Puppet users - Nov 2011 - Storeconfigs and nagios and foreman

All-

Poking around in the bug database it looks like storeconfigs is being
actively worked on. I am using 2.7.6 on my master as well as all the
clients.  I have clients boot , start puppet and get a signed cert via
auto signing. The nagios module (and currently the only thing puppet
does) complains a lot during compile time about not having
storeconfigs enabled, which is not the case in my config.
Additionally I am running foreman and seeing a few errors with it.  I
have attached my config, and the nagios module to see if there is
something that I have missed. As for foreman, it was but bit confusing
in the documentation but I have the following set:

root@puppet:/etc/puppet# grep storeconfig puppet.conf
    # Boolean; wether storeconfigs store in the database only the
facts and exported resources.
    # If true, then storeconfigs performance will be higher and still
allow exported/collected
     thin_storeconfigs = false
    # async_storeconfigs = false
    # You can adjust the backend using the storeconfigs_backend
setting.
     storeconfigs = true
     storeconfigs_backend = active_record
root@puppet:/etc/puppet# grep foreman puppet.conf
     external_nodes =  /usr/share/foreman/extras/puppet/foreman/files/
external_node.rb
     reports = store, http, foreman, log

root@puppet:/etc/puppet# ls -l /usr/lib/ruby/1.8/puppet/reports
total 32
-rw-r--r-- 1 root root  834 2011-11-03 21:33 foreman.rb
-rw-r--r-- 1 root root  580 2011-09-26 19:40 http.rb
-rw-r--r-- 1 root root  326 2011-09-26 19:40 log.rb
-rw-r--r-- 1 root root 4226 2011-09-26 19:40 rrdgraph.rb
-rw-r--r-- 1 root root 1644 2011-09-26 19:40 store.rb
-rw-r--r-- 1 root root 5344 2011-09-26 19:40 tagmail.rb

The foreman is "err: Could not autoload foreman: Function foreman
already defined"


And the storeconfig is:
"
warning: You cannot collect exported resources without storeconfigs
being set; the collection will be ignored on line 21 in file /etc/
puppet/manifests/classes/nagios3.pp
warning: You cannot collect exported resources without storeconfigs
being set; the collection will be ignored on line 22 in file /etc/
puppet/manifests/classes/nagios3.pp
warning: You cannot collect exported resources without storeconfigs
being set; the collection will be ignored on line 24 in file /etc/
puppet/manifests/classes/nagios3.pp
warning: You cannot collect without storeconfigs being set on line 30
in file /etc/puppet/manifests/classes/nagios3.pp
warning: You cannot collect without storeconfigs being set on line 37
in file /etc/puppet/manifests/classes/nagios3.pp
warning: You cannot collect without storeconfigs being set on line 42
in file /etc/puppet/manifests/classes/nagios3.pp
warning: You cannot collect without storeconfigs being set on line 47
in file /etc/puppet/manifests/classes/nagios3.pp
"

If somebody can point to in the right direction or confirm what I''m
seeing that would be super!  Also I think I''m seeing ghosts of bug
#3234
-Josh


cat puppet.conf
# The configuration file for master.  Note that this file
# is likely to have unused configuration parameters in it; any
parameter that''s
# valid anywhere in Puppet can be in any config file, even if it''s not
used.
#
# Every section can specify three special parameters: owner, group,
and mode.
# These parameters affect the required permissions of any files
specified after
# their specification.  Puppet will sometimes use these parameters to
check its
# own configured state, so they can be used to make Puppet a bit more
self-managing.
#
# Generated on Thu Oct 20 22:28:03 +0000 2011.
#
[master]
    # Whether to automatically migrate the database.
    # dbmigrate = false

    # The database password for caching. Only
    # used when networked databases are used.
    # The default value is ''''.
    # dbport 
    # The number of database connections for networked
    # databases.  Will be ignored unless the value is a positive
integer.
    # The default value is ''''.
    # dbconnections 
    # The log level for Rails connections.  The value must be
    # a valid log level within Rails.  Production environments
normally use `info`
    # and other environments normally use `debug`.
    # The default value is ''info''.
    # rails_loglevel = info

    # The database cache for client configurations.  Used for
    # querying within the language.
    # The default value is ''$statedir/clientconfigs.sqlite3''.
#    dblocation = /var/lib/puppet/state/clientconfigs.sqlite3

    # The name of the database to use.
    # The default value is ''puppet''.
     dbname = puppet

    # The database user for caching. Only
    # used when networked databases are used.
    # The default value is ''puppet''.
     dbuser = puppet

    # The database socket location. Only used when networked
    # databases are used.  Will be ignored if the value is an empty
string.
    # The default value is ''''.
    # dbsocket 
    # The type of database to use.
    # The default value is ''sqlite3''.
     dbadapter = mysql

    # The database server for caching. Only
    # used when networked databases are used.
    # The default value is ''localhost''.
     dbserver = localhost

    # The database password for caching. Only
    # used when networked databases are used.
    # The default value is ''puppet''.
     dbpassword = password

    # Where Rails-specific logs are sent
    # The default value is ''$logdir/rails.log''.
    railslog = /var/lib/puppet/log/rails.log

    # Whether to only use the cached catalog rather than compiling a
new catalog
    # on every run.  Puppet can be run with this enabled by default
and then selectively
    # disabled when a recompile is desired.
    # use_cached_catalog = false

    # Where puppet agent caches the local configuration.  An
    # extension indicating the cache format is added automatically.
    # The default value is ''$statedir/localconfig''.
    localconfig = /var/lib/puppet/state/localconfig

    # Facts that are dynamic; these facts will be ignored when
deciding whether
    # changed facts should result in a recompile.  Multiple facts
should be
    # comma-separated.
    # The default value is
''memorysize,memoryfree,swapsize,swapfree''.
    # dynamicfacts = memorysize,memoryfree,swapsize,swapfree

    # The directory in which serialized data is stored on the client.
    # The default value is ''$vardir/client_data''.
    client_datadir = /var/lib/puppet/client_data

    # Where FileBucket files are stored locally.
    # The default value is ''$vardir/clientbucket''.
    clientbucketdir = /var/lib/puppet/clientbucket

    # The log file for puppet agent.  This is generally not used.
    # The default value is ''$logdir/puppetd.log''.
    puppetdlog = /var/lib/puppet/log/puppetd.log

    # The server to send transaction reports to.
    # The default value is ''$server''.
    report_server = puppet

    # How often puppet agent applies the client configuration; in
seconds.
    # Note that a runinterval of 0 means "run continuously" rather
than
    # "never run." If you want puppet agent to never run, you should
start
    # it with the `--no-client` option.
    # The default value is ''1800''.
    # runinterval = 1800

    # The port to communicate with the inventory_server.
    # The default value is ''$masterport''.
    inventory_port = 8140

    # The port to use for the certificate authority.
    # The default value is ''$masterport''.
    ca_port = 8140

    # Whether puppet agent should be run in noop mode.
    # noop = false

    # Whether to create dot graph files for the different
    # configuration graphs.  These dot files can be interpreted by
tools
    # like OmniGraffle or dot (which is part of ImageMagick).
    # graph = false

    # A lock file to temporarily stop puppet agent from doing
anything.
    # The default value is ''$statedir/puppetdlock''.
    puppetdlockfile = /var/lib/puppet/state/puppetdlock

    # The server to which server puppet agent should connect
    # The default value is ''puppet''.
    # server = puppet

    # The explicit value used for the node name for all requests the
agent
    # makes to the master. WARNING: This setting is mutually exclusive
with
    # node_name_fact.  Changing this setting also requires changes to
the default
    # auth.conf configuration on the Puppet Master.  Please see
    # http://links.puppetlabs.com/node_name_value for more
information.
    # The default value is ''$certname''.
    node_name_value = ip-10-36-11-244.ec2.internal

    # Ignore cache and always recompile the configuration.  This is
    # useful for testing new configurations, where the local cache may
in
    # fact be stale even if the timestamps are up to date - if the
facts
    # change or if the server changes.
    # ignorecache = false

    # Where puppet agent and puppet master store state associated
    # with the running configuration.  In the case of puppet master,
    # this file reflects the state discovered through interacting
    # with clients.
    # The default value is ''$statedir/state.yaml''.
    statefile = /var/lib/puppet/state/state.yaml

    # The maximum time to delay before runs.  Defaults to being the
same as the
    # run interval.
    # The default value is ''$runinterval''.
    splaylimit = 1800

    # The file in which puppet agent stores a list of the classes
    # associated with the retrieved configuration.  Can be loaded in
    # the separate `puppet` executable using the `--loadclasses`
    # option.
    # The default value is ''$statedir/classes.txt''.
    classfile = /var/lib/puppet/state/classes.txt

    # How long the client should wait for the configuration to be
retrieved
    # before considering it a failure.  This can help reduce flapping
if too
    # many clients contact the server at one time.
    # The default value is ''120''.
    # configtimeout = 120

    # Boolean; whether puppet agent should ignore schedules.  This is
useful
    # for initial puppet agent runs.
    # ignoreschedules = false

    # The port to communicate with the report_server.
    # The default value is ''$masterport''.
    report_port = 8140

    # Whether puppet agent should listen for
    # connections.  If this is true, then puppet agent will accept
incoming
    # REST API requests, subject to the default ACLs and the ACLs set
in
    # the `rest_authconfig` file. Puppet agent can respond usefully to
    # requests on the `run`, `facts`, `certificate`, and `resource`
endpoints.
    # listen = false

    # Where puppet agent stores the last run report summary in yaml
format.
    # The default value is ''$statedir/last_run_summary.yaml''.
    lastrunfile = /var/lib/puppet/state/last_run_summary.yaml

    # (Deprecated for ''preferred_serialization_format'') What
format to
    # use to dump the catalog.  Only supports ''marshal'' and
''yaml''.
Only
    # matters on the client, since it asks the server for a specific
format.
    # The default value is ''''.
    # catalog_format 
    # Where to store dot-outputted graphs.
    # The default value is ''$statedir/graphs''.
    graphdir = /var/lib/puppet/state/graphs

    # Whether to use the cached configuration when the remote
    # configuration will not compile.  This option is useful for
testing
    # new configurations, where you want to fix the broken
configuration
    # rather than reverting to a known-good one.
    # The default value is ''true''.
    # usecacheonfailure = true

    # The fact name used to determine the node name used for all
requests the agent
    # makes to the master. WARNING: This setting is mutually exclusive
with
    # node_name_value.  Changing this setting also requires changes to
the default
    # auth.conf configuration on the Puppet Master.  Please see
    # http://links.puppetlabs.com/node_name_fact for more information.
    # The default value is ''''.
    # node_name_fact 
    # Whether facts should be made all lowercase when sent to the
server.
    # downcasefacts = false

    # Whether to send reports after every transaction.
    # The default value is ''true''.
     report = true

    # The directory in which client-side YAML data is stored.
    # The default value is ''$vardir/client_yaml''.
    clientyamldir = /var/lib/puppet/client_yaml

    # Whether to sleep for a pseudo-random (but consistent) amount of
time before
    # a run.
    # splay = false

    # The file in which puppet agent stores a list of the resources
    # associated with the retrieved configuration.
    # The default value is ''$statedir/resources.txt''.
    resourcefile = /var/lib/puppet/state/resources.txt

    # (Deprecated for ''report_server'') The server to which to
send
transaction reports.
    # The default value is ''$server''.
    reportserver = puppet

    # Which port puppet agent listens on.
    # The default value is ''8139''.
    # puppetport = 8139

    # The server to send facts to.
    # The default value is ''$server''.
    inventory_server = puppet

    # The server to use for certificate
    # authority requests.  It''s a separate server because it cannot
    # and does not need to horizontally scale.
    # The default value is ''$server''.
    ca_server = puppet

    # Where puppet agent stores the last run report in yaml format.
    # The default value is ''$statedir/last_run_report.yaml''.
    lastrunreport = /var/lib/puppet/state/last_run_report.yaml

    # The preferred means of serializing
    # ruby instances for passing over the wire.  This won''t guarantee
that all
    # instances will be serialized using this method, since not all
classes
    # can be guaranteed to support this format, but it will be used
for all
    # classes that support it.
    # The default value is ''pson''.
    # preferred_serialization_format = pson

    # Allow http compression in REST communication with the master.
    # This setting might improve performance for agent -> master
communications over slow WANs.
    # Your puppet master needs to support compression (usually by
activating some settings in a reverse-proxy
    # in front of the puppet master, which rules out webrick).
    # It is harmless to activate this settings if your master doesn''t
support
    # compression, but if it supports it, this setting might reduce
performance on high-speed LANs.
    # http_compression = false

    # Whether log files should always flush to disk.
    # autoflush = false

    # Where host certificate requests are stored.
    # The default value is ''$ssldir/certificate_requests''.
    requestdir = /etc/puppet/ssl/certificate_requests

    # Where Puppet should store plugins that it pulls down from the
central
    # server.
    # The default value is ''$libdir''.
    plugindest = /var/lib/puppet/lib

    # An extra search path for Puppet.  This is only useful
    # for those files that Puppet will load on demand, and is only
    # guaranteed to work for those cases.  In fact, the autoload
    # mechanism is responsible for making sure this directory
    # is in Ruby''s search path
    # The default value is ''$vardir/lib''.
    libdir = /var/lib/puppet/lib

    # Which type of queue to use for asynchronous processing.
    # The default value is ''stomp''.
    # queue_type = stomp

    # Where puppet agent stores the password for its private key.
    # Generally unused.
    # The default value is ''$privatedir/password''.
    passfile = /etc/puppet/ssl/private/password

    # What files to ignore when pulling down plugins.
    # The default value is ''.svn CVS .git''.
    # pluginsignore = .svn CVS .git

    # Run the configuration once, rather than as a long-running
    # daemon. This is useful for interactively running puppetd.
    # onetime = false

    # Where individual hosts store and look for their private key.
    # The default value is ''$privatekeydir/$certname.pem''.
    hostprivkey = /etc/puppet/ssl/private_keys/
ip-10-36-11-244.ec2.internal.pem

    # From where to retrieve facts.  The standard Puppet `file` type
    # is used for retrieval, so anything that is a valid file source
can
    # be used here.
    # The default value is ''puppet://$server/facts/''.
    #factsource = puppet://puppet/facts/

    # The YAML file containing indirector route configuration.
    # The default value is ''$confdir/routes.yaml''.
    route_file = /etc/puppet/routes.yaml

    # Boolean; whether to use the zlib library
    # The default value is ''true''.
    # zlib = true

    # Where the host''s certificate revocation list can be found.
    # This is distinct from the certificate authority''s CRL.
    # The default value is ''$ssldir/crl.pem''.
    hostcrl = /etc/puppet/ssl/crl.pem

    # The configuration file that defines the rights to the different
    # namespaces and methods.  This can be used as a coarse-grained
    # authorization system for both `puppet agent` and `puppet
master`.
    # The default value is ''$confdir/namespaceauth.conf''.
    authconfig = /etc/puppet/namespaceauth.conf

    # What syslog facility to use when logging to
    # syslog.  Syslog has a fixed list of valid facilities, and you
must
    # choose one of those; you cannot just make one up.
    # The default value is ''daemon''.
    # syslogfacility = daemon

    # The shell search path.  Defaults to whatever is inherited
    # from the parent process.
    # The default value is ''none''.
    # path = none

    # Freezes the ''main'' class, disallowing any code to be
added to
it.  This
    # essentially means that you can''t have any code outside of a
node, class, or definition other
    # than in the site manifest.
    # freeze_main = false

    # An external command that can produce node information.  The
output
    # must be a YAML dump of a hash, and that hash must have one or
both of
    # `classes` and `parameters`, where `classes` is an array and
    # `parameters` is a hash.  For unknown nodes, the commands should
    # exit with a non-zero exit code.
    # This command makes it straightforward to store your node mapping
    # information in other data sources like databases.
    # The default value is ''none''.
     external_nodes =  /usr/share/foreman/extras/puppet/foreman/files/
external_node.rb

    # Where to find information about nodes.
    # The default value is ''plain''.
     node_terminus = exec

    # The name to use when handling certificates.  Defaults
    # to the fully qualified domain name.
    # The default value is ''ip-10-36-11-244.ec2.internal''.
    # certname = ip-10-36-11-244.ec2.internal

    # Whether to print stack traces on some errors
    # trace = false

    # Where SSL certificates are kept.
    # The default value is ''$confdir/ssl''.
    ssldir = /etc/puppet/ssl

    # The HTTP proxy host to use for outgoing connections.  Note: You
    # may need to use a FQDN for the server hostname when using a
proxy.
    # The default value is ''none''.
    # http_proxy_host = none

    # The private key directory.
    # The default value is ''$ssldir/private_keys''.
    privatekeydir = /etc/puppet/ssl/private_keys

    # From where to retrieve plugins.  The standard Puppet `file` type
    # is used for retrieval, so anything that is a valid file source
can
    # be used here.
    # The default value is ''puppet://$server/plugins''.
    pluginsource = puppet://puppet/plugins

    # Which type of queue to use for asynchronous processing.  If your
stomp server requires
    # authentication, you can include it in the URI as long as your
stomp client library is at least 1.1.1
    # The default value is ''stomp://localhost:61613/''.
    # queue_source = stomp://localhost:61613/

    # Send the process into the background.  This is the default.
    # The default value is ''true''.
     daemonize = false

    # The maximum allowed UID.  Some platforms use negative UIDs
    # but then ship with tools that do not know how to handle signed
ints, so the UIDs show up as
    # huge numbers that can then not be fed back into the system.
This is a hackish way to fail in a
    # slightly more useful way when that happens.
    # The default value is ''4294967290''.
    # maximum_uid = 4294967290

    # Where Puppet PID files are kept.
    # The default value is ''$vardir/run''.
    rundir = /var/lib/puppet/run

    # Where individual hosts store and look for their certificate
requests.
    # The default value is ''$ssldir/csr_$certname.pem''.
    hostcsr = /etc/puppet/ssl/csr_ip-10-36-11-244.ec2.internal.pem

    # Whether to just print a manifest to stdout and exit.  Only makes
    # sense when used interactively.  Takes into account arguments
specified
    # on the CLI.
    # genmanifest = false

    # Where Puppet should look for facts.  Multiple directories should
    # be colon-separated, like normal PATH variables.
    # The default value is ''$vardir/lib/facter:$vardir/facts''.
    factpath = /var/lib/puppet/lib/facter:/var/lib/puppet/facts

    # Boolean; wether storeconfigs store in the database only the
facts and exported resources.
    # If true, then storeconfigs performance will be higher and still
allow exported/collected
    # resources, but other usage external to Puppet might not work
     thin_storeconfigs = false

    # Where individual hosts store and look for their public key.
    # The default value is ''$publickeydir/$certname.pem''.
    hostpubkey = /etc/puppet/ssl/public_keys/
ip-10-36-11-244.ec2.internal.pem

    # Whether facts should be synced with the central server.
     factsync = false

    # A command to run before every agent run.  If this command
returns a non-zero
    # return code, the entire Puppet run will fail.
    # The default value is ''''.
    # prerun_command 
    # Whether certificate revocation should be supported by
downloading a Certificate Revocation List (CRL)
    # to all clients.  If enabled, CA chaining will almost definitely
not work.
    # The default value is ''true''.
    # certificate_revocation = true

    # Which arguments to pass to the diff command when printing
differences between files.
    # The default value is ''-u''.
    # diff_args = -u

    # Whether Puppet should manage the owner, group, and mode of files
    # it uses internally
    # The default value is ''true''.
    # manage_internal_file_permissions = true

    # The main Puppet configuration directory.  The default for this
parameter is calculated based on the user.  If the process
    # is running as root or the user that Puppet is supposed to run
as, it defaults to a system directory, but if it''s running as any
other user,
    # it defaults to being in the user''s home directory.
    # The default value is ''/etc/puppet''.
    # confdir = /etc/puppet

    # Where to get node catalogs.  This is useful to change if, for
instance,
    # you''d like to pre-compile catalogs and store them in memcached
or some other easily-accessed store.
    # The default value is ''compiler''.
    # catalog_terminus = compiler

    # Whether to create the necessary user and group that puppet agent
will
    # run as.
    # mkusers = false

    # The DNS names on the Server certificate as a colon-separated
list.
    # If it''s anything other than an empty string, it will be used as
an alias in the created
    # certificate.  By default, only the server gets an alias set up,
and only for ''puppet''.
    # The default value is ''''.
    # certdnsnames 
    # Should usually be the same as the facts terminus
    # The default value is ''$facts_terminus''.
    inventory_terminus = yaml

    # Where Puppet stores dynamic and growing data.  The default for
this parameter is calculated specially, like `confdir`_.
    # The default value is ''/var/lib/puppet''.
    # vardir = /var/lib/puppet

    # The public key directory.
    # The default value is ''$ssldir/public_keys''.
    publickeydir = /etc/puppet/ssl/public_keys

    # Print the value of a specific configuration parameter.  If a
    # parameter is provided for this, then the value is printed and
puppet
    # exits.  Comma-separate multiple values.  For a list of all
values,
    # specify ''all''.  This feature is only available in Puppet
versions
    # higher than 0.18.4.
    # The default value is ''''.
    # configprint 
    # The Puppet log directory.
    # The default value is ''$vardir/log''.
    logdir = /var/lib/puppet/log

    # The HTTP proxy port to use for outgoing connections
    # The default value is ''3128''.
    # http_proxy_port = 3128

    # Where the client stores private certificate information.
    # The default value is ''$ssldir/private''.
    privatedir = /etc/puppet/ssl/private

    # Whether plugins should be synced with the central server.
    # pluginsync = false

    # Whether to use a queueing system to provide asynchronous
database integration.
    # Requires that `puppetqd` be running and that ''PSON''
support for
ruby be installed.
    # async_storeconfigs = false

    # Where individual hosts store and look for their certificates.
    # The default value is ''$certdir/$certname.pem''.
    hostcert = /etc/puppet/ssl/certs/ip-10-36-11-244.ec2.internal.pem

    # The directory where Puppet state is stored.  Generally,
    # this directory can be removed without causing harm (although it
    # might result in spurious service restarts).
    # The default value is ''$vardir/state''.
    statedir = /var/lib/puppet/state

    # Where Puppet should store facts that it pulls down from the
central
    # server.
    # The default value is ''$vardir/facts/''.
    #factdest = /var/lib/puppet/facts/

    # How to determine the configuration version.  By default, it will
be the
    # time that the configuration is parsed, but you can provide a
shell script to override how the
    # version is determined.  The output of this script will be added
to every log message in the
    # reports, allowing you to correlate changes on your hosts to the
source version on the server.
    # The default value is ''''.
    # config_version 
    # Which diff command to use when printing differences between
files.
    # The default value is ''diff''.
    # diff = diff

    # The minimum time to wait (in seconds) between checking for
updates in
    # configuration files.  This timeout determines how quickly Puppet
checks whether
    # a file (such as manifests or templates) has changed on disk.
    # The default value is ''15''.
    # filetimeout = 15

    # The environment Puppet is running in.  For clients
    # (e.g., `puppet agent`) this determines the environment itself,
which
    # is used to find modules and much more.  For servers (i.e.,
`puppet master`) this provides the default environment for nodes
    # we know nothing about.
    # The default value is ''production''.
    # environment = production

    # Where each client stores the CA certificate.
    # The default value is ''$certdir/ca.pem''.
    localcacert = /etc/puppet/ssl/certs/ca.pem

    # A parameter that can be used in commit
    # hooks, since it enables you to parse-check a single file rather
    # than requiring that all files exist.
    # ignoreimport = false

    # What files to ignore when pulling down facts.
    # The default value is ''.svn CVS''.
    # factsignore = .svn CVS

    # A command to run after every agent run.  If this command returns
a non-zero
    # return code, the entire Puppet run will be considered to have
failed, even though it might have
    # performed work during the normal run.
    # The default value is ''''.
    # postrun_command 
    # Whether to print a contextual diff when files are being
replaced.  The diff
    # is printed on stdout, so this option is meaningless unless you
are running Puppet interactively.
    # This feature currently requires the `diff/lcs` Ruby library.
    # show_diff = false

    # Whether to use colors when logging to the console.
    # Valid values are `ansi` (equivalent to `true`), `html` (mostly
    # used during testing with TextMate), and `false`, which produces
    # no color.
    # The default value is ''ansi''.
    # color = ansi

    # The node facts terminus.
    # The default value is ''yaml''.
    # facts_terminus = yaml

    # The certificate directory.
    # The default value is ''$ssldir/certs''.
    certdir = /etc/puppet/ssl/certs

    # Where the puppet agent web server logs.
    # The default value is ''$logdir/http.log''.
    httplog = /var/lib/puppet/log/http.log

    # Which port puppet master listens on.
    # The default value is ''8140''.
    # masterport = 8140

    # The configuration file that defines the rights to the different
    # rest indirections.  This can be used as a fine-grained
    # authorization system for `puppet master`.
    # The default value is ''$confdir/auth.conf''.
    rest_authconfig = /etc/puppet/auth.conf

    # Whether to store each client''s configuration, including
catalogs, facts,
    # and related data.  This also enables the import and export of
resources in
    # the Puppet language - a mechanism for exchange resources between
nodes.
    # By default this uses ActiveRecord and an SQL database to store
and query
    # the data; this, in turn, will depend on Rails being available.
    # You can adjust the backend using the storeconfigs_backend
setting.
     storeconfigs = true

    # The directory in which YAML data is stored, usually in a
subdirectory.
    # The default value is ''$vardir/yaml''.
    yamldir = /var/lib/puppet/yaml

    # The directory in which to store reports
    # received from the client.  Each client gets a separate
    # subdirectory.
    # The default value is ''$vardir/reports''.
    reportdir = /var/lib/puppet/reports

    # Whether to only search for the complete
    # hostname as it is in the certificate when searching for node
information
    # in the catalogs.
    # strict_hostname_checking = false

    # The type of server to use.  Currently supported
    # options are webrick and mongrel.  If you use mongrel, you will
need
    # a proxy in front of the process or processes, since Mongrel
cannot
    # speak SSL.
    # The default value is ''webrick''.
    # servertype = webrick

    # Where puppet master logs.  This is generally not used,
    # since syslog is the default log destination.
    # The default value is ''$logdir/puppetmaster.log''.
    masterlog = /var/lib/puppet/log/puppetmaster.log

    # The configuration file for master.
    # The default value is ''$confdir/puppet.conf''.
    config = /etc/puppet/puppet.conf

    # The group puppet master should run as.
    # The default value is ''puppet''.
    # group = puppet

    # How the puppet master determines the client''s identity
    # and sets the ''hostname'', ''fqdn'' and
''domain'' facts for use in
the manifest,
    # in particular for determining which ''node'' statement
applies to
the client.
    # Possible values are ''cert'' (use the subject''s
CN in the client''s
    # certificate) and ''facter'' (use the hostname that the
client
    # reported in its facts)
    # The default value is ''cert''.
    # node_name = cert

    # Code to parse directly.  This is essentially only used
    # by `puppet`, and should only be set if you''re writing your own
Puppet
    # executable
    # The default value is ''''.
    # code 
    # The header containing an authenticated
    # client''s SSL DN.  Only used with Mongrel.  This header must be
set by the proxy
    # to the authenticated client''s SSL DN (e.g., `/
CN=puppet.puppetlabs.com`).
    # See http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel
for more information.
    # The default value is ''HTTP_X_CLIENT_DN''.
    # ssl_client_header = HTTP_X_CLIENT_DN

    # The directory in which serialized data is stored, usually in a
subdirectory.
    # The default value is ''$vardir/server_data''.
    server_datadir = /var/lib/puppet/server_data

    # The URL used by the http reports processor to send reports
    # The default value is
''http://localhost:3000/reports/upload''.
      reporturl = http://localhost:3000/reports/upload


    # The pid file
    # The default value is ''$rundir/$name.pid''.
    pidfile = /var/lib/puppet/run/master.pid

    # Where puppet master looks for its manifests.
    # The default value is ''$confdir/manifests''.
    manifestdir = /etc/puppet/manifests

    # The user puppet master should run as.
    # The default value is ''puppet''.
    # user = puppet

    # Where the puppet master web server logs.
    # The default value is ''$logdir/masterhttp.log''.
    masterhttplog = /var/lib/puppet/log/masterhttp.log

    # Where FileBucket files are stored.
    # The default value is ''$vardir/bucket''.
    bucketdir = /var/lib/puppet/bucket

    # Wether the master should function as a certificate authority.
    # The default value is ''true''.
    # ca = true

    # The header containing the status
    # message of the client verification. Only used with Mongrel.
This header must be set by the proxy
    # to ''SUCCESS'' if the client successfully authenticated,
and
anything else otherwise.
    # See http://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel
for more information.
    # The default value is ''HTTP_X_CLIENT_VERIFY''.
    # ssl_client_verify_header = HTTP_X_CLIENT_VERIFY

    # The list of reports to generate.  All reports are looked for
    # in `puppet/reports/name.rb`, and multiple report names should be
    # comma-separated (whitespace is okay).
    # The default value is ''store''.
     reports = store, http, foreman, log

    # Configure the backend terminus used for StoreConfigs.
    # By default, this uses the ActiveRecord store, which directly
talks to the
    # database from within the Puppet Master process.
    # The default value is ''active_record''.
     storeconfigs_backend = active_record

    # Where the fileserver configuration is stored.
    # The default value is ''$confdir/fileserver.conf''.
    fileserverconfig = /etc/puppet/fileserver.conf

    # The address a listening server should bind to.  Mongrel servers
    # default to 127.0.0.1 and WEBrick defaults to 0.0.0.0.
    # The default value is ''''.
    # bindaddress 
    # The search path for modules as a list of directories separated
by the '':'' character.
    # The default value is ''$confdir/modules:/usr/share/puppet/
modules''.
    modulepath = /etc/puppet/modules:/usr/share/puppet/modules

    # The entry-point manifest for puppet master.
    # The default value is ''$manifestdir/site.pp''.
    manifest = /etc/puppet/manifests/site.pp

    # The LDAP attributes that should be stacked to arrays by adding
    # the values in all hierarchy elements of the tree.  Values
    # should be comma-separated.
    # The default value is ''puppetvar''.
    # ldapstackedattrs = puppetvar

    # The user to use to connect to LDAP.  Must be specified as a
    # full DN.
    # The default value is ''''.
    # ldapuser 
    # Whether TLS should be used when searching for nodes.
    # Defaults to false because TLS usually requires certificates
    # to be set up on the client side.
    # ldaptls = false

    # The search string used to find an LDAP node.
    # The default value is
''(&(objectclass=puppetClient)(cn=%s))''.
    # ldapstring = (&(objectclass=puppetClient)(cn=%s))

    # The LDAP attributes to include when querying LDAP for nodes.
All
    # returned attributes are set as variables in the top-level scope.
    # Multiple values should be comma-separated.  The value
''all''
returns
    # all attributes.
    # The default value is ''all''.
    # ldapattrs = all

    # The password to use to connect to LDAP.
    # The default value is ''''.
    # ldappassword 
    # Whether to search for node configurations in LDAP.  See
    # http://projects.puppetlabs.com/projects/puppet/wiki/LDAP_Nodes
for more information.
    # ldapnodes = false

    # The LDAP server.  Only used if `ldapnodes` is enabled.
    # The default value is ''ldap''.
    # ldapserver = ldap

    # The LDAP attributes to use to define Puppet classes.  Values
    # should be comma-separated.
    # The default value is ''puppetclass''.
    # ldapclassattrs = puppetclass

    # The attribute to use to define the parent node.
    # The default value is ''parentnode''.
    # ldapparentattr = parentnode

    # The search base for LDAP searches.  It''s impossible to provide
    # a meaningful default here, although the LDAP libraries might
    # have one already set.  Generally, it should be the
''ou=Hosts''
    # branch under your main directory.
    # The default value is ''''.
    # ldapbase 
    # Whether SSL should be used when searching for nodes.
    # Defaults to false because SSL usually requires certificates
    # to be set up on the client side.
    # ldapssl = false

    # The LDAP port.  Only used if `ldapnodes` is enabled.
    # The default value is ''389''.
    # ldapport = 389

    # Where the CA stores the password for the private key
    # The default value is ''$caprivatedir/ca.pass''.
    capass = /etc/puppet/ssl/ca/private/ca.pass

    # Whether to allow a new certificate
    # request to overwrite an existing certificate.
    # allow_duplicate_certs = false

    # The type of hash used in certificates.
    # The default value is ''md5''.
    # ca_md = md5

    # A Complete listing of all certificates
    # The default value is ''$cadir/inventory.txt''.
    cert_inventory = /etc/puppet/ssl/ca/inventory.txt

    # The root directory for the certificate authority.
    # The default value is ''$ssldir/ca''.
    cadir = /etc/puppet/ssl/ca

    # The CA public key.
    # The default value is ''$cadir/ca_pub.pem''.
    capub = /etc/puppet/ssl/ca/ca_pub.pem

    # Where the CA stores certificate requests
    # The default value is ''$cadir/requests''.
    csrdir = /etc/puppet/ssl/ca/requests

    # Where the serial number for certificates is stored.
    # The default value is ''$cadir/serial''.
    serial = /etc/puppet/ssl/ca/serial

    # How long a certificate should be valid.
    # This parameter is deprecated, use ca_ttl instead
    # The default value is ''''.
    # ca_days 
    # The bit length of the certificates.
    # The default value is ''2048''.
    # req_bits = 2048

    # The CA certificate.
    # The default value is ''$cadir/ca_crt.pem''.
    cacert = /etc/puppet/ssl/ca/ca_crt.pem

    # The certificate revocation list (CRL) for the CA. Will be used
if present but otherwise ignored.
    # The default value is ''$cadir/ca_crl.pem''.
    cacrl = /etc/puppet/ssl/ca/ca_crl.pem

    # Where the CA stores signed certificates.
    # The default value is ''$cadir/signed''.
    signeddir = /etc/puppet/ssl/ca/signed

    # Whether to enable autosign.  Valid values are true (which
    # autosigns any key request, and is a very bad idea), false (which
    # never autosigns any key request), and the path to a file, which
    # uses that configuration file to determine which keys to sign.
    # The default value is ''$confdir/autosign.conf''.
    autosign = /etc/puppet/autosign.conf

    # The default TTL for new certificates; valid values
    # must be an integer, optionally followed by one of the units
    # ''y'' (years of 365 days), ''d'' (days),
''h'' (hours), or
    # ''s'' (seconds). The unit defaults to seconds. If this
parameter
    # is set, ca_days is ignored. Examples are ''3600'' (one
hour)
    # and ''1825d'', which is the same as ''5y''
(5 years)
    # The default value is ''5y''.
    # ca_ttl = 5y

    # The bit length of keys.
    # The default value is ''1024''.
    # keylength = 1024

    # The name to use the Certificate Authority certificate.
    # The default value is ''Puppet CA: $certname''.
    ca_name = Puppet CA: ip-10-36-11-244.ec2.internal

    # The CA private key.
    # The default value is ''$cadir/ca_key.pem''.
    cakey = /etc/puppet/ssl/ca/ca_key.pem

    # Where the CA stores private certificate information.
    # The default value is ''$cadir/private''.
    caprivatedir = /etc/puppet/ssl/ca/private

    # Tags to use to find resources.  If this is set, then
    # only resources tagged with the specified tags will be applied.
    # Values must be comma-separated.
    # The default value is ''''.
    # tags 
    # Whether to print a transaction summary.
    # summarize = false

    # Whether each resource should log when it is
    # being evaluated.  This allows you to interactively see exactly
    # what is being done.
    # evaltrace = false

    # Whether to use lexical scoping (vs. dynamic).
    # lexical = false

    # Where Puppet looks for template files.  Can be a list of colon-
seperated
    # directories.
    # The default value is ''$vardir/templates''.
    templatedir = /var/lib/puppet/templates

    # Document all resources
    # document_all = false

    # The ''from'' email address for the reports.
    # The default value is
''report@ip-10-36-11-244.ec2.internal''.
    # reportfrom = report@ip-10-36-11-244.ec2.internal

    # The mapping between reporting tags and email addresses.
    # The default value is ''$confdir/tagmail.conf''.
    tagmap = /etc/puppet/tagmail.conf

    # The server through which to send email reports.
    # The default value is ''none''.
    # smtpserver = none

    # Where to find the sendmail binary with which to send email.
    # The default value is ''/usr/sbin/sendmail''.
    # sendmail = /usr/sbin/sendmail

    # During an inspect run, whether to archive files whose contents
are audited to a file bucket.
    # archive_files = false

    # During an inspect run, the file bucket server to archive files
to if archive_files is set.
    # The default value is ''$server''.
    archive_file_server = puppet

    # The url where the puppet couchdb database will be created
    # The default value is ''http://127.0.0.1:5984/puppet''.
    # couchdb_url = http://127.0.0.1:5984/puppet

    # The directory where RRD database files are stored.
    # Directories for each reporting host will be created under
    # this directory.
    # The default value is ''$vardir/rrd''.
    rrddir = /var/lib/puppet/rrd

    # How often RRD should expect data.
    # This should match how often the hosts report back to the server.
    # The default value is ''$runinterval''.
    rrdinterval = 1800

    # The root directory of devices'' $vardir
    # The default value is ''$vardir/devices''.
    devicedir = /var/lib/puppet/devices

    # Path to the device config file for puppet device
    # The default value is ''$confdir/device.conf''.
    deviceconfig = /etc/puppet/device.conf



cat manifests/classes/nagios3.pp
class nagios3 {

   package {
      nagios3:
         ensure  => installed,
         alias   => nagios,
         ;
   }

   service {
      nagios3:
         ensure  => running,
         alias   => nagios,
         hasstatus       => true,
         hasrestart      => true,
         require => Package[nagios],
   }

   # collect resources and populate /etc/nagios/nagios_*.cfg
   Nagios_host <<||>>
   Nagios_service <<||>>
   Nagios_hostextinfo <<||>>

   class target {
      @@nagios_host { $fqdn:
         ensure => present,
         alias => $hostname,
         address => $ipaddress,
         use => "generic-host",
      }

      @@nagios_hostextinfo { $fqdn:
         ensure => present,
         icon_image_alt => $operatingsystem,
         icon_image => "base/$operatingsystem.png",
         statusmap_image => "base/$operatingsystem.gd2",
      }

      @@nagios_service { "check_ping_${hostname}":
         use => "check_ping",
         host_name => "$fqdn",
      }

      @@nagios_service { "check_users_${hostname}":
         use => "remote-nrpe-users",
         host_name => "$fqdn",
      }

      @@nagios_service { "check_load_${hostname}":
         use => "remote-nrpe-load",
         host_name => "$fqdn",
      }

      @@nagios_service { "check_zombie_procs_${hostname}":
         use => "remote-nrpe-zombie-procs",
         host_name => "$fqdn",
      }

      @@nagios_service { "check_total_procs_${hostname}":
         use => "remote-nrpe-total-procs",
         host_name => "$fqdn",
      }

      @@nagios_service { "check_swap_${hostname}":
         use => "remote-nrpe-swap",
         host_name => "$fqdn",
      }

      @@nagios_service { "check_all_disks_${hostname}":
         use => "remote-nrpe-all-disks",
         host_name => "$fqdn",
      }
   }
}

-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.

Work around provided here:
http://projects.puppetlabs.com/issues/7178
-Josh


On Nov 4, 10:23 am, Joshua Vaughn <j...@sibblingz.com>
wrote:
> All-
>
> Poking around in the bug database it looks like storeconfigs is being
> actively worked on. I am using 2.7.6 on my master as well as all the
> clients.  I have clients boot , start puppet and get a signed cert via
> auto signing. The nagios module (and currently the only thing puppet
> does) complains a lot during compile time about not having
> storeconfigs enabled, which is not the case in my config.
> Additionally I am running foreman and seeing a few errors with it.  I
> have attached my config, and the nagios module to see if there is
> something that I have missed. As for foreman, it was but bit confusing
> in the documentation but I have the following set:
>
> root@puppet:/etc/puppet# grep storeconfig puppet.conf
>     # Boolean; wether storeconfigs store in the database only the
> facts and exported resources.
>     # If true, then storeconfigs performance will be higher and still
> allow exported/collected
>      thin_storeconfigs = false
>     # async_storeconfigs = false
>     # You can adjust the backend using the storeconfigs_backend
> setting.
>      storeconfigs = true
>      storeconfigs_backend = active_record
> root@puppet:/etc/puppet# grep foreman puppet.conf
>      external_nodes =  /usr/share/foreman/extras/puppet/foreman/files/
> external_node.rb
>      reports = store, http, foreman, log
>
> root@puppet:/etc/puppet# ls -l /usr/lib/ruby/1.8/puppet/reports
> total 32
> -rw-r--r-- 1 root root  834 2011-11-03 21:33 foreman.rb
> -rw-r--r-- 1 root root  580 2011-09-26 19:40 http.rb
> -rw-r--r-- 1 root root  326 2011-09-26 19:40 log.rb
> -rw-r--r-- 1 root root 4226 2011-09-26 19:40 rrdgraph.rb
> -rw-r--r-- 1 root root 1644 2011-09-26 19:40 store.rb
> -rw-r--r-- 1 root root 5344 2011-09-26 19:40 tagmail.rb
>
> The foreman is "err: Could not autoload foreman: Function foreman
> already defined"
>
> And the storeconfig is:
> "
> warning: You cannot collect exported resources without storeconfigs
> being set; the collection will be ignored on line 21 in file /etc/
> puppet/manifests/classes/nagios3.pp
> warning: You cannot collect exported resources without storeconfigs
> being set; the collection will be ignored on line 22 in file /etc/
> puppet/manifests/classes/nagios3.pp
> warning: You cannot collect exported resources without storeconfigs
> being set; the collection will be ignored on line 24 in file /etc/
> puppet/manifests/classes/nagios3.pp
> warning: You cannot collect without storeconfigs being set on line 30
> in file /etc/puppet/manifests/classes/nagios3.pp
> warning: You cannot collect without storeconfigs being set on line 37
> in file /etc/puppet/manifests/classes/nagios3.pp
> warning: You cannot collect without storeconfigs being set on line 42
> in file /etc/puppet/manifests/classes/nagios3.pp
> warning: You cannot collect without storeconfigs being set on line 47
> in file /etc/puppet/manifests/classes/nagios3.pp
> "
>
> If somebody can point to in the right direction or confirm what
I''m
> seeing that would be super!  Also I think I''m seeing ghosts of bug
> #3234
> -Josh
>
> cat puppet.conf
> # The configuration file for master.  Note that this file
> # is likely to have unused configuration parameters in it; any
> parameter that''s
> # valid anywhere in Puppet can be in any config file, even if it''s
not
> used.
> #
> # Every section can specify three special parameters: owner, group,
> and mode.
> # These parameters affect the required permissions of any files
> specified after
> # their specification.  Puppet will sometimes use these parameters to
> check its
> # own configured state, so they can be used to make Puppet a bit more
> self-managing.
> #
> # Generated on Thu Oct 20 22:28:03 +0000 2011.
> #
> [master]
>     # Whether to automatically migrate the database.
>     # dbmigrate = false
>
>     # The database password for caching. Only
>     # used when networked databases are used.
>     # The default value is ''''.
>     # dbport >
>     # The number of database connections for networked
>     # databases.  Will be ignored unless the value is a positive
> integer.
>     # The default value is ''''.
>     # dbconnections >
>     # The log level for Rails connections.  The value must be
>     # a valid log level within Rails.  Production environments
> normally use `info`
>     # and other environments normally use `debug`.
>     # The default value is ''info''.
>     # rails_loglevel = info
>
>     # The database cache for client configurations.  Used for
>     # querying within the language.
>     # The default value is
''$statedir/clientconfigs.sqlite3''.
> #    dblocation = /var/lib/puppet/state/clientconfigs.sqlite3
>
>     # The name of the database to use.
>     # The default value is ''puppet''.
>      dbname = puppet
>
>     # The database user for caching. Only
>     # used when networked databases are used.
>     # The default value is ''puppet''.
>      dbuser = puppet
>
>     # The database socket location. Only used when networked
>     # databases are used.  Will be ignored if the value is an empty
> string.
>     # The default value is ''''.
>     # dbsocket >
>     # The type of database to use.
>     # The default value is ''sqlite3''.
>      dbadapter = mysql
>
>     # The database server for caching. Only
>     # used when networked databases are used.
>     # The default value is ''localhost''.
>      dbserver = localhost
>
>     # The database password for caching. Only
>     # used when networked databases are used.
>     # The default value is ''puppet''.
>      dbpassword = password
>
>     # Where Rails-specific logs are sent
>     # The default value is ''$logdir/rails.log''.
>     railslog = /var/lib/puppet/log/rails.log
>
>     # Whether to only use the cached catalog rather than compiling a
> new catalog
>     # on every run.  Puppet can be run with this enabled by default
> and then selectively
>     # disabled when a recompile is desired.
>     # use_cached_catalog = false
>
>     # Where puppet agent caches the local configuration.  An
>     # extension indicating the cache format is added automatically.
>     # The default value is ''$statedir/localconfig''.
>     localconfig = /var/lib/puppet/state/localconfig
>
>     # Facts that are dynamic; these facts will be ignored when
> deciding whether
>     # changed facts should result in a recompile.  Multiple facts
> should be
>     # comma-separated.
>     # The default value is
''memorysize,memoryfree,swapsize,swapfree''.
>     # dynamicfacts = memorysize,memoryfree,swapsize,swapfree
>
>     # The directory in which serialized data is stored on the client.
>     # The default value is ''$vardir/client_data''.
>     client_datadir = /var/lib/puppet/client_data
>
>     # Where FileBucket files are stored locally.
>     # The default value is ''$vardir/clientbucket''.
>     clientbucketdir = /var/lib/puppet/clientbucket
>
>     # The log file for puppet agent.  This is generally not used.
>     # The default value is ''$logdir/puppetd.log''.
>     puppetdlog = /var/lib/puppet/log/puppetd.log
>
>     # The server to send transaction reports to.
>     # The default value is ''$server''.
>     report_server = puppet
>
>     # How often puppet agent applies the client configuration; in
> seconds.
>     # Note that a runinterval of 0 means "run continuously"
rather
> than
>     # "never run." If you want puppet agent to never run, you
should
> start
>     # it with the `--no-client` option.
>     # The default value is ''1800''.
>     # runinterval = 1800
>
>     # The port to communicate with the inventory_server.
>     # The default value is ''$masterport''.
>     inventory_port = 8140
>
>     # The port to use for the certificate authority.
>     # The default value is ''$masterport''.
>     ca_port = 8140
>
>     # Whether puppet agent should be run in noop mode.
>     # noop = false
>
>     # Whether to create dot graph files for the different
>     # configuration graphs.  These dot files can be interpreted by
> tools
>     # like OmniGraffle or dot (which is part of ImageMagick).
>     # graph = false
>
>     # A lock file to temporarily stop puppet agent from doing
> anything.
>     # The default value is ''$statedir/puppetdlock''.
>     puppetdlockfile = /var/lib/puppet/state/puppetdlock
>
>     # The server to which server puppet agent should connect
>     # The default value is ''puppet''.
>     # server = puppet
>
>     # The explicit value used for the node name for all requests the
> agent
>     # makes to the master. WARNING: This setting is mutually exclusive
> with
>     # node_name_fact.  Changing this setting also requires changes to
> the default
>     # auth.conf configuration on the Puppet Master.  Please see
>     #http://links.puppetlabs.com/node_name_valuefor more
> information.
>     # The default value is ''$certname''.
>     node_name_value = ip-10-36-11-244.ec2.internal
>
>     # Ignore cache and always recompile the configuration.  This is
>     # useful for testing new configurations, where the local cache may
> in
>     # fact be stale even if the timestamps are up to date - if the
> facts
>     # change or if the server changes.
>     # ignorecache = false
>
>     # Where puppet agent and puppet master store state associated
>     # with the running configuration.  In the case of puppet master,
>     # this file reflects the state discovered through interacting
>     # with clients.
>     # The default value is ''$statedir/state.yaml''.
>     statefile = /var/lib/puppet/state/state.yaml
>
>     # The maximum time to delay before runs.  Defaults to being the
> same as the
>     # run interval.
>     # The default value is ''$runinterval''.
>     splaylimit = 1800
>
>     # The file in which puppet agent stores a list of the classes
>     # associated with the retrieved configuration.  Can be loaded in
>     # the separate `puppet` executable using the `--loadclasses`
>     # option.
>     # The default value is ''$statedir/classes.txt''.
>     classfile = /var/lib/puppet/state/classes.txt
>
>     # How long the client should wait for the configuration to be
> retrieved
>     # before considering it a failure.  This can help reduce flapping
> if too
>     # many clients contact the server at one time.
>     # The default value is ''120''.
>     # configtimeout = 120
>
>     # Boolean; whether puppet agent should ignore schedules.  This is
> useful
>     # for initial puppet agent runs.
>     # ignoreschedules = false
>
>     # The port to communicate with the report_server.
>     # The default value is ''$masterport''.
>     report_port = 8140
>
>     # Whether puppet agent should listen for
>     # connections.  If this is true, then puppet agent will accept
> incoming
>     # REST API requests, subject to the default ACLs and the ACLs set
> in
>     # the `rest_authconfig` file. Puppet agent can respond usefully to
>     # requests on the `run`, `facts`, `certificate`, and `resource`
> endpoints.
>     # listen = false
>
>     # Where puppet agent stores the last run report summary in yaml
> format.
>     # The default value is
''$statedir/last_run_summary.yaml''.
>     lastrunfile = /var/lib/puppet/state/last_run_summary.yaml
>
>     # (Deprecated for ''preferred_serialization_format'')
What format to
>     # use to dump the catalog.  Only supports ''marshal''
and ''yaml''.
> Only
>     # matters on the client, since it asks the server for a specific
> format.
>     # The default value is ''''.
>     # catalog_format >
>     # Where to store dot-outputted graphs.
>     # The default value is ''$statedir/graphs''.
>     graphdir = /var/lib/puppet/state/graphs
>
>     # Whether to use the cached configuration when the remote
>     # configuration will not compile.  This option is useful for
> testing
>     # new configurations, where you want to fix the broken
> configuration
>     # rather than reverting to a known-good one.
>     # The default value is ''true''.
>     # usecacheonfailure = true
>
>     # The fact name used to determine the node name used for all
> requests the agent
>     # makes to the master. WARNING: This setting is mutually exclusive
> with
>     # node_name_value.  Changing this setting also requires changes to
> the default
>     # auth.conf configuration on the Puppet Master.  Please see
>     #http://links.puppetlabs.com/node_name_factfor more information.
>     # The default value is ''''.
>     # node_name_fact >
>     # Whether facts should be made all lowercase when sent to the
> server.
>     # downcasefacts = false
>
>     # Whether to send reports after every transaction.
>     # The default value is ''true''.
>      report = true
>
>     # The directory in which client-side YAML data is stored.
>     # The default value is ''$vardir/client_yaml''.
>     clientyamldir = /var/lib/puppet/client_yaml
>
>     # Whether to sleep for a pseudo-random (but consistent) amount of
> time before
>     # a run.
>     # splay = false
>
>     # The file in which puppet agent stores a list of the resources
>     # associated with the retrieved configuration.
>     # The default value is ''$statedir/resources.txt''.
>     resourcefile = /var/lib/puppet/state/resources.txt
>
>     # (Deprecated for ''report_server'') The server to
which to send
> transaction reports.
>     # The default value is ''$server''.
>     reportserver = puppet
>
>     # Which port puppet agent listens on.
>     # The default value is ''8139''.
>     # puppetport = 8139
>
>     # The server to send facts to.
>     # The default value is ''$server''.
>     inventory_server = puppet
>
>     # The server to use for certificate
>     # authority requests.  It''s a separate server because it
cannot
>     # and does not need to horizontally scale.
>     # The default value is ''$server''.
>     ca_server = puppet
>
>     # Where puppet agent stores the last run report in yaml format.
>     # The default value is
''$statedir/last_run_report.yaml''.
>     lastrunreport = /var/lib/puppet/state/last_run_report.yaml
>
>     # The preferred means of serializing
>     # ruby instances for passing over the wire.  This won''t
guarantee
> that all
>     # instances will be serialized using this method, since not all
> classes
>     # can be guaranteed to support this format, but it will be used
> for all
>     # classes that support it.
>     # The default value is ''pson''.
>     # preferred_serialization_format = pson
>
>     # Allow http compression in REST communication with the master.
>     # This setting might improve performance for agent -> master
> communications over slow WANs.
>     # Your puppet master needs to support compression (usually by
> activating some settings in a reverse-proxy
>     # in front of the puppet master, which rules out webrick).
>     # It is harmless to activate this settings if your master
doesn''t
> support
>     # compression, but if it supports it, this setting might reduce
> performance on high-speed LANs.
>     # http_compression = false
>
>     # Whether log files should always flush to disk.
>     # autoflush = false
>
>     # Where host certificate requests are stored.
>     # The default value is
''$ssldir/certificate_requests''.
>     requestdir = /etc/puppet/ssl/certificate_requests
>
>     # Where Puppet should store plugins that it pulls down from the
> central
>     # server.
>     # The default value is ''$libdir''.
>     plugindest = /var/lib/puppet/lib
>
>     # An extra search path for Puppet.  This is only useful
>     # for those files that Puppet will load on demand, and is only
>     # guaranteed to work for those cases.  In fact, the autoload
>     # mechanism is responsible for making sure this directory
>     # is in Ruby''s search path
>     # The default value is ''$vardir/lib''.
>     libdir = /var/lib/puppet/lib
>
>     # Which type of queue to use for asynchronous processing.
>     # The default value is ''stomp''.
>     # queue_type = stomp
>
>     # Where puppet agent stores the password for its private key.
>     # Generally unused.
>     # The default value is ''$privatedir/password''.
>     passfile = /etc/puppet/ssl/private/password
>
>     # What files to ignore when pulling down plugins.
>     # The default value is ''.svn CVS .git''.
>     # pluginsignore = .svn CVS .git
>
>     # Run the configuration once, rather than as a long-running
>     # daemon. This is useful for interactively running puppetd.
>     # onetime = false
>
>     # Where individual hosts store and look for their private key.
>     # The default value is
''$privatekeydir/$certname.pem''.
>     hostprivkey = /etc/puppet/ssl/private_keys/
> ip-10-36-11-244.ec2.internal.pem
>
>     # From where to retrieve facts.  The standard Puppet `file` type
>     # is used for retrieval, so anything that is a valid file source
> can
>     # be used here.
>     # The default value is ''puppet://$server/facts/''.
>     #factsource = puppet://puppet/facts/
>
>     # The YAML file containing indirector route configuration.
>     # The default value is ''$confdir/routes.yaml''.
>     route_file = /etc/puppet/routes.yaml
>
>     # Boolean; whether to use the zlib library
>     # The default value is ''true''.
>     # zlib = true
>
>     # Where the host''s certificate revocation list can be found.
>     # This is distinct from the certificate authority''s CRL.
>     # The default value is ''$ssldir/crl.pem''.
>     hostcrl = /etc/puppet/ssl/crl.pem
>
>     # The configuration file that defines the rights to the different
>     # namespaces and methods.  This can be used as a coarse-grained
>     # authorization system for both `puppet agent` and `puppet
> master`.
>     # The default value is ''$confdir/namespaceauth.conf''.
>     authconfig = /etc/puppet/namespaceauth.conf
>
>     # What syslog facility to use when logging to
>     # syslog.  Syslog has a fixed list of valid facilities, and you
> must
>     # choose one of those; you cannot just make one up.
>     # The default value is ''daemon''.
>     # syslogfacility = daemon
>
>     # The shell search path.  Defaults to whatever is inherited
>     # from the parent process.
>     # The default value is ''none''.
>     # path = none
>
>     # Freezes the ''main'' class, disallowing any code to
be added to
> it.  This
>     # essentially means that you can''t have any code outside of a
> node, class, or definition other
>     # than in the site manifest.
>     # freeze_main = false
>
>     # An external command that can produce node information.  The
> output
>     # must be a YAML dump of a hash, and that hash must have one or
> both of
>     # `classes` and `parameters`, where `classes` is an array and
>     # `parameters` is a hash.  For unknown nodes, the commands should
>     # exit with a non-zero exit code.
>     # This command makes it straightforward to store your node mapping
>     # information in other data sources like databases.
>     # The default value is ''none''.
>      external_nodes =  /usr/share/foreman/extras/puppet/foreman/files/
> external_node.rb
>
>     # Where to find information about nodes.
>     # The default value is ''plain''.
>      node_terminus = exec
>
>     # The name to use when handling certificates.  Defaults
>     # to the fully qualified domain name.
>     # The default value is
''ip-10-36-11-244.ec2.internal''.
>     # certname = ip-10-36-11-244.ec2.internal
>
>     # Whether to print stack traces on some errors
>     # trace = false
>
>     # Where SSL certificates are kept.
>     # The default value is ''$confdir/ssl''.
>     ssldir = /etc/puppet/ssl
>
>     # The HTTP proxy host to use for outgoing connections.  Note: You
>     # may need to use a FQDN for the server hostname when using a
> proxy.
>     # The default value is ''none''.
>     # http_proxy_host = none
>
>     # The private key directory.
>     # The default value is ''$ssldir/private_keys''.
>     privatekeydir = /etc/puppet/ssl/private_keys
>
>     # From where to retrieve plugins.  The standard Puppet `file` type
>     # is used for retrieval, so anything that is a valid file source
> can
>     # be used here.
>     # The default value is ''puppet://$server/plugins''.
>     pluginsource = puppet://puppet/plugins
>
>     # Which type of queue to use for asynchronous processing.  If your
> stomp server requires
>     # authentication, you can include it in the URI as long as your
> stomp client library is at least 1.1.1
>     # The default value is ''stomp://localhost:61613/''.
>     # queue_source = stomp://localhost:61613/
>
>     # Send the process into the background.  This is the default.
>     # The default value is ''true''.
>      daemonize = false
>
>     # The maximum allowed UID.  Some platforms use negative UIDs
>     # but then ship with tools that do not know how to handle signed
> ints, so the UIDs show up as
>     # huge numbers that can then not be fed back into the system.
> This is a hackish way to fail in a
>     # slightly more useful way when that happens.
>     # The default value is ''4294967290''.
>     # maximum_uid = 4294967290
>
>     # Where Puppet PID files are kept.
>     # The default value is ''$vardir/run''.
>     rundir = /var/lib/puppet/run
>
>     # Where individual hosts store and look for their certificate
> requests.
>     # The default value is ''$ssldir/csr_$certname.pem''.
>     hostcsr = /etc/puppet/ssl/csr_ip-10-36-11-244.ec2.internal.pem
>
>     # Whether to just print a manifest to stdout and exit.  Only makes
>     # sense when used interactively.  Takes into account arguments
> specified
>     # on the CLI.
>     # genmanifest = false
>
>     # Where Puppet should look for facts.  Multiple directories should
>     # be colon-separated, like normal PATH variables.
>     # The default value is
''$vardir/lib/facter:$vardir/facts''.
>     factpath = /var/lib/puppet/lib/facter:/var/lib/puppet/facts
>
>     # Boolean; wether storeconfigs store in the database only the
> facts and exported resources.
>     # If true, then storeconfigs performance will be higher and still
> allow exported/collected
>     # resources, but other usage external to Puppet might not work
>      thin_storeconfigs = false
>
>     # Where individual hosts store and look for their public key.
>     # The default value is ''$publickeydir/$certname.pem''.
>     hostpubkey = /etc/puppet/ssl/public_keys/
> ip-10-36-11-244.ec2.internal.pem
>
>     # Whether facts should be synced with the central server.
>      factsync = false
>
>     # A command to run before every agent run.  If this command
> returns a non-zero
>     # return code, the entire Puppet run will fail.
>     # The default value is ''''.
>     # prerun_command >
>     # Whether certificate revocation should be supported by
> downloading a Certificate Revocation List (CRL)
>     # to all clients.  If enabled, CA chaining will almost definitely
> not work.
>     # The default value is ''true''.
>     # certificate_revocation = true
>
>     # Which arguments to pass to the diff command when printing
> differences between files.
>     # The default value is ''-u''.
>     # diff_args = -u
>
>     # Whether Puppet should manage the owner, group, and mode of files
>     # it uses internally
>     # The default value is ''true''.
>     # manage_internal_file_permissions = true
>
>     # The main Puppet configuration directory.  The default for this
> parameter is calculated based on the user.  If the process
>     # is running as root or the user that Puppet is supposed to run
> as, it defaults to a system directory, but if it''s running as any
> other user,
>     # it defaults to being in the user''s home directory.
>     # The default value is ''/etc/puppet''.
>     # confdir = /etc/puppet
>
>     # Where to get node catalogs.  This is useful to change if, for
> instance,
>     # you''d like to pre-compile catalogs and store them in
memcached
> or some other easily-accessed store.
>     # The default value is ''compiler''.
>     # catalog_terminus = compiler
>
>     # Whether to create the necessary user and group that puppet agent
> will
>     # run as.
>     # mkusers = false
>
>     # The DNS names on the Server certificate as a colon-separated
> list.
>     # If it''s anything other than an empty string, it will be used
as
> an alias in the created
>     # certificate.  By default, only the server gets an alias set up,
> and only for ''puppet''.
>     # The default value is ''''.
>     # certdnsnames >
>     # Should usually be the same as the facts terminus
>     # The default value is ''$facts_terminus''.
>     inventory_terminus = yaml
>
>     # Where Puppet stores dynamic and growing data.  The default for
> this parameter is calculated specially, like `confdir`_.
>     # The default value is ''/var/lib/puppet''.
>     # vardir = /var/lib/puppet
>
>     # The public key directory.
>     # The default value is ''$ssldir/public_keys''.
>     publickeydir = /etc/puppet/ssl/public_keys
>
>     # Print the value of a specific configuration parameter.  If a
>     # parameter is provided for this, then the value is printed and
> puppet
>     # exits.  Comma-separate multiple values.  For a list of all
> values,
>     # specify ''all''.  This feature is only available in
Puppet
> versions
>     # higher than 0.18.4.
>     # The default value is ''''.
>     # configprint >
>     # The Puppet log directory.
>     # The default value is ''$vardir/log''.
>     logdir = /var/lib/puppet/log
>
>     # The HTTP proxy port to use for outgoing connections
>     # The default value is ''3128''.
>     # http_proxy_port = 3128
>
>     # Where the client stores private certificate information.
>     # The default value is ''$ssldir/private''.
>     privatedir = /etc/puppet/ssl/private
>
>     # Whether plugins should be synced with the central server.
>     # pluginsync = false
>
>     # Whether to use a queueing system to provide asynchronous
> database integration.
>     # Requires that `puppetqd` be running and that ''PSON''
support for
> ruby be installed.
>     # async_storeconfigs = false
>
>     # Where individual hosts store and look for their certificates.
>     # The default value is ''$certdir/$certname.pem''.
>     hostcert = /etc/puppet/ssl/certs/ip-10-36-11-244.ec2.internal.pem
>
>     # The directory where Puppet state is stored.  Generally,
>     # this directory can be removed without causing harm (although it
>     # might result in spurious service restarts).
>     # The default value is ''$vardir/state''.
>     statedir = /var/lib/puppet/state
>
>     # Where Puppet should store facts that it pulls down from the
> central
>     # server.
>     # The default value is ''$vardir/facts/''.
>     #factdest = /var/lib/puppet/facts/
>
>     # How to determine the configuration version.  By default, it will
> be the
>     # time that the configuration is parsed, but you can provide a
> shell script to override how the
>     # version is determined.  The output of this script will be added
> to every log message in the
>     # reports, allowing you to correlate changes on your hosts to the
> source version on the server.
>     # The default value is ''''.
>     # config_version >
>     # Which diff command to use when printing differences between
> files.
>     # The default value is ''diff''.
>     # diff = diff
>
>     # The minimum time to wait (in seconds) between checking for
> updates in
>     # configuration files.  This timeout determines how quickly Puppet
> checks whether
>     # a file (such as manifests or templates) has changed on disk.
>     # The default value is ''15''.
>     # filetimeout = 15
>
>     # The environment Puppet is running in.  For clients
>     # (e.g., `puppet agent`) this determines the environment itself,
> which
>     # is used to find modules and much more.  For servers (i.e.,
> `puppet master`) this provides the default environment for nodes
>     # we know nothing about.
>     # The default value is ''production''.
>     # environment = production
>
>     # Where each client stores the CA certificate.
>     # The default value is ''$certdir/ca.pem''.
>     localcacert = /etc/puppet/ssl/certs/ca.pem
>
>     # A parameter that can be used in commit
>     # hooks, since it enables you to parse-check a single file rather
>     # than requiring that all files exist.
>     # ignoreimport = false
>
>     # What files to ignore when pulling down facts.
>     # The default value is ''.svn CVS''.
>     # factsignore = .svn CVS
>
>     # A command to run after every agent run.  If this command returns
> a non-zero
>     # return code, the entire Puppet run will be considered to have
> failed, even though it might have
>     # performed work during the normal run.
>     # The default value is ''''.
>     # postrun_command >
>     # Whether to print a contextual diff when files are being
> replaced.  The diff
>     # is printed on stdout, so this option is meaningless unless you
> are running Puppet interactively.
>     # This feature currently requires the `diff/lcs` Ruby library.
>     # show_diff = false
>
>     # Whether to use colors when logging to the console.
>     # Valid values are `ansi` (equivalent to `true`), `html` (mostly
>     # used during testing with TextMate), and `false`, which produces
>     # no color.
>     # The default value is ''ansi''.
>     # color = ansi
>
>     # The node facts terminus.
>     # The default value is ''yaml''.
>     # facts_terminus = yaml
>
>     # The certificate directory.
>     # The default value is ''$ssldir/certs''.
>     certdir = /etc/puppet/ssl/certs
>
>     # Where the puppet agent web server logs.
>     # The default value is ''$logdir/http.log''.
>     httplog = /var/lib/puppet/log/http.log
>
>     # Which port puppet master listens on.
>     # The default value is ''8140''.
>     # masterport = 8140
>
>     # The configuration file that defines the rights to the different
>     # rest indirections.  This can be used as a fine-grained
>     # authorization system for `puppet master`.
>     # The default value is ''$confdir/auth.conf''.
>     rest_authconfig = /etc/puppet/auth.conf
>
>     # Whether to store each client''s configuration, including
> catalogs, facts,
>     # and related data.  This also enables the import and export of
> resources in
>     # the Puppet language - a mechanism for exchange resources between
> nodes.
>     # By default this uses ActiveRecord and an SQL database to store
> and query
>     # the data; this, in turn, will depend on Rails being available.
>     # You can adjust the backend using the storeconfigs_backend
> setting.
>      storeconfigs = true
>
>     # The directory in which YAML data is stored, usually in a
> subdirectory.
>     # The default value is ''$vardir/yaml''.
>     yamldir = /var/lib/puppet/yaml
>
>     # The directory in which to store reports
>     # received from the client.  Each client gets a separate
>     # subdirectory.
>     # The default value is ''$vardir/reports''.
>     reportdir = /var/lib/puppet/reports
>
>     # Whether to only search for the complete
>     # hostname as it is in the certificate when searching for node
> information
>     # in the catalogs.
>     # strict_hostname_checking = false
>
>     # The type of server to use.  Currently supported
>     # options are webrick and mongrel.  If you use mongrel, you will
> need
>     # a proxy in front of the process or processes, since Mongrel
> cannot
>     # speak SSL.
>     # The default value is ''webrick''.
>     # servertype = webrick
>
>     # Where puppet master logs.  This is generally not used,
>     # since syslog is the default log destination.
>     # The default value is ''$logdir/puppetmaster.log''.
>     masterlog = /var/lib/puppet/log/puppetmaster.log
>
>     # The configuration file for master.
>     # The default value is ''$confdir/puppet.conf''.
>     config = /etc/puppet/puppet.conf
>
>     # The group puppet master should run as.
>     # The default value is ''puppet''.
>     # group = puppet
>
>     # How the puppet master determines the client''s identity
>     # and sets the ''hostname'', ''fqdn''
and ''domain'' facts for use in
> the manifest,
>     # in particular for determining which ''node''
statement applies to
> the client.
>     # Possible values are ''cert'' (use the
subject''s CN in the client''s
>     # certificate) and ''facter'' (use the hostname that
the client
>     # reported in its facts)
>     # The default value is ''cert''.
>     # node_name = cert
>
>     # Code to parse directly.  This is essentially only used
>     # by `puppet`, and should only be set if you''re writing your
own
> Puppet
>     # executable
>     # The default value is ''''.
>     # code >
>     # The header containing an authenticated
>     # client''s SSL DN.  Only used with Mongrel.  This header must
be
> set by the proxy
>     # to the authenticated client''s SSL DN (e.g., `/
> CN=puppet.puppetlabs.com`).
>     # Seehttp://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel
> for more information.
>     # The default value is ''HTTP_X_CLIENT_DN''.
>     # ssl_client_header = HTTP_X_CLIENT_DN
>
>     # The directory in which serialized data is stored, usually in a
> subdirectory.
>     # The default value is ''$vardir/server_data''.
>     server_datadir = /var/lib/puppet/server_data
>
>     # The URL used by the http reports processor to send reports
>     # The default value is
''http://localhost:3000/reports/upload''.
>       reporturl =http://localhost:3000/reports/upload
>
>     # The pid file
>     # The default value is ''$rundir/$name.pid''.
>     pidfile = /var/lib/puppet/run/master.pid
>
>     # Where puppet master looks for its manifests.
>     # The default value is ''$confdir/manifests''.
>     manifestdir = /etc/puppet/manifests
>
>     # The user puppet master should run as.
>     # The default value is ''puppet''.
>     # user = puppet
>
>     # Where the puppet master web server logs.
>     # The default value is ''$logdir/masterhttp.log''.
>     masterhttplog = /var/lib/puppet/log/masterhttp.log
>
>     # Where FileBucket files are stored.
>     # The default value is ''$vardir/bucket''.
>     bucketdir = /var/lib/puppet/bucket
>
>     # Wether the master should function as a certificate authority.
>     # The default value is ''true''.
>     # ca = true
>
>     # The header containing the status
>     # message of the client verification. Only used with Mongrel.
> This header must be set by the proxy
>     # to ''SUCCESS'' if the client successfully
authenticated, and
> anything else otherwise.
>     # Seehttp://projects.puppetlabs.com/projects/puppet/wiki/Using_Mongrel
> for more information.
>     # The default value is ''HTTP_X_CLIENT_VERIFY''.
>     # ssl_client_verify_header = HTTP_X_CLIENT_VERIFY
>
>     # The list of reports to generate.  All reports are looked for
>     # in `puppet/reports/name.rb`, and multiple report names should be
>     # comma-separated (whitespace is okay).
>     # The default value is ''store''.
>      reports = store, http, foreman, log
>
>     # Configure the backend terminus used for StoreConfigs.
>     # By default, this uses the ActiveRecord store, which directly
> talks to the
>     # database from within the Puppet Master process.
>     # The default value is ''active_record''.
>      storeconfigs_backend = active_record
>
>     # Where the fileserver configuration is stored.
>     # The default value is ''$confdir/fileserver.conf''.
>     fileserverconfig = /etc/puppet/fileserver.conf
>
>     # The address a listening server should bind to.  Mongrel servers
>     # default to 127.0.0.1 and WEBrick defaults to 0.0.0.0.
>     # The default value is ''''.
>     # bindaddress >
>     # The search path for modules as a list of directories separated
> by the '':'' character.
>     # The default value is ''$confdir/modules:/usr/share/puppet/
> modules''.
>     modulepath = /etc/puppet/modules:/usr/share/puppet/modules
>
>     # The entry-point manifest for puppet master.
>     # The default value is ''$manifestdir/site.pp''.
>     manifest = /etc/puppet/manifests/site.pp
>
>     # The LDAP attributes that should be stacked to arrays by adding
>     # the values in all hierarchy elements of the tree.  Values
>     # should be comma-separated.
>     # The default value is ''puppetvar''.
>     # ldapstackedattrs = puppetvar
>
>     # The user to use to connect to LDAP.  Must be specified as a
>     # full DN.
>     # The default value is ''''.
>     # ldapuser >
>     # Whether TLS should be used when searching for nodes.
>     # Defaults to false because TLS usually requires certificates
>     # to be set up on the client side.
>     # ldaptls = false
>
>     # The search string used to find an LDAP node.
>     # The default value is
''(&(objectclass=puppetClient)(cn=%s))''.
>     # ldapstring = (&(objectclass=puppetClient)(cn=%s))
>
>     # The LDAP attributes to include when querying LDAP for nodes.
> All
>     # returned attributes are set as variables in the top-level scope.
>     # Multiple values should be comma-separated.  The value
''all''
> returns
>     # all attributes.
>     # The default value is ''all''.
>     # ldapattrs = all
>
>     # The password to use to connect to LDAP.
>     # The default value is ''''.
>     # ldappassword >
>     # Whether to search for node configurations in LDAP.  See
>     #http://projects.puppetlabs.com/projects/puppet/wiki/LDAP_Nodes
> for more information.
>     # ldapnodes = false
>
>     # The LDAP server.  Only used if `ldapnodes` is enabled.
>     # The default value is ''ldap''.
>     # ldapserver = ldap
>
>     # The LDAP attributes to use to define Puppet classes.  Values
>     # should be comma-separated.
>     # The default value is ''puppetclass''.
>     # ldapclassattrs = puppetclass
>
>     # The attribute to use to define the parent node.
>     # The default value is ''parentnode''.
>     # ldapparentattr = parentnode
>
>     # The search base for LDAP searches.  It''s impossible to
provide
>     # a meaningful default here, although the LDAP libraries might
>     # have one already set.  Generally, it should be the
''ou=Hosts''
>     # branch under your main directory.
>     # The default value is ''''.
>     # ldapbase >
>     # Whether SSL should be used when searching for nodes.
>     # Defaults to false because SSL usually requires certificates
>     # to be set up on the client side.
>     # ldapssl = false
>
>     # The LDAP port.  Only used if `ldapnodes` is enabled.
>     # The default value is ''389''.
>     # ldapport = 389
>
>     # Where the CA stores the password for the private key
>     # The default value is ''$caprivatedir/ca.pass''.
>     capass = /etc/puppet/ssl/ca/private/ca.pass
>
>     # Whether to allow a new certificate
>     # request to overwrite an existing certificate.
>     # allow_duplicate_certs = false
>
>     # The type of hash used in certificates.
>     # The default value is ''md5''.
>     # ca_md = md5
>
>     # A Complete listing of all certificates
>     # The default value is ''$cadir/inventory.txt''.
>     cert_inventory = /etc/puppet/ssl/ca/inventory.txt
>
>     # The root directory for the certificate authority.
>     # The default value is ''$ssldir/ca''.
>     cadir = /etc/puppet/ssl/ca
>
>     # The CA public key.
>     # The default value is ''$cadir/ca_pub.pem''.
>     capub = /etc/puppet/ssl/ca/ca_pub.pem
>
>     # Where the CA stores certificate requests
>     # The default value is ''$cadir/requests''.
>     csrdir = /etc/puppet/ssl/ca/requests
>
>     # Where the serial number for certificates is stored.
>     # The default value is ''$cadir/serial''.
>     serial = /etc/puppet/ssl/ca/serial
>
>     # How long a certificate should be valid.
>     # This parameter is deprecated, use ca_ttl instead
>     # The default value is ''''.
>     # ca_days >
>     # The bit length of the certificates.
>     # The default value is ''2048''.
>     # req_bits = 2048
>
>     # The CA certificate.
>     # The default value is ''$cadir/ca_crt.pem''.
>     cacert = /etc/puppet/ssl/ca/ca_crt.pem
>
>     # The certificate revocation list (CRL) for the CA. Will be used
> if present but otherwise ignored.
>     # The default value is ''$cadir/ca_crl.pem''.
>     cacrl = /etc/puppet/ssl/ca/ca_crl.pem
>
>     # Where the CA stores signed certificates.
>     # The default value is ''$cadir/signed''.
>     signeddir = /etc/puppet/ssl/ca/signed
>
>     # Whether to enable autosign.  Valid values are true (which
>     # autosigns any key request, and is a very bad idea), false (which
>     # never autosigns any key request), and the path to a file, which
>     # uses that configuration file to determine which keys to sign.
>     # The default value is ''$confdir/autosign.conf''.
>     autosign = /etc/puppet/autosign.conf
>
>     # The default TTL for new certificates; valid values
>     # must be an integer, optionally followed by one of the units
>     # ''y'' (years of 365 days), ''d''
(days), ''h'' (hours), or
>     # ''s'' (seconds). The unit defaults to seconds. If
this parameter
>     # is set, ca_days is ignored. Examples are ''3600''
(one hour)
>     # and ''1825d'', which is the same as
''5y'' (5 years)
>     # The default value is ''5y''.
>     # ca_ttl = 5y
>
>     # The bit length of keys.
>     # The default value is ''1024''.
>     # keylength = 1024
>
>     # The name to use the Certificate Authority certificate.
>     # The default value is ''Puppet CA: $certname''.
>     ca_name = Puppet CA: ip-10-36-11-244.ec2.internal
>
>     # The CA private key.
>     # The default value is ''$cadir/ca_key.pem''.
>     cakey = /etc/puppet/ssl/ca/ca_key.pem
>
>     # Where the CA stores private certificate information.
>     # The default value is ''$cadir/private''.
>     caprivatedir = /etc/puppet/ssl/ca/private
>
>     # Tags to use to find resources.  If this is set, then
>     # only resources tagged with the specified tags will be applied.
>     # Values must be comma-separated.
>     # The default value is ''''.
>     # tags >
>     # Whether to print a transaction summary.
>     # summarize = false
>
>     # Whether each resource should log when it is
>     # being evaluated.  This allows you to interactively see exactly
>     # what is being done.
>     # evaltrace = false
>
>     # Whether to use lexical scoping (vs. dynamic).
>     # lexical = false
>
>     # Where Puppet looks for template files.  Can be a list of colon-
> seperated
>     # directories.
>     # The default value is ''$vardir/templates''.
>     templatedir = /var/lib/puppet/templates
>
>     # Document all resources
>     # document_all = false
>
>     # The ''from'' email address for the reports.
>     # The default value is
''rep...@ip-10-36-11-244.ec2.internal''.
>     # reportfrom = rep...@ip-10-36-11-244.ec2.internal
>
>     # The mapping between reporting tags and email addresses.
>     # The default value is ''$confdir/tagmail.conf''.
>     tagmap = /etc/puppet/tagmail.conf
>
>     # The server through which to send email reports.
>     # The default value is ''none''.
>     # smtpserver = none
>
>     # Where to find the sendmail binary with which to send email.
>     # The default value is ''/usr/sbin/sendmail''.
>     # sendmail = /usr/sbin/sendmail
>
>     # During an inspect run, whether to archive files whose contents
> are audited to a file bucket.
>     # archive_files = false
>
>     # During an inspect run, the file bucket server to archive files
> to if archive_files is set.
>     # The default value is ''$server''.
>     archive_file_server = puppet
>
>     # The url where the puppet couchdb database will be created
>     # The default value is
''http://127.0.0.1:5984/puppet''.
>     # couchdb_url =http://127.0.0.1:5984/puppet
>
>     # The directory where RRD database files are stored.
>     # Directories for each reporting host will be created under
>     # this directory.
>     # The default value is ''$vardir/rrd''.
>     rrddir = /var/lib/puppet/rrd
>
>     # How often RRD should expect data.
>     # This should match how often the hosts report back to the server.
>     # The default value is ''$runinterval''.
>     rrdinterval = 1800
>
>     # The root directory of devices'' $vardir
>     # The default value is ''$vardir/devices''.
>     devicedir = /var/lib/puppet/devices
>
>     # Path to the device config file for puppet device
>     # The default value is ''$confdir/device.conf''.
>     deviceconfig = /etc/puppet/device.conf
>
> cat manifests/classes/nagios3.pp
> class nagios3 {
>
>    package {
>       nagios3:
>          ensure  => installed,
>          alias   => nagios,
>          ;
>    }
>
>    service {
>       nagios3:
>          ensure  => running,
>          alias   => nagios,
>          hasstatus       => true,
>          hasrestart      => true,
>          require => Package[nagios],
>    }
>
>    # collect resources and populate /etc/nagios/nagios_*.cfg
>    Nagios_host <<||>>
>    Nagios_service <<||>>
>    Nagios_hostextinfo <<||>>
>
>    class target {
>       @@nagios_host { $fqdn:
>          ensure => present,
>          alias => $hostname,
>          address => $ipaddress,
>          use => "generic-host",
>       }
>
>       @@nagios_hostextinfo { $fqdn:
>          ensure => present,
>          icon_image_alt => $operatingsystem,
>          icon_image => "base/$operatingsystem.png",
>          statusmap_image => "base/$operatingsystem.gd2",
>       }
>
>       @@nagios_service { "check_ping_${hostname}":
>          use => "check_ping",
>          host_name => "$fqdn",
>       }
>
>       @@nagios_service { "check_users_${hostname}":
>          use => "remote-nrpe-users",
>          host_name => "$fqdn",
>       }
>
>       @@nagios_service { "check_load_${hostname}":
>          use => "remote-nrpe-load",
>          host_name => "$fqdn",
>       }
>
>       @@nagios_service { "check_zombie_procs_${hostname}":
>          use => "remote-nrpe-zombie-procs",
>          host_name => "$fqdn",
>       }
>
>       @@nagios_service { "check_total_procs_${hostname}":
>          use => "remote-nrpe-total-procs",
>          host_name => "$fqdn",
>       }
>
>       @@nagios_service { "check_swap_${hostname}":
>          use => "remote-nrpe-swap",
>          host_name => "$fqdn",
>       }
>
>       @@nagios_service { "check_all_disks_${hostname}":
>          use => "remote-nrpe-all-disks",
>          host_name => "$fqdn",
>       }
>    }
>
>
>
>
>
>
>
> }
-- 
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.