Here's a script that should deploy a stack with apache+passenger for
you (tested on CentOS 6);
https://raw.github.com/mstanislav/Veewee-Definitions/master/CentOS-6_x86_64-PuppetStack/postinstall.sh
Maybe you can take a look at the steps and see if there's something
you're missing.
Hope it helps!
As a 'work-around' (and no, I don't really like this either) you could use file
attributes (chattr +i [filename]) or mandatory access controls to prevent the
server certificate from being modified on your clients after it's been received
securely.
Not a Puppet/Webrick/Apache fix but it is a se
Does your EC2 security group allow connectivity to the Puppet master inbound?
Seems like it can't connect.
-Mark
On Jul 22, 2011, at 7:20 PM, newguy wrote:
> Hi guys
> I recently started playing with EC2 and tried installing puppet.
> I ran in to this problem that puppetmaster doesnt get any ce
On Jul 21, 2011, at 5:56 AM, Oliver Beattie wrote:
> Hi there,
>
> I am trying to setup a "cluster" on Amazon EC2, using auto-scaling. I
> currently have it working so that when the instances are started, they
> generate a CSR, which is automatically signed by the server if it's valid by
> a c
On May 26, 2011, at 1:14 PM, Douglas Garstang wrote:
> On Wed, May 25, 2011 at 1:19 PM, Brian Gupta wrote:
> Douglas,
>
> I have to concur with disconnect, now that we are using Foreman, many
> of the things we setup in the past to catch these things are now
> redundant. I don't know why you "do
On May 24, 2011, at 1:50 PM, Daniel Pittman wrote:
> On Tue, May 24, 2011 at 06:36, Mark Stanislav
> wrote:
>> On May 24, 2011, at 1:38 AM, Daniel Pittman wrote:
>>> On Fri, May 20, 2011 at 08:23, Nigel Kersten wrote:
>>>> On Fri, May 20, 2011 at 5:
On May 24, 2011, at 1:38 AM, Daniel Pittman wrote:
> On Fri, May 20, 2011 at 08:23, Nigel Kersten wrote:
>> On Fri, May 20, 2011 at 5:39 AM, Mark Stanislav
>> wrote:
>>>
>>> In short, I'm in agreement with you. With the CA which is defaulted to 5
>&g
Hi Micah,
In short, I'm in agreement with you. With the CA which is defaulted to 5 years
(not at all surprising) there's no doubt that soon (maybe 2.7 is a good time?)
that 2048 key size should be used for at least the CA key, if not default for
client key generation as well. Secondly, yes, I d
I'm not using it but the metrics still sound nice to have graphed. However, I'd
look to implement this into Munin rather than have a secondary set
Puppet-centric graphs sitting around.
Not to thread-jack, but are other people implementing these metrics in things
like Munin, Cacti, or otherwise?
How's about: source => "puppet:///modules/apache/krome/httpd/conf.d/php.conf"
On Mar 11, 2011, at 6:55 PM, Tim Dunphy wrote:
> sorry I accidentally mispsated one of the entries above.. there
> actually is a closing brace on php.conf
>
>file {
> "/etc/httpd/conf.d/php.conf":
> owner =>
It's possible that your mysql class inside of that mysql module has broken
syntax, generating that error.
-Mark
On Mar 1, 2011, at 5:28 PM, Tim Dunphy wrote:
> hello list! could someone please offer an opinion as to why the mysql
> module I am attempting to include is not found?
>
> ## error
>
Based on 'time out range' seems that you need to do an NTP sync.
-Mark
On Feb 25, 2011, at 10:51 AM, Ace wrote:
> I am trying to connect a solaris puppet client version 2.6.4 to a
> linux puppet master server. I am getting a starnge message as below
> and the puppetca on the master is not able t
On Feb 22, 2011, at 10:09 AM, Nigel Kersten wrote:
> On Tue, Feb 22, 2011 at 12:08 AM, Rawler wrote:
>> What about keys?
>
> Run an exec that adds the key. How would you normally solve this ?
Indeed, this is what I have done previously. The other option is to use a File
resource for the keys a
ld be happy to see that
> attached – I certainly see it as likely we will decide to approve such
> a change.
>
> Daniel
>
> On Fri, Feb 18, 2011 at 13:31, Mark Stanislav
> wrote:
>> http://projects.puppetlabs.com/issues/6380 <-- if anyone is interested.
>> T
http://projects.puppetlabs.com/issues/6380 <-- if anyone is interested. Thanks
for the help; a good way to end a Friday at work :)
-Mark
On Feb 18, 2011, at 4:21 PM, Daniel Pittman wrote:
> On Fri, Feb 18, 2011 at 13:00, Mark Stanislav
> wrote:
>
>> That indeed solved the
Feb 18, 2011, at 3:47 PM, Brian Gallew wrote:
> Yeah, fire up MySQL and alter the column to be of type TEXT instead of
> VARCHAR(255). I ran into the same problem. I believe the column you are
> looking for is fact_values.value.
>
> On Feb 18, 2011, at 12:26 PM, Mark Stanislav
same problem. I believe the column you are
> looking for is fact_values.value.
>
> On Feb 18, 2011, at 12:26 PM, Mark Stanislav wrote:
>
>> So I had been smashing my head against a wall, unsure why I was receiving an
>> error trying to utilize a Facter fact for Munin int
So I had been smashing my head against a wall, unsure why I was receiving an
error trying to utilize a Facter fact for Munin interface generation.
err: Could not retrieve catalog from remote server: Error 400 on SERVER:
Duplicate definition: Munin::Interfaces[eth0] is already defined in file
/e
Rather you can use in your epel.repo:
includepkgs=puppet puppetmaster foo bar etc.
and it will only utilize those packages from the greater assortment.
We (MNX Solutions) also run a repository for a lot of common packages you may
be looking for if you'd like a back-up
http://yum.mnxsolutions.co
Did you escape the $basearch with a back-slash in your manifest?
baseurl => "http://download.fedoraproject.org/pub/epel/5/\$basearch";,
-Mark
On Feb 7, 2011, at 2:57 PM, Tim Dunphy wrote:
> hello puppet list!
>
> I am having some difficulty setting the correct baseurl setting for a
> yum repo
Are you able to group these sed statements into a script and pass arguments to
the script to do whatever set of executions are needed for that specific
dataset?
I may not understand your 'need' exactly, either. Can you explain more of what
you are trying to accomplish and less about what you've
Dave,
Just wondering if you tried to make a temporary symlink from
/var/lib/puppet/ssl to /etc/puppet/ssl to see if the error changes or goes away
(just to narrow the scope)?
Also, take a look at http://blog.kumina.nl/2011/01/puppet-on-puppetmaster/ --
perhaps you're missing an ssldir declarat
Hi James,
Does this include 'sub-projects'? Directly referring to
http://projects.puppetlabs.com/projects/mcollective-plugins ; in this case I
see no link but am not listed yet.
Just wondering if this is by design or not. Thanks!
-Mark
On Jan 31, 2011, at 7:58 PM, James Turnbull wrote:
> Hi
You may want to look at utilizing mCollective to do this as it will provide a
more structured way to handle this task. In this case, 'available' hosts would
be queried and the execution would run on hosts in parallel.
http://www.puppetlabs.com/mcollective/introduction/
Also, Puppet Commander ma
Perhaps using openssl s_client -connect localhost:8140 may be a viable 'quick'
test?
-Mark
On Jan 15, 2011, at 2:04 PM, Ohad Levy wrote:
> it doesn't get closed as telnet doesn't send anything.. ssl needs a few chars
> to find out if its valid or not.. usually there should be some sort of a
>
Any firewall (client or server) perhaps not explicitly allowing the proper
traffic for 8140 to the master?
-Mark
On Jan 10, 2011, at 11:27 AM, James Lee wrote:
> Hi, I'm getting this message "Could not request certificate: No route
> to host - connect(2)" when I'm trying to connect my pclient t
Hi adam,
>
> I am also aware of https://launchpad.net/~mathiaz/+archive/puppet-backports
> but mathiaz doesn't provide puppetmaster.
I am using his PPA for a deployment right now with success. In this context,
using Apache + Passenger is the way to go for the Puppetmaster role.
Take a look at
>> Clearly no. Do you think 2s is too long?
>
>
> That wasn't what I meant. I was wondering if somehow it was defaulting to on
> with all those photos the original poster had.
Perhaps they have a site.pp default? Wouldn't be the first time someone ran
into that.
-Mark
>
> --
> You receiv
I've ran into the same issue, often causing my puppet run to state it's
'Finished' but actually be hanging and not returning back to a shell prompt.
Not to thread-jack, but I am also interested in this answer. Thanks for raising
it!
-Mark
On Jan 5, 2011, at 12:11 PM, Sébastien Barthélémy wrote
May be worth while to throw an 'strace -f' on it and see if you notice anything
peculiar. Off hand based on your testing I don't have any good answers, sorry!
-Mark
On Dec 27, 2010, at 11:59 AM, Mike wrote:
> When running the command puppetd --server fedorahost.ocfl.net --
> waitforcert 60 --te
Just a shot in the dark, do you have AppArmor, SELinux or any other MAC system
enabled?
-Mark
On Dec 22, 2010, at 1:14 PM, Douglas Garstang wrote:
> I keep getting this in /var/log/messages every time a client grabs a
> catalog...
>
> Report store failed: Got 1 failure(s) while initializing:
I believe Stefan's answer is probably the correct one if you really need/want
the service still enabled (for perhaps puppetrun). Alternatively you could
disable the Puppet service altogether and utilize mCollective or otherwise it
initiate runs manually when needed. There is also a Puppet Comman
On Dec 20, 2010, at 2:24 PM, Nick Moffitt wrote:
> Mark Stanislav:
>> I would recommend using Nagios event handlers for this if you want
>> Nagios to essentially take the reigns of this problem. That way you
>> will get your alerts and Nagios can react by starting the ser
Nick,
I would recommend using Nagios event handlers for this if you want Nagios to
essentially take the reigns of this problem. That way you will get your alerts
and Nagios can react by starting the service again after x number of failures.
I understand you may want to do this through Puppet fo
Hi James,
Sounds very pragmatic and adds some aforementioned structure continuity for the
project. Just wondering if there were any disadvantages thought of during the
brainstorming to implement this change? I can't think of any off-hand but I'd
guess you and others at Puppet Labs spent more th
You need to run the rake again. Setup a cronjob to execute it every so often if
you need new hosts regularly (e.g. Auto scaling)
-Mark
On Dec 20, 2010, at 6:58 AM, walexey wrote:
> Hello!
> I try to use foreman. It's successfuly import current nodes from
> puppet storeconfig. Nodes hostname
What about just doing:
if ($operatingsystemrelease <= 5.4) {
$sudo_template = "system/sudoers_V54.erb"
} else {
$sudo_template = "system/sudoers.erb"
}
class basic_dev::files {
file { "/etc/sudoers":
owner => root,
group => root,
mode => 0440,
37 matches
Mail list logo
