Per https://docs.puppetlabs.com/puppet/3.7/reference/lang_node_definitions.html
"If site.pp contains at least one node definition, it must have one
for every node"
if you want the default behavior to be to just pull in classes from
hiera, then I would recommend wrapping your hiera_include in the
That is actually where it is failing. Does /home and /home/admin exist?
Does puppet have permission to create it?
On Thursday, March 31, 2016, Patrick G. wrote:
> Nope …
> With new users this should create the directory.
>
> The debug log shows:
>
> Debug: Creating /home/admin/.ssh
>
>
> But it
Can you see the name of the defined type in the template? How about
just deriving $developer from that?
- Chad
On Thu, Oct 29, 2015 at 9:24 AM, jcbollinger wrote:
>
>
> On Thursday, October 29, 2015 at 1:05:16 AM UTC-5, Jakov Sosic wrote:
>>
>> Hi guys.
>>
>> I have an issue with scope changes,
Take a look at this page:
http://docs.puppetlabs.com/hiera/3.0/puppet.html . The section
entitled "Automatic Parameter Lookup" explains how to specify puppet
class parameters in hiera.
- Chad
On Tue, Sep 15, 2015 at 7:23 PM, Chris Jefferies wrote:
>
>
> At my office we use puppet hiera. The gen
I am not necessarily condoning this, but puppet has a "schedule"
metaparameter that can control when a resource may be managed. That
would solve half the problem. You could probably manage it in the
other state using the same trick, but you have to "trick" puppet by
giving the resource another na
Hi Peter,
Your instinct is correct. Just like many programming languages
that allow you to keep all of your code in one file (or one function,
even), it's not a good idea. As you mentioned, you can use import to
pull in other files, but the better solution is to use puppet's
autoloading func
I believe what you are trying to do is create a module named 'test'.
In order to know about your module, you need to provide the
'modulepath' parameter to puppet.
There are a couple other things you probably want to do. In your
tests/manifests/init.pp, you should wrap everything in a class
declar
In that example, 'role' is a module, and 'role::somerole' is a class
in that module:
/etc/puppet/modules/role/manifests/somerole.pp:
class role::somerole {
...
}
- Chad
On Sat, Oct 26, 2013 at 7:58 AM, Steven Jonthen
wrote:
> I've a question:
> What does this mean/how is this realized?:
> '::r
Remember that a puppet manifest is not a script. You are simply
making an unordered list of resources to apply to a host. With that
in mind, a "break" statement just doesn't make sense.
I do feel your pain, though, and have struggled with the same issue
myself. It feels wrong to have most of th
This is amusing to me, because I spent an hour or so the other day
trying to turn hiera logging *on*. If you are using a syslog
facility, the hiera debug stuff does not seem to go to the log
(actually gets logged at level :info, rather than :debug). I had to
add the --logdest option in rack to ha
I'm pretty sure we need more information than that.
1. Is puppet using the proper hiera.yaml? The command line client at
least used to use a different config than puppet (/etc/hiera.yaml vs
/etc/puppet/hiera.yaml). It sounds like you have this right, if you
are able to pull basic variables from
The first question is why can't you manage everything in
/opt/local/scripts with puppet?
But assuming that you have to do it the way you describe, here is a
terrible solution: manage subdirectories of /opt/local/scripts (e.g.,
/opt/local/scripts/Common, /opt/local/scripts/redhat). Then you can
ha
LIke this:
class profile::zabbix20::server (
bind_ip,
...
) {
class { '::zabbix20::server':
bind_ip => $bind_ip,
...
}
}
Then your hieradata would set
in a.b.c.d.yaml:
profile::zabbix20::server::bind_ip: 1.2.2.3
in x.y.z.w.yaml:
profile::zabbix20::server::bind_ip: 1.2.3.4
That
Yes, that will work. We actually do something slightly ickier, so the
data all stays in hiera:
hiera hierarchy:
- nodes/%{hostname}
- ...
- roles/%{role}
nodes/foo.yaml:
...
role: desktop
classes:
- "roles::%{role}"
node default {
$role = hiera('role')
include hiera('classes')
Hi James,
We are in a similar situation. I think of it slightly
differently, though. We are trying to use the roles/profiles pattern,
and I am having trouble figuring out how to get hiera to use the
profile to do the lookup. So rather than explicitly listing the
values in the hierarchy, I wa
;
variable before it interprets the hierarchy. I am going to try to
hack the same thing into the yaml backend, as well as file a bug (or
+1 one) about it.
- Chad
On Thu, Feb 14, 2013 at 2:19 PM, jcbollinger wrote:
>
>
> On Thursday, February 14, 2013 12:08:17 PM UTC-6, Chad Huneycutt wrote:
erence/lang_variables.html#parser-set-variables
>
> --
> Brian Lalor
> bla...@bravo5.org
>
> On Feb 13, 2013, at 6:17 PM, Chad Huneycutt
> wrote:
>
> I have been following the various blog posts about the roles and
> profiles pattern for classifying hosts, and I like it.
bruary 13, 2013 5:17:40 PM UTC-6, Chad Huneycutt wrote:
>>
>> I would like to have a hiera.yaml like so:
>>
>> ---
>> :backends:
>> - yaml
>> :hierarchy:
>> - nodes/%{::hostname}
>> - profiles/%{class_name}
>> - common
>> :yaml
I have been following the various blog posts about the roles and
profiles pattern for classifying hosts, and I like it. It doesn't
provide a perfect fit for our infrastructure, but it is much better
than the ad-hoc classification we do now. I have a couple of
questions for those that use it, thou
I totally cheated to achieve module-local data as well as site-local data.
I copied the yaml.rb hiera backend and renamed it siteyaml.rb, then
made a few modifications in the .rb file to reflect the name change.
The result is that I can add an additional back-end with a second datadir.
:yaml:
--config
Depending on your OS, you can set this as the default option for the
service in /etc/sysconfig/puppet or /etc/default/puppet.
- Chad
On Thu, Jan 31, 2013 at 8:31 PM, Jason Knudsen wrote:
> Hey guys,
>
> Does anyone know how to change the location of puppet.conf? In my situation,
> I d
Install iptables before running puppet? There is some amount of setup
you will have to do before puppet will run the first time. For
instance, you have to install puppet and the iptables module!
- Chad
On Thu, Jan 31, 2013 at 2:12 PM, Ellison Marks wrote:
> Is it fine after the first run?
>
>
Depending on what you are trying to do, using facts in your datadir
can achieve a similar purpose:
:yaml:
:datadir: /etc/puppet/environments/%{environment}/data
So you in essence have a different hierarchy per environment.
On Thu, Jan 31, 2013 at 12:43 PM, llowder wrote:
>
>
> On Thursday, Ja
Disregard. I see the other thread.
On Wed, Jan 30, 2013 at 9:19 PM, Chad Huneycutt
wrote:
> Make sure that whatever user the master runs as (probably user
> 'puppet') has write permissions to /var/log/puppet/.
>
> Note that even if you start the master as root, it will swi
Make sure that whatever user the master runs as (probably user
'puppet') has write permissions to /var/log/puppet/.
Note that even if you start the master as root, it will switch to
whatever user it is configured to run as ('puppet' by default).
I also notice that your error message say 'var/log/
I do not think what you want exists. It makes sense, as a class is not a
procedural list of commands to execute, but a collection of resources, so a
way to "exit early" does not really exist. If you just want to avoid the
extra indentation and potentially misplaced closing bracket, how about thi
On Wed, Dec 5, 2012 at 9:29 PM, Peter Brown wrote:
> On 5 December 2012 21:10, Vaidas Jablonskis wrote:
>> On Wednesday, 5 December 2012 02:10:00 UTC, Pete wrote:
>>> On 4 December 2012 21:17, Vaidas Jablonskis wrote:
>>>
>>> One last question.
>>> I use a node level variable to specify the loca
Hi Jakov,
/etc/puppet/modules/users/run/manifests/init.pp is not going to get applied.
A couple things.
* Somewhere in your manifests you need to have a 'node' definition.
Compilation starts with your manifest, which is
/etc/puppet/manifests/site.pp . You can either put node definitions
in that
On Tue, Nov 27, 2012 at 9:46 AM, Ugo Bellavance wrote:
> On Sunday, November 25, 2012 9:07:54 PM UTC-5, Ryan Coleman wrote:
>> On Sun, Nov 25, 2012 at 10:22 AM, Ugo Bellavance wrote:
>>>
>>> It looks like the default environment for puppetmaster was "Master".
>>> Should I change that to something
Take a look at https://github.com/gtcoc/sshkeys for an idea. It isn't
documented well (yet), so here are some rough notes:
* the module assumes you are using hiera to supply default arguments.
you can see the default values in the hieradata directory
* the sshkeys::hostkeys class best shows how i
For yum-based updates, take a look at the yum versionlock plugin.
Works great here, although you have to specify the entire package name
that you want (I don't think just specifying puppet-2.7 will work).
debian-based distros support pinning, but haven't gotten that going yet.
- Chad
On Wed, Oct
I agree that folks should manage their repos, but I wanted to throw in
a couple of thoughts:
* The package name hacks (eg puppet3) are usually done by
distributions to allow multiple versions of software to co-exist.
* Take a look at the yum versionlock plugin. My life has been much
simpler sinc
Sorry, Sandra, I started to add a comment at the bottom with usage,
but apparently I never saved it. Although the script can do user keys
as well, this just addresses host keys. I have a cron script that
generates the known hosts file as well:
0,10,20,30,40,50 * * * * /tr01/scripts/sshkeys.pl --
On Thu, Aug 30, 2012 at 11:40 AM, Calvin Walton
wrote:
> On Thu, 2012-08-30 at 09:42 -0400, Eric Shamow wrote:
>> On Thursday, August 30, 2012 at 9:41 AM, Sandra Schlichting wrote:
>>
>> > Hi,
>> >
>> > I would like to write a class that can copy /root/.ssh/id_dsa from node A
>> > to node B.
>> >
On Tue, Aug 14, 2012 at 11:56 AM, Zachary Alex Stern
wrote:
>
> FWIW, this works:
>
> class puppet::config {
>
> include puppet::params
> $puppetserver=$puppet::params::puppetserver
> $runinterval=$puppet::params::runinterval
> file { '/etc/puppet/puppet.conf':
> ensure => present,
>
I love hiera, but this is my biggest problem with it. There is no
scoping of the hiera name space. I am personally using the naming
convention "__, but it would be great if
hiera took care of that for me magically. A little birdy told me that
they are working on it, so here's hoping...
- Chad
On Mon, Apr 2, 2012 at 5:12 AM, Craig Dunn wrote:
>
>> Would it be a good idea to have a puppet beginners list, where people can
>> post dumb questions, and maybe have some patient people posting links
>
>
> [snip]
>
> Without wanting to pigeon hole or stereotype anyone, my experience from the
> I
Couple things to check:
* hiera command line uses /etc/hiera.yaml for its config, but the
hiera-puppet plugin uses /etc/puppet/hiera.yaml
* I don't really know much about yaml, but I have found that I
often have to write lists as
:foo:
- bar
- baz
Notice the newline before the f
So does anyone have a working setup with puppet 2.7.11 + ruby 1.9.3 + passenger?
I am currently using rack-1.0.1 (rack-1.4.1 had same behavior) and
passenger 3.0.11, and I get some authentication problems (shown
below). If I use an auth.conf that is wide open (auth any, allow *),
the agent can su
I was able to track this down. Apparently
$puppet_master_storedconfigs is either reserved or too long. When I
changed it to $puppet_master_storedcfgs, the catalog compiled. Go
figure.
On Wed, Feb 29, 2012 at 7:09 PM, Chad Huneycutt
wrote:
> I'm really digging hiera, but I have a prob
I'm really digging hiera, but I have a problem that I just can't seem
to work out:
I am working on a puppet module, and I have two classes: puppet::agent
and puppet::master. The layout of the classes are very similar, but
hiera can only successfully find my variables in one of them.
$confdir/env
oops, sorry. Indeed. I typo that all the time, but fortunately we
don't have anything important in /var/lib/ssl here :(
On Tue, Oct 26, 2010 at 3:48 PM, Patrick wrote:
>
> On Oct 26, 2010, at 12:00 PM, Chad Huneycutt wrote:
>
> You need to delete the cert on the client. rm
You need to delete the cert on the client. rm -rf /var/lib/ssl/*
On Tue, Oct 26, 2010 at 10:48 AM, sanjiv.singh
wrote:
>
> hi ,
> im facing the problem , when tryied to run puppetd…..
>
> err: Could not request certificate: Retrieved certificate does not
> match private key; please remove cer
Maybe I'm dense, but that bug doesn't seem to be relevant. I just
created #5048; I am not sure that the trace adds much, but hopefully
someone can make something out of it.
Thanks!
- Chad
On Tue, Oct 19, 2010 at 11:01 PM, James Turnbull wrote:
> Chad Huneycutt wrote:
>>
I am attempting to upgrade my master from 0.25.5 to 2.6.2 and am stuck
on this issue. The master seems to be be happily compiling catalogs,
but the 0.25.5 clients cannot apply them. The error looks like this:
info: Caching catalog for foo.bar.org
/usr/lib/ruby/site_ruby/1.8/puppet/resource.rb:13
= true
> listen = true
> client = false
>
> ***
> Cheers,
>
> Henry
>
> On Aug 3, 1:35 pm, CraftyTech wrote:
>> Gotcha.. thanks,
>>
>> On Aug 3, 1:27 pm, Chad Huneycutt wrote:
>>
>>
>>
>> > There is a bug (
There is a bug (http://projects.puppetlabs.com/issues/3313) about this.
On Tue, Aug 3, 2010 at 1:06 PM, CraftyTech wrote:
> Hello,
>
> I have my clients' puppet.conf file setup as:
>
> [puppetd]
> report = true
> listen = true
> client = false
>
> But the client keeps on checking in every 30
Maybe I am missing one of your requirements, but I keep my puppet
master files somewhere other than /etc/puppet and /var/lib/puppet, and
I just use the --confdir option to puppetmasterd.
$ grep PUPPETMASTER_EXTRA_OPTS /etc/sysconfig/puppetmaster
PUPPETMASTER_EXTRA_OPTS="--confdir /tr01/puppet"
-
I was able to set config.time_zone in
/config/environment.rb and that fixed the
timezone. Is that not what you are talking about?
- Chad
On Mon, Jun 21, 2010 at 6:10 PM, Rein Henrichs wrote:
> Hi folks,
> Thanks for the dashboard questions. I'm glad people are using dashboard and
> reporting th
Thanks for sanity check, Ken. I just copied the library to REE, and
it works fine. Kind of ugly, I guess.
On Wed, May 19, 2010 at 8:04 PM, Chad Huneycutt
wrote:
> lol. The 'shadow' gem is not the shadow password library! it is "a
> zero-configuration YAML RESTful Act
y-shadow-1.4.1/README.ja
> [...@obelisk ruby]$
>
> Sounds like either there is a library mismatch or it is not installed
> perhaps? I don't have a ruby-enterprise install here at home - but if
> you can't see anything obvious about your version of the library I can
> check on a m
So I just upgraded my master from 0.24.8 to 0.25.4. Apparently there
is some bug with the EPEL version of rails that results in mysql "too
many connections" with stored configs, so I just bailed from the
packaged stuff and went to a standalone installation of REE and
puppet. That is working fine,
I have a bunch of puppet report files, and I would like to regenerate
the rrd files for those reports. Can anyone tell me what the process
is to do that?
--
Chad M. Huneycutt
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this gro
Creating your own repo obviously will come in handy, but here is
another option. The problem is that the default package provider you
are using (probably yum) does not support the puppet protocol for
retrieving packages. What I have done in a couple of cases is put the
package on a web server and
I do have this issue. Any time I add a new node, I have to restart
the puppet master.
On Mon, Sep 28, 2009 at 10:21 AM, Nigel Kersten wrote:
>
> On Mon, Sep 28, 2009 at 7:14 AM, Tony Maro wrote:
>>
>> I tried the ignorecache=true on the clients to no avail... the server
>> would still send the
I ran into the same problem, and I think I used execs to create the
mount point and set permissions before mounting, and the file resource
for the mount point requires that the fs be mounted.
On 9/17/09, Gajillion wrote:
>
> All,
> I'm surprised I haven't seen this here since I can't be the only
Try:
$listenip = "${ipaddress}_${service_listenif}"
- Chad
On Tue, Aug 11, 2009 at 6:14 AM, Jan Werner wrote:
>
> hi list,
>
> i'd guess the subject could cause some braindamage, i'm sorry for
> that, i did not find a better description for my problem.
>
> here my problem.
> i do have the follo
On Tue, Aug 4, 2009 at 7:12 PM, David Lutterkort wrote:
>
> On Mon, 2009-08-03 at 16:03 -0400, Chad Huneycutt wrote:
>> augeas { "/etc/exports-$vmname":
>> context => "/files/etc/exports",
>> changes => [
>
I am pretty sure I am getting bitten by puppet bug #2141
(http://projects.reductivelabs.com/issues/2141), and I am wondering if
there are any workarounds. I actually tried grabbing the versions of
the provider and type that James mentions at the bottom of that bug,
but they didn't seem to make an
AM, Bryan Kearney wrote:
>
> Chad Huneycutt wrote:
>> +1 for that. I did the same thing last week. I ended up editing the
>> grub.conf lens. If there is a way to override the 'incl' directives
>> or point augeas at a specific file and tell it to use a specif
+1 for that. I did the same thing last week. I ended up editing the
grub.conf lens. If there is a way to override the 'incl' directives
or point augeas at a specific file and tell it to use a specific lens,
I'd like to hear it as well.
On Fri, Jul 31, 2009 at 12:07 PM, Trevor
Hemsley wrote:
>
How do you manage permissions on mount points? Maybe I am missing
something obvious here, but I can't figure out a non-convoluted way to
do this. I want the actual mount point to have 755 permissions, but,
once mounted, the filesystem should have 1777 permissions (ie., /tmp).
I want different p
I think the problem is that you are 'exit'ing. It looks like you are
doing that to invert the return code? Try using 'unless' instead of
'onlyif', and you can drop everything after the diff.
On 5/26/09, Matt Adams wrote:
>
> Hi,
>
> I'm using Puppet 0.24.8 and facter 1.5.4 on RHEL4 update 7.
>
2009/5/6 Ryan Dooley :
>
> Chad Huneycutt wrote:
>> I am not sure everyone is on the same page:
>>
>> 1. you don't want to have the root password (encrypted or not) showing
>> up in the process listing of your clients.
>
> Well, this is a policy/philo
I am not sure everyone is on the same page:
1. you don't want to have the root password (encrypted or not) showing
up in the process listing of your clients.
2. even if you are generating the password on the master, it is going
to show up in the yaml on the client, and if that is the case, it
wou
I have a couple of concerns about this (at least in my environment).
First, the root password would be clearly visible (not even crypted!)
In the process listing during execution of the usermod. Second,
similarly, the root password is stored in plaintext on the
puppetmaster. Actually, would that v
I have a couple of concerns about this (at least in my environment).
First, the root password would be clearly visible (not even crypted!)
In the process listing during execution of the usermod. Second,
similarly, the root password is stored in plaintext on the
puppetmaster. Actually, would that v
I upgraded my puppetmaster hardware a couple of weeks ago, and I
didn't copy over the rrd reports. So now my rrd reports just show the
last two weeks worth of data. I have all the yaml reports for my
hosts, so I assume I can walk through those and rebuild the rrd files,
right? What is the easie
Maybe /var/lib/puppet is owned by root? If so, chown to puppet and try again.
- Chad
On Tue, Oct 21, 2008 at 5:31 AM, Sebastian Vieira <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I reinstalled puppet-server and am now getting these error messages from
> clients:
>
> err: /File[/var/lib/puppet/facts]:
Are you actually including both "named" and "hpc::named" on a single
host? If not, then there will not be a conflict.
- Chad
On Wed, Sep 17, 2008 at 12:41 PM, Evan Hisey <[EMAIL PROTECTED]> wrote:
>
> As understand puppet I should not be able to have two service[named]
> entries in the same com
70 matches
Mail list logo
