anyone using Puppet for configuration management?
Federico Voges
ftc at ftc.com.ar
Fri Sep 6 12:50:17 PDT 2013
On 6 September 2013 17:48, Lonni J Friedman <netllama at gmail.com> wrote:
> On Fri, Sep 6, 2013 at 12:41 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>> Sorry. I forgot a ":". It should be class { "ntp": }
>
> That didn't help much. Now its back to complaining about duplicate
> declarations:
> Duplicate declaration: Class[Ntp] is already declared in file
> /etc/puppet/manifests/services/ntp.pp at line 4; cannot redeclare at
> /etc/puppet/manifests/site.pp:5
>
Comment/remove the line:
import "services/*"
If I understand correctly, you don't need that.
I created a quick example based roughly on what I know about your setup.
Please check https://github.com/fvoges/puppet-lonni
I tested it on a fresh centos 6.4 install with latest puppet 3.2.x and 2.6.x
If you have any question, just ask. If you're on irc.freenode.org my
nick is fvoges, ping me there.
There's a branch called hiera. It has the code changes to use hiera
instead on inheritance. But it needs more changes and the hiera config
to make much sense. As it is, you can't see why hiera is so good.
>>
>> If you're just starting, you might want to do their online
>> introduction. It was quite good the last time I checked it.
>>
>> You download a VM and you start following the online tutorial (it uses
>> puppet enterprise instead of the open source version, but it makes no
>> difference for learning). See http://docs.puppetlabs.com/learning/
>
> Yea, i've read through much of it already, but its not helping much
> with this particular problem.
>
>
>>
>> On 5 September 2013 19:36, Lonni J Friedman <netllama at gmail.com> wrote:
>>> I thought that anything included in the default node definition is
>>> auto-inherited by the other nodes? Anyway, I tried adding the default
>>> node definition that you wrote, but that doesn't pass validation:
>>> Error 400 on SERVER: Could not parse for environment production:
>>> Syntax error at '}'; expected '}' at /etc/puppet/manifests/site.pp:3
>>>
>>>
>>> I was planning to look into hiera at some point, but I wanted to get
>>> something more basic in place first, then improve upon it later. Baby
>>> steps, etc.
>>>
>>> On Thu, Sep 5, 2013 at 11:17 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>> You don't have to include them there.
>>>>
>>>> Puppet auto loads the modules. Let's say you have your ntp module in
>>>> whatever your modules dir is named (usually would be
>>>> /etc/puppet/modules/ntp/*).
>>>>
>>>> In your default node definition, you do something like this:
>>>>
>>>> node default {
>>>> class { 'ntp' }
>>>> }
>>>>
>>>> The includes in site.pp are useful for when you have a lot of node
>>>> definitions. Using inclide, you can split them into multiple files so
>>>> it's easier to maintain (e.g., include webservers/*)
>>>>
>>>> If you want better control over individual node configuration, then
>>>> look into using parameterized classes and hiera. At my previous job, I
>>>> used them to be able to override defaults in multiple layers:
>>>> host
>>>> role
>>>> domain
>>>> global
>>>>
>>>>
>>>> On 5 September 2013 18:00, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>> *sigh* you're right. This is annoying behavior. This implies that
>>>>> installing any modules means that they are going to apply to every
>>>>> node.
>>>>>
>>>>> I googled for how to exclude a module from a node, and most of the
>>>>> suggestions were rather hacky:
>>>>> https://groups.google.com/forum/#!topic/puppet-users/a1muJHCs-hQ
>>>>>
>>>>> I tried to follow that one, by creating a new class which explicitly
>>>>> disables ntp, but then I was seeing duplicate service (ntp)
>>>>> declaration errors. feh.
>>>>>
>>>>> On Thu, Sep 5, 2013 at 9:09 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>>>> This seems to say that it does get applied to all nodes:
>>>>>> http://docs.puppetlabs.com/puppet/2.7/reference/lang_import.html
>>>>>>
>>>>>> On 5 September 2013 16:36, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>>>> in services/* I've got:
>>>>>>> download_files.pp hello.pp ntp.pp pkg.pp tester.pp
>>>>>>>
>>>>>>> The only place that ntp is referenced is ntp.pp which i'm not even
>>>>>>> including any longer in site.pp. So unless the import implicitly
>>>>>>> includes everything (and it doesn't seem like, since none of the
>>>>>>> others are enabled globally by default), I don't think that's the
>>>>>>> issue.
>>>>>>>
>>>>>>> On Thu, Sep 5, 2013 at 8:30 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>>>>>> What are you adding in "import "services/*""? It looks like you're
>>>>>>>> installing, at least, snmp and apache. So heres the silly question:
>>>>>>>> are you sure that you're not including ntp somewhere in there too?
>>>>>>>>
>>>>>>>> Fed.
>>>>>>>>
>>>>>>>> On 5 September 2013 16:15, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>>>>>> I'm using 2.7.x. There's nothing obvious to me in the logs. If I run
>>>>>>>>> with --debug, I see:
>>>>>>>>> #########
>>>>>>>>> debug: Failed to load library 'rubygems' for feature 'rubygems'
>>>>>>>>> debug: Puppet::Type::User::ProviderDirectoryservice: file
>>>>>>>>> /usr/bin/dscl does not exist
>>>>>>>>> debug: Puppet::Type::User::ProviderUser_role_add: file roledel does not exist
>>>>>>>>> debug: Puppet::Type::User::ProviderLdap: true value when expecting false
>>>>>>>>> debug: Puppet::Type::User::ProviderPw: file pw does not exist
>>>>>>>>> debug: Puppet::Type::File::ProviderMicrosoft_windows: feature
>>>>>>>>> microsoft_windows is missing
>>>>>>>>> debug: Failed to load library 'ldap' for feature 'ldap'
>>>>>>>>> debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring
>>>>>>>>> File[/var/lib/puppet/ssl/certs]
>>>>>>>>> debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring
>>>>>>>>> File[/var/lib/puppet/ssl]
>>>>>>>>> debug: /File[/var/lib/puppet/ssl/crl.pem]: Autorequiring
>>>>>>>>> File[/var/lib/puppet/ssl]
>>>>>>>>> debug: /File[/var/lib/puppet/ssl/certs/cuda-linux32-cvs4.pem]:
>>>>>>>>> Autorequiring File[/var/lib/puppet/ssl/certs]
>>>>>>>>> debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
>>>>>>>>> debug: /File[/var/run/puppet/agent.pid]: Autorequiring File[/var/run/puppet]
>>>>>>>>> debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet]
>>>>>>>>> debug: /File[/var/lib/puppet/state/state.yaml]: Autorequiring
>>>>>>>>> File[/var/lib/puppet/state]
>>>>>>>>> debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring
>>>>>>>>> File[/var/lib/puppet/ssl]
>>>>>>>>> debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet]
>>>>>>>>> debug: /File[/var/lib/puppet/ssl/private]: Autorequiring
>>>>>>>>> File[/var/lib/puppet/ssl]
>>>>>>>>> debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
>
>>>>>>>>> debug: Stored state in 0.00 seconds
>>>>>>>>> notice: Finished catalog run in 0.50 seconds
>>>>>>>>> #########
>>>>>>>>>
>>>>>>>>> On Thu, Sep 5, 2013 at 8:10 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>>>>>>>> That doesn't make any sense.
>>>>>>>>>>
>>>>>>>>>> What version are you using? and what's in the logs? Have you tried
>>>>>>>>>> running with --debug?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 5 September 2013 15:01, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>>>>>>>> I also tried with the FQDN, but that didn't make any difference. I
>>>>>>>>>>> also tried removing the default node definition, and that also had no
>>>>>>>>>>> impact. ntp is loaded regardless.
>>>>>>>>>>>
>>>>>>>>>>> On Thu, Sep 5, 2013 at 1:56 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>>>>>>>>>> Hi Lonni,
>>>>>>>>>>>>
>>>>>>>>>>>> Is 'cuda-farm-ljf1' the FQDN for the node? If not, put the full
>>>>>>>>>>>> hostname or use a regex.
>>>>>>>>>>>>
>>>>>>>>>>>> Cheers,
>>>>>>>>>>>> Fed.
>>>>>>>>>>>>
>>>>>>>>>>>> On 3 September 2013 23:06, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>>>>>>>>>> I'm trying to get ramped up on Puppet ( http://www.puppetlabs.com ),
>>>>>>>>>>>>> and I'm encountering some strange behavior with the node definitions.
>>>>>>>>>>>>> >From the documentation, I thought that the 'default' node was a
>>>>>>>>>>>>> catchall for any node which wasn't explicitly matched elsewhere.
>>>>>>>>>>>>> However, what I'm seeing is that the default seems to apply even where
>>>>>>>>>>>>> there is an exact match. For example, I have the following in
>>>>>>>>>>>>> site.pp:
>>>>>>>>>>>>>
>>>>>>>>>>>>> #########
>>>>>>>>>>>>> import "services/*"
>>>>>>>>>>>>> node "cuda-farm-ljf1" {
>>>>>>>>>>>>> include hello
>>>>>>>>>>>>> }
>>>>>>>>>>>>> node default {
>>>>>>>>>>>>> include ntp
>>>>>>>>>>>>> }
>>>>>>>>>>>>> #########
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> What I'd expect is that the 'ntp' class will *not* apply to the
>>>>>>>>>>>>> 'cuda-farm-ljf1' node, however that isn't the behavior that I'm
>>>>>>>>>>>>> seeing. Even if I completely uninstall ntp on that node, its
>>>>>>>>>>>>> reinstalled & started the next time it syncs with the master. Am I
>>>>>>>>>>>>> missing something obvious here?
> _______________________________________________
> Linux-users mailing list
> Linux-users at linux-sxs.org
> http://mailman.celestial.com/mailman/listinfo/linux-users
More information about the Linux-users
mailing list