basic puppet construct not working, why? - module

I have created a puppet construct: the file-scructure can be taken out of the screenshot below.
But when I execute the sites.pp file with the following command...
sudo puppet apply manifests/sites.pp --modulepath=~/puppet/modules/
...I get an errormessage as it is shown in the screenshot below.
manifests/sites.pp:
import 'nodes.pp'
manifests/nodes.pp:
node 'rbalwprinst01' {
include teamviewer
}
modules/teamviewer/manifests/init.pp:
class teamviewer {
file { '/tmp/test':
content => "test",
}
}
What is the cause of this error?
Thanks in advance.
EDIT: The solution to the problem was to remove "sudo", so that the command gets executed by the normal user.

Related

How to create a Hashicorp Vault user using Terraform

I am trying to create a Vault user in Terraform but can't seem to find the appropriate command to do so. I've searched the Terraform Registry and also performed some online searches but all to no avail.
All I'm looking to do is create a user, using the corresponding Terraform command to the Vault CLI command below:
vault write auth/userpass/users/bob password="passworld123" policies="default"
Any suggestions?
#hitman126 I guess you can take use of 'vault' provider module and 'vault_auth_backend' resource block. I guess your code should look like something similar to below
terraform {
required_providers {
vault = {
source = "hashicorp/vault"
version = "3.5.0"
}
}
}
provider "vault" {
}
resource "vault_auth_backend" "example" {
type = "userpass"
}
resource "vault_generic_secret" "developer_sample_data" {
path = "secret/foo"
data_json = <<EOT
{
"username": "bob",
"password": "passworld123"
}
EOT
}
In above code block, path is one full logic path where we write given data.To write data into the "generic" secret backend mounted in Vault by default, this should be prefixed with 'secret/'.
This might not be a full-fledged solution, but you can try something like this
Solution-2 :
If you have installed vault in machine and you would like to achieve above use case using vault command alone(if you don't want to use terraform-vault provider), then you can try something below
create one small sh script with above vault command. (valut-write.sh)
touch vault-write.sh
let content of script can be similar to below
#!/bin/sh
vault write auth/userpass/users/bob password="passworld123" policies="default"
chmod +x vault-write.sh
Create a .tf file with null resource, local-exec provisioner and invoke this sh script.
touch vault.tf
contents of vault.tf file can be similar to below
terraform {
required_version = "~> 1.1.1"
}
resource "null_resource" "vault_write" {
provisioner "local-exec" {
command = "/bin/sh vault-write.sh"
}
}

Migrate SSL Config to Elytron

I am trying to migrate a project from using the Legacy Security to using Elytron. I followed the steps in the documentation: https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.1/html/migration_guide/migrating_to_elytron#migrate_ssl_configurations
I verified it first by running:
/subsystem=undertow/server=default-server/https-listener=https:read-attribute(name=security-realm)
Result:
{
"outcome" => "success",
"result" => "ApplicationRealm"
}
Then I followed the steps in the documentation to create a key-store, key-manager, server-ssl-context, and switched the https-listener. And reloaded the server.
/subsystem=elytron/key-store=KeyStore:add(path=$keystore_file,type=JKS,credential-reference={clear-text=$keystore_password})
/subsystem=elytron/key-manager=KeyManager:add(key-store=KeyStore,credential-reference={clear-text=$keystore_password})
/subsystem=elytron/server-ssl-context=SSLContext:add(key-manager=KeyManager)
batch
/subsystem=undertow/server=default-server/https-listener=https:undefine-attribute(name=security-realm)
/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=ssl-context,value=SSLContext)
run-batch
Then I checked the https-listener again:
/subsystem=undertow/server=default-server/https-listener=https:read-attribute(name=security-realm)
But the result was undefined.
{
"outcome" => "success",
"result" => "Undefined"
}
When I check the standalone-full-ha.xml the SSLContext is there. Is there any other ways to check if the migration is ok?
It's doing exactly what you have told it to do, you are calling undefine, then reading back what you undefined

bin/behat not accepting arguments

While attempting to fix another issue I'm having (Behat tests not running on CircleCI) I noticed that any argument I provide to bin/behat is not accepted. For example, if I run bin/behat -h, I don't get the help options. It just runs my tests. If I rename my behat.yml file to behat-test.yml, and try to run bin/behat --config behat-test.yml, I get an error stating that the FeatureContext can't be found. No matter what I type after bin/behat it is ignored and it runs my tests.
I added a var_dump in Behat's Application.php file and it is not capturing the arguments and prints an empty array. e.g.
public function run(InputInterface $input = null, OutputInterface $output = null)
{
if (null === $input) {
$input = new ArgvInput();
}
var_dump($input);
Turns out, due to the nature of the CMS I'm working with I had to fudge some $_SERVER variables, and I had hard-coded $_SERVER['argv'] = array(), and forgot about it, which explains why no arguments were working.

puppetlabs/apache: Invalid relationship: File[/etc/httpd/conf/httpd.conf]

I just pulled the puppetlabs-apache git repository since a few months and when I run puppet I get the message:
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Invalid relationship: File[/etc/httpd/conf/httpd.conf] { require => File[/etc/httpd/conf/ports.conf] }, because File[/etc/httpd/conf/ports.conf] doesn't seem to be in the catalog
Error: Could not retrieve catalog; skipping run
This is my site manifests file:
class { 'apache':
mpm_module => 'prefork',
}
include apache::mod::php
class { 'postgresql::server': }
class { 'zabbix':
zabbix_url => 'zabbix.dj-wasabi.nl',
manage_resources => true,
}
This always worked before, but fails every time know. It doesn't matter which puppet version (3 or 4) or Linux OS (Centos, Ubuntu or Debian).
Am I missing something?
Kind regards,
Werner
Looks like Puppetlabs is tracking this issue here:
https://tickets.puppetlabs.com/browse/MODULES-2850

Puppet - Error: Could not retrieve catalog; skipping run

when I try to connect the puppet agent with puppet agent --test, I have this error :
Info: Retrieving plugin
Error: Could not retrieve catalog from remote server: Error 400 on SERVER :Could not find class <my_module> for <my_agent> on node <my_agent>
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
I have import nodes on sites.pp and include <my_module> on nodes.pp
--edit--
Content of sites.pp :
import "nodes"
filebucket { main: server => "<my_master>" }
File { backup => main }
Exec { path => "/usr/bin:/usr/sbon:/bin:/sbin" }
Content of nodes.pp :
node "<my_agent>" {
include <my_module>
}
--edit--
What is the real problem ?
Thanks
I have created another VM, and that's working now ! =)
Maybe I have taken a mistake in the network configuration.