I've been looking into using puppet-rundeck and run into a bit of an
issue that I've traced back to puppet. I have a feeling this is going
to be my lack of understanding of something or a misconfiguration.
Here's a snippet of code that demonstrates my plight:
https://gist.github.com/9667ad19762bf
Hello, all.
Let's say I authenticate a server against my puppet master at
puppet.example.com, we'll call it apt.example.com. All goes well; it's
peachy. Then, apt.example.com dies and I have to authenticate a _new_
apt.example.com against puppet master.
root@apt:~# puppet agent --test --noop
info
Hello, all.
Let's say I am building a super-weapon robot to destroy the world, save for
the people on a whitelist, and am using puppet to manage the configuration
of this robot.
$ cat files/do_not_kill.txt
Me
Mom
Dad
Wife
The robot will only being its rampage when /root/have_a_good_time exists.
On 20/08/11 01:13, Brian Troutwine wrote:
> How do I actually revoke a faulty certificate?
You can remove the client certificate entirely with:
puppetca --clean apt.example.com
A new one will then be generated next time you connect.
LS
--
Laurence Southon
Tiger Computing, Bexley
www.tiger-comp
On Fri, Aug 19, 2011 at 12:56 AM, Jakov Sosic wrote:
> Hi.
>
> I encountered a following problem, if I state for example:
>
> package{"aspell-en": ensure => absent, }
> package{"aspell":ensure => absent, }
>
> I get error in logs because of dependencies. It seems that puppet uses
> 'yum' for
On Sat, Aug 20, 2011 at 10:04 AM, Laurence Southon wrote:
> On 20/08/11 01:13, Brian Troutwine wrote:
> > How do I actually revoke a faulty certificate?
>
> You can remove the client certificate entirely with:
>
> puppetca --clean apt.example.com
I overlooked that entirely. Thank you.
A new on
On Sat, Aug 20, 2011 at 12:18 PM, Brian Troutwine wrote:
> On Sat, Aug 20, 2011 at 10:04 AM, Laurence Southon <
> l...@tiger-computing.co.uk> wrote:
>
>> On 20/08/11 01:13, Brian Troutwine wrote:
>> > How do I actually revoke a faulty certificate?
>>
>> You can remove the client certificate entire
Hello, all.
I have a module for apt-cacher and a node definition something like this:
class base {
file { '/etc/apt/apt.conf.d/01proxy':
...
}
}
node 'apt.example.com' {
include base, aptcacher
Class['aptcacher'] -> File['/etc/apt/apt.conf.d/01proxy']
}
I'm attempting
I meant to include more material and have inserted it inline below. My
apologies.
On Sat, Aug 20, 2011 at 3:31 PM, Brian Troutwine wrote:
> Hello, all.
>
> I have a module for apt-cacher and a node definition something like this:
>
> class base {
> file { '/etc/apt/apt.conf.d/01proxy':
>
On Sat, Aug 20, 2011 at 2:47 PM, Brian Troutwine wrote:
> On Sat, Aug 20, 2011 at 12:18 PM, Brian Troutwine wrote:
>
>> On Sat, Aug 20, 2011 at 10:04 AM, Laurence Southon <
>> l...@tiger-computing.co.uk> wrote:
>>
>>> On 20/08/11 01:13, Brian Troutwine wrote:
>>> > How do I actually revoke a faul
On Sat, Aug 20, 2011 at 4:21 AM, garethr wrote:
> I've been looking into using puppet-rundeck and run into a bit of an
> issue that I've traced back to puppet. I have a feeling this is going
> to be my lack of understanding of something or a misconfiguration.
>
> Here's a snippet of code that demo
On 20 August 2011 21:09, Nan Liu wrote:
> On Sat, Aug 20, 2011 at 4:21 AM, garethr wrote:
>> I've been looking into using puppet-rundeck and run into a bit of an
>> issue that I've traced back to puppet. I have a feeling this is going
>> to be my lack of understanding of something or a misconfigu
I also note that the following fails to order as I expect:
class base {
if $hostname == 'apt' {
file { '/etc/apt/apt.conf.d/01proxy':
...
require=> Package['apt-cacher'],
notify => Service['apt-cacher'],
}
...
}
}
node 'apt.example.com' {
include base, aptcac
Hi,
Are you calling the puppet run with the '--server ' parameter?
With SSL you basically need the following:
* working DNS
* clocks in sync
* correct certnames
To help solve SSL issues also use 'openssl s_client' to test connections, check
certnames and other errors.
This is a definitive
PEBKAC, all.
My images were already tainted with 01proxy, so it existed before the
installation of the apt-cacher. Question: is it possible to set a
precondition on a resource, say to ensure that a file _doesn't_ exist before
installation of a package?
On Sat, Aug 20, 2011 at 5:38 PM, Brian Trout
On Sat, Aug 20, 2011 at 6:18 PM, Denmat wrote:
> Hi,
>
> Are you calling the puppet run with the '--server '
> parameter?
>
Default is 'puppet', no? In any event, using --server or not has no effect.
> With SSL you basically need the following:
> * working DNS
> * clocks in sync
>
Done.
>
Hi,
No, you can only declare the state of a resource once. It can't be present and
absent at the same time.
Den
On 21/08/2011, at 8:50, Brian Troutwine wrote:
> PEBKAC, all.
>
> My images were already tainted with 01proxy, so it existed before the
> installation of the apt-cacher. Question:
I wouldn't wish Puppet to play guess the quantum cat but, rather, to have
the agent's application of its catalog error in a predictable fashion. I'd
like to express the pre-condition that if /etc/apt/apt.conf.d/01proxy exists
in the filesystem then the installation of package apt-cacher should erro
Hi,
The standard port is 8140, are you using a different port?
You will need to pass --server on the puppet agent. The command line is
different from the daemon config.
With certnames, your --servername must match the DNS name of the master. So
using openssl s_client --connect you should see
Well you can on some resources types, like an exec, but not on file resources -
which is annoying sometimes. With file resources it's different but it would be
great to have an 'onlyif' parameter.
So, you can turn your package install definition into an exec that has a
pre-condition.
exec {aptp
20 matches
Mail list logo
