I am trying to get Puppet to push out a Solaris sudo package
that I built, but I keep getting errors. I tested applying
the package manually outside of Puppet and it works perfectly,
but when I attempt to push it out via Puppet it fails.
Puppetmaster Version: 0.23.2 [Ubuntu Linux 7.10 - Puppet built
from source]
Puppet client version: 0.23.0 [Sun Solaris 10 Zone - Puppet
built from source]
The sudoers file is getting pushed out just fine so I decided
to add the sudo package to the manifest and let Puppet manage
that as well. I have tried using a package that is in both
the datastream and directory format and each time I see the
errors below on the client side.
Am I missing something obvious here? I looked through the
provider documentation and as far as I can tell everything in
my class manifest looks ok.
-Thomas
Debug Output:
notice: Starting Puppet client version 0.23.0
debug: Loaded state in 0.01 seconds
debug: Calling puppetmaster.freshness
info: Config is up to date
debug: Puppet::Network::Client::File: defining fileserver.describe
debug: Puppet::Network::Client::File: defining fileserver.list
debug: Puppet::Network::Client::File: defining fileserver.retrieve
debug: Finishing transaction 8752020 with 0 changes
notice: Starting configuration run
debug: Prefetching sun resources for package
debug: package provider sun: Executing ''/usr/bin/pkginfo -l''
debug: Package[UCRsudo](provider=sun): Executing
''/usr/bin/pkginfo -l UCRsudo''
debug: //sudo/Package[UCRsudo]: Changing ensure
debug: //sudo/Package[UCRsudo]: 1 change(s)
debug: //sudo/Package[UCRsudo]/ensure: setting present
(currently UCRsudo(ensure)absent)
debug: package provider sun: Executing ''/usr/sbin/pkgadd -d
puppet:///dist/apps/sudo/UCRsudo -n UCRsudo''
err: //sudo/Package[UCRsudo]/ensure: change from absent to
present failed: Execution of ''/usr/sbin/pkgadd -d
puppet:///dist/apps/sudo/UCRsudo -n UCRsudo'' returned 25344:
pkgadd: ERROR: attempt to process datastream failed
- open of <puppet:///dist/apps/sudo/UCRsudo> failed, errno=2
pkgadd: ERROR: could not process datastream from
<puppet:///dist/apps/sudo/UCRsudo>
debug: //sudo/File[/etc/sudoers]: File does not exist
debug: Calling fileserver.describe
debug: //sudo/File[/etc/sudoers]: Changing ensure
debug: //sudo/File[/etc/sudoers]: 1 change(s)
debug: //sudo/File[/etc/sudoers]/ensure: setting file
(currently absent)
debug: Calling fileserver.retrieve
notice: //sudo/File[/etc/sudoers]/ensure: created
debug: Finishing transaction 8522544 with 2 changes
debug: Storing state
debug: Stored state in 0.07 seconds
notice: Finished configuration run in 17.17 seconds
debug: Creating default schedules
Here is the dist directory containing the package (is not
working) AND the sudoers file (works fine):
/sysprov/runtime/puppet/prod/puppet/dist/apps/sudo
-rw-r--r-- 1 puppet puppet 1287 2007-10-10 10:58 sudoers
-rw-r--r-- 1 puppet puppet 445440 2007-12-11 14:08 UCRsudo
Here is my fileserver.conf file:
[dist]
path /sysprov/runtime/puppet/prod/puppet/dist
allow OUR.IP.RANGE
Here is the node entry from LDAP (i''m using LDAPNodes):
# ldap entry
# cmclient1.domain.com, Hosts, puppet
dn: cn=cmclient1.domain.com,ou=Hosts,dc=puppet
objectClass: device
objectClass: ipHost
objectClass: puppetClient
objectClass: top
cn: cmclient1.domain.com
ipHostNumber: X.X.X.X
description: test box
l: statcomp
puppetclass: sudo
Here is my site.pp manifest:
# site.pp
import "classes/*"
import "definitions/*"
import "templates"
# Global defaults
Exec { path =>
"/opt/csw/bin:/usr/bin:/usr/sbin:/bin:/sbin:/usr/local/bin" }
# Global variables
$puppetdist = "puppetmaster.ucr.edu/dist"
And here is my sudo.pp class manifest:
#sudo.pp
class sudo {
file { "/etc/sudoers":
owner => root,
group => root,
mode => 440,
source => "puppet:///dist/apps/sudo/sudoers"
}
case $operatingsystem {
solaris: {
package { UCRsudo:
ensure => installed,
provider => sun,
source =>
"puppet:///dist/apps/sudo/UCRsudo"
}
}
}
}
On 12/12/2007, Thomas Underhill <tunderhi@ucr.edu> wrote:> present failed: Execution of ''/usr/sbin/pkgadd -d > puppet:///dist/apps/sudo/UCRsudo -n UCRsudo'' returned 25344: > pkgadd: ERROR: attempt to process datastream failed > - open of <puppet:///dist/apps/sudo/UCRsudo> failed, errno=2 > pkgadd: ERROR: could not process datastream from > <puppet:///dist/apps/sudo/UCRsudo>pkgadd doesn''t understand puppet:// urls. You''ll either need to put the package on an NFS share or make it available via HTTP(S). G
On Dec 12, 2007, at 12:17 PM, Thomas Underhill wrote:> Am I missing something obvious here? I looked through the > provider documentation and as far as I can tell everything in > my class manifest looks ok.Package sources have to be local files; Puppet won''t automatically pull down a package via the puppet:// protocol. Some providers, like freebsd, support http: or ftp: URLs, but Solaris does not. -- Is life worth living? That is a question for an embryo, not a man. --Samuel Butler --------------------------------------------------------------------- Luke Kanies | http://reductivelabs.com | http://madstop.com
>Package sources have to be local files; Puppet won''tautomatically>pull down a package via the puppet:// protocol. > >Some providers, like freebsd, support http: or ftp: URLs, butSolaris>does not.Ok, so how is everyone else managing these packages locally. NFS mounting a shared filesystem on every box isn''t an option for us. We can use Blastwave for some things, but there are some packages that we have to custom build for our environment. I was storing these on the puppetmaster because I wrongly thought that they would be accessible to all of the clients. I suppose that I could stick these packages in my version control system, but then i''m still going to have to set something up on each client to grab a copy out of the repository. Is there a way to tell puppet to copy the package file from the puppetmaster dist location to a local staging location before it attempts to install it? i.e. something like this... case $operatingsystem { solaris: { source => "puppet:///dist/apps/*" dest => "/dist/apps/" copy $source $dest package { UCRsudo: ensure => installed, provider => sun, source => "$dest/sudo/UCRsudo" } } }
I would set up a file resource for the package itself, to pull it from
the puppetmaster. Something like:
file { "/dist/apps/sudo/UCRsudo":
# Other parameters
source => "puppet:///dist/apps/sudo/UCRsudo"
}
Then a package resource:
package { "UCRsudo":
ensure => installed,
provider => sun,
source => "/dist/apps/sudo/UCRsudo",
require => File[ "/dist/apps/sudo/UCRSudo" ]
}
This sets up a requirement that the file resource be applied before
the package resource. So the file resource pulls the package from the
puppetmaster, and the package resource installs it.
--Paul
On Dec 12, 2007 11:02 AM, Thomas Underhill <tunderhi@ucr.edu>
wrote:> >Package sources have to be local files; Puppet won''t
> automatically
> >pull down a package via the puppet:// protocol.
> >
> >Some providers, like freebsd, support http: or ftp: URLs, but
> Solaris
> >does not.
>
> Ok, so how is everyone else managing these packages locally.
> NFS mounting a shared filesystem on every box isn''t an option
> for us. We can use Blastwave for some things, but there are
> some packages that we have to custom build for our
> environment. I was storing these on the puppetmaster because
> I wrongly thought that they would be accessible to all of the
> clients. I suppose that I could stick these packages in my
> version control system, but then i''m still going to have to
> set something up on each client to grab a copy out of the
> repository.
>
> Is there a way to tell puppet to copy the package file from
> the puppetmaster dist location to a local staging location
> before it attempts to install it?
>
> i.e. something like this...
>
> case $operatingsystem {
> solaris: {
> source => "puppet:///dist/apps/*"
> dest => "/dist/apps/"
> copy $source $dest
> package { UCRsudo:
> ensure => installed,
> provider => sun,
> source => "$dest/sudo/UCRsudo"
>
>
> }
> }
> }
> _______________________________________________
> Puppet-users mailing list
> Puppet-users@madstop.com
> https://mail.madstop.com/mailman/listinfo/puppet-users
>
Thomas Underhill wrote:> Ok, so how is everyone else managing these packages locally. > NFS mounting a shared filesystem on every box isn''t an optionDoesn''t pkgadd accept from stdin? wget http://pkg-master/pkgs/UCRsudo.pkg | pkgadd -scott -- Scott Smith, scott@kontera.com
Thanks to all who responded. I did what Paul suggested and this works perfectly.> >I would set up a file resource for the package itself, topull it from>the puppetmaster. Something like: > >file { "/dist/apps/sudo/UCRsudo": > # Other parameters > source => "puppet:///dist/apps/sudo/UCRsudo" >} > >Then a package resource: > >package { "UCRsudo": > ensure => installed, > provider => sun, > source => "/dist/apps/sudo/UCRsudo", > require => File[ "/dist/apps/sudo/UCRSudo" ] >} > >This sets up a requirement that the file resource be appliedbefore>the package resource. So the file resource pulls the packagefrom the>puppetmaster, and the package resource installs it. > >--Paul
On 12/12/2007, Luke Kanies <luke@madstop.com> wrote:> Package sources have to be local files; Puppet won''t automatically > pull down a package via the puppet:// protocol. > > Some providers, like freebsd, support http: or ftp: URLs, but Solaris > does not.According to the manpage at least, pkgadd on Solaris 10 supports http:// urls as package datastreams. I''ve not used this myself and I have no idea if the Solaris package provider within puppet does something to stop this working. On 12/12/2007, Thomas Underhill <tunderhi@ucr.edu> wrote:> Ok, so how is everyone else managing these packages locally. > NFS mounting a shared filesystem on every box isn''t an option > for us.We use an NFS mount. It''s fairly straightforward to ensure that this is mounted on puppet-managed hosts. G
On 12/12/2007, Graham Bleach <graham@darkskills.org.uk> wrote:> > > > pkgadd doesn''t understand puppet:// urls. You''ll either need to put > the package on an NFS share or make it available via HTTP(S).I think in Olde Solaris it didn''t, but it does now, and has for some years see here for an example: http://blogs.sun.com/darren/entry/pkgadd_over_http_ssl enjoy Gary -- Gary Law _______________________________________________ Puppet-users mailing list Puppet-users@madstop.com https://mail.madstop.com/mailman/listinfo/puppet-users