https://www.puppet.com/community logo
Join Slack
Powered by
# puppet
  • y
    CA shouldn't be a problem as it is needed just once when fresh server is provisioned.. not much traffic there and can retry multiple times
  • s
    hey everyone, we have a node running ubuntu 20.04 with puppet 7.17.0. it also has docker 20.10.17 installed through 
    puppetlabs-docker
    module v4.4.0. we have around 40 containers defined like this:
    Copy code
    $port = 8098
  $service = 'emailquality'
  $version = 'latest'
  $host_id = hiera('xxxx::host::id', '')

  docker::image { 'registry.':
    ensure    => 'latest',
    image_tag => $version,
  }

  docker::run { 'emailquality':
    image         => "registry.:${version}",
    ports         => [ "${port}:8585" ],
    memory_limit  => '4g',
    env           => [
      'REDIS_HOST=redis',
      'REDIS_PORT=7009',
      'CASS_CONTACTPOINTS=cassandra',
      'CASS_KEYSPACE=shared',
      "HOST_ID=${host_id}"
    ],
    pull_on_start => true,
  }
    With this setup, we see puppet downloading the newest image from our registry with 
    docker::image
    but we can't get 
    docker::run
    to "restart" and use the newest image there is. "before" we had 
    notify => Service['docker-name']
    on our 
    docker::image
    resource. But that made all of our containers go in a restart loop every 5 min (when puppet apply is triggered). My question is, what is the intended method of running and updating the containers ?
  • d
  • n
    How can I get debug messages in a puppet native function to output to the puppetserver log files? debug = true didn’t work.
  • n
    A puppet-language function? Use 
    debug('foo')
  • n
    oops not native but ruby
  • n
    call_function('debug', "Cache not used for #{cache_file}")
  • n
    No need to invoke a Puppet function, there’s a ruby method to use:
    Copy code
    Puppet.debug('foo')
  • n
    @helindbe said I should use call_function. But I agree otherwise
  • n
    Ah, can’t say I’ve ever used call_function in that way, but I suppose it should work. I’ve always just used 
    Puppet.debug()
    , 
    Puppet.notice()
    , etc…
  • n
    but how do I tell the puppetserver to dump debug logs?
  • n
    Oh… right. That’s not on by default. Hmm…
  • n
    that’s done in logback.xml: https://puppet.com/docs/puppet/7/server/config_file_logbackxml.html#settings Though… I don’t recommend running with debug logging enabled for very long.
  • n
    https://puppet.com/docs/puppet/7/external_facts.html#external_facts-structured-data-facts I am using an external facts file in json format ie. facts.d/data.json. Some of the facts in the data.json collide with facter’s core facts like hostname, fqdn, ipaddress. How does facter handle this. I assume core facts take precedence?
  • s
    This message was deleted.
    n
    e
    +2
    • 5
    • 13
  • n
    A good place to find examples of type aliases is in the stdlib module. Here’s one for IP addresses: https://github.com/puppetlabs/puppetlabs-stdlib/blob/main/types/ip/address.pp
  • d
    Hello, when we create a user in puppet, does it get updated on both 
    /etc/password'
    and 
    /etc/shadow
    files?
  • l
    when you create a user with the user resource, it uses the systems useradd functionality to add the user / manage the user
  • l
    so yes, it should update passwd and shadow
  • d
    Thanks @Lumiere . I am using eyaml to encrypt the password. But it is hashing only in password not in shadow
  • y
    message has been deleted
  • l
    can you share your user resource?
  • l
    (redact values if needed)
  • l
    that should work properly, depending on os... I would think /etc/passwd has no password at all and /etc/shadow has a hashed copy of the password
  • d
    okay, Thanks
  • s
    This message was deleted.
    c
    a
    n
    • 4
    • 6
  • a
    Details: Server - enterprise 2019.8.0 Client 6.22.1 OS: RHEL-8 Put selinux in permissive mode on client. Other clients on this server working fine so must be on this host. Getting an error on the client saying it is not able to backup /etc/chrony.conf on server with the most useful Error 500 🙂 I can see the conversation on the puppet server but the module fails because it can't backup the changed file. What log should I look in for more details? I've looked at that pxp-agent log on the client but nothing other than INFO messages and can't seem to find anything on the puppet server. I did a grep --recursive in /var/log/puppetlabs/* for chrony.conf and found the return showing the error message but not a reason why. Any suggestions would be appreciated.
  • a
    message has been deleted
  • a
    all questions in Puppet exam are multiple choice? (https://puppet.com/learning-training/certification/exam-details/)
  • s
    Hey Puppet beginner here, I want puppet to refresh the yum metadata, when any of the underlying repos are changed or how can I ensure that yum cache is updated if there is a change on a repo . What is the best way to do it? I had declared something like :-
    Copy code
    exec { 'yum-clean-expire-cache':
    command     => '/usr/bin/yum clean expire-cache',
    refreshonly => true,
  }
    but I am not sure how it will work - Alternate way is to refresh when a resource of type Yum is changed - but not sure how I could do that . Any advices? Thanks !
1...777879...428Latest