I have about 50 apache::vhost defines that need some 'refactoring'. I'm trying to set the resource to some default values but I'm having trouble because 'directories' is an array of hashes.
For example:
# set the apache::vhost define type defaults here
Apache::Vhost {
# What's the correct way to set this since it's an array of hashes?
directories => { 'options' => ["Indexes","Symlinks","Somethingelse",],},
}
I'm trying to set apache::vhost::directories OPTIONS section to a default so that I don't have to type it out 50 times in my YAML file:
apache::vhost:
cache.%{::fqdn}:
servername: "cache.%{::fqdn}"
directories:
- path: '/web/cache'
#options: DEFAULT HERE VIA MANIFEST
allow_override: 'None'
order: 'deny,allow'
deny: 'from ALL'
allow: "from 10.0.0.0/8"
Unfortunately, I'm at a loss as to the syntax to ensure that directories=>options is set to the (3 element) array I need.
I'm thinking that the "full path" to options is:
apache::vhost::directories::path::options
but that is even more confusing...
↧
How to set a default value for a defined type where the variable is an array of hashes?
↧
How do you use the Cloudera Puppet Module?
I have two RedHat 6.7 servers. One is a Puppet Master, and one is a Puppet Agent. On the Puppet Master I installed two dependencies of the Cloudera module and the Cloudera Module itself. I used this link (and the links to its dependencies): https://forge.puppet.com/razorsedge/cloudera
I do not want to deviate from the standard module whenever possible. I was having errors so I commented out offending stanzas from the different manifests that came with the module. There were many "duplicate declaration" errors. I do not know if commenting out those stanzas will later present a problem. But it seems to have helped.
When I run the "puppet agent -t -d" command on the Puppet Agent, I get this error:
> Could not retrieve catalog from remote> server: Error 400 on SERVER:> Evaluation Error; Error while> evaluating a Resource Statement,> Evaluation Error: Illegal Resource> Type expression, expected result to be> a type name, or untitled Resource, got> Type[Class] at> /etc/puppetlabs/code/environments/production> /modules/cloudera/manifests/cdh.pp:64:3> on node FQDNofPuppetAgent
Here are the relevant lines of cdh.pp (on the Puppet Master):
64 Class {
65 require => Anchor['cloudera::cdh::begin'],
66 require => Anchro['cloudera::cdh::end'],
67 }
I tried giving the Class a name before and after the opening brace. Neither of those things worked. I tried changing "Class" to "class". But that did not work. How do I get around this error? I want the puppet manifest to apply. I think the "puppet agent -t -d" should work.
↧
↧
How can I deploy stringify_facts with arrays in my modules?
I have some modules that want to use facts like `$facts['os']['family']`, but my clients are Puppet 3 and don't have `stringify_facts` turned off. I created an inifile setting to do the job, but it won't apply, because the reference to the `$facts` hash is causing the whole catalog compilation to give a 400 error about it not being a hash. I seem to be in a chicken and egg problem here.
Is the only way to solve this to go outside Puppet and run some scripts on my clients? How can I get them out if Puppet won't work? At present, I can't guarantee that if I remove the offending module, all clients will have applied any stringify changes before I reinstate it.
↧
Managing partitions
I am creating a module to create and manage filesystems. I have everything working from physical volumes to mounting the filesystem. I am utilizing a puppetforge module called [LVM][1].
This module works great except for the fact that it does not manage the partition table at all. If you do a
pvcreate with this module (or as a standalone command) you can create a physical volume without partitioning a disk. This does work however if you do an fdisk -l you will see that there are no partitions on that disk (because none were created). I would like to somehow manage partitions so that it provides more clarity on what that disk is being used for.
**Is there a puppet module/command/function that I can use to help manage partitions?** I created an exec that will do it but it feels "dirty" and I feel like there are cleaner solutions.
thanks,
My disk partitioner for reference:
#Where ${disk} is sdb1, sdc1, etc.
disks.each |$disk| {
exec { "part_${disk}":
command => "/usr/sbin/parted -a optimal -- /dev/${disk} unit compact mkpart primary \"1\" \"-1\" ; /bin/sleep 1",
unless => "/sbin/fdisk -l | grep /dev/${disk}",
}
}
[1]: https://forge.puppet.com/puppetlabs/lvm "lvm"
↧
can I interpolate puppet variables on rspec?
Hello all,
I am trying to test the file content from a template using rspec:
require 'spec_helper'
describe 'my_class' do
context 'validate template' do
let :params do
{
:my_puppet_variable => 'test'
}
it do
is_expected.to contain_file('/etc/sysconfig/test').with_content(:my_puppet_variable) })
end
end
end
I tried wrapping the module variable using #{} to interpolate it , with no joy...
Any help would be much appreciated.
Regards
↧
↧
Deactivating a node
**Running Puppet Server open source with Puppet DB 4.8**
I recently changed the name of one of my servers and now have two instances of the same machine on puppetdb.
I am trying to remove the NODE by dong the following commands but it fails with an error.
puppet node deactivate old.server..co.uk
Error: SSL_connect returned=1 errno=0 state=error: certificate verify failed: [certificate revoked for /CN=puppetdbserver]
Error: Try 'puppet help node deactivate' for usage
↧
up2date puppetlabs concat uses deprecated puppetlabs stdlib functions !
Hi,
**i really got angry to use the up2date puppetlabs certified concat module with an up2date puppetlabs certified stdlib module !
** Do you test your modules ?
We use PE 2016.4.2
Concat Module Version: ├── puppetlabs-concat (v2.2.0)
Stdlib Version: ├── puppetlabs-stdlib (v4.14.0)
Enterprise also installs its own concat module:
├── puppetlabs-pe_concat (v1.1.2-7-g77ec55b) When using the puppetlabe concat module, this warning will be shown:
Warning: This method is deprecated, please use the stdlib validate_legacy function, with Pattern[]. There is further documentation for validate_legacy function in the README. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use the stdlib validate_legacy function, with Stdlib::Compat::Absolute_Path. There is further documentation for validate_legacy function in the README. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use the stdlib validate_legacy function, with Stdlib::Compat::String. There is further documentation for validate_legacy function in the README. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use match expressions with Stdlib::Compat::String instead. They are described at https://docs.puppet.com/puppet/latest/reference/lang_data_type.html#match-expressions. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use the stdlib validate_legacy function, with Stdlib::Compat::Bool. There is further documentation for validate_legacy function in the README. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use match expressions with Stdlib::Compat::Bool instead. They are described at https://docs.puppet.com/puppet/latest/reference/lang_data_type.html#match-expressions. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') How can i get rid of that errormessage w/o tweaking the env on every node by setting:
STDLIB_LOG_DEPRECATIONS'] == 'false' Best regards Franz
**i really got angry to use the up2date puppetlabs certified concat module with an up2date puppetlabs certified stdlib module !
** Do you test your modules ?
We use PE 2016.4.2
Concat Module Version: ├── puppetlabs-concat (v2.2.0)
Stdlib Version: ├── puppetlabs-stdlib (v4.14.0)
Enterprise also installs its own concat module:
├── puppetlabs-pe_concat (v1.1.2-7-g77ec55b) When using the puppetlabe concat module, this warning will be shown:
Warning: This method is deprecated, please use the stdlib validate_legacy function, with Pattern[]. There is further documentation for validate_legacy function in the README. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use the stdlib validate_legacy function, with Stdlib::Compat::Absolute_Path. There is further documentation for validate_legacy function in the README. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use the stdlib validate_legacy function, with Stdlib::Compat::String. There is further documentation for validate_legacy function in the README. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use match expressions with Stdlib::Compat::String instead. They are described at https://docs.puppet.com/puppet/latest/reference/lang_data_type.html#match-expressions. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use the stdlib validate_legacy function, with Stdlib::Compat::Bool. There is further documentation for validate_legacy function in the README. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') Warning: This method is deprecated, please use match expressions with Stdlib::Compat::Bool instead. They are described at https://docs.puppet.com/puppet/latest/reference/lang_data_type.html#match-expressions. at : (at /etc/puppetlabs/code/environments/production/modules/stdlib/lib/puppet/functions/deprecation.rb:25:in `deprecation') How can i get rid of that errormessage w/o tweaking the env on every node by setting:
STDLIB_LOG_DEPRECATIONS'] == 'false' Best regards Franz
↧
how I can configure the mysql module to allow me to run multiple instances of MySQL server on the same node
Hi
I am required to stand up two instances of MySQL server on the same node (different ports, sockets, data directory etc). As the path to my.cnf is hard-coded in params.pp, and I need to be able to configure this (in order to define two different configurations), can anyone suggest how this may be achieved?
thanks!
↧
Resource type doesn't exist
Hello dear puppeteers,
I am getting an error message from a puppetserver which I'm trying to understand;
Error while evaluating a Virtual Query, Resource type nfs_mount doesn't exist
Here's the code snipet triggering that error ( the **LAST** line ) :
class profiles::nfs ()
{
$mountlist = hiera_hash('profiles::nfs::mountlist')
validate_legacy(Hash, 'validate_hash', $mountlist)
create_resources('@::profiles::nfs_mount', $mountlist)
Class['::profiles::system::nfs'] -> Nfs_mount <| |>
}
The resource **nfs_mount** is well defined in another manifest :
define profiles::nfs_mount( $device, $mount_path, $mount_rights, $key = $name ) {
...
}
So why can't the puppetserver find it ?
Thanks beforehand for any help
↧
↧
Hiera doesn't pick a key
Hi my dear puppeteers,
I am currently migrating code which used to work in a Puppet 3.8 / Hiera 1.3 setup.
After scratching my head a little regarding some Hiera lookup errors, I realized that those were due to some of the keys' names.
e.g :
Looking up for 'classes', defined like this ...
classes: ["::role::somerole"]
... is successfull
DEBUG: Found classes in common
["role::somerole"]
However, looking up for 'zbackbone-datamanager-svrtest.version' defined like this ...
zbackbone-datamanager-svrtest.version: "1.3.7"
... is NOT successfull
nil
Renaming the key to **zbackbone-datamanager-svrtestversion** ( witout the dot . ), makes hiera find the key :
DEBUG: Found zbackbone-datamanager-svrtestversion in common
1.3.7
I suppose this is a change from Hiera 1.3 to Hiera 3.2.
Is there a part of the Hiera documentation which specifies the key names limitations ?
Thanks beforehand
↧
Mount Point Permissions
I am having a very frustrating problem with mounting.
Mounting requires a directory to exist. So I create a directory
file { "/app":
ensure => "directory",
mode => "755",
}
Now I mount the logical filesytem to the directory
mount { "/app":
ensure => 'mounted',
device => "/dev/${lv_attribute[vg]}/${lv_attribute[name]}",
options => defaults,
dump => $dump,
pass => $pass,
fstype => $fs_type,
}
So far so good. The problem I now have is I have a directory with permissions 755 and a mount with permissions ??? (default). Probably the umask of root. How do I set the permissions of the mount after the fact? I have already set the mode on the File so I can't call it twice. The only thing I have come up with is to have it run twice, but then the directory will match the permissions of the mount which is NOT what I want.
Has anyone encountered this yet or come up with a solution? I basically want a directory with xxx permissions and a mount on that directory with yyy permissions.
Is the mount is ever removed for whatever reason then I will have a directory with yyy permissions.
↧
how to stop websphere service from puppet ,i want to verify the status before i stop the service.
I an trying to stop a websphere jvm using exec resource ,but before that i want to verify the status using serversetatus.sh and run only if am getting grep value as stopped.
i am able to achive first part but failing to validate condition.
↧
How can I use a profile to include a class defined in hiera without getting dup class errors?
I want to use a profile to call a class that is already defined in a higher level in hiera and provide different data to that class. When I call the class in my profile puppet complains that the class is already defined. Is there anything I can do to avoid the dup definition? I want to leave the current implementation in place for other servers not included in this profile.
↧
↧
unInstall puppet agent
I spinned up an instance in AWS using an AMI of an instance which already had puppet agent installed in it. the new instance has the same certificate name and configuration as the old instance. I am trying to uninstall the puppet enterprise agent from the new instance and add reinstall the agent with the new certificate for the puppet server.
I followed the process of uninstalling the Puppet enterprise agent for nix machines- copied puppet_enterprise_uninstaller and utilities from the puppet server to the agent. this sucessfully removed the enterprise agent from the node ( Am I missing anystep here uninstalling PE-Agent from an instance spinned from an AMI?)
Considering puppet agent to be gone. I tried to install it againg from puppet server using curl -k fqan:8140... but i got the following errors. Am I missing anything here?
W: GPG error: https://puppet.abc.com:8140 ./ Release: The following signatures were invalid: KEYEXPIRED 140000000
Reading package lists... Done
Building dependency tree
Reading state information... Done
apt-transport-https is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 198 not upgraded.
OK
W: GPG error: https://puppet.abc.com:8140 ./ Release: The following signatures were invalid: KEYEXPIRED 140000000
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
puppet-agent
0 upgraded, 1 newly installed, 0 to remove and 198 not upgraded.
Need to get 9911 kB of archives.
After this operation, 51.0 MB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
puppet-agent
E: There are problems and -y was used without --force-yes
/tmp/tmp.EqPo67Lgf3: line 75: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
[main]
/tmp/tmp.EqPo67Lgf3: line 84: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 94: /opt/puppetlabs/puppet/bin/facter: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 94: /opt/puppetlabs/puppet/bin/ruby: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 94: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 103: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 104: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 108: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 46: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 46: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 46: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
/tmp/tmp.EqPo67Lgf3: line 46: /opt/puppetlabs/puppet/bin/puppet: No such file or directory
+ fail 'Error running install script /tmp/tmp.EqPo67Lgf3'
+ echo 'Error running install script /tmp/tmp.EqPo67Lgf3'
Error running install script /tmp/tmp.EqPo67Lgf3
+ exit 1
↧
puppet noop -- persistance
Hello,
What is the recommended method in putting nodes in noop mode?
My goal is to ensure certain groups of nodes are in noop mode so changes don't mistakenly get applied but I want to know if changes 'would' have been applied or if a node has drifted out of CM.
I could edit puppet.conf manually but that does not scale.
I could use Puppet to manage puppet.conf but if a node is in noop mode a new catalog will not be applied to take it out of noop mode or do an enforcing run to put a node back in conformance.
I could use MCollective and use the --noop and no-noop switches.
I cannot seem to find much material for this use case.
Thoughts?
thanks,
Brandon
↧
Is i valid to use $:: in manifest to get config value of agent node? (eg. $::ssldir)
`$::ssldir` seem to contain the Puppet Agent ssldir value from puppet.conf but I cant find anywhere in the documentation that describes this behavior.
Quite the opposite in fact since this line makes it sound like this should not be possible> [...the agent node’s settings are not available in manifests.](https://docs.puppet.com/puppet/4.8/lang_facts_and_builtin_vars.html#puppet-master-variables)
So the question is if is valid to use `$::` to get puppet ssl directory on the agent node and if yes then is this behavior documented anywhere?
Example code
class module::params {
if ( $::ssldir != undef ) {
# Bug or feature?
# Gives the same value as if running "puppet config print --section agent ssldir" on the node
$ssl_dir = $::ssldir
} else {
$ssl_dir = '/etc/puppetlabs/puppet/ssl'
}
}
**(Edit: Added extra example with full setup)**
Example to show `$::ssldir` behaviour in a setup with one Puppet Server and two Puppet Agents
Host `puppet`, Puppet Server, Debian
root@puppet01:~# cat /etc/puppetlabs/code/environments/production/manifests/site.pp
$demo = @("DEMO"/$)
Vars
\$settings::ssldir = ${settings::ssldir}
\$::ssldir = ${::ssldir}
| DEMO
notify { "ssl dir info":
message => $demo,
}
root@puppet01:~# puppet config print --section master ssldir
/var/opt/puppetlabs/puppetserver/ssl
root@puppet01:~# puppet config print --section agent ssldir
/etc/puppetlabs/puppet/ssl
root@puppet01:~#
Host `srv01`, Puppet Agent, Debian
root@srv01:~# puppet config print --section agent ssldir
/var/lib/puppet/ssl
root@srv01:~# puppet agent -t -v
...
Notice: Vars
$settings::ssldir = /var/opt/puppetlabs/puppetserver/ssl
$::ssldir = /var/lib/puppet/ssl
...
root@srv01:~#
Host `srv02`, Puppet Agent, FreeBSD
root@srv02:~ # puppet config print --section agent ssldir
/var/puppet/ssl
root@srv02:~ # puppet agent -t -v
...
Notice: Vars
$settings::ssldir = /var/opt/puppetlabs/puppetserver/ssl
$::ssldir = /var/puppet/ssl
...
root@srv02:~ #
↧
Is it possible to use Hiera Knockout Rules for Hashes?
common.yaml:
lookup_options:
firewall::rules: { merge: {strategy: deep, merge_hash_arrays: true, knockout_prefix: "--", sort_merge_arrays: true}}
firewall::rules
http_allow: { action: 'ACCEPT', proto: 'tcp', source: 'net', dest: '$FW', port: '80', order: '50', comment: 'http access' }
ssh_all: { action: 'ACCEPT', proto: 'tcp', source: 'net', dest: '$FW', port: '22', sport: '-', original_dest: '-', order: '50', comment: 'all ssh access' }
example.com.yaml:
firewall::rules
--ssh_all:
ssh_admins: { action: 'ACCEPT', proto: 'tcp', source: 'net:123.456.768', dest: '$FW', port: '22', sport: '-', original_dest: '-', order: '50', comment: 'admin ssh access' }
should result in a merged yaml:
firewall::rules
http_allow: { action: 'ACCEPT', proto: 'tcp', source: 'net', dest: '$FW', port: '80', order: '50', comment: 'http access' }
ssh_admins: { action: 'ACCEPT', proto: 'tcp', source: 'net:123.456.768', dest: '$FW', port: '22', sport: '-', original_dest: '-', order: '50', comment: 'admin ssh access' }
↧
↧
Document modules with YARD or as README.MD
AFAIK, forge.puppetlabs.com only renders the `readme.md` along the module description. However, I've noticed there's something in the works: There was a `puppetlabs/strings` module, which now is a Ruby gem. And in the long run puppet module documentation is done via YARD documentation strings.
That's great. However, I haven't found any clue, that PuppetForge goes along with this development and respects YARD documentation strings. Do I write my module documentation still as `readme.md` for now, or should I switch to YARD? How long does it take, until YARD documentation is propagated as new standard?
Because, I don't like to document, publish my great module, and some months later Forge considers YARD documentation, too. On the other, a YARD only documented module doesn't “sell”, since it's got a pretty empty `readme.md`. I'd place a hint “I did a great job with YARD”, but it doesn't show up on the module description page on Forge. ☹
↧
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Could not find class motd
Hi, i'm new to puppet and just testing; I have a simple module I created that creates a motd file. When I use puppet apply -e 'include ::motd' the class is applied. But when the PE server tries to run it on the agent I always get this error. The same for when I run puppet agent -t.
I feel like this is a simple issue but I can't figure it out. Any help would be appreciated. Thank you in advance.
## Here is my environment ##
the environment is
production
/etc/puppetlabs/code/environments
the modules inatalled are
/etc/puppetlabs/code/environments/production/modules
├── puppetlabs-stdlib (v4.13.1)
└── serdelivery-motd (v0.1.0)
/etc/puppetlabs/code/modules
├── Delivery-jboss (v0.1.0)
├── ntp (???)
└── puppetlabs-stdlib (v4.14.0)
/opt/puppetlabs/puppet/modules (no modules installed)
the version of puppet is
4.8.0
## Here is what's included in the init.pp file located in /etc/puppetlabs/code/environments/development/modules/motd/manifests ##
class motd {
file { '/etc/motd':
ensure => 'file',
content => file('motd/message'),
}
}
↧
monitor attributes of defined type
A program running on the node has an internal counter.
define mytype (
String foo = undef,
Integer maxcount = undef,
) {
file { $title:
[…]
content => "${foo}\n${maxcount}\n",
}
exec { $title:
command => [… reset internal counter command …],
refreshonly => true,
}
}
How do I make my defined type automatically fire my reset counter command? If `$foo` changes, I do not have to reset the counter. It doesn't harm though. It is just unnecessary. Making a direct `~>` from `file` to `exec` is not what I want.
I could introduce a dummy defined type, having `$maxcount` as a parameter, doing noting else, but `audit => ['maxcount']` and get notifications from the dummy type.
define mydummy (
Integer maxcount = undef,
) {
}
define mytype (
String foo = undef,
Integer maxcount = undef,
) {
file { $title: [… as above …] }
mydummy { $title:
maxcount => $maxcount,
audit => ['maxcount'],
}
exec { $title: [… as above …] }
Mydummy[$title] ~> Exec[$title]
}
However, that's not nice. Is there some other way, to solve this?
PS: No, I do not have to catch the situation, someone locally edited the maxcount line.
↧