The Puppet Learning VM from Puppet Labs can get hung processes do to limited resources. Puppet provides a undocumented script to cycle the processes to run as user root: /usr/local/bin/stop_classroom_services.rb all -f
There is a script to restart them that I don't have handy, something like start_classroom_services.rb
My experience is that the Learning VM runs well for about a week, then it needs to be rebuilt. I find it more convenient to just build a Puppet Master.
--Jim
Friday, September 29, 2017
Thursday, September 21, 2017
Subject: Puppet eyaml configuration
======================================================================
======================================================================
Eyaml Configuration
The purpose of this document is to encrypt variables in transent between the Puppet Master and the client. Hiera is the tool for taking the values at rest on the Puppet Master disk and sending them to the client.
Log onto the Puppet Master
#root$ puppet --version
4.10.4 # This is just the version I used. I don't know about other versions, but I suspect they'll work too.
# Install the gem
# Creates /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml and /opt/puppetlabs/server/data/puppetserver/jruby-gems/gems/hiera-eyaml-2.1.0/
sudo /opt/puppetlabs/bin/puppetserver gem install hiera-eyaml
#root$ mkdir /etc/puppetlabs/puppet/eyaml # This seems to be a defacto standard place for keys
#root$ cd /etc/puppetlabs/puppet/eyaml # I'm going to stop using the prompt for root for the rest of the document. Run everything as user root.
puppet module install jlbfalcao-jruby --version 1.7.11 #Creates /etc/puppetlabs/code/environments/production/modules/jruby
puppetserver gem install hiera-eyaml
yum install wget -y # Problably should put this in site.pp at a minimum
wget get https://s3.amazonaws.com/jruby.org/downloads/9.1.13.0/jruby-bin-9.1.13.0.tar.gz # (Ref: http://jruby.org/download via https://github.com/jruby/jruby)
cd /etc/puppetlabs/puppet/eyaml/ # This probably isn't the best directory, but it works
tar -pxvf jruby-bin-9.1.13.0.tar.gz
cd jruby-9.1.13.0
ln -sf $PWD/bin/jruby /usr/local/bin
4.10.4 # This is just the version I used. I don't know about other versions, but I suspect they'll work too.
# Install the gem
# Creates /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml and /opt/puppetlabs/server/data/puppetserver/jruby-gems/gems/hiera-eyaml-2.1.0/
sudo /opt/puppetlabs/bin/puppetserver gem install hiera-eyaml
#root$ mkdir /etc/puppetlabs/puppet/eyaml # This seems to be a defacto standard place for keys
#root$ cd /etc/puppetlabs/puppet/eyaml # I'm going to stop using the prompt for root for the rest of the document. Run everything as user root.
puppet module install jlbfalcao-jruby --version 1.7.11 #Creates /etc/puppetlabs/code/environments/production/modules/jruby
puppetserver gem install hiera-eyaml
yum install wget -y # Problably should put this in site.pp at a minimum
wget get https://s3.amazonaws.com/jruby.org/downloads/9.1.13.0/jruby-bin-9.1.13.0.tar.gz # (Ref: http://jruby.org/download via https://github.com/jruby/jruby)
cd /etc/puppetlabs/puppet/eyaml/ # This probably isn't the best directory, but it works
tar -pxvf jruby-bin-9.1.13.0.tar.gz
cd jruby-9.1.13.0
ln -sf $PWD/bin/jruby /usr/local/bin
puppet module install biemond-jdk7 --version 1.0.0 --environment production --modulepath=/etc/puppetlabs/code/modules
# Download jdk-8u144-linux-x64.tar.gz from http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
mv /tmp/jdk-8u144-linux-x64.tar.gz /etc/puppetlabs/code/modules/jdk7/files
vim /etc/puppetlabs/code/environments/production/manifests/site.pp
node li426-253 { # "li426-253" is the node name of the Puppet Master
# Beimond's
jdk7::install7{ 'jdk1.8.0_144':
version => "8u144" ,
full_version => "jdk1.8.0_144",
#java_homes => '/usr/java/',
alternatives_priority => 18000,
x64 => true,
download_dir => "/install",
urandom_java_fix => false,
source_path => "puppet:///modules/jdk7/",
default_links => true,
install_alternatives => true,
}
}
puppet agent -t
This command shows where the ruby-gems are. It's needed in $GEM_PATH for running the eyaml tool locally.
find /etc /opt -type d | grep jruby-gems
export GEM_PATH=/opt/puppetlabs/server/data/puppetserver/jruby-gems
cd /etc/puppetlabs/puppet/eyaml
/opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml createkeys
This error occurs when GEM_PATH isn't pointing to the hiera-eymal gem, which we already solved:
Gem::MissingSpecError: Gem::MissingSpecError
to_specs at /etc/puppetlabs/puppet/eyaml/jruby-9.1.13.0/lib/ruby/stdlib/rubygems/dependency.rb:310
to_spec at /etc/puppetlabs/puppet/eyaml/jruby-9.1.13.0/lib/ruby/stdlib/rubygems/dependency.rb:322
gem at /etc/puppetlabs/puppet/eyaml/jruby-9.1.13.0/lib/ruby/stdlib/rubygems/core_ext/kernel_gem.rb:65
<main> at /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml:22
/opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml encrypt -s 'hello there' #Smoke test
cd /etc/puppetlabs/puppet/eyaml
chown -R pe-puppet.pe-puppet . # Let the real process owner own these keys
chmod -R 0500 .
chmod u+w .
chmod 0400 keys/*.pem
# Put the value of 'hello there' in encrypted for into the node's hiera file
cat /etc/puppetlabs/code/environments/orardbms/hieradata/nodes/li1059-248.jim.com.eyaml
---
#jim_message: hello there
jim_message: ENC[PKCS7,MIIBeQYJKoZIhvcNAQcDoIIBajCCAWYCAQAxggEhMIIBHQIBADAHMAIxAAIBATALBgkqhkiG9w0BAQEEggEAoKG3to4IRKAI4xUa7wZNZYb4OC9Rkj3okDtcekB/JW6vnBRXACpwPvoE3Mjx2XpGXaWiWm+KkKr/gVGdhuoQuPex5VKAxGX7MKip43afKWZvjA6RSmPxmGRGXN04fZOfwjPoV7TS76/uMv+tcNVsKgyXfC7VTdyf9FovdFaFb4N3BppLgyHB30DyWEnUj0e84uWVfZBDddwfkzZaj3a3DkFd6dX4TQJrBL525okOg17bUT5TJ/GkbRyN/PP5aE+YFx4TULN62DVWtbXumgSdhVn4ukDbSky/luWBMMEMbyDaR/kpHm30NEF2vSIkMgn/K9jus1VT6y+615m5R0etXzA8BgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDCSIViwU/cqLfL88yape2rgBDs49UF6r+gj2S06kB/q1Gj]
# Edit the class that the client node uses to use the encrypted value
/etc/puppetlabs/code/environments/orardbms/modules/jimode3/manifests/init.pp
class jimode3 {
$jim_message = hiera('jim_message')
notify{ "HERE_1 $ jim_message == $jim_message":}
}
$jim_message = hiera('jim_message')
notify{ "HERE_1 $ jim_message == $jim_message":}
}
# Run this on the client as opposed to the master
#root$ puppet agent -t
Notice: Local environment: 'production' doesn't match server specified node environment 'orardbms', switching agent to 'orardbms'.
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Info: Caching catalog for li1059-248
Info: Applying configuration version '1505934417'
Notice: HERE_1 $ jim_message == hello there
Notice: /Stage[main]/jimode3/Notify[HERE_1 $ jim_message == hello there]/message: defined 'message' as 'HERE_1 $ jim_message == hello there'
Notice: Applied catalog in 0.69 seconds
Q.E.D
Tuesday, September 19, 2017
Subject: Puppet RubyIO.java error
======================================================================
The following is a letter to a friend on a Puppet issue.
======================================================================
The following is a letter to a friend on a Puppet issue.
Friend,
Swapping some insomnia for Puppet skills, I hit an error that google didn't solve. It seems "RubyIO.java" errors can occur on the client when the file (i.e. /downloads/rdbms_1201.dbt.erb) needs to live on the Puppet Master--hope this helps.
Regards,
Jim
PROBLEM:
On the puppet client/target:
#root$ puppet agent -t
Notice: Local environment: 'production' doesn't match server specified node environment 'orardbms', switching agent to 'orardbms'.
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: Could not retrieve catalog from remote server: Error 500 on SERVER: Server Error: Evaluation Error: Error while evaluating a Resource Statement, Evaluation Error: Error while evaluating a Function Call, Failed to parse template /downloads/rdbms_12102.dbt.
Filepath: org/jruby/RubyIO.java
Line: 3804
Detail: No such file or directory - /downloads/rdbms_12102.dbt.erb
at /etc/puppetlabs/code/modules/
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
#root$ ls -l /downloads/rdbms_12102.dbt.erb
SOLUTION:
The biemond module is trying to read "/downloads" on the master, not the client where that last "ls -l /downloads/rdbms_12102.dbt.
This is the call to biemond's code:
oradb::database{ 'testDb_Create':
oracle_base => '/u01/app/oracle',
oracle_home => '/u01/app/oracle/product/12.1.0/db_1',
version => '12.1',
user => 'oracle',
group => 'dba',
# template => 'dbtemplate_12.1', # this will use dbtemplate_12.1.dbt.erb example template
template => 'dbtemplate_12.1.0.2',
download_dir => '/u01/app/install', # This path is on the MASTER!!!
action => 'create',
db_name => 'test1',
db_domain => 'members.linode.com',
db_port => 1521,
sys_password => 'Welcome01',
system_password => 'Welcome01',
data_file_destination => '/u01/app/oracle/oradata/data01',
recovery_area_destination => '/u01/app/oracle/oradata/fra01',
character_set => 'AL32UTF8',
nationalcharacter_set => 'UTF8',
memory_percentage => 40,
memory_total => 800,
puppet_download_mnt_point => '/u01/app/install',
require => [ Db_listener['start listener'],
File['/u01/app/install/dbtemplate_12.1.0.2.dbt.erb'], ],
}
Subject: Puppet conditionals on custom facts
======================================================================
======================================================================
I was getting Puppet to error out like a shell script is a challenge. My favorite solution to date is creating a custom fact in a module's "lib/facter" sub directory. Although there are other solutions, most involve a modicum of ruby coding.
To get Puppet to error out if /sys/kernel/mm/transparent_
exists, I had to create a custom fact.
/opt/puppetlabs/code/
Facter.add(:linode3_
setcode do
| |
if File.exist? '/sys/kernel/mm/transparent_
| |
'/sys/kernel/mm/transparent_
| |
else
| |
if File.exist? '/sys/kernel/mm/redhat_
| |
'/sys/kernel/mm/redhat_
| |
else
| |
#DEBUG if File.exist? '/sys/kernel/mm/page_idle' # This is just a test case
| |
#DEBUG '/sys/kernel/mm/page_idle'
| |
#DEBUG else
| |
#DEBUG 'absent'
| |
#DEBUG end
| |
'absent'
| |
end
| |
end
| |
end
| |
end
|
The manifest code looks like
if "${facts['linode3_transparent_
fail("fail('ERROR: found file: ${facts['linode3_transparent_
}
Hopefully that makes sense.
Subject: Puppet error creating eyaml keys
======================================================================
ERROR:
#root$ /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml createkeys
Gem::MissingSpecError: Gem::MissingSpecError
to_specs at /etc/puppetlabs/puppet/eyaml/jruby-9.1.13.0/lib/ruby/stdlib/rubygems/dependency.rb:310
to_spec at /etc/puppetlabs/puppet/eyaml/jruby-9.1.13.0/lib/ruby/stdlib/rubygems/dependency.rb:322
gem at /etc/puppetlabs/puppet/eyaml/jruby-9.1.13.0/lib/ruby/stdlib/rubygems/core_ext/kernel_gem.rb:65
<main> at /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml:22
SOLUTION:
Export the GEM_PATH environment variable first to point to the hiera-eymal gem first
#root$ export GEM_PATH=/opt/puppetlabs/server/data/puppetserver/jruby-gems
#root$ /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml createkeys
======================================================================
ERROR:
#root$ /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml createkeys
Gem::MissingSpecError: Gem::MissingSpecError
to_specs at /etc/puppetlabs/puppet/eyaml/jruby-9.1.13.0/lib/ruby/stdlib/rubygems/dependency.rb:310
to_spec at /etc/puppetlabs/puppet/eyaml/jruby-9.1.13.0/lib/ruby/stdlib/rubygems/dependency.rb:322
gem at /etc/puppetlabs/puppet/eyaml/jruby-9.1.13.0/lib/ruby/stdlib/rubygems/core_ext/kernel_gem.rb:65
<main> at /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml:22
SOLUTION:
Export the GEM_PATH environment variable first to point to the hiera-eymal gem first
#root$ export GEM_PATH=/opt/puppetlabs/server/data/puppetserver/jruby-gems
#root$ /opt/puppetlabs/server/data/puppetserver/jruby-gems/bin/eyaml createkeys
Subscribe to:
Posts (Atom)