Re: [Puppet Users] Problem while Installing software (agent) from puppetmaster to clients
301 views
Skip to first unread message
Felix Frank
Mar 5, 2013, 7:14:15 AM3/5/13
to puppet...@googlegroups.com
Hi,
there's a number of problems with your approach. Have you done any
simple deployment tasks using puppet to get you started? I advise to get
very familiar with the basics before trying a more involved management
operation such as newrelic installation.
On 03/04/2013 08:22 AM, guptasach...@gmail.com wrote:
> I had installed puppet master and client on two different machines.
> machine A has puppet master and machine B has client. both are centos6
> 64 bit machines.
> Machine B (client) is successfully connected to master (machine A). My
> aim is to install New Relic agent (server monitorinig tool) on different
> clients. I had installed new relic agent on machine A and trying to
> build a module so that I can deploy new relic agent remotely to my
> clients. right now I have only one client but there can be n number of
> clients.
This is fine so far.
> steps carried out on puppetmaster Machine A
>
> a) I had created a new module mcollective under /etc/puppet/modules
> directory.
Why is the module called mcollective? Should it not be called newrelic
instead?
> under manifests, I had created a init.pp with the follwoing contents
>
> #Module: mcollective
> #
> # Class: mcollective
> # Description:
> # This class does it all.
> #
> # Files:
> # /etc/yum.repos.d/newrelic.repo
> #
> #
> class mcollective {
> $my_repo = 'newrelic_repo'
> if $my_repo { include "mcollective::${my_repo}" }
> $my_install = 'install'
> if $my_install { include "mcollective::${my_install}" }
> }
Putting the class names into variables does not strike me as really
benefitting. And it does break the KISS principle.
> class mcollective::newrelic_repo {
> file { '/etc/yum.repos.d/newrelic.repo':
> owner => "root",
> group => "root",
> mode => 644,
> source => 'puppet:///modules/mcollective/newrelic.repo',
> }
> }
That's all right.
> class mcollective::install {
> exec { 'Installing newrelic-repo':
> command => 'yum -y install newrelic-repo*',
> timeout => 600,
> }
> }
With puppet, you should use exec as little as possible. Instead, try
package { "newrelic-sysmond": ensure => installed }
This won't work until the repo has been created, so tell puppet about
the order:
package { "newrelic-sysmond":
ensure => installed,
require => Class["newrelic::repo"],
}
> b) I had also copied newrelic.repo from /etc/yum.repos.d/newrelic.repo
> to /etc/puppet/modules/manifests
This won't work. If you want to make a file available using file { name:
source => ... }, it needs to be put into an appropriate files tree, such
as /etc/puppet/modules/newrelic/files/...
> c) under files diretcory, I had created sites.pp as
Now this one should be under manifests!
> import 'mcollective'
Importing modules is deprecated. I advise to not even bother with the
import statement.
> node 'basenode' {
> include mcollective
> include mcollective::newrelic_repo
> include mcollective::install
> }
That's fine.
> node 'WA19487ORACLE01' inherits basenode {
> license_key => 'd15ff577e5f27e071fe9b2d6809b9f2950fe87d1',
!!! Please get a new license key. You just shared your key with the
internet. !!!
> }
> d) here I have called module and passed the license_key for the node.
No. No, you haven't.
For one thing, the above is a syntax error. In a node block, there can
only be resource declarations such as
include newrelic
host { "localhost": ... }
file { "/etc/motd": ... }
etc.
I think what you are thinking of is a construct such as this:
node 'WA19487ORACLE01' inherits basenode {
class { "newrelic::install":
license_key => "...";
}
}
> e) I had restarted my puppetmaster(machine A) and puppet (machine B).
> when I checked /varlog/messages/ of machine A and machine B, new reliec
> agent is not getting deployed on machine B (clinet).
When developing puppet manifest, use these commands on your client node:
puppet agent --test --noop
If the output is satisfactory, follow that up with
puppet agent --test
to make puppet apply the necessary changes.
> f) my client is not able to retervie the catalog from puppet master. it
> throws following error when i run puppet agent --test on clinet I am
> getting the result as
> [root@WA19487ORACLE01 ~]# puppet agent --test
> notice: Ignoring --listen on onetime run
> info: Retrieving plugin
> err: /File[/var/lib/puppet/lib]: Failed to generate additional resources
> using 'eval_generate': hostname was not match with the server certificate
> err: /File[/var/lib/puppet/lib]: Could not evaluate: hostname was not
> match with the server certificate Could not retrieve file metadata for
> puppet://WA19487PUPPET01/plugins: hostname was not match with the server
> certificate
> err: Could not retrieve catalog from remote server: hostname was not
> match with the server certificate
> warning: Not using cache on failed catalog
> err: Could not retrieve catalog; skipping run
> Time:
> Last run: 1362381429
> err: Could not send report: hostname was not match with the server
> certificate
> please post your suggestions to help me out.
What is in your /etc/puppet/puppet.conf on the client node?
What is your master node's FQDN and what is the CN of its certificate?
Regards,
Felix
there's a number of problems with your approach. Have you done any
simple deployment tasks using puppet to get you started? I advise to get
very familiar with the basics before trying a more involved management
operation such as newrelic installation.
On 03/04/2013 08:22 AM, guptasach...@gmail.com wrote:
> I had installed puppet master and client on two different machines.
> machine A has puppet master and machine B has client. both are centos6
> 64 bit machines.
> Machine B (client) is successfully connected to master (machine A). My
> aim is to install New Relic agent (server monitorinig tool) on different
> clients. I had installed new relic agent on machine A and trying to
> build a module so that I can deploy new relic agent remotely to my
> clients. right now I have only one client but there can be n number of
> clients.
This is fine so far.
> steps carried out on puppetmaster Machine A
>
> a) I had created a new module mcollective under /etc/puppet/modules
> directory.
Why is the module called mcollective? Should it not be called newrelic
instead?
> under manifests, I had created a init.pp with the follwoing contents
>
> #Module: mcollective
> #
> # Class: mcollective
> # Description:
> # This class does it all.
> #
> # Files:
> # /etc/yum.repos.d/newrelic.repo
> #
> #
> class mcollective {
> $my_repo = 'newrelic_repo'
> if $my_repo { include "mcollective::${my_repo}" }
> $my_install = 'install'
> if $my_install { include "mcollective::${my_install}" }
> }
Putting the class names into variables does not strike me as really
benefitting. And it does break the KISS principle.
> class mcollective::newrelic_repo {
> file { '/etc/yum.repos.d/newrelic.repo':
> owner => "root",
> group => "root",
> mode => 644,
> source => 'puppet:///modules/mcollective/newrelic.repo',
> }
> }
That's all right.
> class mcollective::install {
> exec { 'Installing newrelic-repo':
> command => 'yum -y install newrelic-repo*',
> timeout => 600,
> }
> }
With puppet, you should use exec as little as possible. Instead, try
package { "newrelic-sysmond": ensure => installed }
This won't work until the repo has been created, so tell puppet about
the order:
package { "newrelic-sysmond":
ensure => installed,
require => Class["newrelic::repo"],
}
> b) I had also copied newrelic.repo from /etc/yum.repos.d/newrelic.repo
> to /etc/puppet/modules/manifests
This won't work. If you want to make a file available using file { name:
source => ... }, it needs to be put into an appropriate files tree, such
as /etc/puppet/modules/newrelic/files/...
> c) under files diretcory, I had created sites.pp as
Now this one should be under manifests!
> import 'mcollective'
Importing modules is deprecated. I advise to not even bother with the
import statement.
> node 'basenode' {
> include mcollective
> include mcollective::newrelic_repo
> include mcollective::install
> }
That's fine.
> node 'WA19487ORACLE01' inherits basenode {
> license_key => 'd15ff577e5f27e071fe9b2d6809b9f2950fe87d1',
!!! Please get a new license key. You just shared your key with the
internet. !!!
> }
> d) here I have called module and passed the license_key for the node.
No. No, you haven't.
For one thing, the above is a syntax error. In a node block, there can
only be resource declarations such as
include newrelic
host { "localhost": ... }
file { "/etc/motd": ... }
etc.
I think what you are thinking of is a construct such as this:
node 'WA19487ORACLE01' inherits basenode {
class { "newrelic::install":
license_key => "...";
}
}
> e) I had restarted my puppetmaster(machine A) and puppet (machine B).
> when I checked /varlog/messages/ of machine A and machine B, new reliec
> agent is not getting deployed on machine B (clinet).
When developing puppet manifest, use these commands on your client node:
puppet agent --test --noop
If the output is satisfactory, follow that up with
puppet agent --test
to make puppet apply the necessary changes.
> f) my client is not able to retervie the catalog from puppet master. it
> throws following error when i run puppet agent --test on clinet I am
> getting the result as
> [root@WA19487ORACLE01 ~]# puppet agent --test
> notice: Ignoring --listen on onetime run
> info: Retrieving plugin
> err: /File[/var/lib/puppet/lib]: Failed to generate additional resources
> using 'eval_generate': hostname was not match with the server certificate
> err: /File[/var/lib/puppet/lib]: Could not evaluate: hostname was not
> match with the server certificate Could not retrieve file metadata for
> puppet://WA19487PUPPET01/plugins: hostname was not match with the server
> certificate
> err: Could not retrieve catalog from remote server: hostname was not
> match with the server certificate
> warning: Not using cache on failed catalog
> err: Could not retrieve catalog; skipping run
> Time:
> Last run: 1362381429
> err: Could not send report: hostname was not match with the server
> certificate
> please post your suggestions to help me out.
What is in your /etc/puppet/puppet.conf on the client node?
What is your master node's FQDN and what is the CN of its certificate?
Regards,
Felix
guptasach...@gmail.com
Mar 6, 2013, 5:05:32 AM3/6/13
to puppet...@googlegroups.com
Thanks frank for providing me help..
I have made few changes in my configuration files. earlier there was also a major problem, puppet client is not able to retrieve catalog from master but now my puppet cleint is able to retrieve catalog from master.
my init.pp is as follows:
#Module: newrelic
#
# Class: newrelic
# Description:
# This class does it all.
#
# Files:
# /etc/yum.repos.d/newrelic.repo
#
#
class newrelic {
$my_repo = 'newrelic_repo'
if $my_repo { include "newrelic::${my_repo}" }
$my_install = 'install'
if $my_install { include "newrelic::${my_install}" }
}
---------------------------------------------------------------------------------------------
class newrelic::newrelic_repo {
file { '/etc/yum.repos.d/newrelic.repo':
owner => "root",
group => "root",
mode => 644,
source => 'puppet:///modules/newrelic/newrelic.repo',
}
}
--------------------------------------------------------------------------------------------------
class newrelic::install {
package { "newrelic-sysmond":
ensure => installed,
require => Class["newrelic::newrelic_repo"],
}
}
-----------------------------------------------------------------------------------------------------
node 'basenode' {
include newrelic
include newrelic::newrelic_repo
include newrelic::install
}
node 'WA19487ORACLE01' inherits basenode {
class { "newrelic::install":
license_key => "...";
}
}
-----------------------------------------------
when I run puppet agent --test from my puppet client machine, I am able to get the error message as
[root@WA19487ORACLE01 yum.repos.d]# puppet agent --test
info: Retrieving plugin
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/facter_dot_d.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/root_home.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/custom_auth_conf.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/pe_version.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/concat_basedir.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/puppet_vardir.rb
info: Caching catalog for wa19487oracle01
info: Applying configuration version '1362564169'
err: /Stage[main]/Newrelic::Install/Package[newrelic-sysmond]/ensure: change from absent to present failed: Execution of '/usr/bin/yum -d 0 -e 0 -y install newrelic-sysmond' returned 1: warning: rpmts_HdrFromFdno: Header V3 DSA/SHA1 Signature, key ID 548c16bf: NOKEY
GPG key retrieval failed: [Errno 14] Could not open/read file:///etc/pki/rpm-gpg/RPM-GPG-KEY-NewRelic
notice: Finished catalog run in 3.32 seconds
[root@WA19487ORACLE01 yum.repos.d]
right now newrelic.repo is copied to /etc/yum.repos.d/, when I search for the package, it says its available but not installed.
what changes I need to do to get it installed.
Thanks
Sachin
I have made few changes in my configuration files. earlier there was also a major problem, puppet client is not able to retrieve catalog from master but now my puppet cleint is able to retrieve catalog from master.
my init.pp is as follows:
#Module: newrelic
#
# Class: newrelic
# Description:
# This class does it all.
#
# Files:
# /etc/yum.repos.d/newrelic.repo
#
#
$my_repo = 'newrelic_repo'
if $my_repo { include "newrelic::${my_repo}" }
$my_install = 'install'
if $my_install { include "newrelic::${my_install}" }
}
---------------------------------------------------------------------------------------------
class newrelic::newrelic_repo {
file { '/etc/yum.repos.d/newrelic.repo':
owner => "root",
group => "root",
mode => 644,
}
}
--------------------------------------------------------------------------------------------------
class newrelic::install {
package { "newrelic-sysmond":
ensure => installed,
}
}
-----------------------------------------------------------------------------------------------------
node 'basenode' {
include newrelic
include newrelic::newrelic_repo
include newrelic::install
}
node 'WA19487ORACLE01' inherits basenode {
class { "newrelic::install":
license_key => "...";
}
}
when I run puppet agent --test from my puppet client machine, I am able to get the error message as
[root@WA19487ORACLE01 yum.repos.d]# puppet agent --test
info: Retrieving plugin
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/facter_dot_d.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/root_home.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/custom_auth_conf.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/pe_version.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/concat_basedir.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/puppet_vardir.rb
info: Caching catalog for wa19487oracle01
info: Applying configuration version '1362564169'
err: /Stage[main]/Newrelic::Install/Package[newrelic-sysmond]/ensure: change from absent to present failed: Execution of '/usr/bin/yum -d 0 -e 0 -y install newrelic-sysmond' returned 1: warning: rpmts_HdrFromFdno: Header V3 DSA/SHA1 Signature, key ID 548c16bf: NOKEY
GPG key retrieval failed: [Errno 14] Could not open/read file:///etc/pki/rpm-gpg/RPM-GPG-KEY-NewRelic
notice: Finished catalog run in 3.32 seconds
[root@WA19487ORACLE01 yum.repos.d]
right now newrelic.repo is copied to /etc/yum.repos.d/, when I search for the package, it says its available but not installed.
what changes I need to do to get it installed.
Thanks
Sachin
Felix Frank
Mar 6, 2013, 5:14:49 AM3/6/13
to puppet...@googlegroups.com
Hi,
this looks pretty good, although I cannot yet see how your module makes
use of the license key. Will probably need more work.
On 03/06/2013 11:05 AM, guptasach...@gmail.com wrote:
> err: /Stage[main]/Newrelic::Install/Package[newrelic-sysmond]/ensure:
> change from absent to present failed: Execution of '/usr/bin/yum -d 0 -e
> 0 -y install newrelic-sysmond' returned 1: warning: rpmts_HdrFromFdno:
> Header V3 DSA/SHA1 Signature, key ID 548c16bf: NOKEY
>
>
> GPG key retrieval failed: [Errno 14] Could not open/read
> file:///etc/pki/rpm-gpg/RPM-GPG-KEY-NewRelic
As to the problem at hand, the newrelic_repo class should also make sure
that the repo key (GPG) from newrelic is imported to yum so it will
accept their packages.
Basically, you want to teach puppet to do all the steps outlined here:
https://newrelic.com/docs/server/server-monitor-installation-redhat-and-centos
...in the correct order. It can be tricky to get certain operations
right (especially, enable puppet to tell if they have been completed in
an earlier run).
Good luck!
Felix
this looks pretty good, although I cannot yet see how your module makes
use of the license key. Will probably need more work.
On 03/06/2013 11:05 AM, guptasach...@gmail.com wrote:
> err: /Stage[main]/Newrelic::Install/Package[newrelic-sysmond]/ensure:
> change from absent to present failed: Execution of '/usr/bin/yum -d 0 -e
> 0 -y install newrelic-sysmond' returned 1: warning: rpmts_HdrFromFdno:
> Header V3 DSA/SHA1 Signature, key ID 548c16bf: NOKEY
>
>
> GPG key retrieval failed: [Errno 14] Could not open/read
> file:///etc/pki/rpm-gpg/RPM-GPG-KEY-NewRelic
that the repo key (GPG) from newrelic is imported to yum so it will
accept their packages.
Basically, you want to teach puppet to do all the steps outlined here:
https://newrelic.com/docs/server/server-monitor-installation-redhat-and-centos
...in the correct order. It can be tricky to get certain operations
right (especially, enable puppet to tell if they have been completed in
an earlier run).
Good luck!
Felix
sachin kumar
Mar 6, 2013, 6:20:27 AM3/6/13
to puppet...@googlegroups.com
Thanks Frank for pointing abour the licence key.
I made few more changes in my newrelic_repo file. i added /etc/pki/rpm-gpg/RPM-GPG-KEY-NewRelic entry and //etc/newrelic/nrsysmond.cfg which is present at master. now both these files will be copied into my agent. now I dont have to pass the licence key for new relic agent. when I run puppet agent --test on puppet client I am getting this result
[root@WA19487ORACLE01 rpm-gpg]# puppet agent --test
info: Retrieving plugin
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/facter_dot_d.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/root_home.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/custom_auth_conf.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/pe_version.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/concat_basedir.rb
info: Loading facts in /var/opt/lib/pe-puppet/lib/facter/puppet_vardir.rb
info: Caching catalog for wa19487oracle01
info: Applying configuration version '1362568453'
notice: /Stage[main]/Newrelic::Newrelic_repo/File[/etc/newrelic/nrsysmond.cfg]/ensure: defined content as '{md5}0e5a51a23ae986ec7253c12902d66e92'
notice: /Stage[main]/Newrelic::Install/Package[newrelic-sysmond]/ensure: created
notice: Finished catalog run in 6.58 seconds
notice: /Stage[main]/Newrelic::Newrelic_repo/File[/etc/newrelic/nrsysmond.cfg]/ensure: defined content as '{md5}0e5a51a23ae986ec7253c12902d66e92'
notice: /Stage[main]/Newrelic::Install/Package[newrelic-sysmond]/ensure: created
notice: Finished catalog run in 6.58 seconds
New relic package is deployed on my puppet cleint machine successfully and I am able to see agent nodes in new relic dashboard.
Once again thanks for your help..
Thanks
Sachin
Felix
--
You received this message because you are subscribed to a topic in the Google Groups "Puppet Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/puppet-users/TKlD60JvPzc/unsubscribe?hl=en.
To unsubscribe from this group and all its topics, send an email to puppet-users...@googlegroups.com.
To post to this group, send email to puppet...@googlegroups.com.
Visit this group at http://groups.google.com/group/puppet-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
Reply all
Reply to author
Forward
0 new messages