I''m still trying to get a handle on puppet, but so far, so good. To
preface my question, I''d like to give a quick overview of what
I''ve
done.
I was able to successfully do file distribution. I have this in a
sudo.pp file:
class sudo {
package { sudo: ensure => installed }
file {
"/etc/sudoers":
owner => "root",
group => "root",
mode => 444,
source => "puppet://sam.joedog.org/dist/apps/sudo/sudoers";
"/usr/sbin/sudo":
owner => "root",
group => "root",
mode => 4111
}
}
I set up the puppetmaster as a file server and I configured it like
this:
[dist]
path /var/puppet/dist
I was able to successfully update /etc/sudoers on my client machines.
Now I''d like to do template. Here''s an example from the
recipes on the
puppet site:
class resolvconf {
$searchpath = $domain ? {
''site1.co.nz'' => "site1.co.nz",
''site2.co.nz'' => "site2.co.nz
site2.local",
default => $domain,
}
$nameservers= $domain ? {
''site1'' =>
[''192.168.0.1''],
''site2'' =>
[''10.30.10.1'',''10.30.10.254''],
default => [''192.168.0.254''],
}
file { "/etc/resolv.conf":
path => "/etc/resolv.conf",
mode => 0644,
owner => root,
group => root,
content => template("/etc/puppet/files/templates/
resolv.conf.erb")
}
}
It''s not clear how I distribute the template. Do I put add something
like this:
source =>
"puppet://sam.joedog.org/dist/apps/resolv.conf/resolv.conf";
And if that''s the case, then how do I generate the source file from
the template?
(If this is all explained somewhere, then forgive me. I''ve been all
over the site and I haven''t seen it.)
Also, is there a Simplest Template Guide with a step by step set of
instructions on how to generate and distribute templates?
TIA,
Jeff
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
Hi,
You don''t have to distribute the template.
content => template("/etc/puppet/files/templates/resolv.conf.erb")
will be
applied to /etc/resolv.conf, and everything will just work!
On Thu, May 8, 2008 at 3:38 PM, Jeff <joesiege@gmail.com> wrote:
>
> I''m still trying to get a handle on puppet, but so far, so good.
To
> preface my question, I''d like to give a quick overview of what
I''ve
> done.
>
> I was able to successfully do file distribution. I have this in a
> sudo.pp file:
>
> class sudo {
> package { sudo: ensure => installed }
> file {
> "/etc/sudoers":
> owner => "root",
> group => "root",
> mode => 444,
> source =>
"puppet://sam.joedog.org/dist/apps/sudo/sudoers";
>
> "/usr/sbin/sudo":
> owner => "root",
> group => "root",
> mode => 4111
> }
> }
>
> I set up the puppetmaster as a file server and I configured it like
> this:
>
> [dist]
> path /var/puppet/dist
>
> I was able to successfully update /etc/sudoers on my client machines.
>
> Now I''d like to do template. Here''s an example from the
recipes on the
> puppet site:
>
> class resolvconf {
> $searchpath = $domain ? {
> ''site1.co.nz'' =>
"site1.co.nz",
> ''site2.co.nz'' => "site2.co.nz
site2.local",
> default => $domain,
> }
> $nameservers= $domain ? {
> ''site1'' =>
[''192.168.0.1''],
> ''site2'' =>
[''10.30.10.1'',''10.30.10.254''],
> default => [''192.168.0.254''],
> }
> file { "/etc/resolv.conf":
> path => "/etc/resolv.conf",
> mode => 0644,
> owner => root,
> group => root,
> content => template("/etc/puppet/files/templates/
> resolv.conf.erb")
> }
> }
>
> It''s not clear how I distribute the template. Do I put add
something
> like this:
>
> source =>
"puppet://sam.joedog.org/dist/apps/resolv.conf/resolv.conf";
>
> And if that''s the case, then how do I generate the source file
from
> the template?
>
> (If this is all explained somewhere, then forgive me. I''ve been
all
> over the site and I haven''t seen it.)
>
> Also, is there a Simplest Template Guide with a step by step set of
> instructions on how to generate and distribute templates?
>
> TIA,
> Jeff
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to
puppet-users-unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
On May 8, 4:09 pm, "Ashley Penney" <apen...@gmail.com> wrote:> Hi, > > You don''t have to distribute the template. > > content => template("/etc/puppet/files/templates/resolv.conf.erb") will be > applied to /etc/resolv.conf, and everything will just work!Mine seems to be a little fickle. My resolv.conf does not get updated. On the client server, I see this in the logs: May 8 16:20:35 lsnas002 restorecond: Reset file context /etc/ resolv.conf: user_u:object_r:etc_t:s0->system_u:object_r:net_conf_t:s0 And on the puppetmaster I see this: MAY 8 16:25:00 lccns178 puppetmasterd[23111]: Compiled configuration for doub.joedog.org in 0.02 seconds Any thoughts? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On Thu, May 8, 2008 at 3:29 PM, Jeff <joesiege@gmail.com> wrote:> > On May 8, 4:09 pm, "Ashley Penney" <apen...@gmail.com> wrote: >> Hi, >> >> You don''t have to distribute the template. >> >> content => template("/etc/puppet/files/templates/resolv.conf.erb") will be >> applied to /etc/resolv.conf, and everything will just work! > > Mine seems to be a little fickle. My resolv.conf does not get updated. > On the client server, I see this in the logs: > > May 8 16:20:35 lsnas002 restorecond: Reset file context /etc/ > resolv.conf: user_u:object_r:etc_t:s0->system_u:object_r:net_conf_t:s0 >At a glance this looks like you have selinux running. Right now I would suggest turning it off. IT does not get along well with puppet at teh moment. That is one area I am trying to look at. I doubt I am going ot have much luck (selinux is a bit to good at its job.)> And on the puppetmaster I see this: > > MAY 8 16:25:00 lccns178 puppetmasterd[23111]: Compiled configuration > for doub.joedog.org in 0.02 seconds >This is saying that puppetmaster successfully created the manifest to apply to the client and sent it to the client. Means yrou recipe was good. Evan --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
On May 9, 2:27 pm, "Evan Hisey" <ehi...@gmail.com> wrote:> > At a glance this looks like you have selinux running. Right now I > would suggest turning it off. IT does not get along well with puppet > at teh moment. That is one area I am trying to look at. I doubt I am > going ot have much luck (selinux is a bit to good at its job.)If someone has enabled selinux on purpose, I would not suggest disabling selinux, but instead learn how to use it properly. If they didn''t want to use it though, by all means disable it. We are running a couple dozen servers with Puppet, various infrastructure services, applications, and we have selinux enabled on all but one system, and that one we''re testing the policies to get everything corrected so we can turn selinux back on. There''s some work on selinux here, http://spook.wpi.edu/. I had sent our selinux module to Frank to post on that site, but it looks like it hasn''t made it there yet. -joshua --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---
> If someone has enabled selinux on purpose, I would not suggest > disabling selinux, but instead learn how to use it properly. If they > didn''t want to use it though, by all means disable it. >True. RH and a few others enable it by default, so sometime the best way to check it is disable it. I probably should have stated it differently.> There''s some work on selinux here, http://spook.wpi.edu/. I had sent > our selinux module to Frank to post on that site, but it looks like it > hasn''t made it there yet.Cool. look forward to seeing the work. Evan --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com To unsubscribe from this group, send email to puppet-users-unsubscribe@googlegroups.com For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en -~----------~----~----~----~------~----~------~--~---