: 22.38
Config retrieval: 7.82
My question is why is there such a big difference between the time the
whole catalog run took and the time shown in "Total". The complete
run definitely takes the 72 seconds and I would like to debug why it takes
so long.
Any ideas?
Thanks,
Kai
--
Yo
gp.net
gpg: keyserver timed out
gpg: keyserver receive failed: keyserver error
This is because the /usr/bin/apt-key command can't connect to the keyserver
without the proxy.
Am Donnerstag, 8. Januar 2015 14:41:21 UTC+1 schrieb jcbollinger:
>
>
>
> On Wednesday, January 7, 2015 3:28:30
e
(but I guess thats because I configure apt to use the proxy and puppet just
calls apt-get).
How do I make the puppet agent use my environment variables?
Thanks,
Kai
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe
clean cert in agent
csv-agent:/etc/puppet # cd /var/lib/puppet/
csv-agent:/var/lib/puppet # ls
client_data client_yaml clientbucket facts lib ssl state
csv-agent:/var/lib/puppet # rm -rf ssl/
rm -rf /var/lib/puppet/ssl/
在 2014年12月22日星期一UTC+8下午2时00分55秒,App Win写道:
>
> Hi All,
>
> We are trying to
That was it, thanks!
On Wednesday, November 12, 2014 2:51:58 PM UTC-6, Christopher Wood wrote:
>
> On Wed, Nov 12, 2014 at 12:43:43PM -0800, kai wrote:
> >Hi,
> >I have the following file definitions:
> >file { $haproxy_service_config_file:
> &
Hi,
I have the following file definitions:
file { $haproxy_service_config_file:
ensure => 'present',
owner => 'root',
group => 'root',
mode=> '0644',
content => template('haproxy/$domain.haproxy.erb'),
require => [ Class['haproxy::install'],
File[$haproxy_servic
uppet.
Something like this:
package {['puppet', 'puppet-common'],
ensure => "$puppetversion",
notify => 'puppet-agent',
}
I'm just curios if that would be a good Idea? Wouldn't this break my
current puppet run?
How do you upgrade your age
2014-10-09 17:06 GMT+02:00 Ken Barber :
> So Kai, you can provide fake this with soft-links to the icigna dir
> from the expected nagios configuration directory. Or soft-link the
> files themselves, up to you.
>
Thank you both a lot.
Now the (fake-)host gets removed but for som
notify => Service[icinga],
}
But the entries don't get purged. Looks like I'm still missing something :/
Best regards,
Kai
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiv
What happens if I manually add a (fake) host to my hosts.cfg file. The host
doesn't exist in the puppetdb, because it was never "alive". On the next
puppet run, puppet should remove this "false" entry in my hosts.cfg, right?
Best Regards,
-- Kai Timmer / em...@kaitimmer.de
e still doesn't remove the node.
Maybe I should say that I am using foreman. But I also deactivated the node
in foreman. So my guess is that I'm good there.
Best regards,
Kai
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" gr
Hello,
I'm using this snippet to build my icinga configuration out of my exported
facts
#Collect the nagios_host resources
Nagios_host <<||>> {
target => "/etc/icinga/puppet.d/hosts.cfg",
require => File["/etc/icinga/puppet.d/hosts.cfg"],
notify => Service[icinga],
}
If I now
7;vzctl' ]:
> ensure => present,
> require => Apt::Source['openvz'],
> }
>
>
>
>
> On Tue, Mar 11, 2014 at 1:13 PM, kai >wrote:
>
>> I have the following two resources defined in a class:
>>
>> class openvz::install {
>>
I have the following two resources defined in a class:
class openvz::install {
$openvz_repo_key = hiera('openvz_repo_key')
$openvz_repo = hiera('openvz_repo')
$openvz_kernel_image = hiera('openvz_kernel_image')
$openvz_kernel_headers = hiera('openvz_kernel_headers')
apt::source { "openvz":
l
have this problem.
On Wednesday, January 8, 2014 9:38:12 AM UTC-6, jcbollinger wrote:
>
>
>
> On Tuesday, January 7, 2014 11:39:14 AM UTC-6, kai wrote:
>>
>> What version of Puppet are you running?
>>> *3.4.1 for both master and agent*
>>> As what user is
---
:backends:
- yaml
- file
:hierarchy:
- defaults
- "%{clientcert}"
- "%{::domain}/%{::environment}/%{::osfamily}/%{::lsbdistcodename}"
- global
:yaml:
:datadir: /etc/puppet/data
On Tuesday, January 7, 2014 12:05:46 PM UTC-6, Andrew wrote:
>
>
> Content of the yaml file - any quo
I actually have both variables.
On Tuesday, January 7, 2014 11:54:38 AM UTC-6, Jose Luis Ledesma wrote:
>
> Mmm the error is about ssh_package_name, but you have tried the puppet
> apply with ssh_service_name. could be this the problem?
--
You received this message because you are subscribed to
s by design or a bug, but I was not able to find this
in any of the documentation, so putting it here if someone else encounters
it.
On Monday, January 6, 2014 1:20:04 PM UTC-6, kai wrote:
>
> I have the following hiera.yaml file:
>
> ---
> :backends:
> - yaml
>
tarting to wonder if this is a
bug.
On Tuesday, January 7, 2014 11:39:14 AM UTC-6, kai wrote:
>
> What version of Puppet are you running?
>> *3.4.1 for both master and agent*
>> As what user is the master running? (Typically an unprivileged user
>> named 'puppet'
e really doing something wrong here.
On Tuesday, January 7, 2014 11:39:14 AM UTC-6, kai wrote:
>
> What version of Puppet are you running?
>> *3.4.1 for both master and agent*
>> As what user is the master running? (Typically an unprivileged user
>> named 'puppet'
>
> What version of Puppet are you running?
> *3.4.1 for both master and agent*
> As what user is the master running? (Typically an unprivileged user named
> 'puppet'.)
> *The master is running as user puppet*
> As what user are you running the agent in your tests?
> *I am running the agent and
Hm nothing in the logs. It's worth mentioning that I run this on the puppet
master. Here's the config in case I missed something there:
[main]
pluginsync = true
factpath = /lib/facter
[agent]
environment = production
server = puppetmaster.loc.example.com
runinterval = 360
splay = true
configtim
level hierarchy in "defaults" and
> then gradually move 1 level down until you find when it "disappears".
>
> Andrey
>
>
> On 6 January 2014 19:20, kai > wrote:
>
>> I have the following hiera.yaml file:
>>
>> ---
>> :ba
I have the following hiera.yaml file:
---
:backends:
- yaml
- file
:hierarchy:
- defaults
- "%{clientcert}"
* - "%{::domain}/%{::environment}/%{::osfamily}/%{::lsbdistcodename}"*
- global
:yaml:
:datadir: /etc/puppet/data
and the following in /etc/puppet/data:
*loc.example.com/pro
Jeff, thank you very much for taking the time to answer all my questions. I
really appreciate it. This thread had helped me a lot in my journey to
mastering Puppet.
Thank you again!
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this
I understand that only the CA cert needs to be copied on the LB and not the
private key, as the private key is just for signing the agents
certificates. Just wanted to note that the CA also needs
SSLCARevocationFile, for revocation to work it seems.
The only other concept that is not clear to me
I get it now! Since the CA signed the agents cert the LB knows that the
agent cert is valid because the LB has the CA cert and key to validate
with. So, what is the point of the CA storing all the signed agent certs?
--
You received this message because you are subscribed to the Google Groups
If the LB does not have all the signed agent's certificates, how will it
know which agent is valid. All the signed certs are stored on the CA which
is behind the LB.
I'll try and figure out how to just copy the signed certificate and the
private key associated with that certificate from the CA t
Puppet book, but
on different servers. Now it all works!
On Thursday, June 14, 2012 12:19:20 PM UTC-5, kai wrote:
>
> Puppet version: 2.7.14
>
> Puppet master behind apache with mod_proxy load balancer.
> I am able to authenticate with the cert as per these headers:
>
> Acce
this, as the LB actually terminates
the SSL traffic.
On Thursday, June 14, 2012 9:35:29 AM UTC-5, kai wrote:
>
> I have a single LB running Apache with mod_proxy in front of a Puppet
> master. These are the LB and Puppet master configs:
>
>
> BalancerMember http://192.1
Puppet version: 2.7.14
Puppet master behind apache with mod_proxy load balancer.
I am able to authenticate with the cert as per these headers:
Accept: s
X-SSL-Subject: /CN=puppetagent1.example.com
X-Client-DN: /CN=puppetagent1.example.com
X-Client-Verify: SUCCESS
Any idea what this error means
Puppet version 2.7.14 on Ubuntu.
My puppet master config:
[main]
logdir=/var/log/puppet
vardir=/var/lib/puppet
ssldir=/var/lib/puppet/ssl
rundir=/var/run/puppet
factpath=$vardir/lib/facter
templatedir=$confdir/templates
[master]
ssl_client_header = SSL_CLIENT_S_DN
ssl_client_verify_header = SSL_C
I have a single LB running Apache with mod_proxy in front of a Puppet
master. These are the LB and Puppet master configs:
BalancerMember http://192.168.1.10:8140
Listen 8140
SSLEngine on
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
SSLProtocol -ALL +SSLv3 +TLSv1
Nobody an idea?
My actual solution is to send "COMMIT;" to the MySQL Server and then run
"puppet agent --test" what leads to "Background Tasks - All systems go".
But that can't be The Solution.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group
Problem is a result of sql_mode = TRADITIONAL. Is there any workaround for
this problem?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/icMIbxPhmZoJ.
To p
[pid 4995]
delayed_job: running [pid 5019]
Regards Kai
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/puppet-users/-/pM59imDBUlAJ.
To post to this group, sen
f I modify the Varnish module I have to backport all the bugfixes and changes
made by the original author. So, how can I install the package from another
source without modifying the original module?
Thanks for your help,
Kai
--
You received this message because you are subscribed to the Google Gro
-wikimedia-servers-are-configured/
Regards, Kai
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscr...@google
Hi,
I am looking for real world server setups to learn more from others. The ones
I know of are
The Repository of David Schmitt
http://projects.puppetlabs.com/projects/1/wiki/Complete_Configuration
The Wikimedia Server repository
http://blog.wikimedia.org/2011/09/19/ever-wondered-how-the-wikimed
Right™.
The new facter from git does work correctly. I'll just upgrade.
Sorry for the noise.
On Aug 7, 10:18 am, Kai wrote:
> Hmm. Any nisdomain with a dot does the trick to fool facter it seems.
>
> # domainname uncle.wrinkle.puppy.reductivelabs
> # facter
7, 10:09 am, Kai wrote:
> Hi James,
>
> I think I've done it correctly.
>
> Installed facter is 1.5.1 from lenny (package revision 0.1).
>
> After one has installed the nis utils, we can set the domainname to a
> domain to something thats not even remotely like your re
ildbox2:~/git/facter {57} # domainname google
buildbox2:~/git/facter {58} # facter fqdn
buildbox2.domain.net
Interesting facts.
Regards,
On Aug 6, 5:04 pm, James Turnbull wrote:
> -BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Kai wrote:
> > Hi Ohad,
>
> > On Au
I'm afraid it does. :(
On Aug 6, 4:24 pm, Kai wrote:
> > to be safe, use the cert option in your puppet.conf
>
> That will be interesting: that file is supplied by puppet. Will the
> hostname in puppet reflect the real hostname, or will it again
> formulate its own by pu
reflect the real hostname, or will it again
formulate its own by putting the NIS domain in it again? :)
Kai
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send
mailpop.server.net. After configuring the box,
and enabling NIS, setting the domainname, it will create a new
certificate, now for mailpop.server.nl.
This is kind of strange I think, shouldn't puppet ignore the NIS
domain it is in?
I'm running puppet 0.24.5 on a d
45 matches
Mail list logo
