I'm trying to install ActiveMQ using puppet. this package comes in tar ball. how can I make sure each and every file is being pushed (recursively) from puppet and it makes sure the service is running. As it has its own executable in 'bin' dir.
I would ask is it essential to install activemq from a Tarball? It'd probably be easier to manage as a package, such as a yum or apt install.
Managing tarballs is always going to be more difficult, especially when updating versions, or dealing with issues like downloads failing.
I would recommend using an existing activemq module from the forge:
https://forge.puppet.com/modules?utf-8=%E2%9C%93&sort=latest_release&q=activemq
To give you a general idea of how it might look, here's some basic code that could work:
$activemq_home = "/usr/local/activemq"
package{"java-1.6.0-openjdk":
ensure => installed;
}
$activemq_version = "5.4.3"
user {"activemq":
ensure => present,
home => $activemq_home,
managehome => false,
shell => "/bin/sh",
}
group {"activemq":
ensure => present,
require => User["activemq"],
}
Exec{path => ["/usr/local/bin","/usr/bin","/bin"]}
$puppet_cache = "/usr/local/src/gitorious"
file {$puppet_cache:
ensure => directory,
owner => "root",
group => "root",
}
exec { 'download_amq_src':
unless => '/usr/bin/test -e ${activemq_home}/apache-activemq-${amq_version}-bin.tar.gz',
command => 'cd /tmp && /usr/bin/wget http://archive.apache.org/dist/activemq/apache-activemq/${amq_version}/apache-activemq-${amq_version}-bin.tar.gz',
require => File[$activemq_home],
}
# Unpack the archive in the amq user directory
exec { 'unpack_amq_src':
onlyif => '/usr/bin/test -d ${activemq_home}/apache-activemq-${amq_version}-bin',
command => 'cd $amq_home && /bin/tar -xf /tmp/apache-activemq-${amq_version}-bin.tar.gz',
require => Exec['download_amq'],
}
file {"/etc/init.d/activemq":
ensure => file,
mode => 755,
owner => "root",
group => "root",
content => template("activemq/etc/init.d/activemq.erb"),
require => File["/etc/activemq.conf"],
}
service{"activemq":
enable => true,
ensure => running,
require => File["/etc/init.d/activemq"],
}
file { "activemq.xml":
path => "$activemq_home/conf/activemq.xml",
ensure => present,
mode => 644,
owner => "activemq",
group => "activemq",
content => template("activemq/activemq.xml.erb"),
require => File["/etc/init.d/activemq"],
notify => Service["activemq"],
}
Related
I am trying to set up my CakePHP 3.8 project on a GCP "Compute Engine" VM.
I have set up my app.php to use the following DB configuration:
'className' => 'Cake\Database\Connection',
'driver' => 'Cake\Database\Driver\Mysql',
'persistent' => false,
'datasource' => 'Database/Mysql',
'persistent' => false,
'host' => 'localhost',
'username' => 'user',
'password' => 'password',
'database' => 'dbname',
'prefix' => '',
'encoding' => 'utf8',
'timezone' => 'UTC',
'cacheMetadata' => true,
'log' => false,
'flags' => [
PDO::MYSQL_ATTR_INIT_COMMAND => "SET ##SESSION.sql_mode='';",
// uncomment below for use with Google Cloud SQL
PDO::MYSQL_ATTR_SSL_KEY => CONFIG.'ssl/client-key.pem',
PDO::MYSQL_ATTR_SSL_CERT => CONFIG.'ssl/client-cert.pem',
PDO::MYSQL_ATTR_SSL_CA => CONFIG.'ssl/server-ca.pem',
PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false
],
'cacheMetadata' => true,
'log' => false,
My problem happens when I try to run migrations. The site works just fine with the above configuration, however, if I run
$> php bin/cake.php migrations migrate
I get a slew of errors saying that it cannot connect, access denied for user#host.
If I add
'ssl_key' => CONFIG .'ssl/client-key.pem',
'ssl_cert' => CONFIG . 'ssl/client-cert.pem',
'ssl_ca' => CONFIG . 'ssl/server-ca.pem',
I get an error:
Caused by: [PDOException] PDO::__construct(): Peer certificate CN=`gcpname:gcpserver' did not match expected CN=`111.111.111.111' in /var/www/mydomain.com/vendor/robmorgan/phinx/src/Phinx/Db/Adapter/PdoAdapter.php on line 79
I guess this is because the migrations plugin still doesn't pass the flags or custom mysql_attr_* options over to the Phinx connection configuration, see this issue:
https://github.com/cakephp/migrations/issues/374
I don't think there's much that can be done here, other than adding support for flags / attribute options, or using Phinx directly (ie without the Migrations plugin).
I've pushed a PR that would add support for driver specific flags, you might want to give it a try and comment on the issue or the PR whether it works for you (it's for CakePHP 4.x (Migrations 3.x), I'll backport it for CakePHP 3.x (Migrations 2.x) in case it's being accepted):
https://github.com/cakephp/migrations/pull/478
I have the following file resource in my puppet manifest:
file{
'example.dat'
path => "/path/to/example.dat",
owner => devops,
mode => "0644",
source => "/path/to/example.txt"
}
I want to run the above snippet only when the .txt file is present in a particular directory. Otherwise, I do not want the snippet to run.
How do I go about doing that in puppet?
In general, you would create a custom fact that returns true when the directory in question satisfies your condition. For example:
Facter.add('contains_txt') do
setcode do
! Dir.glob("/path/to/dir/*.txt").empty?
end
end
Then you would write:
if $facts['contains_txt'] {
file { 'example.dat':
path => "/path/to/example.dat",
owner => devops,
mode => "0644",
source => "/path/to/example.txt",
}
}
I use this manifest:
apt::source { 'repo.universe-factory':
location => 'http://repo.universe-factory.net/debian/',
release => 'sid',
repos => 'main',
key => '16EF3F64CB201D9C',
key_server => 'pgpkeys.mit.edu';
}
Now I cannot install packages from it, because there exists only a Source.gz and not
http://repo.universe-factory.net/debian/dists/sid/main/source/Sources
The problem is not the missing gz ending, the problem is somewhere else:
puppet cannot follow the redirect to the https site:
http://repo.universe-factory.net
redirects to
https://repo.universe-factory.net
If you change the code to
apt::source { 'repo.universe-factory':
location => 'http://repo.universe-factory.net/debian/',
...
and ensure, that the package apt-transport-https is installed, it works!
I'm new to Puppet and following this tutorial to get into it:
http://www.pindi.us/blog/getting-started-puppet
I created an SSH module (/modules/ssh/manifests/init.pp) and added the following in the base node.pp (puppet/manifests/)
node default {
include ssh
}
The ssh module loks ike this:
class ssh {
include ssh::install, ssh::config, ssh::service
}
class ssh::install {
package {"ssh":
ensure => present,
}
}
class ssh::config {
file { "/etc/ssh/sshd_config":
ensure => present,
owner => 'root',
group => 'root',
mode => 600,
source => "puppet:///modules/ssh/sshd_config",
notify => Class["ssh::service"],
}
}
class ssh::service {
service { "ssh":
ensure => running,
hasstatus => true,
hasrestart => true,
enable => true,
}
}
Class["ssh::install"] -> Class["ssh::config"] -> Class["ssh::service"]
On the puppet I linked the module path with:
sudo puppet apply --modulepath=/vagrant/modules /vagrant/manifests/site.pp
which works.
If I then apply the nodes.pp I get the error:
Could not find class ssh for precise32 at /vagrant/manifests/nodes.pp:2 on node precise32...
Everything looks right, but I don't know where my error is.
It worked before as I installed SSH on the puppet yesterday, but I must have messed up something
I am using Chef zero on my windows machine to ssh into a red hat linux machine and execute a command that's inside of a recipe. When I run the code below, it tries to SSH for 120 secs and times out. I'm not sure why this is happening. Any idea why this is happening?
require 'chef/provisioning'
require 'chef/provisioning/ssh_driver'
with_driver 'ssh'
machine "ssh" do
attribute "short_dns", new_resource.short_dns
attribute "long_dns", load_balancer_name
recipe "mycookbook::add_short_dns"
machine_options :transport_options => {
'is_windows' => false,
'ip_address' => '10.16.99.124',
'username' => 'myusername',
'ssh_options' => {
'password' => 'mypassword'
}
}
converge true
end
here is the error
- been waiting 110/120 -- sleeping 10 seconds for ssh (10.16.99.124 on ssh:C:/Users/user/.chef/provisioning/ssh) to be connectable ...[2015-06-23T14:54:33-05:00] INFO: Executing sudo pwd on myusername#10.16.99.124
================================================================================
Error executing action `converge` on resource 'machine[ssh]'
================================================================================
RuntimeError
------------
Machine ssh (10.16.99.124 on ssh:C:/Users/user/.chef/provisioning/ssh) did not become ready within 120 seconds
I'm still fighting with Chef Provisioning myself, so this may not be as helpful as I would like. One thing is that each of these is a key/value pair, so want to declare your variables differently (see below):
require 'chef/provisioning/ssh_driver'
with_driver 'ssh'
with_machine_options :transport_options => {
:username => 'centos',
:ssh_options => {
:password => 'password'
}
}
Amir,
Does the :C/Users/user/.chef/provisioning/ssh directory exist on your workstation? If not try creating it and making sure permissions are correct then try
Try to use the snippet below, notice extra options that will help you to debug an issue.
1) DEBUG level will allow to see SSH communication.
2) If you don't overwrite prefix, it will use SUDO by default
3) Sometimes when you recreate remote server, your "known_hosts" file remembers it and the next time you try to SSH into server after recreation, you receive thie message "WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED". In fact SSH session hangs, but you don't see that on the client side. So better ignore it.
:transport_options => {
:is_windows => false,
:username => 'YOURUSER',
:ssh_options => {
:password => 'YOURPASSWRD',
:verbose => Logger::DEBUG,
:user_known_hosts_file => '/dev/null'
},
:options => {
:prefix => ''
}
},