Andreas Paul
2011-Apr-19 13:36 UTC
[Puppet Users] svn update on puppetmaster via commit hook on another server
Hello there, I''m trying to get SVN working with puppet, but what I need to do is a remote svn update on the puppetmaster server, so that puppet uses the latest configuration. The puppetlabs wiki page uses a simple svn update /etc/puppet in the post-commit hook script, but that implies that the SVN server is on the same machine as the puppetmaster, which is not the case in my environment. The post commit script is being executed by the same user which is running the httpd, in our case a user with minimal right, so no home directory to put other ssh keys in it. Does anyone have a solution to execute the svn update on the puppetmaster server? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Prateep
2011-Apr-19 16:37 UTC
[Puppet Users] Re: svn update on puppetmaster via commit hook on another server
I have a similar issue. I simply run a cronjob on the master every 5 minutes to do the svn update. On Apr 19, 3:36 pm, Andreas Paul <a.p...@enbw.com> wrote:> Hello there, > > I''m trying to get SVN working with puppet, but what I need to do is a remote > svn update on the puppetmaster server, so that puppet uses the latest > configuration. > > The puppetlabs wiki page uses a simple svn update /etc/puppet in the > post-commit hook script, but that implies that the SVN server is on the same > machine as the puppetmaster, which is not the case in my environment. > > The post commit script is being executed by the same user which is running > the httpd, in our case a user with minimal right, so no home directory to > put other ssh keys in it. > Does anyone have a solution to execute the svn update on the puppetmaster > server?-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
R.I.Pienaar
2011-Apr-19 16:38 UTC
Re: [Puppet Users] Re: svn update on puppetmaster via commit hook on another server
----- Original Message -----> > I have a similar issue. I simply run a cronjob on the master every 5 > minutes to do the svn update.I do this with mcollective. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Felix Frank
2011-Apr-20 07:05 UTC
Re: [Puppet Users] svn update on puppetmaster via commit hook on another server
> The puppetlabs wiki page uses a simple svn update /etc/puppet in the > post-commit hook script, but that implies that the SVN server is on the > same machine as the puppetmaster, which is not the case in my environment.Hi, you could fall back to something less elegant like "svn update + rsync push to master" etc. Regards, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Andreas Paul
2011-Apr-20 07:45 UTC
[Puppet Users] Re: svn update on puppetmaster via commit hook on another server
That would, in the worst case, delay the visibility of the changes for 5 minutes. Even running that cronjob every minute would dictate the admin to wait 1 minute before kicking the puppet clients. Otherwise we can''t be sure if the client would use the latest config. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Andreas Paul
2011-Apr-20 07:55 UTC
Re: [Puppet Users] svn update on puppetmaster via commit hook on another server
Do you suggest calling that rsync in the post commit hook? That is not possible as the svn hook script is run by a httpd user without any permissions and granting him any permission just for that hook script would be hard to justify. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Felix Frank
2011-Apr-20 08:04 UTC
Re: [Puppet Users] svn update on puppetmaster via commit hook on another server
On 04/20/2011 09:55 AM, Andreas Paul wrote:> Do you suggest calling that rsync in the post commit hook? > That is not possible as the svn hook script is run by a httpd user > without any permissions and granting him any permission just for that > hook script would be hard to justify.Hi, doesn''t compute: You want your post-hook script to take action towards your puppet master, but giving the user the post-hook runs as any permissions towards that is not allowable? Sounds like you can either chase your own tail for a while ;-) or go for the pull semantics via cronjob as suggested by Prateep or MCollective as per RI''s comment. Regards, Felix -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
Andreas Paul
2011-Apr-26 09:42 UTC
Re: [Puppet Users] svn update on puppetmaster via commit hook on another server
After a very serious discussion with myself :) I found a solution/workaround which my colleagues are satisfied with. Because we want to use puppet in push only mode, every admin has to login to the puppetmaster anyway. So instead of trying to get a post commit hook working from our subversion server, I created the following global alias on the puppetmaster server: $ type pk pk is aliased to `svn up /etc/puppet && puppet kick '' This way every time we want to deploy changes to the clients the puppetmaster configuration and modules get an svn update beforehand. It may not be a very elegant solution and I definitely need to get my head around what MCollective can do, but it works for us at the moment. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-users@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.