Re: [Puppet Users] Windows Puppet File Resource Getting Puppet Server's UNIX File Permissions
Yes the Windows client is updating the mode based on what the file
permission is in the puppet master's unix's file system, I did not see any
change messages about the uid or gid being changed. Let me know if you
need any more information or screen shots. I will be more than happy to
provide whatever is needed.
On Thu, Jan 17, 2013 at 9:56 AM, jcbollinger wrote:
>
>
> On Wednesday, January 16, 2013 3:35:46 PM UTC-6, Josh Cooper wrote:
>
>> Hi Alex,
>>
>> On Wed, Jan 16, 2013 at 12:49 PM, phundisk
>> wrote:
>> > I am noticing some very odd behavior with my puppet server and a
>> windows
>> > client.
>> >
>> > For my puppet server I have a module setup similar to this below...
>> Please
>> > note, I am not setting any permission on this file.
>> > file { "C:\\directory\\file.dll":
>> > ensure => 'present',
>> > source => "puppet:///modules/aaa/file.**dll",
>> > }
>> >
>> > The actual permissions in the unix filesystem is set to 644
>> >
>> > When I apply this to my Windows client, the puppet agent will change
>> the
>> > mode of the file already on the server to 0644, which is not what I
>> would
>> > expect puppet to do. I would expect since it is already there, it
>> would not
>> > even care about the permissions.
>> >
>> > I know this is taking the UNIX filesystem permissions because I chmod'd
>> the
>> > file on the filesystem to 0777 and when running puppet on Windows, it
>> took
>> > the new permissions.
>> >
>> > This becomes problematic because I am using puppet environments with an
>> SVN
>> > checkout system. Every time I update svn checkouts, it defaults to
>> 0644.
>> > Does anyone know if this is expected behavior or ways around this?
>>
>> This is "expected" in that windows agents emulate current *nix agent
>> behavior. With that said there are issues with the current behavior in
>> general. Currently, *nix agents will attempt to apply the remote
>> uid/gid to the local system, which may not be what you would expect.
>> See
>> http://projects.puppetlabs.**com/issues/5240.
>>
>>
>
>
> What I would expect on both Unix and Windows is that if the target file
> already exists and the resource declaration does not specify a mode, then
> the current mode will not be changed. It is not a managed property. The
> same applies to uid/gid. This is distinguished from the case of issue
> 5240, which is about the uid/gid to apply to a File resource if the target
> file is initially absent.
>
> Is the Windows client indeed emulating the Unix one here? In other words,
> are they *both* buggy, or is it just the Windows client?
>
>
> John
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/puppet-users/-/b3WN5RZXVWwJ.
>
> To post to this group, send email to puppet-users@googlegroups.com.
> To unsubscribe from this group, send email to
> puppet-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/puppet-users?hl=en.
>
--
_
This email and any files transmitted with it are confidential and intended
solely for the addressee. If you received this email in error, please do
not disclose the contents to anyone; kindly notify the sender by return
email and delete this email and any attachments from your system.
(c) 2011 Currensee Inc. is a member of the National Futures Association (NFA)
Member ID 0403251 | Over the counter retail foreign currency (Forex)
trading may involve significant risk of loss. It is not suitable for all
investors and you should make sure you understand the risks involved before
trading and seek independent advice if necessary. Performance, strategies
and charts shown are not necessarily predictive of any particular result
and past performance is no indication of future results. Investor returns
may vary from Trade Leader returns based on slippage, fees, broker spreads,
volatility or other market conditions.
Currensee Inc | 54 Canal St 4th Floor | Boston, MA 02114 | +1.617.624.3824
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.
Re: [Puppet Users] Re: Windows Firewall Question
Excellent, thank you for the link. On Tue, Mar 12, 2013 at 10:40 AM, Paul Tötterman wrote: > Does anyone know of this provider? If not I can start to make one with >> netsh but it will probably take me a while >> > > I really suggest you do it via the proper firewall COM API, e.g. with > powershell: > http://stackoverflow.com/questions/11956291/how-can-i-add-a-widows-firewall-rule-with-a-custom-group-name > . > netsh doesn't expose the whole firewall API. > > Cheers, > Paul > > -- > You received this message because you are subscribed to a topic in the > Google Groups "Puppet Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/puppet-users/XNcU3qDH6fc/unsubscribe?hl=en > . > To unsubscribe from this group and all its topics, send an email to > puppet-users+unsubscr...@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- _ This email and any files transmitted with it are confidential and intended solely for the addressee. If you received this email in error, please do not disclose the contents to anyone; kindly notify the sender by return email and delete this email and any attachments from your system. © 2011 Currensee Inc. is a member of the National Futures Association (NFA) Member ID 0403251 | Over the counter retail foreign currency (Forex) trading may involve significant risk of loss. It is not suitable for all investors and you should make sure you understand the risks involved before trading and seek independent advice if necessary. Performance, strategies and charts shown are not necessarily predictive of any particular result and past performance is no indication of future results. Investor returns may vary from Trade Leader returns based on slippage, fees, broker spreads, volatility or other market conditions. Currensee Inc | 54 Canal St 4th Floor | Boston, MA 02114 | +1.617.624.3824 -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
Re: [Puppet Users] Re: Hiera Environment Wildcard
So right now we use environment to both control specialized parameters
related to different networks such as LDAP server, DNS servers, and other
things that are related to the environment variable. We also use unique
environment names to setup different instances of our application. For
example, the environment sandbox, will create a version of our application
that is configured as in app-sandbox, sprint will create an environment
that is like app-sprint. (there are more configurations that this takes
care of beyond the naming), AWSandbox will create one related to AWSandbox.
ENVS
sandbox, sprint, qaprod = office network
awsprint, awsandbox, awqaprod = AWS env
production = production network
Part of the original thinking of puppet design was to only handle the
setups of these unique instances of our application (as we had multiple
puppet servers per environment BLAH ), the network environment based cases
which set LDAP servers and other settings came after.
So in reality, I have three main environments: office, aws, and production
and I need multiple sub environments per environment due to application
module we wrote. Makes me want to do some re-writing of our application''s
puppet module or maybe at least set another parameter within the host
called like 'appEnv' or something.
On Thu, May 30, 2013 at 2:47 PM, Ellison Marks wrote:
> I don't think there's a wildcard match functionality for hiera like that.
> If you interpolate the environment variable in you hierarchy, it will try
> to match the result exactly.
>
> On the other hand, if all of you "aw*" environments need the same data,
> I'm inclined to ask what they're doing in different environments?
>
>
> On Wednesday, May 29, 2013 12:05:31 PM UTC-7, phundisk wrote:
>>
>> I am looking to use hiera in my environment but I cannot get past one
>> thing. In our current puppet code we have some case statements based on
>> environments. The case statements are like the following...
>>
>> 'production' { do this }
>> /^aw/ { do this } # this is for all AWS stuff
>> 'aws' { do this } # this is the production like environment of AWS
>> otherenv { do this }
>> default { do this } # other server that default here
>>
>> I would like hiera to do the following order, hostname, environment,
>> common. I would also like to create one YAML file for all the AW* fîles
>> rather than create one for awtest, awsandbox, awetc. Is there a way to do
>> this in hiera that I am missing? Or will I need to re work some logic in
>> my puppet code?
>>
>>
>>
>>
>>
>>
>>
>> __**___
>> This email and any files transmitted with it are confidential and
>> intended solely for the addressee. If you received this email in error,
>> please do not disclose the contents to anyone; kindly notify the sender by
>> return email and delete this email and any attachments from your system.
>>
>> © 2011 Currensee Inc. is a member of the National Futures Association
>> (NFA) Member ID 0403251 | Over the counter retail foreign currency (Forex)
>> trading may involve significant risk of loss. It is not suitable for all
>> investors and you should make sure you understand the risks involved before
>> trading and seek independent advice if necessary. Performance, strategies
>> and charts shown are not necessarily predictive of any particular result
>> and past performance is no indication of future results. Investor returns
>> may vary from Trade Leader returns based on slippage, fees, broker spreads,
>> volatility or other market conditions.
>>
>> Currensee Inc | 54 Canal St 4th Floor | Boston, MA 02114 |
>> +1.617.624.3824
>>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Puppet Users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/puppet-users/-snT2LD2hGY/unsubscribe?hl=en
> .
> To unsubscribe from this group and all its topics, send an email to
> puppet-users+unsubscr...@googlegroups.com.
> To post to this group, send email to puppet-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/puppet-users?hl=en.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
--
_
This email and any files transmitted with it are confidential and intended
solely for the addressee. If you received this email in error, please do
not disclose the contents to anyone; kindly notify the sender by return
email and delete this email and any attachments from your system.
© 2011 Currensee Inc. is a member of the National Futures Association (NFA)
Member ID 0403251 | Over the counter retail foreign currency (Forex)
trading may involve significant risk of loss. It is not suitable for all
investors and you should make sure you understand the risks involved before
trading and seek independent advice if necessary. Performance, strategies
and charts shown are not necessarily predictive o
Re: [Puppet Users] Re: Hiera and environments
nevermind, i had a typo, its always a typo. i had a $ in my hiera file and
not a % which is needed
On Wed, Jun 5, 2013 at 2:18 PM, phundisk wrote:
> I am also having the same issue you were having. When I removed the
> '%{environment}' part of the datadir, hiera works fine, however for me to
> have different development stages, I need to be able to specify
> environments so I don't accidentally take down production with a change to
> hiera variable. Did anyone find a way for this to work?
>
>
> :yaml:
> :datadir: '/etc/puppet/environments/%{**environment}/hieradata/'
>
> On Wednesday, July 11, 2012 2:18:18 PM UTC-4, Luke Baker wrote:
>>
>> Ok, I was able to get this to work by removing my environments.
>>
>> /etc/puppet/hieradata/
>> ├── common.yaml
>>
>> /etc/puppet/hiera.yaml
>> ---
>> :hierarchy:
>> - common
>> :backends:
>> - yaml
>> :yaml:
>> :datadir: /etc/puppet/hieradata
>>
>> On Wednesday, July 11, 2012 10:42:20 AM UTC-5, Andreas Paul wrote:
>>>
>>> Hiera would look in your RedHat.yaml first, if you would tell hiera,
>>> that this lookup variable is available, by using
>>> hiera -d -c /etc/puppet/hiera.yaml sshpackages environment=development
>>> operatingsystem=RedHat
>>>
>>> Which would always get passed to hiera by puppet, along with all facter
>>> variables.
>>>
>>> I still can't seem to find anything wrong with your configuration though
>>> :(
>>> It's really bewildering that it's working with the CLI and not within
>>> puppet.
>>>
>>> Did you try adding
>>>
>>> :puppet:
>>> :datasource: data
>>> to your hiera.yaml?
>>>
>>> Do you have multiple hiera.yaml files by any chance?
>>>
>>> On Wednesday, July 11, 2012 3:02:34 PM UTC+2, Luke Baker wrote:
I've defined the sshpackages in common.yaml and RedHat.yaml - they're
slightly different (I was using the different packages to test lookups).
[root@puppet-dev ~]# cat /etc/puppet/environments/**
development/hieradata/common.**yaml
---
sshpackages: - 'openssh'
- 'openssh-clients'
permit_root_login : 'no'
[root@puppet-dev ~]# cat /etc/puppet/environments/**
development/hieradata/RedHat.**yaml
---
ssh_packages: - 'openssh'
- 'openssh-clients'
- 'openssh-server'
Output from hiera debug:
[root@puppet-dev ~]# hiera -d -c /etc/puppet/hiera.yaml sshpackages
environment=development
DEBUG: Wed Jul 11 07:52:41 -0500 2012: Hiera YAML backend starting
DEBUG: Wed Jul 11 07:52:41 -0500 2012: Looking up sshpackages in YAML
backend
DEBUG: Wed Jul 11 07:52:42 -0500 2012: Looking for data source common
["openssh", "openssh-clients"]
I would think that hiera would look up 'RedHat.yaml' first, since
'operatingsystem' is listed first in the hierarchy.
The hiera gems are installed:
[root@puppet-dev specifications]# gem list hiera
*** LOCAL GEMS ***
hiera (0.3.0)
hiera-puppet (0.3.0)
On Wednesday, July 11, 2012 6:01:40 AM UTC-5, Andreas Paul wrote:
>
> That's odd.
>
> Where do you define your sshpackages?
> Can you show the hiera debug output with
>
> hiera -d -c /etc/puppet/hiera.yaml sshpackages environment=development
>
> My hiera.yaml config file also contains
>
> :puppet:
> :datasource: data
>
> But I don't really know what this is for and puppet can still access
> hiera variables, if I remove this.
>
> You do have the hiera-puppet gem installed, right?
>
> gem list hiera
>
> *** LOCAL GEMS ***
>
> hiera (0.3.0)
> hiera-puppet (0.3.0)
>
> I guess you have, otherwise you would get an unknown function error in
> your puppetrun.
>
>
> On Tuesday, July 10, 2012 4:46:29 PM UTC+2, Luke Baker wrote:
>>
>> Hmm, I moved the config file to /etc/puppet/ but my client is still
>> giving me grief.
>>
>> On Tuesday, July 10, 2012 9:15:49 AM UTC-5, Andreas Paul wrote:
>>>
>>> AFAIK hiera-puppet looks for
>>> */etc/puppet/hiera.yaml*
>>> whereas the hiera CLI looks for
>>> */etc/hiera.yaml*
>>>
>>> You can still use the CLI by specifying the config file
>>> hiera -c /etc/puppet/hiera.yaml sshpackages environment=development
>>> or just symlink it :)
>>>
>>> On Tuesday, July 10, 2012 3:31:43 PM UTC+2, Luke Baker wrote:
Hey there,
I'm new to hiera and I' m looking to configure it to use multiple
environments. I'm able to query hiera keys from using the hiera CLI,
however my clients seem to be having problems identifying the look up
variables.
*On the puppet master, CLI query*
[root@puppet-dev puppet]# hiera -a sshpackages
environment=development
["openssh", "openssh-clients"]
*
Puppet master, testing
