[Puppet Users] class include order

puppet 2.6.3 How i can make this work? class a { if ($b::x) { notify "yeah!" } } class b { $x=true } node base { include a } node test inherits base { include b } currently i got "Could not look up qualified variable 'b::x'; class b has not been evaluated" -- You received this message

Re: [Puppet Users] class include order

> currently i got "Could not look up qualified variable 'b::x'; class b > has not been evaluated" Node Inheritance isn't working the way you are assuming it should work [1]. I would generally get rid off of any node inheritance. ~pete [1] http://projects.puppetlabs.com/projects/1/wiki/Frequent

[Puppet Users] Re: class include order

The following would work: class a { if $x { notify "yeah!" } } node base { $x = true } node test inherits base { include a } On Nov 29, 12:21 pm, walexey wrote: > puppet 2.6.3 > > How i can make this work? > > class a { >  if ($b::x) { notify "yeah!" } > > } > > class b { >  $x=tr

[Puppet Users] Re: Class inheritance

On Nov 24, 9:37 am, Chris C wrote: > I was able to get override to work correctly. I'm glad to hear it. > My classes are inheriting each other.  prac inherits all_hosts_redhat which > inherits all_hosts. > I cleaned up some unnecessary duplicate checks like chmod and own. > I changed the defin

Re: [Puppet Users] Re: Class inheritance

On Mon, Nov 29, 2010 at 6:46 AM, jcbollinger wrote: > > > On Nov 24, 9:37 am, Chris C wrote: >> I was able to get override to work correctly. > > I'm glad to hear it. > >> My classes are inheriting each other.  prac inherits all_hosts_redhat which >> inherits all_hosts. >> I cleaned up some unnec

[Puppet Users] custom functions in standalone mode

Hi, I am fairly new to puppet, and my question would be: - is it possible to write new function and use them in standalone mode? According to http://projects.puppetlabs.com/projects/1/wiki/Writing_Your_Own_Functionsfunctions can only be executed on a server, is there any possibility to overcome t

Re: [Puppet Users] Re: pkgutil package provider (solaris)

Hi Peter et al, Sorry for arriving rather late to this thread! On 16/11/10 10:17, Rudy Gevaert wrote: > On Nov 12, 4:54 pm, Peter Bonivart wrote: >> I think the issue with "Not installed" vs. "notinst" is probably from >> converting the pkg-get provider, if I'm not mistaken pkg-get prints >> "No

[Puppet Users] Puppet replaces deleted files

Hi, I am using puppet 2.6.2 and stepped over a situation, I cannot explain to myself. So here is the deal: - I want to source several directories and files one time to a client - with the first puppet run, puppet should copy the files and directories to the client to the specified location - if fi

[Puppet Users] Re: Puppet replaces deleted files

You should propably package these files. Then you will not have this problem. The replace option for the file type is NOT intended for what you are trying. Regards, Stefan. On Nov 29, 4:34 pm, Os wrote: > Hi, > > I am using puppet 2.6.2 and stepped over a situation, I cannot explain > to myself

Re: [Puppet Users] Re: Puppet replaces deleted files

On Mon, Nov 29, 2010 at 9:21 PM, ZipKid wrote: > You should propably package these files. Then you will not have this > problem. > The replace option for the file type is NOT intended for what you are > trying. > Sorry for barging in, but "package" the files, in the sense... ? -- You received

[Puppet Users] Combine multiple CA certificates into a bundle

I am struggling with using multiple puppet CAs. I think I am missing information about which files are used for which purposes by different parts of puppetmasterd, puppetd, puppetca, and the apache/passenger frontend. I have an old puppetmaster (and CA), which signed certificates for old clients.

Re: [Puppet Users] Re: Puppet replaces deleted files

On Mon, Nov 29, 2010 at 3:54 PM, Mohit Chawla wrote: > On Mon, Nov 29, 2010 at 9:21 PM, ZipKid wrote: > >> You should propably package these files. Then you will not have this >> problem. >> The replace option for the file type is NOT intended for what you are >> trying. >> > > Sorry for barging

Re: [Puppet Users] Combine multiple CA certificates into a bundle

On Mon, 29 Nov 2010, Alan Barrett wrote: > I am struggling with using multiple puppet CAs. I think I am missing > information about which files are used for which purposes by different > parts of puppetmasterd, puppetd, puppetca, and the apache/passenger > frontend. For example, which file on the

[Puppet Users] Re: Multiple CA / Puppet master environment

I'm only using one master for CA (following http://bodepd.com/wordpress/?p=7). But When I run puppetd -t from a client, against an alternate master (puppetd -t --server alt_master.domain.com), I get "err: Could not retrieve catalog from remote server: hostname not match with the server certif

[Puppet Users] Re: Managing a "complex" directory structure

On Nov 25, 6:22 pm, Lars Francke wrote: > I don't understand how I'd convert the definitions from my original > mail into virtual resources. You wouldn't convert the definitions themselves, but rather their instantiations. Alternatively, you might convert the definitions to *use* virtual resour

[Puppet Users] Re: User management

> Basically what I'm asking, does this seem sane to more experienced people, or > am I setting myself up for pain? I do it pretty much like that, and it works for me. A couple things, though: 1) unless you intend for your user::admins and user::notadmins classes to override properties of your

Re: [Puppet Users] Combine multiple CA certificates into a bundle

On Mon, 29 Nov 2010, Alan Barrett wrote: > It seems to me that I should be able to take the $ssldir/ca/ca_crt.pem > files from the two puppetmasters, concatenate them to create a > ca-bundle.pem file, and place the bundle in some suitable place where > any client or server can use the bundle to ver

Re: [Puppet Users] Thoughts on dropping 0.24.x client support in Puppet 2.7?

On Nov 25, 2010, at 07:43 , Patrick wrote: > On Nov 24, 2010, at 3:50 PM, Nigel Kersten wrote: > I mentioned this in an earlier thread, but here's a dedicated one. >> >> We made a big change between 0.24.x and 0.25.x where we moved from >> XMLRPC to REST. >> >> How do people feel about us dropp

[Puppet Users] easy to way to track clients checking in?

I've been wrestling to get the puppet ca server to sign client certs and have them successfully reconnect later. I think I've done: find /var/lib/puppet/ -type f -delete ; sudo find /etc/puppet/ssl -type f -delete ; sudo /usr/sbin/puppetd --server puppet -d -o --no-daemonize --waitforcert 2 ...

Re: [Puppet Users] easy to way to track clients checking in?

Personally, I like Foreman for doing that, especially once I've patched it to make certain Foreman-specific variables set by the report processor. In theory Dashboard will do the same thing, though I've never been able to get it to work reliably (incompatible gem set). And of course, there's alwa

Re: [Puppet Users] Combine multiple CA certificates into a bundle

On Nov 29, 2010, at 10:13 AM, Alan Barrett wrote: > On Mon, 29 Nov 2010, Alan Barrett wrote: >> It seems to me that I should be able to take the $ssldir/ca/ca_crt.pem >> files from the two puppetmasters, concatenate them to create a >> ca-bundle.pem file, and place the bundle in some suitable pla

Re: [Puppet Users] easy to way to track clients checking in?

On Nov 29, 2010, at 12:55 PM, David Birdsong wrote: > I've been wrestling to get the puppet ca server to sign client certs > and have them successfully reconnect later. I think I've done: > find /var/lib/puppet/ -type f -delete ; sudo find /etc/puppet/ssl > -type f -delete ; sudo /usr/sbin/pup

[Puppet Users] 2.6.3 differs in behavior from 2.6.1

Before I go and write yet another custom fact, I just want to be sure that the behavior I'm seeing is "as designed" rather than a regression. When I ran 2.6.1, I had the following snippets working as expected: base/manifests/minimal.pp: class {"ssh::sshd_config": stage => post} ssh/manifests/

Re: [Puppet Users] Re: Multiple CA / Puppet master environment

Only if all your servers use the *same* certificate and are listed as alternate DNS names in certdnsnames. (Search the group for certdnsnames for examples - including mine) John On 30 November 2010 04:24, CraftyTech wrote: > I'm only using one master for CA (following > http://bodepd.com/wo

Re: [Puppet Users] Combine multiple CA certificates into a bundle

On Mon, 29 Nov 2010, Patrick wrote: > > So, it seems that the puppetd client is doing something different from > > the "openssl s_client" command used for testing. What certificate is > > the puppetd client attempting to present, and how can I change that? > > Run this on the client for the confi

Re: [Puppet Users] Combine multiple CA certificates into a bundle

Have you perhaps revoked a certificate off one CA that matched the serial number issued by another? And perhaps the second CA issued that particular serial number to the puppet server itself? No, I haven't done this myself, why do you ask? *whistles tunelessly* https://projects.puppetlabs.co

Re: [Puppet Users] config settings for environments

One important thing I missed out is that I get my server name passed as an environment variable ($SSL_CLIENT_S_DN_CN no less) because I run puppetmaster from passenger. John On 29 November 2010 17:34, John Warburton wrote: > I am guessing this feature request didn't get submitted (well not on >

Re: [Puppet Users] Re: Managing a "complex" directory structure

Hello, > But none of that is going to solve your particular problem, because > even if you instantiate your defines virtually, you still can provide > only one set of parameters for each title within the scope of each > node.  Basically, this part of your design concept (define "bar") does > not f

Re: [Puppet Users] Combine multiple CA certificates into a bundle

On Mon, 29 Nov 2010, Eric Sorenson wrote: > Have you perhaps revoked a certificate off one CA that matched the serial > number issued by another? And perhaps the second CA issued that particular > serial number to the puppet server itself? No, neither CA has ever revoked a certificate. "opens

Re: [Puppet Users] Combine multiple CA certificates into a bundle

Hi, I think you are facing https://projects.puppetlabs.com/issues/3640#note-11 which would hopefully be resolved in https://projects.puppetlabs.com/issues/3770. I must admit that I did not have time to continue troubleshooting this further...