Hi all,
Hi all,
We use puppet for, amongst other things, managing the private-key
files needed for things like SSL certificates for HTTPS web servers.
We have a few constraints on how these are handled, and changes in
recent versions of puppet are making this harder than it perhaps ought
to be to
Hi Chris,
2010/11/10 Chris
> [...]
> file{"/path/to/foo.key": source=>"puppet:///keys/foo.key"} , because
> any valid puppet client could access foo.key.
> [...]
>
you are not sticked to the puppet file server, you can also use something
like this:
file {
"/path/to/file":
source => "/
I've seen the same issue as well. I just tested then, adding a simple
notify resource to a node and it took three consecutive runs of
puppetd before the message appeared:
# puppetd --test
info: Retrieving plugin
info: Caching catalog for puppet-master-01
info: Applying configuration version '12893
Hi Thomas
On Nov 10, 12:44 pm, Thomas Bendler wrote:
> Hi Chris,
>
> 2010/11/10 Chris
>
> > [...]
> > file{"/path/to/foo.key": source=>"puppet:///keys/foo.key"} , because
> > any valid puppet client could access foo.key.
> > [...]
>
> you are not sticked to the puppet file server, you can also u
Hi list,
When declaring multiple resources at once with an array like this:
file { [ "foo", "bar" ]: ... }
Is there a way to access the current array element so as to pass this
value as a parameter? So the "foo" resource has a parameter value
"foo" and "bar" with a parameter value "bar"?
This i
> All good, except that in 0.25 and up (which we're slowly migrating
> to), this often doesn't work. The rest APIs require UTF-8 content, and
> keys are binary, so catalog requests fail if the key happens to
> contain bytes which aren't valid UTF-8. (http://
> projects.puppetlabs.com/issues/4832 ta
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hello,
I read that there is several problems about custom facts on this list.
However, none is serving my task exactly so I start another. (Topic
»custom facts in legacy puppet 0.24.[89]« is the might be the same issue
but that gets no answer.)
My
What you are looking for is a loop which does not exist in puppet, except
for templates.
I've never tried it but I've speculated it could be possible to create a
manifest template and then use puppet to generate that manifest file in a
similar fashion you are looking to do.
-Original Message
On 11/10/2010 10:18 AM, luke.bigum wrote:
> Hi list,
>
> When declaring multiple resources at once with an array like this:
>
> file { [ "foo", "bar" ]: ... }
>
> Is there a way to access the current array element so as to pass this
> value as a parameter? So the "foo" resource has a parameter v
On Wed, Nov 10, 2010 at 7:43 AM, Klaus Ethgen wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Hello,
>
> I read that there is several problems about custom facts on this list.
> However, none is serving my task exactly so I start another. (Topic
> »custom facts in legacy puppet 0.24
I have one of 18+ servers in an environment that just started having a
problem when attempting to do an update. On the node I enter the
command 'puppetd -t --debug --trace'. I don't see anything obvious
but the error is: "Could not retrieve catalog from remote server"
I set the puppetmaster in
Let me also add that I have several servers that have the same exact
"role" in their node definitions and don't have any problem with
updates.
On Nov 10, 11:40 am, PBWebGuy wrote:
> I have one of 18+ servers in an environment that just started having a
> problem when attempting to do an update.
Hello,
I'm really kind of newbie in the Puppet's world but this tool is quite
impressive. So I wish to thank the authors first and all people
participating to this amazing project.
Now get straight to business :) I'm responsible of a platform
containing almost 100 servers all managed by Puppet in
Hello Puppet Users,
we would like to create and/or modify resources in our environment
with the help of puppet. The problem is that the software components
may fail over from node A to node B. We are planning to write our own
modules for puppet but we have no idea how to handle the fail over
thing
What is the contents of your /etc/puppet/puppet.conf and what are the
permissions on the /var/lib/puppet/run directory?
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-us...@googlegroups.com.
To unsubs
On Wednesday 10 Nov 2010 10:30:02 nemo wrote:
> Hello,
>
> I'm really kind of newbie in the Puppet's world but this tool is quite
> impressive. So I wish to thank the authors first and all people
> participating to this amazing project.
>
> Now get straight to business :) I'm responsible of a pla
On Nov 10, 2010, at 6:52 AM, Chris wrote:
> Hi Thomas
>
> On Nov 10, 12:44 pm, Thomas Bendler wrote:
>> Hi Chris,
>>
>> 2010/11/10 Chris
>>
>>> [...]
>>> file{"/path/to/foo.key": source=>"puppet:///keys/foo.key"} , because
>>> any valid puppet client could access foo.key.
>>> [...]
>>
>> yo
There was a big change from 0.25 to 2.6 and I believe you need to upgrade
both client and server from what I remember. The best way to do is get a
remote execution daemon like func and you could issue a command to all
servers like "yum upgrade puppet".
-Original Message-
From: puppet-user
On Nov 10, 2010, at 4:29 AM, Chris wrote:
> How are other people getting around this? Do you just allow all
> clients to access all keys? Is there a native type, or an auth.conf
> trick, that I'm missing? Or a more binary-friendly encoding than JSON/
> PSON ?
I send a different message with a r
A few more findings:
1. I removed the /var/lib/puppet/clientbucket and ran update manually
it worked one time. Repeating this does not work.
2. Here is the Trace of the puppetd command:
/usr/lib/ruby/1.8/net/http.rb:586:in `connect'
/usr/lib/ruby/1.8/net/http.rb:586:in `connect'
/usr/lib/ruby/1
On Nov 10, 2010, at 8:40 AM, PBWebGuy wrote:
> I have one of 18+ servers in an environment that just started having a
> problem when attempting to do an update. On the node I enter the
> command 'puppetd -t --debug --trace'. I don't see anything obvious
> but the error is: "Could not retrieve
On Nov 9, 2:47 pm, "Tobias Lott" wrote:
> Problem isn't Directories not getting created but every user is getting
> ALL ssh keys
I see the error messages appearing to indicate attempts to distribute
keys to users who should not have them. The attempts seem not to be
successful, however. Do the
On Nov 10, 2010, at 8:59 AM, Matthew Black wrote:
> There was a big change from 0.25 to 2.6 and I believe you need to upgrade
> both client and server from what I remember. The best way to do is get a
> remote execution daemon like func and you could issue a command to all
> servers like "yum upg
> Make sure that you get output from the puppetmaster for some things. It's
> easy to look at the wrong log if you are using passenger.
>
> I've seen a similar error problem when the puppetmaster is overloaded so the
> client times out. For me, this is when It gets all 50 clients ask for a
> c
On Nov 9, 10:13 am, Bakul wrote:
> I know that would be better option but it's not possible to do it at
> this point (due to some non-technical issue). Is there anyway this can
> be handled in puppet.
Your manifests cannot directly specify command line parameters to be
passed to yum. As I alrea
Which isn't terrible, but you loose init scripts and the like.
Zach
On Tue, Nov 9, 2010 at 4:43 PM, bobics wrote:
> I get around this issue by installing Puppet as a gem.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Puppet Users" group.
> To post to thi
I have continued troubleshooting this and have gone as far as:
1. Removed all code from the nodes.pp for this particular node.
2. Deleted the /var/lib/puppet directory on the node and resigned with
the PM. Note that the signing failed repeatedly as well where the PM
did not report any messages i
Hi Chris,
2010/11/10 Chris
> [...]
> Yes, except that approach suffers from the same administrative
> problems as using puppet:/// and auth.conf. HTTPS certs aren't
> specific to hosts. If I have 20 servers all requiring foo.key (because
> they all have the foo-application class in their manifes
Hi Experts,
I am just wondering is there anything like a "Puppet Module Repository" in
production yet?
For the "Puppet Module Repository" I am looking for two main features:
1. Versioning control of each individual module
2. automatic dependency resolution, one module will be able to say which
mo
> got the point, thought that you need one specific key on each server. So
> that should be even simpler, use file with content and put the key in the
> content field:
>
> $myKey = "-BEGIN RSA PRIVATE
> KEY-\nMIICXgIBAAKBgQDTqkVS4/iwKx8LngXQrEShlfSRtcSyOB1IjC5AIGUAJvapq9lz\n..."
>
> file {
On 11/10/2010 01:14 PM, Yushu Yao wrote:
Hi Experts,
I am just wondering is there anything like a "Puppet Module
Repository" in production yet?
For the "Puppet Module Repository" I am looking for two main features:
1. Versioning control of each individual module
2. automatic dependency resolu
2010/11/10 Richard Crowley
> [...]
> This works perfectly for PEM-formatted keys because they're ASCII,
> which is a subset of UTF-8. Binary keys are not (usually) valid UTF-8
> and thus can't be crammed into a catalog without some encoding.
>
And why don't you convert the key to a PEM key befo
On Wed, Nov 10, 2010 at 10:39 AM, Thomas Bendler wrote:
> 2010/11/10 Richard Crowley
>>
>> [...]
>> This works perfectly for PEM-formatted keys because they're ASCII,
>> which is a subset of UTF-8. Binary keys are not (usually) valid UTF-8
>> and thus can't be crammed into a catalog without some
On Nov 10, 2010, at 11:48 AM, Richard Crowley wrote:
> On Wed, Nov 10, 2010 at 10:39 AM, Thomas Bendler
> wrote:
>> 2010/11/10 Richard Crowley
>>>
>>> [...]
>>> This works perfectly for PEM-formatted keys because they're ASCII,
>>> which is a subset of UTF-8. Binary keys are not (usually) va
After 6 hours of troubleshooting, we found that there was a process
(Alfresco/Tomcat) running on the node that was consuming large amounts
of the CPU. Running 'top', there was a sustained load of 2.x. As
soon as I killed the process, Puppet started running perfectly! This
node is a VM in a VMWar
This is not exactly what you're looking for but may be a solution. We
are using the multiple environment functionality (http://
projects.puppetlabs.com/projects/1/wiki/Using_Multiple_Environments)
to manage version control to prevent changes from impacting production
while we're implementing and t
On Mon, Nov 8, 2010 at 8:29 AM, Patrick wrote:
>
> On Nov 8, 2010, at 8:03 AM, R.I.Pienaar wrote:
>
> >
> > - "Markus Falb" wrote:
> >
> >> Hi,
> >>
> >> I try to serve a file
> >>
> >> file { "/root/test3.txt":
> >>ensure => file,
> >>source => "puppet:///yum/test.txt",
> >>
On Mon, Nov 8, 2010 at 9:36 AM, Markus Falb wrote:
> On 08.11.10 17:03, R.I.Pienaar wrote:
> >
> > - "Markus Falb" wrote:
> >
> >> Hi,
> >>
> >> I try to serve a file
> >>
> >> file { "/root/test3.txt":
> >> ensure => file,
> >> source => "puppet:///yum/test.txt",
> >> }
> >>
How did you fix this?
On 19 Okt., 12:48, "mar...@fearless.nl" wrote:
> 0.25.4 (Ubuntu repository)
>
> However, i got it working now. Seemed the reverse DNS was causing
> issues.
>
> Cheers,
>
> Marcel
>
> On 18 okt, 18:42, Mohit Chawla wrote:
>
> > Hi,
>
> > What's the client version ?
>
> > On
On Wed, Nov 10, 2010 at 6:26 PM, Richard Crowley wrote:
> > got the point, thought that you need one specific key on each server. So
> > that should be even simpler, use file with content and put the key in the
> > content field:
> >
> > $myKey = "-BEGIN RSA PRIVATE
> >
> KEY-\nMIICXgIBAA
Maciej Skrzetuski writes:
> we would like to create and/or modify resources in our environment with the
> help of puppet. The problem is that the software components may fail over
> from node A to node B. We are planning to write our own modules for puppet
> but we have no idea how to handle the
On Nov 9, 6:06 am, Pieter Baele wrote:
> Hi,
>
> I would like to query the puppetmaster (or the puppet nodes...) for some facts
> and display/use these in an external web application (written django)
> using the certificates from Puppet.
>
> What's the correct (nice) way to do this? REST?
> Can I
42 matches
Mail list logo
