Thank you so much John. I just learned something new about Puppet. Utilizing inline_template is a heck of a lot easier then how I first attempted that variable substitution. I might have to go back and fix some of my older code later....

Here are a few other notes in response to your email:
Have you considered setting up a caching proxy between you and them?
We have discussed doing a caching proxy, but haven't ever had the time/inclination to implement one yet.

What per-package request(s) is yum actually making?
I explored the yum thing a bit more. Running puppet-3.6.2-1.el6.noarch on both server and client using CentOS6 as my test systems. I started a puppet run in one terminal and ran this code in a second:
$ while [ "$(pgrep puppet)" != "" ]; do pgrep yum; done | uniq

If I just do this:
package { 'telnet' : ensure=>absent,}

Nothing triggers.

If I do it this way:
$removethesepackages = [
package {$removethesepackages : ensure=>absent,}

Then I get a yum PID per package. For every PID I get a line in the puppet log like this:
Notice: /Stage[main]/audit::Software_disabled/Package[telnet]/ensure: created

(there is that weird error message again where an absent is "created").

I don't know why. Both work as expected, but the second triggers a yum call the first doesn't.

So I thought, 'Maybe it is hitting local cache and not actually going out to the repo'. I dug around in the logs on our local repo and found this:
[IP REMOVED] - - [23/Jul/2014:14:07:58 -0500] "GET /puppetlabs/6/products/x86_64/repodata/repomd.xml HTTP/1.1" 200 2529 "-" "urlgrabber/3.9.1 yum/3.2.29"

It isn't one per package, but it is one per puppet run. Something about that method calls yum differently I guess. Not sure why.


The double notice I was referring to is this:
Notice: Package telnet is not installed
Notice: /Stage[main]/audit::Software_disabled/audit::Forbidden_package[telnet]/Notify[Package telnet is not installed]/message: defined 'message' as 'Package telnet is not installed'

I am told three times in two lines (more with wrap around on a console) that telnet isn't installed. I find it annoying and haven't found a solution to removing it yet and leaving just the first Notice. If you know of one I would be /very/ grateful.

I implemented your code and it is working brilliantly. I made two changes.
1) I placed the define in init.pp so I can reference it anywhere in the audit class easily.
2) I changed:
  '<%= scope.lookupvar('::pkg_' + @title.gsub('-', '_')) %>')
  "<%= scope.lookupvar('::pkg_' + @title.gsub('-', '_')) %>")

Using the single quotes gave me the error:
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Syntax error at '::pkg_'; expected ')' at /etc/puppet/modules/audit/manifests/software_disabled.pp:8 on node centos6.testing.puppet
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

But now it is working really well in my dev environment! I push to production tomorrow...We will see how pleased I am with my code changes at the end of the day after this fix + 4 other "minor" changes roll out. :-D

Thank you to everyone who has chimed in. These responses are exactly what I was looking for. I have learned more about puppet and have a few new tricks to use. I really do appreciate it.


You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/1d09b25c-55ab-486b-a6c4-e31803b9b813%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

Discussion Posts


Follow ups

Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 8 of 9 | next ›
Discussion Overview
grouppuppet-users @
postedJul 23, '14 at 12:37a
activeJul 24, '14 at 1:38p



site design / logo © 2022 Grokbase