Re: [Puppet Users] Installing cloudprovisioner on windows

[Denmat]

Hi, 

I believe that this is supposed to be installed on the puppet master - and 
since you can't run puppet master on windows you are out of luck. 

Sorry,
Den

On 16/01/2013, at 11:21, PuppetUser  wrote:

> So give me any other solution to install cloud provisioner tool to open 
> source windows puppet. Also give me info of connecting puppet to AWS. I 
> surfed a lot on youtube dint get any info. Please help me out.
>  
> Regards
>  
> PuppetUser
> On Friday, January 11, 2013 9:39:41 PM UTC+5:30, Josh Cooper wrote:
>> On Thu, Jan 10, 2013 at 10:34 PM, PuppetUser  wrote: 
>> > Hi 
>> > 
>> > I am trying to install cloud provisioner on windows puppet. I just used 
>> > "puppet module install puppetlabs/cloudprovisioner". It gave the following 
>> > error. Error: `puppet module` actions are currently not supported on 
>> > Microsoft Windows. 
>> > It is that we should work with cloudprovisioner tarball on windows puppet. 
>> > Please help me out in working with the tarball 
>> > 
>> > 
>> > Regards 
>> > 
>> > PuppetUser 
>> > 
>> > -- 
>> > You received this message because you are subscribed to the Google Groups 
>> > "Puppet Users" group. 
>> > To view this discussion on the web visit 
>> > https://groups.google.com/d/msg/puppet-users/-/l8r5BMr2CPUJ. 
>> > To post to this group, send email to puppet...@googlegroups.com. 
>> > To unsubscribe from this group, send email to 
>> > puppet-users...@googlegroups.com. 
>> > For more options, visit this group at 
>> > http://groups.google.com/group/puppet-users?hl=en. 
>> 
>> We currently do not support running the module tool on windows due to 
>> its reliance on tar as a packing format. This will be fixed in a 
>> future release, see http://projects.puppetlabs.com/issues/11276. 
>> 
>> The workflow instead is to install the module on your master, and run 
>> `puppet agent` on the windows host, which will pluginsync the 
>> necessary files from the master to the agent host. 
>> 
>> The puppetlabs-registry module provides more details about how this 
>> process works on windows: 
>> https://forge.puppetlabs.com/puppetlabs/registry 
>> 
>> If instead you want to use `puppet apply`, then you can extract the 
>> tarball and point your modulepath at it as described here: 
>> http://docs.puppetlabs.com/puppet/2.7/reference/modules_installing.html 
>> 
>> Josh 
>> 
>> -- 
>> Josh Cooper 
>> Developer, Puppet Labs
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group.
> To view this discussion on the web visit 
> https://groups.google.com/d/msg/puppet-users/-/bdHRBhTuB2EJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] End of file reached, while copying large files from modules to client

[liondgr8]

Hi, 

I am trying to copy a file from puppet server's module to the Windows 
machine client
The following snippet is from init.pp of a module:

file {'copyingDB':
ensure => file,
path => 'C:/dump/dump1.zip',
require => File['dump'],
mode => 0777,
source => 
"puppet://puppet.server.com/modules/dump/dump1.zip",
}

I found that, when the file size is small, the file is copied and the 
snippet works properly. But in my case the file size is of 5gb.
The following error is encountered:
...
...

Error: /Stage[main]/dump/File[copyingDB]: Failed to generate addition
al resources using 'eval_generate: end of file reached

Error: /Stage[main]/dump1/File[copyingDB]: Could not evaluate: end of
file reached Could not retrieve file metadata for 
puppet://puppet.server.com/modules/dump/dump1.zip: end of file reached
.

...

The network bandwidth b/w server and client is of 100mbps.

Kindly provide assistance if I forgot something.

Regards, 
Pranay Manwatkar


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/ZO64ygOK5kkJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] how to add an evironment variable to puppet agent execution?

[Luca Gioppo]

I'm creating a module for the WSO2 products and the tool needs to find the 
JAVA_HOME that is not set.

Java get installed but than the wso2server complains about the missing 
JAVA_HOM.

Checked java -version in shell and it works, but as expected executing echo 
$JAVA_HOME returns null.

So the problem is setting the JAVA_HOME to the user (in this case root).

Tryed to append info to .bash_profile but obviously it has to be reloaded 
and it seems that even with this exec:
exec {
"reload_${name}_env" :
  command => "source ~/.bash_profile",
  cwd => "/root",
  provider => 'shell',
  require => Exec["add_java_home_${name}"]
  }

the reload is not good for the step where the exec of the wso2 is done, so 
no way to send the new env var to the final exec.

How is possible in a easy and working way to set env vars with puppet in a 
way that  get known to following steps?
Thanks
Luca

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/mzOMA0X4EnwJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] how to add an evironment variable to puppet agent execution?

[nicolas vigier]

On Wed, 16 Jan 2013, Luca Gioppo wrote:

> 
> How is possible in a easy and working way to set env vars with puppet in a 
> way that  get known to following steps?

You can set environment variables for an exec using the environment
parameter :
http://docs.puppetlabs.com/references/latest/type.html#exec

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

RE: [Puppet Users] Re: Announce: Puppet Dashboard 1.2.19 Available

[GRANIER Bernard (MORPHO)]

I did not understand : there is a new version of the dashboard ? I thought that 
the dashboard was deprecated and that Puppet Lab will no work on it anymore ...

What is the status please ?

Cordialement,

Bernard Granier
CE Plateforme Système
bernard.gran...@morpho.com
01 58 11 32 51


-Original Message-
From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On 
Behalf Of Moses Mendoza
Sent: Wednesday, January 16, 2013 3:30 AM
To: puppet-users@googlegroups.com; puppet-...@googlegroups.com
Subject: Re: [Puppet Users] Re: Announce: Puppet Dashboard 1.2.19 Available

Hi Ellison,

You're right! Thanks for pointing that out. I failed to update the VERSION file 
at the top of dashboard, which gets sourced for that link. Otherwise, this is 
indeed 1.2.19:)

Moses

On Tue, Jan 15, 2013 at 6:04 PM, Ellison Marks  wrote:
> Just updated and noticed that the version number at the top of the 
> page in dashboard didn't bump, and it still lists 1.2.18 in 
> /usr/share/puppet-dashboard/VERSION. This is on CentOS 6 from yum.
>
>
> On Tuesday, January 15, 2013 4:59:45 PM UTC-8, Moses Mendoza wrote:
>>
>> Puppet Dashboard 1.2.19 is now available.
>>
>> This release of Puppet Dashboard addresses CVE-2013-0155.  All users 
>> are strongly encouraged to update when possible.
>>
>> This vulnerability exposes ActiveRecord to unsafe query generation.
>>
>> More information on the vulnerability can be found here:
>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155, and in 
>> this post:
>> https://groups.google.com/group/rubyonrails-security/browse_thread/th
>> read/73b8d3f8478df5e2
>>
>> Downloads
>> 
>>
>> RPM packages for are available at https://yum.puppetlabs.com/el or 
>> /fedora
>>
>> Debian packages are available at https://apt.puppetlabs.com
>>
>> Source can be downloaded from
>> https://puppetlabs.com/downloads/dashboard/puppet-dashboard-1.2.19.ta
>> r.gz, along with the accompanying signature file,
>>
>> https://puppetlabs.com/downloads/dashboard/puppet-dashboard-1.2.19.tar.gz.asc.
>>
>> See the Verifying Puppet Download section at:
>> http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppe
>> t
>>
>> 1.2.19 Security Fixes
>> 
>> Ernie Miller (1):
>>   04c1dba Fix for CVE-2013-0155
>
> --
> You received this message because you are subscribed to the Google 
> Groups "Puppet Users" group.
> To view this discussion on the web visit 
> https://groups.google.com/d/msg/puppet-users/-/r7xJE--NIDIJ.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.

--
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

#
" This e-mail and any attached documents may contain confidential or 
proprietary information. If you are not the intended recipient, you are 
notified that any dissemination, copying of this e-mail and any attachments 
thereto or use of their contents by any means whatsoever is strictly 
prohibited. If you have received this e-mail in error, please advise the sender 
immediately and delete this e-mail and all attached documents from your 
computer system."
#

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Announce: Puppet Dashboard 1.2.19 Available

[llowder]

On Wednesday, January 16, 2013 7:22:15 AM UTC-6, bernard...@morpho.com 
wrote:
>
> I did not understand : there is a new version of the dashboard ? I thought 
> that the dashboard was deprecated and that Puppet Lab will no work on it 
> anymore ... 
>
> What is the status please ? 
>
>
Work on Dashboard by PuppetLabs is ending, as a replacement is created in 
terms of a standalone ENC and also enhancements to PuppetDB.

However, it is not fully going away, as someone from the community has 
stepped forward to take over the project. This person has already been 
given commit access as I recall.
 

> Cordialement, 
>
> Bernard Granier 
> CE Plateforme Système 
> bernard...@morpho.com  
> 01 58 11 32 51 
>
>
> -Original Message- 
> From: puppet...@googlegroups.com  [mailto:
> puppet...@googlegroups.com ] On Behalf Of Moses Mendoza 
> Sent: Wednesday, January 16, 2013 3:30 AM 
> To: puppet...@googlegroups.com ; 
> puppe...@googlegroups.com 
> Subject: Re: [Puppet Users] Re: Announce: Puppet Dashboard 1.2.19 
> Available 
>
> Hi Ellison, 
>
> You're right! Thanks for pointing that out. I failed to update the VERSION 
> file at the top of dashboard, which gets sourced for that link. Otherwise, 
> this is indeed 1.2.19:) 
>
> Moses 
>
> On Tue, Jan 15, 2013 at 6:04 PM, Ellison Marks 
> > 
> wrote: 
> > Just updated and noticed that the version number at the top of the 
> > page in dashboard didn't bump, and it still lists 1.2.18 in 
> > /usr/share/puppet-dashboard/VERSION. This is on CentOS 6 from yum. 
> > 
> > 
> > On Tuesday, January 15, 2013 4:59:45 PM UTC-8, Moses Mendoza wrote: 
> >> 
> >> Puppet Dashboard 1.2.19 is now available. 
> >> 
> >> This release of Puppet Dashboard addresses CVE-2013-0155.  All users 
> >> are strongly encouraged to update when possible. 
> >> 
> >> This vulnerability exposes ActiveRecord to unsafe query generation. 
> >> 
> >> More information on the vulnerability can be found here: 
> >> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155, and in 
> >> this post: 
> >> https://groups.google.com/group/rubyonrails-security/browse_thread/th 
> >> read/73b8d3f8478df5e2 
> >> 
> >> Downloads 
> >>  
> >> 
> >> RPM packages for are available at https://yum.puppetlabs.com/el or 
> >> /fedora 
> >> 
> >> Debian packages are available at https://apt.puppetlabs.com 
> >> 
> >> Source can be downloaded from 
> >> https://puppetlabs.com/downloads/dashboard/puppet-dashboard-1.2.19.ta 
> >> r.gz, along with the accompanying signature file, 
> >> 
> >> 
> https://puppetlabs.com/downloads/dashboard/puppet-dashboard-1.2.19.tar.gz.asc.
>  
>
> >> 
> >> See the Verifying Puppet Download section at: 
> >> http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppe 
> >> t 
> >> 
> >> 1.2.19 Security Fixes 
> >>  
> >> Ernie Miller (1): 
> >>   04c1dba Fix for CVE-2013-0155 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> > Groups "Puppet Users" group. 
> > To view this discussion on the web visit 
> > https://groups.google.com/d/msg/puppet-users/-/r7xJE--NIDIJ. 
> > To post to this group, send email to 
> > puppet...@googlegroups.com. 
>
> > To unsubscribe from this group, send email to 
> > puppet-users...@googlegroups.com . 
> > For more options, visit this group at 
> > http://groups.google.com/group/puppet-users?hl=en. 
>
> -- 
> You received this message because you are subscribed to the Google Groups 
> "Puppet Users" group. 
> To post to this group, send email to puppet...@googlegroups.com. 
>
> To unsubscribe from this group, send email to 
> puppet-users...@googlegroups.com . 
> For more options, visit this group at 
> http://groups.google.com/group/puppet-users?hl=en. 
>
> # 
> " This e-mail and any attached documents may contain confidential or 
> proprietary information. If you are not the intended recipient, you are 
> notified that any dissemination, copying of this e-mail and any attachments 
> thereto or use of their contents by any means whatsoever is strictly 
> prohibited. If you have received this e-mail in error, please advise the 
> sender immediately and delete this e-mail and all attached documents from 
> your computer system." 
> # 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/v7S6UBKQmvgJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

RE: [Puppet Users] Re: Announce: Puppet Dashboard 1.2.19 Available

[GRANIER Bernard (MORPHO)]

Ok thanks for the answer.

Cordialement,

Bernard Granier
CE Plateforme Système
bernard.gran...@morpho.com
01 58 11 32 51

From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On 
Behalf Of llowder
Sent: Wednesday, January 16, 2013 2:27 PM
To: puppet-users@googlegroups.com
Cc: puppet-...@googlegroups.com
Subject: Re: [Puppet Users] Re: Announce: Puppet Dashboard 1.2.19 Available



On Wednesday, January 16, 2013 7:22:15 AM UTC-6, 
bernard...@morpho.com wrote:
I did not understand : there is a new version of the dashboard ? I thought that 
the dashboard was deprecated and that Puppet Lab will no work on it anymore ...

What is the status please ?

Work on Dashboard by PuppetLabs is ending, as a replacement is created in terms 
of a standalone ENC and also enhancements to PuppetDB.

However, it is not fully going away, as someone from the community has stepped 
forward to take over the project. This person has already been given commit 
access as I recall.

Cordialement,

Bernard Granier
CE Plateforme Système
bernard...@morpho.com
01 58 11 32 51


-Original Message-
From: puppet...@googlegroups.com 
[mailto:puppet...@googlegroups.com] On Behalf Of Moses Mendoza
Sent: Wednesday, January 16, 2013 3:30 AM
To: puppet...@googlegroups.com; 
puppe...@googlegroups.com
Subject: Re: [Puppet Users] Re: Announce: Puppet Dashboard 1.2.19 Available

Hi Ellison,

You're right! Thanks for pointing that out. I failed to update the VERSION file 
at the top of dashboard, which gets sourced for that link. Otherwise, this is 
indeed 1.2.19:)

Moses

On Tue, Jan 15, 2013 at 6:04 PM, Ellison Marks > 
wrote:
> Just updated and noticed that the version number at the top of the
> page in dashboard didn't bump, and it still lists 1.2.18 in
> /usr/share/puppet-dashboard/VERSION. This is on CentOS 6 from yum.
>
>
> On Tuesday, January 15, 2013 4:59:45 PM UTC-8, Moses Mendoza wrote:
>>
>> Puppet Dashboard 1.2.19 is now available.
>>
>> This release of Puppet Dashboard addresses CVE-2013-0155.  All users
>> are strongly encouraged to update when possible.
>>
>> This vulnerability exposes ActiveRecord to unsafe query generation.
>>
>> More information on the vulnerability can be found here:
>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0155, and in
>> this post:
>> https://groups.google.com/group/rubyonrails-security/browse_thread/th
>> read/73b8d3f8478df5e2
>>
>> Downloads
>> 
>>
>> RPM packages for are available at https://yum.puppetlabs.com/el or
>> /fedora
>>
>> Debian packages are available at https://apt.puppetlabs.com
>>
>> Source can be downloaded from
>> https://puppetlabs.com/downloads/dashboard/puppet-dashboard-1.2.19.ta
>> r.gz, along with the accompanying signature file,
>>
>> https://puppetlabs.com/downloads/dashboard/puppet-dashboard-1.2.19.tar.gz.asc.
>>
>> See the Verifying Puppet Download section at:
>> http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppe
>> t
>>
>> 1.2.19 Security Fixes
>> 
>> Ernie Miller (1):
>>   04c1dba Fix for CVE-2013-0155
>
> --
> You received this message because you are subscribed to the Google
> Groups "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/r7xJE--NIDIJ.
> To post to this group, send email to puppet...@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.

--
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet...@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

#
" This e-mail and any attached documents may contain confidential or 
proprietary information. If you are not the intended recipient, you are 
notified that any dissemination, copying of this e-mail and any attachments 
thereto or use of their contents by any means whatsoever is strictly 
prohibited. If you have received this e-mail in error, please advise the sender 
immediately and delete this e-mail and all attached documents from your 
computer system."
#
--
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/v7S6UBKQmvgJ.
To post to this group, send email to 
puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.
#
" This e-mail and any attached documents may contain confid

Re: [Puppet Users] Puppetdb will setting gc-interval to 0 disable it

[Chuck]

Here is an example of locks taking a long time to acquire in the postgres DB

2013-01-12 03:10:55 UTC|puppetdb|4553|DELETE waiting|IPADDRESS|puppet LOG: 
 process 4553 acquired ExclusiveLock on tuple (0,102) of relation 16811 of 
database 16513 after 12166509.285 ms
2013-01-12 03:10:56 UTC|puppetdb|4553|DELETE waiting| IPADDRESS |puppet 
LOG:  process 4553 still waiting for ShareLock on transaction 32181035 
after 1000.100 ms
2013-01-12 03:11:25 UTC|puppetdb|5953|UPDATE waiting| IPADDRESS |puppet 
LOG:  process 5953 still waiting for ShareLock on transaction 32245132 
after 1000.148 ms
2013-01-12 03:11:26 UTC|puppetdb|5953|UPDATE waiting| IPADDRESS |puppet 
LOG:  process 5953 acquired ShareLock on transaction 32245132 after 
1813.791 ms
2013-01-12 03:13:48 UTC|puppetdb|4553|DELETE waiting| IPADDRESS |puppet 
LOG:  process 4553 acquired ShareLock on transaction 32181035 after 
172731.472 ms
2013-01-12 03:13:48 UTC|puppetdb|3346|DELETE waiting| IPADDRESS |puppet 
LOG:  process 3346 acquired ExclusiveLock on tuple (0,102) of relation 
16811 of database 16513 after 12261437.817 ms
2013-01-12 03:13:49 UTC|puppetdb|3346|DELETE waiting| IPADDRESS |puppet 
LOG:  process 3346 still waiting for ShareLock on transaction 32196872 
after 1000.516 ms
2013-01-12 03:18:08 UTC|puppetdb|3346|DELETE waiting| IPADDRESS |puppet 
LOG:  process 3346 acquired ShareLock on transaction 32196872 after 
260360.667 ms
2013-01-12 03:18:08 UTC|puppetdb|27293|DELETE waiting| IPADDRESS |puppet 
LOG:  process 27293 acquired ExclusiveLock on tuple (0,102) of relation 
16811 of database 16513 after 12475027.712 ms
2013-01-12 03:18:09 UTC|puppetdb|27293|DELETE waiting| IPADDRESS |puppet 
LOG:  process 27293 still waiting for ShareLock on transaction 32197208 
after 1000.078 ms
2013-01-12 03:18:33 UTC|puppetdb|17853|DELETE waiting| IPADDRESS |puppet 
LOG:  process 17853 still waiting for ExclusiveLock on tuple (0,102) of 
relation 16811 of database 16513 after 1000.212 ms
2013-01-12 03:19:49 UTC|puppetdb|20980|DELETE waiting| IPADDRESS |puppet 
LOG:  process 20980 still waiting for ExclusiveLock on tuple (0,102) of 
relation 16811 of database 16513 after 1000.733 ms
2013-01-12 03:20:37 UTC|puppetdb|28432|DELETE waiting| IPADDRESS |puppet 
LOG:  process 28432 still waiting for ExclusiveLock on tuple (0,102) of 
relation 16811 of database 16513 after 1000.283 ms

On Tuesday, January 15, 2013 4:07:11 PM UTC-6, Chuck wrote:
>
>
>
> On Tuesday, January 15, 2013 3:19:29 PM UTC-6, Ken Barber wrote:
>>
>> So that looks like its taking ages ... some questions for you: 
>>
>> * What version of Postgresql are you running and on what distro & 
>> version exactly? 
>>
> RHEL 6.3
> Enterprise DB ppas-9.1.4
>
> * Are you using the distros packages or someone elses? 
>>
> Provided by Enterprise DB 
>
> * Is autovacuum switched on at all (check your postgresql.conf)? 
>>
> Yes. We also ran manual vacuum analyze with no noticeable changes in 
> performance. 
>
>> * Do you know the last time the database was vacuum'd and/or analyzed? 
>> Try this link for a way to check this: 
>>
>> http://heatware.net/databases/how-when-postgres-tables-auto-vacuum-analyze/ 
>>
> puppet=# select relname,last_vacuum, last_autovacuum, last_analyze, 
> last_autoanalyze from pg_stat_user_tables;
>  relname |  last_vacuum  |   
>  last_autovacuum| last_analyze  |   
> last_autoanalyze
>
> -+---+---+---+---
>  catalog_resources   |   | 2013-01-12 
> 15:16:10.188342+00 | 2013-01-09 23:26:34.068919+00 | 2013-01-15 
> 18:27:11.166982+00
>  certname_facts_metadata |   | 2013-01-15 
> 19:22:13.932096+00 | 2012-11-06 22:02:25.469113+00 | 2013-01-15 
> 19:22:15.308925+00
>  certnames   | 2013-01-03 22:22:11.416002+00 | 2013-01-15 
> 21:17:47.046022+00 | 2013-01-03 22:22:11.574618+00 | 2013-01-15 
> 21:17:48.14814+00
>  resource_params |   | 2013-01-05 
> 08:04:04.856417+00 | 2012-11-06 21:25:40.15877+00  | 2013-01-15 
> 15:56:52.589316+00
>  classes |   | 2013-01-12 
> 09:29:53.118022+00 | 2012-11-06 22:02:40.547686+00 | 2013-01-15 
> 16:24:04.909758+00
>  catalogs|   | 2013-01-15 
> 21:18:15.342477+00 | 2012-11-06 22:02:25.182041+00 | 2013-01-15 
> 21:18:16.493626+00
>  certname_facts  |   | 2013-01-15 
> 21:17:39.514162+00 | 2013-01-09 18:00:16.10573+00  | 2013-01-15 
> 21:25:08.780617+00
>  tags|   | 2013-01-15 
> 21:44:16.074229+00 | 2012-11-06 22:02:24.75951+00  | 2013-01-15 
> 21:48:19.751198+00
>  edges   |   | 2013-01-12 
> 11:54:54.182207+00 | 2012-11-06 21:33:

[Puppet Users] Restrict file creation in the masters

[Nacho Barrientos]

Hi,

Maybe I'm missing something obvious because my question sounds very naive 
to me. Anyway, here I go:

Is it possible to prevent module developers from writing files in the 
master via custom Puppet functions[0]? 

At least in my environment[1] I can come up with several malicious things 
that users could end up doing. For instance, the modules directory that the 
master uses to generate the catalogs is writable by the same user that runs 
the Puppet daemon so every module developer could overwrite someone else's 
work.

I'm running Puppet 2.7.18.

[0] http://docs.puppetlabs.com/guides/custom_functions.html
[1] Access to Puppet masters is restricted to a few but we have many 
"unrelated" people using them and writing their own manifests to configure 
their services.

Thanks!
N

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/-4AitY-Ntq8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] kindly have a look at this issue please, related to multiple puppet masters

[bin . zhou2007]

hi,  could everyone kindly have a look at this issue below please. Thanks a 
lot!


It works while I was using apache+passenger+puppet-master on the server 
side,  I used 'puppet agent -t' on the client side, and it was successfully 
synchronized saying that:

"sudo puppet agent -t 
Notice: Ignoring --listen on onetime run
Info: Retrieving plugin
Info: Caching catalog for agent..net
Info: Applying configuration version '1358322483'"


But unfortunately it cannot work if I am trying to use apache as a load 
balancer, and two virtual hosts as the puppet backend servers who actually 
serves the requests from puppet agents.

Here below is the *access log of balancer*:

10.16.27.31 - - [16/Jan/2013:16:54:21 +0800] "GET 
/production/node/agent..net? HTTP/1.1" 403 113 "-" "-"

10.16.27.31 - - [16/Jan/2013:16:54:23 +0800] "GET 
/production/file_metadatas/plugins?&links=manage&recurse=true&checksum_type=md5&ignore=---+%0A++-+%22.svn%22%0A++-+CVS%0A++-+%22.git%22
 
HTTP/1.1" 403 105 "-" "-"

10.16.27.31 - - [16/Jan/2013:16:54:25 +0800] "GET 
/production/file_metadata/plugins? HTTP/1.1" 403 103 "-" "-"

10.16.27.31 - - [16/Jan/2013:16:54:26 +0800] "POST 
/production/catalog/agent..net HTTP/1.1" 403 116 "-" "-"

10.16.27.31 - - [16/Jan/2013:16:54:26 +0800] "PUT 
/production/report/agent..net HTTP/1.1" 502 560 "-" "-"


Here below is the* error log of balancer*:

[Wed Jan 16 16:54:26 2013] [error] [client 10.16.27.31] (20014)Internal 
error: proxy: error reading status line from remote server 127.0.0.1

[Wed Jan 16 16:54:26 2013] [error] [client 10.16.27.31] proxy: Error 
reading from remote server returned by /production/report/agent..net


Here below is what* /var/log/messages* said:

Jan 16 16:54:23 master puppet-master[22191]: Starting Puppet master version 
3.0.2

Jan 16 16:54:23 master puppet-master[22255]: Denying access: Forbidden 
request: master..net(127.0.0.1) access to /node/agent..net [find] 
at :99

Jan 16 16:54:23 master puppet-master[22255]: Forbidden request: 
master..net(127.0.0.1) access to /node/agent..net [find] at :99

Jan 16 16:54:25 master puppet-master[22273]: Starting Puppet master version 
3.0.2

Jan 16 16:54:25 master puppet-master[22325]: Denying access: Forbidden 
request: master..net(127.0.0.1) access to /file_metadata/plugins 
[search] at :99

Jan 16 16:54:25 master puppet-master[22325]: Forbidden request: 
master..net(127.0.0.1) access to /file_metadata/plugins [search] at :99

Jan 16 16:54:25 master puppet-master[22255]: Denying access: Forbidden 
request: master..net(127.0.0.1) access to /file_metadata/plugins [find] 
at :99

Jan 16 16:54:25 master puppet-master[22255]: Forbidden request: 
master..net(127.0.0.1) access to /file_metadata/plugins [find] at :99

Jan 16 16:54:26 master puppet-master[22325]: Denying access: Forbidden 
request: master..net(127.0.0.1) access to /catalog/agent..net 
[find] at :99

Jan 16 16:54:26 master puppet-master[22325]: Forbidden request: 
master..net(127.0.0.1) access to /catalog/agent..net [find] at :99

Jan 16 16:54:26 master puppet-master[22255]: Denying access: Forbidden 
request: master..net(127.0.0.1) access to /report/agent..net [save] 
at :99

Jan 16 16:54:26 master puppet-master[22255]: Forbidden request: 
master..net(127.0.0.1) access to /report/agent..net [save] at :99

Jan 16 17:41:02 master ntpd[1660]: synchronized to 10.16.13.14, stratum 2


Here below is what one of the worker said:   (*
puppetmaster_worker_access_18140.log*)

127.0.0.1 - - [16/Jan/2013:16:54:21 +0800] "GET 
/production/node/agent..net? HTTP/1.1" 403 113 "-" "-"

127.0.0.1 - - [16/Jan/2013:16:54:25 +0800] "GET 
/production/file_metadata/plugins? HTTP/1.1" 403 103 "-" "-"

127.0.0.1 - - [16/Jan/2013:16:54:26 +0800] "PUT 
/production/report/agent..net HTTP/1.1" 403 - "-" "-"


(* puppetmaster_worker_error_18140.log*)

[Wed Jan 16 16:54:26 2013] [error] [client 127.0.0.1] (104)Connection reset 
by peer: ap_content_length_filter: apr_bucket_read() failed


[root@master httpd]# *less puppetmaster_worker_access_18141.log*

127.0.0.1 - - [16/Jan/2013:16:54:23 +0800] "GET 
/production/file_metadatas/plugins?&links=manage&recurse=true&checksum_type=md5&ignore=---+%0A++-+%22.svn%22%0A++-+CVS%0A++-+%22.git%22
 
HTTP/1.1" 403 105 "-" "-"

127.0.0.1 - - [16/Jan/2013:16:54:26 +0800] "POST 
/production/catalog/agent..net HTTP/1.1" 403 116 "-" "-"


*
*

*Here below come all related configurations:*

*
*

[root@master conf.d]# *cat passenger.conf*

LoadModule passenger_module 
/usr/lib64/ruby/gems/1.8/gems/passenger-3.0.17/ext/apache2/mod_passenger.so

PassengerRoot /usr/lib64/ruby/gems/1.8/gems/passenger-3.0.17

PassengerRuby /usr/bin/ruby

# And the passenger performance tuning settings:

PassengerHighPerformance On

PassengerUseGlobalQueue On

# Set this to about 1.5 times the number of CPU cores in your master:

PassengerMaxPoolSize 3

# Recycle master processes after they service 1000 req

[Puppet Users] Re: Puppet, Hiera and complex data structures...

[Gavin Williams]

John

Cheers for that... 

Could you expand on *"enhance selectivity by declaring all the relevant 
resources virtually, and then using collections with appropriate predicates 
to realize only the ones that are wanted for the current target."*?
Have used virtual resources for other bits and pieces, but not familiar 
with 'collections'... 

Cheers
Gavin 

On Tuesday, 15 January 2013 19:05:33 UTC, jcbollinger wrote:
>
>
>
> On Tuesday, January 15, 2013 4:34:19 AM UTC-6, Gavin Williams wrote:
>>
>> Morning all... 
>>
>> Firstly, apologies for the length of this post, however I thought it 
>> would be beneficial to fully explain what I'm trying to achieve. 
>>
>> I've started using Hiera with Puppet 3.0, and must say I'm very impressed 
>> soo far. It's handled the bulk of what I've thrown at it so far without any 
>> issues... 
>>
>> However I'm now starting to think about some of the more complex 
>> challenges we're hoping to solve with Puppet... 
>> One of those is Oracle Database configuration management... 
>>
>> Under this falls the following components:
>>
>>- NetApp Filer volume configuration - Active site and DR site, with 
>>SnapMirror relationship between the 2.
>>- Oracle Database server configuration - Active site and DR site. 
>>
>> As you can see, that's effectively 4 separate components, spread across 2 
>> separate sites, but which are closely related... 
>>
>> Currently, all our Hiera configuration is driven from the physical view, 
>> that is a host, or an environment, or a data-centre... 
>> However I'd like to try and turn this configuration on it's head and go 
>> logical... That is each Database instance has it's own configuration data, 
>> which contains all the relevant information such as what it's Active and DR 
>> NetApp filer is, what it's volume sizes are, what Active database server it 
>> should live on, where it should be in DR mode... 
>>
>> Now this all seems quite easy to define in Hiera Yaml... Something like 
>> the following should cover it:
>> ---
>> database_sid: 'ORACLE01'
>> active_filer: 'site1-nactl01'
>> replica_filer: 'site2-nactl01'
>> active_database_server: 'site1-db01'
>> replicate_database_server: 'site2-db01'
>> oracle_version: '11.2.0.3'
>> volumes:
>>  ORACLE01_oractrl:
>>   ensure: present
>>   size: '1g'
>>  ORACLE01_oradata:
>>   ensure: present
>>   size: '150g'
>>  ORACLE01_oraredo:
>>   ensure: present
>>   size: '10g'
>>  ORACLE01_oratemp:
>>   ensure: present
>>   size: '10g'
>>  ORACLE01_oraarch:
>>   ensure: present
>>   size: '20g'
>>   snapschedule:
>>minutes: 0
>>hours: 36
>>days: 0
>>weeks: 0
>> snapmirror:
>>  ...
>>
>> However the challenge I'm currently struggling to get my head around is 
>> how I can turn that logical view into the various physical views that are 
>> needed for each component... 
>> It also gets further complicated in that there is going to be multiple 
>> database instances, with some commonality between them, and some 
>> variation... 
>>
>> So if I'm running puppet on *site1-db01*, I want to process all 
>> databases that have either an '*active_database_server*' or a '*
>> replicate_database_server*' value matching the hostname. 
>> If running puppet against *site1-nactl01*, then need to process all 
>> databases that have an '*active_filer*' matching the hostname... 
>>
>> Any ideas on where I could begin?
>> Or is there a better way for me to achieve this?
>>
>
>
> Arranging for each node to draw on (only) the correct data is normally a 
> question of how you structure your data and organize your hierarchy.  Hiera 
> has no built-in mechanism for applying the kind of selection predicates you 
> describe, so you would layout your data such that nodes only get the data 
> for the instances that should be configured on them.
>
> Failing (or instead of) that, you can enhance selectivity by declaring all 
> the relevant resources virtually, and then using collections with 
> appropriate predicates to realize only the ones that are wanted for the 
> current target.
>
> If that's insufficient then you could consider creating custom functions 
> to sift the wanted data from the available data.  You might even be able to 
> make it generic enough to be reusable.
>
>
> John
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/0_lYJVhBtlcJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] generate function not working within conditional?

[jcbollinger]

On Tuesday, January 15, 2013 11:30:10 AM UTC-6, Jakov Sosic wrote:
>
>
> Hm, it's maybe only me, but result of the command associates me with 
> exit codes, not with actual output. 
>


I can understand that interpretation, but again, if you take it that way 
then you have to assume that generate() will only ever return 0 (because 
any other exit code of the underlying command is documented to cause a 
parse error).

 

>
> Maybe the description should say: 
>
> Calls an external command on the Puppet master and returns the standard 
> output of the command. 
>
>

That would be less ambiguous.  If you filed an RFE against the docs for 
this then I think it would be very likely to be accepted and implemented 
quickly.
 

>
> Well, generate serves me pretty well for other purposes then generating 
> output value for puppet. For example I'm currently generating ssh host 
> keys on the master, ricc service (RedHat Cluster Suite remote cluster 
> management) certificates and client certificates to access ricci. No 
> doubt, with time I will find further use cases. 
>
>

YMMV, obviously, but I suggest that it is needlessly risky and confusing to 
conflate two different interpretations of "generate" and associate both 
with the function, or to altogether ignore the function's intended purpose 
as expressed by its name and docs.  I appreciate that you misunderstood the 
function's intended purpose (to generate a value for use in Puppet, as 
opposed to generating an external effect on the master), but now that it 
has been clarified, I advise you to give careful consideration to what you 
will do with that function moving forward.

As a separate issue, I'll add that I am not enthusiastic about the idea of 
the master modifying itself as a side effect of catalog compilation.  
That's not an absolute, however, inasmuch as I don't object to effects such 
as caching compiled catalogs or logging.

 

> Benefit of using generate() is that I can reuse existing code. For 
> example, init script of RHEL/CentOS for ssh daemon has the code for 
> generation of ssh host keys. Code is separated in bash functions. So, I 
> can just include (parse) that script in my own shell script, change the 
> values of variables and generate keys. And if I want puppet to do it, 
> just put that wrapper script in generate() function and that's it. 
> Otherwise, I would write my own code for generating host keys in ruby.



You misunderstand me.  I don't suggest that you should write a pure-Ruby 
function to (for example) generate host keys.  Rather, if you want to 
create artifacts such as host keys on the master, then I suggest you write 
a custom Puppet function that wraps the same bash script that you are 
currently invoking via generate().  In addition to that being clearer on 
its face, it may also be more flexible in that you can define multiple 
function arguments instead of requiring everything in one argument.  Also, 
you would be able to return a status code directly.
 

>
> I hope u understand my point of view on this one. 
>


Whether I understand or not is immaterial.  You need to decide how to 
proceed, and what I think about it doesn't much matter.  I can't even be 
certain that what I describe would indeed be better overall than what 
you're now doing.  Even if this doesn't change your mind or help you, 
however, I write with confidence that it will help *somebody*.


Cheers,

John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/mY8Lm8SraiwJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Recommendations for devlopment of a new provider

[jcbollinger]

On Tuesday, January 15, 2013 9:04:39 AM UTC-6, Drew Fisher wrote:
>
> I'm working on a new provider for puppet 3.x and Solaris 11's dladm 
> command.  One of the subcommands is set-linkprop which is used to set 
> various properties for networking links.  The problem is there are dozens 
> and dozens of properties that can be set depending on the type of link 
> (physical or virtual) or what type of physical card is slotted on the 
> system.
>
> I've been looking through some of the existing providers and the only 
> thing that comes even remotely close is the ZFS provider.  The problem with 
> that provider is the list of possible properties is a hard-coded list.  As 
> stated above, I can't really do something like that.
>
> How can I design this provider, especially the exists? function, to handle 
> a dynamic list of valid properties?  I was thinking of setting the type to 
> handle a manifest like:
>
> linkprop { *'linkname'*:
> ensure => present,
> properties => { propname1 => value1, propname2 => value2,  },
> }
>
> The exists? function would need to keep track of each individual propname 
> to pass off to create for later use.  I'm assuming it's not an issue to 
> keep a "processed" hash table, but is that the "right" way to do it?  Is 
> there a better way?
>


Maybe you're just using the wrong terminology, but if you're truly focusing 
on the provider then you are starting in the wrong place.

You need to start with the the resource type.  Is it a new type or an 
existing one?  If new, then what target resource does it represent, and 
what properties does it expose for management?  What identifier(s) does the 
system use for the target resource?  Can the resource be created and 
removed, or is it always present even when unmanaged?


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/36Rv46tTV5gJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Profiles, Hiera, and create_resources('class','...')

[jcbollinger]

On Tuesday, January 15, 2013 9:44:00 AM UTC-6, jcbollinger wrote:
>
> [...] multiple parametrized-style declarations of the same classes are not 
> forbidden even when the parameter lists match
>
>
Clarification: there is an extraneous "not" in there.  It should have been 
"multiple parametrized-style declarations of the same classes *are*forbidden 
even when the parameter lists match."


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/6xnq75hvuVYJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Facter and eth1

[jcbollinger]

On Tuesday, January 15, 2013 8:40:56 AM UTC-6, Ygor wrote:
>
> I have one older server where the physical NIC port for eth0 won't hold 
> the CAT5 cable in place, so I use the other NIC port, eth1, and have eth0 
> disabled/turned off 
>
> Facts ipaddress and netmask accurately duplicate ipaddress_eth1 and 
> netmask_eth1, but macaddress is a duplicate of macaddress_eth0 
>
> I was expecting the same mechanism that makes ipaddress === ipaddress_eth1 
> would make macaddress === macaddress_eth1 
>
> Any clues ? 
>
>
An ethernet interface has a MAC address even when it is disabled, but not 
an IP address or netmask.  The behavior you expected might be an 
improvement over Facter's current behavior, but Facter is not inherently 
wrong now.  You could consider filing an RFE.

In any event, the unadorned network facts such as 'ipaddress', 'netmask', 
and 'macaddress' have always been a bit problematic, as their definitions 
are not very useful.  Especially for multi-homed systems, there is no 
single true IP address, netmask, or MAC address, regardless of what the 
existence of those facts implies.  For multi-NIC systems there is no 
single, true MAC address even if the system is not multi-homed.

In the mean time, you should be able to write a custom function or inline 
template with which you select from among the macaddress_* facts the one 
for the interface whose IP address matches the unadorned 'ipaddress' fact, 
by correlating macaddress_* with ipaddress_*.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/Awd0cVJ4TR0J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: how to add an evironment variable to puppet agent execution?

[jcbollinger]

On Wednesday, January 16, 2013 5:19:43 AM UTC-6, Luca Gioppo wrote:
>
> I'm creating a module for the WSO2 products and the tool needs to find the 
> JAVA_HOME that is not set.
>
> Java get installed but than the wso2server complains about the missing 
> JAVA_HOM.
>
> Checked java -version in shell and it works, but as expected executing 
> echo $JAVA_HOME returns null.
>
> So the problem is setting the JAVA_HOME to the user (in this case root).
>
> Tryed to append info to .bash_profile but obviously it has to be reloaded 
> and it seems that even with this exec:
> exec {
> "reload_${name}_env" :
>   command => "source ~/.bash_profile",
>   cwd => "/root",
>   provider => 'shell',
>   require => Exec["add_java_home_${name}"]
>   }
>
> the reload is not good for the step where the exec of the wso2 is done, so 
> no way to send the new env var to the final exec.
>
>
The Puppet agent does not normally run from a login shell, and it anyway 
takes care to pass a very sparse environment to commands it spawns.  
Moreover, no spawned command can change its parent's environment, nor, 
therefore, the environment of any sibling command. Thus, manipulating the 
agent's environment is not the answer; instead you must declare the Exec 
resource properly.

The best solution is probably Nicolas's (using the 'environment' property 
of your Exec resource), but there are other possibilities.  For instance, 
perhaps the Exec's command could be a wrapper script that sets the needed 
environment variables.  Better, you could use the 'env' command to launch 
the real command with specified extra environment settings.  There might be 
other options as well.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/ANIDI1F1c6EJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: End of file reached, while copying large files from modules to client

[jcbollinger]

On Wednesday, January 16, 2013 5:06:17 AM UTC-6, liondgr8 wrote:
>
> Hi, 
>
> I am trying to copy a file from puppet server's module to the Windows 
> machine client
> The following snippet is from init.pp of a module:
>
> file {'copyingDB':
> ensure => file,
> path => 'C:/dump/dump1.zip',
> require => File['dump'],
> mode => 0777,
> source => "puppet://
> puppet.server.com/modules/dump/dump1.zip",
> }
>
> I found that, when the file size is small, the file is copied and the 
> snippet works properly. But in my case the file size is of 5gb.
> The following error is encountered:
> ...
> ...
>
> Error: /Stage[main]/dump/File[copyingDB]: Failed to generate addition
> al resources using 'eval_generate: end of file reached
>
> Error: /Stage[main]/dump1/File[copyingDB]: Could not evaluate: end of
> file reached Could not retrieve file metadata for puppet://
> puppet.server.com/modules/dump/dump1.zip: end of file reached
> .
>
> ...
>
> The network bandwidth b/w server and client is of 100mbps.
>
>
This is very likely an issue of the target architecture or compilation 
options of one or more of the pieces of the software stack on client or 
agent.

The largest number that can be represented by an (unsigned) 32-bit integer 
is just over 4 billion, which is not large enough for a file offset to the 
end of a 5G file.  If you were using all 64-bit components (on 64-bit 
hardware) then that shouldn't matter, but if you are using a 32-bit Ruby on 
agent, master, or both that is built without large file support (if that's 
even an option) then you might very well see an issue such as you 
describe.  I don't think that Puppet itself has any direct dependency on 
the host's native word size.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/uz1B9PG5FQ8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Using resource collectors with variables from the collected resource?

[jcbollinger]

On Tuesday, January 15, 2013 12:12:18 PM UTC-6, Richard Jacobsen wrote:
>
> Hi everyone.  An example is worth 1000 words, so here's one:
>
> In this example I would like the home directory to be overridden to 
> /testdir/me:
>
> @user { 'me':
>   ensure => present,
>   home => '/home/$title',
>   tag => 'userclass1'
> }
>
> User <| tag == 'userclass1' |> {
>   home => "/testhome/$title"
> }
>
> It actually gets overriden to /testhome/main, 'main' being the class the 
> collector is in, puppet apply tries to:
> '/usr/sbin/useradd -d /testhome/main me'
>
> [...] I'd rather just use the virtual resource's $title.  Is this 
> possible, or am I asking too much from the resource collector?



It is not possible.  Variable references are resolved in the scope in which 
they appear, which in this case is the one provided by the class or defined 
type instance in which the collection is declared.  The collection does not 
establish a new scope.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/3lV68dMQGhQJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Multiple class calls via dashboard

[jcbollinger]

On Tuesday, January 15, 2013 5:30:09 PM UTC-6, Michael Dodwell wrote:
>
> Hi,
>
> I currently have puppet setup and backed into the dashboard and using ENC. 
>
> I wish to control as much of the configuration of machines via the 
> dashboard. 
>
> However, I have a requirement to call a module/class multiple times and 
> was wondering if this is possible?
>

It is not possible with Dashboard or by any other means if you are 
specifying class parameters.  It is not meaningful or useful if you are not 
specifying class parameters.

Do not confuse declaring the same class multiple times with declaring 
multiple resources of the same defined type.  The latter is allowed and 
meaningful because each resource is independent of the others.  The former 
is not meaningful, because classes are singletons -- second and subsequent 
declarations of the same class have no effect on the target node's 
catalog.  On the other hand, a second or subsequent declaration of a given 
class is erroneous if it expresses and class parameters (even if they are 
the same as those of the first declaration).

Furthermore, do recognize that even your example fails to express even a 
single class declaration.  Instead, it expresses a declaration of a defined 
type instance.  Neither Dashboard nor any other ENC can declare defined 
type instances, however, so there is no help for you there.

Your requirement is therefore bogus -- either useless or unfulfillable.  If 
you can offer more detail on what you're actually trying to accomplish then 
perhaps we can suggest alternatives.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/9ojvbnRKrmUJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Facter and eth1

[Dan White]

Thanks for responding, John, and for your thoughts. 

That makes sense. I think I will start a thread on the developer's list about 
this. 


“Sometimes I think the surest sign that intelligent life exists elsewhere in 
the universe is that none of it has tried to contact us.” 
Bill Waterson (Calvin & Hobbes) 

- Original Message -
From: "jcbollinger"  
To: puppet-users@googlegroups.com 
Sent: Wednesday, January 16, 2013 10:57:35 AM 
Subject: [Puppet Users] Re: Facter and eth1 



On Tuesday, January 15, 2013 8:40:56 AM UTC-6, Ygor wrote: 

I have one older server where the physical NIC port for eth0 won't hold the 
CAT5 cable in place, so I use the other NIC port, eth1, and have eth0 
disabled/turned off 

Facts ipaddress and netmask accurately duplicate ipaddress_eth1 and 
netmask_eth1, but macaddress is a duplicate of macaddress_eth0 

I was expecting the same mechanism that makes ipaddress === ipaddress_eth1 
would make macaddress === macaddress_eth1 

Any clues ? 





An ethernet interface has a MAC address even when it is disabled, but not an IP 
address or netmask. The behavior you expected might be an improvement over 
Facter's current behavior, but Facter is not inherently wrong now. You could 
consider filing an RFE. 

In any event, the unadorned network facts such as 'ipaddress', 'netmask', and 
'macaddress' have always been a bit problematic, as their definitions are not 
very useful. Especially for multi-homed systems, there is no single true IP 
address, netmask, or MAC address, regardless of what the existence of those 
facts implies. For multi-NIC systems there is no single, true MAC address even 
if the system is not multi-homed. 

In the mean time, you should be able to write a custom function or inline 
template with which you select from among the macaddress_* facts the one for 
the interface whose IP address matches the unadorned 'ipaddress' fact, by 
correlating macaddress_* with ipaddress_*. 


John 



-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group. 
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/Awd0cVJ4TR0J . 
To post to this group, send email to puppet-users@googlegroups.com. 
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com. 
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en. 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Re: Profiles, Hiera, and create_resources('class','...')

[Stephen Price]

On Monday, January 14, 2013 7:49:33 AM UTC-8, R.I. Pienaar wrote:

>
> No I am not sure - I dont tend to use create_resources as I consider it 
> about 
> as bad as eval() :) 
>
> I just know I recently went spelunking into that code while doing some 
> prototype 
> and noticed it worked 
>

Sorry to derail this discussion, but R.I., what is it that you find bad 
about create_resources? I've found it invaluable when creating resources 
from definitions. 

For example, I have an apache::conf definition for a config file, and I 
create a hash for each config file I want created on the node. Then just 
use "create_resources(apache::conf, $apache_conf_hash)" in the module's 
init.pp. 

How would you do it otherwise? Documentation on Hiera is pretty lacking 
right now, and it's the best method I've found for this sort of thing. 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/zt2SdyPBJxsJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] /etc/facter/facts.d/ Question

[Dan White]

Is it possible to refer to another fact in one of these files ?

“Sometimes I think the surest sign that intelligent life exists elsewhere in 
the universe is that none of it has tried to contact us.”
Bill Waterson (Calvin & Hobbes)

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] generate function not working within conditional?

[Jakov Sosic]

On 01/16/2013 04:30 PM, jcbollinger wrote:

> I can understand that interpretation, but again, if you take it that way
> then you have to assume that generate() will only ever return 0 (because
> any other exit code of the underlying command is documented to cause a
> parse error).

Yea, I know.

> That would be less ambiguous.  If you filed an RFE against the docs for
> this then I think it would be very likely to be accepted and implemented
> quickly.

Do I open this like a bug, or? Don't know what RFE is :-/


> As a separate issue, I'll add that I am not enthusiastic about the idea
> of the master modifying itself as a side effect of catalog compilation. 

It's only generating ssh keys and stuff like that. It helps much with
automation, otherwise I would have to manually fetch the keys and/or
ricci certificates after initial installation of every system, and store
them for future use.


> You misunderstand me.  I don't suggest that you should write a pure-Ruby
> function to (for example) generate host keys.  Rather, if you want to
> create artifacts such as host keys on the master, then I suggest you
> write a custom Puppet function that wraps the same bash script that you
> are currently invoking via generate().  In addition to that being
> clearer on its face, it may also be more flexible in that you can define
> multiple function arguments instead of requiring everything in one
> argument.  Also, you would be able to return a status code directly.

I will certainly have it on my mind, but currently I'm really not very
rich man concerning free time :)

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Broken pipe on generate function

[Xesc Arbona]

Hi,

I'm trying to generate passwords for user accounts using the generate
function and calling a local script on the server, but that fails with
an error about Broken pipe :

notice: 
/Stage[main]/Accounts::Virtual/Accounts::Add_user[xesc]/Notify[DM1HjM9a-VIx/usr/bin/tr:
write error: Broken pipe
/usr/bin/tr: write error
/bin/cat: write error: Broken pipe
]/message: defined 'message' as 'DM1HjM9a-VIx/usr/bin/tr: write error:
Broken pipe
/usr/bin/tr: write error
/bin/cat: write error: Broken pipe
'
notice: dAfux7Bb3YRz/usr/bin/tr: write error: Broken pipe
/usr/bin/tr: write error
/bin/cat: write error: Broken pipe

Code I'm using is:

  # generate random password and send to user if necessary
  if $generate_password {
$password = generate("/opt/ict/bash/generate_password.sh", '12')
$encrypted_password =
generate("/opt/ict/bash/encrypt_password.sh", "$password")

notify { $password: }

exec { "setpass $username":
  path => "/sbin:/usr/sbin:/bin/:/usr/bin",
  command  => "usermod -p '$encrypted_password' $username",
  refreshonly  => true,
  subscribe=> User[$username],
  unless   => "cat /etc/shadow | grep $username| cut -f 2 -d :
| grep -v '!'",
}

script /opt/ict/bash/generate_password.sh
PWDLEN=12
/bin/cat /dev/urandom |/usr/bin/tr -dc _A-Z-a-z-0-9 | /usr/bin/head
-c${1:-$PWDLEN};

Any idea how the generate function works internally in Puppet? Can I
use pipes in the scripts?

Thanks!

Kind regards,
Xesc

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] New NRPE Puppet module

[William Van Hevelingen]

Hello Puppet Users and Dev,

I have just a pushed a puppet module for NRPE to github. Initially it
supports the Debian, Redhat, and Solaris based operating systems.

I plan on adding FreeBSD support in the near future.

In the meantime I will be updating the documentation and getting it ready
for a forge release.

I would appreciate any feedback or pull requests to add additional
functionality.

https://github.com/pdxcat/puppet-module-nrpe

My nick is blkperl in #puppet if you want to bounce ideas.

-- 
Thanks,
William Van Hevelingen

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] node definition and variables

[GRANIER Bernard (MORPHO)]

Hi,

Is there a way to do something like :

$computers_dbm="'computer1','computer2'"

$computers_worklflow="'computer4','computer3'"
  
node $computers_dbm {
  include dbm_installation
}

node $computers_worklflow {
  include dbm_worklflow
}

The point is not the include, but the fact to use a variable to define a nodes 
list.
I tried several solution but I did not find a good one.

Thanks in advance for any helps.

Cordialement,

Bernard Granier
CE Plateforme Système
bernard.gran...@morpho.com
01 58 11 32 51


-Original Message-
From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On 
Behalf Of Xesc Arbona
Sent: Wednesday, January 16, 2013 6:11 PM
To: puppet-users@googlegroups.com
Subject: [Puppet Users] Broken pipe on generate function

Hi,

I'm trying to generate passwords for user accounts using the generate function 
and calling a local script on the server, but that fails with an error about 
Broken pipe :

notice: 
/Stage[main]/Accounts::Virtual/Accounts::Add_user[xesc]/Notify[DM1HjM9a-VIx/usr/bin/tr:
write error: Broken pipe
/usr/bin/tr: write error
/bin/cat: write error: Broken pipe
]/message: defined 'message' as 'DM1HjM9a-VIx/usr/bin/tr: write error:
Broken pipe
/usr/bin/tr: write error
/bin/cat: write error: Broken pipe
'
notice: dAfux7Bb3YRz/usr/bin/tr: write error: Broken pipe
/usr/bin/tr: write error
/bin/cat: write error: Broken pipe

Code I'm using is:

  # generate random password and send to user if necessary
  if $generate_password {
$password = generate("/opt/ict/bash/generate_password.sh", '12')
$encrypted_password =
generate("/opt/ict/bash/encrypt_password.sh", "$password")

notify { $password: }

exec { "setpass $username":
  path => "/sbin:/usr/sbin:/bin/:/usr/bin",
  command  => "usermod -p '$encrypted_password' $username",
  refreshonly  => true,
  subscribe=> User[$username],
  unless   => "cat /etc/shadow | grep $username| cut -f 2 -d :
| grep -v '!'",
}

script /opt/ict/bash/generate_password.sh
PWDLEN=12
/bin/cat /dev/urandom |/usr/bin/tr -dc _A-Z-a-z-0-9 | /usr/bin/head 
-c${1:-$PWDLEN};

Any idea how the generate function works internally in Puppet? Can I use pipes 
in the scripts?

Thanks!

Kind regards,
Xesc

--
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

#
" This e-mail and any attached documents may contain confidential or 
proprietary information. If you are not the intended recipient, you are 
notified that any dissemination, copying of this e-mail and any attachments 
thereto or use of their contents by any means whatsoever is strictly 
prohibited. If you have received this e-mail in error, please advise the sender 
immediately and delete this e-mail and all attached documents from your 
computer system."
#

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Dashboard and SELinux

[Carlos N. A. Correa]

Hi, guys.

I have two somewhat related questions:

1) Is the package puppetlabs-dashboard open to contributions? I'm using a 
particular version which creates a 127.0.0.1:8083 virtualhost for dealing with 
client report uploads, and uses puppet's own cert to serve the dashboard on 
port 8082 (this allows for PuppetDB on the same machine). Do you think that any 
of this could be useful additions to the official package?

2) I saw the comment:

#  Note: SELinux on Redhat needs to be set separately to allow access to the
#   puppet-dashboard.
#

On the Dashboard manifest, and in fact got problems from SELinux using the 
package. I managed it by changing some file resources to set seltype 
"httpd_sys_content_t".

What would be the cleanest way to test for SELinux BEFORE using things like 
seltype? Would a simple "case $selinux_current_mode" be acceptable?

Regards,
Carlos "Bill" Nilton, M.Sc.
CISSP, RHCE, ITIL
http://carlosnilton.com.br/

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Difficulty debugging crashing PuppetDB

[Cody Robertson]

I'm not sure how I missed it but it appears the OOM was killing it (how 
embarassing). Once I raised the memory thresholds on the VM it was fine. 
Even though I somehow missed it in the log the catalyst for me finding it 
was looking at the PuppetDB command line - in particular the 
"-XX:OnOutOfMemoryError=kill" switch.

Sorry for the confusion / time wasting.

-Cody

On Thursday, January 10, 2013 12:15:16 PM UTC-5, Chris Price wrote:
>
> Cody,
>
> Can you provide some details on your OS and JVM flavors / versions?  Also, 
> you mentioned there was "nothing in the logs"--does this include the 
> syslog?  And are there any other *files* in the /var/log/puppetdb directory?
>
>
> On Wednesday, January 9, 2013 5:30:03 PM UTC-8, Cody Robertson wrote:
>>
>> I have no core dumps however I need to make sure I have it set to allow 
>> them. It literally just goes kaput - very strange. I've yet to have time to 
>> strace it yet today however I did it briefly and it was merely doing a 
>> bunch of waits.
>>
>> On Wednesday, January 9, 2013 6:43:05 PM UTC-5, Ken Barber wrote:
>>>
>>> Do you get a core dump? Does it seriously just silently 'stop' with no 
>>> SEGV or anything - even in the forground? 
>>>
>>> On Wed, Jan 9, 2013 at 11:07 PM, Cody Robertson  
>>> wrote: 
>>> > There is nothing in the logs as previously noted. It simply crashed 
>>> quietly. 
>>> > 
>>> > This is the same for when I'm running it in the foreground with 
>>> --debug or 
>>> > when it's a daemon. It simply quietly crashes. 
>>> > 
>>> > -- 
>>> > 013-01-09 18:00:15,841 DEBUG [command-proc-89] 
>>> > [bonecp.PreparedStatementHandle] SELECT timestamp FROM 
>>> certname_catalogs 
>>> > WHERE certname='typhoon.xxx.com' ORDER BY timestamp DESC LIMIT 1 
>>> > 2013-01-09 18:00:16,185 DEBUG [command-proc-89] 
>>> > [bonecp.PreparedStatementHandle] SELECT 1 FROM catalogs WHERE 
>>> > hash='b9915aef874b1a291e32f1b7cbe0efa9848fb923' LIMIT 1 
>>> > 2013-01-09 18:00:16,185 DEBUG [command-proc-89] 
>>> [bonecp.StatementHandle] 
>>> > UPDATE catalogs SET api_version=1, catalog_version='1357754062' WHERE 
>>> > hash='b9915aef874b1a291e32f1b7cbe0efa9848fb923' 
>>> > 2013-01-09 18:00:16,185 DEBUG [command-proc-89] 
>>> [bonecp.StatementHandle] 
>>> > DELETE FROM certname_catalogs WHERE certname='typhoon.xxx.com' 
>>> > 2013-01-09 18:00:16,186 DEBUG [command-proc-89] 
>>> > [bonecp.PreparedStatementHandle] INSERT INTO certname_catalogs 
>>> > (certname,catalog,timestamp) VALUES 
>>> > ('typhoon.xxx.com','b9915aef874b1a291e32f1b7cbe0efa9848fb923',2013-01-09 
>>>
>>> > 18:00:15.815) 
>>> > 2013-01-09 18:00:16,186 INFO  [command-proc-89] [puppetdb.command] 
>>> > [7779017b-5be2-415d-afd6-264d6d4d789e] [replace catalog] 
>>> typhoon.xxx.com 
>>> > sh-4.1# 
>>> > -- 
>>> > 
>>> > I'll attempt to attach a strace to it however it's so remarkably 
>>> verbose 
>>> > it's always a treat to sift through it. Is there an easy way to 
>>> increase the 
>>> > verbosity of puppetDB perhaps? 
>>> > 
>>> > -Cody 
>>> > 
>>> > On Wednesday, January 9, 2013 6:11:19 AM UTC-5, Matthew Burgess wrote: 
>>> >> 
>>> >> On Wed, Jan 9, 2013 at 1:37 AM, Cody Robertson  
>>> >> wrote: 
>>> >> > Hello! How is everyone this splendid evening? 
>>> >> > 
>>> >> > I've recently migrated to the latest Puppet and PuppetDB (using the 
>>> >> > build in 
>>> >> > database) however I'm noticing PuppetDB keeps crashing without any 
>>> >> > errors 
>>> >> > that I can find in the logs. I've ran it in the foreground using 
>>> the 
>>> >> > puppetdb-foreground command however it simply exits after awhile. 
>>> The 
>>> >> > only 
>>> >> > thing I can consistently do is see it crash - I can't get any 
>>> useful 
>>> >> > debug 
>>> >> > information beyond that. 
>>> >> > 
>>> >> > Can anyone shed some light on how I should go about this? Thank 
>>> you! 
>>> >> 
>>> >> What does /var/log/messages say.  Just a stab in the dark, but if 
>>> your 
>>> >> server is short of memory, then the kernel's oom killer may be 
>>> >> targetting the puppetdb process; that would certainly be evident in 
>>> >> your /var/log/messages output. 
>>> >> 
>>> >> If that's not the culprit, then attaching 'strace' to the puppetdb 
>>> >> process might be informative (strace -p ). 
>>> >> 
>>> >> Regards, 
>>> >> 
>>> >> Matt. 
>>> > 
>>> > -- 
>>> > You received this message because you are subscribed to the Google 
>>> Groups 
>>> > "Puppet Users" group. 
>>> > To view this discussion on the web visit 
>>> > https://groups.google.com/d/msg/puppet-users/-/vADEbpPDw7IJ. 
>>> > 
>>> > To post to this group, send email to puppet...@googlegroups.com. 
>>> > To unsubscribe from this group, send email to 
>>> > puppet-users...@googlegroups.com. 
>>> > For more options, visit this group at 
>>> > http://groups.google.com/group/puppet-users?hl=en. 
>>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/p

[Puppet Users] PuppetDB certificate signature failure for /CN=puppetdb

[chris mague]

I regenerated the puppetdb certs according to the instructions here:

Step 3, Option B

https://docs.puppetlabs.com/puppetdb/0.9/install_from_source.html#step-3-option-b-manually-create-a-keystore-and-truststore

And can verify the cert manually using openssl client

#echo "QUIT" | openssl s_client -connect puppetdb:8081  -CAfile 
/etc/ssl/certs/puppetdb.pem  |grep Verify 
Verify return code: 0 (ok)

However I still get the following:

err: Could not retrieve catalog from remote server: Error 400 on SERVER: 
Failed to submit 'replace facts' command for host23.example.com to PuppetDB 
at puppetdb:8081: SSL_connect returned=1 errno=0 state=SSLv3 read server 
certificate B: certificate verify failed: [certificate signature failure 
for /CN=puppetdb]

Where do I place the certs so they are validated by the puppetdb terminus?


-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/uqqpL4YG9g8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Issue with exported resources and "ensure"

[Cody Robertson]

Hello folks! I hope everyone is having a great Wednesday!

I think I may have come across a bug / a use case which isn't working 
properly however I wanted to run it by some eyes on the mailing list before 
I filed a bug report. I'm attempting to use Hiera with Puppet exported 
resources (a Nagios module in specific). I don't believe Hiera is a problem 
in this instance however I believe it's worth noting.

Here is the snippet that appears to not be working:

--
"check_sda7_nrpe_${hostname}":
ensure => $nrpe_command_check_sda7,
check_command => $nagios_check_sda7_custom ? {
yes => 
"check_disk_nrpe!sda7!$nagios_check_sda7_warn!$nagios_check_sda7_crit",
default => "check_disk_nrpe!sda7!20!10",
},
use => "generic-service",
service_description => "SDA7 Check",
host_name => $fqdn;
--

The $nrpe_command_check_sda7 variable is pulled via the hiera() function up 
top. It's either assigned "absent" or "present" depending on the node. This 
*is* getting assigned properly (I've tested it with notice() in the 
manifest).

--
Jan 16 17:22:03 puppet puppet-master[31413]: 
(Scope(Class[Nagios::Target::Install])) Variable: absent
Jan 16 17:22:03 puppet puppet-master[31413]: Compiled catalog for 
sng002.xxx.com in environment production in 0.34 seconds
--

The Nagios server collects the Nagios_* resources and generates the 
configurations however it appears the "ensure" portion isn't working 
properly. In the above example it's not removing the Nagios_service 
resource. If I manually specify "absent" or "present" in the manifest (not 
using the variable) it works as expected.

Am I missing anything obvious in this case?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/UBYF2_uq67EJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Difficulty debugging crashing PuppetDB

[Ken Barber]

So the log had enough information and it was just an oversight? Thats
good to hear.

We probably chose to kill the process as apposed to continually
running as OOM's in Java often leave things in an unknown state. We
could consider tanuki wrapper/java service wrapper around the process.
At least then it would restart, but you might not see there is a
problem ;-). We do this currently for ActiveMQ in PE for example.

On Wed, Jan 16, 2013 at 6:36 PM, Cody Robertson  wrote:
> I'm not sure how I missed it but it appears the OOM was killing it (how
> embarassing). Once I raised the memory thresholds on the VM it was fine.
> Even though I somehow missed it in the log the catalyst for me finding it
> was looking at the PuppetDB command line - in particular the
> "-XX:OnOutOfMemoryError=kill" switch.
>
> Sorry for the confusion / time wasting.
>
> -Cody
>
>
> On Thursday, January 10, 2013 12:15:16 PM UTC-5, Chris Price wrote:
>>
>> Cody,
>>
>> Can you provide some details on your OS and JVM flavors / versions?  Also,
>> you mentioned there was "nothing in the logs"--does this include the syslog?
>> And are there any other *files* in the /var/log/puppetdb directory?
>>
>>
>> On Wednesday, January 9, 2013 5:30:03 PM UTC-8, Cody Robertson wrote:
>>>
>>> I have no core dumps however I need to make sure I have it set to allow
>>> them. It literally just goes kaput - very strange. I've yet to have time to
>>> strace it yet today however I did it briefly and it was merely doing a bunch
>>> of waits.
>>>
>>> On Wednesday, January 9, 2013 6:43:05 PM UTC-5, Ken Barber wrote:

 Do you get a core dump? Does it seriously just silently 'stop' with no
 SEGV or anything - even in the forground?

 On Wed, Jan 9, 2013 at 11:07 PM, Cody Robertson 
 wrote:
 > There is nothing in the logs as previously noted. It simply crashed
 > quietly.
 >
 > This is the same for when I'm running it in the foreground with
 > --debug or
 > when it's a daemon. It simply quietly crashes.
 >
 > --
 > 013-01-09 18:00:15,841 DEBUG [command-proc-89]
 > [bonecp.PreparedStatementHandle] SELECT timestamp FROM
 > certname_catalogs
 > WHERE certname='typhoon.xxx.com' ORDER BY timestamp DESC LIMIT 1
 > 2013-01-09 18:00:16,185 DEBUG [command-proc-89]
 > [bonecp.PreparedStatementHandle] SELECT 1 FROM catalogs WHERE
 > hash='b9915aef874b1a291e32f1b7cbe0efa9848fb923' LIMIT 1
 > 2013-01-09 18:00:16,185 DEBUG [command-proc-89]
 > [bonecp.StatementHandle]
 > UPDATE catalogs SET api_version=1, catalog_version='1357754062' WHERE
 > hash='b9915aef874b1a291e32f1b7cbe0efa9848fb923'
 > 2013-01-09 18:00:16,185 DEBUG [command-proc-89]
 > [bonecp.StatementHandle]
 > DELETE FROM certname_catalogs WHERE certname='typhoon.xxx.com'
 > 2013-01-09 18:00:16,186 DEBUG [command-proc-89]
 > [bonecp.PreparedStatementHandle] INSERT INTO certname_catalogs
 > (certname,catalog,timestamp) VALUES
 >
 > ('typhoon.xxx.com','b9915aef874b1a291e32f1b7cbe0efa9848fb923',2013-01-09
 > 18:00:15.815)
 > 2013-01-09 18:00:16,186 INFO  [command-proc-89] [puppetdb.command]
 > [7779017b-5be2-415d-afd6-264d6d4d789e] [replace catalog]
 > typhoon.xxx.com
 > sh-4.1#
 > --
 >
 > I'll attempt to attach a strace to it however it's so remarkably
 > verbose
 > it's always a treat to sift through it. Is there an easy way to
 > increase the
 > verbosity of puppetDB perhaps?
 >
 > -Cody
 >
 > On Wednesday, January 9, 2013 6:11:19 AM UTC-5, Matthew Burgess wrote:
 >>
 >> On Wed, Jan 9, 2013 at 1:37 AM, Cody Robertson 
 >> wrote:
 >> > Hello! How is everyone this splendid evening?
 >> >
 >> > I've recently migrated to the latest Puppet and PuppetDB (using the
 >> > build in
 >> > database) however I'm noticing PuppetDB keeps crashing without any
 >> > errors
 >> > that I can find in the logs. I've ran it in the foreground using
 >> > the
 >> > puppetdb-foreground command however it simply exits after awhile.
 >> > The
 >> > only
 >> > thing I can consistently do is see it crash - I can't get any
 >> > useful
 >> > debug
 >> > information beyond that.
 >> >
 >> > Can anyone shed some light on how I should go about this? Thank
 >> > you!
 >>
 >> What does /var/log/messages say.  Just a stab in the dark, but if
 >> your
 >> server is short of memory, then the kernel's oom killer may be
 >> targetting the puppetdb process; that would certainly be evident in
 >> your /var/log/messages output.
 >>
 >> If that's not the culprit, then attaching 'strace' to the puppetdb
 >> process might be informative (strace -p ).
 >>
 >> Regards,
 >>
 >> Matt.
 >
 > --
 > You received this message because you are subscribed to the Google
 > Groups
 > "Puppet Users" group.
 > To view this discuss

[Puppet Users] Re: Broken pipe on generate function

[jcbollinger]

On Wednesday, January 16, 2013 11:10:33 AM UTC-6, Xesc Arbona wrote:
>
> Hi, 
>
> I'm trying to generate passwords for user accounts using the generate 
> function and calling a local script on the server, but that fails with 
> an error about Broken pipe : 
>
> notice: 
> /Stage[main]/Accounts::Virtual/Accounts::Add_user[xesc]/Notify[DM1HjM9a-VIx/usr/bin/tr:
>  
>
> write error: Broken pipe 
> /usr/bin/tr: write error 
> /bin/cat: write error: Broken pipe 
> ]/message: defined 'message' as 'DM1HjM9a-VIx/usr/bin/tr: write error: 
> Broken pipe 
> /usr/bin/tr: write error 
> /bin/cat: write error: Broken pipe 
> ' 
> notice: dAfux7Bb3YRz/usr/bin/tr: write error: Broken pipe 
> /usr/bin/tr: write error 
> /bin/cat: write error: Broken pipe 
>


You are mistaken: Puppet itself is not failing.  Rather, it is outputting a 
message, as instructed by your manifest, with the message content appearing 
to be a sequence of error messages.

 

>
> Code I'm using is: 
>
>   # generate random password and send to user if necessary 
>   if $generate_password { 
> $password = generate("/opt/ict/bash/generate_password.sh", '12') 
> $encrypted_password = 
> generate("/opt/ict/bash/encrypt_password.sh", "$password") 
>
> notify { $password: } 
>


Specifically, then, it is the script /opt/ict/bash/encrypt_password.sh that 
is producing that string of error messages.  It is returned by the 
generate() function and captured in variable $password.  It is then emitted 
into the agent's output by the 'notify' resource.

Puppet appears to be operating exactly as intended, but you really should 
look at that script.

 

>
> exec { "setpass $username": 
>   path => "/sbin:/usr/sbin:/bin/:/usr/bin", 
>   command  => "usermod -p '$encrypted_password' $username", 
>   refreshonly  => true, 
>   subscribe=> User[$username], 
>   unless   => "cat /etc/shadow | grep $username| cut -f 2 -d : 
> | grep -v '!'", 
> } 
>
> script /opt/ict/bash/generate_password.sh 
> PWDLEN=12 
> /bin/cat /dev/urandom |/usr/bin/tr -dc _A-Z-a-z-0-9 | /usr/bin/head 
> -c${1:-$PWDLEN}; 
>
> Any idea how the generate function works internally in Puppet? Can I 
> use pipes in the scripts? 
>
>
Here are the docs: 
http://docs.puppetlabs.com/references/3.0.latest/function.html#generate.

I don't really know what you want to know about how the function "works 
internally", but in a general sense, the only thing it *can* do is launch 
the external command in a child process.  Because Puppet captures the 
command's output, it must leave open the command's standard output, 
standard error, or perhaps both, but it probably closes the command's 
standard input.  It is unclear what the command will have for environment 
variables; it might inherit the master's complete environment, but it is 
unsafe to assume *anything* about the environment in the absence of 
documentation on that point.

If the command is an executable script beginning with an appropriate 
shebang line (e.g. #!/bin/bash) then the system will launch the specified 
processor to execute it.  The capabilities and features supported by the 
script are entirely a question of the script processor used.  If it is 
bash, tcsh, or any other shell from those families then, yes, the script 
may use pipes internally.  The command itself must not be a pipeline, 
however, nor may it or its arguments rely on parameter expansion or any 
other shell feature.

The "broken pipe" messages probably mean that your script tries to execute 
a pipeline where the command on the receiving end cannot be started or 
terminates prematurely.  My best guess would be that the script's 
expectations about its environment are not fulfilled.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/5qIAkIOcbnUJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: node definition and variables

[jcbollinger]

On Wednesday, January 16, 2013 11:59:18 AM UTC-6, bernard...@morpho.com 
wrote:
>
> Hi, 
>
> Is there a way to do something like : 
>
> $computers_dbm="'computer1','computer2'" 
>
> $computers_worklflow="'computer4','computer3'" 
>   
> node $computers_dbm { 
>   include dbm_installation 
> } 
>
> node $computers_worklflow { 
>   include dbm_worklflow 
> } 
>
> The point is not the include, but the fact to use a variable to define a 
> nodes list. 
> I tried several solution but I did not find a good one. 
>
>

Please do not hijack threads.

Here is the documentation on node definitions: 
http://docs.puppetlabs.com/puppet/3/reference/lang_node_definitions.html.  
If you want further discussion or advice then please start your own thread 
for it.

John 

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/88qn6IlHvMAJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] generate function not working within conditional?

[jcbollinger]

On Wednesday, January 16, 2013 11:06:49 AM UTC-6, Jakov Sosic wrote:
>
> On 01/16/2013 04:30 PM, jcbollinger wrote: 
> [...]
> > That would be less ambiguous.  If you filed an RFE against the docs for 
> > this then I think it would be very likely to be accepted and implemented 
> > quickly. 
>
> Do I open this like a bug, or? Don't know what RFE is :-/ 
>
>

Sorry, RFE is "Request For Enhancement".  You file it in the issue tracker, 
very much like a bug report, but you will select "Feature" instead of "Bug" 
from the relevant drop-down list.  I believe you need to log in to be able 
to create new issues.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/M4rPLUq0x-QJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Windows Puppet File Resource Getting Puppet Server's UNIX File Permissions

[phundisk]

I am noticing some very odd behavior with my puppet server and a windows 
client.

For my puppet server I have a module setup similar to this below... Please 
note, I am not setting any permission on this file.
file { "C:\\directory\\file.dll":
ensure => 'present',
source => "puppet:///modules/aaa/file.dll",
}

The actual permissions in the unix filesystem is set to 644

When I apply this to my Windows client, the puppet agent will change the 
mode of the file *already on the server* to 0644, which is not what I would 
expect puppet to do.  I would expect since it is already there, it would 
not even care about the permissions.

I know this is taking the UNIX filesystem permissions because I chmod'd the 
file on the filesystem to 0777 and when running puppet on Windows, it took 
the new permissions.

This becomes problematic because I am using puppet environments with an SVN 
checkout system.  Every time I update svn checkouts, it defaults to 0644. 
 Does anyone know if this is expected behavior or ways around this?

-- 
_
This email and any files transmitted with it are confidential and intended 
solely for the addressee.  If you received this email in error, please do 
not disclose the contents to anyone; kindly notify the sender by return 
email and delete this email and any attachments from your system.

© 2011 Currensee Inc. is a member of the National Futures Association (NFA) 
Member ID 0403251 | Over the counter retail foreign currency (Forex) 
trading may involve significant risk of loss. It is not suitable for all 
investors and you should make sure you understand the risks involved before 
trading and seek independent advice if necessary. Performance, strategies 
and charts shown are not necessarily predictive of any particular result 
and past performance is no indication of future results. Investor returns 
may vary from Trade Leader returns based on slippage, fees, broker spreads, 
volatility or other market conditions.

Currensee Inc | 54 Canal St 4th Floor | Boston, MA 02114 | +1.617.624.3824

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/joCwso4AsIoJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Announce: Puppet Dashboard 1.2.20 Available

[Moses Mendoza]

Puppet Dashboard 1.2.20 is now available!

This release of Puppet Dashboard addresses an issue in the 1.2.19
packages where the version link still reads "1.2.18". This release
also changes the target of the link to the Github Puppet Dashboard
repo from the CHANGELOG file to the list of commits in the packaged
version.

Downloads


RPM packages for are available at https://yum.puppetlabs.com/el or /fedora

Debian packages are available at https://apt.puppetlabs.com

Source can be downloaded from
https://puppetlabs.com/downloads/dashboard/puppet-dashboard-1.2.20.tar.gz,
along with the accompanying signature file,
https://puppetlabs.com/downloads/dashboard/puppet-dashboard-1.2.20.tar.gz.asc.

See the Verifying Puppet Download section at:
http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet

1.2.20 Changelog

Moses Mendoza (2):
  25b5bca Remove CHANGELOG file, update version link
  e937353 Update VERSION for 1.2.20 release

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Puppet, Hiera and complex data structures...

[jcbollinger]

On Wednesday, January 16, 2013 9:23:42 AM UTC-6, Gavin Williams wrote:
>
> John
>
> Cheers for that... 
>
> Could you expand on *"enhance selectivity by declaring all the relevant 
> resources virtually, and then using collections with appropriate predicates 
> to realize only the ones that are wanted for the current target."*?
> Have used virtual resources for other bits and pieces, but not familiar 
> with 'collections'... 
>
>
Simplified example:

@user {
  "alice": tag => 'user';
  "bob": tag => 'admin';
}

# Realize users tagged as admins, but not other virtual users
User<| tag == 'admin' |>

Selection predicates may use other resource properties, too, not just 
tags.  See http://docs.puppetlabs.com/puppet/3/reference/lang_virtual.html 
for (a bit) more information.


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/GSYyBJFMBhMJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Restrict file creation in the masters

[jcbollinger]

On Wednesday, January 16, 2013 4:30:28 AM UTC-6, Nacho Barrientos wrote:
>
> Hi,
>
> Maybe I'm missing something obvious because my question sounds very naive 
> to me. Anyway, here I go:
>
> Is it possible to prevent module developers from writing files in the 
> master via custom Puppet functions[0]? 
>
>
Mostly.  The master normally runs as an unprivileged user, so file and 
directory access controls apply to it.  If you run SELinux in enforcing 
mode then SELinux policy applies no matter what user the master runs as.  
There are a couple of places to which the master needs to write (its log, 
its cache, ...), but appropriate access controls will prevent it from 
writing elsewhere (its config file, module directories, unrelated system 
directories, etc.).


John

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/4UT6h8ICls8J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Windows Puppet File Resource Getting Puppet Server's UNIX File Permissions

[Josh Cooper]

Hi Alex,

On Wed, Jan 16, 2013 at 12:49 PM, phundisk  wrote:
> I am noticing some very odd behavior with my puppet server and a windows
> client.
>
> For my puppet server I have a module setup similar to this below... Please
> note, I am not setting any permission on this file.
> file { "C:\\directory\\file.dll":
> ensure => 'present',
> source => "puppet:///modules/aaa/file.dll",
> }
>
> The actual permissions in the unix filesystem is set to 644
>
> When I apply this to my Windows client, the puppet agent will change the
> mode of the file already on the server to 0644, which is not what I would
> expect puppet to do.  I would expect since it is already there, it would not
> even care about the permissions.
>
> I know this is taking the UNIX filesystem permissions because I chmod'd the
> file on the filesystem to 0777 and when running puppet on Windows, it took
> the new permissions.
>
> This becomes problematic because I am using puppet environments with an SVN
> checkout system.  Every time I update svn checkouts, it defaults to 0644.
> Does anyone know if this is expected behavior or ways around this?

This is "expected" in that windows agents emulate current *nix agent
behavior. With that said there are issues with the current behavior in
general. Currently, *nix agents will attempt to apply the remote
uid/gid to the local system, which may not be what you would expect.
See http://projects.puppetlabs.com/issues/5240.

You could either set the executable bit on these files in svn[1] or
define a default mode for file resources[2]. I'd probably go with the
former.

Josh

[1] http://svnbook.red-bean.com/en/1.7/svn.ref.svn.c.propset.html
[2] http://docs.puppetlabs.com/guides/style_guide.html#resource-defaults
--
Josh Cooper
Developer, Puppet Labs

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] Windows Puppet File Resource Getting Puppet Server's UNIX File Permissions

[phundisk]

I see.  That is very interesting to know, it was causing me much stress as 
to where the permissions were coming from originally.  I appreciate the 
help again Josh!

On Wednesday, January 16, 2013 4:35:46 PM UTC-5, Josh Cooper wrote:
>
> Hi Alex, 
>
> On Wed, Jan 16, 2013 at 12:49 PM, phundisk 
> > 
> wrote: 
> > I am noticing some very odd behavior with my puppet server and a windows 
> > client. 
> > 
> > For my puppet server I have a module setup similar to this below... 
> Please 
> > note, I am not setting any permission on this file. 
> > file { "C:\\directory\\file.dll": 
> > ensure => 'present', 
> > source => "puppet:///modules/aaa/file.dll", 
> > } 
> > 
> > The actual permissions in the unix filesystem is set to 644 
> > 
> > When I apply this to my Windows client, the puppet agent will change the 
> > mode of the file already on the server to 0644, which is not what I 
> would 
> > expect puppet to do.  I would expect since it is already there, it would 
> not 
> > even care about the permissions. 
> > 
> > I know this is taking the UNIX filesystem permissions because I chmod'd 
> the 
> > file on the filesystem to 0777 and when running puppet on Windows, it 
> took 
> > the new permissions. 
> > 
> > This becomes problematic because I am using puppet environments with an 
> SVN 
> > checkout system.  Every time I update svn checkouts, it defaults to 
> 0644. 
> > Does anyone know if this is expected behavior or ways around this? 
>
> This is "expected" in that windows agents emulate current *nix agent 
> behavior. With that said there are issues with the current behavior in 
> general. Currently, *nix agents will attempt to apply the remote 
> uid/gid to the local system, which may not be what you would expect. 
> See http://projects.puppetlabs.com/issues/5240. 
>
> You could either set the executable bit on these files in svn[1] or 
> define a default mode for file resources[2]. I'd probably go with the 
> former. 
>
> Josh 
>
> [1] http://svnbook.red-bean.com/en/1.7/svn.ref.svn.c.propset.html 
> [2] http://docs.puppetlabs.com/guides/style_guide.html#resource-defaults 
> -- 
> Josh Cooper 
> Developer, Puppet Labs 
>

-- 
_
This email and any files transmitted with it are confidential and intended 
solely for the addressee.  If you received this email in error, please do 
not disclose the contents to anyone; kindly notify the sender by return 
email and delete this email and any attachments from your system.

© 2011 Currensee Inc. is a member of the National Futures Association (NFA) 
Member ID 0403251 | Over the counter retail foreign currency (Forex) 
trading may involve significant risk of loss. It is not suitable for all 
investors and you should make sure you understand the risks involved before 
trading and seek independent advice if necessary. Performance, strategies 
and charts shown are not necessarily predictive of any particular result 
and past performance is no indication of future results. Investor returns 
may vary from Trade Leader returns based on slippage, fees, broker spreads, 
volatility or other market conditions.

Currensee Inc | 54 Canal St 4th Floor | Boston, MA 02114 | +1.617.624.3824

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/6I3LEHFoNTkJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] New NRPE Puppet module

[Peter Brown]

Nice to find out who pdxcat is :) (I am using a couple of your modules)

I published my nrpe module to github a while back as well.
It looks like you have taken a vaguely similar approach.
Maybe some collaboration is in order...

My module is here if you want to take a look.
https://github.com/rendhalver/puppet-nrpe
I published it to the forge as well.


On 17 January 2013 03:58, William Van Hevelingen  wrote:

> Hello Puppet Users and Dev,
>
> I have just a pushed a puppet module for NRPE to github. Initially it
> supports the Debian, Redhat, and Solaris based operating systems.
>
> I plan on adding FreeBSD support in the near future.
>
> In the meantime I will be updating the documentation and getting it ready
> for a forge release.
>
> I would appreciate any feedback or pull requests to add additional
> functionality.
>
> https://github.com/pdxcat/puppet-module-nrpe
>
> My nick is blkperl in #puppet if you want to bounce ideas.
>
> --
> Thanks,
> William Van Hevelingen
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Re: Error: Could not retrieve catalog from remote server: execution expired

[Joshua Buss]

Wow, I just found this by googling for the error message and I'm getting 
the exact same problem.. unable to run puppet agent on the same machine 
where I have the puppet master running.. times out on loading plugin.  I'm 
running on ubuntu server 11.10, version  2.7.1-1ubuntu3.7

On Monday, January 7, 2013 1:19:41 PM UTC-6, Rob Smith wrote:
>
> Hi everyone,
>
> I recently ran into an issue where my puppetmaster can't run puppet on 
> itself. It errors out with the following:
> Error: Could not retrieve catalog from remote server: execution expired
> Warning: Not using cache on failed catalog
> Error: Could not retrieve catalog; skipping run
>
> I'm running Puppet 3 with passanger and puppetdb (hsql). I've tried 
> restarting puppetdb and apache to no effect. If I wipe out puppetdb, it'll 
> work again until all 17 servers are back into the catalog and it times out 
> from then on. The puppet master is also my nagios node so it does have a 
> huge amount of resources to assemble.
>
> Can I configure puppet to wait longer for the catalog generation step? 
> I've search the docs without anything standing out to me.
>
> Thanks,
> ~Rob
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/om1VqCu2HbgJ.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

Re: [Puppet Users] /etc/facter/facts.d/ Question

[Peter Brown]

I don't think that is possible.
>From what I can tell it seems to be completely static.

Though you could be tricky and manage the files in the directory with
puppet to give you some extra capabilities.


On 17 January 2013 02:57, Dan White  wrote:

> Is it possible to refer to another fact in one of these files ?
>
> “Sometimes I think the surest sign that intelligent life exists elsewhere
> in the universe is that none of it has tried to contact us.”
> Bill Waterson (Calvin & Hobbes)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.

[Puppet Users] Puppet resource scoping issue

[Boris]

I have a service resource in class 'foo', and i want to make a relationship 
with this resource from class 'bar'. Both 'foo' and 'bar' classes are 
included in my node definition.
>From puppet docs i learned that dynamic scoping is still available for 
resources, but what happens in reality, is from-time-to-time error "Could 
not find dependent Service".

Can someone, please, help to explain this behavior?

-- 
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To view this discussion on the web visit 
https://groups.google.com/d/msg/puppet-users/-/KNMlMXW6ym0J.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to 
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en.