Just deployed a new puppet 6.0 client / server setup and getting the
classic CSR signing issue (see details below). Please help clarify my
understanding so I can troubleshoot this (I'm sure there's a quick fix for
this) :
N.B. The usual "remove the SSL dir on the client and clean the cert on th
puppetserver ca clean`.
>
> And regardless of whether this fixes your issue, we really appreciate your
> letting us know when our errors and/or docs are less than helpful. Thanks!
> Maggie
>
> On Fri, Sep 28, 2018 at 11:05 AM Andy Hall > wrote:
>
>> Just deployed a n
chance something got messed up along the way.
>
> Please let me know if none of this fixes it for you. I have filed PUP-9187
> <https://tickets.puppetlabs.com/browse/PUP-9187> to fix up the error
> messaging that initially led you in the wrong direction.
> Thanks,
> Maggie
>
&
et me know if none of this fixes it for you. I have filed PUP-9187
> <https://tickets.puppetlabs.com/browse/PUP-9187> to fix up the error
> messaging that initially led you in the wrong direction.
> Thanks,
> Maggie
>
> On Mon, Oct 1, 2018 at 9:57 AM Andy Hall > wro
Just fixed an issue with the puppetserver ca after a 5.x to 6.x upgrade
(see post "PUPPET 6.0 : CSR from master does not match the agent public
key" for more details) but now experience the following issue with PuppetDB
(maybe a problem with the Java KeyStore ?):
AGENT:
# puppet agent --test
ng the issues with the
> master/agent connection, did you also regenerate the certificates for
> PuppetDB? Not having really any experience with PuppetDB, I could see thi
> error being cause by still using certificates issued by the old certificate
> authority.
>
> On Wed, Oct
Hmm perhaps I should RTFM :
https://puppet.com/docs/puppetdb/6.0/maintain_and_tune.html#redo-ssl-setup-after-changing-certificates
On Friday, 16 November 2018 16:49:20 UTC, Andy Hall wrote:
>
> Apologies for the late reply but do you know how to re-create the certs
> for PuppetDB ? I
Hey there. We use the combination of jtopjian/sshkeys and
dalen/puppetdbquery as it's a great solution to store and retrieve sshkeys
from puppetdb. Currently we are migrating from puppet 3.8 to 6.6 and all
issues have been ironed out except for the following:
When calling query_facts against pu
OK it seems all is well and that error is shown if the sshpubkey_username
fact is not yet available in the puppetdb. Once available it all works fine.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop recei
hey there just starting using bolt and has a simple plan which applies a
manifest but I'd know like to write a dynamic file from a template like epp
in puppet. is this possible ? I do not see anything in the docs except just
uploading a static file :
https://puppet.com/docs/bolt/latest/running_
That's great thanks !! So if I want to pass a param to the template from
the command line would this work ??
1. The command:
bolt plan run profiles::puppet_upgrade servers=hostname.domain.com
location=uk --user root
2. The plan:
plan profiles::puppet_upgrade(
TargetSpec $servers,
) {
app
This works great thanks very much for your help. I just had to add the
location param to the plan itself as follows:
plan profiles::puppet_upgrade(
TargetSpec $servers,
String $location,
) {
It works perfectly !! Could I ask if the params can be read from a file
similar to hiera (or an inve
OK this is great. Really looking forward to using this more. Being able to
leverage our existing puppet codebase and modules for a quick agentless
solution means we don't have to migrate everything to ansible. Thanks again
for all your help !!
--
You received this message because you are subsc
OK so how do I get the plan to read from the inventory file ?? I am running
this plan :
bolt plan run puppet6::puppet_upgrade -i inventory.yaml --nodes
puppet6_nodes
And am getting this error :
puppet6::puppet_upgrade: expects a value for parameter 'location'
Here is my inventory file :
grou
Fantastic all works now. If I have any further questions I'll create a new
thread. Thanks.
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to puppet-users+unsubscr
hey there we have just migrated hundreds of hosts from 3.x to 6.x and
although lots of work we are almost home and dry but have an issue with
puppetdb which I hope can be solved. we are running puppetdb-6.3.4 but when
removing an old node as follows:
puppet node deactivate
the information is
gt; which is
> another thing to consider if you care about querying for nodes that have
> stopped checking in longer than node-ttl.
>
> Hope this helps!
>
>
> On Thu, Oct 3, 2019 at 10:25 AM Andy Hall > wrote:
>
>> hey there we have just migrated hundreds of h
Hi there we have a puppetserver 6.4.0 which is currently handling about 450
clients. In terms of performance over our legacy 3.8 instance it is great -
clearly clojure is faster than a rails app behind a web proxy :-) But we
notice that when we hit approx. 90 established connection to TCP port 8
Hey there - we have a server where part of the manifest is as follows:
service { 'nfs':
enable => true,
ensure => running,
}
Nice and simple however on every puppet run we get the following output
which is recorded as a change:
[root@server ~]# puppet agent --test
Info: Retrievi
So we saw similar and with only the default maximum 4 puppetserver jruby
instances would often get 5 or 6 clients connecting at once which in turn
led to blocking and then a queue building as more clients connected. We
would check port 8140 and often see over 80 established connections.
Now tha
Puppet needs to own the file to use the yumrepo resource type so if you
ensure all aspects match then effectively using the enabled parameter
should just change that file. But if anything doesn't match then yes it
will create a new file. But is shouldn't be too difficult to work it out
from the
As stated above if you match the existing file with a yumrepo resource then
yes it will effectively change just the file but puppet will now own that
so it has to match or else it will create a new file.
So if the existing file looks like this...
[BaseOS]
name=CentOS-$releasever - Base
mirrorli
exactly just push the devs of the package resource type to add a new
provider. I mean nodejs is kinds popular now so I see no reason not to add
it...
On Tuesday, April 14, 2020 at 7:04:46 AM UTC+1, Dirk Heinrichs wrote:
>
> Am Samstag, den 11.04.2020, 12:15 +0200 schrieb Martin Alfke:
>
> Of cou
please can someone tell me what is wrong with this as it is a valid URI and
should work...
if ($::operatingsystemmajrelease == '5') or ($::operatingsystemmajrelease
== '6') {
yumrepo { 'vmware-tools':
baseurl =>
"baseurl=http://packages.vmware.com/tools/releases/10.1.0/rhel${::opera
OK my bad...I have included the string "baseurl=" in the actual baseurl
attributesilly me. please ignore.
On Wednesday, 6 May 2020 17:10:28 UTC+1, Andy Hall wrote:
>
> please can someone tell me what is wrong with this as it is a valid URI
> and shoul
hey there I recently update puppetserver to 6.12.1 ( along with
puppetdb to 6.11.2 and puppet-agent to 6.17.0 ) and occasionally on
some puppet runs ( I cannot determine why it happens sometimes and not
others ) we see the following reported...
Error while evaluating a Virtual Query, undefined met
x27;RedHat'){
> Rhsm_register <| |>
> -> Yumrepo <| |>
> -> Package <| provider != ‘rpm' |>
> }
> else{
> Yumrepo <| |> -> Package <| provider != 'rpm' |>
> }
>
> --
> *Becca Robinson*
>
>
we have updated the concat module and it no longer likes our code...so
this used to work fine...
concat { "/etc/exports":
ensure => present,
}
Concat::Fragment {
content => "# HEADER: This file is managed by Puppet. DO NOT EDIT.\n",
order => '0',
}
concat::fragment { 'nfs
t; many years ago. It's now a first class citizen itself.
>
> On Thu, Aug 20, 2020 at 4:28 AM Andy Hall wrote:
>
>> we have updated the concat module and it no longer likes our code...so
>> this used to work fine...
>>
>> concat { "/etc/exports":
hey eric why do we not see the latest key in the release packages then ?
thanks.
# yum info puppet-release
Available Packages
Name: puppet-release
Arch: noarch
Version : 1.0.0
Release : 14.el6
Description : Release packages for the Puppet repository
:
> there's an occasional unforeseen problem with a package. I encourage
> bringing any issues to our attention and we'll work to fix them as quickly
> as I can.
>
> Eric
>
> On Tuesday, January 12, 2021 at 3:43:41 AM UTC-8 Andy Hall wrote:
>
>> hey eric wh
we are running puppetserver 6.12 and are following the guide here to
regenerate the cert to add dns alt names :
https://puppet.com/docs/puppet/6.21/ssl_regenerate_certificates.html#regenerate_agent_certs_and_add_dns_alt_names
however there are a number of steps which fail because essentially the
p
So I have a plan where I get facts...here is the relevant section...
$target_facts = run_plan('facts', 'targets' => $targets)
$target_facts.each |$result| {
$target = $result['target']
$targetfacts = $result['value']
$os_release = $targetfacts['os']['release']['major']
$kernel_version
33 matches
Mail list logo
