Search Results

Search found 299 results on 12 pages for 'puppet'.

Page 5/12 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

• Creating a file with Puppet with facts from multiple hosts

  - by Belly

  I'm trying to have puppet build a configuration file that looks like this: [All] Hosts=apt-dater@puppetmaster;apt-dater@blaster; (etc...) Basically, this file needs an entry for each node that includes the apt-dater class. I've been experimenting with exported resources, but I can't find a clean way of putting it together. How should I go about creating this file?

  Read the article

• What's new in Puppet since 2007?

  - by BCS

  I've got a copy of the Pulling Strings with Puppet book (written in 2007) but given that it has a bunch of equivocal language, I'm wonder how much has changed since then? I've found this Release Notes page and a (short) summery table at the top of the language tutorial but neither have dates, so I don't know where to start (and the more detailed notes make for rather dry reading). Does anyone know of a page that list thing that have changed since that book was published?

  Read the article

• Puppet installing multiple packages results in Package[undef] error

  - by Andy Shinn

  I am receiving the following error on a Puppet agent when trying to install multiple packages at once: err: /Stage[main]/Template::Infrastructure/Package[undef]/ensure: change from absent to present failed: Execution of '/usr/bin/yum -d 0 -e 0 -y install undef' returned 1: Error: Nothing to do The code generating the error is: $packages = [ 'qemu-kvm', 'qemu-kvm-tools', 'drbd84-tools', 'kmod-drbd84' ] package { $::packages : ensure = 'installed', require = Class['yumrepos::elrepo'] } The problem is intermittent. Is there a better way to install multiple packages at once without having to setup a package resource for each?

  Read the article

• Amazon EC2 EBS volume scheduled backup/snapshots using puppet

  - by Ehrann Mehdan

  I am not a Linux admin, although I wish I was, and I have seen these questions Amazon EC2 Backup Strategy Amazon EC2 + EBS:: Regular backup plan? Simple Backup Strategy for Amazon EC2 instances / volumes? And this suggestion http://alestic.com/2009/09/ec2-consistent-snapshot I tried using command line + crontab (the command line works, but crontab for some reason, doesn't) But I'm still pretty lost, all I want is an automated, rolling backup of my amazon EC2 (EBS) data (by rolling I mean keep 3-4 weeks back, but delete old snapshots as new ones come for cost control) And as things usually go, if there is something that is hard and painful, someone creates a solution for it. My question is simple, is there a way using a tool like Puppet to do it without a painful learning curve? (or via other tools like http://ylastic.com) If yes, how?

  Read the article

• puppet duplicate resources and virtual resources

  - by user45097

  Overview Hi just started using Puppet and have been unable to suss something. Problem Because of normalization when I add 2 classes to a node with packages that have the same dependencies it fails. In simple terms have duplicate resources - in this case the package libssl. Note: packages are being held to prevent latest packages being installed. QUestion What's the best practice way to get round this? class ssh { package { 'openssh-server': ensure = installed, require = libssl } package { 'libssl': ensure = installed, } } class apache { package { 'apache': ensure = installed, require = libssl, } package { 'libssl': ensure = installed, } } node server { include apache include openssl-server

  Read the article

• How to update grub with puppet?

  - by Tombart

  I would like to change a line in /etc/default/grub with puppet to this: GRUB_CMDLINE_LINUX="cgroup_enable=memory" I've tried to used augeas which seems to do this magic: exec { "update_grub": command => "update-grub", refreshonly => true, } augeas { "grub-serial": context => "/files/etc/default/grub", changes => [ "set /files/etc/default/grub/GRUB_CMDLINE_LINUX[last()] cgroup_enable=memory", ], notify => Exec['update_grub'], } It seems to work, but the result string is not in quotes and also I want to make sure that any other values will be separated by space. GRUB_CMDLINE_LINUX=cgroup_enable=memory Is there some mechanism how to append values and escape the whole thing? GRUB_CMDLINE_LINUX="quiet splash cgroup_enable=memory"

  Read the article

• Amazon EC2 EBS volume scheduled backup/snapshots using puppet / similar tools

  - by Ehrann Mehdan

  I am not a Linux admin, although I wish I was, and I have seen these questions Amazon EC2 Backup Strategy Amazon EC2 + EBS:: Regular backup plan? Simple Backup Strategy for Amazon EC2 instances / volumes? And this suggestion http://alestic.com/2009/09/ec2-consistent-snapshot I tried using command line + crontab (the command line works, but crontab for some reason, doesn't) But I'm still pretty lost, all I want is an automated, rolling backup of my amazon EC2 (EBS) data (by rolling I mean keep 3-4 weeks back, but delete old snapshots as new ones come for cost control) And as things usually go, if there is something that is hard and painful, someone creates a solution for it. My question is simple, is there a way using a tool like Puppet to do it without a painful learning curve? (or via other tools like http://ylastic.com) If yes, how?

  Read the article

• Puppet exported resource naming

  - by Tim Brigham

  I am working on setting up a collection of Splunk nodes to be deployed by Puppet. One of the steps in this process is importing the trusts to allow these nodes to automatically find each other. I've looked over several options and it appears that exported resources are the only ready way to go for this to work. The files I need to create are under /opt/splunk/etc/auth/distServerKeys//trusted.pem. The source for each of these files should be /opt/splunk/etc/auth/distServerKeys/trusted.pem, one per node. What syntax do I need to make this work? The samples I've looked at all appear to have the same source and destination file name.

  Read the article

• Managing service passwords with Puppet

  - by Jeff Ferland

  I'm setting up my Bacula configuration in Puppet. One thing I want to do is ensure that each password field is different. My current thought is to hash the hostname with a secret value that would ensure each file daemon has a unique password and that password can be written to both the director configuration and the file server. I definitely don't want to use one universal password as that would permit anybody who might compromise one machine to get access to any machine through Bacula. Is there another way to do this other than using a hash function to generate the passwords? Clarification: This is NOT about user accounts for services. This is about the authentication tokens (to use another term) in the client / server files. Example snippet: Director { # define myself Name = <%= hostname $>-dir QueryFile = "/etc/bacula/scripts/query.sql" WorkingDirectory = "/var/lib/bacula" PidDirectory = "/var/run/bacula" Maximum Concurrent Jobs = 3 Password = "<%= somePasswordFunction =>" # Console password Messages = Daemon }

  Read the article

• puppet propagate variable from node to erb tamplate?

  - by picca

  Is it possible to declare variable in node and than propage it way down to the erb template? Example: node basenode { $myvar = "bar" # default include myclass } node mynode extends basenode { $myvar = "foo" } class myclass { file { "/root/myfile": content => template("myclass/mytemplate.erb") ensure => present, } } Source of mytemplate.erb: myvar has value: <%= myvar %> I know that my example might be complicated. But I'm trying to propagate file on (almost) all my nodes and I want its content to be altered depending on the node which requests the file. The $myvar = "bar" statement should be default when node does not override its value. Is there a solution to my problem? I'm using puppet 0.24.5

  Read the article

• Iterating over resources in puppet templates

  - by daveg

  So I've got a puppet manifest, with multiple resources class foo { Custom::Resource {'resource1': attr1 => 'val1', attr2 => 'val2', } Custom::Resource {'resource2': attr1 => 'val3', attr2 => 'val4', } Custom::Resource {'resource3': attr1 => 'val5', attr2 => 'val6', } } If I wanted to loop over the Custom::Resource resource names in an .erb template that are defined in class foo, how do I access them? So if I wanted to write out a template that looked like this: ThisLine = resource1 ThisLine = resource2 ThisLine = resource3

  Read the article

• Use puppet to make changes to ip route and sysctl

  - by Quintin Par

  I have two changes to ip route & sysctl that disable tcp slow start. Here’s how I do it ip route show Make a note of the line starting with default. Pick up the IP from the default line and run sudo ip route change default via $ip_address dev eth0 initcwnd 12 sudo sysctl -w net.ipv4.tcp_slow_start_after_idle=0 How can I create a puppet script out of this? One that can be deployed to many machines of the same type – CentOS 6 Edit: Added bounty to get a working example for sudo ip route change default via $ip_address dev eth0 initcwnd 12

  Read the article

• Basic Puppet installation with Solaris 11.2 beta

  - by user13366125

  At the recent announcement we talked a lot about the Puppet integration. But how do you set it up? I want to show this in this blog entry. However this example i'm using is even useful in practice. Due to the extremely low overhead of zones i'm frequently seeing really large numbers of zones on a single system. Changing /etc/hosts or changing an SMF service property on 3 systems is not that hard. Doing it on a system with 500 zones is ... let say it diplomatic ... a job you give to someone you want to punish. Puppet can help in this case making of managing the configuration and to ease the distribution. You describe the changes you want to make in a file or set of file called manifest in the Puppet world and then roll them out to your servers, no matter if they are virtual or physical. A warning at first: Puppet is a really,really vast topic. This article is really basic and it doesn't goes more than just even toe's deep into the possibilities and capabilities of Puppet. It doesn't try to explain Puppet ... just how you get it up and running and do basic tests. There are many good books on Puppet. Please read one of them, and the concepts and the example will get much clearer immediately. (more)

  Read the article

• Hiera can't find puppet environment

  - by quickshiftin

  I'm testing out hiera and hitting a snag on the hierarchy configuration. What I have is extremely simple, the part that isn't working is specification of hiera datadir files based on environment. Here's the config file (/etc/hiera.yaml) I'm trying --- :backends: - yaml :logger: console :hierarchy: - "%{::environment}" :yaml: :datadir: /var/lib/hiera Now, I have a file /var/lib/hiera/development.yaml blah: meh When I run hiera it's not finding the file or the value $ hiera -d blah DEBUG: Fri Oct 25 15:50:52 -0600 2013: Hiera YAML backend starting DEBUG: Fri Oct 25 15:50:52 -0600 2013: Looking up blah in YAML backend nil I've verified this agent is configured for development $ sudo puppet agent --configprint environment development Now let me prove hiera is capable of finding something; a change to the hiera.yaml file: :hierarchy: - development And now hiera finds the file and the value $ hiera -d blah DEBUG: Fri Oct 25 15:53:25 -0600 2013: Hiera YAML backend starting DEBUG: Fri Oct 25 15:53:25 -0600 2013: Looking up blah in YAML backend DEBUG: Fri Oct 25 15:53:25 -0600 2013: Looking for data source development DEBUG: Fri Oct 25 15:53:25 -0600 2013: Found blah in development meh So why isn't it working with the dynamic environment configuration? I got that straight from the documentation. Note, I have tried running the hiera command via sudo with no change in the result.

  Read the article

• How to write re-usable puppet definitions?

  - by Oliver Probst

  I'd like to write a puppet manifest to install and configure an application on target servers. Parts of this manifest shall be re-usable. Thus I used define for defining my re-usable functionality. Doing so, I've always the problem that there are parts of the definition which are not re-usable. A simple example is a bunch of configuration files to be created. These file must be placed in the same directory. This directory must be created only once. Example: nodes.pp node 'myNode.in.a.domain' { mymodule::addconfig {'configfile1.xml': param => 'somevalue', } mymodule::addconfig {'configfile2.xml': param => 'someothervalue', } } mymodule.pp define mymodule::addconfig ($param) { $config_dir = "/the/directory/" #ensure that directory exits: file { $config_dir: ensure => directory, } #create the configuration file: file { $name: path => "${config_dir}/${name}" content => template('a_template.erb'), require => File[$config_dir], } } This example will fail, because now the resource file {$config_dir: is defined twice. As far as I understood, it is required to extract these parts into a class. Then it looks like this: nodes.pp node 'myNode.in.a.domain' { class { 'mymodule::createConfigurationDirectory': } mymodule::addconfig {'configfile1.xml': param => 'somevalue', require => Class ['mymodule::createConfigurationDirectory'], } mymodule::addconfig {'configfile2.xml': param => 'someothervalue', require => Class ['mymodule::createConfigurationDirectory'], } } But this makes my interface hard use. Every user of my module has to know, that there is a class which is additionally required. For this simple use case the additional class might be acceptable. But with growing module complexity (lots of definitions) I'm a bit afraid of confusing the modules user. So I'd like to know is there a better way to handle this dependencies. Ideally, classes like createConfigurationDirectory are hidden from the user of the modules api. Or are there some other "Best Practices"/Patterns handling such dependencies?

  Read the article

• Managing an application across multiple servers, or PXE vs cfEngine/Chef/Puppet

  - by matt

  We have an application that is running on a few (5 or so and will grow) boxes. The hardware is identical in all the machines, and ideally the software would be as well. I have been managing them by hand up until now, and don't want to anymore (static ip addresses, disabling all necessary services, installing required packages...) . Can anyone balance the pros and cons of the following options, or suggest something more intelligent? 1: Individually install centos on all the boxes and manage the configs with chef/cfengine/puppet. This would be good, as I have wanted an excuse to learn to use one of applications, but I don't know if this is actually the best solution. 2: Make one box perfect and image it. Serve the image over PXE and whenever I want to make modifications, I can just reboot the boxes from a new image. How do cluster guys normally handle things like having mac addresses in the /etc/sysconfig/network-scripts/ifcfg* files? We use infiniband as well, and it also refuses to start if the hwaddr is wrong. Can these be correctly generated at boot? I'm leaning towards the PXE solution, but I think monitoring with munin or nagios will be a little more complicated with this. Anyone have experience with this type of problem? All the servers have SSDs in them and are fast and powerful. Thanks, matt.

  Read the article

• Puppet : How to override / redefine outside child class (usecase and example detailled)

  - by alex8657

  The use case i try to illustrate is when to declare some item (eq mysqld service) with a default configuration that could be included on every node (class stripdown in the example, for basenode), and still be able to override this same item in some specific class (eg mysql::server), to be included by specific nodes (eg myserver.local) I illustrated this use case with the example below, where i want to disable mysql service on all nodes, but activate it on a specific node. But of course, Puppet parsing fails because the Service[mysql] is included twice. And of course, class mysql::server bears no relation to be a child of class stripdown Is there a way to override the Service["mysql"], or mark it as the main one, or whatever ? I was thinking about the virtual items and the realize function, but it only permits apply an item multiple times, not to redefine or override. # In stripdown.pp : class stripdown { service {"mysql": enable => "false", ensure => "stopped" } } # In mysql.pp : class mysql::server { service { mysqld: enable => true, ensure => running, hasrestart => true, hasstatus => true, path => "/etc/init.d/mysql", require => Package["mysql-server"], } } # Then nodes in nodes.pp : node basenode { include stripdown } node myserver.local inherits basenode { include mysql::server` # BOOM, fails here because of Service["mysql"] redefinition }

  Read the article

• arrays in puppet

  - by paweloque

  I'm wondering how to solve the following puppet problem: I want to create several files based on an array of strings. The complication is that I want to create multiple directories with the files: dir1/ fileA fileB dir2/ fileA fileB fileC The problem is that the file resource titles must be unique. So if I keep the file names in an array, I need to iterate over the array in a custom way to be able to postfix the file names with the directory name: $file_names = ['fileA', 'fileB'] $file_names_2 = [$file_names, 'fileC'] file {'dir1': ensure => directory } file {'dir2': ensure => directory } file { $file_names: path = 'dir1', ensure =>present, } file { $file_names_2: path = 'dir2', ensure =>present, } This wont work because the file resource titles clash. So I need to append e.g. the dir name to the file title, however, this will cause the array of files to be concatenated and not treated as multiple files... arghh.. file { "${file_names}-dir1": path = 'dir1', ensure =>present, } file { "${file_names_2}-dir2": path = 'dir1', ensure =>present, } How to solve this problem without the necessity of repeating the file resource itself. Thanks

  Read the article

• Load balancing with puppet

  - by Gonçalo Queirós

  Hi there. Im trying to setup a loadbalancing system. My load balancer (nginx) has a conf file where i should list all IP's of the upstream servers. I could put the IP's on the conf manually, but this ways i would need to change the conf file every time i add/remove an upstream server. For now i came up with two different ideas, but i don't like much of neither: 1 - Have every upstream machine to use Exported Resources to create a file with it's IP..Then the load balancer server will have an "include conf_directory/*", and load all the files created by the upstrem servers. Since the load balancer is using nginx this can be done, but if i wan't latter on to configure something that doesn't have the "include" on the conf files, this solution will not work. 2 - If the config doesn't support the "include" command, then we could have again, every upstream server use the Exported Resources to create a filw with its IP, and latter on, the load balancer execute a command that would pick every file and generate the config Both versions addopt the same techinque, the difference is that version 2 is used when the server (that needs to have a conf generated) doesn't recognize a command like "include" inside its own conf. Now, my question is, is there any way to do this in a different form? I suspect that there is, since puppet is made to manage multiple servers, it seems a bit strange not have a easy way to configure load balancers.

  Read the article

• Puppet variables best practice, generalise or specialise?

  - by Andrei Serdeliuc

  I'm trying to figure out which things should be in git within the puppet manifest and which should be in env vars like FACTER_my_var and use that in the manifest instead. Scenario: you are deploying 3 php apps and you've already built all the layers up to the app in other manifests (base system, php extensions, users, etc), and all that's left is installing the correct app (from an apt repo) and creating a vhost. I'm tempted to have something along the lines of: apache::vhost { $::project_hostname: priority => '10', port => '80', docroot => $::project_document_root, logroot => "/var/log/apache2/${$::project_name}", serveradmin => '[email protected]', require => Package[httpd], ssl => false, override => 'all', setenv => ["APP_KERNEL dev"] } This would run on each server, and the FACTER_project_* vars would be set on a per server basis. An obvious restriction of this would be that you can't run more than one app with this specific example. Or would you rather have project_x.pp, project_y.pp which have hardcoded paths and names?

  Read the article

• Puppet: variable overriding best practices

  - by rvs

  I'm wondering what are best practices for overriding variables in puppet. I'd like to have all my nodes (which located in different places, some of them are qa, some live) with same classes. Now I have something like this: class base_linux { <...> # something which requires $env and $relayhost variables } class linux_live { $relayhost="1.1.1.1" $env = "prod" include base_linux } class linux_qa { $relayhost="2.2.2.2" # override relayhost include base_linux } class linux_trunk { $env = "trunk" # override env inlude linux_qa } node "trunk01" { include linux_trunk include <something else> } node "trunk02" { $relayhost = "3.3.3.3" # override relayhost include linux_trunk include <something else> } node "prod01" { include linux_prod } So, I'd like to have some defaults in base_linux, which can be overrided by linux_qa/linux_live, which can be overrided in higher level classes and node definition. Of course, it does not work (and not expected to work). It does not work with class inheritance as well. Probably, I'll be able to archive using global scope variables, but it does not seems like a good idea to me. What is the best way to solve this problem?

  Read the article

• How to generate customized sudoers files in puppet depending on the environment they're deployed to?

  - by gozu

  the sysadmins are present in the sudoers files of all environments, but other sudoers are not. Different environments all have slightly different sudoers. Most of the time, 90% of users are the same, and 10% vary so we cannot have only one sudoers file for everything. Right now, we are using puppet with 10 different files with names like sudoers.production1, sudoers.production2, sudoers.production3, sudoers.testing1, sudoers.staging1 and so forth. Puppet then picks the file to deploy based on the server's $domain (ex: dbserver.staging1.acme.com) or $hardwaremodel. It works fine but it's a nightmare to maintain so many files. I'd like to autogenerate sudoers files based on the server's domain and have only one big file with all the sudoers permissions for all users and all environments. Something that looks like: User_Alias ADMINS = abe, bob, carol, dave case $domain { "staging1.acme.com" { #add dev1,dev2,tester1,tester2 to sudoers file } "testing2.acme.com" { #add tester1, tester3, tester4 to sudoers file } What's the best way to go about this? Suggestions for alternatives are welcome. I'd appreciate any tips. Update 1: For security reasons, we'd rather not concatenate a bunch of files from a folder located on a puppet client in case someone puts a file in there (maliciously or not) and either breaks the combined file or inserts something in it. Most importantly, for usability, we'd like to keep the number of sudoers related files (fragment or complete) on puppet server to either 3 (prod/stage/test) or preferably 1 file. this file would (somehow) generate sudoers files on the puppet server and send one customized file to each puppet client. The purpose of this would be only searching for a username in a single file and removing it quicker than doing it on 11 files. When adding a user to a bunch of environments, it won't be as quick, but only one file would need to be opened and looked at, greatly reducing the chances of an omission. our Sudo version is 1.6.9p8 so we can't use /sudoers.d folder, only a sudoers file.

  Read the article

• is there a way to run a command before puppet implements a change?

  - by Patrick

  I want to have puppet run a specific command before performing any type of change. I am aware of the prerun_command option in the main puppet.conf, but this is not what I'm looking for. I want the command to only run if something is about to change, not on every puppet run. Here's the scenario. Let's say I have a bunch of web servers behind a load balancer. I then want puppet to update the web site files. But in order to prevent issues where some files have been updated, but other files haven't, and the mixed versions causing problems, I want to take the server out of the load balancer pool. I could write a script which when run will tell the load balancer to remove the box from the pool. Then puppet can do the change, and use postrun_command to put the box back in the pool once complete. But I need a way to run that script to remove the server from the pool. The only solution I can think of is to keep 2 copies of the files on the box. One a staging copy, and when puppet updates that, use a notify action to trigger the removal script, and then copy from staging into the live location. But I was hoping for something a little more generic that would work on any change being performed (upgrading a package, restarting a service, creating a user, anything).

  Read the article

• Puppet Agent still able to connect to Master after certificate revocation

  - by chris

  In summary: Client connects for the first time and requests cert; on the Master, puppetca -s client is executed; Client gets the cert and completes the run successfully. Fine. But now: on the Master, puppetca -c client is executed and client's cert is not in the cert list anymore; Client connects again and can perform the run as usual; Restarting puppetmasterd doesn't solve the issue. How can I prevent client to connect once its cert has been revoked? Thanks in advance

  Read the article

• Puppet class inheritance confusion

  - by EMiller

  I've read the documentation on scope, but I'm still having trouble working this out. I've got two environments that are very similar - so I've got: modules/django-env/manifests/init.pp class django-env { package { "python26": ensure => installed } # etc ... } import "er.pp" modules/django-env/manifests/er.pp $venvname = "er" $venvpath = "/home/django/virtualenvs" class er { file { "$venvpath/$venvname" : ensure => directory } # etc ... } class er-dev { include er } class er-bce-dev { $venvname = "er-bce" include er } manifests/modules.pp import "django-env" manifests/nodes.pp node default { # etc ... } node 'centos-dev' imports default { include django-env include er-bce-dev include er-dev } The result here is that the "inheritance" works - but only the first "er-" item under the 'centos-dev' node is acted upon, I either get er-bce-dev or er-dev, but not both. There must be some basic thing I'm misunderstanding here. Is it the difference between import and include ? (not sure I understand that)

  Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >