similar to: Using puppet to manage user access to servers.

Displaying 20 results from an estimated 4000 matches similar to: "Using puppet to manage user access to servers."

2007 Nov 13
2
new to puppet - can puppet push its content to remote servers?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I was made aware of puppet a few weeks ago and I really like the way things are working. What I liked at cfengine was the capability to push content from the central server to any node. There was no need to open a port from DMZ or any other remote system to the central server. Is there a similar way within puppet? How is this solved by other
2007 Jul 01
5
Mount and fstab problems with large devices?
I''m trying to get a new file server managed by puppet from day 1, at least as much as possible. At the moment, though, there''s two issues I''m running into: 1. fstab should have entries for my comically-large RAID, but doesn''t. 2. each puppet run appears to remount the RAID, even when no rules in the manifest change. I suspect the issue may be in parsing
2007 Aug 25
1
Bug in replace parameter on file types?
Part of my authentication setup is to keep clients'' secrets.tdb for Samba/Winbind on the puppetmaster. Since secrets.tdb contains the username/password for an Active Directory machine account, it will get changed by Winbind periodically, and I don''t want it those changes to get reverted by puppet. So I''ve got active-directory-member.pp, last modified August 19, with
2007 Nov 20
5
Solaris 10 Jumpstart instructions on the wiki now
Not that I''m much of a Solaris guy, and definitely not a Solaris 10 guy, but since nobody else had posted anything yet: http://reductivelabs.com/trac/puppet/wiki/PuppetSolaris#Solaris10 The good news is that it appears to be a completely hands-off puppetd installation. Just sign the client key afterwards on the puppetmaster and you''re set. The bad news is that it''s
2007 Oct 02
6
Push /home/* directories recursively to clients
Hi I am trying to push populate /home & subdirectories from the puppet server to all the Linux clients. I managed this with cfengine using rsync. But I am not sure how do I achieve this in puppet, do we have any inbuilt function for this. Also, is there a function for userdel like for useradd (user) groupadd(group). Any suggestion is appreciated. -- Deepak
2007 Nov 08
7
Best practice for users/groups on solaris
Hi all, I''m a new puppet user and I''m running into some weirdness around creating users on solaris. (puppet version 0.23.2) The virt_all_users way of managing users seems pretty reasonable, but I don''t see how to deal with user specific groups with that. I have: class virt_all_users { @user { "seph": ensure => "present",
2007 Dec 03
3
exec when missing a file but service installed.
Hi all, I am new to this list and puppet. I am working at the Rutherford Appleton Lab and am part of a team that looks after several hundred servers mainly running Scientific Linux (based on RedHat). I am currently looking at puppet to be used to perform what is currently done by kickstart scripts, with these performing an on going configuration job once the systems are built. My current
2007 Nov 12
2
How to keep several puppetd in sync at the same time ?
Hi, I''m still writing my djbdns module, I came to the following design issue with master and slave tinydns. Normally there is no such master and slave distinction in djbdns: all tinydns instance are equal. Usually one instance on one host is considered the master on, which the RR are changed, and when you need to propagate them, you rsync the datas to the other hosts, where they will be
2007 Jul 05
10
Does Puppet ensure that a service is up and running?
Just curious as to the functionality of puppet. Does Puppet ensure that a service is up and running as long as puppet is running? Ie, I want to make sure ssh is always running, if for some reason ssh get''s shut down, does puppet start it back up when it does it''s config sync run? Thanks! --------------------------------- Pinpoint customers who are looking for
2007 Oct 23
6
what''s the maximum of the runinterval
hi,all I want the puppetd run in daemon only run by the puppetrun trigger, not schedule run . so how can do this ? what''s the maximum of the runinterval ? I want change this option to do this. Please help me . -- Huang Mingyou
2007 Nov 04
21
Package management
Anyone care to share how they handle yum updates? We have a script that runs yum update nightly and then emails us the results when there are packages to be updated. Ideally I''d like a way to keep a class in site.pp that can be uncommented to run yum update -y after the update list is reviewed by a human. Tim
2007 Aug 08
7
restart a service without ensure => running
Is it possible to trigger a service restart without always forcing that service to be running? We shutdown mysql for about 30min every day to do backups, and I don''t want puppet to start mysql during this window. So I''ve removed ensure => "running" from the mysql service. But now notify => Service[mysql] doesn''t restart mysql. Is it possible to tell
2007 Jul 06
5
The puppet model
It seems to me that when you have a master server and a client computer, the master doesn''t really need to know the implementation details of the client computer. It''s kinda like a browser from my perspective...the server is just telling the browser what needs to be drawn on the local side. Does the puppet model work like this? If not, I guess what I read didn''t
2007 May 22
4
Newbie: Am I looking at the right tool?
Hi, I''m absolutely new to centralized server management, sorry sorry in advance for any stupid remarks. Looking on the puppet documentation, I mainly find a lot of info about how to manage the config files, but nothing about centralized control. So I''m wandering if I''m looking a the right software package for my needs. I want to be able to do the following from a
2007 May 25
18
services do not get restarted
Hello List, We are using puppet to manage a growing number of Debian Etch based servers (currently 70). Since upgrading to 0.22.4 we encountered a problem when services do not restarted on puppets request. For example the Nagios remote plugin executor daemon (nrpe). It''s running daemonized and its confiugration is located in /etc/nagios/nrpe.cfg. This file is managed through puppet
2007 Nov 20
5
Suddenly can''t access the puppetmaster anymore
Hi, I have a number of puppets talking to 1 puppetmaster. Everything was working fine until suddenly this week the puppets are revolting. Whenever I try to run ''puppetd -v'' I see a lot of messages like: Certificates were not trusted: hostname was not match I''m sure I did not make any changes to DNS lately and I didn''t upgrade puppet on any of the machines
2007 Nov 13
15
require metaparameter and gems
I tried to install the ''mongrel'' gem tonight via puppet in an attempt to migrate from webrick to mongrel as described on the puppet site[1]. I added the following to my manifest: package { "rubygems": ensure => installed; "mongrel": ensure => installed, provider => gem, require => Package["rubygems"]; }
2007 Oct 18
3
verify before deploy
so I have this sudo module that I''ve been working on: class auth::sudo { package { sudo: ensure => installed } file { sudo_config: name => "/tmp/sudoers", owner => "root", group => "root", mode => 0440, notify => Exec["sudoers-syntax"], source => [
2007 Oct 01
7
Service Availability
I''m still tinkering, moving over code from CFE to Puppet in a test environment. One item I did with CfE was manage services. If something wasn''t running, it was restarted. Puppet''s service integration makes this easy. The flip side, is how do you guarantee Puppet''s running? I pulled some tricks with CfE to ensure it was always running. I made CfE a direct
2007 Jun 01
1
Puppet starting before network is up
Lots of my puppet hosts have DHCP-assigned addresses. I''ve found, at least in Debian 4.0, that puppetd will often start up before the network interfaces are all up and running, and therefore it can''t contact the puppetmaster. When that happens, puppet exits immediately. I''m hacking around the problem with the following content in /etc/default/puppet, but