anyone using Puppet for configuration management?
Lonni J Friedman
netllama at gmail.com
Fri Sep 6 17:04:49 PDT 2013
Thanks Federico. I finally got this sorted out. For reasons that I
still don't full understand moving this class from
manifests/services/ntp.pp :
class {
'::ntp':
servers => [ 'ntp.nvidia.com'],
}
inside of a node definition:
node 'somehost.example.com' {
class { 'ntp':
serers => [ 'ntp.nvidia.com'],
}
}
fixed it. At that point, I could also add the class to the default
node definition, and not have it apply to any other nodes where the
class was not explicitly defined. I still don't understand why this
one ntp module behaves this way, when I've got numerous other classes
in manifests/services/*.pp which did not misbehave. But at least I've
got ntp under control now, which is all that I care about.
On Fri, Sep 6, 2013 at 12:50 PM, Federico Voges <ftc at ftc.com.ar> wrote:
> On 6 September 2013 17:48, Lonni J Friedman <netllama at gmail.com> wrote:
>> On Fri, Sep 6, 2013 at 12:41 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>> Sorry. I forgot a ":". It should be class { "ntp": }
>>
>> That didn't help much. Now its back to complaining about duplicate
>> declarations:
>> Duplicate declaration: Class[Ntp] is already declared in file
>> /etc/puppet/manifests/services/ntp.pp at line 4; cannot redeclare at
>> /etc/puppet/manifests/site.pp:5
>>
>
> Comment/remove the line:
> import "services/*"
>
> If I understand correctly, you don't need that.
>
>
> I created a quick example based roughly on what I know about your setup.
>
> Please check https://github.com/fvoges/puppet-lonni
>
> I tested it on a fresh centos 6.4 install with latest puppet 3.2.x and 2.6.x
>
> If you have any question, just ask. If you're on irc.freenode.org my
> nick is fvoges, ping me there.
>
> There's a branch called hiera. It has the code changes to use hiera
> instead on inheritance. But it needs more changes and the hiera config
> to make much sense. As it is, you can't see why hiera is so good.
>
>
>>>
>>> If you're just starting, you might want to do their online
>>> introduction. It was quite good the last time I checked it.
>>>
>>> You download a VM and you start following the online tutorial (it uses
>>> puppet enterprise instead of the open source version, but it makes no
>>> difference for learning). See http://docs.puppetlabs.com/learning/
>>
>> Yea, i've read through much of it already, but its not helping much
>> with this particular problem.
>>
>>
>>>
>>> On 5 September 2013 19:36, Lonni J Friedman <netllama at gmail.com> wrote:
>>>> I thought that anything included in the default node definition is
>>>> auto-inherited by the other nodes? Anyway, I tried adding the default
>>>> node definition that you wrote, but that doesn't pass validation:
>>>> Error 400 on SERVER: Could not parse for environment production:
>>>> Syntax error at '}'; expected '}' at /etc/puppet/manifests/site.pp:3
>>>>
>>>>
>>>> I was planning to look into hiera at some point, but I wanted to get
>>>> something more basic in place first, then improve upon it later. Baby
>>>> steps, etc.
>>>>
>>>> On Thu, Sep 5, 2013 at 11:17 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>>> You don't have to include them there.
>>>>>
>>>>> Puppet auto loads the modules. Let's say you have your ntp module in
>>>>> whatever your modules dir is named (usually would be
>>>>> /etc/puppet/modules/ntp/*).
>>>>>
>>>>> In your default node definition, you do something like this:
>>>>>
>>>>> node default {
>>>>> class { 'ntp' }
>>>>> }
>>>>>
>>>>> The includes in site.pp are useful for when you have a lot of node
>>>>> definitions. Using inclide, you can split them into multiple files so
>>>>> it's easier to maintain (e.g., include webservers/*)
>>>>>
>>>>> If you want better control over individual node configuration, then
>>>>> look into using parameterized classes and hiera. At my previous job, I
>>>>> used them to be able to override defaults in multiple layers:
>>>>> host
>>>>> role
>>>>> domain
>>>>> global
>>>>>
>>>>>
>>>>> On 5 September 2013 18:00, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>>> *sigh* you're right. This is annoying behavior. This implies that
>>>>>> installing any modules means that they are going to apply to every
>>>>>> node.
>>>>>>
>>>>>> I googled for how to exclude a module from a node, and most of the
>>>>>> suggestions were rather hacky:
>>>>>> https://groups.google.com/forum/#!topic/puppet-users/a1muJHCs-hQ
>>>>>>
>>>>>> I tried to follow that one, by creating a new class which explicitly
>>>>>> disables ntp, but then I was seeing duplicate service (ntp)
>>>>>> declaration errors. feh.
>>>>>>
>>>>>> On Thu, Sep 5, 2013 at 9:09 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>>>>> This seems to say that it does get applied to all nodes:
>>>>>>> http://docs.puppetlabs.com/puppet/2.7/reference/lang_import.html
>>>>>>>
>>>>>>> On 5 September 2013 16:36, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>>>>> in services/* I've got:
>>>>>>>> download_files.pp hello.pp ntp.pp pkg.pp tester.pp
>>>>>>>>
>>>>>>>> The only place that ntp is referenced is ntp.pp which i'm not even
>>>>>>>> including any longer in site.pp. So unless the import implicitly
>>>>>>>> includes everything (and it doesn't seem like, since none of the
>>>>>>>> others are enabled globally by default), I don't think that's the
>>>>>>>> issue.
>>>>>>>>
>>>>>>>> On Thu, Sep 5, 2013 at 8:30 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>>>>>>> What are you adding in "import "services/*""? It looks like you're
>>>>>>>>> installing, at least, snmp and apache. So heres the silly question:
>>>>>>>>> are you sure that you're not including ntp somewhere in there too?
>>>>>>>>>
>>>>>>>>> Fed.
>>>>>>>>>
>>>>>>>>> On 5 September 2013 16:15, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>>>>>>> I'm using 2.7.x. There's nothing obvious to me in the logs. If I run
>>>>>>>>>> with --debug, I see:
>>>>>>>>>> #########
>>>>>>>>>> debug: Failed to load library 'rubygems' for feature 'rubygems'
>>>>>>>>>> debug: Puppet::Type::User::ProviderDirectoryservice: file
>>>>>>>>>> /usr/bin/dscl does not exist
>>>>>>>>>> debug: Puppet::Type::User::ProviderUser_role_add: file roledel does not exist
>>>>>>>>>> debug: Puppet::Type::User::ProviderLdap: true value when expecting false
>>>>>>>>>> debug: Puppet::Type::User::ProviderPw: file pw does not exist
>>>>>>>>>> debug: Puppet::Type::File::ProviderMicrosoft_windows: feature
>>>>>>>>>> microsoft_windows is missing
>>>>>>>>>> debug: Failed to load library 'ldap' for feature 'ldap'
>>>>>>>>>> debug: /File[/var/lib/puppet/ssl/certs/ca.pem]: Autorequiring
>>>>>>>>>> File[/var/lib/puppet/ssl/certs]
>>>>>>>>>> debug: /File[/var/lib/puppet/ssl/public_keys]: Autorequiring
>>>>>>>>>> File[/var/lib/puppet/ssl]
>>>>>>>>>> debug: /File[/var/lib/puppet/ssl/crl.pem]: Autorequiring
>>>>>>>>>> File[/var/lib/puppet/ssl]
>>>>>>>>>> debug: /File[/var/lib/puppet/ssl/certs/cuda-linux32-cvs4.pem]:
>>>>>>>>>> Autorequiring File[/var/lib/puppet/ssl/certs]
>>>>>>>>>> debug: /File[/var/lib/puppet/lib]: Autorequiring File[/var/lib/puppet]
>>>>>>>>>> debug: /File[/var/run/puppet/agent.pid]: Autorequiring File[/var/run/puppet]
>>>>>>>>>> debug: /File[/var/lib/puppet/clientbucket]: Autorequiring File[/var/lib/puppet]
>>>>>>>>>> debug: /File[/var/lib/puppet/state/state.yaml]: Autorequiring
>>>>>>>>>> File[/var/lib/puppet/state]
>>>>>>>>>> debug: /File[/var/lib/puppet/ssl/certificate_requests]: Autorequiring
>>>>>>>>>> File[/var/lib/puppet/ssl]
>>>>>>>>>> debug: /File[/var/lib/puppet/client_data]: Autorequiring File[/var/lib/puppet]
>>>>>>>>>> debug: /File[/var/lib/puppet/ssl/private]: Autorequiring
>>>>>>>>>> File[/var/lib/puppet/ssl]
>>>>>>>>>> debug: /File[/var/lib/puppet/ssl]: Autorequiring File[/var/lib/puppet]
>>
>>>>>>>>>> debug: Stored state in 0.00 seconds
>>>>>>>>>> notice: Finished catalog run in 0.50 seconds
>>>>>>>>>> #########
>>>>>>>>>>
>>>>>>>>>> On Thu, Sep 5, 2013 at 8:10 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>>>>>>>>> That doesn't make any sense.
>>>>>>>>>>>
>>>>>>>>>>> What version are you using? and what's in the logs? Have you tried
>>>>>>>>>>> running with --debug?
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On 5 September 2013 15:01, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>>>>>>>>> I also tried with the FQDN, but that didn't make any difference. I
>>>>>>>>>>>> also tried removing the default node definition, and that also had no
>>>>>>>>>>>> impact. ntp is loaded regardless.
>>>>>>>>>>>>
>>>>>>>>>>>> On Thu, Sep 5, 2013 at 1:56 AM, Federico Voges <ftc at ftc.com.ar> wrote:
>>>>>>>>>>>>> Hi Lonni,
>>>>>>>>>>>>>
>>>>>>>>>>>>> Is 'cuda-farm-ljf1' the FQDN for the node? If not, put the full
>>>>>>>>>>>>> hostname or use a regex.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Cheers,
>>>>>>>>>>>>> Fed.
>>>>>>>>>>>>>
>>>>>>>>>>>>> On 3 September 2013 23:06, Lonni J Friedman <netllama at gmail.com> wrote:
>>>>>>>>>>>>>> I'm trying to get ramped up on Puppet ( http://www.puppetlabs.com ),
>>>>>>>>>>>>>> and I'm encountering some strange behavior with the node definitions.
>>>>>>>>>>>>>> >From the documentation, I thought that the 'default' node was a
>>>>>>>>>>>>>> catchall for any node which wasn't explicitly matched elsewhere.
>>>>>>>>>>>>>> However, what I'm seeing is that the default seems to apply even where
>>>>>>>>>>>>>> there is an exact match. For example, I have the following in
>>>>>>>>>>>>>> site.pp:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> #########
>>>>>>>>>>>>>> import "services/*"
>>>>>>>>>>>>>> node "cuda-farm-ljf1" {
>>>>>>>>>>>>>> include hello
>>>>>>>>>>>>>> }
>>>>>>>>>>>>>> node default {
>>>>>>>>>>>>>> include ntp
>>>>>>>>>>>>>> }
>>>>>>>>>>>>>> #########
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> What I'd expect is that the 'ntp' class will *not* apply to the
>>>>>>>>>>>>>> 'cuda-farm-ljf1' node, however that isn't the behavior that I'm
>>>>>>>>>>>>>> seeing. Even if I completely uninstall ntp on that node, its
>>>>>>>>>>>>>> reinstalled & started the next time it syncs with the master. Am I
>>>>>>>>>>>>>> missing something obvious here?
>> _______________________________________________
>> Linux-users mailing list
>> Linux-users at linux-sxs.org
>> http://mailman.celestial.com/mailman/listinfo/linux-users
> _______________________________________________
> Linux-users mailing list
> Linux-users at linux-sxs.org
> http://mailman.celestial.com/mailman/listinfo/linux-users
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
L. Friedman netllama at gmail.com
LlamaLand https://netllama.linux-sxs.org
More information about the Linux-users
mailing list