Recommended log files to relay to arcsight in rsyslog:
- /var/log/puppetlabs/nginx/access.log
- /var/log/puppetlabs/console-services/console-services.log
- /var/log/puppetlabs/puppetserver/puppetserver.log
Things we're interested in, by PE component:
#!/usr/bin/env ruby | |
require 'net/http' | |
require 'openssl' | |
require 'json' | |
# Create a new git repo on TFS (aka VSTS, aka Azure DevOps Server soon) | |
# This works with TFS 2017 (on prem). It differs from the official API documentation | |
# in that the string "repos/" is not present in the URLs. |
#!/bin/ruby | |
# Attempt to do an imperical proof of my answer to the following homework question: | |
# | |
# Find the number of ways in which seven different toys can be given to three children, | |
# if the youngest is to receive three toys, and the others receive two toys each. | |
# | |
require 'set' |
# firewall rules - note that this is an approximation of the iptables rules docker | |
# will try and create for itself and will only support the simplest of docker network use cases | |
firewallchain { [ | |
'DOCKER-ISOLATION-STAGE-1:filter:IPv4', | |
'DOCKER-ISOLATION-STAGE-2:filter:IPv4', | |
'DOCKER-USER:filter:IPv4', | |
'DOCKER:filter:IPv4', | |
'DOCKER:nat:IPv4', | |
]: | |
ensure => 'present', |
00000000 EF BF BC EF BF BC 63 6C 61 73 73 20 75 73 65 72 ......class user | |
00000010 73 20 7B 0A 20 20 75 73 65 72 20 7B 20 27 66 75 s {. user { 'fu | |
00000020 6E 64 61 6D 65 6E 74 61 6C 73 27 3A 0A 20 20 20 ndamentals':. | |
00000030 20 65 6E 73 75 72 65 20 20 3D 3E 20 70 72 65 73 ensure => pres | |
00000040 65 6E 74 2C 0A 20 20 7D 0A 7D ent,. }.} | |
00000050 | |
00000060 |
There are a few places you can configure proxies with Puppet. This doc will try and list each of the places that they can be configured, and which components will use it.
This is a work in progress and will no doubt change over time. Please add comments if you've got additional info, or found something incorrect.
2017-07-06 13:02:36,858 ERROR [p.o.api] Failed to make a connection to the database
java.sql.SQLTransientConnectionException: Timeout waiting for the database pool to become ready.
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at clojure.lang.Reflector.invokeConstructor(Reflector.java:180)
When you're decomissioning a machine that has been managed by Puppet you may want to programatically clean up the node. There are two parts to this:
The following should work for Puppet 4.x and Puppet DB 4.x (including Puppet Enterprise 2016.4.x, 2017.1.x, 2017.2.x).
I've used certificate based auth, and the examples are being run from the puppet master so make use of existing certificates for authentication. When run remotely the cacert, certificate and corresponding private key for authentication will need to be present.
[Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}; $webClient = New-Object System.Net.WebClient; $webClient.DownloadFile('https://puppet:8140/packages/current/install.ps1', 'install.ps1'); .\install.ps1 @args |
class profile::azure_puppet_client ( | |
Hash $machines, # will lookup profile::azure_puppet_client::machines hash from hiera | |
Hash $credentials, # will lookup profile::azure_puppet_client::credentials hash from hiera | |
) { | |
# packages required as dependencies of the ruby gems | |
$packages = ['gcc', 'gcc-c++', 'ruby-devel', 'zlib-devel',] | |
package {$packages: | |
ensure => present, | |
} |