we have a lot of servers and still want all updates. The actually way is that any of the sysadmins go from server to server and make a aptitude update && aptitude upgrade – its still not cool. I searching now for a solution which is still better and very smart. Can puppet do this job? how do you do it? Thanks for your response! Dennis You can use the exec type such as: exec [...]

I intend to use chef or puppet to do administration (i’m thinking more of chef as its younger and i get a better feeling about it). In both home pages i saw there is an “enterprise edition” that costs money. I don’t intend to buy anything, what would i miss in chef / puppet if i don’t buy them. what does chef offer that costs money exactly? what does puppet offer that costs money exactly? [...]

We are working on a way to perform automatic updates for our RHEL/RHEL-based servers. Initial idea: Using Puppet, we disable the default repositories and point to our own. Then, we use ensure => latest for the packages we want to automatically update. Problem: We are seeing that some services restart after an update (duh). Question: Does anyone have any advice on how to better automate Linux updates and strategies on mitigating the automatic restart of [...]

I have a default node like so: node default { include test_server # A bunch of other irrlevant includes } Then I have a node specification like so: node linus inherit default { include production_server } I want to un-include test_server and have production_server since they are mutually exclusive. How do I accomplish this? You are better off making a class called ‘servertype’ and distinguish based on a parameter. class servertype($testing = false) { if [...]

Assumming that I have the following in the /etc/syslog.conf file: # Log all kernel messages to the console. # Logging much else clutters up the screen. #kern.* /dev/console I want to change it to kern.* /var/log/kern.log to get the human-readable timestamp for kernel log. Puppet can do it: class syslog::config { file { “/etc/syslog.conf”: ensure => present, source => “puppet:///modules/syslog/syslog.conf”, require => Class["syslog::install"], notify => Class["syslog::service"], } } or I can also use the sed [...]

I would like to use a different squid.conf file depending on a condition. Something like: file { ‘/etc/squid/squid.conf’: ensure => file, if condition = true then source => ‘puppet:///modules/1/squid.conf_1′, else source => ‘puppet:///modules/1/squid.conf_2′, fi } Is there a way to do this? You need a selector, which will let you have a conditional inside the resource – or set a variable up outside of it. Here’s the selector: file { ‘/etc/squid/squid.conf’: ensure => file, source [...]

In init.pp the squid service is defined like this: service { ‘squid’: ensure => running, enable => true, hasrestart => true, hasstatus => true, subscribe => File['/etc/squid/squid.conf'], } The result is this: err: /Stage[main]/module_1::Squid/Service[squid]/ensure: change from stopped to running failed: Could not start Service[squid]: Execution of ‘/etc/init.d/squid start’ returned 1: If I run “etc/init.d/squid start” I get: Rather than invoking init scripts through /etc/init.d, use the service(8) utility, e.g. service squid start Since the script [...]

After I update a manifest for a node; does puppetmaster automatically send the configuration to the node? If it does what is the interval and how do I change it? Where can I find more information about this? I assume it’s the runinterval for puppet.conf? The default setting is 1800 seconds; however I have yet to notice any configuration change since puppetmaster started. The master doesn’t send the file to the node; the node checks [...]

I have a class in a module: # File: modules/selinux/tools.pp class selinux::tools { $packages = ['policycoreutils-python',] package { $packages: ensure => installed } } Then, my default node: # File: manifests/nodes/default.pp node default { if $selinux { include selinux::tools } } I restart puppetmaster and the puppet agent. However, the package gets installed in the node even though the selinux fact is false: $ facter -p selinux false What am I missing here? The “true” [...]

I have NRPE daemons running on all of my remote Linux boxes. I have a couple configurations in place and I’m trying to standardize the paths in my nrpe.cfg. The changes are deployed via Puppet. I would like to use the following syntax: command[mycommand]=$USER1$/check_tcp .. etc. The $USER1$ variable is not available in my NRPE setup. I could write Puppet templates for all the variants but I would much prefer to manage this through a [...]