I am trying to install docker onto a disk other than system on my CentOS 7.2 VM. I create a directory and a symlink first with the required target in my .pp, and then want to install docker using yaml.
file { '/data/docker-latest':
ensure => 'directory',
}
file { '/var/lib/docker-latest':
ensure => 'link',
target => '/data/docker-latest',
require => File['/data/docker-latest'],
}
For it to work, the directory and the symlink need to be created before the .yaml kicks in:
packages:
docker-latest:
ensure: installed
services:
docker-latest:
ensure: running
But there is no guarantee like this. Is there a way I can make my .yaml code to require => File['/var/lib/docker-latest']?
Or am I better off installing and running docker inside .pp?
Related
We have RedHat 7.2 Linux OS and use puppet to perform our tasks. I am using puppet to install some software, which has worked fine and now the final step is to create an OS level service. In earlier versions of RHEL, we used chkconfig but that has been replaced with systemctl. Of course, the recommended way of performing this task is using a service. Since this is a custom software, I have my own startup script that I usually copy over to /etc/init.d, run chkconfig and then startup the service. How do I perform these tasks via Puppet for RedHat 7.2 OS ? I only want to create the service (not start it up or anything). This way, when the server reboots, the service will startup the app.
EDIT :
#redstonemercury for RHEL 7 I would think the following would be required. But your suggestion definitely helps as I was thinking along the same lines.
https://serverfault.com/questions/814611/puppet-generated-systemd-unit-files
file { '/lib/systemd/system/myservice.service':
mode => '0644',
owner => 'root',
group => 'root',
content => template('modulename/myservice.systemd.erb'),
}~>
exec { 'myservice-systemd-reload':
command => 'systemctl daemon-reload',
path => [ '/usr/bin', '/bin', '/usr/sbin' ],
refreshonly => true,
}
In puppet, use a package resource to install the package (assuming it's in repos that you're declaring already), then use a file resource to declare the /etc/init.d file, and put require => Package[<package_resource_name>] as a parameter in the file declaration to ensure the custom file gets created after the package has installed (so doesn't potentially get overwritten by the package's /etc/init.d file). E.g.:
package { 'mypackage':
ensure => present,
}
file { '/etc/init.d/mypackage':
ensure => present,
content => template('mypackage/myinitd'),
require => Package['mypackage'],
}
This is if you want to use a template. For a file, instead of content use source: source => puppet://modules/mypackage/myinitd
Per the Docker documentation, the list of yum repositories are added by this command:
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
I'd like to have Puppet do this for me, so I was hoping this would work:
yumrepo { "docker":
descr => 'docker',
baseurl => 'https://download.docker.com/linux/centos/docker-ce.repo',
enabled => 1
}
But, this doesn't work.
Unfortunately, the URL used in the yum-config-manager contains an entire list of name/baseurl/enabled/gpgcheck/gpgkey entries, where the yumrepo is expecting just one of those. So, is there a way to add the entire list of entries in the docker URL with one yumrepo command, or some other command?
The URL in the Docker instructions is that of a .repo file to be installed on the system. The contents of such a file are what the properties of a Yumrepo resource describe. Applying a Yumrepo resource involves managing the contents of repository description files, not obtaining external files from somewhere else, whether via yum-config-manager or otherwise.
You have many options, but here are some of the more likely ones:
Obtain the specified file from docker.com, store it in your module's files directory, and install and manage it on target nodes via a File resource.
Install the repo file on some node that also has Puppet, and use the puppet resource command to obtain Puppet DSL representations of the Yumrepo resources that result. Put these into a suitable class on the master.
Or alternatively you can peak inside docker-ce.repo and write proper yumrepo config:
[docker-ce-stable]
name=Docker CE Stable - $basearch
baseurl=https://download.docker.com/linux/centos/$releasever/$basearch/stable
enabled=1
gpgcheck=1
gpgkey=https://download.docker.com/linux/centos/gpg
into:
yumrepo { 'docker-ce-stable':
name => 'Docker CE Stable',
baseurl => 'https://download.docker.com/linux/centos/$releasever/$basearch/stable',
enabled => 1,
gpgcheck => 1,
gpgkey => https://download.docker.com/linux/centos/gpg',
}
which looks straightforward and could be generated once from docker-ce.repo file via sed or other tools.
I'm hoping to use puppet to manage my rc files (i.e. sharing configuration files between work and home). I keep my rc files in a subversion respository. Some machines, I have sudo privileges on, some I don't. And none of the machines are on the same network.
I have a simple puppet file:
class bashResources ( $home, $svn ) {
file { "$home/.bash" :
ensure => 'directory',
}
file { "$home/.bash/bashrc.d" :
ensure => 'directory',
}
file { "$home/.bash/bashrc.d/bashrc" :
ensure => present,
target => "$home/$svn/rc/bashrc",
}
}
node 'ubuntuwgu290' {
class { 'bashResources':
home => '/home/dshaw',
svn => 'mysvn',
}
}
I have a simple config file that I'm using to squelch some errors:
[main]
report=false
When I run puppet, I get an annoying error about not being able to execute chown:
dshaw#ubuntuwgu290:~/mysvn/rc$ puppet apply rc.pp --config ./puppet.conf
Notice: Compiled catalog for ubuntuwgu290.maplesoft.com in environment production in 0.12 seconds
Error: Failed to apply catalog: Operation not permitted # rb_file_chown - /home/dshaw/.puppet/var/state/state.yaml20170316-894-rzkggd
Error: Could not save last run local report: Operation not permitted # rb_file_chown - /home/dshaw/.puppet/var/state/last_run_summary.yaml20170316-894-l9embs
I have attempted to squelch the error by adding reports=none to my config file, but it has not been effective.
How can I squelch these errors? Alternatively, is there a more lightwieght tool for managing rc files?
Thanks,
Derek
The error is related to Puppet trying to manage its own metadata in /home/dshaw/.puppet, not any of the files enrolled in Puppet's catalog for management. This is not normally a problem, even when you run Puppet as an ordinary user. In fact, supporting this sort of thing is one of the reasons why per-user Puppet metadata exists.
The files that Puppet is trying to chown do not already belong to you (else Puppet would not be trying to chown them), but they should belong to you, where "you" means the puppet process's (e)UID and (e)GID. You might be able to solve the problem by just removing Puppet's state directory, and letting it rebuild it on the next run. Alternatively, you might be able to perform or arrange for a manual chown such as Puppet is trying to perform.
On the other hand, it's unclear how this situation arose in the first place, and some of the mechanisms I can imagine would render those suggestions ineffective.
i am using the example of iptraf on github
I do a git clone, and then sudo puppet apply init.pp
but i dont see iptraf installed on the ubuntu 11.04 host
now this puppet is a client ONLY instance, and NO Master.
from another example i see i can install apache2 as:
class basic_services {
##Get Apache
package { 'apache2':
ensure => 'installed',
}
##Edit the Apache Conf
file { "/etc/apache2/sites-available/default":
require => Package["apache2"],
owner => "root",
group => "root",
content => "$some_variables::apache_config",
}
##Make sure Apache is running, and restarts on changes to conf
service {'apache2':
require => Package["apache2"],
ensure => running,
subscribe => File["/etc/apache2/sites-available/default"],
}
}
so for iptraf:
init.pp
class iptraf {
include iptraf::base
}
base.pp
class iptraf::base {
package{'iptraf': ensure => installed }
}
I will use this example as a base to develop a manifest for Testing Tools
So what am i missing here , as after i run :
sudo puppet apply init.pp , and try to access iptraf, i get the message:
iptraf
The program 'iptraf' is currently not installed. You can install it by typing:
sudo apt-get install iptraf
in the directory:
/etc/puppet/modules/iptraf
- create a file:
iptraf.pp
- with contents:
package { "iptraf":
ensure => "installed"
}
- issue the command:
puppet apply iptraf.pp
/Stage[main]//Package[iptraf]/ensure: ensure changed 'purged' to 'present'
Finished catalog run in 2.71 seconds
run iptraf on command line , the UI POPS UP.
Done!
move the iptraf directory to the modules. Your directory structure should be this :
/etc/puppet/modules/iptraf/manifests/{init.pp,base.pp}
then do,
sudo puppet apply -e 'include iptraf'
that should install iptraf.
sudo iptraf should open a nice screen in your terminal :)
I'm trying to getting support for augeas on my Vagrant machine.
I tried to install some package with these directives:
package { "augeas-tools": ensure => installed }
package { "libaugeas-dev": ensure => installed }
package { "libaugeas-ruby": ensure => installed }
When i try to use augeas on my manifests, after the vm boot i receive this error:
err: Could not find a suitable provider for augeas
I'm using the precise32 official box with Vagrant 1.0.3.
Vagrant 1.0.3 has ruby 1.8.7 and puppet 2.7.14
$ ruby -v
$ ruby 1.8.7 (2011-06-30 patchlevel 352) [i686-linux]
$ puppet help
$ Puppet v2.7.14
This is my little manifest with php class, included after apache class, mysql and other classes tested separately.
All things works correctly excepting for the augeas command.
class php {
exec { "apt-update":
command => "/usr/bin/apt-get update",
refreshonly => true;
}
package { "augeas-tools": ensure => installed }
package { "libaugeas-dev": ensure => installed }
package { "libaugeas-ruby": ensure => installed }
package { "php5": ensure => installed }
package { "php5-cli": ensure => installed }
package { "php5-xdebug": ensure => installed }
package { "php5-curl": ensure => installed }
package { "php5-intl": ensure => installed }
package { "php5-imap": ensure => installed }
package { "php5-mcrypt": ensure => installed }
package { "php5-imagick": ensure => installed }
package { "php5-sqlite": ensure => installed }
package { "php5-gd": ensure => installed }
package { "php-apc": ensure => installed }
package {
"libapache2-mod-php5" :
ensure => installed,
require => Package["php5"]
}
augeas { "php-cli":
require => [
Package["php5"],
Package["augeas-tools"],
Package["libaugeas-dev"],
Package["libaugeas-ruby"],
],
context => "/etc/php5/cli/php.ini",
changes => [
"set date.timezone Europe/Rome",
"set short_open_tag Off",
];
}
augeas { "php-apache":
require => [
Package["php5"],
Package["augeas-tools"],
Package["libaugeas-dev"],
Package["libaugeas-ruby"],
],
context => "/etc/php5/apache2/php.ini",
changes => [
"set date.timezone Europe/Rome",
"set short_open_tag Off",
];
}
}
After installation of packages, logging in the vagrant machine with "vagrant ssh", i launch:
vagrant#precise32:~$ ruby -raugeas -e "puts Augeas.open"
#<Augeas:0xb77a3598>
Thanks in advance!
I added the following to my Vagrantfile and it augeas started working.
Before declaring puppet provisioner add the following line, if on ubuntu:
config.vm.provision :shell, :inline => "sudo apt-get update && sudo apt-get install puppet -y"
This will update your apt packages and then update puppet client whose latest version already has a fix.
It turns out that this wasn't fixed in bug #6907 that I referenced in my other answer. That fix only worked for Puppet providers that depended on commands that were then supplied during the run.
For the Augeas provider, it uses an internal Puppet called "features" to check if the ruby-augeas library is available or not. Features are only being checked once and the results cached, so even after installing the library, this meant the feature still evaluated to false.
I filed this upstream as bug #14822 and have sent a pull request with a fix. Testing with the patch, I now get this successful run:
notice: /Stage[main]//Package[ruby-augeas]/ensure: created
notice: /Stage[main]//Augeas[test]/returns: executed successfully
I'm not familiar with Vagrant, but I think you'll need to find a workaround to install the libaugeas-ruby package before the Puppet run in the meantime.
On Puppet 2.7.14, this should work as the dependencies for providers will only be evaluated when they're needed - i.e. when Puppet needs to run those Augeas resources.
Without the full Puppet log file to confirm, I suspect that it's because you're missing explicit dependencies between the Augeas package(s) and the Augeas resources that need them. Remember, listing the resources in the manifest in that order doesn't mean Puppet executes it that way.
You could either add requires parameters to every Augeas resource:
augeas { "php-cli":
require => [ Package["php5"], Package["libaugeas-ruby"] ],
# ...
}
Or use the chaining syntax to automatically make every Augeas resource depend on a package. Add this on a line inside the class, but not inside any resource:
Package["libaugeas-ruby"] -> Augeas <| |>
After reading answer from #m0dlx I inspect /home/vagrant/postinstall.sh file and found that Vagrant uses own copy of Ruby:
# The base path to the Ruby used for the Chef and Puppet gems ruby_home="/opt/vagrant_ruby"
After that I find file augeas.rb at /opt/vagrant_ruby/lib/ruby/gems/1.8/gems/puppet-2.7.19/lib/puppet/provider/augeas/augeas.rb and edit it, by changing line
confine :true => Puppet.features.augeas?
to
confine :true => :augeas
(Shortly speaking I partially apply patch from #m0dlx.)
After that this error is gone.