Unable to apply Puppetlabs tomcat 2.0.0

I am unable to successfully apply Puppetlabs/tomcat 2.0.0 to a CentOS apache server. Mod 'puppetlabs/apache', '1.6.0' was successfully applied. The errors suggest that the instance is trying to pick up information from /opt/apache-tomcat-8.0.41 but this is not the install directory I have defined - and does not exist. Any help greatly appreciated. Regards Ewan Errors: ===== Error: /Stage[main]/Profiles::Notify_tomcat/Tomcat::Instance[notify-tomcat8-instance]/Tomcat::Instance::Copy_from_home[/apps/notify/apache-tomcat-8.0.41/conf/catalina.policy]/File[/apps/notify/apache-tomcat-8.0.41/conf/catalina.policy]: Could not evaluate: Could not retrieve information from environment dti020_34 source(s) file:/opt/apache-tomcat/conf/catalina.policy Error: /Stage[main]/Profiles::Notify_tomcat/Tomcat::Instance[notify-tomcat8-instance]/Tomcat::Instance::Copy_from_home[/apps/notify/apache-tomcat-8.0.41/conf/context.xml]/File[/apps/notify/apache-tomcat-8.0.41/conf/context.xml]: Could not evaluate: Could not retrieve information from environment dti020_34 source(s) file:/opt/apache-tomcat/conf/context.xml Error: /Stage[main]/Profiles::Notify_tomcat/Tomcat::Instance[notify-tomcat8-instance]/Tomcat::Instance::Copy_from_home[/apps/notify/apache-tomcat-8.0.41/conf/logging.properties]/File[/apps/notify/apache-tomcat-8.0.41/conf/logging.properties]: Could not evaluate: Could not retrieve information from environment dti020_34 source(s) file:/opt/apache-tomcat/conf/logging.properties Error: /Stage[main]/Profiles::Notify_tomcat/Tomcat::Instance[notify-tomcat8-instance]/Tomcat::Instance::Copy_from_home[/apps/notify/apache-tomcat-8.0.41/conf/server.xml]/File[/apps/notify/apache-tomcat-8.0.41/conf/server.xml]: Could not evaluate: Could not retrieve information from environment dti020_34 source(s) file:/opt/apache-tomcat/conf/server.xml Error: /Stage[main]/Profiles::Notify_tomcat/Tomcat::Instance[notify-tomcat8-instance]/Tomcat::Instance::Copy_from_home[/apps/notify/apache-tomcat-8.0.41/conf/web.xml]/File[/apps/notify/apache-tomcat-8.0.41/conf/web.xml]: Could not evaluate: Could not retrieve information from environment dti020_34 source(s) file:/opt/apache-tomcat/conf/web.xml Manifest extract: ============ # Install Tomcat using the Forge module. $notify_catalina_base = "${notify_install_dir}/apache-tomcat-${notify_tomcat_version}" $notify_catalina_home = "${notify_install_dir}/apache-tomcat-${notify_tomcat_version}" file { "${notify_install_dir}/apache-tomcat": ensure => link, target => "apache-tomcat-${notify_tomcat_version}", require => File["${notify_install_dir}/apache-tomcat-${notify_tomcat_version}"], } class { '::tomcat': user => $notify_owner, group => $notify_group, manage_user => false, manage_group => false, } ::tomcat::install { '/apps/notify': source_url => "http://archive.apache.org/dist/tomcat/tomcat-${notify_tomcat_major_version}/v${notify_tomcat_version}/bin/apache-tomcat-${notify_tomcat_version}.tar.gz", } # Configure Tomcat. ::tomcat::instance { 'notify-tomcat8-instance': catalina_base => $notify_catalina_base, } ::tomcat::config::server { 'notify-tomcat8-config-server': catalina_base => $notify_catalina_base, port => '#removed#', } # REMOVES the default http connector on port 8080 as this is not used ::tomcat::config::server::connector { 'notify-tomcat8-http': catalina_base => $notify_catalina_base, port => '8080', protocol => 'HTTP/1.1', connector_ensure => 'absent' } ::tomcat::config::server::connector { 'notify-tomcat8-ajp': catalina_base => $notify_catalina_base, port => $notify_ajp_port, protocol => 'AJP/1.3', additional_attributes => { 'proxyPort' => '443', 'scheme' => 'https', 'tomcatAuthentication' => false, 'address' => '127.0.0.1', 'maxThreads' => '512', }, } ::tomcat::service { 'notify-tomcat8-service': catalina_base => $notify_catalina_base, service_ensure => 'running', } # Remove the default Tomcat webapps. file { [ "${notify_catalina_base}/webapps/docs", "${notify_catalina_base}/webapps/examples", "${notify_catalina_base}/webapps/host-manager", "${notify_catalina_base}/webapps/manager", "${notify_catalina_base}/webapps/ROOT", ]: ensure => absent, recurse => true, force => true, purge => true, backup => false, require => Tomcat::Instance['notify-tomcat8-instance'], } ::tomcat::setenv::entry {'CATALINA_OPTS': value => "\ -Xms256m -Xmx1024m -server -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCApplicationConcurrentTime -XX:+PrintGCApplicationStoppedTime -verbose:gc -Xloggc:${notify_tomcat_home}/logs/GC.log", config_file => "${notify_install_dir}/notify-env-opts", require => Tomcat::Instance['notify-tomcat8-instance'], } } All relevant file listings below. 2. Puppetfile tomcat entry ========================== mod 'puppetlabs/tomcat', '2.0.0' 3. Manifests ============= 3.1 notify_tomcat.pp --------------------- [escott12@es-puppet dti020_34]$ cat ./site/profiles/manifests/notify_tomcat.pp # == Class: profiles::notify_tomcat # # The profile for notify application servers. # # === Parameters # # None. # # === Authors # # #removed# # class profiles::notify_tomcat { # Get the tier of the application from Hiera. $jdk_version = hiera('profiles::javaroot::jdk_version') $jdk_version_update = hiera('profiles::javaroot::jdk_version_update') $jdk_version_build = hiera('profiles::javaroot::jdk_version_build') $javaroot_install_dir = hiera('profiles::javaroot::javaroot_install_dir') $notify_tomcat_major_version = hiera('profiles::notify::tomcat_major_version') $notify_tomcat_version = hiera('profiles::notify::tomcat_version') $notify_tomcat_home = hiera('profiles::notify::tomcat_home') $notify_owner = hiera('profiles::notify::notify_owner') $notify_group = hiera('profiles::notify::notify_group') $notify_install_dir = hiera('profiles::notify::notify_install_dir') $notify_url = hiera('profiles::notify::notify_url') $notify_ajp_port = hiera('profiles::notify::notify_ajp_port') # CoSign protected is off by default for the service. # Create the application directories. # Create a symlink for JDK as referencing java_home could be confused with JAVA_HOME. file { "${notify_install_dir}/jdk": ensure => link, target => '/apps/java/java_home', require => File['/apps/java/java_home'], } # Create the apache-tomcat symlink. # Install Tomcat using the Forge module. $notify_catalina_base = "${notify_install_dir}/apache-tomcat-${notify_tomcat_version}" $notify_catalina_home = "${notify_install_dir}/apache-tomcat-${notify_tomcat_version}" file { "${notify_install_dir}/apache-tomcat": ensure => link, target => "apache-tomcat-${notify_tomcat_version}", require => File["${notify_install_dir}/apache-tomcat-${notify_tomcat_version}"], } class { '::tomcat': user => $notify_owner, group => $notify_group, manage_user => false, manage_group => false, } ::tomcat::install { '/apps/notify': source_url => "http://archive.apache.org/dist/tomcat/tomcat-${notify_tomcat_major_version}/v${notify_tomcat_version}/bin/apache-tomcat-${notify_tomcat_version}.tar.gz", } # Configure Tomcat. ::tomcat::instance { 'notify-tomcat8-instance': catalina_base => $notify_catalina_base, } ::tomcat::config::server { 'notify-tomcat8-config-server': catalina_base => $notify_catalina_base, port => '#removed#', } # REMOVES the default http connector on port 8080 as this is not used ::tomcat::config::server::connector { 'notify-tomcat8-http': catalina_base => $notify_catalina_base, port => '8080', protocol => 'HTTP/1.1', connector_ensure => 'absent' } ::tomcat::config::server::connector { 'notify-tomcat8-ajp': catalina_base => $notify_catalina_base, port => $notify_ajp_port, protocol => 'AJP/1.3', additional_attributes => { 'proxyPort' => '443', 'scheme' => 'https', 'tomcatAuthentication' => false, 'address' => '127.0.0.1', 'maxThreads' => '512', }, } ::tomcat::service { 'notify-tomcat8-service': catalina_base => $notify_catalina_base, service_ensure => 'running', } # Remove the default Tomcat webapps. file { [ "${notify_catalina_base}/webapps/docs", "${notify_catalina_base}/webapps/examples", "${notify_catalina_base}/webapps/host-manager", "${notify_catalina_base}/webapps/manager", "${notify_catalina_base}/webapps/ROOT", ]: ensure => absent, recurse => true, force => true, purge => true, backup => false, require => Tomcat::Instance['notify-tomcat8-instance'], } # Java opts including memory etc notify { "This is TOMCAT HOME var1 ${notify_tomcat_home} ": } notify { "This is CATALINA BASE var2 ${notify_catalina_base} ": } notify { "This is CATALINA HOME var3 ${notify_catalina_home} ": } ::tomcat::setenv::entry {'CATALINA_OPTS': value => "\ -Xms256m -Xmx1024m -server -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCApplicationConcurrentTime -XX:+PrintGCApplicationStoppedTime -verbose:gc -Xloggc:${notify_tomcat_home}/logs/GC.log", config_file => "${notify_install_dir}/notify-env-opts", require => Tomcat::Instance['notify-tomcat8-instance'], } } 3.2 other manifests =================== notify_server_apache.pp [escott12@es-puppet dti020_34]$ cat ./site/profiles/manifests/notify_server_apache.pp # == Class: profiles::notify_server_apache # # The profile for # 1. notify server apache install and vhost definitions # 2. shared java install. # # === Parameters # # None. # # === Authors # # #removed# # class profiles::notify_server_apache { #Get the tier of the application from Hiera. $notifyadm_owner = hiera('profiles::notifyadm::notifyadm_owner') $notifyadm_group = hiera('profiles::notifyadm::notifyadm_group') $notifyadm_install_dir = hiera('profiles::notifyadm::notifyadm_install_dir') $notifyadm_url = hiera('profiles::notifyadm::notifyadm_url') $notifyadm_ajp_port = hiera('profiles::notifyadm::notifyadm_ajp_port') $cosign_cookie = hiera('profiles::notifyadm::cosign_cookie') $cosign_url = hiera('profiles::notifyadm::cosign_url') $notify_owner = hiera('profiles::notify::notify_owner') $notify_group = hiera('profiles::notify::notify_group') $notify_install_dir = hiera('profiles::notify::notify_install_dir') $notify_url = hiera('profiles::notify::notify_url') $notify_ajp_port = hiera('profiles::notify::notify_ajp_port') $javaroot_install_dir = hiera('profiles::javaroot::javaroot_install_dir') $jdk_version = hiera('profiles::javaroot::jdk_version') $jdk_version_update = hiera('profiles::javaroot::jdk_version_update') $jdk_version_build = hiera('profiles::javaroot::jdk_version_build') # CoSign protected is off by default for the service. $notifyadm_cosign_protected = true # Create the application directories. file { '/apps': ensure => 'directory', owner => 'root', group => 'root', mode => '0755', } file { $notifyadm_install_dir: ensure => 'directory', owner => $notifyadm_owner, group => $notifyadm_group, mode => '0755', } file { $javaroot_install_dir: ensure => 'directory', owner => 'root', group => 'root', mode => '0755', } # Install Oracle JDK using the Forge module. class { '::jdk_oracle': version => $jdk_version, version_update => $jdk_version_update, version_build => $jdk_version_build, install_dir => $javaroot_install_dir, default_java => false, } # Create a symlink for JDK as referencing java_home could be confused with JAVA_HOME. # Create a symlink for JDK as referencing java_home could be confused with JAVA_HOME. file { "${javaroot_install_dir}/jdk": ensure => link, target => 'java_home', require => File["${javaroot_install_dir}/java_home"], } java_ks { 'eduinca': ensure => latest, certificate => '/etc/pki/CA/certs/EdCAcert.crt', target => "${javaroot_install_dir}/jdk/jre/lib/security/cacerts", password => '#removed#', require => [ File["${javaroot_install_dir}/jdk"], File['/etc/pki/CA/certs/EdCAcert.crt'] ], trustcacerts => true, } java_ks { 'eduinca2': ensure => latest, certificate => '/etc/pki/CA/certs/eduni2.crt', target => "${javaroot_install_dir}/jdk/jre/lib/security/cacerts", password => '#removed#', require => [ File["${javaroot_install_dir}/jdk"], File['/etc/pki/CA/certs/eduni2.crt'] ], trustcacerts => true, } # Create the apache-tomcat symlink. # Install Apache using the Forge module. class { '::apache': logroot_mode => '0755', } # Install mod_ssl, mod_proxy_ajp and mod_remoteip. include ::apache::mod::proxy_ajp include ::apache::mod::ssl # notifyadm uses REMOTE_USER for stats purposes so set it to value of NS-X-Forwarded-For # if the request comes from the Load ballancer IP # Setup the required Apache VHosts. ::apache::vhost { $notifyadm_url: servername => $notifyadm_url, port => '80', serveradmin => '#removed#@ed.ac.uk', # Set the first field to %a to record the client ip as set by mod_remoteip access_log_format => '%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O %D', docroot => '/apps/notifyadm/htdocs/', docroot_owner => $notifyadm_owner, docroot_group => $notifyadm_group, docroot_mode => '0755', proxy_pass => [ { 'path' => '/cosign', 'url' => '!', }, { 'path' => '/cgi-bin', 'url' => '!', }, { 'path' => '/', 'url' => "ajp://localhost:${notifyadm_ajp_port}/", }, ], directories => [ { path => '/', provider => 'location', custom_fragment => 'CosignProtected On', }, { path => '/cgi-bin', provider => 'location', custom_fragment => 'CosignProtected Off', }, { path => '/healthcheck/healthcheck.jsp', provider => 'location', custom_fragment => 'CosignProtected Off', }, ], } ::apache::vhost { $notify_url: servername => $notify_url, port => '80', serveradmin => '#removed#@ed.ac.uk', # Set the first field to %a to record the client ip as set by mod_remoteip access_log_format => '%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O %D', docroot => '/apps/notify/htdocs/', docroot_owner => $notify_owner, docroot_group => $notify_group, docroot_mode => '0755', scriptalias => '/var/www/cgi-bin/', # Maps to /cgi-bin proxy_pass => [ { 'path' => '/cgi-bin', 'url' => '!', }, { 'path' => '/', 'url' => "ajp://localhost:${notify_ajp_port}/", }, ], directories => [ { path => '/cgi-bin', provider => 'location', }, { path => '/healthcheck', provider => 'location', }, ], } # Add CoSign stuff. cosign::vhost { $notifyadm_url: site_url => $notifyadm_url, cosign_cookie => $cosign_cookie, cosign_url => $cosign_url, cosign_protected => $notifyadm_cosign_protected, proxy_cookies => false, allow_public_access => false, } # Create the generic cosign-logout.pl script. file { '/var/www/cgi-bin/cosign-logout.pl': ensure => 'file', owner => 'root', group => 'root', mode => '0755', content => template('profiles/cosign-logout.pl.erb'), } } 4. hiera data ============= 4.1 ./hieradata/role/notify.yaml ================================ --- classes: roles::notify profiles::notify::jdk_version: "8" profiles::notify::jdk_version_update: "144" profiles::notify::jdk_version_build: "1" profiles::notify::tomcat_major_version: "8" profiles::notify::tomcat_version: "8.0.41" profiles::notify::notify_owner: notify profiles::notify::notify_group: notifygp profiles::notify::notify_install_dir: /apps/notify profiles::notify::tomcat_home: /apps/notify/apache-tomcat profiles::notifyadm::jdk_version: "8" profiles::notifyadm::jdk_version_update: "144" profiles::notifyadm::jdk_version_build: "1" profiles::notifyadm::tomcat_major_version: "8" profiles::notifyadm::tomcat_version: "8.0.41" profiles::notifyadm::notifyadm_owner: notifyadm profiles::notifyadm::notifyadm_group: notifygp profiles::notifyadm::notifyadm_install_dir: /apps/notifyadm profiles::cosign::cosign_rpm: cosign-3.2.0-git_9a50797.el7.x86_64 profiles::cosign::create_proxy_dir: false profiles::javaroot::javaroot_install_dir: '/apps/java' profiles::javaroot::jdk_version: '8' profiles::javaroot::jdk_version_update: '144' profiles::javaroot::jdk_version_build: '1' 4.2. ./hieradata/role/notify/dev.yaml ===================================== --- profiles::notify::notify_url: dev.notify.ws-apps.is.ed.ac.uk profiles::notify::notify_ajp_port: #removed# profiles::notifyadm::notifyadm_url: dev.notifyadm.is.ed.ac.uk profiles::notifyadm::notifyadm_ajp_port: #removed# profiles::notifyadm::cosign_cookie: eucsCosigntest-dev.notifyadm.is.ed.ac.uk profiles::notifyadm::cosign_url: www-dev.ease.ed.ac.uk profiles::notifyadm::tomcat_opts: "-Xms256m -Xmx2048m -server -XX:+PrintGCDetails -XX:+PrintGCTimeStamps -XX:+PrintGCApplicationConcurrentTime -XX:+PrintGCApplicationStoppedTime -verbose:gc -Xloggc:${TOMCAT_HOME}/logs/GC.log" profiles::certs::certs: dev.notifyadm.is.ed.ac.uk-eduni: cert: | -----BEGIN CERTIFICATE----- #removed# -----END CERTIFICATE----- profiles::certs::private_keys: dev.notifyadm.is.ed.ac.uk-eduni: key: > #removed# [escott12@es-puppet dti020_34]$ ---------- ----------