Re: [Puppet Users] Web interface to Facter information, system config reporting?

[Ohad Levy]

On Wed, Dec 19, 2012 at 9:27 PM, Forrie  wrote:

> In our department, we recently bought an install of HP's SIM agent -- it's
> some hacky configuration reporting and management platform that also
> facilitates firmware updates, etc.   I don't care for it.
>
> For one, it requires root logins, but it also has agents that report -- it
> also may have the ability to change the system.
>
> My boss is looking for information that is presented in a GUI and easily
> reportable.   I'm thinking Facter is a good candidate here - we can tell it
> what version of software (SSH, etc), OS, etc.   But, it's all command-line.
>   I'm wondering if there is (or if someone is working on) a web-based GUI
> that can report these statistics (we don't need the overhead of something
> like puppet-dashboard).
>
> And for misc things, we can always write custom facts.   Of course, this
> would only apply to systems that are running puppet.  We have others that
> are not.
>
> I've seen some other hacks out there that do different types of reporting
> - if there's some better approach (open source), that would be great to
> know about.
>

While its not limited to inventory only, Foreman [1] can generate pretty
looking graphs, and show you all of your facts (including custom) and the
ability to search and feed that to any external service via a simple api.

You can disable most of foreman functionality, and simply get facts (and
maybe puppet reports if you are interested in puppet state and not just
inventory) without all of the other nice features (enc classifications,
provisioning, vm, cloud etc).

Hope this helps,
Ohad

[1] - http://theforeman.org


>
> Thanks.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/7L0fdmA0VNIJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Reg : Error in puppet agent in Windows

[krishna bhaskara rao]

Hi Matt,

While executing the command "*puppet agent --server test.puppetmaster.com 
--debug*" in puppet agent on Windows I am getting mentioned exception. 
As per my understanding, While executing said command, agent will send a 
request to pupet master for certificate sign off, it's not happening. That 
is the issue I am facing.

With Regards,
Krishna Bhaskar.

On Thursday, 20 December 2012 01:50:14 UTC+5:30, Matthew Burgess wrote:
>
> On Wed, Dec 19, 2012 at 5:23 PM, krishna bhaskara rao 
> > wrote: 
> > Hi John, 
> > 
> > Thank you for your response. 
> > 
> > But why should I create site.pp in agent node(Windows). As my 
> understanding, 
> > site.pp should be in puppet master server it self and it will execute 
> the 
> > catalog in agent node. 
> > 
> > Can you give me clarification on this If my understanding is wrong?. 
> > Same scenario working in linux(puppet master) to linux(puppet agent). 
> There 
> > I didnt create any site.pp in agent node. 
>
> Your understanding (of Puppet) is correct, the site.pp should reside 
> on the puppet master. 
>
> I can't see where John suggested you create a site.pp on the agent though. 
>
> What does your site.pp on the puppet master look like? 
>
> Regards, 
>
> Matt. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/BDdzUiyYKqYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Trying to get complex data set into Puppet from ENC

[Danie van Zyl]

I'm having the same problem.

On Wednesday, 23 May 2012 02:10:21 UTC+2, Jared Ballou wrote:
>
> Hi everyone, 
>
> I've been reading the groups here for a while, and have gotten a lot 
> of things fixed by finding other people's posts, so hopefully someone 
> will be able to set me straight. I am working on a Puppet deployment 
> that needs to have a lot of disparate data pulled together, and as far 
> as the ENC I created to pull it all in, everything has worked great. 
> However, I'm running into a problem instantiating Apache virtual 
> hosts. Here is some abridged output from my ENC: 
> --- 
> classes: 
>   app::lamp: 
> appdata: 
>   sites: 
> Some Website: 
>   id: "2" 
>   name: Some Website 
>   servername: somewebsite.com 
>   svntag_prod: trunk 
>   svntag_dev: trunk 
>   documentroot: ~ 
> Another Website: 
>   id: "4" 
>   name: Another Website 
>   servername: anotherwebsite.com 
>   svntag_prod: "1.2.0" 
>   svntag_dev: "1.3.0-rc4" 
>   documentroot: ~ 
> Third Website: 
>   id: "6" 
>   name: Third Website 
>   servername: thirdwebsite.com 
>   svntag_prod: trunk 
>   svntag_dev: trunk 
>   documentroot: "/opt/thirdwebsite/customhtdocs" 
>
> So, I have some other classes that are parameterized and I can 
> reference $appdata[$key] inside those manifests and everything works 
> fine for strings or arrays. My issue is getting this hash of hashes in 
> [appdata][sites] turned into vhosts. I tried using create_resources to 
> no avail, tried dumping the ENC to YAML and using Hiera to parse that, 
> and I have struck out in every way. And, honestly, I think there must 
> be a better way to do this. The data is all in a single MySQL table, 
> so I looked at hiera-mysql backend, but I think I am over my head 
> here. Has anyone got a good example I could reference doing something 
> like this, especially for multi-dimensional hashes? I was starting to 
> look at just converting it to JSON or just comma delimited text and 
> feed it to Puppet as a string to be parsed, but that just seems wrong. 
> I've been at this 4 hours now with no luck, any help anyone can 
> provide would be greatly appreciated. 
>
> Thanks, 
>
> -Jared

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/ZdBvHpmNeFAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Trying to get complex data set into Puppet from ENC

[Luke Bigum]

Hi Jared,

On Wednesday, May 23, 2012 1:10:21 AM UTC+1, Jared Ballou wrote:

> Hi everyone, 
>
> I've been reading the groups here for a while, and have gotten a lot 
> of things fixed by finding other people's posts, so hopefully someone 
> will be able to set me straight. I am working on a Puppet deployment 
> that needs to have a lot of disparate data pulled together, and as far 
> as the ENC I created to pull it all in, everything has worked great. 
> However, I'm running into a problem instantiating Apache virtual 
> hosts. Here is some abridged output from my ENC: 
> --- 
> classes: 
>   app::lamp: 
> appdata: 
>   sites: 
> Some Website: 
>   id: "2" 
>   name: Some Website 
>   servername: somewebsite.com 
>   svntag_prod: trunk 
>   svntag_dev: trunk 
>   documentroot: ~ 
> Another Website: 
>   id: "4" 
>   name: Another Website 
>   servername: anotherwebsite.com 
>   svntag_prod: "1.2.0" 
>   svntag_dev: "1.3.0-rc4" 
>   documentroot: ~ 
> Third Website: 
>   id: "6" 
>   name: Third Website 
>   servername: thirdwebsite.com 
>   svntag_prod: trunk 
>   svntag_dev: trunk 
>   documentroot: "/opt/thirdwebsite/customhtdocs" 
>
> So, I have some other classes that are parameterized and I can 
> reference $appdata[$key] inside those manifests and everything works 
> fine for strings or arrays. My issue is getting this hash of hashes in 
> [appdata][sites] turned into vhosts. I tried using create_resources to 
> no avail,


I use create_resources() a bit with hash data pulled from Hiera and don't 
have too many problems with it (despite it's annoyingly vague error 
messages). Do you have an example of where it has not worked for you? I 
would have thought:

create_resources('apache::vhost', $appdata[$key][$sites])

should work fine, though I don't have an ENC so I'm not sure exactly how 
this data gets presented to you - it is a Puppet hash, right?
 

> tried dumping the ENC to YAML and using Hiera to parse that, 
> and I have struck out in every way. And, honestly, I think there must 
> be a better way to do this. The data is all in a single MySQL table, 
> so I looked at hiera-mysql backend, but I think I am over my head 
> here. Has anyone got a good example I could reference doing something 
> like this, especially for multi-dimensional hashes? I was starting to 
> look at just converting it to JSON or just comma delimited text and 
> feed it to Puppet as a string to be parsed, but that just seems wrong. 
> I've been at this 4 hours now with no luck, any help anyone can 
> provide would be greatly appreciated. 
>
> Thanks, 
>
> -Jared

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/vXuy7hRZeCkJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] puppet dashboard run time problems

[Jacob]

Hello all,

I just noticed that in my dashboard the "Run Time" graph shows really weird 
output.  It seems like it is different for different nodes. For some nodes, 
it doesn't seem to be updating, and for others it graphs values that are 
wrong.  The "recent report" table seems to be correct however.

Has anyone seen this or have any pointers?

Thanks

//Jacob.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/nvVmFMCSfp0J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Whats the best approach to create a repo of the installers to be used for installing and upgrading in the puppet managed nodes

[Keiran Sweet]

Hi There,
This is the type of task that is best serviced using the packaging 
framework of your operating system (ie, RPM, Deb, etc).

In this case, I'd roll the software into RPMs and have them installed via 
the package {} type on all your nodes from a central YUM repo, followed by 
the deployment of the profile file from a central location using the file 
{} type.

You could then manage the service using the service type to ensure the 
applications are running as required.

The benefit of this is that it is very repeatable, as well as being able to 
use the packaging framework to assist with upgrade to other versions more 
seamlessly.

There are some good examples at: http://puppetcookbook.com/ you could use 
as a reference.

Cheers,

K



On Thursday, December 20, 2012 7:12:51 AM UTC, Sivaraman Viswanathan wrote:
>
> Lets take the example, I am having a jboss-4.2.3 installers as a .tar 
> file. In general to install jboss, i ll 
> 1. untar the jboss-4.2.3 into a prefefined folder (opt/server/jbossas/) 
> into  multiple servers
> 2. untar the openjdk into a preferined path (/opt/software/java)set the 
> path in the bash.profile
> 3. Create server profile in the place where jboss is installed
> 4. Start the server.
>
> Lets say that I have to do this in 16 nodes (servers).
> Now, I should store the jboss and openjdk installers at a central location 
> and it should be transferred to the nodes before the 1st step can begin.
>
> I wrote the manifest to perform the requirements form 1 to 4. But not sure 
> how can I automate the transfer of the installers from a central repo. I am 
> not worried about the type of central repo. It can be a ftp or puppet or 
> anything else.
>
> Please help me. I was going through filebucket. Will this help or should i 
> write a manifest to get this file from a ftp server?
>
> How to create a file repo which can be referred in puppet manifests?
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/EsvW-gsiV7YJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Reg : Error in puppet agent in Windows

[Matthew Burgess]

On Thu, Dec 20, 2012 at 9:36 AM, krishna bhaskara rao
 wrote:
> Hi Matt,
>
> While executing the command "puppet agent --server test.puppetmaster.com
> --debug" in puppet agent on Windows I am getting mentioned exception.

I generally dislike specifying the server on the command line.  What
does the following command give you, when run on the agent?

puppet agent --test

Do you have a 'server =' line in your agent's puppet.conf file? This
isn't strictly necessary if 'agent.your-domain.com' can successfully
resolve a DNS query for 'puppet'.  As you're on Windows, running
'nslookup puppet' is enough to test this.  Or, confirm that your hosts
file contains a suitable entry for 'puppet'.

Regards,

Matt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Reg : Error in puppet agent in Windows

[krishna bhaskara rao]

Hi Matt,

I have configured hostname of the master in hosts file as below in windows 
agent.
 10.248.113.198   test.master.internal puppetmaster
and added an entry "server=test.master.internal" in agent in windows 
puppet.conf.

If I execute command *puppet agent --test,* I am getting same error like 
below

*Info: Retrieving plugin*
*Error: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Could*
* not find default node or by name with 'testagentoneinternal.ec2.internal, 
te*
*stagentoneinternal.ec2, testagentoneinternal' on node testagentoneinter*
*nal.ec2.internal*
*Warning: Not using cache on failed catalog*
*Error: Could not retrieve catalog; skipping run*
*
*
I am not getting any solution to resolve it.

With Regards,
Krishna Bhaskar.


On Thursday, 20 December 2012 16:13:06 UTC+5:30, Matthew Burgess wrote:
>
> On Thu, Dec 20, 2012 at 9:36 AM, krishna bhaskara rao 
> > wrote: 
> > Hi Matt, 
> > 
> > While executing the command "puppet agent --server test.puppetmaster.com 
> > --debug" in puppet agent on Windows I am getting mentioned exception. 
>
> I generally dislike specifying the server on the command line.  What 
> does the following command give you, when run on the agent? 
>
> puppet agent --test 
>
> Do you have a 'server =' line in your agent's puppet.conf file? This 
> isn't strictly necessary if 'agent.your-domain.com' can successfully 
> resolve a DNS query for 'puppet'.  As you're on Windows, running 
> 'nslookup puppet' is enough to test this.  Or, confirm that your hosts 
> file contains a suitable entry for 'puppet'. 
>
> Regards, 
>
> Matt. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/PXtizbqnrDYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Reg : Error in puppet agent in Windows

[Matthew Burgess]

On Thu, Dec 20, 2012 at 12:17 PM, krishna bhaskara rao
 wrote:
> Hi Matt,
>
> I have configured hostname of the master in hosts file as below in windows
> agent.
>  10.248.113.198   test.master.internal puppetmaster
> and added an entry "server=test.master.internal" in agent in windows
> puppet.conf.

So, what's in your /etc/puppet/manifests/site.pp on the master then?

At the minimum, it should have:

node default {
}

Thanks,

Matt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] hspuppetmaster release

[Simon Marechal]

I just released a very alpha version of the software : 
http://lpuppet.banquise.net/blog/2012/12/20/hspuppetmaster-alpha-release/

It should become a full replacement for the current Puppet master, but with 
much better performance characteristics and ease of deployment. It is also 
not Puppet-perfect, and will certainly never be, but should work well on 
proper modern-style Puppet, minus a few features (such as Hiera).

If you don't know about it, it is based on language-puppet, a library that 
let you work with your manifests, and let you do thing such as compiling 
catalogs on your workstation, using facts from PuppetDB. It is extremely 
useful to me, and I use it on a daily basis to:

   - pre-commit check syntax and correctness (that catalogs compiles and 
   that all source => 'xxx' links are valid) of my manifests
   - computing diffs between two catalogs (two hosts, or different versions 
   of the same catalog)
   - there is a utility (puppetresources) that is extremely useful when 
   writing templates, or finding where a specific resource has been defined
   - write tests that check properties of the actual catalog, or 
   interaction between catalogs (exported resources or puppetdb queries)
   - all of this in Haskell

Please let me know if you find this interesting, useful, and/or bugged.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/NXmAQrDqNy0J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: How to manage puppet modules? git submodules? hg subrepositories? own solution?

[Benjamin Priestman]

I've tried using https://github.com/azimux/externals (referenced in Version 
Control with Git ) which 
kind of works, but is a bit buggy and I've yet to come up with an easily 
understood workflow.

On Tuesday, 18 December 2012 17:59:48 UTC, Malte Janduda wrote:
>
> Hi folks,
>
> we are looking for a way to manage our puppet modules in a convenient way. 
> At the moment we have about 30 modules which are versionized with git or 
> mercurial. Most of them are self-made, some are from github.
> We thought it would be a good idea to use mercurial subrepositories to 
> manage the versions of those modules. Well, it is not. Everytime you push 
> your commits to the server all subrepositories are checked for updates. It 
> takes minutes to push your changes! And if you have to merge something you 
> do not really know what happens. You just try every command which appears 
> in your mind - multiple times and in different order :D
> It happened three times that every developer had to delete the whole 
> module tree and check it out again because something was broken.
> git submodules do not seem to be fun either.
>
> I have looked for an alternative to submodules/subrepositories and found 
> librarian-puppet (https://github.com/rodjek/librarian-puppet). 
> Unfortunately it does not really work good for me. A lot of useless error 
> messages if something is configured wrong. This is pretty important for us. 
> All developers should be able to use the versioning tool. It has to be easy 
> to use. Further the librarian-puppet does not seem to be backed by a 
> healthy community. Just every few months a commit and a lot of open issues 
> and pull-requests.
>
> I have hacked some Python code to realize something similar: dyps - 
> https://github.com/MalteJ/dyps
> You have a yaml file which defines your modules: name, source, version and 
> DVCS system (git/hg):
>
> - dep: mysql
>   source: https://github.com/puppetlabs/puppetlabs-mysql.git
>   type: git
>   version: af4b8bff0ad59f21211be2a98d31588066c41e0c
>
> All modules are downloaded to the folder "dependencies" when executing 
> "dyps run".
> You can decide if you want to get a specific changeset at the next run or 
> if you want to get the latest changes - just discard the version property 
> or execute "dyps release your-module-name". If you want to keep the current 
> version execute "dyps keep your-module". You can update one or all 
> versionized modules via "dyps update your-module" or "dyps update-all". The 
> modules without a defined versioned are updated at every dyps run.
>
> I have added an import function for mercurial subrepository .hgsub files. 
> Feel free to extend it with an importGitSubmodules function ;-)
>
>
> What do you think about this approach?
> How are you managing your modules/dependencies?
>
> Best,
> Malte
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/VZjQExuTnvAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Reg : Error in puppet agent in Windows

[jcbollinger]

On Thursday, December 20, 2012 6:26:07 AM UTC-6, Matthew Burgess wrote:
>
>
> So, what's in your /etc/puppet/manifests/site.pp on the master then? 
>
> At the minimum, it should have: 
>
> node default { 
> } 
>
>

Now where did I see that before?  :-) 


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/ebyZQxn082UJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Reg : Error in puppet agent in Windows

[Matthew Burgess]

On Thu, Dec 20, 2012 at 2:06 PM, jcbollinger  wrote:

> Now where did I see that before?  :-)

Ha, I thought you'd mentioned it before, but gmail's stupid interface
(I always blame my tools!) meant I skimmed straight past it when I was
double-checking) :-)

Cheers,

Matt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: passing parameters

[jcbollinger]

On Wednesday, December 19, 2012 3:45:39 PM UTC-6, Michael Hüttermann wrote:
>
>
> I use a parameterized class and declare it as a resource. How can I pass 
> the parameters from outside any declaration or manifest, during runtime? 
>


To the best of my knowledge, it is not possible to do such a thing, at 
least not directly (but see below).

Puppet always operates by compiling a manifest set into a catalog 
containing a digested version of all the resources, parameters, properties, 
and relationships to apply, and then applying the compiled catalog without 
considering further input.  Those two steps often occur on different 
systems (master / agent) but they can be done all in one process ("puppet 
apply").  Class parameter values are determined strictly during manifest 
compilation.

What you are asking for seems directed toward using Puppet as a script 
engine, and that's very much counter to Puppet's architecture and intended 
problem space.  Puppet's objective is to establish and maintain known 
configurations on target nodes, so it really doesn't make sense to have it 
determine the appropriate parameters on a per-run basis.  If that's what 
you want then I'd recommend you write an ordinary script.

Nevertheless, if you insist on doing as you say, then here's a way to 
accomplish it:

   1. Set environment-based node facts for the desired parameter values, as 
   described here: 
   
http://docs.puppetlabs.com/guides/faq.html#can-i-access-environment-variables-with-facter
   2. In the appropriate manifest, set the class parameters according to 
   those node facts.  You can do that conditionally, if you prefer.
   3. Run the agent normally.  If you wish, you can use the --tag option to 
   limit the resources to be applied.
   

For example, can I pass the parameters during a call of "puppet kick" ? 
>
>

"puppet kick" just triggers the agent (if it's listening) to perform an 
ordinary catalog run.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/m1dmI-VGYEMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Unable to clone package using console

[DAVER]

Hi,
 I have installed puppet enterprise 2.7 on a virtual machine with 
cent-OS 6.2(64 bit) as base. I have installed one puppetserver with console 
and master role and nine puppet clients with agent role. I did the 
certificate signing work. I have tried cloning user and group resource 
types and that is working fine and both the user and group can be cloned 
onto other puppet nodes. But cloning the package in unsuccessful. I have 
followed the following steps for cloning the package,
-> install a package on three nodes by the command [yum install screen]. 
The installation is successful.
-> check the resources using console by selecting all the nodes and then 
doing [manage resources -> package -> get resources ]. I got the result 
showing screen package is installed on three clients.
-> For cloning, i did [clone resource -> preview -> clone]. I got the 
"Performing cloning operation" message. I have checked the background 
process on the clients and it shows the process "/usr/bin/python 
/usr/bin/yum -d 0 -e 0 -y install screen" is starting after clicking the 
clone button.
-> the size of the package is 494k
I've tried the above steps a couple of times but the package doesn't 
get installed. Moreover when i tried to install the package on another 
client by typing the same command on the terminal, i.e. "/usr/bin/python 
/usr/bin/yum -d 0 -e 0 -y install screen" , the package gets installed 
within a couple of seconds.

Any pointers or help are welcome.

Thanks,
DAVER

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/uPwCpNk8KXkJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Whats the best approach to create a repo of the installers to be used for installing and upgrading in the puppet managed nodes

[Louis Coilliot]

Hello,

why not making a rpm or deb package for the application and using the
resource 'package' ?

Here is an example with JBoss :

http://kermit.fr/repo/rpm/el6/x86_64/jboss/
http://kermit.fr/repo/rpm/el6/SRPMS/
https://github.com/lofic/puppet-lofic/tree/master/modules/jboss7

Louis Coilliot

2012/12/20 Sivaraman Viswanathan :
> Lets take the example, I am having a jboss-4.2.3 installers as a .tar file.
> In general to install jboss, i ll
> 1. untar the jboss-4.2.3 into a prefefined folder (opt/server/jbossas/) into
> multiple servers
> 2. untar the openjdk into a preferined path (/opt/software/java)set the path
> in the bash.profile
> 3. Create server profile in the place where jboss is installed
> 4. Start the server.
>
> Lets say that I have to do this in 16 nodes (servers).
> Now, I should store the jboss and openjdk installers at a central location
> and it should be transferred to the nodes before the 1st step can begin.
>
> I wrote the manifest to perform the requirements form 1 to 4. But not sure
> how can I automate the transfer of the installers from a central repo. I am
> not worried about the type of central repo. It can be a ftp or puppet or
> anything else.
>
> Please help me. I was going through filebucket. Will this help or should i
> write a manifest to get this file from a ftp server?
>
> How to create a file repo which can be referred in puppet manifests?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/3qIDxQyVVncJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Puppet pushes facts even when I'm not including the module

[David Kerr]

On Wednesday, December 19, 2012 1:02:48 PM UTC-8, Ramin K wrote:
>
> On 12/19/2012 11:55 AM, David Kerr wrote: 
> > Howdy, 
> > 
> > I've got a module that's the equivalent of: 
> > /etc/puppet/modules/mymodule/lib/facter/myfact.rb 
> > 
> > myfact.rb seems to get pushed to all nodes regardless of whether or not 
> > i include mymodule for that node. 
> > 
> > my factpath is 
> >  factpath = $vardir/lib/facter:$vardir/facts 
> > 
> > I'm on puppet v 3.0.0 
> > 
> > I'm fairly certain that my site manifests are correct, so I don't 
> > believe that this node is falling through and hitting a different node's 
> > set of includes. 
> > 
> > It's unclear if this is the expected and correct behavior for puppet? 
> > 
> > Thanks 
>
> This is the correct behavior and makes sense if you think about 
> the 
> order of transactions. 
>
> 1. client connects to master and does cert things 
> 2. master sends facts to client 
> 3. client runs facts, POST to master requesting catalog 
> 4. master generates catalog based on facts 
> 5. client receives catalog and executes it 
>
> Because facts are run before the catalog is requested they can't be 
> doled out on demand. 
>
> Ramin 
>

good to know, thanks! 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/bYteczZEQ18J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Could not request certificate: Retrieved certificate does not match private key; please remove certificate from server and regenerate it with the current key

[Mehmet Tecer]

Krishna,

Here is how I quickly resolve this issue.

1- Stop puppet on client.

2- Delete the cert on the server

3- Delete /var/lib/puppet directory on client.

4- Start puppet on client.

This should take care of your cert issue.
--Mehmet

On Wednesday, November 28, 2012 8:53:02 AM UTC-5, krishna bhaskara rao 
wrote:
>
> Hi,
>
> I have installed puppet master and puppet agent in two redhat linux 
> machines.
> After that, I have updated server details in agent machine /etc/hosts file.
> While executing the ping servername in agent machine, I am getting below 
> response.
> =
> [root@ip-10-244-162-253 files]# ping puppet
> PING server.puppet.com (10.203.34.103) 56(84) bytes of data.
> 64 bytes from server.puppet.com (10.203.34.103): icmp_seq=1 ttl=61 
> time=0.723 ms
> 64 bytes from server.puppet.com (10.203.34.103): icmp_seq=2 ttl=61 
> time=0.570 ms
> 64 bytes from server.puppet.com (10.203.34.103): icmp_seq=3 ttl=61 
> time=0.617 ms
> ==
> Then While executing one of the below commands 
> "puppetd --test" or "puppetd --server puppet --waitforcert 60 --verbose 
> --test"
> I am getting an error message like below
>
> *err: Could not request certificate: Retrieved certificate does not match 
> private key; please remove certificate from server and regenerate it with 
> the current key*
>
> I tried after cleaning certificates in both the machines by using 
> "puppetca --clean --all" also, same error I am getting.
>
> Can any one provide a way to come out of this issue.
>
> With Regards,
> Krishna Bhaskara Rao.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/918XOlLVMLMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] How to only apply my manifests to certain classes?

[Steve Button]

Hi,

I've written a new resolv class, but I only want it to get pushed out (for 
instance) UAT servers for now. Or perhaps just servers which have apache 
installed, or just the ones which are part of project xyz.

I've been searching through the docs, but I think I'm looking in the wrong 
place. Also, I get the feeling that there's several ways to achieve this 
and some of the docs refer to the older ways.

What's the current method of limiting certain manifests to certain classes 
of machines? (have I got my terminology wrong here?) 

Perhaps someone could put a link in to the best place in the docs that 
explains this to me? I'm sure I've read about this in the past, but I can't 
seem to find it again.

Thanks in advance! 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/eLOq3hnPSroJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Remote Network Device management...

[Gavin Williams]

Afternoon all

We are starting to look at using Puppet Network device support in anger, 
and one of the potential issues that has been raised is around cross-site 
access... 

Currently, we have one Puppet master server, which is hosted in location C. 
This server is able to access and manage the appropriate network devices in 
location C. 

However there are other devices in locations A and B which we want to be 
able to manage through Puppet. However some potential concerns have been 
raised around allowing the puppet master server blanket access to locations 
A & B... 

Is it possible therefore to run the network devices in effectively a 
'proxy' mode. That is, we create/nominate a suitable node in locations A 
and B which would be able to manage network devices in their respective 
locations, and these nodes then talk back to the Puppet master. 

Does this sound sensible? 

Any other considerations/ideas as to how the above can achieve?

Cheers in advance for any responses. 

Regards
Gavin 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/WQ3ut4DOK9sJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Reg : Error in puppet agent in Windows

[krishna bhaskara rao]

Hi John,

I have nodes.pp as 
node basenode {
}
node 'test.master.com' inherits basenode {  }

site.pp as 
import 'nodes'
node 'test.agent.com' {
}



With Regards,
Krishna Bhaskar.'

On Thursday, 20 December 2012 19:36:36 UTC+5:30, jcbollinger wrote:
>
>
>
> On Thursday, December 20, 2012 6:26:07 AM UTC-6, Matthew Burgess wrote:
>>
>>
>> So, what's in your /etc/puppet/manifests/site.pp on the master then? 
>>
>> At the minimum, it should have: 
>>
>> node default { 
>> } 
>>
>>
>
> Now where did I see that before?  :-) 
>
>
> John
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/NYbWYppES-cJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Reg : Error in puppet agent in Windows

[krishna bhaskara rao]

Hi Matt,

I have nodes.pp as 
node basenode {
}
node 'test.master.com' inherits basenode {  }

site.pp as 
import 'nodes'
node 'test.agent.com' {
}


With Regards,
Krishna Bhaskar.'

On Thursday, 20 December 2012 17:56:07 UTC+5:30, Matthew Burgess wrote:
>
> On Thu, Dec 20, 2012 at 12:17 PM, krishna bhaskara rao 
> > wrote: 
> > Hi Matt, 
> > 
> > I have configured hostname of the master in hosts file as below in 
> windows 
> > agent. 
> >  10.248.113.198   test.master.internal 
> puppetmaster 
> > and added an entry "server=test.master.internal" in agent in windows 
> > puppet.conf. 
>
> So, what's in your /etc/puppet/manifests/site.pp on the master then? 
>
> At the minimum, it should have: 
>
> node default { 
> } 
>
> Thanks, 
>
> Matt. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/Y3XAbkVweXYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] How to only apply my manifests to certain classes?

[Matthew Burgess]

On Thu, Dec 20, 2012 at 4:11 PM, Steve Button  wrote:
> Hi,
>
> I've written a new resolv class, but I only want it to get pushed out (for
> instance) UAT servers for now. Or perhaps just servers which have apache
> installed, or just the ones which are part of project xyz.

Depending on the size and complexity of your environment, there's
several ways of achieving those goals.

> I've been searching through the docs, but I think I'm looking in the wrong
> place. Also, I get the feeling that there's several ways to achieve this and
> some of the docs refer to the older ways.

Yes, there are several ways, and I think the docs cover all of them,
at least to a certain degree.

> What's the current method of limiting certain manifests to certain classes
> of machines? (have I got my terminology wrong here?)

Using the word 'classes', whilst not incorrect, may cause confusion,
as a class is something special in puppet terminology.

> Perhaps someone could put a link in to the best place in the docs that
> explains this to me? I'm sure I've read about this in the past, but I can't
> seem to find it again.

OK.  If you're trying to apply your resolv class based on the fact
that Apache is installed, I'd recommend resource dependencies (docs at
http://docs.puppetlabs.com/learning/ordering.html):

apache { 'vhost-title':
  parameter => value,
  param2 => value,
  before => resolv['resolv.conf']
}

I personally don't like having dependencies ordered that way (I prefer
'require'), but given your use case of 'I know which servers I want
Apache on, and resolv needs to be put on those same servers' this
seems to be the more natural way of writing your manifest.

The most flexible way of assigning classes to nodes is via an External
Node Classifier, or ENC.  Documentation at
http://docs.puppetlabs.com/guides/external_nodes.html.  I think this
is generally considered the 'correct' method, given that manually
updating site.pp is just unworkable in any large(ish) setup.

For your 'I want to assign the class to all servers in XYZ project',
the first question you have to answer is 'how do you define which
servers are in project 'xyz'.  If it's hostname based, your ENC has
direct access to that (the ENC script is called with the hostname as a
parameter).  If it's some other property of the server, it may already
be available as a facter variable, which are easily obtainable via
calling out to the 'facter' binary in your script.  If it's some other
property, you'll have to somehow make that available to your ENC
script.  That could be done via a custom fact, which is documented at
http://docs.puppetlabs.com/guides/custom_facts.html.

Regards,

Matt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] How to only apply my manifests to certain classes?

[Roman Shaposhnik]

On Thu, Dec 20, 2012 at 8:11 AM, Steve Button  wrote:
> Hi,
>
> I've written a new resolv class, but I only want it to get pushed out (for
> instance) UAT servers for now. Or perhaps just servers which have apache
> installed, or just the ones which are part of project xyz.

There are a couple of ways how you can achieve that depending
on your existing setup of Puppet:
   * via ENC (external node classifier)
  http://docs.puppetlabs.com/guides/external_nodes.html
   * node definition
  http://docs.puppetlabs.com/puppet/2.7/reference/lang_node_definitions.html
   * good ol' case statements in your site.pp
  case $::fqdn {
  
  }
   * manual execution of puppet apply with that single class given to it
  echo 'your_class' | puppet apply

Please let us know a bit more about your setup.

Thanks,
Roman.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Reg : Error in puppet agent in Windows

[Matthew Burgess]

On Thu, Dec 20, 2012 at 4:48 PM, krishna bhaskara rao
 wrote:
> Hi Matt,
>
> I have nodes.pp as
> node basenode {
> }
> node 'test.master.com' inherits basenode {  }
>
> site.pp as
> import 'nodes'
> node 'test.agent.com' {
> }

Have you just obfuscated those due to posting on a mailing list?  Your
original error message stated that a node definition for
testagentoneinternal.ec2.internal couldn't be found, and neither could
a default node definition.

As you're using nodes.pp and site.pp, your nodes.pp needs:

node default {
}

it could also have (either in addition, or instead of the above
default node definition):

node 'testagentoneinternal.ec2.internal' {
}

And your site.pp just needs the 'import "nodes"' line that it looks
like it does already; to avoid confusion, I'd remove the explicit node
definition from site.pp.

Regards,

Matt.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] installing puppet via rubygems (not recommended?)

[Dusty Doris]

I have an old fedora 9 machine running ruby 1.9.2-p290, that I'd like to 
install puppet on to run as a master.  In the documentation it says that 
installing from rubygems is not recommended.  Is there are particular 
reason why its not recommended?  Installing from source is also not 
recommended, is that a better/worse/same alternative?

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/Q3QUKoKS4zwJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: How to manage puppet modules? git submodules? hg subrepositories? own solution?

[Mason Turner]

We are still using svn, but looking on adapt this to git next year.

This is a simplified view of our svn repo:

- nodes
-- dev
--- trunk
--- tags
 20121220-121212
-- prod
--- trunk
--- tags
- modules
-- apache
--- trunk
--- tags
 20121220-121212
-- something_else
--- trunk
--- tags
 20121220-121212

We then have a utility (link_puppet) that:
* takes a module, tag and environment as command line options 
* Updates the svn sandbox in /opt/puppet/svn/modules/$module
* links /opt/puppet/svn/modules/$module/tags/$tag to 
/etc/puppet/environments/$env/modules/$module

It also validates the module before linking, logs who did what when. Pretty 
handy.

— Mason Turner

On Dec 20, 2012, at 8:36 AM, Benjamin Priestman  
wrote:

> I've tried using https://github.com/azimux/externals (referenced in Version 
> Control with Git) which kind of works, but is a bit buggy and I've yet to 
> come up with an easily understood workflow.
> 
> On Tuesday, 18 December 2012 17:59:48 UTC, Malte Janduda wrote:
>> 
>> Hi folks,
>> 
>> we are looking for a way to manage our puppet modules in a convenient way. 
>> At the moment we have about 30 modules which are versionized with git or 
>> mercurial. Most of them are self-made, some are from github.
>> We thought it would be a good idea to use mercurial subrepositories to 
>> manage the versions of those modules. Well, it is not. Everytime you push 
>> your commits to the server all subrepositories are checked for updates. It 
>> takes minutes to push your changes! And if you have to merge something you 
>> do not really know what happens. You just try every command which appears in 
>> your mind - multiple times and in different order :D
>> It happened three times that every developer had to delete the whole module 
>> tree and check it out again because something was broken.
>> git submodules do not seem to be fun either.
>> 
>> I have looked for an alternative to submodules/subrepositories and found 
>> librarian-puppet (https://github.com/rodjek/librarian-puppet). Unfortunately 
>> it does not really work good for me. A lot of useless error messages if 
>> something is configured wrong. This is pretty important for us. All 
>> developers should be able to use the versioning tool. It has to be easy to 
>> use. Further the librarian-puppet does not seem to be backed by a healthy 
>> community. Just every few months a commit and a lot of open issues and 
>> pull-requests.
>> 
>> I have hacked some Python code to realize something similar: dyps - 
>> https://github.com/MalteJ/dyps
>> You have a yaml file which defines your modules: name, source, version and 
>> DVCS system (git/hg):
>> 
>> - dep: mysql
>>   source: https://github.com/puppetlabs/puppetlabs-mysql.git
>>   type: git
>>   version: af4b8bff0ad59f21211be2a98d31588066c41e0c
>> 
>> All modules are downloaded to the folder "dependencies" when executing "dyps 
>> run".
>> You can decide if you want to get a specific changeset at the next run or if 
>> you want to get the latest changes - just discard the version property or 
>> execute "dyps release your-module-name". If you want to keep the current 
>> version execute "dyps keep your-module". You can update one or all 
>> versionized modules via "dyps update your-module" or "dyps update-all". The 
>> modules without a defined versioned are updated at every dyps run.
>> 
>> I have added an import function for mercurial subrepository .hgsub files. 
>> Feel free to extend it with an importGitSubmodules function ;-)
>> 
>> 
>> What do you think about this approach?
>> How are you managing your modules/dependencies?
>> 
>> Best,
>> Malte
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To view this discussion on the web visit 
> https://groups.google.com/d/msg/puppet-users/-/VZjQExuTnvAJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] installing puppet via rubygems (not recommended?)

[Jakov Sosic]

On 12/20/2012 07:16 PM, Dusty Doris wrote:
> I have an old fedora 9 machine running ruby 1.9.2-p290, that I'd like to
> install puppet on to run as a master.  In the documentation it says that
> installing from rubygems is not recommended.  Is there are particular
> reason why its not recommended?  Installing from source is also not
> recommended, is that a better/worse/same alternative?
> 

If you're going to use Puppet for learning only, than it's ok to use
whatever way do yo fancy.

But for production it's generally a bad habit to mix up different
package systems. That practice will cost you dearly sooner or later.
Your OS has quality package management (rpm & yum) and you should always
manage software with it. If you're managing larger infrastructure it
will pay off to package software into OS native packages and distribute
it that way.

Alternatively, you can always try and fetch SRC.RPM from puppetlabs and
rebuild them for Fedora 9.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] installing puppet via rubygems (not recommended?)

[Dusty Doris]

Thanks for the reply.  So there is nothing inherently wrong with the 
rubygems package that we would run into?  We already use rubygems for 
several services, so it seems like the easiest route for us.

Doing a yum install, it wanted to install version 0.24.  I will look into 
repackaging it though, that might work for us too.  

Thanks



On Thursday, December 20, 2012 2:38:13 PM UTC-5, Jakov Sosic wrote:
>
> On 12/20/2012 07:16 PM, Dusty Doris wrote: 
> > I have an old fedora 9 machine running ruby 1.9.2-p290, that I'd like to 
> > install puppet on to run as a master.  In the documentation it says that 
> > installing from rubygems is not recommended.  Is there are particular 
> > reason why its not recommended?  Installing from source is also not 
> > recommended, is that a better/worse/same alternative? 
> > 
>
> If you're going to use Puppet for learning only, than it's ok to use 
> whatever way do yo fancy. 
>
> But for production it's generally a bad habit to mix up different 
> package systems. That practice will cost you dearly sooner or later. 
> Your OS has quality package management (rpm & yum) and you should always 
> manage software with it. If you're managing larger infrastructure it 
> will pay off to package software into OS native packages and distribute 
> it that way. 
>
> Alternatively, you can always try and fetch SRC.RPM from puppetlabs and 
> rebuild them for Fedora 9. 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/2W19ze3XrGMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: How to only apply my manifests to certain classes?

[Ellison Marks]

An option that hasn't been mentioned yet is hiera. It's great to use for 
data, but you can also use it to say what classes get applied to what 
nodes. You define some variable in your hierarchy, say 'classes', which is 
an array of class names to be included, and then in your default node 
definition, you use hiera_include('classes'), which will get the names from 
all 'classes' variable in the hierarchy that matches the node checking in 
and include them.

On Thursday, December 20, 2012 8:11:42 AM UTC-8, Steve Button wrote:
>
> Hi,
>
> I've written a new resolv class, but I only want it to get pushed out (for 
> instance) UAT servers for now. Or perhaps just servers which have apache 
> installed, or just the ones which are part of project xyz.
>
> I've been searching through the docs, but I think I'm looking in the wrong 
> place. Also, I get the feeling that there's several ways to achieve this 
> and some of the docs refer to the older ways.
>
> What's the current method of limiting certain manifests to certain classes 
> of machines? (have I got my terminology wrong here?) 
>
> Perhaps someone could put a link in to the best place in the docs that 
> explains this to me? I'm sure I've read about this in the past, but I can't 
> seem to find it again.
>
> Thanks in advance! 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/M6v-9rMzbj0J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Puppet NetApp Network device management...

[fatmcgav]

Jakov

Thank you for the positive feedback.

The NetApp puppet stuff is on the back burner atm, hopefully should be able
to get back to buy in the new year :-)

Cheers
Gav
On Dec 19, 2012 2:34 AM, "Jakov Sosic"  wrote:

> On 11/12/2012 12:59 PM, Gavin Williams wrote:
>
>> Monday update from me...
>>
>> Implemented support for Export creation on Friday, after making some
>> further good progress...
>>
>> Now I'm looking at fine-tuning stuff, such as volume settings, export
>> options, etc...
>>
>
> Great work! When I get some spare time I will continue to work on my
> cobbler custom types, so I will take a peek into your code aswell. My
> providers are good for our internal use so I pushed on with other stuff
> although they still need some optimizations. Just keep on the good work :)
>
> --
> Jakov Sosic
> www.srce.unizg.hr
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to puppet-users+unsubscribe@**
> googlegroups.com .
> For more options, visit this group at http://groups.google.com/**
> group/puppet-users?hl=en
> .
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: puppet agent periodically not running after 3.0 upgrade

[David Mesler]

I’ve added some debugging messages to run_event_loop and figured out what 
was going on. I’m going to reference line numbers in 
https://github.com/puppetlabs/puppet/blob/master/lib/puppet/daemon.rb to 
make it easier on me to explain. I found that occasionally the “if” 
statement on line 180 was failing because the value of “now” was one second 
behind “next_reparse”. I believe this is because line 168 uses “to_i” when 
it should use “ceil”. I’m deploying a patched version of puppet with this 
change to my servers now.

But I think a bigger issue is line 175 where next_event is set to the 
current time plus one hour. That’s a pretty arbitrary and unpleasant value. 
Why not set next_event to the lower vale of :runinterval or :filetimeout? 
The way it is now, if line 180 fails, you’re stuck with an hour long wait 
even though your :runinterval may be far less.

Also, line 197 is backwards. It should be “next_agent_run += 
new_run_interval – agent_run_interval”.

On Tuesday, December 18, 2012 7:00:42 PM UTC-5, David Mesler wrote:
>
> I've noticed when I strace a puppet agent that has failed to run after its 
> 900 second runinterval, it's blocking on a really long select call. Like:
> select(1, [], [], [], {1032, 35} 
>
> When that's done it finally re-reads pupet.conf and stars a catalog run. I 
> have no idea where that long select call comes from. 
>
> On Friday, December 14, 2012 3:15:25 PM UTC-5, David Mesler wrote:
>>
>> I've recently upgraded from 2.6.9 to 3.0.1 and have noticed an oddity. 
>> Our puppet agents are configured with a runinterval of 900 and a splaylimit 
>> of 450. Since upgrading I've noticed that once or twice a day our puppet 
>> agents simply won't run for about an hour or so. Has anyone else 
>> experienced anything like this?
>>
>> --david
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/dBF1U0izljQJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] installing puppet via rubygems (not recommended?)

[Nick Fagerlund]

Also keep in mind that Ruby 1.9.2 can be problematic! 1.9.3 works great 
with puppet 3, 1.9.2 has some kind of complicated known issues with puppet 
2.7. 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/hRrhRejSuMkJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] installing puppet via rubygems (not recommended?)

[Nick Fagerlund]

On Thursday, December 20, 2012 1:18:30 PM UTC-8, Nick Fagerlund wrote:
>
> Also keep in mind that Ruby 1.9.2 can be problematic! 1.9.3 works great 
> with puppet 3, 1.9.2 has some kind of complicated known issues with puppet 
> 2.7. 
>

(reference: http://docs.puppetlabs.com/guides/platforms.html#ruby-versions) 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/dsOdck28u5kJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] installing puppet via rubygems (not recommended?)

[Ramin K]

On 12/20/2012 10:16 AM, Dusty Doris wrote:

I have an old fedora 9 machine running ruby 1.9.2-p290, that I'd like to
install puppet on to run as a master.  In the documentation it says that
installing from rubygems is not recommended.  Is there are particular
reason why its not recommended?  Installing from source is also not
recommended, is that a better/worse/same alternative?


If you're dead set on using this box as a Puppet master, I'd build it 
all within RVM with Ruby 1.8.7 or 1.9.3 if Puppet 3.x and execute it 
inside Passenger/Rack. Should provide isolation from the Ruby you've 
compiled, 1.9.2, and let you use gems locally as well. You'd still have 
to figure out how to run the agent, but the master should work.


Caveat to the above is that it's non trivial to build.

Ramin

--
You received this message because you are subscribed to the Google Groups "Puppet 
Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Announce: PuppetDB 1.0.5 Available

[Moses Mendoza]

PuppetDB 1.0.5 is now available for download! This is a bug-fix
release of PuppetDB.

# Downloads
==
Available in native package format at:
http://yum.puppetlabs.com and http://apt.puppetlabs.com

Puppet module:
http://forge.puppetlabs.com/puppetlabs/puppetdb

Source (same license as Puppet): http://github.com/puppetlabs/puppetdb/

Available for use with Puppet Enterprise 2.5.1 and later at
http://yum-enterprise.puppetlabs.com/ and
http://apt-enterprise.puppetlabs.com/

# Documentation (including how to install):
http://docs.puppetlabs.com/puppetdb

# Issues can be filed at:
http://projects.puppetlabs.com/projects/puppetdb/issues

# See our development board on Trello:
http://links.puppetlabs.com/puppetdb-trello

# Changelog

1.0.5
=

Many thanks to the following people who contributed patches to this
release:

* Chris Price
* Deepak Giridharagopal

Fixes:

* Drop a large, unused index on catalog_resources(tags)

  This index was superseded by a GIN index on the same column, but the
previous
  index was kept around by mistake. This should result in a space savings of
  10-20%, as well as a possible very minor improvement in catalog insert
  performance.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Web interface to Facter information, system config reporting?

[Forrie]

Thanks for the pointers, I will have a look at it.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/pseaLhp7xtwJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] installing puppet via rubygems (not recommended?)

[jcbollinger]

On Thursday, December 20, 2012 1:45:42 PM UTC-6, Dusty Doris wrote:
>
> Thanks for the reply.  So there is nothing inherently wrong with the 
> rubygems package that we would run into?  We already use rubygems for 
> several services, so it seems like the easiest route for us.
>
> Doing a yum install, it wanted to install version 0.24.  I will look into 
> repackaging it though, that might work for us too.  
>
>
The version offered to you, if any, is a matter of the yum repositories 
with which the system is configured.   Fedora 9 is pretty old, so PL no 
longer offers versions packaged specifically for that OS.  Fedora 9 is very 
close to RHEL 5, though, so one of the el5 repositories might be a good 
bet.  Specifically, try repo URL 
http://yum.puppetlabs.com/el/5/products/i386/ or 
http://yum.puppetlabs.com/el/5/products/x86_64/ for the main packages.

If yum cannot resolve all the needed dependencies then you could try adding 
http://yum.puppetlabs.com/el/5/dependencies/(i386|x86_64)/ as well.  You 
can also find source RPMs on that server if you poke around a little.  
Those would give you a good leg up if you decide to package Puppet yourself.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/H07pvptikAEJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] How to only apply my manifests to certain classes?

[jcbollinger]

On Thursday, December 20, 2012 10:51:40 AM UTC-6, Matthew Burgess wrote:
>
> On Thu, Dec 20, 2012 at 4:11 PM, Steve Button 
> > 
> wrote: 
>
> OK.  If you're trying to apply your resolv class based on the fact 
> that Apache is installed, I'd recommend resource dependencies (docs at 
> http://docs.puppetlabs.com/learning/ordering.html): 
>
> apache { 'vhost-title': 
>   parameter => value, 
>   param2 => value, 
>   before => resolv['resolv.conf'] 
> } 
>
>

Unfortunately, that doesn't address the question.  The 'before' and 
'require' metaparameters direct the ordering of resources that have been 
declared, but they do not themselves declare resources.  The resources they 
reference must be declared separately (and those declarations must have 
already been parsed).

This answer does lead toward a general Puppet truth however: it is 
preferable to tell Puppet how things *should be* instead of asking it to 
adapt to how things *are*.  Thus, if Apache servers should all have your 
'resolv' class then your manifests should ensure that nodes you are 
configuring with Apache also get resolv.

 

> I personally don't like having dependencies ordered that way (I prefer 
> 'require'), but given your use case of 'I know which servers I want 
> Apache on, and resolv needs to be put on those same servers' this 
> seems to be the more natural way of writing your manifest. 
>


Except that the declaration doesn't say that.  In fact, a relationship is 
probably not warranted here at all, because it doesn't matter (probably) in 
which order the resources are applied to target nodes -- it only matters 
that nodes that get Apache also get resolv.

 

>
> The most flexible way of assigning classes to nodes is via an External 
> Node Classifier, or ENC.  Documentation at 
> http://docs.puppetlabs.com/guides/external_nodes.html.  I think this 
> is generally considered the 'correct' method, given that manually 
> updating site.pp is just unworkable in any large(ish) setup.
>


I think that's overstating it a bit.  An ENC is certainly a viable 
solution, and a lot of people use them, but in some ways they can be a lot 
more tedious and error prone than well-written manifests.  Even if your 
site uses an ENC, when you have firm configuration rules that can be 
expressed in Puppet DSL then it is better to express them that way.

For example, supposing that class 'resolv' is not parametrized or does not 
need to be declared with custom parameters (one of which should be your 
goal), and supposing that you have a class 'apache' with which you 
configure your apache nodes, all you need to do to ensure that all apache 
servers have class 'resolv' is put

include 'resolv'

at the top of class apache's body.  Done.
 

>
> For your 'I want to assign the class to all servers in XYZ project', 
> the first question you have to answer is 'how do you define which 
> servers are in project 'xyz'.  If it's hostname based, your ENC has 
> direct access to that (the ENC script is called with the hostname as a 
> parameter).  If it's some other property of the server, it may already 
> be available as a facter variable, which are easily obtainable via 
> calling out to the 'facter' binary in your script.  If it's some other 
> property, you'll have to somehow make that available to your ENC 
> script.  That could be done via a custom fact, which is documented at 
> http://docs.puppetlabs.com/guides/custom_facts.html. 
>
>

All true, but none of it elects an ENC as the best consumer of the data.  
I'd rate hiera as a particularly good approach for a case such as this one.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/vfhKSbUoSSMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Manage a specific users shadow file entry

[Jagga Soorma]

Hi Guys,

I am new to puppet and trying to figure out what is the best way to manage 
a password for a specific user in the /etc/shadow file.  Most of my users 
are being authenticated to kerberos but there is a need to set a local 
password for this one account.  What would be the best method to do this 
via puppet?  I have built my own rpm's in the past using the chpasswd 
command but that seems like a lot more work to build a rpm everytime the 
password changes.  Was hoping there was a easier/better way to do this via 
puppet.

Thanks,
-J

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/qBH89Hm4kFAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Manage a specific users shadow file entry

[Keiran Sweet]

Hi There,
The user provider allows you to manage the value of the password hash in 
the shadow file.

You can see all the options available for this provider via 'puppet 
describe user'.

An example would be something like:

user { username: 
  ensure  => present,
  password  => 'password_hash_here',
}

To quote the puppet documentation: 
  **password** - The user's password, in whatever encrypted format the 
local system requires.

To get all this working as you want, you may need to ensure that your 
operating systems authentication configuration (ie, PAM) checks for 
authentication in the right order, ie, local passwords, then kerberos, and 
you should test this carefully to make sure you dont get undesired results.

Hope this helps,

K


On Thursday, December 20, 2012 11:04:47 PM UTC, Jagga Soorma wrote:
>
> Hi Guys,
>
> I am new to puppet and trying to figure out what is the best way to manage 
> a password for a specific user in the /etc/shadow file.  Most of my users 
> are being authenticated to kerberos but there is a need to set a local 
> password for this one account.  What would be the best method to do this 
> via puppet?  I have built my own rpm's in the past using the chpasswd 
> command but that seems like a lot more work to build a rpm everytime the 
> password changes.  Was hoping there was a easier/better way to do this via 
> puppet.
>
> Thanks,
> -J
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/S_mabfn5TTAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Manage a specific users shadow file entry

[Jagga Soorma]

Thanks for your response Keiran.  I am trying to use just that resource but 
can't seem to get it to work.  Here is what my class looks like:

class oracle_password {
  user { 'oracle':
ensure   => 'present',
password => '$1$etSqP2ht$3sjFIsw7q7Vxs5qc5sju//'
  }
}

[root@testrhel home]# grep -i oracle /etc/shadow
[root@testrhel home]# 

Now once this resource is applied my assumption is there should be a 
/etc/shadow file entry for the oracle account but that never happens:

[root@testrhel home]# puppet agent -t
Info: Retrieving plugin
Info: Caching catalog for testrhel.gene.com
Info: Applying configuration version '1356045773'
/Stage[main]/Oracle_password/User[oracle]/password: created password
Finished catalog run in 0.99 seconds
[root@testrhel home]# 

[root@testrhel home]# grep -i oracle /etc/shadow
[root@testrhel home]# 

Sorry but you might receive a similar message twice.  Forgot to reply to 
this post.

Thanks,
-J

On Thursday, December 20, 2012 3:37:30 PM UTC-8, Keiran Sweet wrote:
>
> Hi There,
> The user provider allows you to manage the value of the password hash in 
> the shadow file.
>
> You can see all the options available for this provider via 'puppet 
> describe user'.
>
> An example would be something like:
>
> user { username: 
>   ensure  => present,
>   password  => 'password_hash_here',
> }
>
> To quote the puppet documentation: 
>   **password** - The user's password, in whatever encrypted format the 
> local system requires.
>
> To get all this working as you want, you may need to ensure that your 
> operating systems authentication configuration (ie, PAM) checks for 
> authentication in the right order, ie, local passwords, then kerberos, and 
> you should test this carefully to make sure you dont get undesired results.
>
> Hope this helps,
>
> K
>
>
> On Thursday, December 20, 2012 11:04:47 PM UTC, Jagga Soorma wrote:
>>
>> Hi Guys,
>>
>> I am new to puppet and trying to figure out what is the best way to 
>> manage a password for a specific user in the /etc/shadow file.  Most of my 
>> users are being authenticated to kerberos but there is a need to set a 
>> local password for this one account.  What would be the best method to do 
>> this via puppet?  I have built my own rpm's in the past using the chpasswd 
>> command but that seems like a lot more work to build a rpm everytime the 
>> password changes.  Was hoping there was a easier/better way to do this via 
>> puppet.
>>
>> Thanks,
>> -J
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/11fyhCwvdz8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Manage a specific users shadow file entry

[Jagga Soorma]

Also, is there maybe a way to ensure a specific entry in a file.  In this 
case, can you ensure there is a entry for the oracle user in the 
/etc/shadow file with manually giving it all the entries including the 
password hash.

Thanks,
-J

On Thursday, December 20, 2012 3:48:19 PM UTC-8, Jagga Soorma wrote:
>
> Thanks for your response Keiran.  I am trying to use just that resource 
> but can't seem to get it to work.  Here is what my class looks like:
>
> class oracle_password {
>   user { 'oracle':
> ensure   => 'present',
> password => '$1$etSqP2ht$3sjFIsw7q7Vxs5qc5sju//'
>   }
> }
>
> [root@testrhel home]# grep -i oracle /etc/shadow
> [root@testrhel home]# 
>
> Now once this resource is applied my assumption is there should be a 
> /etc/shadow file entry for the oracle account but that never happens:
>
> [root@testrhel home]# puppet agent -t
> Info: Retrieving plugin
> Info: Caching catalog for testrhel.gene.com
> Info: Applying configuration version '1356045773'
> /Stage[main]/Oracle_password/User[oracle]/password: created password
> Finished catalog run in 0.99 seconds
> [root@testrhel home]# 
>
> [root@testrhel home]# grep -i oracle /etc/shadow
> [root@testrhel home]# 
>
> Sorry but you might receive a similar message twice.  Forgot to reply to 
> this post.
>
> Thanks,
> -J
>
> On Thursday, December 20, 2012 3:37:30 PM UTC-8, Keiran Sweet wrote:
>>
>> Hi There,
>> The user provider allows you to manage the value of the password hash in 
>> the shadow file.
>>
>> You can see all the options available for this provider via 'puppet 
>> describe user'.
>>
>> An example would be something like:
>>
>> user { username: 
>>   ensure  => present,
>>   password  => 'password_hash_here',
>> }
>>
>> To quote the puppet documentation: 
>>   **password** - The user's password, in whatever encrypted format the 
>> local system requires.
>>
>> To get all this working as you want, you may need to ensure that your 
>> operating systems authentication configuration (ie, PAM) checks for 
>> authentication in the right order, ie, local passwords, then kerberos, and 
>> you should test this carefully to make sure you dont get undesired results.
>>
>> Hope this helps,
>>
>> K
>>
>>
>> On Thursday, December 20, 2012 11:04:47 PM UTC, Jagga Soorma wrote:
>>>
>>> Hi Guys,
>>>
>>> I am new to puppet and trying to figure out what is the best way to 
>>> manage a password for a specific user in the /etc/shadow file.  Most of my 
>>> users are being authenticated to kerberos but there is a need to set a 
>>> local password for this one account.  What would be the best method to do 
>>> this via puppet?  I have built my own rpm's in the past using the chpasswd 
>>> command but that seems like a lot more work to build a rpm everytime the 
>>> password changes.  Was hoping there was a easier/better way to do this via 
>>> puppet.
>>>
>>> Thanks,
>>> -J
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/btqLH8nto_MJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Error 400 on Server

[Kevin Kitchen]

I've just installed PE 2.7 and went through the quickstart. I was able to 
install the motd module without an issue. I decided to try a Java install 
module to test what I've (not) learned. I've looked at the init.pp file, 
the name of the class is "java". It shows as installed correctly on the 
agent using the puppet install command. I've added it in the console and 
added it on the agent in the console. When I run puppet agent --test on the 
agent side it comes back with: err: Could not retrieve catalog from remote 
server: Error 400 on SERVER: Could not find class java for puppet-node1 on 
node puppet-node1
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run

What is different here?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/bCB7ALRgTVUJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Announce: Hiera 1.1.2-rc2 available

[Matthaus Owens]

Hiera 1.1.2-rc2 is a release candidate in the 1.x series with bug fixes.

Downloads are available at:
 * Source: https://downloads.puppetlabs.com/hiera/hiera-1.1.2-rc2.tar.gz

RPMs are available at https://yum.puppetlabs.com/el or /fedora

Rubygem available at http://rubygems.org/gems/hiera or by using
the --pre option to gem install.

Debs are available at https://apt.puppetlabs.com

Mac package is available at
https://downloads.puppetlabs.com/mac/hiera-1.1.2-rc2.dmg

Please report feedback via the Puppet Labs Redmine site, using an
affected version of 1.1.2-rc2:
 http://projects.puppetlabs.com/projects/hiera/

===
## Hiera 1.1.2-rc2 Bug Fixes ##
===

(#18214) Update gem dependency to json_pure from json

As the json gem requires ruby-dev, gcc, and other tools to install via
rubygems, this commit changes the dependency to json_pure for
gems, which will
lessen the dependencies required for install, as json_pure is pure
ruby, with
no compilation required.

(#17087) Fix backend key in hiera.yaml

Previously the hiera.yaml that is laid down in packaged installs
used 'backend'
instead of 'backends' which means that hiera falls through to the
default yaml
backend, as no 'backends' key exists in the config. This commit fixes the
hiera.yaml file to use 'backends' instead.

===
## Hiera 1.1.2-rc2 Changelog ##
===
Jeff McCune (1):
  0eaa709 (Maint) Make Hiera operate with /dev/null config file

Matthaus Owens (7):
  483f58b Add quantal to default cows list in build_defaults.
  8439326 Remove fedora 15 mocks from default mocks in build_defaults.
  fa794bd (#17087) Fix backend key in hiera.yaml
  9937977 (maint) Handle lack of RSpec::Core::RakeTask gracefully
  3d8785c Update Hiera VERSION to 1.1.2-rc1
  1fd1466 (#18214) Update gem dependency to json_pure from json
  a9c0e14 Update Hiera VERSION to 1.1.2-rc2

Sharif Nassar (1):
  ee341f7 Spelling.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Announce: Puppet Dashboard 1.2.16-rc1 available

[Matthaus Owens]

Puppet Dashboard 1.2.16-rc1 is a maintenance release of the 1.2 series of
Puppet Dashboard with bug fixes and minor features.

This is the first release of Puppet Dashboard with Aaron Stone
(sodabrew on github) having commit rights. He has already helped
shepherd many pull requests from submission to merge. Thanks Aaron!

This release is available for download at:
https://downloads.puppetlabs.com/dashboard/puppet-dashboard-1.2.16-rc1.tar.gz

Debian packages are available at
https://apt.puppetlabs.com

RPM packages are available at
https://yum.puppetlabs.com

Please report feedback via the Puppet Labs Redmine site, using an
affected version of 1.2.16-rc1:
http://projects.puppetlabs.com/projects/dashboard

Documentation is available at:
http://docs.puppetlabs.com/dashboard/index.html

=
## Puppet Dashboard 1.2.16-rc1 Release Notes ##
=

Add listclasses, delclass to nodegroup rake tasks

Previously once a class had been added to a nodegroup, there was no way of
removing it, short of deleting the group and adding the desired
classes back.
However, if you wanted to list the classes in that group, you were
still out of
luck, because there was no listclasses task for the nodegroup
namespace. This
commit adds both of those tasks to the nodegroup namespace.
listclasses lists
the classes assigned to a nodegroup and delclass removes a class from a
nodegroup, if such a class exists in the nodegroup.

Add tabs to filter reports based on status
- supporting named_scopes in report model
- supporting routes
- supporting controller actions

==
## Puppet Dashboard 1.2.16-rc1 Changelog ##
==

Aaron Stone (7):
  ba35090 'verb'! do |success, failure| is only for verbs create,
update, destroy; everything else must use 'verb'! do |format|.
  9c8626b Call Metric.new instead of metrics.new, which caused a
duplication of all metrics.
  c77afe9 Report.create_from_yaml does several retries, so mock
with 'stubs' instead of 'expects' to handle any number of retry calls.
  3784739 Revert "(maint) fix failing tests"
  9d162d3 Fix tests after merging 0aadf8876d from master.
  6088c93 Begin the changelog for the next release
  138922c Update changelog with today's merges.

Glenn Poston (2):
  d052a9c added tabs to filter reports based on status -
supporting named_scopes in report model - supporting routes -
supporting controller actions
  5635147 added tabs to filter reports based on status -
supporting named_scopes in report model - supporting routes -
supporting controller actions

Matthaus Owens (6):
  2c7c96a Retab rescue block to line up with other flow control
  4445672 Add listclasses, delclass to nodegroup rake tasks
  f9d6d72 Style tweaks to new tasks. Better tabbing, remove
escaped single quotes.
  310fa54 Add quantal to default cows list.
  e955daf Revert "Merge pull request #112 from gposton/master"
  fcdff5d Update CHANGELOG, VERSION for 1.2.16-rc1

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Manage a specific users shadow file entry

[Jagga Soorma]

Just in case anyone is trying to do something similar.  I found this on the 
web and it seems to work for me.  

define line($file, $line, $ensure = 'present') {
case $ensure {
default : { err ( "unknown ensure value ${ensure}" ) }
present: {
exec { "/bin/echo '${line}' >> '${file}'":
unless => "/bin/grep -qFx '${line}' '${file}'"
}
}
absent: {
exec { "/bin/grep -vFx '${line}' '${file}' | /usr/bin/tee 
'${file}' > /dev/null 2>&1":
  onlyif => "/bin/grep -qFx '${line}' '${file}'"
}

# Use this resource instead if your platform's grep doesn't 
support -vFx;
# note that this command has been known to have problems with 
lines containing quotes.
# exec { "/usr/bin/perl -ni -e 'print unless 
/^\\Q${line}\\E\$/' '${file}'":
# onlyif => "/bin/grep -qFx '${line}' '${file}'"
# }
}
}
}

class oracle_password {
  file { "/etc/shadow":
ensure => present,
  }
  line { oracle_passwd:
file => "/etc/shadow",
line => 'oracle:$1$aa8QIjTa$tu0gVzq94iPqdj1YMKMKu0:15695:0:9:7:::',
 }
}

Regards,
-J

On Thursday, December 20, 2012 3:49:18 PM UTC-8, Jagga Soorma wrote:
>
> Also, is there maybe a way to ensure a specific entry in a file.  In this 
> case, can you ensure there is a entry for the oracle user in the 
> /etc/shadow file with manually giving it all the entries including the 
> password hash.
>
> Thanks,
> -J
>
> On Thursday, December 20, 2012 3:48:19 PM UTC-8, Jagga Soorma wrote:
>>
>> Thanks for your response Keiran.  I am trying to use just that resource 
>> but can't seem to get it to work.  Here is what my class looks like:
>>
>> class oracle_password {
>>   user { 'oracle':
>> ensure   => 'present',
>> password => '$1$etSqP2ht$3sjFIsw7q7Vxs5qc5sju//'
>>   }
>> }
>>
>> [root@testrhel home]# grep -i oracle /etc/shadow
>> [root@testrhel home]# 
>>
>> Now once this resource is applied my assumption is there should be a 
>> /etc/shadow file entry for the oracle account but that never happens:
>>
>> [root@testrhel home]# puppet agent -t
>> Info: Retrieving plugin
>> Info: Caching catalog for testrhel.gene.com
>> Info: Applying configuration version '1356045773'
>> /Stage[main]/Oracle_password/User[oracle]/password: created password
>> Finished catalog run in 0.99 seconds
>> [root@testrhel home]# 
>>
>> [root@testrhel home]# grep -i oracle /etc/shadow
>> [root@testrhel home]# 
>>
>> Sorry but you might receive a similar message twice.  Forgot to reply to 
>> this post.
>>
>> Thanks,
>> -J
>>
>> On Thursday, December 20, 2012 3:37:30 PM UTC-8, Keiran Sweet wrote:
>>>
>>> Hi There,
>>> The user provider allows you to manage the value of the password hash in 
>>> the shadow file.
>>>
>>> You can see all the options available for this provider via 'puppet 
>>> describe user'.
>>>
>>> An example would be something like:
>>>
>>> user { username: 
>>>   ensure  => present,
>>>   password  => 'password_hash_here',
>>> }
>>>
>>> To quote the puppet documentation: 
>>>   **password** - The user's password, in whatever encrypted format the 
>>> local system requires.
>>>
>>> To get all this working as you want, you may need to ensure that your 
>>> operating systems authentication configuration (ie, PAM) checks for 
>>> authentication in the right order, ie, local passwords, then kerberos, and 
>>> you should test this carefully to make sure you dont get undesired results.
>>>
>>> Hope this helps,
>>>
>>> K
>>>
>>>
>>> On Thursday, December 20, 2012 11:04:47 PM UTC, Jagga Soorma wrote:

 Hi Guys,

 I am new to puppet and trying to figure out what is the best way to 
 manage a password for a specific user in the /etc/shadow file.  Most of my 
 users are being authenticated to kerberos but there is a need to set a 
 local password for this one account.  What would be the best method to do 
 this via puppet?  I have built my own rpm's in the past using the chpasswd 
 command but that seems like a lot more work to build a rpm everytime the 
 password changes.  Was hoping there was a easier/better way to do this via 
 puppet.

 Thanks,
 -J

>>>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/7-9QQ-sT5PAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Remote Network Device management...

[Peter Brown]

On 21 December 2012 02:40, Gavin Williams  wrote:

> Afternoon all
>
> We are starting to look at using Puppet Network device support in anger,
> and one of the potential issues that has been raised is around cross-site
> access...
>
> Currently, we have one Puppet master server, which is hosted in location
> C.
> This server is able to access and manage the appropriate network devices
> in location C.
>
> However there are other devices in locations A and B which we want to be
> able to manage through Puppet. However some potential concerns have been
> raised around allowing the puppet master server blanket access to locations
> A & B...
>
> Is it possible therefore to run the network devices in effectively a
> 'proxy' mode. That is, we create/nominate a suitable node in locations A
> and B which would be able to manage network devices in their respective
> locations, and these nodes then talk back to the Puppet master.
>
> Does this sound sensible?
>
> Any other considerations/ideas as to how the above can achieve?
>

I have no idea how you are achieving the network device configuration but a
setting up a VPN between the master and locations b and c seems like the
best way to do it.
That would give you centralised management and security as well.
I would suggest using some kind of ssl wrapped vpn like openvpn or ipsec or
something like that.

I did find this module on puppet forge for managing openvpn
https://forge.puppetlabs.com/luxflux/openvpn

Hope that helps.

Pete.


> Cheers in advance for any responses.
>
> Regards
> Gavin
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/WQ3ut4DOK9sJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Reporting for masterless Puppet?

[Mitchell Hashimoto]

Hi,

A lazy google search brings up nothing definitive, so I ask the mailing
list:

Does reporting work with masterless Puppet? Can it be enabled?

Best,
Mitchell

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Reporting for masterless Puppet?

[Tom Linkin]

If you use the 'reports' setting in the [main] section of your puppet.conf, 
your puppet apply report will be run through the report processors you specify. 

-- 
Tom Linkin
Professional Services Engineer
http://puppetlabs.com/
twitter: @trlinkin



On Thursday, December 20, 2012 at 7:44 PM, Mitchell Hashimoto wrote:

> Hi,
> 
> A lazy google search brings up nothing definitive, so I ask the mailing list:
> 
> Does reporting work with masterless Puppet? Can it be enabled? 
> 
> Best,
> Mitchell
> 
> 
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com 
> (mailto:puppet-users@googlegroups.com).
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com 
> (mailto:puppet-users+unsubscr...@googlegroups.com).
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Reporting for masterless Puppet?

[Gary Larizza]

You can run Puppet masterless (in puppet apply mode) and generate reports
that would be processed in the same way as they would on the master
(however, the report processor would need to exist on every node).  All the
puppet.conf settings around reports (
http://docs.puppetlabs.com/references/stable/configuration.html#report)
would still apply here.


On Thu, Dec 20, 2012 at 4:44 PM, Mitchell Hashimoto <
mitchell.hashim...@gmail.com> wrote:

> Hi,
>
> A lazy google search brings up nothing definitive, so I ask the mailing
> list:
>
> Does reporting work with masterless Puppet? Can it be enabled?
>
> Best,
> Mitchell
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>



-- 
Gary Larizza
Professional Services Engineer

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet 3.0.1: time spent fot "File" resource increased

[Boris]

After updating master from 2.7.12 to 3.0.1 I noticed, that agents began 
spending more time on  "File" resources, which I can see from --summarize 
output:
about 40-45 seconds now, and about 25-30  before update. 

What could cause this problem?

I also noticed, that "preferred_serialization_format = b64_zlib_yaml" 
doesn't work anymore and "pson" is used by default, so could the absence of 
compression cause this problem ?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/UUAFxQd_2xoJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Python PIP and Centos 6

[Jared Curtis]

I've created another pull request that's a little more flexible than your 
version. If some other OS uses a different name for pip then it can easily 
be added to the case statement.

https://github.com/puppetlabs/puppet/pull/1346

On Wednesday, December 19, 2012 10:41:16 PM UTC-8, Joshua Vote wrote:
>
> If anyone else is watching this issue: the pull request has been made and 
> attached to issue - http://projects.puppetlabs.com/issues/18236
>
> On Wednesday, December 19, 2012 9:58:06 AM UTC+8, Jakov Sosic wrote:
>>
>> On 12/18/2012 09:39 AM, Joshua Vote wrote: 
>> > Yeah, I saw that function. Is there a way I can extend the class and 
>> > override that method for my own use? Or will I need to make the fix 
>> > myself and submit a pull request? 
>>
>> Pull request would be far better off because everyone would benefit from 
>> it. 
>>
>>
>> -- 
>> Jakov Sosic 
>> www.srce.unizg.hr 
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/zXYpUb7h1q4J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Changing Agent Environment Via Custom Fact

[Boris]

Why not make puppet.conf.erb and pass it your env-vatiable. But you will 
need to run puppet agent once more to apply catalog from new env.

четверг, 20 декабря 2012 г., 5:16:27 UTC+4 пользователь joel johnston 
написал:
>
> It is very likely that I don't completely understand the order of 
> operations as they pertain to agent level variables (such as environment,) 
> but I'm not seeing where this should be a problem.  
>
> What I'm Trying To Do:  Set environment on a host by setting a custom fact.
>
> How I'm trying to achieve this:  I have a custom module that parses ec2 
> user data value pairs into facts on a host at instance spin.  When I pass 
> environment = whatever, I want that environment value to override the 
> agent's puppet.conf environment value.  I'm trying to achieve this 
> currently with another custom module:
>
> require 'facter'
> if Facter.value('environment')
> envstring = Facter.value('environment')
> $environment = envstring
> else
> envstring = ''
> end
>
> Please let me know if this is just way off base including any way this 
> might be possible. 
>
> Thanks In Advance,
>
> Joel
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/Tzun-cCilFsJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.