My puppet code is not idempotent (Windows package provider)

[cko]

Hi everyone,

I'm using the following manifest to deploy a driver package (and its certificate) to about 150 Windows Server 2008 R2 nodes.

https://gist.github.com/anonymous/1cbaa90e1d0497ebaeb3

The "file" and "exec" resources are applied successfully and only once.

But on every puppet run, the "package" resource gets applied. Example tagmail output:

Thu Feb 19 09:48:28 +0100 2015 /Stage[main]/[ .. module ]/Package[signotec WinUSB]/ensure (notice): created
Thu Feb 19 10:16:59 +0100 2015 /Stage[main]/[ .. module ]/Package[signotec WinUSB]/ensure (notice): created

.....

Any ideas?

[Dirk Heinrichs]

Am 19.02.2015 um 10:29 schrieb cko:

But on every puppet run, the "package" resource gets applied. Example tagmail output:

Thu Feb 19 09:48:28 +0100 2015 /Stage[main]/[ .. module ]/Package[signotec WinUSB]/ensure (notice): created
Thu Feb 19 10:16:59 +0100 2015 /Stage[main]/[ .. module ]/Package[signotec WinUSB]/ensure (notice): created

.....

Any ideas?

Is  'signotec WinUSB' exactly the name of the package as reported by Windows in Control Panel\All Control Panel Items\Programs and Features? dito for the version?

HTH...

    Dirk

--

Dirk Heinrichs, Senior Systems Engineer, Engineering Solutions
Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
Tel: +49 2226 1596666 (Ansage) 1149
Email: d...@recommind.com
Skype: dirk.heinrichs.recommind
www.recommind.com

[cko]

I installed the package manually and used "puppet resource package" to determine the exact package name.

But I just found out that Puppet doesn't install the package at all unless I run puppet manually via "puppet agent -t". The report says otherwise.

The Puppet service on the nodes runs as the "Local System Account" (Default)

I do not want to run "puppet agent -t" manuall on every machine for this to work :|

[Rob Reynolds]

On Thu, Feb 19, 2015 at 4:32 AM, cko <der...@gmail.com> wrote:

I installed the package manually and used "puppet resource package" to determine the exact package name.

But I just found out that Puppet doesn't install the package at all unless I run puppet manually via "puppet agent -t". The report says otherwise.

The Puppet service on the nodes runs as the "Local System Account" (Default)

I do not want to run "puppet agent -t" manuall on every machine for this to work :|

I wonder if this is due to some requirement of the USB installer to install interactively. When you are running puppet agent -t, you are doing it from an interactive session. When the service runs puppet agent, it is not interactive.

You can allow the service to interact with the desktop, but I'm not sure if this would cause other issues. If you want to give it a shot though, it may resolve the issue of installers that require interactive sessions.  Be sure you restart the service once you make this change. I would recommend testing this change against something non-production to be sure there are no other consequences of this adjustment.

 

On Thursday, February 19, 2015 at 11:15:34 AM UTC+1, Dirk Heinrichs wrote:

Am 19.02.2015 um 10:29 schrieb cko:

But on every puppet run, the "package" resource gets applied. Example tagmail output:

Thu Feb 19 09:48:28 +0100 2015 /Stage[main]/[ .. module ]/Package[signotec WinUSB]/ensure (notice): created
Thu Feb 19 10:16:59 +0100 2015 /Stage[main]/[ .. module ]/Package[signotec WinUSB]/ensure (notice): created

.....

Any ideas?

Is  'signotec WinUSB' exactly the name of the package as reported by Windows in Control Panel\All Control Panel Items\Programs and Features? dito for the version?

HTH...

    Dirk

--

Dirk Heinrichs, Senior Systems Engineer, Engineering Solutions
Recommind GmbH, Von-Liebig-Straße 1, 53359 Rheinbach
Tel: +49 2226 1596666 (Ansage) 1149
Email: d...@recommind.com
Skype: dirk.heinrichs.recommind
www.recommind.com

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/fe2a6f7a-9010-4e47-bfb1-6c05896d6749%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Rob Reynolds

Developer, Puppet Labs

PuppetConf 2015 is coming to Portland, Oregon! Join us October 5-9.

Register now to take advantage of the Early Adopter discount —save $349!

[Rob Reynolds]

On Thu, Feb 19, 2015 at 3:29 AM, cko <der...@gmail.com> wrote:

Hi everyone,

I'm using the following manifest to deploy a driver package (and its certificate) to about 150 Windows Server 2008 R2 nodes.

https://gist.github.com/anonymous/1cbaa90e1d0497ebaeb3

On second look, I noticed you were using a network share. It's possible Puppet is silently failing on being unable to access the installer file. The puppet agent service by default runs as LocalSystem, which will not have access to network shares. You can either find a user that is in the local Administrators group that have network access or copy the resource locally through a different means before trying to use it with package.

 

The "file" and "exec" resources are applied successfully and only once.

But on every puppet run, the "package" resource gets applied. Example tagmail output:

Thu Feb 19 09:48:28 +0100 2015 /Stage[main]/[ .. module ]/Package[signotec WinUSB]/ensure (notice): created
Thu Feb 19 10:16:59 +0100 2015 /Stage[main]/[ .. module ]/Package[signotec WinUSB]/ensure (notice): created

.....

Any ideas?

--

You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/73b28b55-3f57-4ab1-b92a-1078c5175f76%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.