Hi Ralf
I totally agree with you. Hence with the above solution we can have a
little bit more control over our systems.
Thanks
> if a user can change /etc/hosts or any other system file, he must have
> root privileges. There is little you can do about it. We have a
> similar environment and it's
On Apr 4, 2011, at 1:39 PM, Patrick wrote:
>
> On Apr 4, 2011, at 11:48 AM, Jacob Helwig wrote:
>
>> 1. Reports will need to be converted to a new schematized format when
>> upgrading (#5459). Rather than just storing reports as serialized
>> YAML in the database as is currently done in v1.0.
Hi Thomas, sorry for the slow reply on this and lack of packages for
testing. We messed up and forgot to put packages out with Dashboard
for the RC or the release. This should be fixed now for the release,
and we've updated our RC checklist to make testing packages for the
next time.
We definite
Doug, I wonder why you can't selectively include? Requiring a module by
default and not realizing the resources inside it could be very frustrating
to troubleshoot.
On Thu, Apr 7, 2011 at 5:29 PM, Nigel Kersten wrote:
> On Thu, Apr 7, 2011 at 3:28 PM, Douglas Garstang
> wrote:
> > I'd like to b
On Thu, Apr 7, 2011 at 3:28 PM, Douglas Garstang
wrote:
> I'd like to be able to always include all modules at the top level, but in
> certain modules, have some logic that uses extlookup to determine if it
> should be enabled. What's the best way to use if; then; else to exit a
> module, and stop
On Thu, Apr 07, 2011 at 10:51:04AM -0700, Corey Osman wrote:
> puppet resource ssh_authorized_key (this returns nothing)
>
> puppet resource ssh_authorized_key username (this returns the following)
Hmm, yes, the ssh_authorized_key key parameter isn't the username. Though
that is not a very opt
I believe you will need with .24 a [puppetd] section (i subsequently looked up
the namespace name] in your puppet.conf file. This will tell puppet it should
also act as a client.
Cheers,
Den
On 08/04/2011, at 8:22, Saurval wrote:
>
> At the time of the last run I did not have a nodes.pp incl
Hi,
I believe that you can only do this in the node definition - though the
documentation doesn't specifically say this.
Cheers,
Den
On 07/04/2011, at 16:49, Jens Bräuer wrote:
> Hi all,
>
> i try to run a puppet-setup that is not based on hostnames, but facts i
> supply to facter. The idea
I'd like to be able to always include all modules at the top level, but in
certain modules, have some logic that uses extlookup to determine if it
should be enabled. What's the best way to use if; then; else to exit a
module, and stop processing, based on some condition?
Doug.
--
You received th
Hi,
Don't like the sound of your predicament :)
Could you use different module paths like you do with 'environments'.
Traditionally these are used for 'production, testing, devel' but there in no
limit on what you call them.
Then the nodes subscribe to that particular environment that points t
At the time of the last run I did not have a nodes.pp included in my
configuration. I had added one with a node definition, but it has
made no difference, I get the same error reported originally
err: Could not retrieve configuration: Could not find
jenkins.example.com with names jenkins.example
Hi,
First is what name is defined in the node definition.
Then I would check the puppet.conf for the client settings (l think in .24 it
is the [client] section).
After that ... I'd have to keep fiddling at the console.
Cheers,
On 08/04/2011, at 1:56, Saurval wrote:
>
> I am on CentOS 5.4 runn
Hi all,
i try to run a puppet-setup that is not based on hostnames, but facts i supply
to facter. The idea is described here
https://github.com/jordansissel/puppet-examples/blob/master/nodeless-puppet/README.rdoc,
but a basic example would be
if has_role("loadbalancer") {
include lo
Hi all,
i try to run a puppet-setup that is not based on hostnames, but facts
i supply to facter. The idea is described here
https://github.com/jordansissel/puppet-examples/blob/master/nodeless-puppet/README.rdoc,
but a basic example would be
if has_role("loadbalancer") {
include loadb
Greetings all
Am trying to solve a problem, not entirely sure I'm approaching it
from the right angle.
Setting up a reasonably big site (servercount in the four digits) with
puppetmaster and clients (puppet 2.6.x). We are required to have
versioned modules (base SOE module, app X module, app Y mod
Hi,
>> Are you trying to trigger a puppet run when a particular file changes?
> Yes, this is what I exactly want to do. For example, if a user changes
> /etc/hosts file (via vim for instance), it will be corrupted until the next
> run. What if I don't want to wait until the next run?
if a user c
I am on CentOS 5.4 running
puppet-0.22.4-1.el5.rf
puppet-server-0.22.4-1.el5.rf
I am a little stumped on this one.I imagine it is something simple
I am missing. but basically the puppetmasterd cannot talk to a
puppetd instance running as a client on the same host.
The error I am getting is
Hi,
I've configured the storeconfig for the exported resources and created the
files based on the collected resources.
It has been working fine until now then all in suddenly it stopped working.
When I looked into the problem, other than looking inside the database or
running the host with the deb
http://projects.puppetlabs.com/projects/1/wiki/Certificates_And_Security
answer is buried in that link, All good to go now.
Thanks
On Apr 7, 8:22 am, trey85stang wrote:
> When I generate a cert on the puppetmaster, where do I get the cert,
> andwhere do I put them on the client so everything
One workaround is to also is to set user first to "absent" that will delete
the user. Once that is done, create the user with "ensure -> present" and
that will create user with correct home directory. Keep in mind that above
doesn't delete a home directory either so all you really loose is the ti
A while ago, I noticed a *.spec file in the puppet distribution - but
I think it was out of date. I could use that to distribute an RPM.
Curious, do you separate out the client/server portions for
installation or just install the whole thing on client systems.
This will be different for us when
Thank you! There were indeed spaces at the end of lines.
Arthur
--
Arthur Clune
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
I can't seem to get the authorized_key type to work at all on my systems.
Below is my configuration that I used. I could have something missing but the
examples I see make it difficult to compare. Additionally if I try and do the
reverse using puppet resource nothing comes up:
puppet resourc
On Apr 7, 3:27 am, Arthur Clune wrote:
> On Thu, Apr 7, 2011 at 5:26 AM, Ben Hughes wrote:
> > I tried to recreate this, but your mailer has munged all the lines to fit
> > in 80 columns, so I can't tell where all the breaks should be, so can't
> > test it. Could you pastie or similar it?
>
> Th
Thanks guys, I only read READMEs and RELEASE NOTES when it does not work :)
On Wed, Apr 6, 2011 at 11:55 PM, Nigel Kersten wrote:
> On Wed, Apr 6, 2011 at 8:51 PM, Tony G. wrote:
>
>> Not completely related, but I was under the impression that clients
>> shouldn't be higher than the masters, di
On Apr 6, 4:16 pm, Forrie wrote:
> > Sounds like a bug to me. A user with managehome => true but no home
> > directory should not be in sync. You may want to report this (or vote on
> > the bug if it's been reported already).
>
> I wasn't able to find a bug similar to this based on the search
>
Hi again,
I've been thinking a little more and got more ideas, but I
don't know if they're possible, so I'll appreciate some expert opinion
on them:
1.-) modify authorized_key provider (create my own) where user
param accepts an array of elements (users)
user => [ 'user1' , 'user2' , ...
On Thu, Apr 7, 2011 at 3:04 PM, Felix Frank wrote:
> note here http://docs.puppetlabs.com/references/stable/type.html#file
> that sourceselect "is only used in recursive copies".
>
ah ok. thanks
Single files cannot be merged. After all, how would you define the merge
> of two files?
>
concat :
Hullo,
On 04/06/2011 04:54 PM, Douglas Garstang wrote:
Because the correct combination of packages isn't always available as
RPM's. This is a production environment. We don't install anything
from gem's.
As you mentioned you are using Centos 5.5 this might not be too helpful
to you but we ha
When I generate a cert on the puppetmaster, where do I get the cert,
andwhere do I put them on the client so everything will work?
Im prepping up for a deployment and have been looking through a lot of
threads on the best way to deal with this.. but I havent seen one that
says where to put the fi
Hi,
On 04/07/2011 02:44 PM, Brett Cave wrote:
> Hi,
>
> I am trying to configure a file resource with multiple sources, and
> browsing list archives and forums seems to indicate that sourceselect
> parameter with an array for the source param. But the final file gets
> created using the first mat
> Something similar and maybe easier would be monit.
>
> Cheers,
Hi Denmat
I had a quick look at monit and it looks really good.
Thanks for your answer and suggestion.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, sen
Hi,
I am trying to configure a file resource with multiple sources, and browsing
list archives and forums seems to indicate that sourceselect parameter with
an array for the source param. But the final file gets created using the
first matching parameter in the array.
file { '/etc/sysconfig/m
Ohad,
I can't thank you enough for that tip.
Solved every error that was occurring by disabling CRL. I realise this is
not desirable, so I will get my init scripts generating separate
certificates for the puppet agent running on the masters.
Again, thank you very much.
--
You received this m
On Thu, Apr 7, 2011 at 10:03 AM, Andrei Serdeliuc wrote:
> It now seems to work, I was doing 2 things wrong: not restarting Apache
> (the master runs under apache + passenger) after certificates were
> generated. That fixed the initial SSL error (apache was using an older
> certificate, the ones g
Hi,
Something similar and maybe easier would be monit.
Cheers,
On 07/04/2011, at 19:26, John Chris Richards
wrote:
>> You can probably use inotify it something similar for this functionality
>
> Hi Scott
>
> I saw your post just now and I am sorry for this late answer.
> I also thank you ve
It's been suggested that I just create the output string in code,
which works fine. I've put a working version in the gist.
> https://gist.github.com/907330
--
Arthur Clune art...@clune.org
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To p
> You can probably use inotify it something similar for this functionality
Hi Scott
I saw your post just now and I am sorry for this late answer.
I also thank you very much too for your answer.
Hence from your post I conclude that puppet does not handle these type
problems so I should use an ext
On Thu, 7 Apr 2011 02:07:52 -0700 (PDT)
ccm ccm wrote:
> Hey.
Hi ccm.
> have a look at my last posting:
>
> http://groups.google.com/group/puppet-users/browse_thread/thread/d74262daca8c0e8f
>
> I wrote a small wrapper that might help you here.
Nice, but how to add same key to several account
Hey.
have a look at my last posting:
http://groups.google.com/group/puppet-users/browse_thread/thread/d74262daca8c0e8f
I wrote a small wrapper that might help you here.
Best,
ccm.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to t
Hi all,
I'd like to add one ssh_key to several (1500) user accounts.
Accounts share some prefix, so I was thinking on a regular expression,
but after reading language_guide, I understood that I cannot use
reg.expr for that.
So, I have a couple of ideas:
1.) define authorized_keys file like:
On Thu, Apr 7, 2011 at 5:26 AM, Ben Hughes wrote:
> I tried to recreate this, but your mailer has munged all the lines to fit
> in 80 columns, so I can't tell where all the breaks should be, so can't
> test it. Could you pastie or similar it?
Thanks for looking at this. I've put it up at gist
h
On 04/06/2011 09:16 PM, Chad wrote:
> Well I kind of figured it out (though not how I like).
>
> I had to move these lines
>
> node_terminus = exec
> external_nodes = /.foo/bin/puppet_node_classifier.sh
>
> out of my [development] area into my [main] in puppet.conf.
>
> Once I did that I was ab
Hi,
I have a separate CA server. On each master I've configured in puppet.conf
certdnsname to the domains the masters will be accessed as, but the signed
certificates don't seem to reflect that (openssl x509 -text -in ...).
The CA server has certdnsname configured as well, and it's signed
cert
It now seems to work, I was doing 2 things wrong: not restarting Apache (the
master runs under apache + passenger) after certificates were generated.
That fixed the initial SSL error (apache was using an older certificate, the
ones generated didn't match, etc).
All works fine now, unless I try
45 matches
Mail list logo
