Re: [Puppet Users] Puppetserver failing to start on a brand new Debian 12 VM

2024-04-23 Thread Martin Alfke 


> On 23. Apr 2024, at 14:21, kristian...@gmail.com  
> wrote:
> 
> I see
> 
> root@puppetserver:~# apt policy puppetserver
> puppetserver:
>   Installed: 7.9.5-2
>   Candidate: 7.9.5-2
>   Version table:
>  *** 7.9.5-2 500
> 500 http://deb.debian.org/debian bookworm/main amd64 Packages
> 100 /var/lib/dpkg/status
> root@puppetserver:~#
> 
> So we are going to consider that, Puppet is not yet supported in Debian 12?
> There is no issue on Ubuntu 22.04 LTS, I'm thinking to go in this direction.
> 
> I haven't expected to get such experience with Puppet and Debian..
> Will Ubuntu provide better support and compatibility for Puppet?
> What are your thoughts guys?

Ubuntu is a Puppet Enterprise supported OS.
So packages for Ubuntu will be available faster compared to Debian packages.

You can try to also push Puppet dev teams:
https://github.com/puppetlabs/puppetserver/issues/2837
https://github.com/puppetlabs/community/discussions/65

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/A37DDD24-EEE0-46FF-902D-73094E2149EA%40gmail.com.

Re: [Puppet Users] Puppetserver failing to start on a brand new Debian 12 VM

2024-04-23 Thread Martin Alfke 



> On 23. Apr 2024, at 10:31, 'Dirk Heinrichs' via Puppet Users 
>  wrote:
> 
> Am Dienstag, dem 23.04.2024 um 10:29 +0200 schrieb Dirk Heinrichs:
> 
>> Not true. They exist since years:
> 
> Or did you mean "... for Debian 12"?

Yes. As far as I know there are no packages for puppetserver and puppetdb.
Only puppet-agent is available for Debian 12.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2AFF5ED1-2A49-4278-9979-FA6CABBEC596%40gmail.com.

Re: [Puppet Users] Puppetserver failing to start on a brand new Debian 12 VM

2024-04-23 Thread Martin Alfke 


> On 23. Apr 2024, at 08:50, 'Dirk Heinrichs' via Puppet Users 
>  wrote:
> 
> Am Montag, dem 22.04.2024 um 22:55 -0700 schrieb kristian...@gmail.com 
> :
> 
>> So the issue is not in the upgrade, but some general issue in Debian 12 and 
>> Puppet 7.
> 
> Did you install from Debian or Puppetlabs packages?

There are still no PuppetServer packages from Puppet.
Seems as if you used the Debian packages provided by the distribution.

Does the server have enough memory to start the Java process?
Which Java version is used? (11 or 15 or 17)

Martin

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/FD22CCD6-9777-4399-BF6C-9AF242403E1D%40gmail.com.

Re: [Puppet Users] Problem with exported ressource file.

2024-03-30 Thread Martin Alfke 



> On 30. Mar 2024, at 09:35, Albert Shih  wrote:
> 
> Le 29/03/2024 à 18:46:47+0100, Martin Alfke a écrit
>> 
> Hi, 
> 
>>> If I do something like
>>> 
>>> $group_hosts.each | String $host | {
>>>   @@file { "file for ${host}":
>>> ensure => present,
>>> path   => '/etc/something.conf',
>>> tag=> "File for ${host}",
>>> etc.
>>> }
>>> }
>>> 
>>> I got a error 
>>> 
>>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
>>> Server Error: Evaluation Error: Error while evaluating a Resource 
>>> Statement, Cannot alias File[file for host1] to ["/etc/something.conf"] at 
>>> (file: 
>>> /etc/puppetlabs/code/environments/x/modules/thing/manifests/thing.pp, line: 
>>> 72); resource ["File", "/etc/something.conf"] already declared (file: 
>>> /etc/puppetlabs/code/environments/x/modules/thing/manifests/thing.pp, line: 
>>> 72) (file: 
>>> /etc/puppetlabs/code/environments/x/modules/thing/manifests/thing.pp, line: 
>>> 72, column: 5) on node XYZ
>>> 
>>> I don't see why I cannot export the same file name (with different
>>> ressource name) to different hosts. 
>> 
>> The combination of resource type, title and namevar must be unique.
>> path is the namevar of the file resource type.
> 
> Agree. But the title is "file for ${host}" so the combination are unique (I
> don't have two same values in $group_host, in fact the value inside this
> array come from the key of hash table). 

To be more precise:

1. the combination of resource type and title must be unique
AND
2. the combination of resource type and namevar must be unique

hth,
Martin

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/F998D7A6-5AB1-4FE2-ADBD-98B845569DB4%40gmail.com.

Re: [Puppet Users] Problem with exported ressource file.

2024-03-29 Thread Martin Alfke 


> On 29. Mar 2024, at 14:37, Albert Shih  wrote:
> 
> Hi, 
> 
> I'm not 100% sure it's a bug, just 99%. What do you think ? 
> 
> If I do something like
> 
>  $group_hosts.each | String $host | {
>@@file { "file for ${host}":
>  ensure => present,
>  path   => '/etc/something.conf',
>  tag=> "File for ${host}",
>  etc.
>  }
>  }
> 
> I got a error 
> 
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
> Cannot alias File[file for host1] to ["/etc/something.conf"] at (file: 
> /etc/puppetlabs/code/environments/x/modules/thing/manifests/thing.pp, line: 
> 72); resource ["File", "/etc/something.conf"] already declared (file: 
> /etc/puppetlabs/code/environments/x/modules/thing/manifests/thing.pp, line: 
> 72) (file: 
> /etc/puppetlabs/code/environments/x/modules/thing/manifests/thing.pp, line: 
> 72, column: 5) on node XYZ
> 
> I don't see why I cannot export the same file name (with different
> ressource name) to different hosts. 

The combination of resource type, title and namevar must be unique.
path is the namevar of the file resource type.

> 
> puppet client : 7.29.1 (Debian/puppetlabs official package)
> puppet server: 7.16.0 (Debian/puppetlabs official package)
> 
> Regards
> 
> 
> -- 
> Albert SHIH 嶺 
> France
> Heure locale/Local time:
> ven. 29 mars 2024 14:21:14 CET
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/ZgbEFHrNHUQHQi3g%40io.chezmoi.fr.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5A86E017-887E-41A1-B676-16F36A949611%40gmail.com.

Re: [Puppet Users] fstab not updated by mountpoint ensure absent

2024-01-30 Thread Martin Alfke 
Hi Miriam,

You showed us some yaml (I assume hiera) data.
We cannot say for sure what these data do.
Can you please also provide the puppet code which should use the data?

Hth,
Martin


> On 30. Jan 2024, at 14:25, Miriam Olmi  
> wrote:
> 
> I mounted a shared file system on a couple of machines and it worked fine. 
> Now I would like to remove such file system from those machines and I have 
> some problems with this. 
> I removed all puppet instructions related to the mounting operations and I 
> added the following lines: 
> 
> mountpoints: 
>/projects: 
>device: "/mnt/projects" 
>ensure: absent
> 
> to the yaml file of the selected machines but this has no effect on the 
> /etc/fstab file and therefore I still get the error notification in the log: 
> /mnt/projects is not mounted on /projects
> 
> How can I solve this issue? 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/435a4631-dea4-4727-9368-77f6bc8395a5n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/8EC5EAB1-FC8D-4C51-9B36-5121C5EBB12B%40gmail.com.

Re: [EXTERNAL] - [Puppet Users] Puppet (open source) Web Interface

2023-12-15 Thread Martin Alfke 
His Ferdana,

We have several customers who run Puppet Agent on windows (server and 
workstation).
Check puppet.conf file and specify the server within the agent section.

Also see: https://www.puppet.com/docs/puppet/7/services_agent_windows.html

Hth,
Martin


> On 15. Dec 2023, at 04:41, Ferdana Syaputra  
> wrote:
> 
> Halo Dirk & Martin & Martin
> 
> Thank you for your advice , can i aksed 1 question again ,did you ever create 
> puppet agent on windows server  or 10 ,try it but still not connected to 
> puppetserver on ubuntu (foreman).
> 
> 
> Thank you,
> 
>  Ferdana 
> On Tuesday, December 12, 2023 at 7:05:49 PM UTC+7 Martin Alfke wrote:
>> Besides foreman there is puppetboard which shows reports and facts from 
>> puppetdb.
>> 
>> https://github.com/voxpupuli/puppetboard
>> 
>> Hth,
>> Martin
>> 
>> 
>> 
>>> On 12. Dec 2023, at 11:20, 'Dirk Heinrichs' via Puppet Users 
>>> > wrote:
>>> 
>> 
>>> Am Sonntag, dem 10.12.2023 um 20:11 -0800 schrieb Ferdana Syaputra:
>>> 
>>>> 1. How do I install the puppetserver web interface? I can't install the 
>>>> puppet server web interfaces, I have tried all the instructions from 
>>>> youtube and web browsers but still not successful. 
>>> 
>>> There is none. If you talk about a web UI for viewing reports and such, see 
>>> https://theforeman.org <https://theforeman.org/>.
>>> 
>>> HTH...
>>> 
>>> Dirk
>>>  -- 
>>> Dirk Heinrichs
>>> Senior Systems Engineer, Delivery Pipeline
>>> OpenText ™ Discovery | Recommind
>>> Phone: +49 2226 15966 18 
>>> Email: dhei...@opentext.com <>
>>> Website: www.recommind.de <>
>>> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
>>> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, 
>>> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
>>> This e-mail may contain confidential and/or privileged information. If you 
>>> are not the intended recipient (or have received this e-mail in error) 
>>> please notify the sender immediately and destroy this e-mail. Any 
>>> unauthorized copying, disclosure or distribution of the material in this 
>>> e-mail is strictly forbidden
>>> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte 
>>> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail 
>>> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und 
>>> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte 
>>> Weitergabe dieser Mail sind nicht gestattet.
>>> 
>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users...@googlegroups.com <>.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/6fb10488cfd709c48a4fd4fe2c41a0d67840d0af.camel%40opentext.com
>>>  
>>> <https://groups.google.com/d/msgid/puppet-users/6fb10488cfd709c48a4fd4fe2c41a0d67840d0af.camel%40opentext.com?utm_medium=email_source=footer>.
>> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/19b1e89d-b044-4f88-bd20-7c8b01b97305n%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/19b1e89d-b044-4f88-bd20-7c8b01b97305n%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9139230D-6D0E-4BB1-A35C-2E3D4F755BB5%40gmail.com.

Re: [EXTERNAL] - [Puppet Users] Puppet (open source) Web Interface

2023-12-12 Thread Martin Alfke 
Besides foreman there is puppetboard which shows reports and facts from 
puppetdb.

https://github.com/voxpupuli/puppetboard

Hth,
Martin


> On 12. Dec 2023, at 11:20, 'Dirk Heinrichs' via Puppet Users 
>  wrote:
> 
> Am Sonntag, dem 10.12.2023 um 20:11 -0800 schrieb Ferdana Syaputra:
> 
>> 1. How do I install the puppetserver web interface? I can't install the 
>> puppet server web interfaces, I have tried all the instructions from youtube 
>> and web browsers but still not successful. 
> 
> There is none. If you talk about a web UI for viewing reports and such, see 
> https://theforeman.org .
> 
> HTH...
> 
> Dirk
>  -- 
> Dirk Heinrichs
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> Phone: +49 2226 15966 18
> Email: dhein...@opentext.com 
> Website: www.recommind.de 
> 
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, 
> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If you 
> are not the intended recipient (or have received this e-mail in error) please 
> notify the sender immediately and destroy this e-mail. Any unauthorized 
> copying, disclosure or distribution of the material in this e-mail is 
> strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte 
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail 
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und 
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte 
> Weitergabe dieser Mail sind nicht gestattet.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/6fb10488cfd709c48a4fd4fe2c41a0d67840d0af.camel%40opentext.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2502F2AE-DAAE-49BD-8F75-FF94A9381DA1%40gmail.com.

Re: [Puppet Users] convert hiera value to string array using lookup in hiera

2023-11-13 Thread Martin Alfke 
Hi,

Lookup always returns strings.
You can use alias to retrieve the original value data type.

https://www.puppet.com/docs/puppet/7/hiera_merging.html#alias-function


Hth,
Martin

> On 13. Nov 2023, at 17:35, 'Tidhar Klein Orbach' via Puppet Users 
>  wrote:
> 
> Hi,
> 
> I have a hiera file that belongs to a server group. in that file there is a 
> key that expects a list of services.
> for example
> 
> job_name: "my-job"
> feature:
>   services:
> - 'foo'
> - 'bar'
> - 'baz'
> 
> I want to be able to override the values, so I tried to define a default key 
> like:
> feature::services:: 'foo,bar,baz'
> 
> and then use it:
> job_name: "my-job"
> feature:
>services: "%{lookup(feature::services)}"
> 
> I tried different value variations:
> feature::services:: foo,bar,baz 
> feature::services:: ['foo','bar','baz']  
> and  also using
> lookup_options:
>   feature::services:
> convert_to:
>   - "Array"
>   - true
> 
> but it seems I can't convert the value to string array.
> 
> is it possible at all? if so, how can I do it?
> 
> thanks,
> Tidhar
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/d57c9444-8b38-4394-a03b-8442c42a3662n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/430CE6A5-3999-4F2D-B302-6FA7E7C3D081%40gmail.com.

Re: [Puppet Users] Error 500 on SERVER undefined method safe_load

2023-11-09 Thread Martin Alfke 


> On 8. Nov 2023, at 20:17, James Millsap  wrote:
> 
> Thank you very much for the reply!  We are running these versions...
> 
> puppetserver version: 5.3.11
> ruby 2.0.0p648
> psych (2.0.0)
> hiera 3.12.0

That is super outdated Puppet version.
Can you please check the puppetserver log file.
There should be a ruby stack trace which might give you a better idea on what 
is broken.
Did you update any module recently?

> 
> On Wednesday, November 8, 2023 at 11:01:16 AM UTC-8 ben.ford wrote:
>> Hey James! That error sounds like you have an out-of-date Psych YAML gem.
>> 
>> What versions of Puppet, Ruby, Hiera, and Psych are you using?
>> 
>> 
>> 
>> 
>>> On Nov 8, 2023, at 8:54 AM, James Millsap > wrote:
>>> 
>> 
>>> We have a fairly mature puppet instance along with foreman for 
>>> classification.  For some reason, yesterday, everything started failing 
>>> with this error:
>>> 
>>> Info: Using environment 'production'
>>> Info: Retrieving pluginfacts
>>> Info: Retrieving plugin
>>> Info: Loading facts
>>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
>>> Server Error: Evaluation Error: Error while evaluating a Function Call, 
>>> undefined method `safe_load' for Puppet::Util::Yaml:Module (file: 
>>> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 3, 
>>> column: 1) on node hostname.company.com 
>>> Warning: Not using cache on failed catalog
>>> Error: Could not retrieve catalog; skipping run
>>> 
>>> Line 3 of the site.pp is just this:
>>> hiera_include('classes', '')
>>> 
>>> Which has not changed in many years.  There is either a bug that appeared 
>>> from nowhere, or a syntax error buried somewhere.  I have been going 
>>> through our repository and rolling back every yaml change, but so far 
>>> nothing has worked.  If anyone has a clever way to get puppet to give me 
>>> some more information so I can find this, I would be eternally grateful. 
>>> 
>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users...@googlegroups.com <>.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/cb051ca4-92a5-43c7-a7d0-9e8942b0af73n%40googlegroups.com
>>>  
>>> .
>>> 
>>> 
>>> CAUTION: This email originated from outside of the organization. Do not 
>>> click on links or open attachments unless you recognize the sender and know 
>>> the content is safe.
>>> 
>> 
>> 
>> This e-mail may contain information that is privileged or confidential. If 
>> you are not the intended recipient, please delete the e-mail and any 
>> attachments and notify us immediately.
>> 
>> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/bf1b9d65-aa35-4f09-a445-6e0bce2ede12n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/996DFD14-F7C1-446E-A64A-01435AF758C9%40gmail.com.

Re: [Puppet Users] ERROR Facter - Error while resolving custom fact fact='letsencrypt_directory', resolution='': header too long

2023-09-21 Thread Martin Alfke 
The fact reads certificates from several lets encrypt directories.
See 
https://github.com/voxpupuli/puppet-letsencrypt/blob/master/lib/facter/letsencrypt_directory.rb

I see in our code snippet, that you create empty files as cert files.
Can you please check that the files in the directories are not 0 0bytes size?

If you have 0 byte files, the fact can not parse them using openssl library.


> On 21. Sep 2023, at 15:04, Callum McCrorie  wrote:
> 
> Hello. I am hoping that someone might be able to help me with a letsencrpt 
> issue that I am facing. When I run puppet on my agent node or if I run facter 
> -p letsencrypt_directory I see the following error:  
> ERROR Facter - Error while resolving custom fact 
> fact='letsencrypt_directory', resolution='': header too long . 
> I do not have letsencrypt_directory anywhere stated in any of my scripts that 
> I have created. I am using a control repo with r10k. Please be aware that I 
> have changed the domain name in this file.
> https://gist.github.com/cmccrorie/421b31489fd216b9fd4561f370b7ca8b
> 
> Any help on this issue would be greatly appreciated. Thank you.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/33b66d97-5cbf-4c62-9285-b3dad277f88en%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/FB92F42C-4633-4A4A-86C9-8681AC96DB2E%40gmail.com.

Re: [Puppet Users] Call puppet define from Hiera

2023-08-31 Thread Martin Alfke 
You either need a appconfig/manifests/init.pp class, or you can make use of 
stdlib::manage class and add the defined type to hiera
See examples in https://dev.to/betadots/puppet-is-yaml-2e32

> On 28. Aug 2023, at 21:23, Ben Parry  wrote:
> 
> Puppeteers,
> 
> I am bashing my head against a wall try to call a custom defined resource (I 
> think that's the right terminology) from Heira.
> 
> I've created a class (appconfig) and within that I have used Puppet PDK to 
> create a define to create an application config file (loadconf).  It works 
> perfectly if I call the code from a Puppet manifest, like so;
> 
> appconfig::loadconf {
>'/etc/myapp/config.conf':
> tcpport  => 443
> loglevel => debug }
> 
> It's pretty much identical to the Puppet supplied example;
> 
> https://www.puppet.com/docs/puppet/7/lang_defined_types.html
> 
> The problem is I want separate my data from the puppet code.  I am using 
> Hiera (5) and when I add what I think should be in the YAML for calling my 
> custom resource it does NOTHING!  No Error message, nothing it just completes 
> normally without calling my custom resource.  My Hiera YAML document looks 
> something like this;
> 
> ---
> classes:
>   - appconfig
> 
> appconfig::loadconf:
>   /etc/myapp/config.conf:
> tcpport: 443
> loglevel: debug
> 
> I have no idea why this is not being evaluated.  I have also tried using a 
> 3rd party module to load with no results just message saying no such 
> resource.  I used this module (which is excellent!);
> 
> https://forge.puppet.com/modules/southalc/types
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/2cb98212-2bc1-4ce7-80db-0cb84eb16b23n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2794C7F5-BF2A-4B11-A8A5-A1B149092590%40gmail.com.

Re: [Puppet Users] How to create new tickets now?

2023-08-31 Thread Martin Alfke 
Hi Dirk,

Maybe this one?

https://puppet.atlassian.net/jira/projects

Hth,
Martin

> On 25. Aug 2023, at 15:49, 'Dirk Heinrichs' via Puppet Users 
>  wrote:
> 
> Hi,
> 
> PuppetLabs seems to have migrated https://tickets.pupptlabs.com 
>  to a cloud-based Jira instance. As it seems, 
> I can not login to this instance anymore, neither with the credentials I used 
> on the old Jira, nor with my Atlassian account. How can I  access my tickets 
> now, or even file new ones?
> 
> Thanks...
> 
> Dirk
>  -- 
> Dirk Heinrichs
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> Phone: +49 2226 15966 18
> Email: dhein...@opentext.com 
> Website: www.recommind.de 
> 
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, 
> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If you 
> are not the intended recipient (or have received this e-mail in error) please 
> notify the sender immediately and destroy this e-mail. Any unauthorized 
> copying, disclosure or distribution of the material in this e-mail is 
> strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte 
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail 
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und 
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte 
> Weitergabe dieser Mail sind nicht gestattet.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/dc553744fd35b41b6a8a1c72304397f898bab535.camel%40opentext.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7061FB49-6A59-41A6-9B25-203657AAD7BC%40gmail.com.

Re: [Puppet Users] Puppet8 'lookup' fails when Puppet7 succeeds

2023-08-24 Thread Martin Alfke 
Hi Jon,

Do you have a node named “puppet.staging” running against you puppet staging 
environment?
The —node option reads nodes facts from PuppetDB.
That means that you must have anode connected to the puppet server where sou 
want to run the puppet lookup command.

Hth,
Martin


> On 23. Aug 2023, at 03:15, Jon Jaroker  wrote:
> 
> I am migrating from puppet 7 to puppet 8 by first updating servers in a 
> staging environment (which is operating puppet version 8.1.0).  While 
> debugging hiera, I notice the following unusual behavior with the puppet 
> lookup command.
> 
> In the production environment running puppet 7.25.0, the following two 
> commands produce the same correct output:
> 
> [1] puppet lookup sshd::config --environment production --node 
> 'puppet.datacenter' --explain --verbose 
> --hiera_config=/etc/puppetlabs/code/environments/production/hiera.yaml
> 
> [2] puppet lookup sshd::config --environment production  --explain --verbose 
> --hiera_config=/etc/puppetlabs/code/environments/production/hiera.yaml
> 
> Both commands are run on the puppet master.  Command [2] omits the --node 
> option.  Both commands produce the correct lookup.
> 
> In the staging environment that was generated by branching 
> production->staging, a newly-created puppet master fails when the -node 
> option is specified.  Specifically,
> 
> [3] puppet lookup sshd::config --environment staging --node 'puppet.staging' 
> --explain --verbose --hiera_conf
> ig=/etc/puppetlabs/code/environments/staging/hiera.yaml 
> Error: Could not run: No facts available for target node: puppet.staging
> 
> but the following command (which omits the -node option) produces the correct 
> lookup
> 
> [4]puppet lookup sshd::config --environment staging --explain --verbose 
> --hiera_config=/etc/puppetlabs/code/
> environments/staging/hiera.yaml
> 
> There are no warnings or other debug messages.  The structure of the data 
> directory and manifests is exactly the same.  The production environment has 
> puppetDB operating, but the staging environment was newly created and only 
> has puppetserver.
> 
> Any suggestions on how to debug this would be appreciated.
> 
> Thank you,
> Jon
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/a4c86230-3d8c-4711-a4b6-7a3db676b625n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/18A423F8-2EED-4B14-87B1-3E7FA86F24E9%40gmail.com.

Re: [Puppet Users] Custom Fact Deployment

2023-08-07 Thread Martin Alfke 
Hi Alessandro,

There are two options on how to deploy external facts:

1. Manual:

Place the executable bash script in /etc/puppetlabs/facter/facts.d

2. Automatic (using a module)

Add the script (with executable flag) to a module in path facts.d/
Pluginsync will then deploy the bash script to all nodes.

Please note that pluginsyc will download the bash scripts to any Puppet agent, 
regardless of OS.

Hth,
Martin


> On 3. Aug 2023, at 09:32, 'Alessandro Ciappei' via Puppet Users 
>  wrote:
> 
> Hello All,
> 
> maybe it's already has been discussed, I tried to search but I didn't find 
> the right thread.
> I'm not expert in Puppet and made simple scripts.
> 
> I'm using RHEL Satellite with Puppet 7 ENC (I know that RHEL want to move out 
> from puppet, but until i can integrate it I will use it, after I will see).
> 
> I need to crate a custom fact to see some information based on IP Address.
> I created a Bash Script that give me an output of the location based on CIDR, 
> but I want use full automation and begin to launch specific class based on 
> fact.
> 
> I don't know where I need to start, i read how create a fact but it still 
> confusing because I can't find the directory where put the script or how 
> deploy in all my clients.
> 
> Someone can help me, maybe with step by step to understand it.
> 
> Thank you in advance who want to help me.
> All the best
> Alex
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e17d49d4-a0e3-4441-86f3-133a227d413cn%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/EBCA31FE-29C8-4563-BCED-311F6CD67F19%40gmail.com.

Re: [Puppet Users] Puppetserver7 or 8 support for Ubuntu Jammy 22.04 LTS

2023-05-12 Thread Martin Alfke 
Packages for Jammy are expected to be available in Q3 2023.

> On 11. May 2023, at 20:07, rbmr...@gmail.com  wrote:
> 
> Hi Team,
>  Do we have a puppetserver opensource package for Ubuntu 'jammy' 
> 22.04?
> I tried and installed repository from  
> https://apt.puppetlabs.com/puppet8-release-jammy.deb and 
> https://apt.puppetlabs.com/puppet7-release-jammy.deb.
> But puppetserver package is not installing from repository. I am getting 
> following error
> 
> " E: Unable to locate package puppetserver"
> 
> root@green:~# apt-get install puppetserver
> Reading package lists... Done
> Building dependency tree... Done
> Reading state information... Done
> E: Unable to locate package puppetserver
> root@green:~#
> 
> Could you please help on this?
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/ca7f0c59-8668-47e3-b0b7-ded46f0a436en%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/32EAE7D4-28BA-40F4-8DCA-A87496D0A08B%40gmail.com.

Re: [Puppet Users] saz-ssh, hiera and options

2023-05-02 Thread Martin Alfke 
The main ssh class has the parameter server_options:
# @param options
# Dynamic hash for openssh server option

ssh::server_options:
  AuthorizedKeysCommand: ‘/path/to/command’

If you are using ssh::server class, the parameter ssh::server::options must be 
used.


> On 2. May 2023, at 17:29, Laci D  wrote:
> 
> Thank you Martin, adding the following example to my nodes/myserversfqdn.yaml 
> did it for me.
> 
> ssh::server::match_block:
>   '*,!that_other_group':
> type: group
> options:
>   ForceCommand: '/usr/bin/kpasswd'
> 
> I have another question, how can I specify different values in Hiera for 
> different operating systems?
> 
> For example AuthorizedKeysCommand needs a different value in Linux and 
> FreeBSD?
>   
> On Tuesday, May 2, 2023 at 3:51:20 AM UTC-4 Martin Alfke wrote:
>> Hi,
>> 
>> Ssh::server class has a parameter called “match_block” which calls a defined 
>> type:
>> https://github.com/saz/puppet-ssh/blob/master/manifests/server/match_block.pp
>> 
>> The defined type uses a template:
>> https://github.com/saz/puppet-ssh/blob/master/templates/sshd_match_block.erb
>> 
>> A hiera example is in the docs:
>> https://forge.puppet.com/modules/saz/ssh/readme#hiera-example
>> 
>> Hth,
>> Martin
>> 
>> 
>> 
>>> On 1. May 2023, at 23:08, Laci D > wrote:
>>> 
>> 
>>> Hi,
>>> 
>>> I'm using saz-ssh to configure sshd_config, options are stored in Hiera. I 
>>> didn't find the way how to implement "Match user/group", for example:
>>> 
>>> Match group *, !not_that_group
>>> 'ForceCommand' => 'internal-sftp',
>>> 
>>> I did see the example <https://forge.puppet.com/modules/saz/ssh/readme> but 
>>> when I add that to my manifests/profiles/ssh.pp then Puppet is complaining 
>>> and I'm not seeing how to configure it using Hiera.
>>> 
>>> Any ideas?
>>>  
>>> 
>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users...@googlegroups.com <>.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/0f953ebb-ee44-481b-81da-639ade904c8bn%40googlegroups.com
>>>  
>>> <https://groups.google.com/d/msgid/puppet-users/0f953ebb-ee44-481b-81da-639ade904c8bn%40googlegroups.com?utm_medium=email_source=footer>.
>> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/7ea988f3-c68d-45f7-a7f8-cf37929a09fcn%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/7ea988f3-c68d-45f7-a7f8-cf37929a09fcn%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/C14BD0DC-FB34-4E85-8C0B-A7112DF4ABBF%40gmail.com.

Re: [Puppet Users] saz-ssh, hiera and options

2023-05-02 Thread Martin Alfke 
Hi,

Ssh::server class has a parameter called “match_block” which calls a defined 
type:
https://github.com/saz/puppet-ssh/blob/master/manifests/server/match_block.pp

The defined type uses a template:
https://github.com/saz/puppet-ssh/blob/master/templates/sshd_match_block.erb

A hiera example is in the docs:
https://forge.puppet.com/modules/saz/ssh/readme#hiera-example

Hth,
Martin


> On 1. May 2023, at 23:08, Laci D  wrote:
> 
> Hi,
> 
> I'm using saz-ssh to configure sshd_config, options are stored in Hiera. I 
> didn't find the way how to implement "Match user/group", for example:
> 
> Match group *, !not_that_group
> 'ForceCommand' => 'internal-sftp',
> 
> I did see the example  but 
> when I add that to my manifests/profiles/ssh.pp then Puppet is complaining 
> and I'm not seeing how to configure it using Hiera.
> 
> Any ideas?
>  
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/0f953ebb-ee44-481b-81da-639ade904c8bn%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/151DDB9C-20DA-4DCC-8F6B-43EFFF684064%40gmail.com.

Re: [Puppet Users] hiera, template and array

2023-03-29 Thread Martin Alfke 
In EPP the template must look different:

<% $site::profiles::ntp::ntp[‘servers'].each |$server| { -%>
server: <%= $server %>
<% } -%>

An array may consist of a single entry only.

> On 28. Mar 2023, at 16:30, Laci D  wrote:
> 
> I tried both epp and erb templates.
> 
> This is the manifest file:
> 
> class site::profiles::ntp {
> $ntp = hiera_hash('ntp')
> 
> case $::operatingsystem {
> 'freebsd': {
>file { "/etc/ntp.conf":
>ensure  => file,
>recurse => true,
>purge   => true,
>force   => true,
>owner   => "root",
>group   => 0,
>mode=> "0644",
>content => template('site/ntp/ntp.conf.epp'),
>#content => template('site/ntp/ntp.conf.erb'),
>}
>service { 'ntpd':
>ensure => 'running',
>enable => true,
>}
>service { 'ntpdate':
>enable => true,
>}
> }
> default: {
> 
>  class { 'ntp':
>servers => $ntp['servers'],
>  }
> 
>}
>}
> }
> 
> 
> The template:
> 
> templates/ntp/ntp.conf.epp
> <% @ntp[’servers’].each { |server| -%>
> server: <%= server %>
> <% } -%>
> 
> And this is the hiera (as of now there is only one ntp server but there'll be 
> more in the future):
> ntp:
>   servers:
> - 169.254.169.123
> 
> Martin with the latest change I'm getting:
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
> Evaluation Error: Error while evaluating a Function Call, Failed to parse 
> template site/ntp/ntp.conf.epp:
>   Filepath: /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.epp
>   Line: 3
>   Detail: undefined local variable or method `’servers’' for 
> #
>  (file: /etc/puppetlabs/code/modules/site/manifests/profiles/ntp.pp, line: 
> 14, column: 31) 
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
> On Tuesday, March 28, 2023 at 10:08:43 AM UTC-4 Martin Alfke wrote:
>> My example is an epp template.
>> 
>> What name does the variable have? $ntp? And: is this a hash with servers key 
>> set to an array?
>> 
>> In this case your erb (!) template can look like the following:
>> 
>> <% @ntp[’servers’].each { |server| -%>
>> server: <%= server %>
>> <% } -%>
>> 
>> 
>>> On 28. Mar 2023, at 14:37, Laci D > wrote:
>>> 
>> 
>>> Thank you Martin!
>>> 
>>> I used your example and I think something is missing.
>>> Since "servers" is under "ntp" in the hiera file (see example in my 
>>> original email) maybe we need to define that in the erb file?
>>> 
>>> 
>>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
>>> Internal Server Error: org.jruby.exceptions.SyntaxError: (SyntaxError) 
>>> /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.erb:6: syntax 
>>> error, unexpected tSTRING_BEG
>>> _erbout.<< "server: ".freeze; _erbout.<<((...
>>>^
>>> Warning: Not using cache on failed catalog
>>> Error: Could not retrieve catalog; skipping run
>>> 
>>> On Tuesday, March 28, 2023 at 2:57:23 AM UTC-4 Martin Alfke wrote:
>>>> You must iterate as servers is an array:
>>>> 
>>>> <% $servers.each |$server| { -%>
>>>> server: <%= $server %>
>>>> <%- } -%>
>>>> 
>>>> 
>>>>> On 27. Mar 2023, at 22:21, Laci D gmail.com 
>>>>> <http://gmail.com/>> wrote:
>>>>> 
>>>> 
>>>>> I'm working on defining NTP servers from Hiera.
>>>>> 
>>>>> For Linux servers I have been using puppetlabs-ntp, which has been 
>>>>> working nicely. Now I need to add support for FreeBSD. Above module 
>>>>> doesn't support FreeBSD but I can edit ntp.conf with file resource type. 
>>>>> 
>>>>> This is where things got complicated, file adds extra ["..."] around the 
>>>>> value form hiera, since it's an array. Array type is required for 
>>&

Re: [Puppet Users] hiera, template and array

2023-03-28 Thread Martin Alfke 
My example is an epp template.

What name does the variable have? $ntp? And: is this a hash with servers key 
set to an array?

In this case your erb (!) template can look like the following:

<% @ntp[’servers’].each { |server| -%>
server: <%= server %>
<% } -%>

> On 28. Mar 2023, at 14:37, Laci D  wrote:
> 
> Thank you Martin!
> 
> I used your example and I think something is missing.
> Since "servers" is under "ntp" in the hiera file (see example in my original 
> email) maybe we need to define that in the erb file?
> 
> 
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Internal Server Error: org.jruby.exceptions.SyntaxError: (SyntaxError) 
> /etc/puppetlabs/code/modules/site/templates/ntp/ntp.conf.erb:6: syntax error, 
> unexpected tSTRING_BEG
> _erbout.<< "server: ".freeze; _erbout.<<((...
>^
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
> 
> On Tuesday, March 28, 2023 at 2:57:23 AM UTC-4 Martin Alfke wrote:
>> You must iterate as servers is an array:
>> 
>> <% $servers.each |$server| { -%>
>> server: <%= $server %>
>> <%- } -%>
>> 
>> 
>>> On 27. Mar 2023, at 22:21, Laci D > wrote:
>>> 
>> 
>>> I'm working on defining NTP servers from Hiera.
>>> 
>>> For Linux servers I have been using puppetlabs-ntp, which has been working 
>>> nicely. Now I need to add support for FreeBSD. Above module doesn't support 
>>> FreeBSD but I can edit ntp.conf with file resource type. 
>>> 
>>> This is where things got complicated, file adds extra ["..."] around the 
>>> value form hiera, since it's an array. Array type is required for 
>>> puppetlabs-ntp
>>> Question is how can I get rid of the extra squarely braces and double 
>>> quotes?
>>> Rather than using a static file I'd like to stick to hiera since the ntp 
>>> can very based on datacenter.
>>> 
>>> /etc/ntp.conf
>>> server ["169.254.169.123"]
>>> 
>>> Desired /etc/ntp.conf
>>> server 169.254.169.123
>>> 
>>> hieradata/site.yaml
>>> ntp:
>>>   servers:
>>> - 169.254.169.123
>>> 
>>> templates/ntp/ntp.conf.erb
>>> server <%= @ntp['servers'] %>
>>> 
>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users...@googlegroups.com <>.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/848044f1-888d-44b3-8098-2c3569eb1608n%40googlegroups.com
>>>  
>>> <https://groups.google.com/d/msgid/puppet-users/848044f1-888d-44b3-8098-2c3569eb1608n%40googlegroups.com?utm_medium=email_source=footer>.
>> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/1d68b2ef-0c4f-425f-a84d-3cc22e6f750an%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/1d68b2ef-0c4f-425f-a84d-3cc22e6f750an%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5EF6A18F-0F46-42A8-AE13-BB37F700A64E%40gmail.com.

Re: [Puppet Users] hiera, template and array

2023-03-28 Thread Martin Alfke 
You must iterate as servers is an array:

<% $servers.each |$server| { -%>
server: <%= $server %>
<%- } -%>

> On 27. Mar 2023, at 22:21, Laci D  wrote:
> 
> I'm working on defining NTP servers from Hiera.
> 
> For Linux servers I have been using puppetlabs-ntp, which has been working 
> nicely. Now I need to add support for FreeBSD. Above module doesn't support 
> FreeBSD but I can edit ntp.conf with file resource type. 
> 
> This is where things got complicated, file adds extra ["..."] around the 
> value form hiera, since it's an array. Array type is required for 
> puppetlabs-ntp
> Question is how can I get rid of the extra squarely braces and double quotes?
> Rather than using a static file I'd like to stick to hiera since the ntp can 
> very based on datacenter.
> 
> /etc/ntp.conf
> server ["169.254.169.123"]
> 
> Desired /etc/ntp.conf
> server 169.254.169.123
> 
> hieradata/site.yaml
> ntp:
>   servers:
> - 169.254.169.123
> 
> templates/ntp/ntp.conf.erb
> server <%= @ntp['servers'] %>
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/848044f1-888d-44b3-8098-2c3569eb1608n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/D61C266A-ABDA-4C00-95B4-45AA0562FA80%40gmail.com.

Re: [Puppet Users] Enc forcing environment even passed via command line

2023-01-13 Thread Martin Alfke 
Hi Tejas,

Nodes which should not have environment pinning should not have an environment 
entry set by the ENC.
This will allow the agent to switch to any environment.

Hth,
Martin


> On 13. Jan 2023, at 08:37, Tejas Bhosale  wrote:
> 
> I am using self written script took as ref from here
> 
> https://github.com/T-Systems-MMS/puppet-example-enc/blob/master/puppet_enc.sh
> There i am classifying nodes based on env prod and development ...
> but when i want to make some new changes on development i want multiple 
> people to work there so i will create env based on their name like
> -E tejas  -E xyz like that and run in noop so after make sure our changes 
> work proper we can commit it in git . 
> 
> On Thursday, 12 January 2023 at 16:48:52 UTC+5:30 Martin Alfke wrote:
>> Hi Tejas,
>> 
>> It looks like you are using an ENC 
>> (https://www.puppet.com/docs/puppet/7/nodes_external.html#comparing_encs_and_node_definitions)
>> This can either be Puppet Enterprise or Foreman.
>> 
>> These can force a node to make use of a specific environment only and it 
>> forbids switching Puppet environment.
>> 
>> What are you using? PE? Foreman? A self written script? Something different?
>> 
>> Martin
>> 
>> 
>> 
>>> On 12. Jan 2023, at 08:20, Tejas Bhosale > wrote:
>>> 
>> 
>>> Hi,
>>> I have enc script which when executed in output it post environemnt.
>>> 
>>> But for some host when i want to test my changes i want to pass -E on 
>>> command line like
>>> 
>>> puppet agent -t -E test   but that is override by env it gives either 
>>> development or production env .
>>> 
>>> Can we do anything to fix this issue so that i can test my code on those 
>>> machines.
>>> 
>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users...@googlegroups.com <>.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/4fb1c8c0-3c7b-4eee-a15d-1bf326370e9en%40googlegroups.com
>>>  
>>> <https://groups.google.com/d/msgid/puppet-users/4fb1c8c0-3c7b-4eee-a15d-1bf326370e9en%40googlegroups.com?utm_medium=email_source=footer>.
>> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/2b60d341-78ed-4ebb-bf87-07574461a44fn%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/2b60d341-78ed-4ebb-bf87-07574461a44fn%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/F693E211-EEE9-4908-966B-661AF9C2B9FC%40gmail.com.

Re: [Puppet Users] Enc forcing environment even passed via command line

2023-01-12 Thread Martin Alfke 
Hi Tejas,

It looks like you are using an ENC 
(https://www.puppet.com/docs/puppet/7/nodes_external.html#comparing_encs_and_node_definitions)
This can either be Puppet Enterprise or Foreman.

These can force a node to make use of a specific environment only and it 
forbids switching Puppet environment.

What are you using? PE? Foreman? A self written script? Something different?

Martin


> On 12. Jan 2023, at 08:20, Tejas Bhosale  wrote:
> 
> Hi,
> I have enc script which when executed in output it post environemnt.
> 
> But for some host when i want to test my changes i want to pass -E on command 
> line like
> 
> puppet agent -t -E test   but that is override by env it gives either 
> development or production env .
> 
> Can we do anything to fix this issue so that i can test my code on those 
> machines.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/4fb1c8c0-3c7b-4eee-a15d-1bf326370e9en%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/E281CF08-836C-4F37-9A5D-8910458DEE97%40gmail.com.

Re: [Puppet Users] Puppet filters

2022-12-18 Thread Martin Alfke 
Hi Nir,

do you only need the capacity from the root file system?

You can access the data hash directly: $facts['mountpoints']['/']['capacity']

hth,
Martin


> On 18. Dec 2022, at 08:44, Nir Fishler  wrote:
> 
> Hey Guys,
> 
> I'm trying to pull data from an array using the 'mountpoints' facter
> 
> $root_partition = $mountpoints.filter |$values| { $values[0] =~ "/$" }
> 
> the results I get are:
> 
> Notice: {/ => {device => /dev/mapper/ubuntu--vg-ubuntu--lv, filesystem => 
> ext4, options => [rw, relatime], size_bytes => 262901354496, available_bytes 
> => 240302788608, used_bytes => 11734274048, capacity => 4.66%, size => 244.85 
> GiB, available => 223.80 GiB, used => 10.93 GiB}}
> Notice: /Stage[main]/Disk_usage/Notify[{/ => {device => 
> /dev/mapper/ubuntu--vg-ubuntu--lv, filesystem => ext4, options => [rw, 
> relatime], size_bytes => 262901354496, available_bytes => 240302788608, 
> used_bytes => 11734274048, capacity => 4.66%, size => 244.85 GiB, available 
> => 223.80 GiB, used => 10.93 GiB}}]/message: defined 'message' as '{/ => 
> {device => /dev/mapper/ubuntu--vg-ubuntu--lv, filesystem => ext4, options => 
> [rw, relatime], size_bytes => 262901354496, available_bytes => 240302788608, 
> used_bytes => 11734274048, capacity => 4.66%, size => 244.85 GiB, available 
> => 223.80 GiB, used => 10.93 GiB}}'
> 
> What I need is the get the 'capacity' value out of it.
> 
> 
> Thanks!
> Nir.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/a3de8dab-287c-40da-be6c-c8036bba38c5n%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/D94F7E1A-DAB2-4BE8-827D-8D8C42570B92%40gmail.com.

Re: [Puppet Users] Using VS Code with PDK -- how can I manually run puppet-lint?

2022-12-05 Thread Martin Alfke 
PDK allows you to also run rake tasks

pdk bundle exec rake -T

Gives you an overview on available rake tasks.


> On 5. Dec 2022, at 07:08, Dan Mahoney  wrote:
> 
> It turns out the answer to my second question is:
> 
> gem install voxpupuli-puppet-lint-plugins
> 
> ...which seems to be a meta package that installs most of the nonstandard 
> plugins which were then adopted by pdk.
> 
> I'm not sure how we can get those added to official puppet-lint so this step 
> isn't necessary.
> 
> On Sunday, December 4, 2022 at 3:31:18 AM UTC-8 Dan Mahoney wrote:
>> Hey there all,
>> 
>> I apologize if this is off-topic.  If it is, please do let me know where 
>> better to ask.  I tried joining the puppet-vscode slack but it apparently 
>> only works if I have a puppet.com  email address.
>> 
>> I'm on a mac, using Visual Studio Code with the PDK installed via homebrew.  
>> The version of puppet-lint included with the PDK runs WAY more tests than 
>> any previous version of puppet-lint.
>> 
>> So, here are my questions:
>> 
>> 1) Obviously the vscode plugin is running some version of puppet-lint behind 
>> the scenes, but it's unclear as to how I can run that manually in a terminal 
>> (perhaps with --fix).  When I installed pdk, it put it in 
>> /opt/puppetlabs/pdk/bin/pdk, but didn't do anything like that for 
>> puppet-lint.
>> 
>> 2) Is there an easy way to grab those extra tests for a system that doesn't 
>> have them?  It looks to be like 20 different ruby gems, all dumped into 
>> /opt/puppetlabs/pdk/share/cache/ruby/2.5.0/gems
>> 
>> ls |grep lint | grep check
>> puppet-lint-absolute_classname-check-3.0.1
>> puppet-lint-anchor-check-1.0.1
>> puppet-lint-classes_and_types_beginning_with_digits-check-1.0.0
>> puppet-lint-file_ensure-check-1.0.0
>> puppet-lint-leading_zero-check-1.0.0
>> puppet-lint-legacy_facts-check-1.0.4
>> puppet-lint-lookup_in_parameter-check-1.0.0
>> puppet-lint-manifest_whitespace-check-0.1.17
>> puppet-lint-optional_default-check-1.0.0
>> puppet-lint-params_empty_string-check-1.0.0
>> puppet-lint-strict_indent-check-2.0.8
>> puppet-lint-top_scope_facts-check-1.0.1
>> puppet-lint-topscope-variable-check-1.0.1
>> puppet-lint-trailing_comma-check-0.4.2
>> puppet-lint-unquoted_string-check-2.1.0
>> puppet-lint-version_comparison-check-1.0.0
>> 
>> 
>> 
>> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/f029a449-27e1-42a3-a512-660f5d864eb8n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/F6189B0A-A32D-4D09-A9E1-D13A420D7505%40gmail.com.

Re: [Puppet Users] Create a variable out of a bash command and notify it

2022-12-04 Thread Martin Alfke 
Hi Nir,

You want to collect information on nodes and you want to use this information 
in a catalog.
This is what facter is used for. 

/lib/facter/upgradable_packages.rb
Facter.add(:upgradable_packages) do
  setcode do
Facter::Core::Execution.execute("/usr/bin/apt --simulate upgrade | grep 
'^Inst' | awk -F ' ' '{print $2}'")
  end
end

Within your puppet code you can then refer to the fact:

notify { $upgradable_packages: }

Hth,
Martin

> On 4. Dec 2022, at 16:43, Nir Fishler  wrote:
> 
> Hello,
> 
> I'd like to store an output of a bash command into a variable, and then print 
> it to stdout using notify in Puppet.
> 
> Main goal: get a list of upgrade-able packages and notify the user about it.
> 
> I have tried the below but it doesn't seem to work:
> 
> $pkgs_list = $("/usr/bin/apt --simulate upgrade | grep '^Inst' | awk -F ' ' 
> '{print $2}'")
> 
> notify { "STDOUT: ${pkgs_list}": }
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/9793f643-c386-4400-9fba-fd42f3e1269dn%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2E282B6E-6BBF-4BA1-99A0-03105F55C43A%40gmail.com.

Re: [Puppet Users] How to install puppet-server on centos stream 9?

2022-11-22 Thread Martin Alfke 
Hi Ruinan,

There are not (yet) packages for puppet server for RHEL 9 based distributions.
http://yum.puppet.com/puppet7/el/9/x86_64/index.html

At the moment you must use RHEL 8 based distribution for Puppet Server:
http://yum.puppet.com/puppet7/el/8/x86_64/index.html

Hth,
Martin

> On 21. Nov 2022, at 15:08, Ruinan Gao  wrote:
> 
> I have done:
> 
> dnf -y install 
> https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
> dnf -y install https://yum.puppetlabs.com/puppet-release-el-9.noarch.rpm
> But, it still can not find puppetserver:
> 
> [root@xxx ~]# dnf search puppetserver Last metadata expiration check: 1:06:31 
> ago on Sun 20 Nov 2022 16:36:51 CST. No matches found.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/69b50447-9a21-409b-b610-401f8dfeee27n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0A2DE82C-23CD-473B-A7FB-B5F2F5F27610%40gmail.com.

Re: [Puppet Users] Error: Could not run: cannot load such file -- net/ssh/telnet

2022-11-17 Thread Martin Alfke 
Hi,

Your puppet agent is missing a ruby gem:
https://rubygems.org/gems/net-ssh-telnet

This gem must be installed using the puppet ruby gem command:

/opt/puppetlabs/puppet/bin/gem install net-ssh-telnet

Hth,
Martin


> On 15. Nov 2022, at 10:53, Mike  wrote:
> 
> Hi,
> 
> I've come across the in subject error when trying to run puppet against a 
> cisco device.  I've exhausted my knowledge to troubleshoot this issue.  Any 
> pointers or place to check would be appreciated.  Thanks
> 
> 
> $ puppet device --verbose --target cisco_device.puppetlabs.net
> 
> Info: Retrieving pluginfacts
> Info: Retrieving plugin
> Info: Retrieving locales
> Error: Could not run: cannot load such file -- net/ssh/telnet
>  
> 
> $ Contents of device.conf
> 
> [cisco_device.puppetlabs.net]
> type cisco_ios
> url file:///etc/puppetlabs/puppet/cisco_device.puppetlabs.net.yaml
> 
> 
> $ Contents of cisco_device.puppetlabs.net.yaml
> 
> "address": "192.168.192.119"
> "port": 22
> "username": "cisco"
> "password": "cisco"
> "enable_password": ""
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/5d0f88f6-cbfa-4193-b692-ab18a8e8673en%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/D3871EA1-1EE8-4051-A3CB-B323D948181C%40gmail.com.

Re: [Puppet Users] not possible to access parameters from subclass

2022-11-17 Thread Martin Alfke 
Hi,

The testa::config manifests does not contain a class, but a defined resource 
types.
One can only access variables from included classes, but not from defined types.

Hth,
Martin


> On 14. Nov 2022, at 15:29, Jens Kuehnel  wrote:
> 
> Hi all,
> 
> I'm using puppet for quite some time - about 10 years - but now I have a 
> problem that I can not fix.
> I hope someone here can help me. I tried to google the problem, but the 
> solutions I found did not work.
> The things that I tried are still in as a comment.
> 
> I have created a puppet modul that should be updated to include a config 
> class (normaly called a params class).
> 
> I simplified my setup and attached it at the end.
> 
> In the class servicea  I tried to access the variable from the config class, 
> but I'm apparently not able to.
> 
> Can someone help me?
> 
> I case it is important I'm running Orcharhino 6.1. The Puppet-agent is 
> puppet-agent-6.28.0-1.el8.x86_64.
> 
> The output of puppet agent -t is:
> Notice: In Config the servertype is: Frontend-Server
> Notice: /Stage[main]/Testa/Testa::Config[config]/Notify[In Config the 
> servertype is: Frontend-Server]/message: defined 'message' as 'In Config the 
> servertype is: Frontend-Server'
> Notice: In Config the cluster_name is: mycluster
> Notice: /Stage[main]/Testa/Testa::Config[config]/Notify[In Config the 
> cluster_name is: mycluster]/message: defined 'message' as 'In Config the 
> cluster_name is: mycluster'
> Notice: In servicea the servertype is : Frontend-Server
> Notice: /Stage[main]/Testa::Servicea/Notify[In servicea the servertype is : 
> Frontend-Server]/message: defined 'message' as 'In servicea the servertype is 
> : Frontend-Server'
> Notice: in servicea the servicea_servicea are 1:
> Notice: /Stage[main]/Testa::Servicea/Notify[in servicea the servicea_servicea 
> are 1: ]/message: defined 'message' as 'in servicea the servicea_servicea are 
> 1: '
> Notice: in servicea the servicea_servicea are 2:
> Notice: /Stage[main]/Testa::Servicea/Notify[in servicea the servicea_servicea 
> are 2: ]/message: defined 'message' as 'in servicea the servicea_servicea are 
> 2: '
> Notice: in servicea the servicea_servicea are 3:
> Notice: /Stage[main]/Testa::Servicea/Notify[in servicea the servicea_servicea 
> are 3: ]/message: defined 'message' as 'in servicea the servicea_servicea are 
> 3: '
> Notice: in servicea the servicea_servicea are 4:
> Notice: /Stage[main]/Testa::Servicea/Notify[in servicea the servicea_servicea 
> are 4: ]/message: defined 'message' as 'in servicea the servicea_servicea are 
> 4: '
> Notice: Applied catalog in 10.88 seconds
> 
> So you see that the variable is available from the config class, but only the 
> variable from init.pp is still accessible from the serivea class. From the 
> config class the variable is not avilable.
> 
> Thanks for any hints in advanced
> Greetings from Frankfurt / Germany.
> CU
> Jens Kühnel
> 
> 
> 
> This are the classes
> 
> # File init.pp
> class testa (
>  $config = '',
>  $servertype = '',
> ) {
>  create_resources(testa::config, $config)
> }
> 
> # File config.pp
> define testa::config (
>  $cluster_name = '',
> ) {
>  #  include testa
>  $servertype = $testa::servertype
>  notify{"In Config the servertype is: ${servertype}": }
>  notify{"In Config the cluster_name is: ${cluster_name}": }
>  include testa::servicea
> }
> 
> 
> # File servicea.pp
> class testa::servicea {
>  #include testa::config
>  #Class[testa::config] -> Class[testa::servicea]
>  $servicea_cluster_name = $testa::config::servicea_cluster_name
> 
>  notify{"In servicea the servertype is : ${testa::servertype}": }
> 
>  notify{"in servicea the servicea_servicea are 1: 
> ${::testa::config::servicea_servicea}": }
>  notify{"in servicea the servicea_servicea are 2: 
> ${testa::config::servicea_servicea}": }
>  notify{"in servicea the servicea_servicea are 3: 
> ${testa::servicea_servicea}": }
>  notify{"in servicea the servicea_servicea are 4: ${servicea_servicea}": }
> }
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/be575993-9f09-b142-8fd0-d533c8e6725b%40kuehnel.org.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/69F21AFD-4B9A-4B82-BB28-E7F6FA0E4298%40gmail.com.

Re: [Puppet Users] Copy file from Agent to Master

2022-11-10 Thread Martin Alfke 
Hi Dennis,

Your email is a little bit confusing.
On one hand you mention that you have a file on an agent, which you like to be 
copied to the puppet server.
On the other hand you mention the file resource being copied from the puppet 
server.

Solution 1: Make a file from the agent available to the puppet server:
You can use exported resources to accomplish this.

On the agent you use an exported resource.
This resource is not added to the agent catalog, but stored via PuppetDB:

@@file { ‘/etc/ssh/host.pub’:
  ensure => file,
  …
}

On the server you use the collector, who fetches the information from PuppetDB:

File <<| title == ‘/etc/ssh/host.pub’ |>>

Solution 2: Make a folder available on the puppet server to allow usage of 
source parameter with custom path
You need to create an additional mount point.
Please check: https://puppet.com/docs/puppet/7/file_serving.html

Hth,
Martin


> On 8. Nov 2022, at 13:57, Dennis Sullivan  
> wrote:
> 
> Hi Puppet Users,
> 
> Can someone provide input. I am trying to write a file from the puppet agent 
> (i.e. /etc/ssh/host.pub) to the puppet master that has a custom mount point 
> on it.  I don't want to have share the NFS out mount out globally.  Is there 
> a resources that will allow me to accomplish this?  I tried the file resource 
> source => puppet:/// but it keeps telling me the source 
> needs to be fully qualified.
> 
> Thank you in advanced,
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/9000108d-f010-4467-8455-6445cae04f89n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/A8037947-5DC0-4419-9CE0-8162D537BA7B%40gmail.com.

Re: [Puppet Users] [PuppetDB] Error 500 'Failed to execute '/pdb/cmd/v1....'

2022-11-02 Thread Martin Alfke 
Can you provide the code, you used with puppetdb module?

> On 2. Nov 2022, at 08:18, Nir Fishler  wrote:
> 
> I tried to configure it using two different methods;
> Installing PuppetDB via Puppet module
> Installing from packages
> neither one of the above had given a complete success.
> 
> On Monday, October 31, 2022 at 12:14:31 PM UTC+2 Martin Alfke wrote:
>> How did you configure puppetdb and puppetserver?
>> On Open Source we usually recommend the puppetlabs-puppetdb module.
>> 
>> 
>> 
>>> On 31. Oct 2022, at 10:39, Nir Fishler > wrote:
>>> 
>> 
>>> Hey Martin,
>>> 
>>> Thanks for your reply. 
>>> 
>>> There are three files underneath that directory:
>>> puppetdb-access.log
>>> puppetdb.log
>>> puppetdb-status.log
>>> but all seem to be empty - 0kb
>>> what does that mean?
>>> 
>>> On Monday, October 10, 2022 at 11:03:05 AM UTC+3 Martin Alfke wrote:
>>>> Hi Nir,
>>>> 
>>>> Please check the puppetdb log file for further error investigation.
>>>> Usually this is located at /var/log/puppetlabs/puppetdb/puppetdb.log
>>>> 
>>>> Hth,
>>>> Martin
>>>> 
>>>> 
>>>> 
>>>>> On 30. Sep 2022, at 10:30, Nir Fishler > wrote:
>>>>> 
>>>> 
>>>>> Hello,
>>>>> 
>>>>> puppetserver version: 7.8.0  (CentOS 7) | hostname:  puppet-staging-srv
>>>>> puppet agent: 7.19
>>>>> puppetdb: 7.11.0-1focal (Ubuntu 20.04) | hostname: puppet-staging-srv-db
>>>>> Postgres: 12.12-0ubuntu0.20.04.1
>>>>> 
>>>>> Foreman is enabled on Puppetserver.
>>>>> Postgres is configured to work with SSL.
>>>>> 
>>>>> Getting the below error from ANY VM on the network whenever I try to sync 
>>>>> with Puppet master server.
>>>>> 
>>>>> Error message:
>>>>> Error: Could not retrieve catalog from remote server: Error 500 on 
>>>>> SERVER: Server Error: Failed to execute 
>>>>> '/pdb/cmd/v1?checksum=a0d1b67028ed455a4d8b15fd5fc846ca54d4c0a6=5=vm-ubuntu20=replace_facts=2022-09-30T07:47:13.621Z'
>>>>>  on at least 1 of the following 'server_urls': 
>>>>> https://puppet-staging-srv-db:8081 <https://puppet-staging-srv-db:8081/>
>>>>> Warning: Not using cache on failed catalog
>>>>> Error: Could not retrieve catalog; skipping run
>>>>> 
>>>>> However, When I remove the configuration files(puppetdb.conf , values 
>>>>> from puppet.conf, routes.yaml) from the Puppet master $CONF dir, 
>>>>> everything is back to normal and sync works.
>>>>> 
>>>>> Connection between Puppet master and puppetdb and vice vesra:
>>>>> [root@puppet-staging-srv puppet] nc -zvw10 puppet-staging-srv-db 8081
>>>>> Ncat: Version 7.50 ( https://nmap.org/ncat )
>>>>> Ncat: Connected to 10.111.8.77:8081 <http://10.111.8.77:8081/>.
>>>>> 
>>>>> root@puppet-staging-srv-db:~# nc -zvw10 puppet-staging-srv 8140
>>>>> Connection to puppet-staging-srv 8140 port [tcp/puppet] succeeded!
>>>>> 
>>>>> PuppetDB website is UP and shows zero data on 'Active Nodes' and most of 
>>>>> the fields(see screenshot snap-1.png.)
>>>>> 
>>>>> Thanks in advanced!
>>>>> 
>>>> 
>>>>> -- 
>>>>> You received this message because you are subscribed to the Google Groups 
>>>>> "Puppet Users" group.
>>>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>>>> email to puppet-users...@googlegroups.com <>.
>>>>> To view this discussion on the web visit 
>>>>> https://groups.google.com/d/msgid/puppet-users/af30e761-f765-4260-978e-b4817e42f3b8n%40googlegroups.com
>>>>>  
>>>>> <https://groups.google.com/d/msgid/puppet-users/af30e761-f765-4260-978e-b4817e42f3b8n%40googlegroups.com?utm_medium=email_source=footer>.
>>>>> 
>>>> 
>>> 
>>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users...@googlegroups.com <>.
>> 
>>

Re: [Puppet Users] Puppet agent is not running on Windows 11

2022-11-01 Thread Martin Alfke 
Hi Stephan’s,,

You can not run puppetserver on Windows.
Puppetserver is a Linux only process.

If you run Windows only, you can make use of the puppetserver docker container.

hth,
Martin


> On 31. Oct 2022, at 17:32, Stephanos Economides  
> wrote:
> 
> Hi Puppet Users,
> 
> I am a new user of the puppet software and I ask your help to tackle the 
> following problem:
> 
> I have installed the puppet agent 7.20.0 as a standalone node that won't 
> connect to a master, on my notebook (Windows 11 Home).  
> 
> I tried to run the puppet agent and I received an error (screenshot: 
> puppet_agent_error_1).
> 
> Then  I used the "puppet agent --test" command from cmd (run it as 
> administrator) and  I received an error (screenshot: puppet_agent_error_2).
> 
> Then I used the "puppet resource service puppetserver ensure=running" command 
> from cmd (run it as administrator) and I received the error "Error: Will not 
> start disabled service puppetserver without managing enable. Specify 'enable 
> => false' to override.".  I tried to override by using the command "puppet 
> resource service puppetserver enable=false" and then I used again the "puppet 
> resource service puppetserver ensure=running" command but in vain 
> (screenshot: puppet_agent_error_3).
> 
> Then I created an inbound rule on Windows firewall for port 8140 but again I 
> received the same error "Error: Connection to 
> https://puppet:8140/puppet-ca/v1 failed, trying next route: Request to 
> https://puppet:8140/puppet-ca/v1 failed after 2.698 seconds: Failed to open 
> TCP connection to puppet:8140 (getaddrinfo: No such host is known. )".
> 
> Lastly, I deactivated temporarily my Avast software but again connection to 
> puppet:8140 failed.
> 
> Could you please help me to resolve this issue?
> 
> Thank you in advance for your time.
> 
> Best regards,
> 
> Stephanos
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/4918e75e-85ed-48cc-b650-617f0280c505n%40googlegroups.com
>  
> .
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4498CD1D-BCA3-45AF-AC17-D54A671B8633%40gmail.com.

Re: [Puppet Users] Resource default values from site.pp not applied

2022-10-31 Thread Martin Alfke 
Next guess:

How do you declare some_resource type?
Are you using standard type declaration:

some_reosurce { ’title’:
  param => ‘value,
  …
}

Or do you use ensure_resource or create_resource function?


> On 31. Oct 2022, at 15:19, 'Dirk Heinrichs' via Puppet Users 
>  wrote:
> 
> Am Montag, dem 31.10.2022 um 15:10 +0100 schrieb Martin Alfke:
> 
>> Is attribute the correct parameter of some_resource type?
> 
> Yes.
> 
>> You mention that notify returns the desired results, therefore I assume that 
>> hiera returns a proper value for ’some.key’.
>> Which means that the if facts clause is also working as expected.
> 
> Yes, it is.
> 
>> Are you overwriting the Some_resource defaults in a class?
> 
> No, I don't.
> 
> Bye...
> 
> Dirk
>  -- 
> Dirk Heinrichs
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> Phone: +49 2226 15966 18
> Email: dhein...@opentext.com <mailto:dhein...@opentext.com>
> Website: www.recommind.de 
> 
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, 
> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If you 
> are not the intended recipient (or have received this e-mail in error) please 
> notify the sender immediately and destroy this e-mail. Any unauthorized 
> copying, disclosure or distribution of the material in this e-mail is 
> strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte 
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail 
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und 
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte 
> Weitergabe dieser Mail sind nicht gestattet.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e5e0dccf988a30a8ef277d70b4230f80302d60e4.camel%40opentext.com
>  
> <https://groups.google.com/d/msgid/puppet-users/e5e0dccf988a30a8ef277d70b4230f80302d60e4.camel%40opentext.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6752ADDF-8D94-42A6-9A83-333615C39FBF%40gmail.com.

Re: [Puppet Users] Resource default values from site.pp not applied

2022-10-31 Thread Martin Alfke 
Hi Dirk,

Is attribute the correct parameter of some_resource type?
You mention that notify returns the desired results, therefore I assume that 
hiera returns a proper value for ’some.key’.
Which means that the if facts clause is also working as expected.

Are you overwriting the Some_resource defaults in a class?
Defaults in a class overwrite defaults from site.pp.

Hth,
Martin



> On 31. Oct 2022, at 14:48, 'Dirk Heinrichs' via Puppet Users 
>  wrote:
> 
> Hi,
> 
> I'm currently stuck with a problem where resource defaults from site.pp are 
> not applied, for example:
> 
> if $facts['custom'] == 'some value' {
>   Some_resource { attribute => lookup('some.key'), }
>   notify { lookup('some.key'): }
>   notify { $facts['custom']: }
> }
> 
> The two notifications appear in the report, with expected values, but the 
> default value for "attribute" of "Some_resource" doesn't get set. Any idea 
> what I'm doing wrong here?
> 
> Thanks...
> 
> Dirk
>  -- 
> Dirk Heinrichs
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> Phone: +49 2226 15966 18
> Email: dhein...@opentext.com 
> Website: www.recommind.de 
> 
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, 
> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If you 
> are not the intended recipient (or have received this e-mail in error) please 
> notify the sender immediately and destroy this e-mail. Any unauthorized 
> copying, disclosure or distribution of the material in this e-mail is 
> strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte 
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail 
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und 
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte 
> Weitergabe dieser Mail sind nicht gestattet.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/9c76afa2cb08d2b58be3a4ee461931caab63957f.camel%40opentext.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4C0F9BCC-78C3-4B46-8C7B-A8CE31B818C9%40gmail.com.

Re: [Puppet Users] [PuppetDB] Error 500 'Failed to execute '/pdb/cmd/v1....'

2022-10-31 Thread Martin Alfke 
How did you configure puppetdb and puppetserver?
On Open Source we usually recommend the puppetlabs-puppetdb module.


> On 31. Oct 2022, at 10:39, Nir Fishler  wrote:
> 
> Hey Martin,
> 
> Thanks for your reply. 
> 
> There are three files underneath that directory:
> puppetdb-access.log
> puppetdb.log
> puppetdb-status.log
> but all seem to be empty - 0kb
> what does that mean?
> 
> On Monday, October 10, 2022 at 11:03:05 AM UTC+3 Martin Alfke wrote:
>> Hi Nir,
>> 
>> Please check the puppetdb log file for further error investigation.
>> Usually this is located at /var/log/puppetlabs/puppetdb/puppetdb.log
>> 
>> Hth,
>> Martin
>> 
>> 
>> 
>>> On 30. Sep 2022, at 10:30, Nir Fishler > wrote:
>>> 
>> 
>>> Hello,
>>> 
>>> puppetserver version: 7.8.0  (CentOS 7) | hostname:  puppet-staging-srv
>>> puppet agent: 7.19
>>> puppetdb: 7.11.0-1focal (Ubuntu 20.04) | hostname: puppet-staging-srv-db
>>> Postgres: 12.12-0ubuntu0.20.04.1
>>> 
>>> Foreman is enabled on Puppetserver.
>>> Postgres is configured to work with SSL.
>>> 
>>> Getting the below error from ANY VM on the network whenever I try to sync 
>>> with Puppet master server.
>>> 
>>> Error message:
>>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
>>> Server Error: Failed to execute 
>>> '/pdb/cmd/v1?checksum=a0d1b67028ed455a4d8b15fd5fc846ca54d4c0a6=5=vm-ubuntu20=replace_facts=2022-09-30T07:47:13.621Z'
>>>  on at least 1 of the following 'server_urls': 
>>> https://puppet-staging-srv-db:8081 <https://puppet-staging-srv-db:8081/>
>>> Warning: Not using cache on failed catalog
>>> Error: Could not retrieve catalog; skipping run
>>> 
>>> However, When I remove the configuration files(puppetdb.conf , values from 
>>> puppet.conf, routes.yaml) from the Puppet master $CONF dir, everything is 
>>> back to normal and sync works.
>>> 
>>> Connection between Puppet master and puppetdb and vice vesra:
>>> [root@puppet-staging-srv puppet] nc -zvw10 puppet-staging-srv-db 8081
>>> Ncat: Version 7.50 ( https://nmap.org/ncat )
>>> Ncat: Connected to 10.111.8.77:8081 <http://10.111.8.77:8081/>.
>>> 
>>> root@puppet-staging-srv-db:~# nc -zvw10 puppet-staging-srv 8140
>>> Connection to puppet-staging-srv 8140 port [tcp/puppet] succeeded!
>>> 
>>> PuppetDB website is UP and shows zero data on 'Active Nodes' and most of 
>>> the fields(see screenshot snap-1.png.)
>>> 
>>> Thanks in advanced!
>>> 
>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users...@googlegroups.com <>.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/af30e761-f765-4260-978e-b4817e42f3b8n%40googlegroups.com
>>>  
>>> <https://groups.google.com/d/msgid/puppet-users/af30e761-f765-4260-978e-b4817e42f3b8n%40googlegroups.com?utm_medium=email_source=footer>.
>>> 
>> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/c8eb95ed-64fc-4900-868b-791e3b0bf94fn%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/c8eb95ed-64fc-4900-868b-791e3b0bf94fn%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/FCA079D2-C318-4724-BD90-3A844D25B300%40gmail.com.

Re: [Puppet Users] PuppetDB - ERROR [p.p.config] No subname set in the "database" config`

2022-10-13 Thread Martin Alfke 
Best option is to completely remove the puppetdb service:

- stop puppetdb process
- uninstall puppetdb Package
- remove puppetdb conf dir /etc/puppetlabs/puppetdb

Now remove the puppetdb settings from puppet.conf file:
- storeconfigs = true
- storeconfigs_backend = puppetdb
- reports = puppetdb

Then remove the files
/etc/puppetlabs/puppet/routes.yaml
and
/etc/puppetlabs/puppet/puppetdb.conf

Now restart the puppetserver process.

Then you can make use of the module and run the puppet agent on your puppet 
server.



> On 12. Oct 2022, at 16:46, Callum McCrorie  wrote:
> 
> Hi Martin,
> I am trying to use puppetlabs-puppetdb. This is being installed via my
> control repository. Unfortunately I am unable to start the service and
> am running into the errors / issues that I have previously stated.
> Thank you,
> 
> Kind regards,
> Callum McCrorie
> Junior Engineer/Project Management
> 
> On Wed, 12 Oct 2022 at 15:37, Martin Alfke  wrote:
>> 
>> Hi Callum,
>> 
>> in general we use Puppet to also manage the Puppet Server.
>> Usually we recommend using puppetlabs-puppetdb, which will take care on 
>> postgresql and puppetdb and the required settings and even restart 
>> puppetserver process.
>> Instead of trying to manually solve an issue, you should automate your 
>> automation (which is your Puppet server).
>> 
>> hth,
>> Martin
>> 
>>> On 12. Oct 2022, at 16:05, Callum McCrorie  wrote:
>>> 
>>> Thank you Martin for your help with this.
>>> I have tried implementing what you suggested above and moving the database 
>>> config to database.ini. Unfortunately there has been no change of outcome 
>>> when trying to start puppetdb or when running puppet agent. There is also 
>>> no new information / entries appearing in the .log files for puppetdb.
>>> Please could you provide any other ideas of how we should debug this issue 
>>> or things to try?
>>> 
>>> Kind regards,
>>> Callum McCrorie
>>> Junior Engineer/Project Management
>>> 
>>> 
>>> 
>>> On Tue, 11 Oct 2022 at 08:52, Martin Alfke  wrote:
>>> Subname needs the PostgreSQL connection. Not the PuppetDB URL
>>> 
>>> Wrong:
>>> subname = //localhost:8081/puppetdb
>>> 
>>> Right:
>>> subname = //localhost:5432/puppetdb
>>> 
>>> In my config all the database config is not in config.ini but in 
>>> database.ini
>>> 
>>> # /etc/puppetlabs/puppetdb/conf/database.ini
>>> [database]
>>> 
>>> # The database address, i.e. //HOST:PORT/DATABASE_NAME
>>> # subname = //localhost:5432/puppetdb
>>> subname = //localhost:5432/puppetdb
>>> 
>>> # Connect as a specific user
>>> # username = foobar
>>> username = puppetdb
>>> 
>>> # Use a specific password
>>> # password = foobar
>>> password = puppetdb
>>> 
>>> # How often (in minutes) to compact the database
>>> # gc-interval = 60
>>> gc-interval = 60
>>> classname = org.postgresql.Driver
>>> subprotocol = postgresql
>>> syntax_pgs = true
>>> node-purge-gc-batch-limit = 25
>>> node-ttl = 7d
>>> node-purge-ttl = 14d
>>> report-ttl = 14d
>>> log-slow-statements = 10
>>> conn-max-age = 60
>>> conn-keep-alive = 45
>>> conn-lifetime = 0
>>> migrate = true
>>> 
>>> 
>>> Hth,
>>> Martin
>>> 
>>>> On 10. Oct 2022, at 15:42, Callum McCrorie  
>>>> wrote:
>>>> 
>>>> Hello,
>>>> I’m reaching out about an issue related to PuppetDB. I am hoping that
>>>> someone will be able to assist myself and my coworker in solving this
>>>> problem.
>>>> 
>>>> When I take a look inside the puppetdb log file the error that I am
>>>> seeing is `ERROR [p.p.config] No subname set in the "database"
>>>> config`. Root to the log file is - 
>>>> /var/log/puppetlabs/puppetdb/puppetdb.log.
>>>> 
>>>> If I try to start puppetdb service manually by running `systemctl
>>>> start puppetdb` I then receive the following error message:
>>>> `Job for puppetdb.service failed because the control process exited
>>>> with error code.
>>>> See "systemctl status puppetdb.service" and "journalctl -xe" for details.`
>>>> 
>>>> Following this when looking at `journalctl -xe` I can see the error 
>>>> message:
>&g

Re: [Puppet Users] PuppetDB - ERROR [p.p.config] No subname set in the "database" config`

2022-10-12 Thread Martin Alfke 
Hi Callum,

in general we use Puppet to also manage the Puppet Server. 
Usually we recommend using puppetlabs-puppetdb, which will take care on 
postgresql and puppetdb and the required settings and even restart puppetserver 
process.
Instead of trying to manually solve an issue, you should automate your 
automation (which is your Puppet server).

hth,
Martin

> On 12. Oct 2022, at 16:05, Callum McCrorie  wrote:
> 
> Thank you Martin for your help with this. 
> I have tried implementing what you suggested above and moving the database 
> config to database.ini. Unfortunately there has been no change of outcome 
> when trying to start puppetdb or when running puppet agent. There is also no 
> new information / entries appearing in the .log files for puppetdb. 
> Please could you provide any other ideas of how we should debug this issue or 
> things to try?
> 
> Kind regards,
> Callum McCrorie
> Junior Engineer/Project Management
> 
> 
> 
> On Tue, 11 Oct 2022 at 08:52, Martin Alfke  wrote:
> Subname needs the PostgreSQL connection. Not the PuppetDB URL
> 
> Wrong:
> subname = //localhost:8081/puppetdb
> 
> Right:
> subname = //localhost:5432/puppetdb
> 
> In my config all the database config is not in config.ini but in database.ini
> 
> # /etc/puppetlabs/puppetdb/conf/database.ini
> [database]
> 
> # The database address, i.e. //HOST:PORT/DATABASE_NAME
> # subname = //localhost:5432/puppetdb
> subname = //localhost:5432/puppetdb
> 
> # Connect as a specific user
> # username = foobar
> username = puppetdb
> 
> # Use a specific password
> # password = foobar
> password = puppetdb
> 
> # How often (in minutes) to compact the database
> # gc-interval = 60
> gc-interval = 60
> classname = org.postgresql.Driver
> subprotocol = postgresql
> syntax_pgs = true
> node-purge-gc-batch-limit = 25
> node-ttl = 7d
> node-purge-ttl = 14d
> report-ttl = 14d
> log-slow-statements = 10
> conn-max-age = 60
> conn-keep-alive = 45
> conn-lifetime = 0
> migrate = true
> 
> 
> Hth,
> Martin
> 
>> On 10. Oct 2022, at 15:42, Callum McCrorie  wrote:
>> 
>> Hello,
>> I’m reaching out about an issue related to PuppetDB. I am hoping that
>> someone will be able to assist myself and my coworker in solving this
>> problem.
>> 
>> When I take a look inside the puppetdb log file the error that I am
>> seeing is `ERROR [p.p.config] No subname set in the "database"
>> config`. Root to the log file is - /var/log/puppetlabs/puppetdb/puppetdb.log.
>> 
>> If I try to start puppetdb service manually by running `systemctl
>> start puppetdb` I then receive the following error message:
>> `Job for puppetdb.service failed because the control process exited
>> with error code.
>> See "systemctl status puppetdb.service" and "journalctl -xe" for details.`
>> 
>> Following this when looking at `journalctl -xe` I can see the error message:
>> `-- The unit puppetdb.service has entered the 'failed' state with
>> result 'exit-code'
>> Oct 04 13:37:36 puppet systemd[1]: Failed to start puppetdb Service.
>> -- Subject: A start job for unit puppetdb.service has failed.'
>> 
>> I have also included in this the PuppetDB scripts and any related scripts.
>> 
>> The following script is for puppet.conf location is
>> /etc/puppetlabs/puppet/puppet.conf.
>> 
>> # This file can be used to override the default puppet settings.
>> # See the following links for more details on what settings are available:
>> # - https://puppet.com/docs/puppet/latest/config_important_settings.html
>> # - https://puppet.com/docs/puppet/latest/config_about_settings.html
>> # - https://puppet.com/docs/puppet/latest/config_file_main.html
>> # - https://puppet.com/docs/puppet/latest/configuration.html
>> [server]
>> vardir = /opt/puppetlabs/server/data/puppetserver
>> logdir = /var/log/puppetlabs/puppetserver
>> rundir = /var/run/puppetlabs/puppetserver
>> pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
>> codedir = /etc/puppetlabs/code
>> 
>> [master]
>> storeconfigs = true
>> storeconfigs_backend = puppetdb
>> reports = store, puppetdb
>> 
>> [agent]
>> noop = true
>> 
>> The next script is from puppetdb.conf location is
>> /etc/puppetlabs/puppet/puppetdb.conf
>> 
>> [main]
>>  server_urls = https://puppetdb.company.com:8081
>> 
>> 
>> The puppetdb config.ini file
>> (/etc/puppetlabs/puppetdb/conf.d/config.ini) is as follows:
>> 
>> #logging-config = /etc/puppetlabs/puppetdb/logback.xml
>> 
>> #[comman

Re: [Puppet Users] PuppetDB - ERROR [p.p.config] No subname set in the "database" config`

2022-10-11 Thread Martin Alfke 
Subname needs the PostgreSQL connection. Not the PuppetDB URL

Wrong:
subname = //localhost:8081/puppetdb

Right:
subname = //localhost:5432/puppetdb

In my config all the database config is not in config.ini but in database.ini

# /etc/puppetlabs/puppetdb/conf/database.ini
[database]

# The database address, i.e. //HOST:PORT/DATABASE_NAME
# subname = //localhost:5432/puppetdb
subname = //localhost:5432/puppetdb

# Connect as a specific user
# username = foobar
username = puppetdb

# Use a specific password
# password = foobar
password = puppetdb

# How often (in minutes) to compact the database
# gc-interval = 60
gc-interval = 60
classname = org.postgresql.Driver
subprotocol = postgresql
syntax_pgs = true
node-purge-gc-batch-limit = 25
node-ttl = 7d
node-purge-ttl = 14d
report-ttl = 14d
log-slow-statements = 10
conn-max-age = 60
conn-keep-alive = 45
conn-lifetime = 0
migrate = true


Hth,
Martin

> On 10. Oct 2022, at 15:42, Callum McCrorie  wrote:
> 
> Hello,
> I’m reaching out about an issue related to PuppetDB. I am hoping that
> someone will be able to assist myself and my coworker in solving this
> problem.
> 
> When I take a look inside the puppetdb log file the error that I am
> seeing is `ERROR [p.p.config] No subname set in the "database"
> config`. Root to the log file is - /var/log/puppetlabs/puppetdb/puppetdb.log.
> 
> If I try to start puppetdb service manually by running `systemctl
> start puppetdb` I then receive the following error message:
> `Job for puppetdb.service failed because the control process exited
> with error code.
> See "systemctl status puppetdb.service" and "journalctl -xe" for details.`
> 
> Following this when looking at `journalctl -xe` I can see the error message:
> `-- The unit puppetdb.service has entered the 'failed' state with
> result 'exit-code'
> Oct 04 13:37:36 puppet systemd[1]: Failed to start puppetdb Service.
> -- Subject: A start job for unit puppetdb.service has failed.'
> 
> I have also included in this the PuppetDB scripts and any related scripts.
> 
> The following script is for puppet.conf location is
> /etc/puppetlabs/puppet/puppet.conf.
> 
> # This file can be used to override the default puppet settings.
> # See the following links for more details on what settings are available:
> # - https://puppet.com/docs/puppet/latest/config_important_settings.html 
> 
> # - https://puppet.com/docs/puppet/latest/config_about_settings.html 
> 
> # - https://puppet.com/docs/puppet/latest/config_file_main.html 
> 
> # - https://puppet.com/docs/puppet/latest/configuration.html 
> 
> [server]
> vardir = /opt/puppetlabs/server/data/puppetserver
> logdir = /var/log/puppetlabs/puppetserver
> rundir = /var/run/puppetlabs/puppetserver
> pidfile = /var/run/puppetlabs/puppetserver/puppetserver.pid
> codedir = /etc/puppetlabs/code
> 
> [master]
> storeconfigs = true
> storeconfigs_backend = puppetdb
> reports = store, puppetdb
> 
> [agent]
> noop = true
> 
> The next script is from puppetdb.conf location is
> /etc/puppetlabs/puppet/puppetdb.conf
> 
> [main]
>  server_urls = https://puppetdb.company.com:8081 
> 
> 
> 
> The puppetdb config.ini file
> (/etc/puppetlabs/puppetdb/conf.d/config.ini) is as follows:
> 
> #logging-config = /etc/puppetlabs/puppetdb/logback.xml
> 
> #[command-processing]
> # How many command-processing threads to use, defaults to (CPUs / 2)
> # threads = 4
> 
> # How many threads can write to disk at once, defaults to min(CPUs / 2, 4)
> # concurrent-writes = 4
> 
> [global]
> vardir = /var/lib/puppetdb
> logging-config = /var/lib/puppetdb/logback.xml
> 
> [database]
> classname = org.postgresql.Driver
> subprotocol = postgresql
> subname = //localhost:8081/puppetdb
> 
> [puppetdb]
> certificate-whitelist = /path/to/file/containing/certnames
> disable-update-checking = false
> 
> The puppetdb jetty.ini file
> (/etc/puppetlabs/puppetdb/conf.d/jetty.ini) is as follows:
> 
> [jetty]
> # IP address or hostname to listen for clear-text HTTP. To avoid resolution
> # issues, IP addresses are recommended over hostnames.
> # Default is `localhost`.
> # host = 
> 
> # Port to listen on for clear-text HTTP.
> port = 8080
> 
> # The following are SSL specific settings. They can be configured
> # automatically with the tool `puppetdb ssl-setup`, which is normally
> # ran during package installation.
> 
> # IP address to listen on for HTTPS connections. Hostnames can also be used
> # but are not recommended to avoid DNS resolution issues. To listen on all
> # interfaces, use `0.0.0.0`.
> ssl-host = 0.0.0.0
> 
> # The port to listen on for HTTPS connections
> ssl-port = 8081
> 
> # Private key path
> ssl-key = /etc/puppetlabs/puppetdb/ssl/private.pem
> 
> # Public certificate path

Re: [Puppet Users] [PuppetDB] Error 500 'Failed to execute '/pdb/cmd/v1....'

2022-10-10 Thread Martin Alfke 
Hi Nir,

Please check the puppetdb log file for further error investigation.
Usually this is located at /var/log/puppetlabs/puppetdb/puppetdb.log

Hth,
Martin


> On 30. Sep 2022, at 10:30, Nir Fishler  wrote:
> 
> Hello,
> 
> puppetserver version: 7.8.0  (CentOS 7) | hostname:  puppet-staging-srv
> puppet agent: 7.19
> puppetdb: 7.11.0-1focal (Ubuntu 20.04) | hostname: puppet-staging-srv-db
> Postgres: 12.12-0ubuntu0.20.04.1
> 
> Foreman is enabled on Puppetserver.
> Postgres is configured to work with SSL.
> 
> Getting the below error from ANY VM on the network whenever I try to sync 
> with Puppet master server.
> 
> Error message:
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Failed to execute 
> '/pdb/cmd/v1?checksum=a0d1b67028ed455a4d8b15fd5fc846ca54d4c0a6=5=vm-ubuntu20=replace_facts=2022-09-30T07:47:13.621Z'
>  on at least 1 of the following 'server_urls': 
> https://puppet-staging-srv-db:8081
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
> 
> However, When I remove the configuration files(puppetdb.conf , values from 
> puppet.conf, routes.yaml) from the Puppet master $CONF dir, everything is 
> back to normal and sync works.
> 
> Connection between Puppet master and puppetdb and vice vesra:
> [root@puppet-staging-srv puppet] nc -zvw10 puppet-staging-srv-db 8081
> Ncat: Version 7.50 ( https://nmap.org/ncat )
> Ncat: Connected to 10.111.8.77:8081.
> 
> root@puppet-staging-srv-db:~# nc -zvw10 puppet-staging-srv 8140
> Connection to puppet-staging-srv 8140 port [tcp/puppet] succeeded!
> 
> PuppetDB website is UP and shows zero data on 'Active Nodes' and most of the 
> fields(see screenshot snap-1.png.)
> 
> Thanks in advanced!
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/af30e761-f765-4260-978e-b4817e42f3b8n%40googlegroups.com
>  
> .
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/DFD05FB5-DADB-49C1-A5A4-C901BDD293F8%40gmail.com.

Re: [Puppet Users] Getting started - yikes

2022-07-29 Thread Martin Alfke 
Hi Chris,

Please check the time synchronisation prior running the installer.
Also check the system requirements page: 
https://puppet.com/docs/pe/2019.8/system_requirements.html 

Especially 
https://puppet.com/docs/pe/2019.8/supported_operating_systems.html#supported_operating_systems
 

 which will list also required packages.

Hth,
Martin


> On 29. Jul 2022, at 06:00, ch...@freeranger.com  wrote:
> 
> I've been tasked to install puppet enterprise 2019.8.11 on centos 7.  We have 
> some licenses that I figure I can apply once puppet is installed.
> 
> I figured I could just fire up a centos 7 instance on AWS (derived from a 
> self hardened AMI) and install a puppet enterprise master.  What could go 
> wrong...  ;)
> 
> I proceeded to get things lined up and ran a wget of a centos 7 tar of 
> Enterprise - 2019.8.11 LTS.  Upzipped it, and in the folder which was created 
> ran:
> 
> ./puppet-enterprise-installer
> 
> Things seemed to go fine for a bit, then...
> in red:::
> Error: Failed to initialize SSL: The CRL issued by 'CN=Puppet Enterprise CA' 
> has expired, verify time is synchronized
> Error: Run `puppet agent -t`
> Error: 
> /opt/puppetlabs/puppet/lib/ruby/vendor_ruby/puppet/ssl/ssl_provider.rb:278:in 
> `raise_cert_verify_error'
> 
> The above errors seemed to crop up, in red, periodically during the install
> 
> More red:
> [Error]: /Stage[main]/Pe_install::Prepare::Certificates/Exec[generate ca 
> cert]/returns: change from 'notrun' to ['0'] failed: 
> '/opt/puppetlabs/bin/puppetserver ca setup --certname tm.sys-f.ecm --ca-name 
> 'Puppet Enterprise CA generated at +2022-07-28 23:56:46 +' 
> --subject-alt-names 'puppet'' returned 1 instead of one of [0]
> 
> Then lots of yellow warnings:
> [Warning]: /Stage[main]/Pe_install::Prepare::Certificates/Exec[generate node 
> cert]: Skipping because of failed dependencies
> [Warning]: /Stage[main]/Pe_install::Install::Ssldir/Exec[Set user/group of 
> /etc/puppetlabs/puppet/ssl contents to pe-puppet:pe-puppet]: Skipping because 
> of failed dependencies
> [Warning]:/Stage[main]/Puppet_enterprise::Profile::Database/File[/opt/puppetlabs/server/data/postgresql/11/data/certs/_local.cert.pem]:
>  Skipping because of failed dependencies
> [Warning]:/Stage[main]/Puppet_enterprise::Profile::Orchestrator/Pe_hocon_setting[orchestration-services.authorization.version]:
>  Skipping because of failed dependencies
> 
> The tons of warnings with references to "Skipping because of failed 
> dependencies"
> 
> I've obviously got some gaping hole in the dependencies.
> 
> Can anyone point me to what I missed in the instructions to provide the 
> config that provisions the dependencies.
> 
> Also, I've looked for prerequisites of applications that should be loaded 
> prior to install, like wget, or postgresql but haven't seen much of that 
> except in random sites.
> 
> Thanks in advance for any tips,
> Chris.
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e567b5e8-1395-4929-becb-4e38a24bf372n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/B4C3EF7C-F588-47E3-ADEB-860E8AAE06DF%40gmail.com.

[Puppet Users] Hiera Data Manager Demo available

2022-07-28 Thread Martin Alfke 
Hi everyone,

we would like to introduce our Hiera Data Manager - HDM.
HDM is made available under an Open Source License and offers a web interface 
to analyze Hiera Data.
Further information are available on the project website: 
https://github.com/betadots/hdm 

We have set up a demo environment which will be available until August 4th 2022.

URL: http://puppet.hdm.betadots.training:3000
Username: u...@domain.tld
Password: user

We love to hear feedback or comments from you.

h...@betadots.de 

Best regards,
Martin

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/0775CD89-A7E2-46F3-BDCA-A75FD391F0FA%40gmail.com.

Re: [Puppet Users] Bolt: How to upload a downloaded file?

2022-04-27 Thread Martin Alfke 
Hi,

You can reference the actual path by using pwd:

bolt file upload $(pwd)/inventory.yaml /root/ -t login

Hth,
Martin


> On 27. Apr 2022, at 14:24, Helmut Rickel  wrote:
> 
> Hello,
> this surely is a beginners question: 
> Using bolt, I want to download a file from one server and upload it to a 
> another server. Problem: The function download_file uses a destination path 
> relative to the project directory, but upload_file needs an absolute source 
> path. How do I get this absolute source path?
> 
> Thanks for your help!
> 
> Kind regards 
> Helmut
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/de6003ab-cb05-46fb-b22c-c57ce5a07a05n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/632346B0-23CE-4A4E-A83B-550D496706C8%40gmail.com.

Re: [Puppet Users] hiera 5 postgresql backend

2022-04-14 Thread Martin Alfke 
Hi,

We usually recommend to not use any other backend, except for file based 
backends, due to performance.
Any other backend must be able to deliver the same lookup speed.
We did a calculation at a customer and we saw hiera answering 8000 queries in 
less than 1 second using the yaml file backend.

With hiera5 you can of course write new backends.
Please note that the hiera3 backends are not compatible with hiera5!
https://puppet.com/docs/puppet/7/hiera_custom_backends.html 


Hth,
Martin


> On 14. Apr 2022, at 04:30, 'Matt Zagrabelny' via Puppet Users 
>  wrote:
> 
> Greetings,
> 
> I'm running puppet 5.5.
> 
> Is anyone aware of a hiera 5 Pg backend?
> 
> I've tried getting the hiera 3 module [0] working, but am struggling. I'm 
> hoping a native hiera 5 will be a smoother experience.
> 
> Thanks for the help!
> 
> -m
> 
> [0] https://github.com/rogeduardo/hiera-psql 
> 
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAOLfK3U6euXrZfWHLcSWjm-BHrxLq0oir8p2x-O4ExMe1TCrdA%40mail.gmail.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4EF8FA1E-3BA5-4B4D-B3E5-CCCF24981D03%40gmail.com.

Re: [Puppet Users] Custom functions what way forward

2022-03-24 Thread Martin Alfke 
Hi Baz,

There are two APIs for custom types/providers within modern Puppet.

The “old” API uses the Puppet::Type.newtype syntax.
I gave a talk on this topic a couple of years ago:
https://www.slideshare.net/PuppetLabs/puppetconf-2016-moving-from-exec-to-types-and-providers-martin-alfke-example42-gmbh
 
<https://www.slideshare.net/PuppetLabs/puppetconf-2016-moving-from-exec-to-types-and-providers-martin-alfke-example42-gmbh>
https://www.youtube.com/watch?v=Jr8H0wSUMBY 
<https://www.youtube.com/watch?v=Jr8H0wSUMBY>

The resourceapi is the “newer” API and uses Puppet::ResourceApi.register_type
https://puppet.com/docs/puppet/7/about_the_resource_api.html 
<https://puppet.com/docs/puppet/7/about_the_resource_api.html>
It is integrated in PDK (pdk new provider)

Note: The new Resource API can not handle refreshonly as default implementation.
You must implement this behaviour by yourself.

Choose the solution which you are more comfortable with.

Best,
Martin

> On 24. Mar 2022, at 11:29, barry haycock  wrote:
> 
> I am migrating a Puppet 3.x to Puppet 7.x and am having to rewrite alot of 
> the code.
> 
> This includes a number of custom modules and my first foray into writing 
> custom functions/providers.
> This is where I am getting stuck as there is not really a lot of information 
> on this.
> Looking at existing Puppet modules they all seem to have been written using 
> 'Type.newtype' format,
> where as the latest puppet docs state I should be using the 'resourceapi' 
> gem/format.
> looking over recent releases on the forge shows that everyone still appears 
> to be using the old format.
> 
> What are the brains trust using and have you migrated over to resourceapi?
> 
> Would also like some better information on writing/testing custom functions 
> other than
> outdated books, URL's if anyone can point them my way.
> I haven't had much luck finding anything recent and related.
> 
> Baz
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/0feac523-d4a2-4d15-846c-d9304d0f8cfan%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/0feac523-d4a2-4d15-846c-d9304d0f8cfan%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/D8DF1B4D-588A-4991-84EE-8B2FF758730A%40gmail.com.

Re: [Puppet Users] Ruby gem-ruby-shadow RPM on RHEL 8 ?

2022-03-21 Thread Martin Alfke 
For getting a list of Puppet Agent gems you can run

/opt/puppetlabs/puppet/bin/gem list

But: this command will only show additional gems! It will not show gems bundled 
with Ruby itself!
The shadow gem is part of the ruby implementation.

find /opt/puppetlabs/puppet/lib/ -type f -name *shadow*
/opt/puppetlabs/puppet/lib/ruby/vendor_ruby/2.5.0/x86_64-linux/shadow.so


> On 21. Mar 2022, at 13:33, 'White, Daniel E. (GSFC-770.0)[NICS]' via Puppet 
> Users  wrote:
> 
> The command “puppetserver gem list” does not list  “ruby-shadow”
> How do I get a list of agent side gems, please ?
> __
>  
> Daniel E. White
> daniel.e.wh...@nasa.gov <mailto:daniel.e.wh...@nasa.gov>
> NASCOM Linux Engineer
> NASA Goddard Space Flight Center
> Science Applications International Corporation (SAIC)
> Office: (301) 286-6919
> Mobile: (240) 513-5290
>  
> From: Puppet-Users Mailing List  <mailto:puppet-users@googlegroups.com>> on behalf of Martin Alfke 
> mailto:tux...@gmail.com>>
> Reply-To: Puppet-Users Mailing List  <mailto:puppet-users@googlegroups.com>>
> Date: Monday, March 21, 2022 at 07:01
> To: Puppet-Users Mailing List  <mailto:puppet-users@googlegroups.com>>
> Subject: Re: [EXTERNAL] [Puppet Users] Re: Ruby gem-ruby-shadow RPM on RHEL 8 
> ?
>  
> Shadow is part of the ruby installation inside the puppet agent.
> You can verify functionality:
>  
> /opt/puppetlabs/puppet/bin/irb
> irb(main):001:0> require 'shadow'
> => true
> irb(main):002:0> exit
> root@node01:~#
>  
> If you receive the “true” output after you run require ’shadow’ all is set 
> and you can directly start using the user resource type.
>  
> No need to install anything.
>  
>  
> Hth,
> Martin
>  
> 
> 
>> On 21. Mar 2022, at 11:23, 'White, Daniel E. (GSFC-770.0)[NICS]' via Puppet 
>> Users mailto:puppet-users@googlegroups.com>> 
>> wrote:
>>  
>> Ny use case is 
>> https://puppet.com/docs/puppet/7/types/user.html#user-provider-useradd 
>> <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fpuppet.com%2Fdocs%2Fpuppet%2F7%2Ftypes%2Fuser.html%23user-provider-useradd=04%7C01%7Cdaniel.e.white%40nasa.gov%7C3b51cdbd8bfd49f562ff08da0b2a2869%7C7005d45845be48ae8140d43da96dd17b%7C0%7C0%7C637834572936795645%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000=eVdyEE%2F1opgdrhum5imNXQf9tz0t9eUM0GhhBQUXre8%3D=0>
>>  
>>  
>> From: Puppet-Users Mailing List > <mailto:puppet-users@googlegroups.com>> on behalf of Corey Osman 
>> mailto:co...@logicminds.biz>>
>> Reply-To: Puppet-Users Mailing List > <mailto:puppet-users@googlegroups.com>>
>> Date: Friday, March 18, 2022 at 18:20
>> To: Puppet-Users Mailing List > <mailto:puppet-users@googlegroups.com>>
>> Subject: [EXTERNAL] [Puppet Users] Re: Ruby gem-ruby-shadow RPM on RHEL 8 ?
>>  
>>  
>> I would like to know your use case of this gem since parsing /etc/shadow or 
>> /etc/passwd can be done with other tooling like augeas.  Also, are you 
>> parsing the puppetserver's files or the agent?   Additionally, any ruby code 
>> used to parse files would be installed on the agent and never the 
>> puppetserver.   The puppetserver's job is to only compile the catalog.
>>  
>> To answer the original question you can pre-compile the gem and 
>> deliver/install to the destination.  
>>  
>> https://github.com/apalmblad/ruby-shadow 
>> <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fapalmblad%2Fruby-shadow=04%7C01%7Cdaniel.e.white%40nasa.gov%7C3b51cdbd8bfd49f562ff08da0b2a2869%7C7005d45845be48ae8140d43da96dd17b%7C0%7C0%7C637834572936795645%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000=S4jgFLmQStnJPixr%2FDFmEWlI7pfOHFmenAWOY9JdtbI%3D=0>
>> https://stackoverflow.com/questions/3667918/how-do-you-precompile-the-native-extensions-for-a-ruby-gem-for-linux
>>  
>> <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fstackoverflow.com%2Fquestions%2F3667918%2Fhow-do-you-precompile-the-native-extensions-for-a-ruby-gem-for-linux=04%7C01%7Cdaniel.e.white%40nasa.gov%7C3b51cdbd8bfd49f562ff08da0b2a2869%7C7005d45845be48ae8140d43da96dd17b%7C0%7C0%7C637834572936795645%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000=rTKWVeLPrpeOoGCjfy6GzE4OwtIoKe3g1YTI%2FhPL0fA%3D=0>
>> https://github.com/rake-compiler/rake-compiler 
>> <https://gcc02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Frake-compiler%2Fr

Re: [EXTERNAL] [Puppet Users] Re: Ruby gem-ruby-shadow RPM on RHEL 8 ?

2022-03-21 Thread Martin Alfke 
Shadow is part of the ruby installation inside the puppet agent.
You can verify functionality:

/opt/puppetlabs/puppet/bin/irb
irb(main):001:0> require 'shadow'
=> true
irb(main):002:0> exit
root@node01:~#

If you receive the “true” output after you run require ’shadow’ all is set and 
you can directly start using the user resource type.

No need to install anything.


Hth,
Martin


> On 21. Mar 2022, at 11:23, 'White, Daniel E. (GSFC-770.0)[NICS]' via Puppet 
> Users  wrote:
> 
> Ny use case is 
> https://puppet.com/docs/puppet/7/types/user.html#user-provider-useradd 
> 
>  
>  
> From: Puppet-Users Mailing List  > on behalf of Corey Osman 
> mailto:co...@logicminds.biz>>
> Reply-To: Puppet-Users Mailing List  >
> Date: Friday, March 18, 2022 at 18:20
> To: Puppet-Users Mailing List  >
> Subject: [EXTERNAL] [Puppet Users] Re: Ruby gem-ruby-shadow RPM on RHEL 8 ?
>  
>  
> I would like to know your use case of this gem since parsing /etc/shadow or 
> /etc/passwd can be done with other tooling like augeas.  Also, are you 
> parsing the puppetserver's files or the agent?   Additionally, any ruby code 
> used to parse files would be installed on the agent and never the 
> puppetserver.   The puppetserver's job is to only compile the catalog.
>  
> To answer the original question you can pre-compile the gem and 
> deliver/install to the destination.  
>  
> https://github.com/apalmblad/ruby-shadow 
> 
> https://stackoverflow.com/questions/3667918/how-do-you-precompile-the-native-extensions-for-a-ruby-gem-for-linux
>  
> 
> https://github.com/rake-compiler/rake-compiler 
> 
>  
>  
> Although I don't see a need to do this since there are other ways to solve 
> actual issue.
>  
> The epel package will not work since it would install files in the wrong 
> location and since puppetserver runs on jruby it wouldn't work anyways.  
>  
> Reach out on the puppet community slack channels for more support.
>  
>  
> Corey
> NWOPS, LLC
>  
> On Thursday, March 17, 2022 at 8:49:50 AM UTC-7 nasa_dan wrote:
>> Will the rubygem-ruby-shadow RPM from EPEL work with PE 2021.4 instead of 
>> installing the gem ?
>>  
>> The command “puppetserver gem install ruby-shadow” fails, telling me I need 
>> to install development tools.
>> I can do that for the test-lab instance, but not in production.
>>  
>> Thanks.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/7cb87ec3-d539-4cb5-81aa-0088d9d2d74an%40googlegroups.com
>  
> .
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CDB50CAC-F784-47F0-83D2-9B1816A66704%40nasa.gov
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5D2F4A70-650F-4097-B050-5C4D0ACC89C2%40gmail.com.

Re: [Puppet Users] Puppet doens't sync from Master

2022-03-01 Thread Martin Alfke 
Hi Alessandro,

In this case you have different node classification.

1. Check manifests/site.pp in your control-repo.
2. If you are using PE: check the PE node groups.
3. If you have enabled Foreman/Satellite - Puppet integration: check your 
Foreman/Satellite Puppet configuration for each node.

hth,
Martin


> On 1. Mar 2022, at 11:05, 'Alessandro Ciappei' via Puppet Users 
>  wrote:
> 
> Hi Martin, 
> 
> thank you for your reply.
> Indeed the classes.txt file is different.
> 
> On the client, there are only 'settings' and missing all other classes.
> If I try to force it, when I lunch puppet agent, the file will be overwritten.
> 
> There is somewhere I can check?
> 
> All the best
> Alex
> 
> On Tuesday, March 1, 2022 at 7:51:23 AM UTC Martin Alfke wrote:
> Check on both nodes the content of files in 
> /opt/puppetlabs/puppet/cache/state directory.
> Especially classes.txt and resources.txt.
> 
> If file content differs between the two nodes, your classification is not 
> identical.
> 
> hth,
> Martin
> 
> 
>> On 28. Feb 2022, at 12:29, 'Alessandro Ciappei' via Puppet Users 
>> > > wrote:
>> 
> 
>> Hello everyone,
>> 
>> I'm new on this group, but I use puppet from several years now.
>> I'm writing you because I have an issue with my puppet.
>> 
>> I have Puppet Master included in RHEL Satellite Server.
>> All the client on same network sync and download/update the catalog and 
>> contents.
>> Client from another network who passing over firewall can connect to puppet 
>> master, request the sync.
>> The catalog sync without error, but the content are not pulled from the 
>> Master.
>> 
>> This is output from server in another network:
>> [root@ ~]# puppet agent -tv
>> Info: Using configured environment 'installation'
>> Info: Retrieving pluginfacts
>> Info: Retrieving plugin
>> Info: Retrieving locales
>> Info: Loading facts
>> Info: Caching catalog for **
>> Info: Applying configuration version '1646047554'
>> Notice: Applied catalog in 0.03 seconds
>> [root@* ~]#
>> 
>> This is output from the server on same network:
>> 
>> [root@* ~]# puppet agent -tv
>> Info: Using configured environment 'installation'
>> Info: Retrieving pluginfacts
>> Info: Retrieving plugin
>> Info: Retrieving locales
>> Info: Loading facts
>> Info: Caching catalog for ***
>> Info: Applying configuration version '1646047614'
>> Notice: /Stage[main]/Motd/File[/etc/motd]/content:
>> --- /etc/motd   2022-02-28 10:32:18.495445592 +
>> +++ /tmp/puppet-file20220228-7595-1s9ihep   2022-02-28 
>> 11:26:55.057023750 +
>> @@ -40,7 +40,7 @@
>>  Memory Size:   3.65 GiB
>>  System Uptime: 1 day
>> 
>> -System Load:   {15m => 0.0, 1m => 0.0, 5m => 0.0}
>> +System Load:   {15m => 0.01, 1m => 0.08, 5m => 0.02}
>> 
>> 
>>  Environment:   Installation
>> 
>> Notice: /Stage[main]/Motd/File[/etc/motd]/content: content changed 
>> '{md5}3c2c5b6d897d03f2953738db6eb89f32' to 
>> '{md5}a388e5aeaeb5ee6684f2cb64937bf426'
>> Notice: Applied catalog in 0.35 seconds
>> [root@*** ~]#
>> 
>> Both are RHEL 8 on same hostgroup etc
>> 
>> Someone can help me?
>> 
>> All the best
>> Alex
>> 
> 
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/448593ff-799d-49dd-9cd4-510039b7ea54n%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/puppet-users/448593ff-799d-49dd-9cd4-510039b7ea54n%40googlegroups.com?utm_medium=email_source=footer>.
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/9fa3ca1f-58a9-4d90-9705-5621fbf64d03n%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/9fa3ca1f-58a9-4d90-9705-5621fbf64d03n%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/8990965B-C426-4CB4-A2EF-74B9DCE84190%40gmail.com.

Re: [Puppet Users] Puppet doens't sync from Master

2022-02-28 Thread Martin Alfke 
Check on both nodes the content of files in /opt/puppetlabs/puppet/cache/state 
directory.
Especially classes.txt and resources.txt.

If file content differs between the two nodes, your classification is not 
identical.

hth,
Martin

> On 28. Feb 2022, at 12:29, 'Alessandro Ciappei' via Puppet Users 
>  wrote:
> 
> Hello everyone,
> 
> I'm new on this group, but I use puppet from several years now.
> I'm writing you because I have an issue with my puppet.
> 
> I have Puppet Master included in RHEL Satellite Server.
> All the client on same network sync and download/update the catalog and 
> contents.
> Client from another network who passing over firewall can connect to puppet 
> master, request the sync.
> The catalog sync without error, but the content are not pulled from the 
> Master.
> 
> This is output from server in another network:
> [root@ ~]# puppet agent -tv
> Info: Using configured environment 'installation'
> Info: Retrieving pluginfacts
> Info: Retrieving plugin
> Info: Retrieving locales
> Info: Loading facts
> Info: Caching catalog for **
> Info: Applying configuration version '1646047554'
> Notice: Applied catalog in 0.03 seconds
> [root@* ~]#
> 
> This is output from the server on same network:
> 
> [root@* ~]# puppet agent -tv
> Info: Using configured environment 'installation'
> Info: Retrieving pluginfacts
> Info: Retrieving plugin
> Info: Retrieving locales
> Info: Loading facts
> Info: Caching catalog for ***
> Info: Applying configuration version '1646047614'
> Notice: /Stage[main]/Motd/File[/etc/motd]/content:
> --- /etc/motd   2022-02-28 10:32:18.495445592 +
> +++ /tmp/puppet-file20220228-7595-1s9ihep   2022-02-28 11:26:55.057023750 
> +
> @@ -40,7 +40,7 @@
>  Memory Size:   3.65 GiB
>  System Uptime: 1 day
> 
> -System Load:   {15m => 0.0, 1m => 0.0, 5m => 0.0}
> +System Load:   {15m => 0.01, 1m => 0.08, 5m => 0.02}
> 
> 
>  Environment:   Installation
> 
> Notice: /Stage[main]/Motd/File[/etc/motd]/content: content changed 
> '{md5}3c2c5b6d897d03f2953738db6eb89f32' to 
> '{md5}a388e5aeaeb5ee6684f2cb64937bf426'
> Notice: Applied catalog in 0.35 seconds
> [root@*** ~]#
> 
> Both are RHEL 8 on same hostgroup etc
> 
> Someone can help me?
> 
> All the best
> Alex
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/448593ff-799d-49dd-9cd4-510039b7ea54n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9CA18611-E6C9-4599-9F72-9869E1DA852A%40gmail.com.

Re: [Puppet Users] Nested hiera lookup

2022-01-28 Thread Martin Alfke 
Hi Helmut,

This is not working!
Within hiera you can use alias or lookup to receive other hiera data values.
But you can not combine a lookup with string.
https://puppet.com/docs/puppet/7/hiera_merging.html#interpolation_functions-lookup-and-hiera-function
 


Hth,
Martin

> On 27. Jan 2022, at 16:22, Helmut Schneider  wrote:
> 
> Hi,
> 
> common.yaml:
> ---
> lookup_options:
>  paths:
>merge:
>  strategy:  'deep'
>  knockout_prefix:   '--'
>  variables:
>merge:
>  strategy:  'deep'
>  knockout_prefix:   '--'
> paths:
>  logfilePath: '/var/log'
> [...]
> 
> another.yaml:
> lookup_options:
>  paths:
>merge:
>  strategy:  'deep'
>  knockout_prefix:   '--'
>  variables:
>merge:
>  strategy:  'deep'
>  knockout_prefix:   '--'
> variables:
>  logFile:  "%{lookup('paths.logfilePath')}/logfile.log"
> [...]
> 
> Notice: /var/log
> Notice: /Stage[main]/My_puppet/Logrotate::Include[my_puppet]/Notify[paths 
> my_puppet:]/message: defined 'message' as '/var/log'
> Notice: /logfile.log
> Notice: /Stage[main]/My_puppet/Logrotate::Include[my_puppet]/Notify[variables 
> my_puppet:]/message: defined 'message' as '/openvpn.log'
> 
> Should that work?
> 
> helmut@h2873756:~$ puppet -V
> 7.14.0
> helmut@h2873756:~$
> 
> Thank you!
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/ssudbh%24kou%241%40ciao.gmane.io.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5C8CAA5B-BCC6-4D91-AFDC-C06DE60464D3%40gmail.com.

Re: [Puppet Users] Puppet Manifest using to_json_pretty help

2021-12-07 Thread Martin Alfke 
class demo (
  Array[Hash] $para5,
){
  file { '/etc/example.json’:
ensure => file,
content => to_json_pretty({
  section1 => {
para1 => somevalue,
para2 => somevalue,
para3 => somevalue,
para4 => somevalue,
para5 => $para5,
  }, true),
}
}

data/nodes/machine1.yaml
---
demo::para5:
  - para5a.1: somevalue
para5a.2: somevalue
para5a.3: somevalue
  - para5b.1: somevalue
para5b.2: somevalue

data/nodes/machine2.yaml
---
demo::para5:
  - para5a.1: somevalue,
para5a.2: somevalue,


> On 7. Dec 2021, at 23:02, David Pearson  wrote:
> 
> Hi Team,
> 
> I have a file resource within a manifest that uses content => to_json_pretty 
> to create a json config file on all nodes successfully. 
> 
> I need to improve the code so that a section of the config is unique per 
> server, but unsure on the best way to do this in the current format. In the 
> example below para5 would differ on each node. I would like to specify the 
> data in hiera for each node (hiera is already setup) and have a lookup within 
> the mainifest. 
> 
> Machine 1
> file { '/etc/example.json':
>   content => to_json_pretty({
> section1 => {
>   para1 => somevalue,
>   para2 => somevalue,
>   para3 => somevalue,
>   para4 => somevalue,
>   para5 => [
> {
>   para5a.1 => somevalue,
>   para5a.2 => somevalue,
>   para5a.3 => somevalue,
> },
> {
>   para5b.1 => somevalue,
>   para5b.2 => somevalue,
> },
>   ],
>   }, true),
> }
> 
> Machine 2
> Machine 1
> file { '/etc/example.json':
>   content => to_json_pretty({
> section1 => {
>   para1 => somevalue,
>   para2 => somevalue,
>   para3 => somevalue,
>   para4 => somevalue,
>   para5 => [
> {
>   para5a.1 => somevalue,
>   para5a.2 => somevalue,
> }
>   ],
>   }, true),
> }
> 
> Regards
> David
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/1bcb3540-fcb1-43c6-9beb-7771795603e4n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/B99E4D74-87A2-4DDE-BA54-FF11291C13B5%40gmail.com.

Re: [Puppet Users] Help with Bolt Puppet DSL example

2021-11-18 Thread Martin Alfke 
Hi Sandra,

Bolt has two options: tasks and plans.
Tasks consist of a Script (Shell, Powershell, Python, Ruby) and a .json file.
Plans are written in Puppet DSL.

Main difference:
Tasks run workflow actions like stop a service, do something and restart the 
service.
Plans are used to control tasks over a number of nodes.

In you case I would head to a task.
When using pdf, you can run pdf new task within a module.

You can then use bolt to execute a task:

bolt task run  —nodes 

The task istself:
#modules/demo/tasks/test.sh
#!/bin/bash
touch 
sudo touch 

Hth,
Martin

> On 17. Nov 2021, at 21:42, Sandra Schlichting  
> wrote:
> 
> 
> Dear all =)
> 
> I would like to learn Bolt with Puppet DSL, so I was wondering if someone 
> could get me started with an example that:
> 
> * logs into a Linux host
> * touch new_file_as_user
> * sudo
> * touch file_as_root
> 
> That would be very much appreciated =)
> 
> Hugs,
> Sandra =)
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/4b32d706-6be7-4adf-8703-e7f5174720a7n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/371F3364-CFFC-452C-80EB-1E78E6534193%40gmail.com.

Re: [Puppet Users] how do puppet agent service record and determine next request timepoint?

2021-10-15 Thread Martin Alfke 
Hi,

Running puppet agent as a daemon is not recommended in large environments with 
many nodes.
We usually recommend running puppet agent from cron instead.

Reason:

When running puppet agent as daemon:
T0 - Puppet agent start
T0+x - Puppet agent finishes. Now waits for runinterval time (default 30 min). 
Runtime for puppet agent can differ from run to run

When running from cron, we recommend to use the fqdn_rand function to create a 
random number based on the fqdn. Number will be identical for identical fqdn.
This allows us to spread puppet agent runs in the platform.

In very large environment (more than 4000 nodes) we recommend to add Puppet 
compilers behind a load balancer.
The CA will still run on the primary server, but load is spread amongst more 
systems (catalog compilation).

Hth,
Martin


> On 14. Oct 2021, at 04:13, 羽色云烟  wrote:
> 
> Background:
> Our a puppet server manages lots of agent nodes, it often failed to response 
> in time due to too many requests squeeze in some part of period. We have set 
> 'splay=true' but it seem to do no help. We hope to more pricisely control 
> each node's agent request timepoint, that is, to make them evenly distribute 
> across the run-interval period. But 'systemctl restart puppet.service' does 
> not always trigger the puppet agent request immediately.
> 
> So the question are:
> 1. how do background puppet agent service determine its next request 
> timepoint?
> 2. suppose 'runinterval=1h', with splay feature disabled, will all the future 
> request time point be fixed exactly at x+1h, x+2h, x+3h, etc... ?
> 3. at puppet server node, is there any way to list which agent nodes are 
> currently connecting or occupying server's instance, and which nodes are in 
> queue?
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/59fd2837-9347-4b21-a2d5-79d9af274bb0n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/A7BCFE48-879C-482B-8563-7DD6719B0562%40gmail.com.

Re: [Puppet Users] Hiera driving me round the bend

2021-10-14 Thread Martin Alfke 
Hi David,

You seem to mix up hiera and facts.

Your node has facts:
---
  derivedsite: 'cp1'
  hostdb:
role: 'development'
businessowner: ‘Infrastructure'
  attributes:
- 'DNS-Slave'
- 'Oracle'
  applicationlist:
- ‘test'

Now hiera jumps in (hiera.yaml file) and uses the facts to identify which 
hierarchies to use, when receiving queries for hiera keys.

Within hiera you can specify the way how hiera should look for keys 
(lookup_options).
These have nothing to do with facts!

Lets assume you hiera.yaml file and the following hiera content:

# common.yaml
---
lookup_options:
  ‘profile::attributes::name’:
merge: unique

# attributes/DNS-Slave.yaml
---
profile::attributes::name: ‘DNS-Slave’

# attributes/Oracle.yaml
---
profile::attributes::name: ‘Oracle'


Within your Puppet code:
class profile::attributes (
  $name,
){
  notify { ‘attrlist’:
message => $name,
  }
}

This will return all of the existing profile::attributes::name Hier keys 
available for a node in all hierarchies.
Using the above mentioned code and data this will return:

[‘DNS-Slave’, ‘Oracle’]

Hth,
Martin


> On 10. Oct 2021, at 21:48, David Murphy  wrote:
> 
> Hi Guys, 
> 
> You have to forgive this but it’s driving me nuts. 
> 
> I thought I understood the way that Hiera worked and trying to get it to work 
> in the way I expect has had me seriously doubting myself. 
> 
> My hiera.yaml looks like this 
> 
> ---
> 
> # Hiera 5 Global configuration file
> 
>   version: 5
> 
>   defaults:
> 
> datadir: /etc/puppetlabs/code/environments/production/hieradata
> 
> data_hash: yaml_data
> 
>   hierarchy:
> 
> - name: "Host Specifics"
> 
>   path: "hosts/%{facts.hostname}.yaml"
> 
> - name: "Attribute Specifics"
> 
>   mapped_paths: [ attributes, att, "attributes/%{att}.yaml" ]
> 
> - name: "Application List Specifics"
> 
>   mapped_paths: [ applicationlist, app, "application/%{app}.yaml" ]
> 
> - name: "Business Owner Specifics"
> 
>   path: "businessowner/%{facts.businessowner}.yaml"
> 
> - name: "Environment Specifics"
> 
>   path: "environment/%{facts.role}.yaml"
> 
> - name: "OS Specific"
> 
>   path: "os/%{facts.os.family}%{facts.os.release.major}.yaml"
> 
> - name: "Kernel Specific"
> 
>   path: "kernel/%{facts.kernel}.yaml"
> 
> - name: "Hardware Specific"
> 
>   path: "hardware/%{facts.productname}.yaml"
> 
> - name: "Site Specific"
> 
>   path: "site/%{facts.deriversite}.yaml"
> 
> - name: "Common Data"
> 
>   path: “common.yaml"
> 
> 
> 
> On the agent I’m setting up some local facts that I need to control what 
> comes back in the catalog.
> 
> 
> 
> ---
> 
>   derivedsite: 'cp1'
> 
>   hostdb:
> 
> role: 'development'
> 
> businessowner: ‘Infrastructure'
> 
>   attributes:
> 
> - 'DNS-Slave'
> 
> - 'Oracle'
> 
>   applicationlist:
> 
> - ‘test'
> 
> 
> 
> The way I’m trying to debug this is via a parameter called sourcefact that is 
> in all off the Hiera yaml files and is merged to show me which files are 
> being used.
> 
> 
> 
> Local facts look like this 
> 
> 
> 
> ---
> 
> # Yaml file for Hiera - Common
> 
>   lookup_options:
> 
> sourcefact:
> 
>   merge: unique
> 
> profile::packages::os:
> 
>   merge: unique
> 
> "^profile::(.*)$":
> 
>   merge: deep 
> 
>   sourcefact: ‘Common'
> 
> 
> 
> 
> 
> When I run the puppet agent -t one of the lines looks like 
> 
> 
> 
> Notice: Let's see what the Source variable says [DNS Slave, test, Linux, 
> Common]
> 
> 
> 
> Trouble is I can’t seem to get it to be consistent. The only facts I can seem 
> to get the master to see are the attributes and applicationlist ones and they 
> are both arrays end even then it only picks up the first element.
> 
> 
> 
> For this agent I would expect to see 
> 
> 
> 
> Notice: Let's see what the Source variable says [Oracle ,DNS Slave, test, 
> Linux, cp1, Common]
> 
> I’m assuming I am doing something fundamentally wrong here - HELP 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/3b96dd74-90c3-4cc4-8dff-55245deea3d3n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9C80ADFD-A125-4BB0-A550-24657ED0ED32%40gmail.com.

Re: [Puppet Users] Puppet7 and Ansible = conflict

2021-08-27 Thread Martin Alfke 
Hi Arpin,

Sounds like an utf-8 problem:

`to_json': source sequence is illegal/malformed utf-8

Please run the facter -j command on the windows system and check that it 
returns the values.
Check which locale is configured when running ansible on the windows system.

Hth,
Martin


> On 27. Aug 2021, at 03:31, Arpin Dominique (Nter) 
>  wrote:
> 
> Hi,
>  
> I just wondering if anybody it using Ansible 2.9 and Puppet agent 7.10 
> together?
>  
> I got this error after I upgrade Puppet 6.24.0 to 7.10:
>  
> I use the module setup in Ansible to retrieves the facts for Ansible.
>  
> {
> "exception": "C:/Program Files/Puppet 
> Labs/Puppet/puppet/lib/ruby/2.7.0/json/common.rb:286:in `to_json': source 
> sequence is illegal/malformed utf-8 (JSON::GeneratorError)\r\nAu caractère 
> Ligne:243 : 9\r\n+  -j | Tee-Object  -Variable facter_output > 
> $null\r\n+ ~~\r\n+ CategoryInfo  : NotSpecified: 
> (C:/Program File...GeneratorError):String) [], RemoteException\r\n+ 
> FullyQualifiedErrorId : NativeCommandError\r\n\r\nScriptStackTrace:\r\nà 
> ,  : ligne 243\r\n",
> "msg": "Unhandled exception while executing module: C:/Program 
> Files/Puppet Labs/Puppet/puppet/lib/ruby/2.7.0/json/common.rb:286:in 
> `to_json': source sequence is illegal/malformed utf-8 (JSON::GeneratorError)",
> "_ansible_verbose_override": true,
> "_ansible_no_log": false,
> "changed": false
> }
>  
> Regards,
>  
> DOMINIQUE ARPIN
> ADMINISTRATEUR INFRASTRUCTURE ET STOCKAGE
> INFRASTRUCTURE ET EXPLOITATION - SUPPORT
> 
>  
>  
> TECHNOLOGIES NTER
> 500, RUE SHERBROOKE OUEST, 5E ÉTAGE, MONTRÉAL (QUÉBEC) CANADA, H3A 3G6 
> TÉL. : 514.285.2929 POSTE 140-4156
> 
> 
>  
> 
> 
> 
> 
> Mise en garde concernant la confidentialité : Le présent message, comprenant 
> tout fichier qui y est joint, est envoyé à l'intention exclusive de son 
> destinataire; il est de nature confidentielle et peut constituer une 
> information protégée par le secret professionnel. Si vous n'êtes pas le 
> destinataire, nous vous avisons que toute impression, copie, distribution ou 
> autre utilisation de ce message est strictement interdite. Si vous avez reçu 
> ce courriel par erreur, veuillez en aviser immédiatement l'expéditeur par 
> retour de courriel et supprimer le courriel. Merci! 
> 
> Confidentiality Warning: This message, including any attachment, is sent only 
> for the use of the intended recipient; it is confidential and may constitute 
> privileged information. If you are not the intended recipient, you are hereby 
> notified that any printing, copying, distribution or other use of this 
> message is strictly prohibited. If you have received this email in error, 
> please notify the sender immediately by return email, and delete it. Thank 
> you! 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/YQBPR0101MB12195954FA8F579FC2F066ACD0C89%40YQBPR0101MB1219.CANPRD01.PROD.OUTLOOK.COM
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/A6BD2D14-B581-4427-B9DF-4E19BAF5335E%40gmail.com.

Re: [Puppet Users] Getting the location of the manifest file

2021-08-16 Thread Martin Alfke 
Hi Go,

what do you want to achieve?
When using puppet apply, a manifest can be anywhere on the filesystem.

Best,
Martin


> On 16. Aug 2021, at 03:18, Go Iwai  wrote:
> 
> Hello,
> 
> I want to know the location where puppet-apply locally applied the
> manifest file.
> 
> $ pwd
> /path/to/manifests
> $ puppet apply file.pp
> 
> In this case above, can I anyhow get the location of
> /path/to/manifests/file.pp within file.pp?
> 
> Kind regards,
> Go
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAAyfkv-2dC--QR_1tz1ux%2BrgYaVsqjseB4oTEZ-EnkZPNXnn1w%40mail.gmail.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2E04526A-7F74-4F84-99E4-4C1D675FC67C%40gmail.com.

Re: [Puppet Users] Azure Ruby gems are not loading.

2021-07-16 Thread Martin Alfke 
Hi Raghu,

where do you use the require?
Within a Puppet function or within a Puppet provider?

Functions are running on the Puppet Server, whereas providers are executed on 
the agent.
If you do the require in a Puppet provider, the gem must be installed on the 
puppet agent (/opt/puppetlabs/puppet/bin/gem install).

hth,
Martin


> On 16. Jul 2021, at 09:13, Raghu Ram Baisani  
> wrote:
> 
> Hi Team
> 
> I have installed the gem azure-storage-blob on puppet master using below 
> command.
> 
> sudo puppetserver gem install azure-storage-blob
> 
> When I execute puppetserver gem list command, that particular gem is 
> available in the list.
> 
> 
> I have restarted the puppet master couple of times post gem installation.
> when I say
> require 'azure/storage/blob'
> The files associated with the gem are not loading and getting below error.
> 
> `require': cannot load such file -- azure/storage/blob 
> 
> Can you please help me with steps to resolve the issue?
> 
> Thanks
> Raghuram Baisani
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e2d45c24-43c1-4531-ab4f-7b45a80ef14cn%40googlegroups.com.
> 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/D801D1D9-1D08-4F36-8137-CD624FD4895F%40gmail.com.

Re: [Puppet Users] Override default schedule for all resources

2021-07-07 Thread Martin Alfke 
Hi Christian,

instead of running puppet as daemon, you can run puppet via cron and omit the 
times where you do maintenance on the puppet server.
Besides this: running puppet via cron will allow you to spread the agent 
connections and compiler work in a far more efficient way, reducing temporary 
load on the server.

hth,
Martin


> On 5. Jul 2021, at 11:28, 'Christian Masopust' via Puppet Users 
>  wrote:
> 
> Hi puppet users,
>  
> we have a daily planned maintenance at 5am on our puppet server which means 
> that during that time
> it’s not available for our agents.
>  
> I’d like to avoid that the agents are trying to connect to the puppetserver 
> during that time.
>  
> My first idea was to use schedules, but that would mean to define the 
> schedule for each and every resource,
> which definitly would be painful J
>  
> So the next idea was to override the default schedule „puppet“.   Does anyone 
> of you know if that’s possible?
> 
> Or do you have other/better ideas how I could handle this?
>  
> Thanks,
> Christian
>  
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/002301d77180%242f22c780%248d685680%24%40chello.at.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/77936753-371D-4273-B9B3-A943B9093263%40gmail.com.

Re: [Puppet Users] Determining puppet env from client

2021-06-22 Thread Martin Alfke 
Hi Dave,

Environment is a server-side fact 
(https://puppet.com/docs/puppet/7/lang_facts_builtin_variables.html#lang_facts_builtin_variables-server-facts
 
<https://puppet.com/docs/puppet/7/lang_facts_builtin_variables.html#lang_facts_builtin_variables-server-facts>)

It is not shown on the agent.
But I always thought that server side facts are shown in PE on the Node facts.
But I might be wrong.

Best,
Martin


> On 22. Jun 2021, at 14:45, daveford...@gmail.com  
> wrote:
> 
> Hi Maritn, thanks for answering. 
> 
> Yes, that's the sort of thing I was expecting to see But, I have no such 
> fact listed.  
> 
> I wondered if this was a consequence of having an old copy of puppet agent 
> installed - the box I'm testing on is running 3.5 - but the lists of 'core 
> facts'; on puppet's website don't list an 'environment' fact, and I can't 
> find any fact in the PE console's fact dialog box.  Have I misunderstood your 
> comment?
> 
> Thanks
> 
> On Tuesday, 22 June 2021 at 13:31:14 UTC+1 Martin Alfke wrote:
> Hi Dave,
> 
> On PE Console, select a Node to view Node facts and check the environment 
> Variable.
> This variable is set on Master side, not agent side.
> Check that the environment variable matches to the PE selected node 
> environment.
> You should then be able to filter using the environment “Fact”.
> 
> Best,
> Martin
> 
> 
> 
>> On 22. Jun 2021, at 13:58, daveford...@gmail.com <http://gmail.com/> 
>> > > wrote:
>> 
> 
>> Hi - I've just starting working with a complex puppet environment that's 
>> running with dozens of different environments.  
>> 
>> The PE console doesn't really seem to give me a way to filter views of 
>> machines by anything other than facts.  So I'm wondering if there's a fact I 
>> can use to determine which environment a puppet agent is running in? I can't 
>> see anything out ofthe box from facter, and also can't seem to get anything 
>> useful from puppet config cmd.  Our environment is being fed from the ENC in 
>> PE, rather than the local puppet.conf file, so examing that is no use.   The 
>> only place I can seem to see any references ot the env. is in the 
>> last_run_report in the cache - is that the best place to find this info? 
>> 
>> Thanks
>> Dave
>> 
> 
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/f41e941a-0212-4cdb-adef-d6fc56494141n%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/puppet-users/f41e941a-0212-4cdb-adef-d6fc56494141n%40googlegroups.com?utm_medium=email_source=footer>.
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/87891db5-2feb-448f-9a1d-ed215496cde1n%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/87891db5-2feb-448f-9a1d-ed215496cde1n%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2F4280B4-9271-40A9-9E79-43C6DEE00776%40gmail.com.

Re: [Puppet Users] Determining puppet env from client

2021-06-22 Thread Martin Alfke 
Hi Dave,

On PE Console, select a Node to view Node facts and check the environment 
Variable.
This variable is set on Master side, not agent side.
Check that the environment variable matches to the PE selected node environment.
You should then be able to filter using the environment “Fact”.

Best,
Martin


> On 22. Jun 2021, at 13:58, daveford...@gmail.com  
> wrote:
> 
> Hi - I've just starting working with a complex puppet environment that's 
> running with dozens of different environments.  
> 
> The PE console doesn't really seem to give me a way to filter views of 
> machines by anything other than facts.  So I'm wondering if there's a fact I 
> can use to determine which environment a puppet agent is running in? I can't 
> see anything out ofthe box from facter, and also can't seem to get anything 
> useful from puppet config cmd.  Our environment is being fed from the ENC in 
> PE, rather than the local puppet.conf file, so examing that is no use.   The 
> only place I can seem to see any references ot the env. is in the 
> last_run_report in the cache - is that the best place to find this info? 
> 
> Thanks
> Dave
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/f41e941a-0212-4cdb-adef-d6fc56494141n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5558C3E8-9625-4083-9415-8C5E6ADB2431%40gmail.com.

Re: [Puppet Users] Hiera lookup in hiera lookup

2021-05-18 Thread Martin Alfke 
Hi Erwin,

Nested lookups are possible.

We did a blog post on this topic:
https://blog.example42.com/2020/01/21/hiera-nested-lookups/ 


Just be sure:

A nested lookup (like in your example) always returns a string.
If you need arrays or hashes within a nested lookup you must use the alias 
function.

hth,
Martin

> On 18. May 2021, at 10:23, Erwin Bogaard  wrote:
> 
> Hi,
> 
> I've been looking for this for a ling time, but can't find a definitive 
> answer to my question: is it possible to use a lookup in a lookup?
> 
> For example:
> aaa::bbb: 
> "mvn:com.xxx.bus/xxx-features/%{lookup('xxx::apps::env_hash.%{lookup('xxx::apps::env')}.yyy.version')}/xml/features"
> 
> Should lead to the following string:
> "mvn:com.xxx.bus/xxx-features/2.0.4/xml/features"
> 
> If "xxx::apps::env" has the value 'test'.
> And "xxx::apps::env_hash.test.yyy.version" has the value '2.0.4'.
> 
> The idea is that I would like one variable, "xxx::apps::env", make it 
> possible to switch in a hash from the 'test'-branch to the 'prod'-branch, for 
> example. Where each branch in that hash contains certain specified different 
> versions and/or other variables.
> 
> Thanks!
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/5068271c-bac1-4beb-b097-91803dbf3e2en%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/BFCDA3D6-80FA-4BFA-8E94-475F62A3A362%40gmail.com.

Re: [Puppet Users] Using the puppet gem on an unsupported platform

2021-03-19 Thread Martin Alfke 
Hi Mark,

Have you installed the puppet mount core module only on the agent or also on 
the master?
Usually you install modules only on the master and all resource types get 
synced to all agents.

You need the module on the agent if you want to run puppet apply only.

Hth,
Martin


> On 18. Mar 2021, at 17:47, Mark Dixon  wrote:
> 
> Thanks for that, it's showing just how weird things are getting!
> 
> puppet 7.4.1, puppetserver 7.0.3. I have this fragment in the default node 
> definition in my site.pp on the server:
> ```
>notify { "here!": }
>mount { "/tmp/foo":
>   ensure => defined,
>   device => "/dev/shm",
>   fstype => "tmpfs",
>}
> ```
> 
> Just installing the puppet gem on the client, I see a short list of resource 
> types without mount:
> ```
> # puppet describe -l
> These are the types known to puppet:
> exec- Executes external commands
> file- Manages files, including their content, owner ...
> filebucket  - A repository for storing and retrieving file  ...
> group   - Manage groups
> notify  - Sends an arbitrary message, specified as a st ...
> package - Manage packages
> resources   - This is a metatype that can manage other reso ...
> schedule- Define schedules for Puppet
> service - Manage running services
> stage   - A resource type for creating new run stages
> tidy- Remove unwanted files based on specific crite ...
> user- Manage users
> whit- Whits are internal artifacts of Puppet's curr ...
> ```
> 
> Applying the catalog doesn't do anything useful (expected), but doesn't 
> trigger an error either (unexpected).
> 
> The mount resource shows up after installing mount_core on the client, but 
> applying the catalog still doesn't do anything useful:
> ```
> # puppet module install puppetlabs-mount_core
> Notice: Preparing to install into /etc/puppetlabs/code/modules ...
> Notice: Downloading from https://forgeapi.puppet.com ...
> Notice: Installing -- do not interrupt ...
> /etc/puppetlabs/code/modules
> └── puppetlabs-mount_core (v1.0.4)
> # puppet describe -l | grep mount
> mount   - Manages mounted filesystems, including puttin ...
> # puppet agent --no-daemonize --onetime --detailed-exitcodes --verbose
> Info: Using configured environment 'production'
> Info: Retrieving pluginfacts
> Info: Retrieving plugin
> Info: Caching catalog for foobar.local
> Info: Applying configuration version '1616085285'
> Notice: here!
> Notice: /Stage[main]/Main/Node[default]/Notify[here!]/message: defined 
> 'message' as 'here!'
> Notice: Applied catalog in 1.19 seconds
> # grep foo /etc/fstab
> #
> ```
> 
> Whereas copying the fragment into a foo.pp file on the client and applying it 
> locally *does* do something useful:
> ```
> # puppet apply foo.pp
> Notice: Compiled catalog for foobar.local in environment production in 0.06 
> seconds
> Notice: here!
> Notice: /Stage[main]/Main/Notify[here!]/message: defined 'message' as 'here!'
> Notice: /Stage[main]/Main/Mount[/tmp/foo]/ensure: defined 'ensure' as 
> 'defined'
> Notice: /Stage[main]/Main/Mount[/tmp/foo]: Triggered 'refresh' from 1 event
> Notice: Applied catalog in 0.11 seconds
> # grep foo /etc/fstab
> /dev/shm/tmp/footmpfs   defaults0   0
> ```
> 
> I note that the catalog adds the mount as expected if puppet is installed via 
> an rpm from the puppetlabs site.
> 
> Anyone know why this is working in `puppet apply` but not `puppet agent` when 
> installed via a gem, please?
> 
> Thanks,
> 
> Mark
> On Friday, March 12, 2021 at 7:52:43 AM UTC Martin Alfke wrote:
> Hi Mark,
> 
> You can check if a type is available by running puppet describe -l
> This will print out all available puppet custom types.
> 
> Best,
> Martin
> 
> 
> 
>> On 11. Mar 2021, at 18:11, Mark Dixon > > wrote:
>> 
> 
>> Hi Martin,
>> 
>> Thanks - but that doesn't seem to be the problem, as it's already in the 
>> modulepath. Just noticed something odd, will prod a bit more (unfortunately 
>> next week now).
>> 
>> Best,
>> 
>> Mark
>> 
>> On Thursday, March 11, 2021 at 7:04:06 AM UTC Martin Alfke wrote:
>> Hi Mark,
>> 
>> please check module path using 'puppet config print modulepath' and install 
>> the required core modules into one of the mentioned folders:
>> puppet module install puppetlabs-mount_core --target-dir 
>> 
>> This should make the mount resource type available.
>> 
>> Best,
>> Martin
>> 
&g

Re: [Puppet Users] Using the puppet gem on an unsupported platform

2021-03-11 Thread Martin Alfke 
Hi Mark,

You can check if a type is available by running puppet describe -l
This will print out all available puppet custom types.

Best,
Martin


> On 11. Mar 2021, at 18:11, Mark Dixon  wrote:
> 
> Hi Martin,
> 
> Thanks - but that doesn't seem to be the problem, as it's already in the 
> modulepath. Just noticed something odd, will prod a bit more (unfortunately 
> next week now).
> 
> Best,
> 
> Mark
> 
> On Thursday, March 11, 2021 at 7:04:06 AM UTC Martin Alfke wrote:
> Hi Mark,
> 
> please check module path using 'puppet config print modulepath' and install 
> the required core modules into one of the mentioned folders:
> puppet module install puppetlabs-mount_core --target-dir 
> 
> This should make the mount resource type available.
> 
> Best,
> Martin
> 
> 
>> On 10. Mar 2021, at 16:22, Mark Dixon > > wrote:
>> 
> 
>> 
>> Hi there,
>> 
>> Following on from the conversation about the availability of a puppet agent 
>> RPM on el8 for the ppc64le architecture, I'm trying to use agent in the 
>> version of puppet made available as a ruby gem.
>> 
>> It largely works just by doing this, giving me puppet 7.4.1:
>> 
>>   yum install ruby
>>   gem install puppet
>> 
>> However, its "mount" resource provider doesn't appear to do anything. I 
>> tried reproducing this on el8 /x86_64: "mount" resources worked under the 
>> puppet agent rpm, but not under the puppet agent from the gem.
>> 
>> Is this related to the movement of "mount" into the "mount_core" module? 
>> There isn't an obvious extra gem to install, and I tried a "puppet module 
>> install puppetlabs-mount_core" on the client (but suspect that's only a 
>> useful command on the server!)
>> 
>> Any ideas on how to get the mount resource working for the puppet gem, 
>> please?
>> 
>> Thanks,
>> 
>> Mark
>> 
> 
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Puppet Users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to puppet-users...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/puppet-users/362ba8fc-9dc3-4929-a500-70123de399ecn%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/puppet-users/362ba8fc-9dc3-4929-a500-70123de399ecn%40googlegroups.com?utm_medium=email_source=footer>.
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/df95f59d-4d01-4695-8df7-bc7de943ad34n%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/df95f59d-4d01-4695-8df7-bc7de943ad34n%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/3EE377C8-861A-4FE6-815F-9C471E6A3303%40gmail.com.

Re: [Puppet Users] Using the puppet gem on an unsupported platform

2021-03-10 Thread Martin Alfke 
Hi Mark,

please check module path using 'puppet config print modulepath' and install the 
required core modules into one of the mentioned folders:
puppet module install puppetlabs-mount_core --target-dir 

This should make the mount resource type available.

Best,
Martin

> On 10. Mar 2021, at 16:22, Mark Dixon  wrote:
> 
> 
> Hi there,
> 
> Following on from the conversation about the availability of a puppet agent 
> RPM on el8 for the ppc64le architecture, I'm trying to use agent in the 
> version of puppet made available as a ruby gem.
> 
> It largely works just by doing this, giving me puppet 7.4.1:
> 
>   yum install ruby
>   gem install puppet
> 
> However, its "mount" resource provider doesn't appear to do anything. I tried 
> reproducing this on el8 /x86_64: "mount" resources worked under the puppet 
> agent rpm, but not under the puppet agent from the gem.
> 
> Is this related to the movement of "mount" into the "mount_core" module? 
> There isn't an obvious extra gem to install, and I tried a "puppet module 
> install puppetlabs-mount_core" on the client (but suspect that's only a 
> useful command on the server!)
> 
> Any ideas on how to get the mount resource working for the puppet gem, please?
> 
> Thanks,
> 
> Mark
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/362ba8fc-9dc3-4929-a500-70123de399ecn%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/C82644BE-6459-4484-A8B2-ECAB7B71CA6B%40gmail.com.

Re: [Puppet Users] How to stub a custom puppet function in every spec test?

2021-03-09 Thread Martin Alfke 
Hi Nick,

This is working as expected.
Many thanks for the fix.

Martin


> On 8. Mar 2021, at 19:25, Nick Bertrand  wrote:
> 
> Hi Martin,
> 
> Using rspec-puppet's pre_condition seems to work for me:
> 
> RSpec.shared_context "read_url stub" do
>   let (:pre_condition) do
>   '
> function profile::read_url(String $arg) >> String {
>   return "ssh-rsa Azuozgouzvouzvf== u...@domain.tld"
> }
>   '
>   end
> end
> 
> RSpec.configure do |c|
>   c.include_context "read_url stub"
> end
> 
> HTH,
> 
> Nick
> 
> On Fri, Mar 5, 2021 at 7:04 AM Martin Alfke  <mailto:tux...@gmail.com>> wrote:
> Hi,
> 
> we use a custom function (extlib::read_url) which we want to stub for every 
> profile and role class unit test.
> 
> We tried using before within Spec.configure:
> 
> RSpec.configure do |c|
>   c.before :each do
> Puppet::Functions.create_function(:'profile::read_url') do
>   dispatch :read_url do
> param 'Stdlib::HTTPUrl', :url
> return_type 'String'
>   end
>   def read_url(url)
> 'ssh-rsa Azuozgouzvouzvf== u...@domain.tld'
>   end
> end
>   end
> end
> 
> When stubbing the function in spec_helper_local.rb file, we must add the 
> dispatch and the def.
> 
> But the test still use the original function.
> 
> I also tried “overloading” the function in a spec/fixtures/override_modules 
> directory.
> Unit tests still take the original function.
> 
> Even adding shared_context is not working.
> 
> Has anyone an idea, on how to solve this.
> I don’t want to add the function stub (which works flawlessly) into every 
> class unit test.
> 
> This is a working example where we stub inside the class unit test:
> require 'spec_helper'
> 
> describe 'profile::base::user_accounts' do
>   on_supported_os.each do |os, os_facts|
> context "on #{os}" do
>   let(:facts) { os_facts }
>   Puppet::Functions.create_function(:'profile::read_url') do
> return 'ssh-rsa Azuozgouzvouzvf== u...@domain.tld'
>   end
> 
>   it { is_expected.to <http://is_expected.to/> compile }
> end
>   end
> end
> 
> Best,
> Martin
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users%2bunsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/422A162D-B1C9-48B1-902C-8E70F1D945A5%40gmail.com
>  
> <https://groups.google.com/d/msgid/puppet-users/422A162D-B1C9-48B1-902C-8E70F1D945A5%40gmail.com>.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAP15v%2B9WC3ugudPH5mLitVygvdgpj9Zjm_ppJZnPfKTA_uKJBg%40mail.gmail.com
>  
> <https://groups.google.com/d/msgid/puppet-users/CAP15v%2B9WC3ugudPH5mLitVygvdgpj9Zjm_ppJZnPfKTA_uKJBg%40mail.gmail.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/9801F03D-A0D9-45B2-AD13-343CA7CA51DD%40gmail.com.

[Puppet Users] How to stub a custom puppet function in every spec test?

2021-03-05 Thread Martin Alfke 
Hi,

we use a custom function (extlib::read_url) which we want to stub for every 
profile and role class unit test.

We tried using before within Spec.configure:

RSpec.configure do |c|
  c.before :each do
Puppet::Functions.create_function(:'profile::read_url') do
  dispatch :read_url do
param 'Stdlib::HTTPUrl', :url
return_type 'String'
  end
  def read_url(url)
'ssh-rsa Azuozgouzvouzvf== u...@domain.tld'
  end
end
  end
end

When stubbing the function in spec_helper_local.rb file, we must add the 
dispatch and the def.

But the test still use the original function.

I also tried “overloading” the function in a spec/fixtures/override_modules 
directory.
Unit tests still take the original function.

Even adding shared_context is not working.

Has anyone an idea, on how to solve this.
I don’t want to add the function stub (which works flawlessly) into every class 
unit test.

This is a working example where we stub inside the class unit test:
require 'spec_helper'

describe 'profile::base::user_accounts' do
  on_supported_os.each do |os, os_facts|
context "on #{os}" do
  let(:facts) { os_facts }
  Puppet::Functions.create_function(:'profile::read_url') do
return 'ssh-rsa Azuozgouzvouzvf== u...@domain.tld'
  end

  it { is_expected.to compile }
end
  end
end

Best,
Martin

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/422A162D-B1C9-48B1-902C-8E70F1D945A5%40gmail.com.

Re: [Puppet Users] Hiera data repetition

2021-02-28 Thread Martin Alfke 
Hi Karsten,

> On 27. Feb 2021, at 18:18, Karsten Heymann  wrote:
> 
> Hi Martin,
> 
> regarding your "no lookup" policy, how do you handle for example deep merge 
> lookups. They cannot be used with automatic data binding, or am I wrong?
> 

we set the merge behavior using hiera data lookup_options.
https://blog.example42.com/2021/02/11/hiera-merge-behavior/ (at the end of the 
post you can see an example).
This allows you to not only set merge behaviour globally, but use the 
hierarchies to even set different lookup options.

e.g. you will deep merge the user hash from all hierarchies, except for one 
system:

# data/common.yaml
lookup_options:
  profile::base::usermgmt::users:
merge: 'deep'

# data/nodes/.yaml
lookup_options:
  profile::base::usermgmt::users:
merge: 'first'

Best,
Martin

> Regards
> Karsten
> 
> Am Sa., 27. Feb. 2021 um 13:06 Uhr schrieb Martin Alfke :
> Hi
> 
> > On 25. Feb 2021, at 11:59, Dmitry Nurislamov  wrote:
> > 
> > Hello. Sometimes it is desirable to define Hiera variables for usage in 
> > Hiera itself, i.e. variables that won't be looked up from Puppet manifests. 
> > We do this to avoid repetition. Here's an example of a variable used only 
> > in the file it is defined:
> > 
> > _internal_api_host: 'int.api.example.com'
> > profile::keepalived::vrrp_script:
> >   ping_internal_api:
> > script: "curl https://%{lookup('_internal_api_host')}/ping"
> > profile::nginx::servers:
> >   "%{alias('_internal_api_host')}":
> > ...
> > 
> > Sometimes we also define this kind of variables in one file but do lookups 
> > somewhere else:
> > 
> > hieradata/project/foo.yaml:
> > profile::base::network::interfaces:
> >   eth0:
> > method: 'static'
> > address: "%{lookup('_INTERNAL_IP')}/24"
> > 
> > hieradata/project/foo/foo1.yaml:
> > _INTERNAL_IP: '10.1.2.3'
> > 
> > For us this became an issue. There are no conventions, and therefore no 
> > consistency in our quite large hiera. Sometimes we can't even tell whether 
> > some variable is looked up from manifests or is "local" for Hiera. For 
> > example, the "_INTERNAL_IP" above is named 
> > "profile::base::network::intern_ip" in some projects.
> > 
> > The question is... Is this a normal practice? How do other folks handle 
> > these cases? I couldn't find any information regarding this. Thanks.
> 
> This is part of the way how you can implement hiera.
> We heavily use the same pattern to avoid duplicate data.
> Unluckily there is (yet?) no best practices written down.
> 
> Usually we have a pattern that we strictly follow:
> - Never set class parameters on module (technical component or library 
> module) level. Only set data on profile classes.
> - Only do automatic data binding, using profile class namespace on hiera 
> data, never do explizit lookups in profile classes.
>   - e.g.:profile::base::usermgmt::users: {}
> - nested lookups always use short key names, usually prefixed with company or 
> department or team short name
>   - e.g. company_ldap_pass
> 
> This pattern allows us to strictly separate data which are needed multiple 
> times in hiera.
> Using automatic data binding and the name convention on nested lookups, we 
> can easily identify if data is consumed by a class or needed hiera internally.
> 
> hth,
> Martin
> 
> 
> > 
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "Puppet Users" group.
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to puppet-users+unsubscr...@googlegroups.com.
> > To view this discussion on the web visit 
> > https://groups.google.com/d/msgid/puppet-users/282b3812-287a-4eb0-a838-591f2c3f925an%40googlegroups.com.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/77E8E860-ABA3-4B06-99C6-C294BB0EE750%40gmail.com.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CAL017hDOZ7zoJqT0pbAyXVq4665TPDbOJ5Y-ELwUgzbaSofpKg%40mail.gmail.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/849CA551-45AD-47D7-9CB4-369595DAD605%40gmail.com.

Re: [Puppet Users] Hiera data repetition

2021-02-27 Thread Martin Alfke 
Hi

> On 25. Feb 2021, at 11:59, Dmitry Nurislamov  wrote:
> 
> Hello. Sometimes it is desirable to define Hiera variables for usage in Hiera 
> itself, i.e. variables that won't be looked up from Puppet manifests. We do 
> this to avoid repetition. Here's an example of a variable used only in the 
> file it is defined:
> 
> _internal_api_host: 'int.api.example.com'
> profile::keepalived::vrrp_script:
>   ping_internal_api:
> script: "curl https://%{lookup('_internal_api_host')}/ping"
> profile::nginx::servers:
>   "%{alias('_internal_api_host')}":
> ...
> 
> Sometimes we also define this kind of variables in one file but do lookups 
> somewhere else:
> 
> hieradata/project/foo.yaml:
> profile::base::network::interfaces:
>   eth0:
> method: 'static'
> address: "%{lookup('_INTERNAL_IP')}/24"
> 
> hieradata/project/foo/foo1.yaml:
> _INTERNAL_IP: '10.1.2.3'
> 
> For us this became an issue. There are no conventions, and therefore no 
> consistency in our quite large hiera. Sometimes we can't even tell whether 
> some variable is looked up from manifests or is "local" for Hiera. For 
> example, the "_INTERNAL_IP" above is named 
> "profile::base::network::intern_ip" in some projects.
> 
> The question is... Is this a normal practice? How do other folks handle these 
> cases? I couldn't find any information regarding this. Thanks.

This is part of the way how you can implement hiera.
We heavily use the same pattern to avoid duplicate data.
Unluckily there is (yet?) no best practices written down.

Usually we have a pattern that we strictly follow:
- Never set class parameters on module (technical component or library module) 
level. Only set data on profile classes.
- Only do automatic data binding, using profile class namespace on hiera data, 
never do explizit lookups in profile classes.
  - e.g.:profile::base::usermgmt::users: {}
- nested lookups always use short key names, usually prefixed with company or 
department or team short name
  - e.g. company_ldap_pass

This pattern allows us to strictly separate data which are needed multiple 
times in hiera.
Using automatic data binding and the name convention on nested lookups, we can 
easily identify if data is consumed by a class or needed hiera internally.

hth,
Martin


> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/282b3812-287a-4eb0-a838-591f2c3f925an%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/77E8E860-ABA3-4B06-99C6-C294BB0EE750%40gmail.com.

Re: [Puppet Users] Regarding managing packages

2021-02-26 Thread Martin Alfke 
Hi,

You need a class with a parameter.

e.g.
class profile::packages (
  Array $pgk = {},
){
  $pkg.each |$package| {
package { $package:
  ensure => present,
  }
}

And in hiera:

profile::packages::pkg:
  - ‘htop’
  - ‘less’
  - ‘anyotherpackage’

Hth,
Martin


> On 26. Feb 2021, at 12:33, nand...@gmail.com  wrote:
> 
> Hi all ,
> 
> I want to manage software packages to get installed using hiera . 
> If any one has any idea or code example , please help me with that .
> 
> Regards,
> Nandha
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/8e788feb-76d0-4a30-866d-6587b8ef918fn%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2ED545BD-5322-4A2F-AA02-518B91C243AC%40gmail.com.

Re: [Puppet Users] No subname set in the "database" config

2021-02-13 Thread Martin Alfke 
Hi Spriya,

are you managing puppetdb with puppetdb module?
https://puppet.com/docs/puppetdb/latest/install_via_module.html

node  {
  # Configure puppetdb and its underlying database
  class { 'puppetdb': }
  # Configure the Puppet master to use puppetdb
  class { 'puppetdb::master::config': }
}

This should take care on proper config.
Also note, that there are two config files: one for puppet (to make Puppet 
aware of puppetdb) and one for puppetdb itself.
Config for Puppet is in /etc/puppetlabs/puppet/pupeptdb.conf
Config for PupeptDB is spread over multiple files in 
/etc/puppetlabs/puppetdb/conf.d directory.

Maybe you missed the config in the puppetdb conf.d directory.

hth,
Martin

> On 12. Feb 2021, at 18:28, Spriya  wrote:
> 
> Hi,
> 
> I am trying to setup new open source puppetmaster and database. And i am 
> seeing this error
> 
> Feb 12 17:1* puppetdb[59445]: No subname set in the "database" config.
> 
> And i have the configuration file in 
> 
> cat /etc/puppetlabs/puppet/puppetdb.conf
> [main]
> server_urls = https://:8081
> 
> [global]
> vardir = /var/lib/puppetdb
> logging-config = /var/lib/puppetdb/logback.xml
> 
> [database]
> subname = //localhost:5432/puppetdb
> 
> [puppetdb]
> certificate-allowlist = /etc/puppetlabs/puppetdb/ssl/ca.pem
> disable-update-checking = false
> 
> [jetty]
> port = 8080
> 
> 
> Please guide me
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/302ccd48-ea72-4c8b-9cf2-11242992af0dn%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/1AFF1561-A364-440E-B232-41041588CCD5%40gmail.com.

Re: [Puppet Users] create_resources

2021-02-07 Thread Martin Alfke 
Hi,

there are some minor not-best-practices in your code:

1. create_resource
I prefer using lambda over create_resources as these allows explizit resource 
declaration which are then bound to the class.
This gives you explizit ordering, which you must add if using create_resource.

2. explizit lookups
you are doing explizit lookups. I prefer parameters using automatic databinding

3. accessing facts
Using $::factname is not the most modern way. Migrate to using facts hash 
(facts is a protected variable).
e.g. $facts['collect']


Your new code could be the following:

class mymodule (
  Hash $external_http_domains,  # not providing a default means 
that you must deliver data.
  Optional[Hash] $internal_http_domains = undef,  # if you want to allow undef 
values, you can set the data type to optional.
  Hash $http_defaults,
){
  if $facts['collect'] == 'external' {
$external_http_domain.each |$key, $value| {
  nginx::resource::server { $key:
* => $value + $http_defaults,
  }
}
  } else {
$internal_http_domains.each |$key, $value| {
  nginx::resource::server { $key:
* => $value + $http_defaults,
  }
}
  }
}

hth,
Martin

> On 6. Feb 2021, at 14:34, Nerbolff  wrote:
> 
> hello there,
> 
> I would like to clean up my puppet recipes. 
> My init.pp. I have ~three_hundred entries as 'new resources'(see below). 
> here is how is setup today. I am wondering if we could do better. I am 
> working with puppet v5. 
> 
> ideas or suggestions? thank you very much.
> 
> 
> mymodule/manifests/init.pp
> class mymodule {
> 
> if ($::collect == 'external')  {
>   create_resources('nginx::resource::server', 
> lookup('mymodule::external_http_domains'), lookup('mymodule::http_defaults'))
>   ...
>   ...
>   ...
> } else {
>   create_resources('nginx::resource::server', 
> lookup('mymodule::internal_http_domains'), lookup('mymodule::http_defaults'))
>   ...
>   ...
>   ...
> }
> 
> 
> mymodule/data/external.yaml
> mymodule::http_defaults:
>   ensure: present
>   ssl: true
>   listen_port: 443
> ...
> ...
> ...
> mymodule::external_http_domains:
>   order1.internet.com:
> use_default_location: false
> ssl_cert: /etc/nginx/ssl/twe/order1.internet.com.pem
> ssl_key:  /etc/nginx/ssl/twe/order1.internet.com.key
> ...
> ...
> ...
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/1124d0d6-06b4-4ad5-9f06-a8a30fb9bbbfn%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/07F7BA4F-8EA5-44B4-A741-D03D6741DC6C%40gmail.com.

Re: [Puppet Users] init config once

2021-01-29 Thread Martin Alfke 
A custom fact is the best way to report the status of the file on the node to 
the master and have the file managed by Puppet based on the fact value.

Bolt needs ssh access to the systems (unless you are using Puppet Enterprise 
which does not need ssh but uses a message queue on the master and the 
pxp-agent on the nodes.).

Besides this: Bolt must be executed manually

> On 29. Jan 2021, at 06:03, Benjamin Ridley  wrote:
> 
> You might be better off using something like Puppet Bolt to deploy the file 
> as a one off task at provisioning, rather than trying to manage it 
> declaratively through Puppet. 
> 
> On Fri, 29 Jan 2021, 3:50 pm Steve McKuhr,  <mailto:steve.mck...@gmail.com>> wrote:
> In an effort to avoid errors triggered by validate_cmd, I ended up using  
> a conditional based on a File.exists custom fact. I'm still open to 
> suggestions, this is all new territory to me.
> 
> 
> On Thu, 2021-01-28 at 17:13 -0800, Steve McKuhr wrote:
> > I've just realized that my problem statement was slightly misleading. A 
> > 'users' file gets installed as part of the software package, and the  
> > goal is replacing its contents during the first Puppet run. The next 
> > Puppet runs should ignore any changes.
> > 
> > 
> > On Thu, 2021-01-28 at 20:07 +0100, Martin Alfke wrote:
> > > and please use ensure => file !
> > > this is more clear.
> > > you can set the file ensure attribute to one of the following: file, 
> > > directory, link, absent
> > > 
> > > 
> > > > On 28. Jan 2021, at 18:58, Ben Ford  > > > <mailto:ben.f...@puppet.com>> wrote:
> > > > 
> > > > Yep, just use the replace attribute on the file resource. 
> > > > https://puppet.com/docs/puppet/latest/types/file.html#file-attribute-replace
> > > >  
> > > > <https://puppet.com/docs/puppet/latest/types/file.html#file-attribute-replace>
> > > > 
> > > > On Thu, Jan 28, 2021 at 9:57 AM Steve McKuhr  > > > <mailto:steve.mck...@gmail.com>> wrote:
> > > > I'd like to initialize a user config file once, at software install 
> > > > time, then allow application admins to manage the file contents via web 
> > > > interface (add/remove users, etc.) - I have come up with the following:
> > > > 
> > > > file { 'users':
> > > >   ensure => present,
> > > >   content => template('my-template'),
> > > >   validate_cmd => '/bin/test ! -f users.control',
> > > > }
> > > > file { 'users.control':
> > > >   ensure => present,
> > > >   content => "puppet managed",
> > > >   require => File['users'],
> > > > }
> > > > 
> > > > The above code works ok, however I was wondering if there is a more 
> > > > elegant solution.
> > > > 
> > > > Thanks,
> > > > Steve
> > > > 
> > > > 
> > > > -- 
> > > > You received this message because you are subscribed to the Google 
> > > > Groups "Puppet Users" group.
> > > > To unsubscribe from this group and stop receiving emails from it, send 
> > > > an email to puppet-users+unsubscr...@googlegroups.com 
> > > > <mailto:puppet-users%2bunsubscr...@googlegroups.com>.
> > > > To view this discussion on the web visit 
> > > > https://groups.google.com/d/msgid/puppet-users/fb1ae2b4-f220-4d18-864b-aafbadb44b14n%40googlegroups.com
> > > >  
> > > > <https://groups.google.com/d/msgid/puppet-users/fb1ae2b4-f220-4d18-864b-aafbadb44b14n%40googlegroups.com>.
> > > > 
> > > > -- 
> > > > You received this message because you are subscribed to the Google 
> > > > Groups "Puppet Users" group.
> > > > To unsubscribe from this group and stop receiving emails from it, send 
> > > > an email to puppet-users+unsubscr...@googlegroups.com 
> > > > <mailto:puppet-users%2bunsubscr...@googlegroups.com>.
> > > > To view this discussion on the web visit 
> > > > https://groups.google.com/d/msgid/puppet-users/CACkW_L5oTmsHiwvmVEisKap7gkUt1P4Gmvh1-%3DBQqNtHHiWAcA%40mail.gmail.com
> > > >  
> > > > <https://groups.google.com/d/msgid/puppet-users/CACkW_L5oTmsHiwvmVEisKap7gkUt1P4Gmvh1-%3DBQqNtHHiWAcA%40mail.gmail.com>.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving

Re: [Puppet Users] init config once

2021-01-28 Thread Martin Alfke 
and please use ensure => file !
this is more clear.
you can set the file ensure attribute to one of the following: file, directory, 
link, absent


> On 28. Jan 2021, at 18:58, Ben Ford  wrote:
> 
> Yep, just use the replace attribute on the file resource. 
> https://puppet.com/docs/puppet/latest/types/file.html#file-attribute-replace
> 
> On Thu, Jan 28, 2021 at 9:57 AM Steve McKuhr  wrote:
> I'd like to initialize a user config file once, at software install time, 
> then allow application admins to manage the file contents via web interface 
> (add/remove users, etc.) - I have come up with the following:
> 
> file { 'users':
>   ensure => present,
>   content => template('my-template'),
>   validate_cmd => '/bin/test ! -f users.control',
> }
> file { 'users.control':
>   ensure => present,
>   content => "puppet managed",
>   require => File['users'],
> }
> 
> The above code works ok, however I was wondering if there is a more elegant 
> solution.
> 
> Thanks,
> Steve
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/fb1ae2b4-f220-4d18-864b-aafbadb44b14n%40googlegroups.com.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/CACkW_L5oTmsHiwvmVEisKap7gkUt1P4Gmvh1-%3DBQqNtHHiWAcA%40mail.gmail.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/ABD6964A-0353-4CA9-B528-B2C0D241BE37%40gmail.com.

Re: [Puppet Users] Windows exec resource cannot find command error

2020-12-09 Thread Martin Alfke 
Or even escape the whitespace:

exec { “c:/program\ files/telegraf/telegraf.exe --service install": 

> On 8. Dec 2020, at 23:25, Michael Watters  wrote:
> 
> Probably need to quote the executable due to spaces:
> 
> exec { '"c:/program files/telegraf/telegraf.exe" --service install': 
> 
> Looks like that worked.  Thanks for the help.
> On Tuesday, December 8, 2020 at 1:58:12 PM UTC-5 Josh Cooper wrote:
> On Tue, Dec 8, 2020 at 10:37 AM Michael Watters  > wrote:
> Here is the exact error message.
> 
> Info: /Stage[main]/Dart::Abstract::Windows_node/File[c:/program 
> files/telegraf/telegraf.conf]: Scheduling refresh of Exec[c:/program 
> files/telegraf/telegraf.exe --service install]
> Error: Could not find command 'c:/program'
> Error: /Stage[main]/Dart::Abstract::Windows_node/Exec[c:/program 
> files/telegraf/telegraf.exe --service install]/returns: change from 'notrun' 
> to ['0'] failed: Could not find command 'c:/program'
> 
> The manifest resource is defined as follows.
> 
> exec { 'c:/program files/telegraf/telegraf.exe --service install':
> cwd => 'c:/program files/telegraf',
> refreshonly => true,
>  }
> 
> On Tuesday, December 8, 2020 at 1:29:55 PM UTC-5 Michael Watters wrote:
> I tried that as well and it simply results in an error stating "Could not 
> find command: c:/program".
> 
> Probably need to quote the executable due to spaces:
> 
> exec { '"c:/program files/telegraf/telegraf.exe" --service install': 
> ...
> 
> 
> On Monday, December 7, 2020 at 2:06:53 PM UTC-5 Martin Alfke wrote:
> Have you tried using the full path to the executable? 
> 
> exec { 'c:/program files/telegraf/telegraf.exe --service install' : 
> ... 
> } 
> 
> > On 7. Dec 2020, at 18:17, Michael Watters > wrote: 
> > 
> > I have an exec resource in a manifest for our Windows nodes however the 
> > command is failing each time that puppet runs. Here is the definition of 
> > the resource and a screenshot of the error. 
> > 
> > ~> exec { 'telegraf.exe --service install': 
> > cwd => 'c:/program files/telegraf', 
> > refreshonly => false, 
> > } 
> > 
> > 
> > 
> > Is there a way to resolve this? I've tried changing the path parameters 
> > which doesn't make any difference. 
> > 
> > 
> > 
> > -- 
> > You received this message because you are subscribed to the Google Groups 
> > "Puppet Users" group. 
> > To unsubscribe from this group and stop receiving emails from it, send an 
> > email to puppet-users...@googlegroups.com <>. 
> > To view this discussion on the web visit 
> > https://groups.google.com/d/msgid/puppet-users/ca2819ca-1930-4842-8ed8-0820f19ea343n%40googlegroups.com
> >  
> > <https://groups.google.com/d/msgid/puppet-users/ca2819ca-1930-4842-8ed8-0820f19ea343n%40googlegroups.com>.
> >  
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/88f80e94-2efc-4ca7-bfb1-70abd422f44dn%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/88f80e94-2efc-4ca7-bfb1-70abd422f44dn%40googlegroups.com?utm_medium=email_source=footer>.
> 
> 
> -- 
> Josh Cooper | Software Engineer
> jo...@puppet.com 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/b54d0549-46f0-4c76-b264-8a2d0af98581n%40googlegroups.com
>  
> <https://groups.google.com/d/msgid/puppet-users/b54d0549-46f0-4c76-b264-8a2d0af98581n%40googlegroups.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/BA94B90A-AF47-4B02-B097-EDD2185C0CFA%40gmail.com.

Re: [Puppet Users] Windows exec resource cannot find command error

2020-12-07 Thread Martin Alfke 
Have you tried using the full path to the executable?

exec { 'c:/program files/telegraf/telegraf.exe --service install' :
  ...
}

> On 7. Dec 2020, at 18:17, Michael Watters  wrote:
> 
> I have an exec resource in a manifest for our Windows nodes however the 
> command is failing each time that puppet runs.  Here is the definition of the 
> resource and a screenshot of the error.
> 
> ~> exec { 'telegraf.exe --service install':
> cwd => 'c:/program files/telegraf',
> refreshonly => false,
> }
> 
> 
> 
> Is there a way to resolve this?  I've tried changing the path parameters 
> which doesn't make any difference.
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/ca2819ca-1930-4842-8ed8-0820f19ea343n%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2E0E0CBB-579C-4E64-85C5-28C260779823%40gmail.com.

Re: [Puppet Users] Looking up the value defined in the hiera.yaml

2020-11-30 Thread Martin Alfke 
Hi Go,

> On 24. Nov 2020, at 00:06, Go Iwai  wrote:
> 
> Hello Dirk,
> 
> Thank you for replying to the mail. However, your code doesn't work for the 
> resource of exec like below:
> 
> exec { '/path/to/decrypted-file':
>   command => 'eyaml decrypt --file=/path/to/encrypted-file > 
> /path/to/decrypted-file',
>   # ...snip
> }

You want to create a file based on eyaml encrypted content.
That means that you must ensure that eyaml is installed on any system which 
receives the exec resource.

A better solution is to use class parameters:

class xxx::zzz (
  String $content,
){
  file { '/path/to/decrypted-file':
ensure => file,
content => $content,
  }
}

And then have the encrypted file content in hiera:

xxx::zzz::content: >
ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAFMAACAQEw
DQYJKoZIhvcNAQEBBQAEggEAmporEXibvTRjR+81UCj7xHmSLk9bQw91jETE
PXcdlpvs6g4YqJUy+D8H0F2puVeVDFcpXBKSzv29NYzjZS7ZiJj/SezB+rRu
9Duk57tUW2Ly+ECuTwZCwkjKuDuY6XLQXayRGP39dxS+gCvJiNwxHN2i3XRG
m+S/vqkQVJITT6Etra8XWgsVdF0XqBDDcqRnF60xr7vk4sQq/RujFyV9+/hr
gw/qnKFfewdb27TkRCO9eHp00jEfTdHrg/GrhMkv/BfcodMuuqiSh/EfWPfG
8MPrPmSSAHktgKY81/lPHiz73OAaf7p7HSSclWpCUYUHiHGsi6gPLN9e3PoY
Br4TmjA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBBxlWjEC2Ij08R/N7Vo
63EagBB6T4EMZSB/2E6dW8NFQP7o]

hth,
Martin

> 
> This generates a notice like:
> 
> Notice: /Stage[main]/xxx::zzz/Exec[/path/to/decrypted-file]/returns: 
> [hiera-eyaml-core] No such file or directory @ rb_sysopen - 
> ./keys/private_key.pkcs7.pem
> 
> I can workaround this if I gave the directory, where keys are located, to an 
> attribbute of cwd like:
> 
> cwd => /etc/puppetlabs/code,
> # pkcs7_private_key: '/etc/puppetlabs/code/keys/private_key.pkcs7.pem'
> # pkcs7_public_key: '/etc/puppetlabs/code/keys/public_key.pkcs7.pem'
> 
> I gratefully thank for any further advises.
> 
> Kind regards,
> Go
> 
> 2020年11月24日火曜日 0:55:31 UTC+9 Dirk Heinrichs:
> Am Montag, den 23.11.2020, 15:23 +0900 schrieb Go Iwai:
> 
>> It looks more natural if I could rewrite this line above like below:
>> 
>> eyaml decrypt --file=encrypted-file
>> --pkcs7-public-key=%{pkcs7_public_key}
>> --pkcs7-private-key=%{pkcs7_private_key}
> 
> I don't think you need to specify these options at all if everything is 
> configured correctly. I have the following hiera.yaml in my Puppet 
> environments:
> 
> --- 
> version: 5 
> defaults: 
>  datadir: hiera 
>  lookup_key: eyaml_lookup_key 
> hierarchy: 
>  - name: Main 
>options: 
>  pkcs7_private_key: '/etc/puppetlabs/code/keys/private_key.pkcs7.pem' 
>  pkcs7_public_key: '/etc/puppetlabs/code/keys/public_key.pkcs7.pem' 
>paths:
>  - ...
>  - common.yaml
> 
> With this in place I can simply type "eyaml edit common.yaml" or "eyaml 
> encrypt -s 'something'", w/o specifying the keys every time.
> 
> HTH...
> 
> Dirk
> -- 
> Dirk Heinrichs
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> Phone: +49 2226 15966 18
> Email: dhei...@opentext.com
> Website: www.recommind.de
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, 
> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If you 
> are not the intended recipient (or have received this e-mail in error) please 
> notify the sender immediately and destroy this e-mail. Any unauthorized 
> copying, disclosure or distribution of the material in this e-mail is 
> strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte 
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail 
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und 
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte 
> Weitergabe dieser Mail sind nicht gestattet.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/8e51cbb0-02bd-4999-b89b-ea656c139018n%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/A4F93322-D105-4219-9436-9DDB152DC4B8%40gmail.com.

Re: [Puppet Users] Running plans from console

2020-11-06 Thread Martin Alfke 
Hi Vinay,

Difficult to help when we don’t see the code and where you have placed it.

Where have you placed your Puppet task?
Do you use a Git Puppet control-repo?
In which module, which directory, which file name have you added your code?

Running plans via PE Console requires that the plan is:
- deployed within a module to the puppet master
- is placed into the plans folder of the module

Hth,
Martin


> On 5. Nov 2020, at 13:55, Vinay Korrapati  wrote:
> 
> Hi Team,
> 
> currently i am using puppet PE: 2019.8.1 version.  
> 
> followed the article:
> https://puppet.com/docs/pe/2019.8/running_plans_from_the_console_.html 
>  
> 
> As per the puppet docs: we have to choose the plan which we want to run. But 
> none of my plans are visible in the section. 
> 
> Able to run the puppet plan (.pp file )from putty. 
> 
> Does it requires any additional steps ? if so please share.
> 
> 
> Regards
> Vinay
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/833bf3cc-189b-497e-9bbb-945ed06d6ddbn%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/B59CE4B3-A649-44C9-832E-6AFDAFFAA303%40gmail.com.

Re: [Puppet Users] Puppet Agent Gem Install

2020-10-23 Thread Martin Alfke 
Hi Tony,

yes, restarting puppetserver is required once you install a puppetserver gem.

Good to know that it is working.

Happy puppetizing,
Martin



> On 21. Oct 2020, at 18:44, Tony Wu  wrote:
> 
> Hi Martin,
> 
> Got it to work, it was indeed server side as you stated. Perhaps I just 
> forgot to restart it? I have no idea.
> 
> Much appreciated for your reply.
> 
> Take care,
> 
> Tony Wu
> 
>> On Oct 21, 2020, at 8:31 AM, Tony Wu > <mailto:tonyswu@gmail.com>> wrote:
>> 
>> I did that too, but that still didn’t work. Let me double check again.
>> 
>> Best,
>> 
>> Tony Wu
>> 
>>> On Oct 20, 2020, at 10:51 PM, Martin Alfke >> <mailto:tux...@gmail.com>> wrote:
>>> 
>>> Hi Tony,
>>> 
>>> puppet functions are executed on the puppet server.
>>> You need to install the gem within the puppet server
>>> 
>>> puppetserver gem install my gem
>>> 
>>> Hth,
>>> Martin
>>> 
>>> 
>>>> On 20. Oct 2020, at 21:37, Tony Wu >>> <mailto:tonyswu@gmail.com>> wrote:
>>>> 
>>>> Hi,
>>>> 
>>>> I have a agent side function that requires a gem, so I did:
>>>> 
>>>> /opt/puppetlabs/puppet/bin/gem install my_gem
>>>> 
>>>> If I do list, it shows the gem as being installed, but when invoking the 
>>>> function it can't find it. Any suggestion?
>>>> 
>>>> Thanks very much.
>>>> 
>>>> -- 
>>>> You received this message because you are subscribed to the Google Groups 
>>>> "Puppet Users" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>>> email to puppet-users+unsubscr...@googlegroups.com 
>>>> <mailto:puppet-users+unsubscr...@googlegroups.com>.
>>>> To view this discussion on the web visit 
>>>> https://groups.google.com/d/msgid/puppet-users/6b114e8d-8147-42d5-85a4-aa0ad381de25n%40googlegroups.com
>>>>  
>>>> <https://groups.google.com/d/msgid/puppet-users/6b114e8d-8147-42d5-85a4-aa0ad381de25n%40googlegroups.com?utm_medium=email_source=footer>.
>>> 
>>> 
>>> -- 
>>> You received this message because you are subscribed to the Google Groups 
>>> "Puppet Users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send an 
>>> email to puppet-users+unsubscr...@googlegroups.com 
>>> <mailto:puppet-users+unsubscr...@googlegroups.com>.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/puppet-users/14FED81F-75D7-4A60-B1DF-27FE8CC1D10C%40gmail.com
>>>  
>>> <https://groups.google.com/d/msgid/puppet-users/14FED81F-75D7-4A60-B1DF-27FE8CC1D10C%40gmail.com?utm_medium=email_source=footer>.
>> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> <mailto:puppet-users+unsubscr...@googlegroups.com>.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/9918480A-E045-4C00-92C2-B690ED1E3331%40gmail.com
>  
> <https://groups.google.com/d/msgid/puppet-users/9918480A-E045-4C00-92C2-B690ED1E3331%40gmail.com?utm_medium=email_source=footer>.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/4FF0AA96-15A4-47F5-A53F-E3FABD176480%40gmail.com.

Re: [Puppet Users] Puppet Agent Gem Install

2020-10-20 Thread Martin Alfke 
Hi Tony,

puppet functions are executed on the puppet server.
You need to install the gem within the puppet server

puppetserver gem install my gem

Hth,
Martin


> On 20. Oct 2020, at 21:37, Tony Wu  wrote:
> 
> Hi,
> 
> I have a agent side function that requires a gem, so I did:
> 
> /opt/puppetlabs/puppet/bin/gem install my_gem
> 
> If I do list, it shows the gem as being installed, but when invoking the 
> function it can't find it. Any suggestion?
> 
> Thanks very much.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/6b114e8d-8147-42d5-85a4-aa0ad381de25n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/14FED81F-75D7-4A60-B1DF-27FE8CC1D10C%40gmail.com.

Re: [Puppet Users] Puppet Enterprise version upgrade from 2019.1.0 to 2019.8.1

2020-10-16 Thread Martin Alfke 
Hi Vinay,

Newest PE version adds PuppetDB Rest API service to compilers.
If you have a single master only, you can ignore this.
If you are using additional compilers, you must enable access to PostgreSQL 
Database from compilers to the master.

We did an update from 2019.1 to latest PE release without any issues.
(But we enabled the PostgreSQL access prior we did the upgrade.)

Best,
Martin


> On 16. Oct 2020, at 08:54, Vinay Korrapati  wrote:
> 
> Hi Team,
> 
> I are planning to upgrade the Puppet Enterprise version from 2019.1.0 to 
> 2019.8.1 in development environment.
> 
> As a part of this upgrade i am checking all the prerequisites and other stuff 
> as well. 
> 
> If anyone experienced any issues of your migration , kindly share with me 
> which helps me a lot.
> 
> Regards
> Vinay
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/c4c75009-edd4-4827-a1c8-597b7ca8ebaen%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/6CDB07C3-9F69-469C-8B9F-B1F460A3BF53%40gmail.com.

Re: [Puppet Users] Best way to exclude classes from a few nodes

2020-10-01 Thread Martin Alfke 
One more try:

In your manifests/site.pp change the class declaration from class to include:

node default {
  # …
  # class { 'grubipv6disable': }
  include grubipv6disable
  # …
}


> On 1. Oct 2020, at 12:44, djc...@gmail.com  wrote:
> 
> Puppet 6:
> 
> # puppet --version
> 6.15.0
> 
> Yes, I ran the lookup as root.
> 
> On Thursday, October 1, 2020 at 11:40:49 AM UTC+1 Martin Alfke wrote:
> Which version of puppet are you using?
> Puppet 5 or puppert 6?
> 
> And: did you ran the puppet lookup command as root user? (I assume so, I just 
> want to be sure)
> 
> 
>> On 1. Oct 2020, at 12:30, djc...@gmail.com <http://gmail.com/> 
>> > 
>> wrote:
>> 
> 
>> Thanks Martin, yes (on fours servers to be specific all with idm0 in the 
>> hostname).  Problem I have, is although the lookup is returning what I need, 
>> when I run the agent, it returns:
>> 
>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
>> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
>> Class[Grubipv6disable]: expects a value for parameter 'enable' (file: 
>> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 12, 
>> column: 3) on node lhcsrvprdidm02.fixnetix.com 
>> <http://lhcsrvprdidm02.fixnetix.com/>
>> 
>> I guessing that this is suggesting the expected hiera vaule can't be found.
>> 
>> Thanks,
>> Dan.
>> 
>> 
>> On Thursday, October 1, 2020 at 11:24:04 AM UTC+1 Martin Alfke wrote:
>> Hi Dan,
>> 
>> The puppet lookup explain told you what it has found:
>> 
>>   Environment Data Provider (hiera configuration version 5)
>> Using configuration 
>> "/etc/puppetlabs/code/environments/production/hiera.yaml"
>> Hierarchy entry "Per-node data"
>>   Path 
>> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml"
>> Original path: "nodes/%{trusted.certname}.yaml"
>> Found key: "grubipv6disable::enable" value: false
>> 
>> So I assume that you want to disable ipv6 only on node 
>> lhcsrvprdidm02.fixnetix.com <http://lhcsrvprdidm02.fixnetix.com/>
>> 
>> 
>> 
>> 
>>> On 1. Oct 2020, at 12:05, djc...@gmail.com <http://gmail.com/> 
>>> > wrote:
>>> 
>> 
>>> Hello Martin,
>>> 
>>> Do you have any further thoughts on the above?
>>> 
>>> Thanks,
>>> Dan.
>>> 
>>> On Monday, September 28, 2020 at 2:37:42 PM UTC+1 djc...@gmail.com 
>>> <http://gmail.com/> wrote:
>>> There is indeed a  global hiera.yaml file:
>>> # cat /etc/puppetlabs/puppet/hiera.yaml
>>> ---
>>> # Hiera 5 Global configuration file
>>> 
>>> version: 5
>>> 
>>> # defaults:
>>> #   data_hash: yaml_data
>>> # hierarchy:
>>> #  - name: Common
>>> #data_hash: yaml_data
>>> hierarchy: []
>>> 
>>> Top level environment hiera looks good:
>>> # cat /etc/puppetlabs/code/environments/production/hiera.yaml
>>> ---
>>> version: 5
>>> defaults:
>>>   # The default value for "datadir" is "data" under the same directory as 
>>> the hiera.yaml
>>>   # file (this file)
>>>   # When specifying a datadir, make sure the directory exists.
>>>   # See https://puppet.com/docs/puppet/latest/environments_about.html 
>>> <https://puppet.com/docs/puppet/latest/environments_about.html> for further 
>>> details on environments.
>>>   datadir: data
>>>   data_hash: yaml_data
>>> hierarchy:
>>>   - name: "Per-node data"   # Human-readable name.
>>> path: "nodes/%{trusted.certname}.yaml"  # File path, relative to 
>>> datadir.
>>> 
>>>   - name: "Per-OS defaults"
>>> path: "os/%{facts.os.family}.yaml"
>>> 
>>>   - name: "Common data"
>>> path: "common.yaml"
>>> 
>>> There is no associated branch or alike in this instance.
>>> 
>>> Here's the puppet lookup output with --explain:
>>> 
>>> # puppet lookup --node lhcsrvprdidm02.fixnetix.com 
>>> <http://lhcsrvprdidm02.fixnetix.com/> grubipv6disable::enable --explain
>>> Searching for "lookup_options"
>>>   Global Data Provider (hiera configuration version 5)
>>> Using configuration &

Re: [Puppet Users] Best way to exclude classes from a few nodes

2020-10-01 Thread Martin Alfke 
Which version of puppet are you using?
Puppet 5 or puppert 6?

And: did you ran the puppet lookup command as root user? (I assume so, I just 
want to be sure)

> On 1. Oct 2020, at 12:30, djc...@gmail.com  wrote:
> 
> Thanks Martin, yes (on fours servers to be specific all with idm0 in the 
> hostname).  Problem I have, is although the lookup is returning what I need, 
> when I run the agent, it returns:
> 
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
> Class[Grubipv6disable]: expects a value for parameter 'enable' (file: 
> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 12, 
> column: 3) on node lhcsrvprdidm02.fixnetix.com
> 
> I guessing that this is suggesting the expected hiera vaule can't be found.
> 
> Thanks,
> Dan.
> 
> 
> On Thursday, October 1, 2020 at 11:24:04 AM UTC+1 Martin Alfke wrote:
> Hi Dan,
> 
> The puppet lookup explain told you what it has found:
> 
>   Environment Data Provider (hiera configuration version 5)
> Using configuration 
> "/etc/puppetlabs/code/environments/production/hiera.yaml"
> Hierarchy entry "Per-node data"
>   Path 
> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml"
> Original path: "nodes/%{trusted.certname}.yaml"
> Found key: "grubipv6disable::enable" value: false
> 
> So I assume that you want to disable ipv6 only on node 
> lhcsrvprdidm02.fixnetix.com <http://lhcsrvprdidm02.fixnetix.com/>
> 
> 
> 
> 
>> On 1. Oct 2020, at 12:05, djc...@gmail.com <http://gmail.com/> 
>> > 
>> wrote:
>> 
> 
>> Hello Martin,
>> 
>> Do you have any further thoughts on the above?
>> 
>> Thanks,
>> Dan.
>> 
>> On Monday, September 28, 2020 at 2:37:42 PM UTC+1 djc...@gmail.com 
>> <http://gmail.com/> wrote:
>> There is indeed a  global hiera.yaml file:
>> # cat /etc/puppetlabs/puppet/hiera.yaml
>> ---
>> # Hiera 5 Global configuration file
>> 
>> version: 5
>> 
>> # defaults:
>> #   data_hash: yaml_data
>> # hierarchy:
>> #  - name: Common
>> #data_hash: yaml_data
>> hierarchy: []
>> 
>> Top level environment hiera looks good:
>> # cat /etc/puppetlabs/code/environments/production/hiera.yaml
>> ---
>> version: 5
>> defaults:
>>   # The default value for "datadir" is "data" under the same directory as 
>> the hiera.yaml
>>   # file (this file)
>>   # When specifying a datadir, make sure the directory exists.
>>   # See https://puppet.com/docs/puppet/latest/environments_about.html 
>> <https://puppet.com/docs/puppet/latest/environments_about.html> for further 
>> details on environments.
>>   datadir: data
>>   data_hash: yaml_data
>> hierarchy:
>>   - name: "Per-node data"   # Human-readable name.
>> path: "nodes/%{trusted.certname}.yaml"  # File path, relative to datadir.
>> 
>>   - name: "Per-OS defaults"
>> path: "os/%{facts.os.family}.yaml"
>> 
>>   - name: "Common data"
>> path: "common.yaml"
>> 
>> There is no associated branch or alike in this instance.
>> 
>> Here's the puppet lookup output with --explain:
>> 
>> # puppet lookup --node lhcsrvprdidm02.fixnetix.com 
>> <http://lhcsrvprdidm02.fixnetix.com/> grubipv6disable::enable --explain
>> Searching for "lookup_options"
>>   Global Data Provider (hiera configuration version 5)
>> Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
>> No such key: "lookup_options"
>>   Environment Data Provider (hiera configuration version 5)
>> Using configuration 
>> "/etc/puppetlabs/code/environments/production/hiera.yaml"
>> Merge strategy hash
>>   Hierarchy entry "Per-node data"
>> Path 
>> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml"
>>   Original path: "nodes/%{trusted.certname}.yaml"
>>   No such key: "lookup_options"
>>   Hierarchy entry "Per-OS defaults"
>> Path 
>> "/etc/puppetlabs/code/environments/production/data/os/RedHat.yaml"
>>   Original path: "os/%{facts.os.family}.yaml"
>>   Path not found
>>   Hierarchy entry "Common data"

Re: [Puppet Users] Best way to exclude classes from a few nodes

2020-10-01 Thread Martin Alfke 
ath 
> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat.yaml"
> Original path: "os/%{facts.os.name <http://facts.os.name/>}.yaml"
> Path not found
>   Path 
> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/os/RedHat.yaml"
> Original path: "os/%{facts.os.family}.yaml"
> Path not found
>   Hierarchy entry "common"
> Path 
> "/etc/puppetlabs/code/environments/production/modules/grubipv6disable/data/common.yaml"
>   Original path: "common.yaml"
>   No such key: "lookup_options"
> Searching for "grubipv6disable::enable"
>   Global Data Provider (hiera configuration version 5)
> Using configuration "/etc/puppetlabs/puppet/hiera.yaml"
> No such key: "grubipv6disable::enable"
>   Environment Data Provider (hiera configuration version 5)
> Using configuration 
> "/etc/puppetlabs/code/environments/production/hiera.yaml"
> Hierarchy entry "Per-node data"
>   Path 
> "/etc/puppetlabs/code/environments/production/data/nodes/lhcsrvprdidm02.fixnetix.com.yaml"
> Original path: "nodes/%{trusted.certname}.yaml"
> Found key: "grubipv6disable::enable" value: false
> 
> Thanks,
> Dan.
> 
> 
> On Monday, September 28, 2020 at 2:23:49 PM UTC+1 Martin Alfke wrote:
> In this case it is hiera.
> 
> Can you please check:
> - that there is no global hiera.yaml file in 
> /etc/puppetlabs/puppet/hiera.yaml or, that the data paths mentioned in that 
> file are empty
> - that node is the top level environment in your environment hiera.yaml file 
> (/etc/puppetlabs/code/environment//hiera.yaml
> - that your Puppet code changes are done in production environment and not 
> within a feature branch or: if you use a feature branch: that the data fir 
> enabling/disabling the flag is also in environment hiera data
> 
> Can you run the puppet lookup command again using the ‘--explain’ parameter?
> 
> Hth,
> Martin
> 
> 
> 
>> On 28. Sep 2020, at 15:18, djc...@gmail.com <http://gmail.com/> 
>> > wrote:
>> 
> 
>> Thanks again Martin,
>> 
>> I've changed the code as per recommended.  However, the same issue still 
>> persists.  I'm starting to think that the issue is not code related but lies 
>> elsewhere
>> 
>> # puppet agent --no-daemonize --onetime --verbose
>> Info: Using configured environment 'production'
>> Info: Retrieving pluginfacts
>> Info: Retrieving plugin
>> Info: Retrieving locales
>> Info: Loading facts
>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
>> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
>> Class[Grubipv6disable]: expects a value for parameter 'enable' (file: 
>> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 12, 
>> column: 3) on node lhcsrvprdidm02.fixnetix.com 
>> <http://lhcsrvprdidm02.fixnetix.com/>
>> Info: Using cached catalog from environment 'production'
>> Info: Applying configuration version '1601218290'
>> Notice: Applied catalog in 1.95 seconds
>> 
>> I've checked if a lookup checks-out ok:
>> 
>> # puppet lookup --node lhcsrvprdidm02.fixnetix.com 
>> <http://lhcsrvprdidm02.fixnetix.com/> grubipv6disable::enable
>> --- false
>> 
>> Thanks,
>> Dan.
>> 
>> 
>> 
>> On Monday, September 28, 2020 at 11:54:42 AM UTC+1 Martin Alfke wrote:
>> Hi Dan,
>> 
>> I would write the grubipv6disable class in another way:
>> 
>> class grubipv6disable (
>>   Boolean $enable,
>> ) {
>>   if $enable {
>> contain grubipv6disable::config
>>   }
>> }
>> 
>> And keep the grubipv6disable::config class as is:
>> 
>> class grubipv6disable::config (
>> ){
>> 
>>   if $facts['os']['release']['major'] =~ /7/ {
>> exec { 'grub2_ipv6_disable':
>>   command => '/usr/sbin/grubby --update-kernel=ALL 
>> --args=ipv6.disable=1',
>>   unless  => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
>> }
>>   } else {
>> notice ('Assuming RHEL 6.x thus taking no action')
>>   }
>> }
>> 
>> Parameters, like variables, are always local to a class.
>> 
>> Best,
>> Martin
>> 
>> 
>> 
>>> On 28. Sep 2020, at 12:03, djc...@gmail.com <http://gmail.com/> 
>>> > wrote:
>>>

Re: [Puppet Users] Best way to exclude classes from a few nodes

2020-09-28 Thread Martin Alfke 
In this case it is hiera.

Can you please check:
- that there is no global hiera.yaml file in /etc/puppetlabs/puppet/hiera.yaml 
or, that the data paths mentioned in that file are empty
- that node is the top level environment in your environment hiera.yaml file 
(/etc/puppetlabs/code/environment//hiera.yaml
- that your Puppet code changes are done in production environment and not 
within a feature branch or: if you use a feature branch: that the data fir 
enabling/disabling the flag is also in environment hiera data

Can you run the puppet lookup command again using the ‘--explain’ parameter?

Hth,
Martin


> On 28. Sep 2020, at 15:18, djc...@gmail.com  wrote:
> 
> Thanks again Martin,
> 
> I've changed the code as per recommended.  However, the same issue still 
> persists.  I'm starting to think that the issue is not code related but lies 
> elsewhere
> 
> # puppet agent --no-daemonize --onetime --verbose
> Info: Using configured environment 'production'
> Info: Retrieving pluginfacts
> Info: Retrieving plugin
> Info: Retrieving locales
> Info: Loading facts
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
> Class[Grubipv6disable]: expects a value for parameter 'enable' (file: 
> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 12, 
> column: 3) on node lhcsrvprdidm02.fixnetix.com
> Info: Using cached catalog from environment 'production'
> Info: Applying configuration version '1601218290'
> Notice: Applied catalog in 1.95 seconds
> 
> I've checked if a lookup checks-out ok:
> 
> # puppet lookup --node lhcsrvprdidm02.fixnetix.com grubipv6disable::enable
> --- false
> 
> Thanks,
> Dan.
> 
> 
> 
> On Monday, September 28, 2020 at 11:54:42 AM UTC+1 Martin Alfke wrote:
> Hi Dan,
> 
> I would write the grubipv6disable class in another way:
> 
> class grubipv6disable (
>   Boolean $enable,
> ) {
>   if $enable {
> contain grubipv6disable::config
>   }
> }
> 
> And keep the grubipv6disable::config class as is:
> 
> class grubipv6disable::config (
> ){
> 
>   if $facts['os']['release']['major'] =~ /7/ {
> exec { 'grub2_ipv6_disable':
>   command => '/usr/sbin/grubby --update-kernel=ALL --args=ipv6.disable=1',
>   unless  => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
> }
>   } else {
> notice ('Assuming RHEL 6.x thus taking no action')
>   }
> }
> 
> Parameters, like variables, are always local to a class.
> 
> Best,
> Martin
> 
> 
> 
>> On 28. Sep 2020, at 12:03, djc...@gmail.com <http://gmail.com/> 
>> > 
>> wrote:
>> 
> 
>> Thanks for that Martin,
>> 
>> I seem to have unearthed a different issue:
>> 
>> # puppet agent --no-daemonize --onetime --verbose
>> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
>> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
>> Class[Grubipv6disable]: expects a value for parameter 'enable' (file: 
>> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 12, 
>> column: 3) on node lhcsrvprdidm02.fixnetix.com 
>> <http://lhcsrvprdidm02.fixnetix.com/>
>> 
>> # pwd
>> /etc/puppetlabs/code/environments/production/modules/grubipv6disable
>> # more manifests/init.pp
>> class grubipv6disable (
>>   Boolean $enable,
>> ) {
>>   contain grubipv6disable::config
>>   }
>> 
>> # more manifests/config.pp
>> class grubipv6disable::config (
>>   Boolean $enable = true,
>> ){
>>  if $enable {
>>   if $facts['os']['release']['major'] =~ /7/ {
>> exec { 'grub2_ipv6_disable':
>>   command => '/usr/sbin/grubby --update-kernel=ALL 
>> --args=ipv6.disable=1',
>>   unless  => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
>>  }
>>   } else {
>>   notice ('Assuming RHEL 6.x thus taking no action')
>> }
>>  }
>> }
>> 
>> # pwd
>> /etc/puppetlabs/code/environments/production/data
>> # more nodes/lhcsrvprdidm02.fixnetix.com.yaml
>> ---
>> grubipv6disable::enable: false
>> 
>> Seems hiera is not being read.
>> 
>> Any further help you can provide would be appreciated
>> 
>> Thanks,
>> Dan.
>> On Friday, September 18, 2020 at 12:43:26 PM UTC+1 Martin Alfke wrote:
>> Add a parameter to grubipv6disable class which controls the internal 
>> behaviour.
>> https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables
>>  
>> <https://puppet.co

Re: [Puppet Users] Best way to exclude classes from a few nodes

2020-09-28 Thread Martin Alfke 
Hi Dan,

I would write the grubipv6disable class in another way:

class grubipv6disable (
  Boolean $enable,
) {
  if $enable {
contain grubipv6disable::config
  }
}

And keep the grubipv6disable::config class as is:

class grubipv6disable::config (
){
  if $facts['os']['release']['major'] =~ /7/ {
exec { 'grub2_ipv6_disable':
  command => '/usr/sbin/grubby --update-kernel=ALL --args=ipv6.disable=1',
  unless  => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
}
  } else {
notice ('Assuming RHEL 6.x thus taking no action')
  }
}

Parameters, like variables, are always local to a class.

Best,
Martin


> On 28. Sep 2020, at 12:03, djc...@gmail.com  wrote:
> 
> Thanks for that Martin,
> 
> I seem to have unearthed a different issue:
> 
> # puppet agent --no-daemonize --onetime --verbose
> Error: Could not retrieve catalog from remote server: Error 500 on SERVER: 
> Server Error: Evaluation Error: Error while evaluating a Resource Statement, 
> Class[Grubipv6disable]: expects a value for parameter 'enable' (file: 
> /etc/puppetlabs/code/environments/production/manifests/site.pp, line: 12, 
> column: 3) on node lhcsrvprdidm02.fixnetix.com 
> <http://lhcsrvprdidm02.fixnetix.com/>
> 
> # pwd
> /etc/puppetlabs/code/environments/production/modules/grubipv6disable
> # more manifests/init.pp
> class grubipv6disable (
>   Boolean $enable,
> ) {
>   contain grubipv6disable::config
>   }
> 
> # more manifests/config.pp
> class grubipv6disable::config (
>   Boolean $enable = true,
> ){
>  if $enable {
>   if $facts['os']['release']['major'] =~ /7/ {
> exec { 'grub2_ipv6_disable':
>   command => '/usr/sbin/grubby --update-kernel=ALL --args=ipv6.disable=1',
>   unless  => '/usr/sbin/grubby --info=ALL | /usr/bin/grep ipv6'
>  }
>   } else {
>   notice ('Assuming RHEL 6.x thus taking no action')
> }
>  }
> }
> 
> # pwd
> /etc/puppetlabs/code/environments/production/data
> # more nodes/lhcsrvprdidm02.fixnetix.com.yaml
> ---
> grubipv6disable::enable: false
> 
> Seems hiera is not being read.
> 
> Any further help you can provide would be appreciated
> 
> Thanks,
> Dan.
> On Friday, September 18, 2020 at 12:43:26 PM UTC+1 Martin Alfke wrote:
> Add a parameter to grubipv6disable class which controls the internal 
> behaviour.
> https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables
>  
> <https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables>
> 
> e.g.
> 
> # modules/grubipv6disable/manifests/init.pp
> class grubipv6disable (
>   Boolean $enable = true,
> ){
>   if $enable {
> # add here the code from the class.
>   }
> }
> 
> Now you add hiera.yaml to your control-repo and add node specific data.
> https://puppet.com/docs/puppet/6.17/hiera_intro.html 
> <https://puppet.com/docs/puppet/6.17/hiera_intro.html>
> 
> e.g.
> data/nodes/.yaml
> ---
> grubipv6disable::enable: false
> 
> Hth,
> Martin
> 
> 
> 
>> On 17. Sep 2020, at 19:19, djc...@gmail.com <http://gmail.com/> 
>> > 
>> wrote:
>> 
> 
>> Hello experts,
>> 
>> I apply all my current classes like so:
>> 
>> # cat site.pp
>> 
>> node default {
>>   class { 'selinux':
>> mode => 'permissive',
>> type => 'targeted',  }
>>   class { 'commonpackages':  }
>>   class { 'polkit':  }
>>   class { 'libstoragemgmt':  }
>>   class { 'rngd':}
>>   class { 'gssproxy':}
>>   class { 'smartd':  }
>>   class { 'firewalld':   }
>>   class { 'grubipv6disable': }
>>   class { 'grubrootpasswd':  }
>>   class { 'grubcrash':   }
>>   class { 'logrotate':   }
>>   class { 'htop':}
>>   class { 'vim': }
>>   class { 'yum': }
>>   class { 'yumlocalrepo':}
>>   class { 'sysctl':  }
>>   class { 'sysconfig':   }
>>   class { 'bashrc':  }
>>   class { 'vault':   }
>>   class { 'useradd': }
>>   class { 'crontab': }
>>   class { 'modprobe':}
>>   class { 'rsyslogd':}
>>   class { 'sudoers': }
>>   class { 'motd':}
>>   class { 'pam': }
>>   class { 'issue':   }
>>   class { 'issuenet':}
>>   class { 'limits':  }
>>   class { 'timezone':}
>>   class { 'profiled':}
>>   class { 'pulpconsumer':}
>>   class { 'resolver':}
>>   class { 'aide':}
>>   class

Re: [Puppet Users] Best way to exclude classes from a few nodes

2020-09-18 Thread Martin Alfke 
Add a parameter to grubipv6disable class which controls the internal behaviour.
https://puppet.com/docs/puppet/6.17/lang_classes.html#class-parameters-and-variables
 


e.g.

# modules/grubipv6disable/manifests/init.pp
class grubipv6disable (
  Boolean $enable = true,
){
  if $enable {
# add here the code from the class.
  }
}

Now you add hiera.yaml to your control-repo and add node specific data.
https://puppet.com/docs/puppet/6.17/hiera_intro.html 


e.g.
data/nodes/.yaml
---
grubipv6disable::enable: false

Hth,
Martin


> On 17. Sep 2020, at 19:19, djc...@gmail.com  wrote:
> 
> Hello experts,
> 
> I apply all my current classes like so:
> 
> # cat site.pp
> 
> node default {
>   class { 'selinux':
> mode => 'permissive',
> type => 'targeted',  }
>   class { 'commonpackages':  }
>   class { 'polkit':  }
>   class { 'libstoragemgmt':  }
>   class { 'rngd':}
>   class { 'gssproxy':}
>   class { 'smartd':  }
>   class { 'firewalld':   }
>   class { 'grubipv6disable': }
>   class { 'grubrootpasswd':  }
>   class { 'grubcrash':   }
>   class { 'logrotate':   }
>   class { 'htop':}
>   class { 'vim': }
>   class { 'yum': }
>   class { 'yumlocalrepo':}
>   class { 'sysctl':  }
>   class { 'sysconfig':   }
>   class { 'bashrc':  }
>   class { 'vault':   }
>   class { 'useradd': }
>   class { 'crontab': }
>   class { 'modprobe':}
>   class { 'rsyslogd':}
>   class { 'sudoers': }
>   class { 'motd':}
>   class { 'pam': }
>   class { 'issue':   }
>   class { 'issuenet':}
>   class { 'limits':  }
>   class { 'timezone':}
>   class { 'profiled':}
>   class { 'pulpconsumer':}
>   class { 'resolver':}
>   class { 'aide':}
>   class { 'autofs':  }
>   class { 'vmtoolsd':}
>   class { 'ntpd':}
>   class { 'postfix': }
>   class { 'auditd':  }
>   class { 'sshd':}
>   class { 'idmclient':   }
> }
> 
> However, it's now become apparent that I need to exclude the grubipv6disable 
> from some nodes (all have idm0 in their hostname).
> 
> What is the best way (or the less complicated) to achive this?
> 
> Thanks in advance.
> Dan.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e0226cb0-a8d9-4767-afa7-093c89358063n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/5C81F8B8-E73D-4725-9907-4AA7071F2067%40gmail.com.

Re: [Puppet Users] [Puppet] Can't manage Puppet Certificates on the PuppetCA (404 error)

2020-08-26 Thread Martin Alfke 
Hi,

Usually you can do the cert management via Foreman web interface.
If CLI is not working, please check that your Puppet 6 Master has a cert 
extension.
If this is missing you can check our blog posting:
https://blog.example42.com/2018/10/08/puppet6-ca-upgrading/ 


Best,
Martin

> On 25. Aug 2020, at 00:32, damien...@gmail.com  wrote:
> 
> Hello,
> 
> I have just finished installing a Puppet / Foreman / PuppetDB stack. Here is 
> the details :
> 
> OS : Centos 8.2
> 
> Puppetserver version : 6.12.1
> 
> PuppetDB version : 6.11.2
> 
> Puppet agent version : 6.17.0
> 
> Foreman version : 2.1
> 
> I have the PuppetCA and Foreman on one host, the Puppetmaster on a second one 
> and the PuppetDB on a third one. I used Foreman-installer to install 
> everything except the PuppetDB.
> 
> It took me quite some time but it seems to be working fine except for one 
> thing, I can't manage the nodes certificates because the following command 
> gives me a 404 error (I run it on the PuppetCA/Foreman host) :
> 
> > puppetserver ca list --all
> Error:
> code: 404
> body: {
> "message":"Not Found",
> "url":"/puppet-ca/v1/certificate_statuses/any_key",
> "status":"404"
> }
> No certificates to list
> I did set up the autosign with my servers domain name, so the new nodes get 
> their certificate request correctly signed, they get their catalogs, I see 
> them in Foreman etc...
> 
> > ls -l  /etc/puppetlabs/puppet/ssl/ca/signed/
> total 44
> drwxr-x---. 2 puppet puppet 4096 Aug 24 18:01 .
> drwxr-x---. 4 puppet puppet  232 Aug 24 18:35 ..
> -rw-r--r--. 1 puppet puppet 1960 Aug 24 18:01 host1.domain.local.pem
> -rw-r--r--. 1 puppet puppet 1968 Aug 24 16:45 host2.domain.local.pem
> -rw-r--r--. 1 puppet puppet 1968 Aug 23 11:39 host3.domain.local.pem
> -rw-r--r--. 1 puppet puppet 1968 Aug 23 11:42 host4.domain.local.pem
> But I need to revoke and renew some of these certificates so for the moment, 
> I am blocked.
> 
> I don't know where to look, any help would be appreciated ^^
> 
> Thanks
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/68084f23-4154-45c1-b808-c67249ad1770n%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/C18CBE52-D96A-45F9-BF6D-46756A89A90E%40gmail.com.

Re: [Puppet Users] Any Puppet APIs which integrate with Azure API Management Gateway

2020-07-14 Thread Martin Alfke 
Hi Vinay,

Puppet managed an Azure module - but no more development.
https://github.com/puppetlabs/puppetlabs-azure 


You can check documentation at the link mentioned above and verify whether this 
module serves your needs.

Hth,
Martin

> On 13. Jul 2020, at 17:22, Vinay Korrapati  wrote:
> 
> Hi Team,
> 
> Is there any puppet APIs which Integrate with Azure API Management Gateways.
> 
> Or any puppet APIs which we can handle the Azure API management Gateways?
> 
> Regards
> Vinay
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/7e76aabb-034b-44f4-90f9-16cd1d320d89o%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/621EA225-0930-4E16-94BE-CCD61DAA0F0D%40gmail.com.

Re: [Puppet Users] Parameters to Puppet Task

2020-06-30 Thread Martin Alfke 
Hi Valayil,

You seem to miss loading the stdin json in your task:
https://puppet.com/docs/bolt/latest/writing_tasks.html#no-op-task-example 

#!/usr/bin/env python

import json
import sys

params = json.load(sys.stdin)
Hth,
Martin


> On 30. Jun 2020, at 02:58, Valayil Abraham  wrote:
> 
> I have a python task in Puppet. Passing a parameter into the task. Need to 
> check the parameter in the code.
> This what the code check looks like
> 
> if {params['date'] == "yesterday"}:
>   print("Yesterday")
> else:
>   print("Not Yesterday"}
> 
> The if statement doesn't work when run from Puppet Console. Prints Yesterday 
> no matter what the parameter is. Not sure why. 
> 
> I can get the same thing to work from the command line with the following
> 
> if sys.argv[1] == "yesterday"
>   print("Yesterday")
> else:
>   print("Not Yesterday"}
> 
> Why do the parameters behave differently in Puppet? Any help in resolving 
> this would be appreciated.
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/236ca31b-018b-4cbd-bf60-7808d1731c04o%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/16DDD1C4-593B-415D-94B4-77157E9A9984%40gmail.com.

Re: [Puppet Users] Error while installing the docker on Ubuntu 18.04 using existing puppet forge module

2020-06-25 Thread Martin Alfke 
Hi Vinay,

Your error is unrelated to docker module, but comes from apt module.
Apt module is trying to add the docker repos and fetch the gpg keys.

Please make sure to allow outgoing https connections.

If you want to install from your own internal mirror, you can set a docker 
class parameter:

   use_upstream_package_source => false,

In this case you must ensure, that the repository is added.

Best regards,
Martin


> On 25. Jun 2020, at 10:38, Vinay Korrapati  wrote:
> 
> Hi Team,
> 
> We are facing the below issue while installing the docker Ubuntu 18.04 using 
> existing puppet forge module. we already added the include 'docker' to the 
> manifest file. And all dependent modules also installed.
> 
> Error: 
> change from 'absent' to 'present' failed: Could not set 'present' on ensure: 
> SSL_connect SYSCALL returned=5 errno=0 state=SSLv3/TLS write client hello 
> (file: 
> /etc/puppetlabs/code/environments/production/site/apt/manifests/key.pp, line: 
> 55)
> 
> 
> Puppet Version: 6.14.0
> Link referred: https://forge.puppet.com/puppetlabs/docker#images 
> 
> 
> Any firewall need to be white list at server end ? could you please suggest 
> me to address the issue.
> 
> 
> Regards
> Vinay 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/aefc16d3-eaee-46dc-a5de-d5ea9a13aa5co%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/C0761E3F-679C-4BE5-9AB8-4A322A2B113A%40gmail.com.

Re: [Puppet Users] Puppetdb and postgresql module: How to manage Postgresql but NOT manage Postgresql REPO using Hiera?

2020-06-13 Thread Martin Alfke 


postgresql::globals::manage_package_repo: false
postgresql::globals::version: '9.6',

> On 12. Jun 2020, at 17:40, Devminded  wrote:
> 
> Hi.
> 
> I am trying to disable the managing of the Postgresql repo using Hiera when 
> using the puppetlabs/postgresql module. I have tried every Hiera combination 
> I can think of (from reading the docs/code) but nothing works.
>   • puppetdb::database::postgresql::manage_package_repo: false
>   • puppetdb::globals::manage_package_repo: false
>   • postgresql::globals::manage_package_repo: false
> It still adds the /etc/apt/sources.list.d/apt.postgresql.org.list which won't 
> work since we are using our own Aptly mirror and servers cannot directly 
> communicate with the internet, and so the apt update fails and the entire 
> puppet agent run fails with it.
> 
> How do I disable the management of 
> /etc/apt/sources.list.d/apt.postgresql.org.list using Hiera?
> 
> System:
>   • OS: Ubuntu 16.04 and 20.04
>   • puppetserver version: 6.12.0
>   • puppet-version: 6.16.0
>   • mod 'puppetlabs/postgresql', '6.5.0'
>   • mod 'puppetlabs/puppetdb', '7.4.0'
>   • mod 'puppetlabs/stdlib', '6.3.0'
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/4d58c1ea-0652-474f-bc50-c0c150c0eb00o%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/7E4067DF-CC0E-4D28-B016-D35A55D787E2%40gmail.com.

Re: [Puppet Users] hiera with environments

2020-06-11 Thread Martin Alfke 
Hi,

You should change to using a control-repo and adopt your codebase.
https://puppet.com/docs/pe/2018.1/control_repo.html 

https://github.com/puppetlabs/best-practices/blob/master/puppet-modules-and-the-control-repo.md
 


We recommend (assuming you use a git based control-repo and r10k or PE code 
manager for deployment):

1. Copy your global hiera.yaml file (etc/puppetlabs/puppet/hiera.yaml) to each 
of your environments.
2. Remove global hiera.yaml file
3. Just use data or hieradata as datadir. Not the complete path.
4. Use relative paths in your environment.conf file
5. Instead of having different hieradata per environment we recommend to add an 
environment hierarchy.

You can also separate your hieradata from control-repo and make them an 
individual git repo.
In this case you can add hieradata as a module to your puppet file and change 
the path in hiera.yaml file.

You can find examples on how to achieve this in our Puppet Infrastructure 
Construction Kit (https://github.com/example42/psick 
)
https://github.com/example42/psick/blob/production/Puppetfile#L7 

Here we deploy the same branch name - when existing on hieradata repo - and 
fall back to master branch.

Hth,
Martin


> On 9. Jun 2020, at 07:46, solarflow 99  wrote:
> 
> I have this strange problem where I just upgraded from puppetserver 5.5 to 6, 
> and now the 2nd environment doesn't see hiera values, but the production 
> environment does.  I wonder if top level lookups don't work anymore?  Here's 
> how I have it configured:
> 
> 
> Here's my directory layout:
> 
> code
> └── environments
> ├── preprod
> │   ├── environment.conf
> │   ├── gitclone
> │   │   └── production
> │   │   ├── hieradata
> │   │   │   ├── common.yaml
> │   │   │   └── nodes
> │   │   ├── manifests
> │   │   │   ├── nodes.pp
> │   │   │   └── site.pp
> │   │   └── modules
> └── production
> ├── hieradata
> │   ├── common.yaml
> │   └── nodes
> ├── manifests
> │   ├── nodes.pp
> │   └── site.pp
> └── modules
> 
> 
> 
> 
> 
> 
> /etc/puppetlabs/puppet:
> 
> $ cat hiera.yaml 
> ---
> version: 5
> defaults:
>   # The default value for "datadir" is "data" under the same directory as the 
> hiera.yaml
>   # file (this file)
>   # When specifying a datadir, make sure the directory exists.
>   # See https://puppet.com/docs/puppet/latest/environments_about.html for 
> further details on environments.
>   # datadir: data
>   # data_hash: yaml_data
> 
>   datadir: "/etc/puppetlabs/code/environments/%{::environment}/hieradata"
>   data_hash: yaml_data
> 
> 
> hierarchy:
>   - name: "Per-node data (yaml version)"
> path: "nodes/%{::trusted.certname}.yaml"
>   - name: "Other YAML hierarchy levels"
> paths:
>   - "common.yaml"
> 
> 
> 
> 
> 
> /etc/puppetlabs/code/environments/preprod:
> 
> 
> $ ls -la
> total 4
> drwxr-xr-x  3 root root  62 Jun  8 21:44 ./
> drwxr-xr-x. 4 root root  39 Jun  8 14:33 ../
> -rw-r--r--  1 root root 142 Jun  8 14:38 environment.conf
> drwxr-xr-x  3 root root  24 Jun  8 14:36 gitclone/
> lrwxrwxrwx  1 root root  29 Jun  8 21:44 hierdata -> 
> gitclone/production/hieradata/
> 
> 
> 
> 
> 
> $ cat environment.conf 
> manifest = $codedir/environments/preprod/gitclone/production/manifests
> modulepath = $codedir/environments/preprod/gitclone/production/modules
> 
> 
> 
> 
> 
>  
> $ cat hierdata/common.yaml 
> ---
> infraserver: 'bigmachine.local'
> 
> 
> 
> 
> $ cat site.pp 
> 
> $infraserver  = hiera( 'infraserver' )
> 
> 
> 
> 
> But the clients don't see it in preprod, failing their puppet runs, and the 
> codebase is exactly the same:
> 
> Error 500 on SERVER: Server Error: Function lookup() did not find a value for 
> the name 'infraserver' on node dev1.local
> 
> 
> $ puppet lookup infraserver --environment production --node dev1.local
> --- bigmachine.local
>  
> $ puppet lookup infraserver --environment preprod --node dev1.local
> 
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/a0655c3e-9b5e-4097-a793-60f3117df82do%40googlegroups.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from

Re: [Puppet Users] How to run yum update in puppet config.pp file?

2020-05-06 Thread Martin Alfke 
Hi,

> On 6. May 2020, at 02:17, Shivabalaji  wrote:
> 
> Hi Team,
> I want to run yum updated every time, when I run puppet update. How do I add 
> yum update command?

You can use Puppet to create a cron job which runs the yum update.
https://forge.puppet.com/puppet/cron 
or
https://forge.puppet.com/puppetlabs/cron_core 


You will never run yum update within Puppet.

Why: Puppet is declarative configuration management.
That means that you describe the desired state of your systems and not which 
actions to run on systems,
If you want to run something regular: then use cron!

Hth,
Martin

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/158AD9C8-1F3D-40AF-A51E-AF7AF02E292D%40gmail.com.

[Puppet Users] Splat operator on file resource Error

2020-04-29 Thread Martin Alfke 
Hi,

we want to make use of the splat operator and extend the list of parameters:

#site/profile/manifests/files.pp
class profile::files (
  Hash $files = {},
){
  $files.each |String $key, Hash $params| {
$_template = $params['template']
$_value = delete($params, 'template')

notify { 'template':
  message => $_template,
}
notify { '_value':
  message => $_value,
}

file { $key:
  *   => $_value,
  content => epp($_template),
}
  }
}

#data/common.yaml
---
profile::files::files:
  '/tmp/foo':
ensure: file,
mode: '0644'
template: 'profile/file_template.epp'

Puppet agent run compains:

Error: Failed to apply catalog: Validation of File[/tmp/foo] failed: You cannot 
specify more than one of content, source, target (file: 
/etc/puppetlabs/code/environments/production/site/profile/manifests/files.pp, 
line: 15)

When removing the file resource, the notify output looks OK:

Notice: profile/file_template.epp
Notice: /Stage[main]/Profile::Files/Notify[template]/message: defined 'message' 
as 'profile/file_template.epp'
Notice: {"ensure"=>"file,", "mode"=>"0644"}
Notice: /Stage[main]/Profile::Files/Notify[_value]/message: defined 'message' 
as {
  'ensure' => 'file,',
  'mode' => '0644'
}
Notice: Applied catalog in 36.38 seconds

What am I missing or doing wrong?

Thanks,
Martin

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/2580881E-185B-41FD-87E7-04FDB93C5E4B%40gmail.com.

Re: [Puppet Users] Puppet on Ubuntu Focal

2020-04-25 Thread Martin Alfke 
Are you using system ruby, installing puppet as a Ruby gem?
No need to do this.
Puppet Agent ships required ruby version.
Just add the repo (http://apt.puppetlabs.com/puppet6-release-focal.deb) and 
then install puppet-agent package.

hth,
Martin


> On 24. Apr 2020, at 17:27, Arpit sharma  wrote:
> 
> Since Focal ships with Ruby 2.7 I am having trouble  using puppet on Focal
> Mostly related to this issue
> https://tickets.puppetlabs.com/browse/PUP-10247
> When can we expect to have a stable version for Focal?
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/e8161f0c-d79b-4ab7-b592-358678380a1d%40googlegroups.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/78EBB45D-CD71-4024-92BD-321E137E6DE0%40gmail.com.

Re: [Puppet Users] Where is source rpm for puppet6 open source rpm

2020-04-23 Thread Martin Alfke 
You can install the RPM on /opt folder and re-use the same installation on 
multiple systems.
Just be sure to configure puppet agent to not store node specific information 
in /opt.

Check config options by running "sudo puppet config print —all” after Puppet 
agent installation

Hth,
Martin


> On 23. Apr 2020, at 01:43, John Sellens  wrote:
> 
> Could you cheat and create /opt2/puppetlabs and a symlink
> from /opt/puppetlabs -> /opt2/puppetlabs before installation?
> 
> Otherwise, you can likely unpack the rpm, and futz with it,
> but I could imagine that /opt/puppetlabs is buried in a
> binary or two and thus awkward to change.
> 
> Hope that helps - cheers
> 
> On Wed, 2020/04/22 06:21:51PM -0400, Trevor Vaughan  
> wrote:
> | Ah, you need the whole thing to be relocatable!
> | 
> | On Wed, Apr 22, 2020 at 3:54 PM hai wu  wrote:
> | > Thank you! Unfortunately that won't work for me. The issue I have is
> | > due to /opt is some NFS read-only mounts. I am wondering about how to
> | > get a new RPM created for puppet-agent6, so that it could be installed
> | > on some folder like /opt2 instead. Right now I could not install this
> | > rpm. The other workaround is to copy whole puppet folder to that NFS
> | > mount. Just thinking that modifying /opt if we have src rpm would be
> | > much easier..
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/20200422234306.GA10968%40syonex.com.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/54D3AB27-FD17-4814-914C-F8F729A43EA8%40gmail.com.

Re: [Puppet Users] Install software by running script

2020-04-15 Thread Martin Alfke 
Hi Albert,

> On 15. Apr 2020, at 15:51, Albert Shih  wrote:
> 
> Le 11/04/2020 à 12:15:12+0200, Martin Alfke a écrit
> 
> Hi everyone.
> 
>> 
> Thanks for the answer.
> 
>>> I would like to have your point of view on how you install some software.
>>> 
>>> Long time (in IT meaning) most of the software installation meaning run
>>> some rpm, apt, and put a config file.
>> 
>> That process is still considered best practice.
> 
> I agree, but I'm not the guy who write the code of the software I need to
> install
> 
>>> That's something very easy to do with puppet.
>>> 
>>> Currently lot of software need something, IMHO, more easy for the user, but
>>> much more hard to put inside a puppet. For example, installing some nodejs
>>> software means to
>>> 
>>> install nodejs
>>> run npm
>>> 
>> 
>> Don't do that as a Puppet developer.
>> Let the developers build complete software packages with all dependencies 
>> built into.
>> e.g. gem bundler directory must be part of the application package.
>> 
>> Building packages can easily be done by using fpm 
>> (https://github.com/jordansissel/fpm/wiki).
>> No special Debian or RPM knowledge required.
> 
> I will look for that very closely, Thanks for the tips. I didn't know this
> one.
> 
>>> 
>>> (Ok I know it's not secure...) but well...
>> 
>> The same pattern: let the wget | sudo bash command run on a dev platform or 
>> a container and build a package.
> 
> Ok, so if I'm correct here is the workflow :
> 
> 
>  Using some gitlab/github + fpm, I run all the script from the software
>  vendor, and built a package.
> 
>  Using puppet install that package.
> 
>  Put my config file in puppet
> 
>  Each time I need a upgrade I rerun my git pull/push CI to build the
>  package

You are rebuilding with increased version numbers.

> 
> Am I correct ?

That description is correct.

hth,
Martin


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/B3CFAC29-069E-4392-93B3-881C2284E41E%40gmail.com.

Re: [Puppet Users] Install software by running script

2020-04-11 Thread Martin Alfke 
Hi Albert,

> On 11. Apr 2020, at 11:27, Albert Shih  wrote:
> 
> Hi,
> 
> I would like to have your point of view on how you install some software.
> 
> Long time (in IT meaning) most of the software installation meaning run
> some rpm, apt, and put a config file.

That process is still considered best practice.

> 
> That's something very easy to do with puppet.
> 
> Currently lot of software need something, IMHO, more easy for the user, but
> much more hard to put inside a puppet. For example, installing some nodejs
> software means to
> 
>  install nodejs
>  run npm
> 

Don't do that as a Puppet developer.
Let the developers build complete software packages with all dependencies built 
into.
e.g. gem bundler directory must be part of the application package.

Building packages can easily be done by using fpm 
(https://github.com/jordansissel/fpm/wiki).
No special Debian or RPM knowledge required.

> If I try do to the same it's pretty hard to find all packages install by the
> last command and put them to a puppet module. And event If I does, I need to 
> change
> the puppet module on each update (and currently for some software that's
> mean every week).
> 
> nodejs is just a example, you can take bundle in ruby, pip in python etc.
> 
> Of course for just pip/bundle/etc. I can do something like
> 
>  exec { 'install':
>command => 'pip/bundle/npm install',
>creates => 'some file created by the pip/bundle/npm
>}
> 
> but still it's painful because if the pip/bundle/npm failed the exec would
> not be execute again, unless you put every file create by the 1
> dependencies need for every software.
> 
> The worst case for me is those software installed by some
> 
>  wget 'URL' | sh
> 
> (Ok I know it's not secure...) but well...

The same pattern: let the wget | sudo bash command run on a dev platform or a 
container and build a package.


hth,
Martin

> 
> I event find out a script I am unable to run through exec resource (I
> didn't find out why).
> 
> So my question : How you manage those kind of installation (beside manually
> or using a docker image).
> 
> Regards.
> 
> --
> Albert SHIH
> DIO bātiment 15
> Observatoire de Paris
> xmpp: j...@obspm.fr
> Heure local/Local time:
> Sat 11 Apr 2020 11:15:45 AM CEST
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/20200411092718.GB2172%40io.chezmoi.fr.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/33B8023C-5EE5-4038-8F88-F6CF83974D7A%40gmail.com.

Re: [Puppet Users] upgrading opensource from 5.5 to 6.x

2020-03-19 Thread Martin Alfke 
Hi Tim,

Major difference between Puppet 5 and 6:
- some types have been moved to separate git module repositories
- puppet cert command has been moved to puppet server ca command (see also 
https://www.example42.com/2018/10/08/puppet6-ca-upgrading/ 
)

The Puppet doc has more information: 
https://puppet.com/docs/puppet/latest/release_notes_puppet.html#puppet-deprecations-x.0.0
 


Best,
Martin


> On 19. Mar 2020, at 00:09, Tim Mooney  wrote:
> 
> 
> All-
> 
> When I upgraded our opensource puppet environment from 3.8 to 5.x, there
> was a lot of good documentation that highlighted changes to file locations,
> deprecations, settings that needed to change, etc.  There were many
> things to change or update to prepare for the upgrade, but nearly
> everything was spelled out pretty clearly.
> 
> I'm contemplating updating our environment from 5.5 to the most recent
> 6.x release, and I'm not finding any upgrade documentation of a similar
> amount of detail.  I understand that there are fewer changes and
> deprecations between 5.5 and 6.x than there were between 3.8 and 5.x,
> but there has to be more to it than just update the packages without
> making any changes to your config files, etc.
> 
> For others that have been through the same upgrade recently, what docs
> did you follow, and were there any gotchas that weren't covered?
> 
> Thanks!
> 
> Tim
> -- 
> Tim Mooney tim.moo...@ndsu.edu
> Enterprise Computing & Infrastructure /
> Division of Information Technology/701-231-1076 (Voice)
> North Dakota State University, Fargo, ND 58105-5164
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/alpine.GSO.2.21.2003181743460.7559%40dogbert.cc.ndsu.NoDak.edu.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/062B90D8-9FCE-4DAA-9A88-D60057E00CE5%40gmail.com.

Re: [Puppet Users] Questions reg. Hiera v3 to v5 migration

2020-03-04 Thread Martin Alfke 
Hi Dirk,

> On 4. Mar 2020, at 09:12, Dirk Heinrichs  wrote:
> 
> Am Mittwoch, den 04.03.2020, 07:56 + schrieb Dirk Heinrichs:
> 
>> I assume these two are equivalent:

Yes, both deliver same results.
I prefer the second option (using paths)
The first option is useful in case that you need to set hierarchy individual 
settings.

Hth,
Martin

> 
> Once again, with better indentation:
> 
> hierarchy:
>   - name: "Per-kernel data"
> path: "kernel/%{facts.kernel}.yaml"
>   - name: "Common data"
> path: "common.yaml"
> 
> hierarchy:
>   - name: "All in one"
> paths:
>   - "kernel/%{facts.kernel}.yaml"
>   - "common.yaml"
> 
>> Is this correct?
> 
> Thanks...
> 
> Dirk
>  -- 
> Dirk Heinrichs
> Senior Systems Engineer, Delivery Pipeline
> OpenText ™ Discovery | Recommind
> Phone: +49 2226 15966 18
> Email: dhein...@opentext.com 
> Website: www.recommind.de 
> Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
> Vertretungsberechtigte Geschäftsführer Gordon Davies, Madhu Ranganathan, 
> Christian Waida, Registergericht Amtsgericht Bonn, Registernummer HRB 10646
> This e-mail may contain confidential and/or privileged information. If you 
> are not the intended recipient (or have received this e-mail in error) please 
> notify the sender immediately and destroy this e-mail. Any unauthorized 
> copying, disclosure or distribution of the material in this e-mail is 
> strictly forbidden
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte 
> Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail 
> irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und 
> vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte 
> Weitergabe dieser Mail sind nicht gestattet.
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to puppet-users+unsubscr...@googlegroups.com 
> .
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/puppet-users/ea220a40404e01eca25eb5ddf7e51c9dc9ccdaf6.camel%40opentext.com
>  
> .

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/64131E62-D587-41DD-B82F-3D864CC3AE9E%40gmail.com.

Re: [EXTERNAL] - Re: [Puppet Users] Hiera Setup Lookup Complaining

2020-03-03 Thread Martin Alfke 
Hi,


> 
> Am Mittwoch, den 26.02.2020, 05:57 -0800 schrieb Dan Crisp:
> 
>> sshdconfig::match_address: "xx.xx.xx.xx"
> 
> Just to clarify: Is "puppet lookup" supposed to find 
> "sshdconfig::match_address" when only "match_address" was given

No!
Hiera looks for a string based key, not regex.

You must specify the full string when using puppet lookup

puppet lookup sshdconfig::match_address —explain …

Same is for Puppet Code:

$match_address = lookup(’sshdconfig::match_address’)

Consider the following: you have 3 classes which use a $port parameter.
Which one to take? The one for ssh Class, apache class, postfix class?
That is the reason why you must provide a parameter with its namespace (=class 
name).


Hth,
Martin


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/puppet-users/E331FDB9-409D-4614-9201-95839A6E3A28%40gmail.com.

  1   2   3   4   5   >