https://www.puppet.com/community logo
Join Slack
Powered by
# puppet
  • s
    This message was deleted.
    n
    b
    j
    • 4
    • 15
  • n
    Specificaly facts caching… I wanted to send facts to multiple places. I also found it simpler to use the JSON facts cache which writes the fact files to JSON on disk. Then I post-processed that JSON for my own needs out of band from the Puppet run.
  • n
  • b
    https://puppet.com/docs/puppet/7/http_api/http_report.html isnt there one api endpoint missing? 
    /puppet/v3/facts/
    isnt there, but at https://puppet.com/docs/puppet/7/http_api/http_facts.html ?
  • o
    I have one more question regarding CA, below sample output:
    Copy code
    $ puppet config print --section server | grep "^ca"
ca = true
ca_name = Puppet CA: <http://puppet5.example.com|puppet5.example.com>
ca_server = <http://puppet5.example.com|puppet5.example.com>
    What exatly does it mean? If i will create new host (for example) "puppet7.example.com" and import CA will there by any issues with it? Or it (mention of old "puppet5.example.com") will be replaced when i import CA from old server but provide new "--certname" ?
    Copy code
    import:
        --config CONF                Path to puppet.conf
        --private-key KEY            Path to PEM encoded key
        --cert-bundle BUNDLE         Path to PEM encoded bundle
        --crl-chain CHAIN            Path to PEM encoded chain
        --certname NAME              Common name to use for the master cert
        --subject-alt-names NAME[,NAME]
  • d
    If I want to have a manifest's init.pp applied by default, should I use site.pp to always include that class/manifest?
  • l
    if you want a module's init.pp you just 
    include module
    in a site.pp, yes
  • n
    Any resources or classes declared outside of a 
    node
    definition     will apply to all nodes. And yeah, 
    site.pp
    is usually where people do that.
  • n
    Any resources or classes declared outside of a 
    node
    definition     will apply to all nodes. And yeah, 
    site.pp
    is usually where people do that.
  • d
    Thanks! If my module only supports Linux, should I constrain that in init.pp and/or site.pp?
  • l
    I would recommend not loading the module on OS it won't support
  • l
    I would also look into an ENC or defining nodes so that you don't have to keep track of all of it in site.pp
  • l
  • n
    Agreed. And backing up a bit here, declaring your class outside of a 
    node
    definition in 
    site.pp
    will technically work, but it’s really not a recommended approach. Like Lumiere mentioned, it’s preferred to plan your node classification a bit and use 
    node
    definitions or an External Node Classifier (ENC). It’s also recommend to follow the Roles and Profiles pattern as that makes it clear where classes are coming from.
  • n
    If I wanted a linux-only class to be declared by default on all Linux nodes, I’d declare that class in a common “profile” shared by all Linux “roles”. And probably gated by an 
    if
    conditional around the 
    os
    Fact.
  • n
    If I wanted a linux-only class to be declared by default on all Linux nodes, I’d declare that class in a common “profile” shared by all Linux “roles”. And probably gated by an 
    if
    conditional around the 
    os
    Fact.
  • l
    roles and profiles also lets you design how you assign things to systems in a pattern. That way you have a standard way ( and likely anyone you hire with puppet experience will understand ) to talk about how to get a system bootstrapped/configured
  • n
    If this is a test environment and you’re just learning how Puppet works and/or just want to experiment, sure… throw an 
    include <my_class>
    in the global space in 
    site.pp
    . If this is for a real Puppet environment that’s managing real servers, I’d reject that change request and say to put the 
    include
    in a profile 🙂
  • h
    also, if you don't start at roles/profiles, you'll eventually end up there after a few years (but typically with lots of technical debt to sort out)
    😭 1
  • h
    I found this page useful for understanding a bit about how the 
    manifests/*.pp
    work:https://puppet.com/docs/puppet/6/dirs_manifest.html
  • y
    I just got one very unusual setup with puppet code generation from external system instead of ENC.. and with 3k lines in site.pp.. and with no roles/profiles (but there are some roles which are mix of roles and profiles).. and I cannot just rewrite it immediately.. :(
    plantain 2
  • y
    Sorry for sharing my pain :)
  • s
    This message was deleted.
    🤣 2
    y
    • 2
    • 1
  • y
    I found 
    apt
    is deprecating 
    apt-key
    usage and 
    [signed-by=...]
    option is pushed now.. is there any support for this from 
    puppetlabs/apt
    ? I see no support from first quick look...
  • l
    that change is brand new
  • l
    landed in testing like 3 weeks ago
  • s
    This message was deleted.
    b
    j
    +2
    • 5
    • 112
  • j
  • j
    so the only difference that you’re doing is certless, which might get around my ‘certname’ issue?
  • r
    Afternoon all well in the Uk it is , could any one tell me . the following . using transition to unmount a FS/ then change the FS to say XFS , Then puppet to remount the mountpoint. Should the fstab be re-read in? my tests are showing that this is not the case , and mount class , with the fstype setup is not refreshing and mounting goes through retries and fails with error 32. to over come this if i update fstab before the mount call in puppet all works.
1...414243...428Latest