worry about certs
eventually expiring and regenerate/sign them to keep nodes happy?
Seems Trevor
an
obvious feature addition.
I looked and could not find an actual bug report requesting this
functionality explicitly, so I opened one:
http://projects.puppetlabs.com/issues/7272
On Apr 27, 2011, at 2:54 PM, Ohad Levy wrote:
On Thu, Apr 28, 2011 at 12:17 AM, Jake - USPS
it off the CA Server. More details in the link above.
This is working great for me and I'll be using it until similar
functionality is included by default in puppet.
Regards,
Jake
On Apr 14, 8:50 am, Jake - USPS jacob.m.mcc...@usps.gov wrote:
Nevermind, looks like its in 2.7.0rc1
http
understand your idea. I'm thinking of giving this a try.
Thanks,
Jake
On Apr 15, 3:36 am, Russell Howe rh...@moonfruit.com wrote:
-Original Message-
From: puppet-users@googlegroups.com
[mailto:puppet-users@googlegroups.com] On Behalf Of Jake - USPS
Sent: 14 April 2011 19:58
To: Puppet
Here is one idea I've had and tested ... but it has some obvious
drawbacks which I'll detail ... still wondering if there are others.
On the ca_server I did: puppetca --generate client
I then copied the following generated files:
ssl/private_keys/client.pem (certA)
ssl/ca/signed/client.pem
On Apr 14, 8:41 am, Ohad Levy ohadl...@gmail.com wrote:
On Thu, Apr 14, 2011 at 4:31 PM, Jake - USPS jacob.m.mcc...@usps.govwrote:
Also, what is foreman and how could it help. Not familiar with that
product.
Foreman takes care for the entire process, things like provisioning, class
Nevermind, looks like its in 2.7.0rc1
http://groups.google.com/group/puppet-users/browse_thread/thread/b3b50d3c4e449a60
cb01221 (#3360) Add an allow_duplicate_certs option
On Apr 14, 8:45 am, Jake - USPS jacob.m.mcc...@usps.gov wrote:
Thanks for the reply. I'm just starting to understand
I saw this feature became available in 2.7.0rc1 and wanted to try it
out. I entered 'allow_duplicate_certs = true' on both my master and
agent systems in the puppet.conf (not sure if its need in both, saw it
in genconf for puppetd and puppetmasterd though ...). I also have
autosign.conf
of these step.
Cheers,
Dominic Maraglia
On 4/14/11 7:37 AM, Jake - USPS wrote:
I saw this feature became available in 2.7.0rc1 and wanted to try it
out. I entered 'allow_duplicate_certs = true' on both my master and
agent systems in the puppet.conf (not sure if its need in both
behavior is with an agent,
and improve the error message that comes back. More detail in both
those tickets.
Thanks for testing out 2.7rc1.
Matt
On Thu, Apr 14, 2011 at 10:52 AM, Jake - USPS jacob.m.mcc...@usps.gov wrote:
Test results posted, you may have posted shortly after I did
I also am looking to do something like this. So besides it being a
bad idea, is there a way to do it?
If not, I was wondering if there is a way to check the last time when
a client signed in to a puppet master. I know with puppet-dashboard
you can view this type of information, is it easy to
I'm running puppet dashboard on a SLES10 system. I'm using apache2
included with SLES10 and everything is custom compiles:
apache2-2.2.3-16.29.2
ruby-augeas-0.3.0-1.sles10
ruby-1.8.7-1.sles10
ruby-gem-rake-0.8.7-1.sles10
ruby-gem-rack-1.2.1-1.sles10
ruby-gem-passenger-3.0.2-1.sles10
Arg, I didn't even realize I was already using an old version ... I'll
update to 1.1.0 and give it another shot.
Thanks for the reply.
On Apr 12, 10:48 am, Patrick kc7...@gmail.com wrote:
On Apr 12, 2011, at 8:41 AM, Jake - USPS wrote:
puppet-dashboard-1.0.4-1.sles10
Everything works fine
for this type of information so I know
where to look for these type of oddities.
Thanks,
Jake
On Apr 12, 12:13 pm, Patrick kc7...@gmail.com wrote:
On Apr 12, 2011, at 9:57 AM, Jake - USPS wrote:
Arg, I didn't even realize I was already using an old version ... I'll
update to 1.1.0 and give
I just finished getting my 1.1.0rc3 package created and as you thought
my issues disappeared ... /reports/upload works fine now.
Thanks,
Jake
On Apr 12, 12:33 pm, Jake - USPS jacob.m.mcc...@usps.gov wrote:
What release notes are you referring to? The puppet-dashboard page
mentions 1 upgrade
Thanks for letting me know. Also, what is Passenger? I'm new to
puppet and not super familiar with ruby.
Thanks,
Jake
On Jan 13, 2:02 pm, Daniel Pittman dan...@rimspace.net wrote:
On Thu, Jan 13, 2011 at 08:20, Jake - USPS jacob.m.mcc...@usps.gov wrote:
This is version of mongrel included
(X86-64)
I didn't see anywhere a version of mongrel that was required at a
minimum, maybe I missed that though.
Thanks,
Jake
On Jan 12, 11:17 pm, Daniel Pittman dan...@rimspace.net wrote:
On Wed, Jan 12, 2011 at 14:13, Jake - USPS jacob.m.mcc...@usps.gov wrote:
I'm trying to setup my
I'm trying to setup my puppetmaster to use apache/mongrel. I've
followed the guide at
http://projects.puppetlabs.com/projects/1/wiki/Using_Mongrel
for doing this.
My puppetmaster starts fine. When I have a client hit the
puppetmaster I get the following.
From master:
err: uninitialized
system_defaults.
Thanks,
Jake
On Jan 6, 2:59 pm, Dan Bode d...@puppetlabs.com wrote:
On Thu, Jan 6, 2011 at 6:23 AM, Jake - USPS jacob.m.mcc...@usps.gov wrote:
I am pretty new to puppet and am trying to POC different scenarios I
would envision we would use this product for. One scenario I ran
that the
provider has 'incl' and 'lens'. I used those and a run that was
taking 20sec to complete (no changes, just verifying) now takes 2-3
seconds. :)
Thanks,
Jake
On Jan 7, 10:03 am, Jake - USPS jacob.m.mcc...@usps.gov wrote:
Dan,
First, thanks for the sysctl type/provider. I haven't tried it yet
I am pretty new to puppet and am trying to POC different scenarios I
would envision we would use this product for. One scenario I ran into
is setting a default kernel.sem value into /etc/sysctl.conf on linux
systems that can be overridden by a custom kernel.sem value for
systems that have
52 matches
Mail list logo