entioned that the module was basic and implied you wanted to manage
other things.
What other things should a cobbler module be managing? Perhaps we could
work together on updating this module to offer more functionality and
flexibility.
[1] - http://forge.puppetlabs.com/ghoneycutt/cobbler
-g
re receiving?
ERB should not have any problems with percent signs in a template. I use
the following bash function to help me with syntax checking.
# puppet template syntax checking
function pt()
{
if [ -z $1 ]; then
echo "usage: pt "
return;
fi
/usr/bin/erb -
ad of
node default {
include baseline
}
node app inherits default {
include appstuff
}
I would recommend
node default {}
node app {
include baseline # though, I recommend this is named 'common'
include appstuff
}
[1] - http://docs.puppetlabs.com/guides/style_guide.html#class-in
reference/modules_fundamentals.html
Also, check out Hiera -
http://puppetlabs.com/blog/first-look-installing-and-using-hiera/
-g
--
Garrett Honeycutt
206.414.8658
http://puppetlabs.com
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To
Join me 11/8 at Brouwers Cafe in Fremont at 6pm for drinks and
discussions on Puppet, DevOps, system administration, etc.
http://www.meetup.com/Seattle-Puppet-Meetup/
-g
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, se
On Jun 29, 1:14 pm, Douglas Garstang wrote:
> On Mon, Jun 28, 2010 at 8:47 PM, Peter Meier wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
>
> > On 06/29/2010 01:27 AM, Douglas Garstang wrote:
> >> Anyone know where I can find a good chrooted named module for centos?
> >> Named as
On Jul 8, 7:25 am, Jon Charette wrote:
> Does anyone have a module that handles pecl effectively?
>
> Thanks much.
> -Jon.
Feature request #2926[1] deals with this and has links to some code
that may help you.
How I have been handling this is to find/create a package using the
systems native pac
On Jul 13, 6:54 am, Marco Marongiu wrote:
> Dear puppeteers
>
> I am trying to build a tree hierarchy of puppetmasters. The architecture
> is aimed to distribute the load among a number of datacenters, while
> keeping the puppetmasters in sync by means of puppet itself.
>
> The architecture I am
On Aug 19, 4:04 am, Dennis Hoppe
wrote:
> Hello,
>
> i have written some modules for Puppet and would be thankful, if someone
> could take a look for quality enhancements.
>
> http://194.94.79.17/hotkey/puppet.tar.gz
>
> The only nasty part is, that i have defined some global variables at
On Sep 23, 9:36 am, Daniel Maher wrote:
> Hello,
>
> I have two sites with a small number of machines at each. Each site is
> functionally identical. I would like to set up a bunch of templates for
> the various services at each site, with a handful of variables that
> indicate which site the s
On Oct 8, 8:59 am, Jeremy Carroll wrote:
> I'm trying to automatically create users as a requirement for ssh keys
> to work. Here is my issue. I am getting this error from the agent. The
> SSH part works fine, but it will not create the user due to a
> dependency issue. I do not know how to debug
On Oct 14, 3:49 pm, Michal Ludvig wrote:
> On 10/15/2010 08:36 AM, Arnau Bria wrote:> On Thu, 14 Oct 2010 23:47:16
> +1300
> > Michal Ludvig wrote
> >> 1) kickstart installs the system, including puppet from our local repo
> >> 2) after reboot I have to login and set the hostname and IP
> > k
On Nov 5, 9:19 am, Mark_SysAdm wrote:
> What are the recommended practices for adding regular users with a
> specific group and password ? I'd like to add new users to a cluster,
> and also to append an existing ssh key to authorized_keys on all the
> cluster nodes for some users.
>
> This is th
On Sep 14, 6:49 am, Robin Sheat wrote:
> Op dinsdag 15 september 2009 01:29:09 schreef CaptTofu:
>
> > * Having the certificate requests for these new instances
> > automatically signed
> > * Creating a new node for a new instance, once it is up and I know the
> > host/ip. As you know, you don't
rride the original fact.
>
> I've also tried to set $::operatingsystem = "Proxmox" directly in my node.
>
> What's the best way to do override an existing fact ?
>
> Regards,
>
> Julien
Created feature request[1] #15579 to add Proxmox support to facte
http://www.meetup.com/Sydney-Puppet-Masters/events/74363612/
Join us at the Lord Nelson Brewery on Tuesday at 17:00 to discuss
Puppet, Hiera, DevOps, etc.
-g
--
Garrett Honeycutt
206.414.8658
http://puppetlabs.com
--
You received this message because you are subscribed to the Google Groups
{ notify { $data: } }
>
> }
>
> Is there a better approach to override scope and grab what data from
> hiera that would normally not be available to a node?
>
> Thanks
> - Trey
This would be a great place to use exported resources[1]. Each node
could still use Hiera to deter
e (or
possibly inherit) the syslog class. In this setup, a node might include
syslog::server or syslog::client, but not syslog directly. When using
this pattern, be sure to comment in your base class that it is not meant
to be included directly.
-g
--
Garrett Honeycutt
206.414.8658
http://puppet
On 8/17/12 9:43 AM, Douglas Garstang wrote:
> On Fri, Aug 17, 2012 at 9:33 AM, Douglas Garstang
> wrote:
>> On Fri, Aug 17, 2012 at 12:52 AM, Denmat wrote:
>>>
>>>
>>> On 17/08/2012, at 17:19, Douglas Garstang wrote:
>>>
>>>> On
our node
classification, they should all be in the site.pp without an import
statement. Some time ago we saw a slow down around two orders of
magnitude by having to deal with a ton of files caused by one file per node.
-g
--
Garrett Honeycutt
206.414.8658
http://puppetlabs.com
--
You rece
the locations you mentioned? I'm still learning
> the whys of how things are laid out on the filesystem.
If you are really interested in filesystem layout or need a sleeping
aid, check out the FHS.
http://www.pathname.com/fhs/pub/fhs-2.3.html#PURPOSE
-g
--
Garrett Honeycutt
206.414.8
innodb_buffer_pool_size')
and then use <%= innodb_buffer_pool_size %> in a template for your my.cnf.
-g
[1] - http://docs.puppetlabs.com/guides/environment.html
[2] - https://github.com/puppetlabs/hiera-puppet/blob/master/README.md
--
Garrett Honeycutt
206.414.8658
http://puppetlabs.com
On 9/19/12 10:43 PM, Gonzalo Servat wrote:
> On Thu, Sep 20, 2012 at 3:37 PM, Garrett Honeycutt
> mailto:garr...@puppetlabs.com>> wrote:
>
> No need at all to use a different puppet master, you could just use
> environments[1]. When you want to test a sys
isks I wan`t create config of my service with parameter
> "disks=3" if i have 4 disks than disks must be equal 4 etc. Thanks.
You could write a custom fact[1] that returns the number of disks.
[1] - http://docs.puppetlabs.com/guides/custom_facts.html
-g
--
Garrett Honeycutt
206.414.8
et master is attempting to connect to a database to get
information needed to compile the catalog and is timing out. Try setting
playing around with setting dbconnections = some_positive_integer in
your puppet.conf. If you are still having issues, post your puppet.conf
in your reply.
Regards,
-g
should also be fully
scoped. Notice the :: before the facter variable in the code below.
$localvar = 'somevalue'
$string = "${::fqdn}-${localvar}"
[1] -
http://docs.puppetlabs.com/guides/language_guide.html#variable-interpolation-with-quotes
-g
--
Garrett Honeycutt
206.414.
//docs.puppetlabs.com/puppet/3/reference/modules_fundamentals.html
Regards,
-g
--
Garrett Honeycutt
206.414.8658
http://puppetlabs.com
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To
; and many
other excellent perks. We're looking for talented and highly skilled
individuals to join our dynamic and fast-paced culture and contribute to
Speakeasy’s continued success.
--
Garrett Honeycutt
Sr. Systems Engineer
www.speakeas
ed.
>>
>> I hope this helps.
>
> awesome, thanks a lot for taking the time to test it, I'll incorporate
> this feedback in a few weeks.
>
> do you think the basic approach will improve your workflow and lead
> to easier to share modules?
>
Absolutely leads to modul
ectory for
>> the user as it will be on a NAS volume. It seems that RHEL/Oracle requires
>> your explicitly to use the "-M" options. Is there a way to do this with
>> puppet?
>>
Thanks for bringing this up. We were able to get this fixed and merged
in master for
might want to side step this
issue by turning alfresco into a package with FPM[2] and then use the
package{} resource.
[1] - http://docs.puppetlabs.com/references/stable/type.html#exec
[2] - https://github.com/jordansissel/fpm/
Cheers,
-g
--
Garrett Honeycutt
206.414.8658
http://puppetlabs.com
-
useful for doing a demo and learning about Puppet with a
couple of nodes. It is not at all meant to scale and if you attempt to
run your eight agents, you are likely to have performance issues. If
this is a production level deployment, you should look at Apache with
Passenger.
Regards,
-g
--
On Monday, September 2, 2013 12:01:46 PM UTC-4, Stuart Cracraft wrote:
>
> How can this be randomized within a range?
>
> I believe someone mentioned "splay" ?
>
> My fear is that all the boxes will request at a similar some day, by chance
> and send a tidal wave over to the master.
>
> On Sep 1, 2
On Monday, October 28, 2013 9:21:09 AM UTC+1, SAF wrote:
>
> Hi all,
>
> How do you manage different forge modules that require conflicting
> versions for the same module?
> The most common example is ripienaar/concat vs puppetlabs/concat:
> puppetlabs/puppetdb requires puppetlabs/postgreql 2.x,
On Thursday, January 9, 2014 9:49:35 AM UTC-5, Stephan wrote:
>
> Hi All,
>
> So here's my use case:
>
> I've got an application with multiple environments, say live, qa and dev,
> and each environment has multiple servers. The actual application requires
> an NFS mount mounted on each of these
On Monday, January 13, 2014 9:38:33 PM UTC-5, ianm wrote:
>
> On 14/01/14 03:49, Andrey Kozichev wrote:
>
> > This scenario works well if on the class input I just supply single
> > mountpoint -> then I do hiera("mountpointname") and create_resources()
> > But if I want to have multiple Mountp
On Monday, January 13, 2014 9:38:33 PM UTC-5, ianm wrote:
>
> On 14/01/14 03:49, Andrey Kozichev wrote:
>
> > This scenario works well if on the class input I just supply single
> > mountpoint -> then I do hiera("mountpointname") and create_resources()
> > But if I want to have multiple Mountp
-puppet-simple[1] by Dan Bode.
Why have multiple puppet masters? You must already have network
connectivity if you are thinking of using NFS, so you might be better
served by just running one puppet master service instead of individual
masters at each location.
[1] - https://github.com/bodepd
You are looking at master and should be looking at the appropriate tag.
https://github.com/puppetlabs/puppetlabs-stdlib/tree/4.1.0
Best regards,
-g
--
Garrett Honeycutt
LearnPuppet.com
@learnpuppet
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" g
pool.sks-keyservers.net --recv-keys F186197B
>
Hi,
You could change 'include ca' to 'require ca' and then safely remove the
require attribute from the service resource. This would ensure that all of
the resources from the ca class are handled before your service class.
Be
l -k -X DELETE -H "Accept :pson"
https://${PUPPETCA}:8140/production/certificate_status/`hostname -f`
http://garretthoneycutt.com/index.php/Puppet#Removing_certs_during_provisioning_process
Best regards,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPuppet.com
--
You r
hould not have 'import "rsyslog"' as that does not
make any sense since it is not syntactically incorrect and you are
classifying nodes in LDAP.
In order to override a parameter's default value, add it to Hiera. So if
you want to change the value of the server_dir parame
ct against memory leaks.
My module[1] for managing puppet would likely work for you with minimal
modification. Would be glad to work with you on it to support HP-UX.
[1] - https://github.com/ghoneycutt/puppet-module-puppet
Best regards,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training wi
lt;${a}>": }
notify { "b = <${b}>": }
If they look the same, you might have a difference in type. '/foo' !=
['/foo'].
You can use the following to help you debug further.
$type_a = type($a)
$type_b = type($b)
notify { "type_a = <${type_a}>&quo
validation, style, and spec tests to be valid.
[1] -
https://github.com/ghoneycutt/puppet-module-skeleton/blob/master/Rakefile
[2] -
https://github.com/ghoneycutt/puppet-module-skeleton/blob/master/.travis.yml#L13
[3] - https://travis-ci.org/
Best regards,
-g
--
Garrett Honeycutt
@lear
ks to get you started. April 5th I will be doing another
free tutorial session at LOADays[2] in Antwerp. I also teach a two day
Advanced Puppet course[3] that focuses on testing.
[1] -
http://www.slideshare.net/gh/20140307-cascadia-itconftddwithpuppettutorial
[2] - http://loadays.org/
[3] - ht
> Any other angles (or posts somewhere) on this?
>
> Sven
>
Hi,
Dan's tool, librarian-puppet-simple[1], can help with this in
conjunction with environments. You specify a Puppetfile that lists all
your modules and their versions. This file can then be stored in
r
e put in envrionment blocks?
>
> puppet config print shows that they've changed, but they are not utilized.
>
> Unless I'm missing something.
>
>
>
>
> Thanks,
> Tom
Hi Tom,
You can vote on this ticket and track its progress at
https://tickets.puppetlab
es), not necessarily to
> avoid parameterized classes altogether.
>
>
> John
Agree with John that you want to completely avoid using the
parameterized style declaration of classes. Better to use 'include'
statements and set all of your params in Hiera.
Here's a li
t; *The virtnet.xml.erb:*
>
>
> <%= @virtnet_name %>
>
>
>
>
>
> ---------
> end files
> -
>
; apache_service: 'apache'
> []
>
> []
> [root@master puppet]# cat hiera.yaml
> ---
> :backends: - yaml
>
> :hierarchy:
> - %{osfamily}
> - common
>
> :yaml:
> :datadir: /etc/puppet/hieradata/
&
the puppet agent by default at
boot time which is handled as you mentioned by cron with @reboot. If you
bring up all your systems at the same time, this could pose an issue for
you.
Here my puppet module[2] that can manage your agent with cron or as a
service.
[1] - http://en.wikipedia.org/wiki/Thund
change management needs.
[1] -
https://github.com/ghoneycutt/puppet-module-puppet/blob/master/manifests/agent.pp#L110-111
BR,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPuppet.com
Mobile: +1.206.414.8658
--
You received this message because you are subscribed to the Google Groups
&q
onment. If you go that route, check out my pam module[2].
Instead of describing users in different levels of hiera, you would
describe them all in one level of hiera and at the environment level you
would put what groups are allowed to login.
[1] - https://github.com/ghoneycutt/puppet-module-common#c
On Tuesday, March 11, 2014 7:44:58 AM UTC-4, Dirk Heinrichs wrote:
>
> Am 11.03.2014 10:17, schrieb Dirk Heinrichs:
>
> To do this, I've placed a simple text file "custom_facts.txt" into
> C:\ProgramData\PuppetLabs\facter\facts.d with content
>
> [facts]
> role = PuppetDev
>
>
> Got it to work
Hi,
We are having a Puppet meetup in Seattle on Wednesday the 14th at 6:30.
Andy picked out a new spot, Radiator Whiskey, which looks awesome. Hope
to see you there.
http://www.meetup.com/Seattle-Puppet-Meetup/
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPuppet.com
Mobile
at different times, which is generally a
very bad thing. Using MCollective to trigger when updates happen means
that it happens at the same time and when you expect it, such as during
a maintenance window.
Best regards,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPuppet.com
Mobile: +
age after the initial install?
>
> On Thursday, May 15, 2014 11:39:02 AM UTC-7, Garrett Honeycutt wrote:
>
> On 5/15/14, 11:19 AM, Guy Knights wrote:
> > I'm looking at ways to better automate our build pipeline and I'm
> trying
> > to envision wa
o if your groups are defined at multiple levels of the
hierarchy, you would want that functionality. Here's an example[3] of
how you might add it. I would be happy to work with you on a pull request.
[1] - https://github.com/ghoneycutt/puppet-module-pam
[2] - http://docs.puppetlabs.com/references/
e,
> Andre
>
Hi Andre,
I believe you mean the deprecation of 'import'. The easiest way to fix
this is to cat all of your files together into one site.pp file.
Your usage of a base node that other nodes inherit is an anti-pattern
though and will cause you grief as you grow. Recommend
Hello,
Started a new users group meetup in Indy. Our first meeting will be on
June 12th at 18:30. Looking forward to building community around us all
learning about Puppet from each other.
http://www.meetup.com/Indy-Puppet-Meetup
Best regards,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet
would be appreciated.
>
> Thanks
> Paul
Hi,
Don't mean to move the thread away from the logging issue, just wanted
to post a potential fix for others who want this solved, especially if
all of your nodes are not upgraded at the same time. To do so, I added
the following to my si
h_spec.rb:6
>
> How do I get rspec to find my class /etc/puppet/modules/logstash and get
> it to reference ::logstash as a disambiguation?
Hi Brian,
Using ::class is not needed and should not be done. If you still want to
do that in your class, try changing the spec by dropping the prec
> On Wednesday, June 4, 2014 3:11:14 PM UTC-4, Garrett Honeycutt wrote:
>
> On 6/4/14, 2:30 PM, Brian Wilkins wrote:
> > I am trying to write unit tests of my puppet modules. In my
> > profiles::logstash::install, I disambiguate the call to
> &
sgid/puppet-users/33cfd118-5607-4249-aef7-19bbb40e7775%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
Iakov,
Perhaps the prerun_command[1] configuration setting might help. It
allows you to run a command before every agent
abbix/zabbix_agentd.d/mysql.conf').with_ensure('present')
> }
>expected that the catalogue would contain
> File[/etc/zabbix/zabbix_agentd.d/mysql.conf]
> # ./spec/defines/userparameters_spec.rb:18:in `block (2 levels)
> in '
>
>
r to v0.4.x. [2]
>
>
> I just ran into the same problem. Is this a bug, or a change in API? I
> also worked around it via '~> 0.4.1'.
Hi,
Created a ticket[1] asking Puppet Labs to release this as 1.0.0, so that
each release cannot break the API as so many of us de
time!
>
Hi Kevin,
This indicates that the code is not in the modulepath. Look at the
results from `puppet config print modulepath` and check that at least
one of the returned path's has your module present.
$modulepath/drush/manifests/init.pp must exist.
likely you have $modulepa
on initialization adapter pattern code and
> fixtures) move into rspec-puppet, and its muddled/questionable aspects
> resolved as to whether they should be removed or migrated into another
> more appropriate place. At least the module team now owns this code and
> it can start moving agai
>
> Let me know.
>
> Help me
>
Hi Supriya,
This sounds like an SVN problem, not a Puppet one. Recommend reading up
on SVN, specifically the basic work flow[1].
[1] - http://svnbook.red-bean.com/en/1.7/svn.tour.cycle.html
Best regards,
-g
--
Garrett Honeycutt
@learnpuppe
SCRIPT:
>value: '/opt/install.sh'
>
> Thanks,
> RG
Hi,
Yes, but your indentation needs to be corrected.
class::subclass1::setenv_sh:
'INSTALL_SCRIPT':
value: '/opt/install.sh'
Br,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPup
with Rich. The issue you are likely facing with the selinux
module is that the directory is 'spiette-selinux' instead of 'selinux'
or that the module is in the wrong path. Reading up on the auto loader
should clear things up for you.
http://docs.puppetlabs.com/puppet/latest/refere
o set the root
password the same for all systems, unique per system, by environment,
location, etc.
[1] - https://github.com/ghoneycutt/puppet-module-common
Best regards,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPuppet.com
Mobile: +1.206.414.8658
--
You received thi
ies that are not managed.
This could be ran in --noop which would inform you that any users not
managed by Puppet would be removed.
user { 'alice': }
user { 'bob': }
...
user { 'root': }
resources { 'user':
purge => true,
}
http://doc
ough:
>> # facter operatingsystem
>> CentOS
>>
>> and notify '{ "${operatingsystem": }' in puppet works.
>>
>> As mentioned, I am sure I am missing something very trivial, but maybe
>> one of you enlightened ones can point me in t
n',
ignore => [ '.svn',
'.git',
'CVS',
'.bzr' ],
}
https://github.com/transforia/puppet-modules/blob/master/manifests/site.pp#L7-14
Best regards,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPu
s://groups.google.com/d/optout.
Hi Don,
Suggest writing a custom fact[1]. You can then access this information
in your reports, in real time with MCollective, on demand with facter or
data from the last run with PuppetDB.
[1] - https://docs.puppetlabs.com/facter/latest/custom_facts.html
Bes
/*_spec.rb'
>> end
>>
>> But it didn't work.
>>
>
> How about just:
>
> require 'puppetlabs_spec_helper/rake_tasks'
Hi,
+1 to Will Cooley.
When you generate a module with `puppet module generate` it will use
that single line.
https://gith
t; at all, you add a gazillion groups to your system. Name resolution
> precedence doesn't change that.
>
>
>
>
> passwd: files winbind
> shadow: files winbind
> group: files winbind
>
> So why is it still performing these ta
3
> on node feniixhq.10.208.50.91
> # ./spec/classes/init_spec.rb:5:in `block (3 levels) in (required)>'
>
> Here is a link to the puppet module with the
> POC https://github.com/feniix/puppet-module-rspec-issue
>
> Appreciate some guidance on how to solve t
anks
>
> On Thu, Aug 14, 2014 at 3:27 PM, Garrett Honeycutt
> mailto:g...@garretthoneycutt.com>> wrote:
>
> On 8/14/14 3:56 PM, Sebastian Otaegui wrote:
> > I created a small POC module using puppet from master and `puppet
> module
> > generate`
&g
> Clean and easy to follow.
>
Hi Greg,
Directory services like LDAP are definitely something to look into and
can really make life simpler.
Here[1] is the code that I use to manage local users. You could use it
for your scenario by placing users in different levels in Hiera and
keying off
s topic was discussed earlier in May. I took it as
> initial reference:
> https://groups.google.com/forum/#!searchin/puppet-users/orphan/puppet-users/ghKfRBkPD5A/m7KTeymd2XwJ
Hi Manuel,
Your plan is quite clever though if your goal is to refactor your puppet
modules and not leave anything o
ance.
>
> J
>
Hi,
Take a look at external facts[1]. Since your fact is spawning a shell to
cat a file, you could get the same functionality without the effort of
maintaining that code.
Given a text file, /etc/facter/facts.d/environment_class.txt with the
contents
environment_class=
d .fixtures.yml in
the root of the project."[1]
[1] - https://github.com/puppetlabs/puppetlabs_spec_helper#using-fixtures
Best regards,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPuppet.com
Mobile: +1.206.414.8658
--
You received this message because you are subsc
#x27; on a client will compute and present only
> the standard facts. If you want also custom facts from Puppet then use
> 'facter -p'.
>
>
> John
>
Hi,
Knowing or remembering that you have to type `facter -p` is confusing.
I've created a ticket to have this the d
nd ntp servers. I
would include an ntp class for all of your Linux based systems and if
the role is ntp server then you have a level in Hiera for it that
describes the changes that are particular to those systems such as
different upstream NTP servers, options, etc.
Best regards,
-g
--
Garrett
target at /etc/puppet/m
> odules/nginx/manifests/init.pp:22
> Wrapped exception:
> You cannot specify more than one of content, source, target
>
>
>
> someone comes up with the problem???
>
>
>
>
>
> --
Hi Nicolas,
Try changing the file's ensur
ommend r10k.
[1] - https://github.com/ghoneycutt/puppet-modules
Best regards,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPuppet.com
Mobile: +1.206.414.8658
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To unsubscr
e_666
not_vulnerable:
- cve_777
- cve_2014_6271
By default the module is quiet, though you can enable the ability to use
notify{} to alert you to which CVE's you are vulnerable.
Looking forward to your help in adding facts to check for more exploits.
[1] - https://github.com/ghoneycut
return false after patching, is not a merry perspective.
>
> What do you think?
>
> Cheers,
> Felix
>
> On 10/10/2014 11:46 PM, Garrett Honeycutt wrote:
>> Hello,
>>
>> Published puppet-module-cve[1] to act as a framework for adding facts
>> for specific CVE&#
sometimes expensive) checks to all agents, all of which will forever
>> return false after patching, is not a merry perspective.
>>
>> What do you think?
>>
>> Cheers,
>> Felix
>>
>> On 10/10/2014 11:46 PM, Garrett Honeycutt wrote:
>>> Hell
On 10/12/14 5:16 PM, Felix Frank wrote:
> On 10/11/2014 02:22 AM, Garrett Honeycutt wrote:
>> We could check if a file exists in a directory and if so, skip the fact.
>>
>> Suggest using /usr/local/etc/cve/
>>
>> What do you think?
>
> Sure, some thing in
fact side to implement in ruby, it seems easier to implement from
puppet using either file{} or file_line{} as I want to maintain the
ability to specify an array of facts to skip through Hiera.
BTW: Could really use help adding code to check for more CVE's :)
Best regards,
-g
--
to achieve this. If your class is
using the schedule metaparameter for a bunch of exec's you could add
Exec {
schedule => 'my_schedule',
}
schedule { 'my_schedule':
period => daily,
range => '2-4',
}
This would add the schedule parameter with the value
classify your node by setting a custom fact, such as `role`, you could
query PuppetDB for all systems where role => 'app_server' or whatever.
If you want real time data about the nodes instead of from the last
puppet check in, MCollective can help you by querying your systems in
r
roups.google.com/d/optout.
Hi,
If you take the approach of immutable systems, you would just provision
new systems that do not have the software, transition to using them and
then remove the old systems altogether.
Getting into the practice of regularly rebuilding your hosts ensures
that your provis
the old file
and possibly restore it. If you are adhering to good change management
processes, you will likely never use the thing at all.
Best regards,
-g
--
Garrett Honeycutt
@learnpuppet
Puppet Training with LearnPuppet.com
Mobile: +1.206.414.8658
--
You received this message because you ar
ny nodes should the current
hardware support.
nodes = (cores) * (seconds per hour) / (check-ins per hour) / (seconds
per catalog)
[1] -
http://ask.puppetlabs.com/question/3/where-can-i-find-information-about-sizing-for-puppet-servers/?answer=101#post-id-101
Best regards,
-g
--
Garrett Honeycutt
ctions. Especially packages if you talk to the internet
instead of local mirrors.
By chance are you serving any large binary files with Puppet?
[1] -
http://4.bp.blogspot.com/-0xlYPWw61Hw/UpVulZU1qTI/AwY/egPhvnpn0jI/s1600/puppet_technical_flow.jpg
Best regards,
-g
--
Garrett Honeycutt
1 - 100 of 181 matches
Mail list logo
