similar to: Allowing puppet to drop privileges for a manifest

Hi As I''m more familiar with cfengine and it''s way to split updates (in update.conf) from the actual grunt work (in cfagent.conf), I''m wondering how to best manage puppet and my manifests with puppet...? Should I define a puppet class that copy the puppet package (in .tgz format) and all the manifests to the client, and then have all my other classes depend on

I have the following in vagrantfile in WIndows system. config.vm.provision :puppet do |puppet| puppet.manifests_path = "manifests" puppet.manifest_file = "base-hadoop.pp" puppet.module_path = "modules" end when i run vagrant provision, i do see manifest and module folders are mounted and ssh into vm, I can find files in the following path

The docs to installing cfengine refers to /var/spool/cron/crontabs/root That doesn't exist. Nor does /etc/crontab. Heck I remember that from the "old days", now there are lots of cron entries, in /etc but no crontab. Not installed by default. So, I'm hunting that one down. Nate, what did you wind up doing?? Ric -- ---------------------------------------------------- My father,

I''m trying to automatically create users as a requirement for ssh keys to work. Here is my issue. I am getting this error from the agent. The SSH part works fine, but it will not create the user due to a dependency issue. I do not know how to debug this. err: Could not run Puppet configuration client: Could not find dependency Generic::Mkuser[hadoop] for Ssh::Authorized_keys[hadoop] at

I need to know how to do the following in puppet. Say I have three classes, (c1,c2,c3) that are not related. These classes could be considered "attributes" that may or may not apply to an individual host on my network. I need to know how to write a manifest, or series of manifests to allow me trigger a command (call it ''foo'') if all three classes are defined. I also

Hi all, I''m new to puppet (coming from cfengine). I have a question concerning recursive copy. We have about 20 different types of desktop PC installations (typeA, typeB, ...). Each type has about 10-40 different config files. What I would like to do: I have a file server with the following structure: /dist/typeA /dist/typeB /dist/typeC ... Inside /dist/typeA the config files have

Hi folks, I''m working on building up a puppet infrastructure, and I''m having the darndest time putting it all together. I''ve read through as many of the docs as I can find. I''ve read the best practices guide. And I''m still not grokking how to do what I want to do in puppet. I''ve spend enough time with cfengine that I''m sure

I finally got my cfengine configs all objectified and separated into service-based configurations. But there are still many things that cfe can''t or won''t do very well, so I''m looking for a replacement. What about puppet? I am looking for something that I can use to manage services and applications, not hosts and files. It seems like puppet may have inherited some of

So, the usual problem -- we want to be able to test our manifests before putting them into full-scale no-holds-barred oh-shit-we-broke-teh-intarweb production. The two possible solutions I''ve considered so far are: 1) Set a tag on objects we only want to be run on our test machines, and run Puppet on the test machines with "please run objects tagged ''test''".

I''m trying to try out puppet and can''t seem to get to square one. I''ve been using cfengine for years and have just upgraded about 80 Debian machines to etch and wanted to try puppet. So, I have two Debian ''etch'' machines one a server and the other a client. I''m running puppet 0.23.2 installed from the unstable packages. As a first step

Hello, I have two Vmware images, with 256MB of RAM memory each one, running puppetmasterd for the server and puppetd for the client. It''s normal that my puppetmasterd and puppetd occupies almost 10% of RAM memory each one? They aren''t doing anything especial, just listening on the ports. Thanks.

Hello, I''ve recently begun looking at Puppet as an alternative to Cfengine and I have a couple of questions. 1) Besides the information posted on the Puppet website, are there any critical differences between Puppet and Cfengine? 2) Does Puppet allow for client-specific file text manipulation. For instance, in Cfengine I can add a line of text to a file if the line doesn''t

I want to manage cronjobs as a " file " in solaris through puppet and not using the puppet cron resource. I will be managing the file /var/spool/cron/crontabs/root. I want the cron file to be same across all servers except some servers will have additional cron entries. How can I append to the file /var/spool/cron/crontabs/root , something like appendifnosuchline in cfengine? Can

I''m new to puppet. I''m trying to use some real case examples to better understand how Puppet works. Here''s my case: exec { "usermod -d /home/hadoop -s /bin/bash hadoop": unless => "test `grep ^hadoop /etc/passwd | awk -F: ''{print $6}''` == ''/home/hadoop''" } The idea is the usermod would only

I''m still tinkering, moving over code from CFE to Puppet in a test environment. One item I did with CfE was manage services. If something wasn''t running, it was restarted. Puppet''s service integration makes this easy. The flip side, is how do you guarantee Puppet''s running? I pulled some tricks with CfE to ensure it was always running. I made CfE a direct

hi I''ve read about PuppetReporting at the Trac website. Apparently you are working on integrating the benchmark tests for every type in ruby. Do you have any idea when this will all get implemented? This is a crucial part (and actually a necessary feature) in the configuration management system we have set up using Puppet. grtz Koen Vereeken

Hello there. Just to let you know i have just put in production mode puppet on 41 freeBSD 4.7 virtual servers (yes not real servers but "jailed ones"). I had some little problems with facter at first but i have manualy upgraded the servers that where affected by the little "facter does not read his facts" problem i had. I should have missed something in my deploiement.

I''m not sure if this is the way things are supposed to happen but, when I specify a directory with recursion and md5 checksums, the directory itself is checksummed and assumed to have changed. Of course, if anything in the directory changed, the directory checksum will change. What I would like to do is to manipulate all of the files in a directory, but ignore the directory itself.

Hello, I want a simple operation in a puppet node like restarting the ssh service if it was stopped. My site.pp is simple as this: import "services/*" node default { include ssh } The services directory as a ssh.pp : class ssh { service { ssh: ensure => running, subscribe => File["/etc/ssh/sshd_config"] } } I''ve stopped the ssh service in the

I have been looking at Puppet as a possible replacement for cfengine at our site. One difficulty I''ve had with cfengine that I''m wondering if Puppet can solve is that of dealing with laptop/mobile users. Since these laptops move around quite a bit, their IP/hostname is constantly changing. From playing with puppet a bit, I''ve found that it seems to generate the