Add information on GIT workflow for PSICK development.

My config:

include nagios

When trying to log in with the expected defaults: 'nagiosadmin' / '', server returns 500:

(2)No such file or directory: Could not open password file: /etc/nagios3/htpasswd.users

With the puppet-module for mysql, is there a way to create unique users for each database?

I maybe missing something or misunderstanding the workflow for psick. If so I apologize and would welcome enlightenment !

As I feared, I did run into an apparent issue in my development environment evidently caused by needing to run too much of the psick setup process as root.

Scenario:

• A development environment on my local development machine owned by a local user account.
• Environment configured to use rvm in order to isolate development from system ruby configuration => most commands in development area are run using bundler.
• A need (or at least I think so) to run r10k puppetfile install in order to update existing module dependencies (new dependencies, new versions, remove obsolete)

Issues:

• bundle exec r10k puppetfile install fails because r10k gem not found. That's because psick setup installed it at the system level (or so I believe).
• After adding r10k to my Gemfile and performing a bundle install, bundle exec r10k puppetfile install fails to update most modules because of Permission Denied errors. It turns out that the currently installed modules are owned by root and I am running the command as my local development user. Again I suspect that the root ownership is the result of the psick setup process which was run as root.

In my opinion, a local development environment that requires root access for normal development activities and that depends on packages installed at the system level is not a good thing. :-)

Am I missing some aspect of Psick workflow that would address these concerns? Can/should Psick setup be refactored to limit what needs to be installed at the system level and to support a rvm environment?

Hope I'm not barking up the wrong tree.

-steve

With the latest Ubuntu/trusty64 box all example42 modules fail with errors similar to the following:

default: Wrapped exception:
==> default: Received incomplete information - no value provided for parameter my_class

This is true on APT, PHP and Apache (the 3 I am using) and for seemingly all default params on these modules

puppet -v /etc/puppet/manifests/toasters/puppet/init.pp

err: //puppet::server::mysql/Mysql::Grant[puppet_server_grants_SRVHW193.kao.sbwinfra.nl]/Exec[mysqlgrant-puppet-$(puppet::params::db_name}]/returns: change from notrun to 0 failed: mysql < /root/mysqlgrant-puppet-$(puppet::params::db_name}.sql returned 1 instead of one of [0] at /etc/puppet/modules/mysql/manifests/grant.pp:26

Fix -> Typo in:
modules/puppet/manifests/server/mysql.pp

This:
mysql_db => "$(puppet::params::db_name}",
should be:
mysql_db => "${puppet::params::db_name}",

(It occurs twice, same typo)

Regards,
Ger

I wonder if I'm missing a step in the remote node setup process.

I've created a copy of the control-repo on my local dev machine. I then use the Fabric scripts to install Puppet on a remote machine (Ubuntu 16.04) with:

fab puppet.install -H example.com

This successfully installs puppet. However, when I then try to setup the repo on the remote node, with:

fab puppet.remote_setup -H example.com

I get an error:
### Installing external modules via r10k ###
ERROR -> No such file or directory @ rb_sysopen - /var/Puppetfile

I believe that that's because there is no Puppetfile at /etc/puppetlabs/code/environments/production

I thought maybe I needed to run deploy_controlrepo first. However when I try:

fab puppet.deploy_controlrepo -H

I get this error:

fatal: destination path '/etc/puppetlabs/code/environments/production' already exists and is not an empty directory.

Essentially the install process seems to be creating a production environment, that the scripts don't seem to expect. Obviously I could manually address all of this, I just wanted to see if I'm missing an intended step. Should the fab scripts be able to deal with this? Thanks for any guidance.

My quick fix seems to have solved it. Only tested with Ubuntu 12.04

$servicepattern = $operatingsystem ? {
    /(?i:Debian|Ubuntu|Mint)/ => "/usr/bin/monit",
    default => "/usr/sbin/monit",
}

Hi,

I've got several domains with more than one site on it.

On my disk, I keep them ordered like this:

/var/www/domain.com/site1
/var/www/domain.com/site2
/var/www/domain.com/site3

When I make virtualhosts with the virtualhosts manifest, it doesn't create the documentroot directory because the parent doesn't exist.

I've added this to virtualhost.rb to try and fix it:

---------------%<---------------
# creating/managing docroot parent directory
$documentroot_1up = $documentroot_real.chomp(separator='/').rpartition("/")
file { "$documentroot_1up":
owner => "${apache::params::configfile_owner}",
group => "${apache::params::configfile_group}",
mode => '775',
ensure => directory,
}
---------------%<---------------

... but I cannot mix ruby code in.

I've also found this page:
http://www.puppetlabs.com/blog/ruby-dsl/

It looks promising, but I have RedHat servers that use Puppet 0.25.5 from EPEL. I even tried making it work on Ubuntu (which does have Puppet 2.6), but I haven't got a clue where the different parts fit in.

If the apache-module could also check if the parent-directory exist then that would be great, pointers on how to get the parent directory from a string would also be very much appreciated...

Thanks,
Ger.

Given a hiera definition as follows:
profile::users::static::managed_users:
test_user:
comment: 'test_user'

and an attempt to include profile::users::static

tools::user::managed will fail to compile with an unknown variable: real_gid.

Problem is the if test on uid at line 194. If uid = 'absent' then no value for real_gid is ever set and boom.

Probably should contain an else clause that set real_gid to undef

Hi,

I found that there were 3 small issues using virtualhosts on apache:

1. The documentroot directory was not created
2. The documentroot-path was not set correctly in the vhost configfile.
3. ServerAliases were not implemented.

Patch for #1 & 2:
---------------%<----------------
index 289bae4..a278a02 100644
--- a/apache/manifests/virtualhost.pp
+++ b/apache/manifests/virtualhost.pp
@@ -8,9 +8,9 @@

Usage:

With standard template:

With custom template (create it in MODULEPATH/apache/templates/virtualhost/)

define apache::virtualhost ( $templatefile='virtualhost.conf.erb' , $documentroot='' , $enable=true , $filename='', $aliases='') {

@@ -29,7 +29,7 @@ define apache::virtualhost ( $templatefile='virtualhost.conf.erb' , $documentroo
$documentroot_real = $documentroot
}
else {

•    $documentroot_real = "${name}"
  

•    $documentroot_real = "${apache::params::documentroot}/${name}"
  

  }

  file { "ApacheVirtualHost_$name":
  @@ -78,4 +78,10 @@ define apache::virtualhost ( $templatefile='virtualhost.conf.erb' , $documentroo
  default: { }
  }

• file { "$documentroot_real":

•    owner   => "${apache::params::configfile_owner}",
  

•    group   => "${apache::params::configfile_group}",
  

•    mode    => '775',
  

•    ensure  => directory,
  

• }
  }
  ---------------%<----------------

Patch for #3:
---------------%<----------------
index 74665c3..3d7bd17 100644
--- a/apache/templates/virtualhost/virtualhost.conf.erb
+++ b/apache/templates/virtualhost/virtualhost.conf.erb
@@ -4,6 +4,9 @@
ServerAdmin webmaster@<%= name %>
DocumentRoot <%= documentroot_real %>
ServerName <%= name %>
+<% for i in aliases: %>

• ServerAlias <%= i %>
  +<% end %>
  ErrorLog logs/<%= name %>-error_log
  CustomLog logs/<%= name %>-access_log common

Regards,
Ger.

I'm starting to work on acceptance tests for the profile module and the Gem file in site/profile is marked as derived from puppetlabs-ntp. Looking at the ntp module I see that I discovered that the Gem file structure is based on ModuleSync which does not appear to be implemented in psick. Should ModuleSync be implemented or should I pull the ModuleSync specific bits out?

Thx,

-steve

Hi,

When I define multiple virtualhosts, I get this error:

err: Could not retrieve catalog from remote server: Error 400 on SERVER: Duplicate definition: Apache::Dotconf[00-NameVirtualHost] is already defined in file /etc/puppet/modules/apache/manifests/virtualhost.pp at line 76; cannot redefine at /etc/puppet/modules/apache/manifests/virtualhost.pp:76 on node

I think this is because of the

require apache::params

in the virtualhosts module.

How can this be fixed?

Thanks,
Ger.

Hello !

I have written a nextgen module for TheForeman, starting from a copy of your "foo" module, and using theforeman/puppet-foreman module and your legacy one as inspirations.
Here is mine : https://github.com/bguerin/puppet-foreman

You are welcome to comment, criticize, fork, ...

BSD is currently "not supported" by the install script.

TL;DR: if you want FreeBSD support in a single script for all operating systems it must be made sh-compatibile, at least for the FreeBSD code path, or require a FreeBSD system where someone or something pre-installed bash. You will also have to live with facter2 at least for some time or compile relevant packages from the port collections (on every node, or just on one node and distribute your own binary packages).

Here are some relevant info:

• on a fresh FreeBSD install there is no bash but you do get the Bourne Shell (in addition to tcsh and csh). Bourne Again Shell 4.4 is available through a package
• AFAIK there are no Puppet official packages for the open source edition on FreeBSD
• there is a FreeBSD package for puppet4 which is usually more ore less up to date with upstream releases
• caveat: the package depends on the facter2 package, a package for Facter 3.1 is available but will conflict with the former
• via FreeBSD Ports you could configure Puppet4 with Facter3 support, but that would require (automated) build from sources
• newer Facter versions are not currently supported, pending integration of the devel/leatherman port

An sh-compatibile unattended Puppet OpenSource installation on FreeBSD using its package system (with Facter2) boils down to this (the bootstrap and update phases are required if it is a fresh install where pkg has not been used before):

#!/usr/bin/env sh
export ASSUME_ALWAYS_YES=YES
pkg bootstrap
pkg update
pkg install puppet4

This will install the agent and the master (configured to run in mongrel) with the appropriate rc scripts to start them at boot (disabled by default).

We are using a variant of that script to set up production FreeBSD-11-RELEASE systems and as far as I can tell they integrate without problems with a Puppet Collections 1 server running on linux, but we are also considering switching to building it through ports to get the newer facter3.

Ostest fail as follows:

ubuntu1604.ostest.psick.io:
Error: /Stage[main]/Puppet::Profile::Agent/Tp::Install[puppet-agent]/Tp::Repo[puppet-agent]/Exec[tp_apt_update]: Failed to call refresh: /usr/bin/apt-get -qq update returned 100 instead of one of [0]

running /usr/bin/apt-get -qq update results in:

ubuntu@ubuntu1604:~$ sudo /usr/bin/apt-get -qq update

W: http://apt.puppetlabs.com/dists/stable/Release.gpg: Signature by key 47B320EB4C7C375AA9DAE1A01054B7A24BD6EC30 uses weak digest algorithm (SHA1)
W: GPG error: http://apt.puppetlabs.com stable Release: The following signatures were invalid: KEYEXPIRED 1483574797
W: The repository 'http://apt.puppetlabs.com stable Release' is not signed.
W: Invalid 'Date' entry in Release file /var/lib/apt/lists/partial/apt.puppetlabs.com_dists_stable_Release
E: Failed to fetch http://apt.puppetlabs.com/dists/stable/PC1/binary-amd64/Packages 404 Not Found [IP: 192.155.89.90 80]
E: Some index files failed to download. They have been ignored, or old ones used instead.`

When using these modules on Puppet ver 3 I get these errors:

err: Could not retrieve catalog from remote server: Error 400 on SERVER: custom functions must be called with a single array that contains the arguments. For example, function_example([1]) instead of function_example(1) at /etc/puppet/modules/resolver/manifests/init.pp:148 on node puppetclient

[root@localhost modules]# puppet apply postfix/manifests/postfixadmin.pp
Could not parse for environment production: Syntax error at ',
        extracted_dir       => '; expected '}' at /etc/puppetlabs/puppet/example42modules/postfix/manifests/postfixadmin.pp:35 on node puppetmaster.localdomain

Here's a fix:

diff --git a/postfix/manifests/postfixadmin.pp b/postfix/manifests/postfixadmin.pp
index bf27f07..11e2f57 100644
--- a/postfix/manifests/postfixadmin.pp
+++ b/postfix/manifests/postfixadmin.pp
@@ -31,7 +31,7 @@ class postfix::postfixadmin {
     }

     netinstall { postfixadmin:
-        url                 => "{postfix::params::postfixadmin_url}"",
+        url                 => "${postfix::params::postfixadmin_url}",
         extracted_dir       => "${postfix::params::postfixadmin_dirname}",
         postextract_command => "ln -s ${postfix::params::postfixadmin_dirname} ../postfixadmin",
         destination_dir     => "${apache::params::documentroot}",

It would be helpful if the installation instructions included indication of which commands require root privileges (which I think may be all of them).

To install docker using bin/setup.sh the apt module by puppetlabs (or drop-in replacement) is required.
Puppetfile however does not state it in "production" and so the module is never installed - docker fails to install.

At least two problems here.

1. Common.yaml does not contain an entry for profile::base::linux::limits_class

2. profile::hosts::file fails to compile with an undefined valued for variable ipaddress => Evaluation Error: Error while evaluating a Function Call, Class[Profile::Hosts::File]: parameter 'ipaddress' expects a String value, got Undef at /home/FUZZBUTT/snesbitt/projects/puppet/control-repo/psick/site/profile/spec/fixtures/modules/profile/manifests/base/linux.pp:110:5 on node loki.samdom.aussieswithtails.fuzzbutt

Also, in the profile common.yaml is there any reason not to sort the entries within a section. That is, within the profile::base::linux section, have the variables in sort order. Picky yes, but it can help on the debugging. I'll be glad to do it as part of my general work

-steve

Hi, I get the following errors. Note the weird two spaces between the words "file" and "does". If I run bin/papply.sh again, everything works.

==> default: Debug: Puppet::Type::Package::ProviderPuppetserver_gem: file  does not exist
==> default: Debug: Puppet::Type::Package::ProviderPuppetserver_gem: file  does not exist
==> default: Debug: Puppet::Type::Package::ProviderPuppetserver_gem: file  does not exist
==> default: Error: /Package[puppetserver_r10k]: Provider puppetserver_gem is not functional on this host
==> default: Error: /Package[puppetserver_deep_merge]: Provider puppetserver_gem is not functional on this host
==> default: Error: /Package[puppetserver_hiera-eyaml]: Provider puppetserver_gem is not functional on this host

I have noticed that if I move puppetserver/lib/puppet/provider/package/puppetserver_gem.rb out of the way, it seems to work first time, but I'm not sure if I'm breaking something else by doing that. Any clues?

err: Could not retrieve catalog from remote server: Error 400 on SERVER: No matching value for selector param '' at /etc/puppet/environments/development/modules/tomcat/manifests/params.pp:22 on node srvhw130.kao.sbwinfra.nl

In the params file, the $lsbmajdistrelease is checked. This is empty on my RHEL6 server, so it fails with the error above.

I've added a default, so that it works.

Regards,
Ger.

diff --git a/tomcat/manifests/params.pp b/tomcat/manifests/params.pp
index 8d04043..2cf81ec 100644
--- a/tomcat/manifests/params.pp
+++ b/tomcat/manifests/params.pp
@@ -19,6 +19,7 @@ class tomcat::params {
/(CentOS|RedHat)/ => $lsbmajdistrelease ? {
5 => "tomcat5",
6 => "tomcat6",

•     default => "tomcat6",
   },
   default => "tomcat",
  

  }

I have created a basic sysstat module based on the standard42 template and thought you might want to include it here.

It doesn't do anything special, just manages the package and service and includes a basic template, and has been tested so far only on Ubuntu servers, but is working without issue there. I plan to add a few enhancements to it over the next day or two.

https://github.com/bmcclure/puppet-sysstat

In Ubuntu 12.04 munin is executed as (as seen by check_proc plugin):

Ss       0 27456     1  51836  9720  0.0    18:27:15 /usr/sbin/munin /usr/sbin/munin-node

Where the servicename is munin-node, such that the check_procs nrpe check will fail in nagios.

on an RHEL system, profile::network and profile::hostname are both trying to declare file /etc/sysconfig/network.

Also note that the RHEL documentation says that the HOSTNAME entry in /etc/sysconfig/network is supposed to be the fqdn; hostname.pp does that correctly, but network.pp sets it to just the first component of fqdn.

from network.pp:

 if $::osfamily == 'RedHat' and $network_template != '' {
   file { '/etc/sysconfig/network':
       ensure  => 'present',
       content => template($network_template),
     }

from hostname.pp:

     if $update_network_entry {
          case $::osfamily {
            'RedHat': {
              file { '/etc/sysconfig/network':
                ensure  => present,
                content => "NETWORKING=yes\nNETWORKING_IPV6=no\nHOSTNAME=${calc_fqdn}\n",
                notify  => Exec['apply_hostname'],
              }
            }
            default: {}
          }
        }

Attempting to disable nagios check for ntp nextgen module:

$monitor_tool = ["nagios", "monit", "munin", "puppi"]

class {
    'ntp' :
        server => ['pool.ntp.org'],
        puppi => true,
        monitor => true,
        monitor_tool => ["monit", "munin", "puppi"],
}

Here Nagios is still enabled for ntp

Could we add OracleLinux to the list of operatingsystem values for the RHEL variants?

Where the package name for the RHEL variants and the default differs, I get yum errors when applying the modules.

In all other ways except the Kernel, Oracle Linux seems to be identical to the RHEL/CentOS tree.

Thanks!

Hi.

I am toying with the idea of sponsoring a module by example42 but I couldn't find any good way to contact you.

Please add a contact form or an email address to the website... or at least to the "Sponsor" webpage:
http://example42.com/?q=sponsor_Example42_modules_development

Hi,

I've got $debug = "yes" defined in my basenode.

When run, I get this error on the client:
---------------%<---------------
err: Could not run Puppet configuration client: Could not find dependency File[puppet_debug_variables] for File[puppet_debug_variables_apache] at /etc/puppet/modules/apache/manifests/debug.pp:23
---------------%<---------------

Thanks again!

Ger.

in grant.pp
exec {} needs path => ["/usr/bin", "/usr/sbin"]

otherwise i am getting error and user is not created in mysql as expected

with the environment.conf config_version, I always get an empty string:

Info: Applying configuration version ''

config_version = '/usr/bin/git --git-dir /etc/puppetlabs/code/environments/$environment/.git log --pretty=format:"%h - %an, %ad : %s" -1'

This does work on the command line as expected.

I tried to use customized class with $my_project_onmodule = "yes" and while inheriting postfix, so my class definition was "class myproject::postfix inherits postfix". Result was "Could not find scope for myproject::postfix at /etc/puppet/example42modules/postfix/manifests/init.pp:59 on node localhost.localdomain".

OS: Centos 5.5 64bit, puppet 2.6.5, ruby 1.8.6 (2007-09-24 patchlevel 111)

No such arguments exists in the command definition check_udp - and thus fails when used. (Example NTP monitoring check_udp_123 service from nextgen module)

Hi,

When I try to create a tomcat instance; it fails.

Node config:
---------------%<---------------
include tomcat
tomcat::instance { "test":
httpport => '8080',
controlport => '8005',
ajpport => '8009',
}
---------------%<---------------

Error:
---------------%<---------------

puppetd -t

info: Caching catalog for client.domain.nl
err: Could not run Puppet configuration client: Parameter mode failed: File modes can only be numbers, not ""
---------------%<---------------

I haven't got a clue where it fails exactly, didn't find anything useful in debugging.
I've tried supplying values for the filemodes (incase the default values weren't assigned properly)

Server&Client are running RHEL6, with the epel puppet packages (0.25.5)

Your help is very much appreciated...

Regards,
Ger

Trying to bring up a master with guides like this or that fails due to:

Error: Evaluation Error: Error while evaluating a Function Call, Could not find class ::apt for ubuntu-xenial at /home/ubuntu/src/git/psick/environments/production/modules/postgresql/manifests/repo/apt_postgresql_org.pp:3:3 on node ubuntu-xenial

I note issue #86 mentions the same thing, and it was closed because @alvagante said: "there should no need of puppetlabs-apt". But apparently there is. My environment is pretty familiar, just following the guides linked.

I'm not sure if there was a good reason for keeping it as a part of your puppet-modules repo, but I would like to see the Bind module in its own Example42 repo for it to be easily used by others. Let me know if there is anything I can do to help.

debug: /Stage[main]/Apt::Repo::Puppetlabs/Apt::Repository[puppetlabs]/Exec[aptkey_add_4BD6EC30]: Executing check 'apt-key list | grep -q 4BD6EC30'
debug: Executing 'apt-key list | grep -q 4BD6EC30'
debug: /Stage[main]/Apt::Repo::Puppetlabs/Apt::Repository[puppetlabs]/Exec[aptkey_add_4BD6EC30]: Changing returns
debug: /Stage[main]/Apt::Repo::Puppetlabs/Apt::Repository[puppetlabs]/Exec[aptkey_add_4BD6EC30]: 1 change(s)
debug: /Stage[main]/Apt::Repo::Puppetlabs/Apt::Repository[puppetlabs]/Exec[aptkey_add_4BD6EC30]: Executing 'gpg --recv-key 4BD6EC30 ; gpg -a --export | apt-key add -'
debug: Executing 'gpg --recv-key 4BD6EC30 ; gpg -a --export | apt-key add -'
err: /Stage[main]/Apt::Repo::Puppetlabs/Apt::Repository[puppetlabs]/Exec[aptkey_add_4BD6EC30]/returns: change from notrun to 0 failed: gpg --recv-key 4BD6EC30 ; gpg -a --export | apt-key add - returned 2 instead of one of [0] at /etc/puppet/modules/apt/manifests/repository.pp:58

I have used overcommit in other projects to control my hook integration. Whats great is that you can just drop support into the repo with a .overcommit.yaml file.

I think this is better than telling them what hooks to setup by providing a universal file for everyone to use.

https://github.com/brigade/overcommit/

the mysql-module doesn't work for me, because it needs the path set.

is there a way to set the path globally?

err: Could not run Puppet configuration client: 'mysql < /root/mysqlquery-root-ftpusers.sql' is not qualified and no path was specified. Please qualify the command or specify a path. at /etc/puppet/modules-example42/mysql/manifests/query.pp:26

Currently, the submodules of the puppet-modules repo (and those of puppet-modules-nextgen) point to the https url of the modules, rather than using the git:// (or ssh) protocol. Of all, the https protocol is slowest and induces lots of overhead.
See also: http://git-scm.com/book/en/Git-Internals-Transfer-Protocols

Suggested fix would be to use the git:// protocol instead.

I note that by default, /etc/default/puppetserver contains:
JAVA_ARGS="-Xms2g -Xmx2g -XX:MaxPermSize=256m"

But 2GB is quite big for... Well, a lightly-used server. :)

It would be great if psick provided a way to reduce the memory usage. Any chance of that happening?

Can you please create a PHPMyAdmin Module for Puppet.

Hi

I think this is a bug, but am not certain.

Error:
---------------%<---------------
[root@svr100 ~]# puppetd --test
err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find resource type apache::virtualhost::custom at /etc/puppet/modules/apache/manifests/virtualhost.pp:88 on node svr100.domain.nl
warning: Not using cache on failed catalog
err: Could not retrieve catalog; skipping run
---------------%<---------------

config ('borrowed' from example)
---------------%<---------------
node 'svr100.domain.nl' inherits devel {
$role = "drupal"
include apache
apache::virtualhost { "wwwl.domain.com": templatefile => "virtualhost.conf.erb" }
}
---------------%<---------------

This is where it fails:
---------------%<---------------
# This define manage different roles and projects
apache::virtualhost::custom { "$name":
templatefile => $templatefile,
documentroot => $documentroot,
enable => $enable,
filename => $filename,
aliases => $aliases,
}
---------------%<---------------

Any help is very much appreciated!

Regards,
Ger.

Test scenario: When installing jenkins from source (as .war file), the .war file is not copied to /webapps

Module 'jenkins' is using stdlib42::netinstall to copy the .war file to /webapps. In our case, netinstall internally uses rsync for copying the file.

As far as I can tell, on CentOS 6.2, rsync requires a second parameter (the destination directory). Since it is missing, rsync will silently not copy the file.

exec {
"Extract $source_filename":
command => "mkdir -p $destination_dir && cd $destination_dir && $real_extract_command $work_dir/$source_filename",
}