Hello! I''m looking for the best way to integrate Puppet with EC2, I read posts on that group but they are all old, I wanted to know if things have changed since then. So far here are the possibilities I found to tight EC2 with Puppet: -Use the instance name as reference like <instance_id>-<puppetclass>- <environment> - http://bit.ly/YitdC3 -Use the instance security group as reference - http://bit.ly/YitdC3 -Use the user-data, populate with JSON and parse on the puppet master side - http://bit.ly/13MsfGe -Use the user-data, but parse on client side with facter - http://bit.ly/XZlVXD I don''t like to use the name or security as reference at these data has not been designed for this. I don''t like user-data because you can''t change them after the instance is launched. Finally I found all the approach kind of dirty for something which is widely used. Are they other possibilities? -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
I use the same small script to bootstrap puppet on any server whether it''s EC2 or not. It 1) sets the hostname 2) installs puppet 3) sets the puppet master in puppet.conf 4) runs puppet I sign the cert and from that point on use an ENC (I like Foreman) to add classes, set environments, parameters, etc. btw, in Foreman 3 you can launch EC2 instances directly from Foreman already configured. 1.1 is out now with full Puppet 3 support. http://theforeman.org/manuals/1.1/index.html#Releasenotesfor1.1.1 Adam On Mar 9, 12:41 am, sylvainkalache <sylvain.kala...@gmail.com> wrote:> Hello! > > I''m looking for the best way to integrate Puppet with EC2, I read > posts on that group but they are all old, I wanted to know if things > have changed since then. > > So far here are the possibilities I found to tight EC2 with Puppet: > > -Use the instance name as reference like <instance_id>-<puppetclass>- > <environment> -http://bit.ly/YitdC3 > -Use the instance security group as reference -http://bit.ly/YitdC3 > -Use the user-data, populate with JSON and parse on the puppet master > side -http://bit.ly/13MsfGe > -Use the user-data, but parse on client side with facter -http://bit.ly/XZlVXD > > I don''t like to use the name or security as reference at these data > has not been designed for this. > I don''t like user-data because you can''t change them after the > instance is launched. > > Finally I found all the approach kind of dirty for something which is > widely used. Are they other possibilities?-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
I use an in-house bootstrap script that: - launch an ec2 instance - sets the hostname - add to route53 - install puppet - run puppet agent --server my-puppetmaster My puppetmaster only accepts requests from ec2 instances from my aws account and auto sign the certificate, also installs puppet.conf and all the packages needed based in the hostname regex of the nodes already defined in my nodes.pp. ./bootstrap.rb --name web1.mydomain --type m1.small ...etc And in 10 minutes I have a fully deployed server with the right hostname, dns, security group and onboarded on puppet. btw: I tried to use Puppet Cloud Provisioner but it really didn''t do the job I needed, like it should be really easy for it to correct the hostname, but it doesn''t, also fails if you use auto sign, and a lot of open issues and pull requests :( Felipe On Friday, March 8, 2013 10:41:04 PM UTC-8, sylvainkalache wrote:> > Hello! > > I''m looking for the best way to integrate Puppet with EC2, I read > posts on that group but they are all old, I wanted to know if things > have changed since then. > > So far here are the possibilities I found to tight EC2 with Puppet: > > -Use the instance name as reference like <instance_id>-<puppetclass>- > <environment> - http://bit.ly/YitdC3 > -Use <http://bit.ly/YitdC3-Use> the instance security group as reference > - http://bit.ly/YitdC3 > -Use <http://bit.ly/YitdC3-Use> the user-data, populate with JSON and > parse on the puppet master > side - http://bit.ly/13MsfGe > -Use <http://bit.ly/13MsfGe-Use> the user-data, but parse on client side > with facter - http://bit.ly/XZlVXD > > I don''t like to use the name or security as reference at these data > has not been designed for this. > I don''t like user-data because you can''t change them after the > instance is launched. > > Finally I found all the approach kind of dirty for something which is > widely used. Are they other possibilities? >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
I''ve been using R.I''s ec2-boot-init to set the hostname (based of instance ID and AZ) and his mcollective-server-provisioner to securely sign certificates. Roles are assigned based on what security group the instance is in so I can use auto-scaling (with a few exceptions that are hostname based). On Mar 8, 2013, at 11:41 PM, sylvainkalache <sylvain.kalache@gmail.com> wrote:> Hello! > > I''m looking for the best way to integrate Puppet with EC2, I read > posts on that group but they are all old, I wanted to know if things > have changed since then. > > So far here are the possibilities I found to tight EC2 with Puppet: > > -Use the instance name as reference like <instance_id>-<puppetclass>- > <environment> - http://bit.ly/YitdC3 > -Use the instance security group as reference - http://bit.ly/YitdC3 > -Use the user-data, populate with JSON and parse on the puppet master > side - http://bit.ly/13MsfGe > -Use the user-data, but parse on client side with facter - http://bit.ly/XZlVXD > > I don''t like to use the name or security as reference at these data > has not been designed for this. > I don''t like user-data because you can''t change them after the > instance is launched. > > Finally I found all the approach kind of dirty for something which is > widely used. Are they other possibilities? > > -- > You received this message because you are subscribed to the Google Groups "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > >-- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
----- Original Message -----> From: "Justin Lambert" <jlambert@infiniteviewtech.com> > To: puppet-users@googlegroups.com > Sent: Monday, March 11, 2013 1:57:23 PM > Subject: Re: [Puppet Users] Puppet in EC2 > > I''ve been using R.I''s ec2-boot-init to set the hostname (based of instance ID > and AZ) and his mcollective-server-provisioner to securely sign > certificates. Roles are assigned based on what security group the instance > is in so I can use auto-scaling (with a few exceptions that are hostname > based).that still works? :P cloud-init is now in EPEL which is quite nice, though I do like my ec2-boot-init''s ability to load down its plugins and not be stuck with whatever cloud-init has -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
GRANIER Bernard (MORPHO)
2013-Mar-11 14:54 UTC
[Puppet Users] puppet agent and android or IPhone ?
Hi, Is there a puppet agent available for Android or IPhone ? Sincerly, Bernard Granier CE Plateforme Système bernard.granier@morpho.com 01 58 11 32 51 # " This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system." # -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
GRANIER Bernard (MORPHO)
2013-Mar-12 10:26 UTC
[Puppet Users] RE: puppet agent and android or IPhone ?
There is no anwser to the question about puppet and Android, does that mean that there is no Puppet agent for android ? Cordialement, Bernard Granier CE Plateforme Système bernard.granier@morpho.com 01 58 11 32 51 -----Original Message----- From: puppet-users@googlegroups.com [mailto:puppet-users@googlegroups.com] On Behalf Of GRANIER Bernard (MORPHO) Sent: Monday, March 11, 2013 3:55 PM To: puppet-users@googlegroups.com Subject: [SUSPECTED SPOOFING] [Puppet Users] puppet agent and android or IPhone ? " Bien que provenant d’une adresse interne au groupe SAFRAN, ce mail a été émis depuis l’INTERNET. Il est possible que ce soit une tentative d’usurpation d’identité. D’avance merci donc de ne pas cliquer sur les liens et ouvrir les pièces attachées sans vous être assuré préalablement de la légitimité de ce message (vérification de l’origine du message auprès de son émetteur) et/ou de contacter votre RSSI en cas de doute. A noter que les notifications émises par certains systèmes hébergées hors du groupe SAFRAN sont susceptibles d’avoir ce comportement, sans que ce soit à considérer comme une action malveillante. " " Although this email is originated from an internal SAFRAN address, it was sent from the INTERNET. It might be a spoofing attempt. Please do not click on links and attachments without first making sure of the legitimacy of this message (to be checked directly with sender) and / or report to your Security officer in case of any doubt. Please note that the notifications issued by some systems hosted outside the SAFRAN group are likely to have this behavior, even if these emails should not be considered as malicious actions. " Hi, Is there a puppet agent available for Android or IPhone ? Sincerly, Bernard Granier CE Plateforme Système bernard.granier@morpho.com 01 58 11 32 51 # " This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system." # -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out. # " This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system." # -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
On Tuesday, March 12, 2013 5:26:05 AM UTC-5, bernard...@morpho.com wrote:> > There is no anwser to the question about puppet and Android, does that > mean that there is no Puppet agent for android ? >You gave it less than one day, plus you hijacked a thread to pose your question in. Again. Your questions are more likely to be noticed by people inclined to answer them if you start new threads for them, or at least attach them to current threads where they are on-topic. In addition, and speaking for myself only, I have decided that since I already raised the thread hijacking issue with you privately, I will not respond to your hijack posts. This meta-response is an exception, of course. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.