As has already been suggested, make the change yourself, submit a patch.
You have indicated several times that this isn't that big a change.
Further, it's a change that is clearly only of benefit to you at this
point, so trying to convince others to do it for you is pointless. If you
*really* wa
On Fri, Jun 15, 2012 at 6:44 PM, Deepak Giridharagopal <
dee...@puppetlabs.com> wrote:
> On Fri, Jun 15, 2012 at 3:20 PM, Brian wrote:
>
>> After upgrading to 0.9.1, one of my hosts fails with a
>> NullPointerException in PuppetDB. Other hosts still work fine.
>
>
I've created http://projects.pup
Michael, I would configure report delivery via http and user access via https.
Simple "Allow" rules for your host netblocks plus a rewrite to https based on
the browser-agent would meet your needs. It WFM ;-)
On Jun 15, 2012, at 9:28 AM, Michael Altfield wrote:
> I'm also having this issue runni
On Fri, Jun 15, 2012 at 3:20 PM, Brian wrote:
> After upgrading to 0.9.1, one of my hosts fails with a
> NullPointerException in PuppetDB. Other hosts still work fine.
>
Are you perhaps on a RPM-based distro? If so, does an upgrade from 0.9.1-1
to 0.9.1-2 resolve the issue?
deepak
>
> puppet
On Jun 15, 2012, at 8:19 AM, Nan Liu wrote:
> To support purging, the puppet type need to to be able to query all
> instances of the resource. In this case because ssh_authorized_keys
> can write to different file locations, it does not have the ability to
> detect all ssh keys that exists on the s
Due to a packaging error, the packaged rpms of puppetdb contained old
source files. New packages (0.9.1-2) have been uploaded to
yum.puppetlabs.com. Please let us know if you have any issues.
--
Matthaus Litteken
Release Manager, Puppet Labs
--
You received this message because you are subscrib
On Jun 15, 2012, at 3:25 PM, Ashley Penney wrote:
> I figure I should clarify a little bit. Unless my understanding of Puppet
> internals is way off it would be quite a lot of work to add the filter as it
> stands. A lot of code would have to change internally to make it capable of
> filtering
On Jun 15, 2012, at 3:13 PM, jcbollinger wrote:
> You seem to be interpreting many of the responses as assertions that you
> shouldn't want what you're asking for. I don't think anyone is saying that,
> at least not at the level of generality at which you responded to David. On
> the other han
Again, this is small-shop thinking. That's not manageable with multiple diverse
teams, all of whom have different needs and different ideas of what is
considered safe. It also requires one additional tag to every resource, which
would be easily 1000 lines in this site already and its still smal
On Friday, June 15, 2012 11:32:11 AM UTC-5, tas wrote:
>
> By the way,
>
> sudo puppetd -tdvdid this again I receive the same SSL error
>
> My /etc/hosts on client looks like this
> 134.74.77.21 ghive-ldap.domain.com ghive-ldap puppet
>
> On the client I have this
> 127.0.0.1 local
On Fri, Jun 15, 2012 at 2:41 PM, Jo Rhett wrote:
>
> But your main argument is:
>
> but like most people I feel this adds a lot of complexity for very little
> gain.
>
>
> It's an odd phenomena, in that this wouldn't affect anyone not using the
> filter at all, but because they don't see a need
On Friday, June 15, 2012 1:26:08 PM UTC-5, Jo wrote:
>
> On Jun 15, 2012, at 12:35 AM, David Schmitt wrote:
>
> No. I'm saying that either you need to manage (outside of puppet) when
> your services restart OR you don't care when your services restart.
>
>
> I find this odd, since more than 90%
Ok, thanks for your help Alan. BTW, I forgot include our puppet version -
it's 2.7.0.
Cheers,
Guy
On Fri, Jun 15, 2012 at 2:40 PM, Alan Evans wrote:
> From what I understand if you use the 'lens' attribute on the augeas
> resource type the augeas ruby library does essentially the same thing
> a
On Friday, June 15, 2012 1:36:41 PM UTC-5, Jo wrote:
>
> On Jun 15, 2012, at 7:16 AM, jcbollinger wrote:
>
> You could conceivably combine that general idea with tags, so as to apply
> only changes considered safe on most puppet runs, but allow everything to
> be applied together in maintenance
>From what I understand if you use the 'lens' attribute on the augeas
resource type the augeas ruby library does essentially the same thing
as --noload for augtool. Otherwise (unless its been fixed) every time
you use the augeas resource it opens the augeas-ruby library which
parses all lenses aug
Ok, thanks for the info. Are you implying that the puppet augeas resource
type acts in '--noload' mode, then?
I tried doing the fully qualified set statement but it still does nothing,
unfortunately.
On Fri, Jun 15, 2012 at 2:20 PM, Alan Evans wrote:
> Guy,
>
> The way augeas works is each lens
On Fri, Jun 15, 2012 at 1:27 PM, kai wrote:
> I get it now! Since the CA signed the agents cert the LB knows that the
> agent cert is valid because the LB has the CA cert and key to validate
> with. So, what is the point of the CA storing all the signed agent certs?
Yes, but one more detail; th
Guy,
The way augeas works is each lens has filters for which files it
should include and exclude. The --noload switch tells augtool not to
automatically load the lenses in /usr/share/augeas/ so it does not see
these filters. You then have to manually load a lens and tell it
which files to parse.
After upgrading to 0.9.1, one of my hosts fails with a NullPointerException
in PuppetDB. Other hosts still work fine.
puppet agent log-
Fri Jun 15 17:10:23 -0400 2012 Puppet (err): Could not retrieve catalog
from remote server: Error 400 on SERVER: Could not retrieve resources from
the PuppetDB
Yeah, I tried --debug in my puppet command and it didn't give me any
errors. In my original message i did say I tried doing the set from augtool
and it worked, but I just tried it again with augtool --noload and it can't
find anything to do with the sudoers file. It's like it's not reading the
file
Guy,
Check the debug output of the agent. puppetd --debug or puppet agent
--debug (I think)
Or try running the same set with augtool from the command line.
# augtool --noload
augtool> set /files/etc/php5/fpm/php.ini/PHP/error_log /var/log/php/php.log
augtool> print /augeas//error
See what the
I get it now! Since the CA signed the agents cert the LB knows that the
agent cert is valid because the LB has the CA cert and key to validate
with. So, what is the point of the CA storing all the signed agent certs?
--
You received this message because you are subscribed to the Google Groups
Finally got this working. I tried the below config, didn't help then
actually rebooted the server itself, and hooray! Weird how these things
work..
Case closed!
Thanks for all your help
Jason
On Thursday, June 14, 2012 6:48:57 PM UTC-4, nseagoon wrote:
>
> Legacy perhaps, but we have:
>
Comments in line again
On Friday, June 15, 2012 2:13:08 PM UTC-5, Ryan Coleman wrote:
>
> I won't get a chance to replicate your situation and test further
> until this weekend. Apologies.
>
> On Fri, Jun 15, 2012 at 12:01 PM, llowder
> > Since I have the tarball, is there a way I can a) get a l
I have an application package that needs to be installed on certain
application servers but before it can be installed, database access has to
be setup on a database server.
I have figured out how to export a resource on the app server that gets
collected and realized on the database server, b
I won't get a chance to replicate your situation and test further
until this weekend. Apologies.
On Fri, Jun 15, 2012 at 12:01 PM, llow...@oreillyauto.com
wrote:
> Since I have the tarball, is there a way I can a) get a list of deps and b)
> manually install them? Do I just unpack into /usr/share
On Fri, Jun 15, 2012 at 11:51 AM, kai wrote:
> If the LB does not have all the signed agent's certificates, how will it
> know which agent is valid. All the signed certs are stored on the CA which
> is behind the LB.
>
The same way your web browser knows https://www.puppetlabs.com is valid
witho
Comments inline
On Friday, June 15, 2012 1:21:44 PM UTC-5, Ryan Coleman wrote:
>
> Hello,
>
> Unfortunately, there looks to be a couple of bugs impacting this.
>
> One is http://projects.puppetlabs.com/issues/14939 affecting
> --modulepath . and the other is related to but not exactly
> http:/
On 06/15/2012 02:18 AM, Jeff McCune wrote:
The name the agent uses to contact the master must be listed in the
master certificate's Subject or Alt Names field.
puppet is a name that is in the alt names field.
If you add 10.0.0.2 puppet to the hosts file on the agents, then you
need to make sure
If the LB does not have all the signed agent's certificates, how will it
know which agent is valid. All the signed certs are stored on the CA which
is behind the LB.
I'll try and figure out how to just copy the signed certificate and the
private key associated with that certificate from the CA t
I've recently configured a couple of augeas resources, one for a php.ini
file and one for sudoers, however neither set of changes is being saved. I
have no idea why. The sudoers resource is here:
augeas { 'set_sudoers':
context=> '/files/etc/sudoers/spec[user="%sudo"]',
changes
On Jun 15, 2012, at 10:00 AM, Ashley Penney wrote:
> Like most other posters so far I think that this would be such a fundamental
> change that it should come in a major version if anything. I wouldn't be
> opposed to the idea of being able to filter on parameters when doing a
> subscribe/notif
On Jun 15, 2012, at 7:16 AM, jcbollinger wrote:
> You could conceivably combine that general idea with tags, so as to apply
> only changes considered safe on most puppet runs, but allow everything to be
> applied together in maintenance windows. Getting the tags (only) in the
> right places cou
On Jun 15, 2012, at 12:35 AM, David Schmitt wrote:
> No. I'm saying that either you need to manage (outside of puppet) when your
> services restart OR you don't care when your services restart.
I find this odd, since more than 90% of the parameters that puppet provides for
configuration manageme
Hello,
Unfortunately, there looks to be a couple of bugs impacting this.
One is http://projects.puppetlabs.com/issues/14939 affecting
--modulepath . and the other is related to but not exactly
http://projects.puppetlabs.com/issues/show/14528.
These are both bugs on our queue to address. I apolog
Please disregard, I dug deeper into the online docs and discovered that I
> had to set this in a config file and not just rely on the env variables.
>
>
My apologies.. I spoke too soon.
In my puppet.conf, I have:
http_proxy_host=http://user:passw...@proxy-address.tld
http_proxy_port=3128
The
Please disregard, I dug deeper into the online docs and discovered that I
had to set this in a config file and not just rely on the env variables.
On Friday, June 15, 2012 12:47:14 PM UTC-5, llo...@oreillyauto.com wrote:
>
> I'm running puppet in a local VM to do some testing, and all of our
>
I'm running puppet in a local VM to do some testing, and all of our systems
are behind a proxy. I've got the http_proxy environment variable set
properly, but when I try to use puppet module install it doesn't seem
to honor it and can't connect.
I used wget to download it, but even when I use
* PUPPET LABS MONTHLY NEWSLETTER - JUNE 2012 **
Getting Started With Puppet
**Puppet Enterprise 2.5 Quick Start Guide: The fastest way to get up and
running with yo
On Fri, Jun 15, 2012 at 6:27 AM, kai wrote:
> Jeff,
>
> So the way I solved this is by exporting the /var/lib/puppet/ssl directory
> from the Puppet CA and mounting it on the LB, then making sure that the
> Puppet Masters have "certname = puppetlb.example.com" in their
> puppet.conf files.
> I wo
On Thu, Jun 14, 2012 at 11:20 AM, jcbollinger wrote:
>
>
> If finer grained event-handling behavior is desired, then it should be
> implemented as a general-purpose facility instead of as a one-off special
> case. For instance, it is conceivable that a future version of Puppet
> would allow for so
Thanks for the suggestion, Phillp. Keep this thread alive :))) I mean docs
are great, but sometimes a more comprehensive step-by-step like this one
might serve better.
Any case, anyone know how to deal with the latest issue I have above?
Thanks...
On Friday, June 15, 2012 12:44:44 PM UTC-4, P
Thanks you Nan, your answer is very clear about it.
I'd got template way.
Regards,
eduardo.
On 15 jun, 11:19, Nan Liu wrote:
> On Fri, Jun 15, 2012 at 6:21 AM, eduardo wrote:
> > Having advised :
> > 'it is highly recommended to migrate work from exec to native
> > Puppet types as qui
On Thursday, June 14, 2012 3:26:05 PM UTC-7, Ygor wrote:
>
> Without a default node definition as an absolute minimum,
> what is the Puppet Master supposed to do when queried by the Puppet
> Client/Agent ?
>
> I believe it will do exactly what your servers are doing: bupkis !
>
Minor point
By the way,
sudo puppetd -tdvdid this again I receive the same SSL error
My /etc/hosts on client looks like this
134.74.77.21 ghive-ldap.domain.com ghive-ldap puppet
On the client I have this
127.0.0.1 localhost
127.0.1.1 ghive-ldap
10.10.0.57 ghive-ldap.domain.com ghiv
Hi,
I'm also having this issue running puppet-2.7.16 & puppet-dashboard-1.2.9
on CentOS 6.2. Has there been any solution to this yet besides running
redundant vhosts?
In either case, can you please post your apache vhost configuration files?
On Monday, April 11, 2011 12:55:10 PM UTC-4, Mohamed
Thanks John.
Yes. So I have a similar node configuration setup, as described in the
previous post. I am writing out these steps so I can document this and
hopefully will benefit more people
on master:
service puppetmaster stop
service puppetmaster start
on client
service puppet stop
puppet
Yes! That's the page I followed in the first place. still can't understand
what possibly going wrong. Cheers!!
On Friday, June 15, 2012 1:42:03 PM UTC+1, Stefan Heijmans wrote:
>
>
> did you check/follow this page?
> http://docs.puppetlabs.com/dashboard/inventory_support.html
>
>
>
--
On Fri, Jun 15, 2012 at 6:21 AM, eduardo wrote:
> Having advised :
> 'it is highly recommended to migrate work from exec to native
> Puppet types as quickly as possible.'
>
> Is there any chance to purge keys ?
>
> Do nothing writing resources { "ssh_authorized_key": purge => true }
> in my in
"ensure => absent" is the standard syntax for all Puppet types.
On Fri, Jun 15, 2012 at 6:21 AM, eduardo wrote:
> Having advised :
> 'it is highly recommended to migrate work from exec to native
> Puppet types as quickly as possible.'
>
> Is there any chance to purge keys ?
>
> Do nothing wr
On Thursday, June 14, 2012 6:39:36 PM UTC-5, tas wrote:
>
> Dear Ygor,
>
> Thank you for the guidance.
> I didn't know we have to specify one... almost every single tutorial I
> visit didn't mention it :( bad...
>
> http://pratikamin.wordpress.com/2011/05/24/turning-a-blueprint-puppet-recipe-in
On Friday, June 15, 2012 2:35:47 AM UTC-5, David Schmitt wrote:
>
> On 14.06.2012 21:29, Jo Rhett wrote:
> > On Jun 14, 2012, at 8:51 AM, David Schmitt wrote:
> >> When something changes the service has to be notified.
> >> When the service should not be restarted, puppet should not be running
On Thursday, June 14, 2012 2:24:40 PM UTC-5, Jo wrote:
>
> How do you deal with dependency cycles around things like the root user?
> I'm ending up defining files with uid=>0,gid=>0 rather than root, root
> just to avoid dependancy cycles.
>
I avoid run stages. They provide nothing that you
On Fri, Jun 15, 2012 at 2:53 AM, Sam wrote:
> Noob question. I read that init.pp should contain a class with the same
> name as the module itself. However, the few modules on github that I
> have read so far seem to break this. The module name will be like
> "our-super-version-of-nagios"
On Thursday, June 14, 2012 8:31:23 AM UTC-5, Andy Botting wrote:
>
> My question is, can I lookup a value from an existing object in a similar
> way to this:
>
> $andy_home = $::role ? {
> special_case => '/andy',
> default => '/home/andy',
> }
>
> user { 'andy':
> home => $andy_home,
On Thursday, January 26, 2012 11:24:19 AM UTC-6, Gary Larizza wrote:
>
>
>
> On Thu, Jan 26, 2012 at 7:55 AM, Alexander Swen wrote:
>
>> hi,
>>
>> in the logs of our 2.7.10 puppet master we find messages like these:
>> Dynamic lookup of $functie at /etc/puppet/manifests/server_classes.pp:52
>> i
Thank you Jeff, this is exactly what the problem was. I replaced
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_CLIENT_VERIFY
with
ssl_client_verify_header = HTTP_X_CLIENT_VERIFY
ssl_client_header = HTTP_X_CLIENT_DN
and it worked. I was following the examples from the Pro P
Jeff,
So the way I solved this is by exporting the /var/lib/puppet/ssl directory
from the Puppet CA and mounting it on the LB, then making sure that the
Puppet Masters have "certname = puppetlb.example.com" in their puppet.conf
files.
I wonder if there's better way to do this, as the LB actuall
Having advised :
'it is highly recommended to migrate work from exec to native
Puppet types as quickly as possible.'
Is there any chance to purge keys ?
Do nothing writing resources { "ssh_authorized_key": purge => true }
in my init.pp module.
Regards,
eduardo.
On 13 jun, 13:02, eduar
Op vrijdag 15 juni 2012 14:30:03 UTC+2 schreef Sans het volgende:
>
> Hi guys,
>
> Just wondering, if any one can tell me it it's a "certificate" related
> issue. Still can't find any thing obvious. Cheers!
did you check/follow this page?
http://docs.puppetlabs.com/dashboard/inventory_suppor
Hi guys,
Just wondering, if any one can tell me it it's a "certificate" related
issue. Still can't find any thing obvious. Cheers!!
On Thursday, June 14, 2012 9:57:28 PM UTC+1, Sans wrote:
>
> Forgot to mention that I'm also seeing these in the syslog:
>
> puppet-master[7035]: Denying access:
Hi,
I tried the fix but I stil get the same error message. Do I need to restart
the puppet master service after applying the fix ? thanks
Le vendredi 15 juin 2012 10:56:40 UTC+2, Sergey Zhuga a écrit :
>
> Hi, try to fix the module like that:
>
> --- params.pp.orig 2012-05-05 01:12:16.0
Hi,
Noob question.I read that init.pp should contain a class with the same
name as the module itself. However, the few modules on github that I
have read so far seem to break this.The module name will be like
"our-super-version-of-nagios", and then init.pp will contain the class
"n
Hi, try to fix the module like that:
--- params.pp.orig 2012-05-05 01:12:16.0 +0300
+++ params.pp 2012-06-15 11:53:13.0 +0300
@@ -32,7 +32,7 @@
}
case $::osfamily {
-'RedHat': {
+'RedHat', 'Amazon': {
$service_name = 'mysqld'
$client_pa
Hi all,
just installed the puppetlabs-mysql module for puppet on my Puppet server
which is an Amazon Linux (based on RedHat), but I get this error when I run
puppet agent --test :
*err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Unsupported osfamily: Linux operatingsyst
Wow... thanks all,
Very nice to see there such an active community! You've all given me some
great things to work with and ponder about. But the define seems exactly
what we need here Brian, although environments have the nice advantage of
being registered. Well... I know I'll be experimenting
On 14.06.2012 21:29, Jo Rhett wrote:
On Jun 14, 2012, at 8:51 AM, David Schmitt wrote:
When something changes the service has to be notified.
When the service should not be restarted, puppet should not be running
or the Service%restart parameter should be set to /bin/true.
That's far too black
On 14.06.2012 19:07, Deepak Giridharagopal wrote:
At least there is a potential for some user guidance. For example,
would the problem be adequately addressed if all manifests and data
were encoded in UTF-8 and the agent were ensured to run in a
UTF-8-based locale?
Correct on
68 matches
Mail list logo
