Re: [Puppet Users] puppetdb question !!!
Hi , I am still struggling on the replace fact part, is there any way to force replace_facts for a node. I am actually adding new facts by coping them directly into the facter dir but unfortunately they are not getting replicated to puppetdb. Is there any way to force puppetdb to replace_facts. This is really urgent for me, any help is greatly appreciated. Regards, Rakesh K. On Wed, Mar 12, 2014 at 1:25 PM, Rakesh Kathpal wrote: > https://tickets.puppetlabs.com/browse/PDB-508 > > > On Tue, Mar 11, 2014 at 10:28 PM, Ken Barber wrote: > >> > Just a suggestion .. it will really good if you can add field "date >> added" >> > to the certname table just reporting purposes. >> >> Feel free to raise that as a feature request here Rakesh: >> https://tickets.puppetlabs.com/browse/PDB >> >> ken. >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Puppet Users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to puppet-users+unsubscr...@googlegroups.com. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com >> . >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
After copying these facts into /etc/facter/facts.d, are you kicking off another puppet agent run? Facts get sent to the master on each agent run, not before. http://docs.puppetlabs.com/guides/custom_facts.html#viewing-fact-values On Sun, Mar 30, 2014 at 07:35:54PM +0530, Rakesh Kathpal wrote: >Hi , > >I am still struggling on the replace fact part, is there any way >to force replace_facts for a node. > >I am actually adding new facts by coping them directly into the facter dir >but unfortunately they are not getting replicated to puppetdb. Is there >any way to force puppetdb to replace_facts. > >This is really urgent for me, any help is greatly appreciated. > >Regards, > >Rakesh K. > >On Wed, Mar 12, 2014 at 1:25 PM, Rakesh Kathpal <[1]rkath...@gmail.com> >wrote: > > [2]https://tickets.puppetlabs.com/browse/PDB-508 > > On Tue, Mar 11, 2014 at 10:28 PM, Ken Barber <[3]k...@puppetlabs.com> > wrote: > >> Just a suggestion .. it will really good if you can add field "date >added" >> to the certname table just reporting purposes. > >Feel free to raise that as a feature request here Rakesh: >[4]https://tickets.puppetlabs.com/browse/PDB > >ken. >-- >You received this message because you are subscribed to the Google >Groups "Puppet Users" group. >To unsubscribe from this group and stop receiving emails from it, send >an email to [5]puppet-users+unsubscr...@googlegroups.com. >To view this discussion on the web visit > > [6]https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com. >For more options, visit [7]https://groups.google.com/d/optout. > >-- >You received this message because you are subscribed to the Google Groups >"Puppet Users" group. >To unsubscribe from this group and stop receiving emails from it, send an >email to [8]puppet-users+unsubscr...@googlegroups.com. >To view this discussion on the web visit > > [9]https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com. >For more options, visit [10]https://groups.google.com/d/optout. > > References > >Visible links >1. mailto:rkath...@gmail.com >2. https://tickets.puppetlabs.com/browse/PDB-508 >3. mailto:k...@puppetlabs.com >4. https://tickets.puppetlabs.com/browse/PDB >5. mailto:puppet-users%2bunsubscr...@googlegroups.com >6. > https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com >7. https://groups.google.com/d/optout >8. mailto:puppet-users+unsubscr...@googlegroups.com >9. > https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com?utm_medium=email&utm_source=footer > 10. https://groups.google.com/d/optout -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/20140330151817.GA24743%40iniquitous.heresiarch.ca. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] puppetdb question !!!
I am not copying the facts to the facts.d folder.. but i am creating the facts as .rb files and placing them into /usr/lib/ruby/site_ruby/ruby/1.8/facter/. On Sun, Mar 30, 2014 at 8:48 PM, Christopher Wood < christopher_w...@pobox.com> wrote: > After copying these facts into /etc/facter/facts.d, are you kicking off > another puppet agent run? Facts get sent to the master on each agent run, > not before. > > http://docs.puppetlabs.com/guides/custom_facts.html#viewing-fact-values > > On Sun, Mar 30, 2014 at 07:35:54PM +0530, Rakesh Kathpal wrote: > >Hi , > > > >I am still struggling on the replace fact part, is there any way > >to force replace_facts for a node. > > > >I am actually adding new facts by coping them directly into the > facter dir > >but unfortunately they are not getting replicated to puppetdb. Is > there > >any way to force puppetdb to replace_facts. > > > >This is really urgent for me, any help is greatly appreciated. > > > >Regards, > > > >Rakesh K. > > > >On Wed, Mar 12, 2014 at 1:25 PM, Rakesh Kathpal <[1] > rkath...@gmail.com> > >wrote: > > > > [2]https://tickets.puppetlabs.com/browse/PDB-508 > > > > On Tue, Mar 11, 2014 at 10:28 PM, Ken Barber <[3]k...@puppetlabs.com > > > > wrote: > > > >> Just a suggestion .. it will really good if you can add field > "date > >added" > >> to the certname table just reporting purposes. > > > >Feel free to raise that as a feature request here Rakesh: > >[4]https://tickets.puppetlabs.com/browse/PDB > > > >ken. > >-- > >You received this message because you are subscribed to the Google > >Groups "Puppet Users" group. > >To unsubscribe from this group and stop receiving emails from it, > send > >an email to [5]puppet-users+unsubscr...@googlegroups.com. > >To view this discussion on the web visit > >[6] > https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com > . > >For more options, visit [7]https://groups.google.com/d/optout. > > > >-- > >You received this message because you are subscribed to the Google > Groups > >"Puppet Users" group. > >To unsubscribe from this group and stop receiving emails from it, > send an > >email to [8]puppet-users+unsubscr...@googlegroups.com. > >To view this discussion on the web visit > >[9] > https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com > . > >For more options, visit [10]https://groups.google.com/d/optout. > > > > References > > > >Visible links > >1. mailto:rkath...@gmail.com > >2. https://tickets.puppetlabs.com/browse/PDB-508 > >3. mailto:k...@puppetlabs.com > >4. https://tickets.puppetlabs.com/browse/PDB > >5. mailto:puppet-users%2bunsubscr...@googlegroups.com > >6. > https://groups.google.com/d/msgid/puppet-users/CAE4bNT%3D6LBjFCDrym8auMw7ufxMwBmV_d6x-yTO4CxdMPkdKqQ%40mail.gmail.com > >7. https://groups.google.com/d/optout > >8. mailto:puppet-users+unsubscr...@googlegroups.com > >9. > https://groups.google.com/d/msgid/puppet-users/CAEJrXMW8zjnUaAaQ%3DJapew%2Bja5fnAJdy1G6fTyO%3Dws%3D4%2Bt4ZLg%40mail.gmail.com?utm_medium=email&utm_source=footer > > 10. https://groups.google.com/d/optout > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/puppet-users/20140330151817.GA24743%40iniquitous.heresiarch.ca > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAEJrXMU%2B%2BtaYG6q-NtLvnLpQp%2BFQ%2B1P%2BhrCiG%3DPPw_yYR%3D-jrA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] separate puppetmaster ca server
Hi, Apologies if this appears twice, I couldn't see it show up in the archives. I've been trying to set up a separate ca server for puppetmaster and failing. I'm sure I've missed something but I'm not sure where to look. server a is the puppetmaster: [main] ca_server = puppetmaster.puppet.local [agent] server = puppetmaster.puppet.local [master] ca=true server b is the puppetmaster-client (slave puppetmaster): [main] ca_server = puppetmaster.puppet.local server = puppetmaster.puppet.local [agent] [master] ca=false and finally server c is the puppet-client: [main] ca_server = puppetmaster.puppet.local server = puppetmaster-client.puppet.local [agent] When I run 'puppet agent --test' on puppet-client, it generates a cert which is then signed. The next run then hits puppetmaster-client. All good so far. However I never see another hit on puppetmaster at all. If I shut down the daemon on puppetmaster, nothing complains. If I revoke the certificate on puppetmaster, nothing complains. If I change puppet-client config so: [main] server = puppetmaster.puppet.local Then it does complain. Using puppet 3.4.3 from puppetlabs rpm's. Any help/suggestions etc would be fantastic. Cheers, Chris. -- Postgresql & php tutorials http://www.designmagick.com/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/533887A8.7030104%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] separate puppetmaster ca server
When you have a separate server providing the CA service, it is only contacted when a client first connects. After the client's cert is signed, the CA server does nothing. Does that make sense? On Sun, Mar 30, 2014 at 2:07 PM, Chris wrote: > Hi, > > Apologies if this appears twice, I couldn't see it show up in the archives. > > I've been trying to set up a separate ca server for puppetmaster and > failing. I'm sure I've missed something but I'm not sure where to look. > > server a is the puppetmaster: > > [main] > ca_server = puppetmaster.puppet.local > > [agent] > server = puppetmaster.puppet.local > > [master] > ca=true > > > server b is the puppetmaster-client (slave puppetmaster): > [main] > ca_server = puppetmaster.puppet.local > server = puppetmaster.puppet.local > > [agent] > > > [master] >ca=false > > > and finally server c is the puppet-client: > [main] > ca_server = puppetmaster.puppet.local > server = puppetmaster-client.puppet.local > > [agent] > > > > When I run 'puppet agent --test' on puppet-client, it generates a cert > which is then signed. The next run then hits puppetmaster-client. All good > so far. > > However I never see another hit on puppetmaster at all. > If I shut down the daemon on puppetmaster, nothing complains. If I revoke > the certificate on puppetmaster, nothing complains. > > If I change puppet-client config so: > [main] > server = puppetmaster.puppet.local > > Then it does complain. > > Using puppet 3.4.3 from puppetlabs rpm's. > > Any help/suggestions etc would be fantastic. > > Cheers, > Chris. > > -- > Postgresql & php tutorials > http://www.designmagick.com/ > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/puppet-users/533887A8.7030104%40gmail.com. > For more options, visit https://groups.google.com/d/optout. > -- Spencer Krum (619)-980-7820 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADt6FWNi3rpLcSW_%3DmM66mFpSaorkKJ0J1Bhgh6kdq70fXxWnw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] separate puppetmaster ca server
On 31/03/14 08:13, Spencer Krum wrote: When you have a separate server providing the CA service, it is only contacted when a client first connects. After the client's cert is signed, the CA server does nothing. Does that make sense? Yes and no. Yes - I'm not missing something :) No - I can't control client access with certificates. I thought it would check the certificate was still valid. Anyway, thanks for the info - much appreciated. Chris. -- Postgresql & php tutorials http://www.designmagick.com/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/53388D51.6010701%40gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] separate puppetmaster ca server
The puppetmaster doing catalog compilation, puppetmaster-client in your case, does verify that the client cert is not in the CRL. However, you have to help it out a bit. For one, you need the puppetmaster-client to get the most recent CRL from the puppetmaster (the CA server) on a regular basis, often you can do this by running puppetmaster-client in agent mode against puppetmaster, but you could also have a cron job to sync the files. For two, in some cases you need to restart apache in order to re-read the CRL. Hope this helps. Spencer On Sun, Mar 30, 2014 at 2:32 PM, Chris wrote: > On 31/03/14 08:13, Spencer Krum wrote: > >> When you have a separate server providing the CA service, it is only >> contacted when a client first connects. After the client's cert is >> signed, the CA server does nothing. Does that make sense? >> > > Yes and no. > > Yes - I'm not missing something :) > No - I can't control client access with certificates. I thought it would > check the certificate was still valid. > > Anyway, thanks for the info - much appreciated. > > > Chris. > -- > Postgresql & php tutorials > http://www.designmagick.com/ > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/puppet-users/53388D51.6010701%40gmail.com. > > For more options, visit https://groups.google.com/d/optout. > -- Spencer Krum (619)-980-7820 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CADt6FWMCv%2BBGDjr7xJVE8%3DMi-X68CMQjd1WdGv6w%2B-WPL1BLQg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: Puppet fails to run if ruby1.8 is not installed.
ok. So for anyone else digging for this issue: Amazon Linux just did an update to be closer to what RHEL7 will look like, which means they dropped a default install of ruby 1.8.x The Puppet RPM package is compiled against RHEL5/6 which has ruby 1.8.x. So it drops a ton of its dependencies into /usr/lib/ruby/site_ruby/1.8. If Ruby 1.8 isn't there, everything is broken. Fix is to "yum install ruby18 ; alternatives --configure ruby" and set 1.8 as the default ruby. Which is ugly. Or build your own RPM. --Jason (yuck) On Sat, Mar 29, 2014 at 10:54 PM, Jason Price wrote: > Amazon this week took ruby1.8 out of their Amazon Linux distro. > > Only ruby2.0 is installed. > > After installing the puppetlabs yum repo package, and then yum install > puppet, I have this error: > > # puppet agent -t > /usr/share/ruby/vendor_ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in > `require': cannot load such file -- puppet/util/command_line (LoadError) > from > /usr/share/ruby/vendor_ruby/2.0/rubygems/core_ext/kernel_require.rb:55:in > `require' > from /usr/bin/puppet:3:in `' > > If I install ruby18, I can get things working again, but puppet's web page > says ruby 2.0 is perfectly supported. > > I note that the puppetlabs puppet RPM installs a TON of stuff in > /usr/lib/ruby/site_ruby/1.8 but there's no corresponding 'stuff' for 2.0. > Specifically, the 'command_line' bit certainly is only in the 1.8 path... > > Any insights would be deeply appreciated. > > (and yes, I could install 1.8, set alternatives to use 1.8, etc, but I'd > rather not bother) > > System details: > > # rpm -qa | grep puppet > puppetlabs-release-6-10.noarch > puppet-3.4.3-1.el6.noarch > > # rpm -qa | grep ruby > rubygems20-2.0.14-1.14.amzn1.noarch > ruby-shadow-1.4.1-15.5.amzn1.x86_64 > libselinux-ruby-2.1.10-3.17.amzn1.x86_64 > ruby20-libs-2.0.0.451-1.14.amzn1.x86_64 > ruby-rgen-0.6.5-2.el6.noarch > rubygem20-psych-2.0.0-1.14.amzn1.x86_64 > rubygem20-rdoc-4.0.1-2.18.amzn1.noarch > ruby-2.0-0.3.amzn1.noarch > rubygem20-bigdecimal-1.2.0-1.14.amzn1.x86_64 > ruby-augeas-0.4.1-1.6.amzn1.x86_64 > rubygem20-json-1.7.7-101.27.amzn1.x86_64 > ruby20-irb-2.0.0.451-1.14.amzn1.noarch > ruby20-2.0.0.451-1.14.amzn1.x86_64 > ruby18-libs-1.8.7.374-2.42.3.amzn1.x86_64 > rubygem-json-2.0-0.3.amzn1.noarch > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAChvjRBdcseVB0FD%2B7q_PJRxeDZPeTUf8RknLURsvspKH7-35A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Help with puppet
Hi All, I am trying to learn puppet. I want to writte a script to determine the machine’s local IPV4 address,locate all files with the extension “cfg” in /home/mnt/, and replace all occurrences of “example.com” with that IP, and change the extension of each file to .conf. Is it do-able? Can any of you guide me? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/c33b2bc1-e88d-4924-a3a5-cf59d3c3ce2e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Re: MySQL Replication
I have doubts in setting up the slave. In the slave mysql I need to do the following CHANGE MASTER TO > MASTER_HOST='masteripaddress', > MASTER_USER='repl', > MASTER_PASSWORD='password', > MASTER_LOG_FILE='mysql-bin.01', > MASTER_LOG_POS=98; start slave how will i get these values from the master in runtime and pass them to slave machine. Thanks in advance On Friday, March 28, 2014 8:38:51 PM UTC-4, Gayatri Swaminathan wrote: > > Hi, > > I am trying to setup a simple MySQL replication module using puppet. I am > sure there are recipe's to learn from. Since I am in the learning phase I > find PuppetLabs/MySQL difficult to comprehend. It would be great if any of > you could share a basic recipe for the same that will help me reproduce it. > Thanks. > > g3kr > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/b250d2fb-d92d-4c8c-9edd-6bd109f5f409%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [Puppet Users] separate puppetmaster ca server
On 31/03/14 08:48, Spencer Krum wrote: The puppetmaster doing catalog compilation, puppetmaster-client in your case, does verify that the client cert is not in the CRL. However, you have to help it out a bit. For one, you need the puppetmaster-client to get the most recent CRL from the puppetmaster (the CA server) on a regular basis, often you can do this by running puppetmaster-client in agent mode against puppetmaster, but you could also have a cron job to sync the files. For two, in some cases you need to restart apache in order to re-read the CRL. Running `puppet agent` on puppetmaster-client worked, thanks. And yep, after that I needed to restart the puppetmaster daemon on that server. Thanks again. -- Postgresql & php tutorials http://www.designmagick.com/ -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/5338AE74.2020009%40gmail.com. For more options, visit https://groups.google.com/d/optout.
[Puppet Users] Is ensure_resource() evil?
Over the years I've heard a lot of people declare one function/method/implementation of something to be "evil". I've found that, more often than not, the person declaring it to be bad has simply been burned by trying to use it for something the function was never intended to be used for. (Usually an easy trap due to incomplete documentation.) So I wonder, are ensure_resource and create_resources really evil, or just too easy to abuse in evil ways? On Fri, Mar 28, 2014 at 9:06 AM, jcbollinger wrote: > > > Ensure_resource() is evil. Do not use it. > -- Perfection is just a word I use occasionally with mustard. --Atom Powers-- -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAF-H%3DOmP6dV9oXqZnrFSzYucPAYasGdyA1x2dW%3DhkLtEJ%3D_TNg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
