puppet network module 3.10.0

Today, I have released a large update to my Red Hat network Puppet module to the Puppet Forge.  Numerous pull requests were merged including:

• Added support for promiscuous interfaces. (Elyse Salberg)
• Added a parameter to disable restart of network service on change. (Evgeni Golov)
• Added support for netmask and broadcast parameters in alias range. (Nick Irvine)
• Added support for ARPCHECK=no for alias ranges. (Nick Irvine)
• Droped requirement of ipaddress/netmask on static interfaces. (Brian Murphey) Helpful for IPv6-only interfaces.
• Added support for ARPCKECK=no to static interfaces. (Sander Cornelissen)
• Made RES_OPTIONS for single-request-reopen optional (default true) (Elyse Salberg)
• Changed macadress for bond slaves to be optional (if not provided, try to get value from facts). (Elyse Salberg)
• Added explicit userctl, bootproto, onboot for bond slaves. (Elyse Salberg)
• Added explicit userctl for static bonds. (Elyse Salberg)
• Finally fixed the PEERDNS logic by making PEERDNS be separate from DNS1, DNS2, and DOMAIN.

https://forge.puppetlabs.com/razorsedge/network
https://github.com/razorsedge/puppet-network

Let me know if you have any feedback!

strict_variables and the RazorsEdge Puppet Modules

Over the past month I have been adding much needed support for running Puppet with strict_variables = true to all of the RazorsEdge Puppet modules. Thanks to coreone, I finally had a solution that did not require tearing out the legacy global variable support. As much as I think that continued inclusion of global variable support has become painful, I am still committed to keeping it around.

I also managed to get the Rspec testing Ruby gem dependencies configured such that things can still be tested on Ruby 1.8.7, 1.9.3, and 2.x as well as Puppet 2.7, 3.x, and 4.x. Travis-CI is also testing Ruby 2.4 and Puppet 5.x for all of the modules. As of now, only two modules are not passing the Puppet 5 Rspec tests and I hope to get those sorted soon.

https://forge.puppetlabs.com/razorsedge/certmaster
https://forge.puppetlabs.com/razorsedge/cloudera
https://forge.puppetlabs.com/razorsedge/func
https://forge.puppetlabs.com/razorsedge/hp_mcp
https://forge.puppetlabs.com/razorsedge/hp_spp
https://forge.puppetlabs.com/razorsedge/lsb
https://forge.puppetlabs.com/razorsedge/network
https://forge.puppetlabs.com/razorsedge/openlldp
https://forge.puppetlabs.com/razorsedge/openvmtools
https://forge.puppetlabs.com/razorsedge/razorsedge
https://forge.puppetlabs.com/razorsedge/snmp
https://forge.puppetlabs.com/razorsedge/tor
https://forge.puppetlabs.com/razorsedge/vmwaretools

Let me know if you have any feedback!

Hue Load Balancer TLS Errors

This is a reblog from the Clairvoyant blog.

If you are configuring the Hue load balancer with Apache httpd 2.4 and TLS certificates, there is a chance that you may end up with errors. The httpd proxy will check the certificates of the target systems and if they do not pass some basic consistency checks, the proxied connection fails.

Read more of my post on the Clairvoyant blog.

puppet snmp module 3.8.1

Recently, I have delivered several long-awaited releases of my Net-SNMP to the Puppet Forge. Included are numerous fixes from community members:

• Change so that service_config_perms parameter, network, and community can be arrays. (Jordan Wesolowski)
• Add OpenBSD to the supported operating systems, similar to FreeBSD support. (Sebastian Reitenbach)
• Update README.markdown. (Rémy Garrigue)
• Create Parameters for template files. (Alexander Schaber)
• Add support for the Dell OpenManage StorageServices smux OID. (Davide Ferrari)
• Enable service_config_dir_group class parameter. (Andreas de Pretis)
• Fix strict variables for defaults in params.pp. (coreone)
• Add master and agentx options to snmpd.conf.erb. (coreone)
• Update requirements for the snmp::client class. (Michael Watters)
• Ensure that /etc/snmp directory exists on RedHat platforms. (Michael Watters)
• Fix snmptrapd community string configuration. (Doug Schaapveld)

Additionally, there were some other changes:

• Fix incorrect file mode for snmpd.conf/snmptrapd.conf.
• Pin gems to specific Ruby versions in order to fix the breakage of Ruby 1.8, 1.9, and 2.x.
• Update instructions in CONTRIBUTING.md.
• Add deprecation warning for drop of Puppet 2.7 support.

https://forge.puppetlabs.com/razorsedge/snmp
https://github.com/razorsedge/puppet-snmp

Let me know if you have any feedback!

puppet snmp module 3.5.0

Today, I have released a minor update to my Puppet module for Net-SNMP to the Puppet Forge. Included are some fixes from community members:

• Add the ability pass multiple networks for the community string (Rodrigo Menezes). This now allows for more than one rocommunity line in the config.
• Quote snmpv3 passphrases to cope with weird characters and spaces (Peter Keel)

https://forge.puppetlabs.com/razorsedge/snmp
https://github.com/razorsedge/puppet-snmp

Let me know if you have any feedback!

puppet network module 3.6.0

Today, I have released a minor update to my Red Hat network Puppet module to the Puppet Forge.  Numerous pull requests were merged including:

• Installation of the bridge-utils package if bridging is used. (Daniel Werdermann)
• Added the SCOPE parameter to network::if::static and network::bridge::static. (flipkick)
• Added peerdns and check_link_down parameters for dynamic interfaces. (Elyse Salberg)
• Added logic for blank ipaddress, network, gateway to remove extra entries from ifcfg file. (Elyse Salberg)
• Minor lint and comments cleanup. (Elyse Salberg)
• Added logic to remove empty HWADDR entry from ifcfg file for blank macaddress (network::bond::dynamic, network::bond::static). (Elyse Salberg)

https://forge.puppetlabs.com/razorsedge/network
https://github.com/razorsedge/puppet-network

Let me know if you have any feedback!

Puppet modules and git master branch

The events in this post happened 5+ months prior to the posting date. I have been a bit behind on things, but wanted to get this out there.

<rant>

Here I am minding my own business, testing my modules on Travis-CI and I start to get failures in the rspec tests.  I only updated the Geppetto .project file, how is my CI now failing?

https://travis-ci.org/razorsedge/puppet-vmwaretools/jobs/59738380

  1) vmwaretools on a supported osfamily, vmware platform, default parameters for osfamily Debian and operatingsystem Ubuntu should contain Class[vmwaretools::repo] with before => ["Package[vmware-tools-esx-nox]", "Package[vmware-tools-esx-kmods-3.8.0-29-generic]"]
     Failure/Error: )}
     Puppet::Error:
       Syntax error at '{'; expected '}' at /home/travis/build/razorsedge/puppet-vmwaretools/spec/fixtures/modules/apt/manifests/init.pp:18 on node testing-worker-linux-docker-1ea89b31-3400-linux-15.prod.travis-ci.org
     # ./spec/classes/vmwaretools_init_spec.rb:159

It turns out that puppetlabs/apt has a syntax error in init.pp.  But why am I testing against a non-released (to the Forge) version of the APT module? I won’t ask how a syntax error even got committed.

The same goes for puppetlabs/concat:

https://travis-ci.org/razorsedge/puppet-cloudera/jobs/59736971

  27) cloudera::cm5::server on a supported operatingsystem, custom parameters, db_type => postgresql with defaults should contain File[/etc/cloudera-scm-server/db.properties] with ensure => "present"
     Failure/Error: it { should contain_file('/etc/cloudera-scm-server/db.properties').with_ensure('present') }
     Puppet::Error:
       Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type file_concat at /home/travis/build/razorsedge/puppet-cloudera/spec/fixtures/modules/concat/manifests/init.pp:106 on node testing-worker-linux-docker-e5c6f7ca-3360-linux-7.prod.travis-ci.org
     # ./spec/classes/cloudera_cm5_server_spec.rb:313

It looks like puppetlabs/concat is switching to using a second module (electrical/file_concat). Now I have to update my .fixtures.yml (which is fine, I do want to know about dependency changes), but there isn’t a released version of puppetlabs/concat with electrical/file_concat yet.

TL;DR
All of the rspec testing in the world won’t help if dependencies are unstable.  Puppet module git repository master branch should at all times be the same as the code released to the Forge.

</rant>