Tuesday, 2008-05-06

[2008/05/06 00:03:31] @ lak joined channel #puppet
[2008/05/06 00:04:16] <ashp> Hmm I'm at a total loss once again, I have include 'rmserver::mount' in 'class rmserver', and then mount.pp starts with 'class rmserver::mount'
[2008/05/06 00:04:24] <ashp> but Puppet keeps saying that it can't find rmserver::mount
[2008/05/06 00:04:35] <ashp> all the other include rmserver::'s work, just not this one for some reason
[2008/05/06 00:07:55] <ashp> Hmm, another weird bug - restarting puppetmaster and changing nothing resolved it.
[2008/05/06 00:10:01] <ashp> lak: Have you seen that before, puppetmaster being unable to find files, and a restart fixes it?
[2008/05/06 00:10:37] <lak> not really
[2008/05/06 00:10:50] <lak> that is, only when the file to be loaded was loaded as a result of importing a glob
[2008/05/06 00:11:00] <ashp> this was modules/rmserver/manifests/mount.pp
[2008/05/06 00:11:15] <ashp> my coworker had updated init.pp to include it without adding the file
[2008/05/06 00:11:25] <ashp> I added it into svn so it got into /etc/puppet/, and no matter what I did it couldn't see the file
[2008/05/06 00:11:31] <ashp> I restarted puppetmaster and it worked fine
[2008/05/06 00:11:44] <lak> that's pretty weird
[2008/05/06 00:12:17] <lak> is there anything else you can tell me about it?
[2008/05/06 00:12:31] <lak> did you try to include the file before you saved it the first time? or anything weird like that
[2008/05/06 00:12:43] <lak> just trying to think how the server could have gotten into a state where it refused to look at the file
[2008/05/06 00:12:47] <ashp> I think that's what happened, he added it in and puppet ran since
[2008/05/06 00:12:54] <ashp> but mount.pp wasn't there at that point
[2008/05/06 00:13:03] <ashp> I then added it in, but it's like it didn't recheck for it
[2008/05/06 00:13:34] <ashp> May 5 09:57:27 hlslinutil02 puppetmasterd[3206]: Could not find class rmserver::mount in namespaces rmserver at /etc/puppet/modules/rmserver/manifests/init.pp:9 on node hlsbuild01.law.harvard.edu
[2008/05/06 00:13:38] <ashp> That's all I had in the logs
[2008/05/06 00:18:02] <lak> that could be it -- once it checks for a file that's missing, it might just never check again
[2008/05/06 00:18:05] <lak> lemme look
[2008/05/06 00:18:08] <ashp> k
[2008/05/06 00:21:04] @ a-priori joined channel #puppet
[2008/05/06 00:21:22] @ andrewcshafer joined channel #puppet
[2008/05/06 00:26:02] @ Quit: _newbie_: "KVIrc 3.2.5 Anomalies http://www.kvirc.net/"
[2008/05/06 00:26:16] @ _newbie_ joined channel #puppet
[2008/05/06 00:27:05] @ _newbie_ is now known as f--z
[2008/05/06 00:32:05] @ jfluhmann joined channel #puppet
[2008/05/06 00:32:53] @ jfluhmann left channel #puppet ("Open Source Symposium - http://www.texasoss.org/")
[2008/05/06 00:44:10] @ jvanzyl joined channel #puppet
[2008/05/06 00:44:44] <ashp> Hmm, does facter return ipaddress as a number rather than a string?
[2008/05/06 00:45:47] <ashp> I was doing if ipaddress =~ "/10.241.209/" in a template but I guess I'm doing something wrong
[2008/05/06 00:48:13] @ Quit: shake-n-bake:
[2008/05/06 00:50:30] @ Quit: johnf: Read error: 110 (Connection timed out)
[2008/05/06 00:50:33] <ashp> oh, ""'s are bad
[2008/05/06 00:50:33] @ pkhamre joined channel #puppet
[2008/05/06 00:57:13] @ martha joined channel #puppet
[2008/05/06 00:57:42] @ freiheit joined channel #puppet
[2008/05/06 01:00:59] @ Quit: lak:
[2008/05/06 01:01:24] @ Quit: zobbo: Read error: 113 (No route to host)
[2008/05/06 01:05:26] @ kolla_ joined channel #puppet
[2008/05/06 01:06:25] @ Quit: tim\|macbook: "This computer has gone to sleep"
[2008/05/06 01:11:35] <stick> is there a decent wiki doc on moving from webrick to mongrel?
[2008/05/06 01:12:46] <duritong> stick: wiki -> search -> mongrel
[2008/05/06 01:13:12] * stick finds UsingMongrel
[2008/05/06 01:13:37] @ Quit: londo__: Success
[2008/05/06 01:15:13] @ londo__ joined channel #puppet
[2008/05/06 01:23:03] <ashp> Hmm, I thought that file with ensure => directory and recurse => true,
[2008/05/06 01:23:08] <ashp> would be able to make /srv/media/content
[2008/05/06 01:23:16] <ashp> instead it keeps bitching /srv/media doesn't exist
[2008/05/06 01:24:02] @ Quit: londo__: Read error: 104 (Connection reset by peer)
[2008/05/06 01:25:54] @ londo__ joined channel #puppet
[2008/05/06 01:28:39] <ashp> I give up, it literally could not create /srv/media for no reason, it's not going well this morning.
[2008/05/06 01:29:58] <stick> hmm so it seems that the simpliest case (of switching to mongrel instead of webrick) is just servertype = mongrel in puppet.conf
[2008/05/06 01:30:16] <stick> then scale out from there,
[2008/05/06 01:32:30] @ Quit: roald: "KVIrc 3.2.6 Anomalies http://www.kvirc.net/"
[2008/05/06 01:34:06] @ zobbo joined channel #puppet
[2008/05/06 01:34:56] @ Quit: kolla_: Remote closed the connection
[2008/05/06 01:35:03] @ jeffl joined channel #puppet
[2008/05/06 01:40:02] @ Quit: londo__: Success
[2008/05/06 01:40:58] @ londo__ joined channel #puppet
[2008/05/06 01:42:14] @ a-priori_ joined channel #puppet
[2008/05/06 01:42:35] @ Quit: Innocenti: Client Quit
[2008/05/06 01:45:28] @ jvanzyl_ joined channel #puppet
[2008/05/06 01:46:10] @ Quit: jvanzyl: Read error: 113 (No route to host)
[2008/05/06 01:53:29] @ jvanzyl joined channel #puppet
[2008/05/06 01:56:49] @ Quit: kolla: Remote closed the connection
[2008/05/06 01:58:02] @ Quit: a-priori: Read error: 110 (Connection timed out)
[2008/05/06 02:02:19] @ lak joined channel #puppet
[2008/05/06 02:03:22] @ Quit: lak: Client Quit
[2008/05/06 02:03:26] @ Quit: f--z: "KVIrc 3.2.5 Anomalies http://www.kvirc.net/"
[2008/05/06 02:08:42] @ shenson is now known as shenson_not_here
[2008/05/06 02:08:45] @ shenson_not_here is now known as shenson
[2008/05/06 02:10:55] @ Quit: \|Innocenti\|: Read error: 110 (Connection timed out)
[2008/05/06 02:16:03] @ Quit: jvanzyl_: Read error: 113 (No route to host)
[2008/05/06 02:19:18] @ shake-n-bake joined channel #puppet
[2008/05/06 02:22:23] @ plathrop joined channel #puppet
[2008/05/06 02:22:51] <duritong> stick: yes
[2008/05/06 02:23:50] @ lutter joined channel #puppet
[2008/05/06 02:24:19] @ Quit: plathrop: Client Quit
[2008/05/06 02:24:26] @ plathrop joined channel #puppet
[2008/05/06 02:25:38] @ Quit: plathrop: Client Quit
[2008/05/06 02:25:42] @ plathrop joined channel #puppet
[2008/05/06 02:28:34] @ shake-n-bake_ joined channel #puppet
[2008/05/06 02:30:39] @ Quit: yure: kubrick.freenode.net irc.freenode.net
[2008/05/06 02:31:22] @ Quit: wrobel: kubrick.freenode.net irc.freenode.net
[2008/05/06 02:31:23] @ Quit: thijso: kubrick.freenode.net irc.freenode.net
[2008/05/06 02:31:25] @ Quit: barnbarn: kubrick.freenode.net irc.freenode.net
[2008/05/06 02:31:45] @ plathrop left channel #puppet ("ERC Version 5.2 (IRC client for Emacs)")
[2008/05/06 02:32:22] @ plathrop joined channel #puppet
[2008/05/06 02:32:32] @ wrobel joined channel #puppet
[2008/05/06 02:32:33] @ thijso joined channel #puppet
[2008/05/06 02:32:35] @ barnbarn joined channel #puppet
[2008/05/06 02:32:37] @ yure joined channel #puppet
[2008/05/06 02:36:43] @ Quit: zobbo: Read error: 110 (Connection timed out)
[2008/05/06 02:38:11] <stick> I have the basic setup right (with a single mongrel thread for now) but I'm getting ssl errors
[2008/05/06 02:40:41] <stick> hmm it was unhappy with the CRL file for some reason
[2008/05/06 02:48:14] @ \ask joined channel #puppet
[2008/05/06 02:48:49] @ muerr joined channel #puppet
[2008/05/06 02:48:57] @ Quit: shake-n-bake: Read error: 110 (Connection timed out)
[2008/05/06 03:00:41] @ a-priori joined channel #puppet
[2008/05/06 03:01:52] <stick> so I know you can do an:
[2008/05/06 03:02:01] <stick> import "classname" in a pp file (vs an include)
[2008/05/06 03:02:08] <stick> should that work with subclasses as well?
[2008/05/06 03:02:13] <stick> import "foo::bar" ?
[2008/05/06 03:03:19] @ a-priori__ joined channel #puppet
[2008/05/06 03:14:50] @ Quit: a-priori_: Read error: 110 (Connection timed out)
[2008/05/06 03:17:57] @ brscott joined channel #puppet
[2008/05/06 03:18:05] <stick> hmm now I'm getting a 403
[2008/05/06 03:18:37] @ Quit: a-priori: Read error: 110 (Connection timed out)
[2008/05/06 03:18:43] <stick> client denied by server configuration: proxy:balancer://puppetmaster:8140/RPC2
[2008/05/06 03:18:59] @ brscott left channel #puppet ()
[2008/05/06 03:22:49] <muerr> you can include foo::bar
[2008/05/06 03:23:28] <ashp> argh i can't find a command line svn method to just see the previous versions
[2008/05/06 03:23:42] <muerr> svn log -v
[2008/05/06 03:23:46] <muerr> ?
[2008/05/06 03:24:06] <ashp> that just shows what files it touched
[2008/05/06 03:24:10] <ashp> not what the changes were, annoyingly
[2008/05/06 03:24:23] <stick> muerr: yeah I know but I don't actually want to include it, I want to import it, I'm trying to fix a race condition with a variable in a template
[2008/05/06 03:24:33] <muerr> ashp: svn diff -r REV
[2008/05/06 03:24:36] <stick> but right now I'm trying to fix mongrel
[2008/05/06 03:25:01] <ashp> oh i can just do a -r to a rev, ok
[2008/05/06 03:27:00] <muerr> :)
[2008/05/06 03:28:10] <muerr> stick: i don't think you can 'import' the subclass specifically unless it were in its own file.
[2008/05/06 03:28:38] <stick> k, I think it may only be the module you are importing
[2008/05/06 03:28:48] * stick will have to find another way to aleviate the race condition
[2008/05/06 03:28:51] <muerr> maybe a virtual resource that uses that variable?
[2008/05/06 03:29:12] <stick> maybe I'll have to think about it
[2008/05/06 03:29:39] <muerr> thats always a good idea!
[2008/05/06 03:29:40] <muerr> hehe
[2008/05/06 03:35:00] <stick> pastie: url
[2008/05/06 03:36:20] <pastie> http://pastie.org/191830 by stick.
[2008/05/06 03:36:42] <stick> so that's ^^ where I'm stuck with mongrel
[2008/05/06 03:42:25] <holoway> stick: but the client authenticates properly to compile the manifest?
[2008/05/06 03:42:35] <stick> holoway: yeah appears to
[2008/05/06 03:43:11] <stick> well actually no, never gets that far
[2008/05/06 03:43:15] <stick> 403's everywhere
[2008/05/06 03:43:24] <holoway> yeah, so it's a certificate authority problem
[2008/05/06 03:43:36] <stick> May 5 13:42:55 puppet puppetd[680]: Could not call puppetmaster.getconfig: #<RuntimeError: HTTP-Error: 403 Forbidden>
[2008/05/06 03:43:36] <stick> May 5 13:42:55 puppet puppetd[680]: Could not retrieve catalog: HTTP-Error: 403 Forbidden
[2008/05/06 03:43:37] <stick> May 5 13:42:55 puppet puppetd[680]: Not using cache on failed catalog
[2008/05/06 03:43:45] <holoway> pastie: hook me up with one of those urls, baby
[2008/05/06 03:44:17] <stick> holoway: if that's the case that's a misleading error from where I'm sitting :)
[2008/05/06 03:44:35] <pastie> http://pastie.org/191836 by holoway.
[2008/05/06 03:45:14] <holoway> stick: for sure
[2008/05/06 03:45:26] @ mccune joined channel #puppet
[2008/05/06 03:45:29] <holoway> but if the manifest doesn't compile, I'm not sure what other thing would cause a 403
[2008/05/06 03:45:50] <holoway> (and it makes some sense, since you are doing client verification, that it would 403 on failure)
[2008/05/06 03:45:56] <holoway> (it being apache, in this case)
[2008/05/06 03:46:06] <holoway> so that pastie is our working puppetmasterd apache template
[2008/05/06 03:46:47] <stick> hmm
[2008/05/06 03:46:49] <holoway> I don't see much difference between us, though
[2008/05/06 03:46:53] <stick> looks largly the same
[2008/05/06 03:47:49] @ randybias joined channel #puppet
[2008/05/06 03:47:52] <holoway> are you running a standalone httpd, or out of the system httpd configs?
[2008/05/06 03:52:23] @ Quit: londo__: Read error: 104 (Connection reset by peer)
[2008/05/06 03:52:29] <stick> out of the system apache configs
[2008/05/06 03:52:31] @ lak joined channel #puppet
[2008/05/06 03:52:41] <holoway> stick: try running it as a standalone httpd instance
[2008/05/06 03:52:58] <stick> ok, but why should that matter?
[2008/05/06 03:53:02] <holoway> voodoo, I know, but give it a shot
[2008/05/06 03:53:09] <stick> it's just a proxy...
[2008/05/06 03:53:10] <holoway> are you running any other SSL on that system?
[2008/05/06 03:53:20] @ londo__ joined channel #puppet
[2008/05/06 03:53:43] <holoway> or, more accurately, out of that httpd
[2008/05/06 03:56:04] <stick> there's the default ssl vhost that mod_ssl lays down but other than that no
[2008/05/06 03:56:15] @ gh joined channel #puppet
[2008/05/06 03:56:41] <holoway> which should be okay, right? since SSL happens at the TCP layer, it's IP + port
[2008/05/06 03:56:57] <holoway> unless that vhost is bound to more than 443, which seems unlikely
[2008/05/06 03:58:35] <stick> should be as I understand it
[2008/05/06 03:58:45] <stick> standalone didn't help
[2008/05/06 03:59:07] <holoway> well, it was voodoo after all
[2008/05/06 03:59:09] <holoway> ;)
[2008/05/06 03:59:12] * holoway shakes the bones
[2008/05/06 04:00:53] <muerr> can someone help me understand what all the talk of mongrel + puppet is? is that to replace the built in xmlrpc engine of puppet with a mongrel web server instance? mongrel is a ruby-based web server a la apache isn't it?
[2008/05/06 04:01:49] <holoway> mongrel is a faster ruby web server than webrick
[2008/05/06 04:01:53] <holoway> but it doesn't do SSL
[2008/05/06 04:02:02] <holoway> and you normally run it as "pack"
[2008/05/06 04:02:09] <holoway> behind a reverse proxy
[2008/05/06 04:02:18] <holoway> basically, it lets you have N puppetmasters
[2008/05/06 04:02:34] <holoway> scales better than webrick
[2008/05/06 04:02:47] <muerr> is webrick what puppet uses internally?
[2008/05/06 04:02:52] <holoway> yes
[2008/05/06 04:02:59] <muerr> gotit.
[2008/05/06 04:03:23] <muerr> so our environment which uses a single puppet master wouldn't particularly benefit from it.
[2008/05/06 04:04:01] <holoway> it would if you have enough clients
[2008/05/06 04:05:21] <ashp> dammnit
[2008/05/06 04:05:35] <ashp> holoway: you're convincing me more and more
[2008/05/06 04:05:37] <ashp> that I need to use iclassify
[2008/05/06 04:05:47] <muerr> heh..
[2008/05/06 04:05:57] <ashp> especially considering this sudoers thing
[2008/05/06 04:06:05] <holoway> I find the template + iclassify combo user handy
[2008/05/06 04:06:06] <ashp> it seems horrific to define random variables in my sudo module
[2008/05/06 04:06:06] <muerr> we have 26 nodes.
[2008/05/06 04:06:09] <ashp> especially as they don't even work :/
[2008/05/06 04:06:21] <muerr> ashp see my response about the sudoers :)
[2008/05/06 04:06:21] <holoway> s/user/super/g
[2008/05/06 04:06:22] <ashp> that whole tagged() business is still failing for me so
[2008/05/06 04:06:28] <holoway> ah, lame
[2008/05/06 04:06:30] <ashp> muerr: ahhh, you were the one avoiding it all together?
[2008/05/06 04:06:33] <muerr> Yup
[2008/05/06 04:06:42] <ashp> I can understand why, it's just a difficult problem
[2008/05/06 04:06:49] <muerr> eh.
[2008/05/06 04:06:50] <holoway> muerr: that would drive me nuts, having to keep my list of nodes in sudoers
[2008/05/06 04:07:02] <ashp> puppet needs easier internal support for building up templates and checking for the existance of classes or modules
[2008/05/06 04:07:08] <muerr> holoway: well, we only have one-offs in there for a handful of servers.
[2008/05/06 04:07:19] <ashp> yeah that's why I avoided muerr's method, because I wouldn't want to have to update the file if I deployed services to a new host
[2008/05/06 04:07:23] <holoway> ashp: some of that is a question of when things get read in
[2008/05/06 04:07:35] <holoway> since I think templates are evaluted as a function
[2008/05/06 04:07:39] <ashp> holoway: I think that's part of the problem, sudo is read before the rhythmyx module
[2008/05/06 04:07:44] <holoway> so the entire graph may not be loaded
[2008/05/06 04:07:50] <muerr> see sudoers as an example of content that i don't want to manage with puppet.
[2008/05/06 04:07:57] <holoway> muerr: really?
[2008/05/06 04:08:01] <holoway> I totally do
[2008/05/06 04:08:10] <holoway> it's the ideal case!
[2008/05/06 04:08:19] <holoway> (you manage it with puppet!)
[2008/05/06 04:08:22] <ashp> Yeah, I want to be able to manage it and have all kinds of conditionals to add specific bits in based on what other services are defined on the host
[2008/05/06 04:08:31] <ashp> but it seems very fragile
[2008/05/06 04:08:41] <muerr> we have 5 sys admins, they're all in wheel group, and they're all on every system. we have another group of web team users that need a couple privs (su, mostly) on 4 systems.
[2008/05/06 04:08:49] <muerr> it is very easy to manage.
[2008/05/06 04:09:00] <muerr> fragility is what i wanted to avoid.
[2008/05/06 04:09:23] <muerr> a bunch of complex functions, special defined types and templates is too complex to be reliable when we don't need a huge amount of complexity.
[2008/05/06 04:09:43] <holoway> muerr: that just means you'll have a simple template
[2008/05/06 04:09:50] <holoway> if doesn't mean you want to do it by hand on 30+ systems
[2008/05/06 04:09:56] <holoway> so you do want it managed by puppet
[2008/05/06 04:10:07] <holoway> you just want as little magic as possible involved in the process
[2008/05/06 04:10:12] <holoway> which is not hte same thing
[2008/05/06 04:10:12] <holoway> :)
[2008/05/06 04:10:19] <muerr> even when we've got the entire data center built out, we'll have about 50 systems, and we'll have, at most, 8 systems that have special sudoers requirements :)
[2008/05/06 04:10:34] <holoway> muerr: all of which need to be in puppet
[2008/05/06 04:10:39] <muerr> sure.
[2008/05/06 04:10:39] <holoway> or you'll forget about 'em
[2008/05/06 04:10:50] <holoway> so you totally want it in puppet, man
[2008/05/06 04:10:50] <holoway> :)
[2008/05/06 04:10:57] <muerr> sudoers is managed by puppet.
[2008/05/06 04:11:00] <muerr> but the content isn't.
[2008/05/06 04:11:09] <holoway> (sure it is, you just push a file around)
[2008/05/06 04:11:14] <muerr> file { "/etc/sudoers": ...}
[2008/05/06 04:11:16] <holoway> right
[2008/05/06 04:11:25] <muerr> but its a flat file, not a template.
[2008/05/06 04:11:26] <holoway> we're having a semantic argument
[2008/05/06 04:11:27] <holoway> :)
[2008/05/06 04:11:40] <muerr> Like we haven't had dozens of those over the last 20 years :P
[2008/05/06 04:11:44] <holoway> ashp: so, another reason that tagged trick works for us
[2008/05/06 04:11:51] <holoway> is that in every case we use it
[2008/05/06 04:11:57] <holoway> it's a class assigned by our external node tool
[2008/05/06 04:12:03] @ jvanzyl_ joined channel #puppet
[2008/05/06 04:12:08] <holoway> not one that's included from another class
[2008/05/06 04:12:28] <muerr> classes including other classes is another bit of complexity we're avoiding :).
[2008/05/06 04:12:45] <ashp> this is the trouble I'm having
[2008/05/06 04:12:54] <ashp> when modules need to know about existance of other modules
[2008/05/06 04:13:05] <ashp> they might not need to do more than just know if they are included on the node, but it's not really well supported
[2008/05/06 04:13:18] <ashp> iclassify seems to make it aesy to build up that functionality
[2008/05/06 04:13:36] <ashp> failing that, we just need a sudo {} provider :)
[2008/05/06 04:13:44] <ashp> that's 'the puppet way' :)
[2008/05/06 04:14:03] <holoway> a sudo {} provider has some difficulties
[2008/05/06 04:14:09] <holoway> but would be handy
[2008/05/06 04:14:15] <ashp> Failed to parse template sudo/sudoers.erb: Could not find value for 'rhythmyx'
[2008/05/06 04:14:16] <muerr> i'm sure luke would accept that patch.
[2008/05/06 04:14:19] <ashp> ARGHHHHHHHHHHHH explodes
[2008/05/06 04:14:29] <ashp> $rhythmyx = tagged("rhythmyx")
[2008/05/06 04:14:34] <ashp> IT'S RIGHT THERE PUPPET, OPEN YOUR EYES!
[2008/05/06 04:14:45] <ashp> it's a good job i don't have access to high explosives right now
[2008/05/06 04:15:14] <muerr> s/job/thing/ ?
[2008/05/06 04:15:16] <muerr> :)
[2008/05/06 04:15:34] <ashp> that too, it might be a britishism to say 'good job'
[2008/05/06 04:16:25] <ashp> I assume in sudoers.erb I just do <% if rhythmyx %>, not $rhythmyx
[2008/05/06 04:16:38] <muerr> right, ruby variables dont' use sigils.
[2008/05/06 04:16:48] <ashp> then i wonder why on earth it can't find it
[2008/05/06 04:16:56] <ashp> well, I guess the tagged() bit fails and the variable is just empty
[2008/05/06 04:17:04] <ashp> but if you do if variable, it shouldn't fail if it's not defined
[2008/05/06 04:17:21] <ashp> surely it should just not match and move on, rather than failing outright
[2008/05/06 04:17:39] @ Quit: plathrop: "updating my firmware"
[2008/05/06 04:17:58] <muerr> When I check variables in templates, I check that they're a particular value, not whether they're defined.
[2008/05/06 04:18:11] <muerr> since anything besides nil or false in ruby is true.
[2008/05/06 04:18:38] <ashp> I'm not sure what tagged("rhythmyx") would actually put into the variable, to be honest
[2008/05/06 04:19:32] <holoway> ashp: true/false
[2008/05/06 04:19:57] <ashp> ahh ok
[2008/05/06 04:21:21] <muerr> <% if rhythmyx = true %>
[2008/05/06 04:22:16] <ashp> err: Could not retrieve catalog: Failed to parse template sudo/sudoers.erb: Could not find value for 'rhythmyx'
[2008/05/06 04:22:19] <ashp> Hmm, I'm baffled
[2008/05/06 04:22:26] <ashp> could it be because I include the subclasses in sudo
[2008/05/06 04:22:31] <ashp> before I do the variable define, perhaps?
[2008/05/06 04:22:43] <ashp> i figured it loaded the entire class before doing anything so that wouldn't matter
[2008/05/06 04:22:59] @ plathrop joined channel #puppet
[2008/05/06 04:23:19] @ Quit: plathrop: Remote closed the connection
[2008/05/06 04:23:26] @ Quit: londo__: Read error: 104 (Connection reset by peer)
[2008/05/06 04:23:32] @ plathrop joined channel #puppet
[2008/05/06 04:23:37] <ashp> Hmm that seems to have helped.
[2008/05/06 04:24:00] <ashp> I guess the include sudo::sudoers was then trying to do the variable expansion in the template before it finished reading all of class sudo{}
[2008/05/06 04:24:13] <ashp> that seems like a mistake, surely it should pull in all of the main class and all subclasses before it starts evaluating things?
[2008/05/06 04:25:03] @ londo__ joined channel #puppet
[2008/05/06 04:27:03] @ Quit: jvanzyl: Read error: 104 (Connection reset by peer)
[2008/05/06 04:29:14] <holoway> ashp: hard to say - template() is implemented as a function in puppet, so it might happen when the parser sees it
[2008/05/06 04:29:44] <ashp> It seems that is definitely what happened, it's still doing "stuff" while trying a run, so I can't tell for sure yet
[2008/05/06 04:30:03] <ashp> But it definitely didn't work until I listed the variable higher than the include that had the template in
[2008/05/06 04:30:07] <ashp> i guess i'll have to talk to lak about this one
[2008/05/06 04:30:20] <ashp> yeah, that fixed it and it included the right stuff in sudoers.erb
[2008/05/06 04:30:44] <holoway> ashp: I'm nnot sure that's a bug
[2008/05/06 04:31:01] <holoway> I mean, it certainly is a case where the declarative langauge isn't very declarative
[2008/05/06 04:31:32] <ashp> oh rats.
[2008/05/06 04:31:45] <ashp> i tested on a host that definitely doesn't include rhythmyx
[2008/05/06 04:31:52] @ Quit: jeffl: Remote closed the connection
[2008/05/06 04:31:56] <ashp> and it included them anyway
[2008/05/06 04:32:08] <ashp> so something is wrong still :)
[2008/05/06 04:43:25] <muerr> mmm... 342k is probably a bit large to push through a file{} resource eh?
[2008/05/06 04:43:55] @ felix_da_catz joined channel #puppet
[2008/05/06 04:44:38] <holoway> muerr: hey, whats a little memory between friends
[2008/05/06 04:45:16] <muerr> well, 4G on the puppetmaster :)
[2008/05/06 04:45:42] <muerr> course, the puppetmaster also runs httpd, since its the yum repo too.
[2008/05/06 04:50:33] @ Quit: Vivek: "Leaving"
[2008/05/06 04:52:25] @ Quit: lak:
[2008/05/06 05:06:48] @ Quit: londo__: Read error: 104 (Connection reset by peer)
[2008/05/06 05:17:34] @ pleemans joined channel #puppet
[2008/05/06 05:18:16] @ londo__ joined channel #puppet
[2008/05/06 05:27:06] @ benp- joined channel #puppet
[2008/05/06 05:30:09] @ lak joined channel #puppet
[2008/05/06 05:44:31] @ Quit: londo__: Read error: 104 (Connection reset by peer)
[2008/05/06 05:48:59] @ londo__ joined channel #puppet
[2008/05/06 05:50:52] <holoway> ashp: you want ==, not =
[2008/05/06 05:54:39] <muerr> yeah that was my bad.
[2008/05/06 05:56:17] <stick> holoway: so finally got mongrel working with apache
[2008/05/06 05:56:33] <holoway> stick: what was it?
[2008/05/06 05:56:46] <stick> I think the ultimate problem was that there a conflict between
[2008/05/06 05:57:01] <stick> Location / (for the balancer-manager handler)
[2008/05/06 05:57:01] <stick> and
[2008/05/06 05:57:05] <stick> ProxyPass /
[2008/05/06 05:57:24] <stick> I changed the balancer uri and it worked
[2008/05/06 05:57:32] <holoway> wow, realyl?
[2008/05/06 05:57:45] <stick> yeah
[2008/05/06 05:57:46] <holoway> I wonder if it's the extra /puppetmaster url
[2008/05/06 05:57:59] <holoway> because mine has both / and / for Location and ProxyPath
[2008/05/06 05:58:12] @ Quit: londo__: Remote closed the connection
[2008/05/06 05:59:00] <stick> hmm dunno
[2008/05/06 05:59:12] <stick> I don't know how it would differentiate tbh
[2008/05/06 05:59:20] <holoway> a really interesting issue
[2008/05/06 05:59:27] <stick> holoway: which do you have first?
[2008/05/06 05:59:44] <holoway> http://pastie.org/191836
[2008/05/06 05:59:47] @ londo__ joined channel #puppet
[2008/05/06 05:59:49] <holoway> Location
[2008/05/06 06:00:03] <holoway> but I set the balancer-manager as the handler
[2008/05/06 06:00:05] <holoway> were you?
[2008/05/06 06:02:38] <stick> yeah
[2008/05/06 06:02:39] <stick> weird
[2008/05/06 06:02:53] <stick> I couldn't get the balancer-manager to work anyway which is what lead me down that road
[2008/05/06 06:03:50] <stick> if I hit / (or even after I change the uri) in the browser I get a scheme mismatch (http over https) and over https I get a invalid cert error
[2008/05/06 06:11:54] <ashp> holoway: Even with == it still doesn't work :(
[2008/05/06 06:12:03] <ashp> if i make it == true it never evaluates to true ever
[2008/05/06 06:12:17] <ashp> so i guess the tagged() stuff breaks, but i don't know if there's an alternative syntax i can use
[2008/05/06 06:13:22] <holoway> ashp: can you send me a tarball of your repo without needing me to sign an nda or anything?
[2008/05/06 06:13:23] <ashp> i guess the code is the newfunction(:tagged in functions.rb
[2008/05/06 06:13:35] <ashp> holoway: nah of course, I'll whip one right up
[2008/05/06 06:13:41] <holoway> send it to adam@hjksolutions.com
[2008/05/06 06:13:57] <holoway> this back and forth is killing me :)
[2008/05/06 06:14:04] <ashp> me too, i'm going slowly mad
[2008/05/06 06:14:13] <ashp> you'll see all the horrors of my environment and my stumblings into puppet
[2008/05/06 06:14:19] <holoway> no worries
[2008/05/06 06:14:38] <holoway> I build infrastructure for startups, I've seen all kinds of crazy shit
[2008/05/06 06:16:51] <ashp> alright that should be there in a second
[2008/05/06 06:20:12] <holoway> ashp: try moving the $rhythmyx line into sudo:;sudoers
[2008/05/06 06:20:31] <holoway> or above the include in class sudo
[2008/05/06 06:21:07] <ashp> hmm, it should be above the include
[2008/05/06 06:21:10] <ashp> it should be right at the top
[2008/05/06 06:21:24] <ashp> class sudo { $rhythmyx = tagged("rhythmyx")
[2008/05/06 06:21:27] <ashp> it is :)
[2008/05/06 06:22:01] <holoway> yeah.. move it to the sudo::sudoers class, right above the file definition
[2008/05/06 06:22:07] <ashp> ohh, ok
[2008/05/06 06:25:45] <ashp> each run takes forever as, due to some chmod's that run
[2008/05/06 06:29:33] <stick> so those of you that do use mongrel now, are they any kind of metrics for how loaded a particular thread is?
[2008/05/06 06:29:39] <stick> ie when it's time to spin up a few more
[2008/05/06 06:29:41] <ashp> ok, moving that variable into sudo::sudoers did nothing
[2008/05/06 06:29:52] <ashp> it still didn't add the lines, so it fails to evaluate still
[2008/05/06 06:32:33] @ Quit: kenvandine: Read error: 104 (Connection reset by peer)
[2008/05/06 06:36:05] @ kenvandine joined channel #puppet
[2008/05/06 06:38:28] <muerr> ashp: sorry if it sounds snooty, but this is why we're using a single sudoers file for our environment.
[2008/05/06 06:39:34] <ashp> oh man, i can completely understand
[2008/05/06 06:39:47] @ Quit: pleemans: "Ex-Chat"
[2008/05/06 06:39:52] <ashp> but we have other similar stuff that it would benefit me to have this working withf
[2008/05/06 06:40:02] <ashp> or example, adding temporary /etc/hosts lines, but only if you are using some service
[2008/05/06 06:40:35] <stick> ashp: sounds like you need to model sudoers as a type
[2008/05/06 06:40:57] <ashp> stick: If I was smarter that's probably what I'd want to do at this point, it's very frustrating.
[2008/05/06 06:41:02] <ashp> What's odd is this functionality 'should' work.
[2008/05/06 06:41:10] <stick> I actually need to do the same thing but it's a bit of a ways off b/c we can get away with a consolidated one for now
[2008/05/06 06:41:26] <ashp> i mean the support in the code is there, so i don't know why it's failing
[2008/05/06 06:47:23] <holoway> stick: I don't have any metrics -- to my knowledge, there aren't any
[2008/05/06 06:47:53] <stick> nod
[2008/05/06 06:47:58] <holoway> most likely, you'll see cpu load hit the cieling on those 5 mongrels
[2008/05/06 06:48:09] <holoway> before you get to need many more
[2008/05/06 06:54:33] <stick> well they spike a bit each time a client comes in but never for very long
[2008/05/06 06:54:45] <stick> my problem now (with that particular server) is munin
[2008/05/06 06:55:04] <stick> it's pegging the hell out of the cpu everytime it runs and rendering the box unusable for a while while it does it's thing
[2008/05/06 06:56:35] <holoway> stick: yep
[2008/05/06 06:56:41] <holoway> stick: I have a few answers for that
[2008/05/06 06:56:47] <stick> holoway: oh?
[2008/05/06 06:57:17] <stick> do any of them involve a baseball bad with a roofing nail driven through it?
[2008/05/06 06:57:29] <holoway> one is to move your rrd's off onto a ramdisk, and have them rsync-ed every X often
[2008/05/06 06:57:58] <holoway> the other is to switch to our released-but-not-super-well-publicized fork
[2008/05/06 06:58:08] <holoway> which has a re-written poller and frontend
[2008/05/06 06:58:10] @ Quit: Zothar_Work: "ChatZilla 0.9.81 [Firefox 2.0.0.14/2008040414]"
[2008/05/06 06:58:28] <holoway> that gets around silly things like a single node pushing the cronjob past the 5 minute limit and creating gaps in every graph
[2008/05/06 06:58:51] <holoway> but the rrds -> ramdisk thing is the big win
[2008/05/06 06:59:43] <holoway> we have single munin servers doing 400+ systems, 15k+ rrds
[2008/05/06 06:59:48] <holoway> with reasonable load
[2008/05/06 07:01:11] @ Quit: jvanzyl_:
[2008/05/06 07:02:35] <stick> hmm
[2008/05/06 07:02:53] <stick> any docs on the ramdisk solution?
[2008/05/06 07:04:11] @ Quit: kenvandine: "Ex-Chat"
[2008/05/06 07:05:25] <holoway> stick: I can whip up the basics -- it's really simple
[2008/05/06 07:06:00] <stick> holoway: thanks
[2008/05/06 07:06:28] <stick> if only I could figure out a way to send a beer over IRC
[2008/05/06 07:08:58] <holoway> pastie: I've got a 10 step program I need to paste, and only you can help me
[2008/05/06 07:09:50] <holoway> pastie: I was too clever
[2008/05/06 07:10:16] @ verwilst joined channel #puppet
[2008/05/06 07:10:33] <pastie> http://pastie.org/192011 by holoway.
[2008/05/06 07:10:40] <holoway> that's the gist
[2008/05/06 07:10:55] <holoway> basically, rsync + tmpfs, a cronjob and an rc.local entry
[2008/05/06 07:13:29] <stick> holoway: the safe spot is just for backup and archive correct?
[2008/05/06 07:13:38] <holoway> exactly
[2008/05/06 07:14:25] <stick> so is the problem (with munin) io contention?
[2008/05/06 07:14:37] <holoway> yes
[2008/05/06 07:14:44] <holoway> and that contention slows the whole thing down
[2008/05/06 07:14:59] <stick> hmm, that's probably why I'm only seeing it in this one env
[2008/05/06 07:15:14] <stick> it's got more hosts but it's also a blade with a solid state drive
[2008/05/06 07:15:37] <holoway> the ramdisk thing is really a lot better
[2008/05/06 07:15:41] <holoway> and rrd is ideal, since it's fixed size
[2008/05/06 07:17:20] <stick> I've got access to a san as well
[2008/05/06 07:18:39] <holoway> once you get the ramdisk/rsync thing up, you won't look back
[2008/05/06 07:18:47] <stick> which would give me snapshotting as well
[2008/05/06 07:18:49] <stick> hmm
[2008/05/06 07:19:06] <holoway> I know some really large ganglia instances that do similar things
[2008/05/06 07:19:34] @ muerr left channel #puppet ()
[2008/05/06 07:20:32] @ Quit: randybias:
[2008/05/06 07:25:00] @ shenson is now known as shenson_not_here
[2008/05/06 07:27:54] <martha> weird. at some point my clients all stopped backing up to the filebucket on the server. but backup is still defined for File
[2008/05/06 07:32:58] @ Quit: verwilst: "Ex-Chat"
[2008/05/06 07:36:38] @ kposs joined channel #puppet
[2008/05/06 07:50:57] @ infinity3 joined channel #puppet
[2008/05/06 07:51:20] <infinity3> okay. time to learn this thing once and for all
[2008/05/06 07:53:25] <infinity3> wow. lots of incentive out there ..lol
[2008/05/06 07:57:27] <infinity3> where can i get the latest rpms for rhel5
[2008/05/06 07:57:50] <benp-> http://people.redhat.com/dlutter/yum/
[2008/05/06 07:58:26] <infinity3> excellent. thanks
[2008/05/06 07:58:49] <duritong> http://reductivelabs.com/trac/puppet/wiki/DownloadingPuppet
[2008/05/06 07:58:53] <duritong> you find all there
[2008/05/06 08:05:17] <infinity3> Hmm...i'll first start with distributing a sudo file i guess ...
[2008/05/06 08:05:32] @ fbe joined channel #puppet
[2008/05/06 08:05:42] <infinity3> i have 20 red hat servers and no puppet. :(
[2008/05/06 08:07:36] <infinity3> ahh! "Page CentralizedSudoersRecipe not found"
[2008/05/06 08:09:02] <plathrop> infinity3: There's a basic intro on my blog some people have found helpful: http://plathrop.tertiusfamily.net/blog
[2008/05/06 08:09:26] <infinity3> plathrop: tnx
[2008/05/06 08:09:29] <benp-> first thing i set up with puppet was net-snmp. since it needs a package, a service, and a config file.
[2008/05/06 08:10:04] <infinity3> benp-: we use agents here for monitoring.
[2008/05/06 08:10:22] <infinity3> benp-: well, not snmp agents that is.
[2008/05/06 08:11:38] <benp-> nice writeup plathrop
[2008/05/06 08:11:47] <plathrop> benp-: Thanks :-)
[2008/05/06 08:12:10] <benp-> have you messed around with zsh?
[2008/05/06 08:12:11] <plathrop> I've been trying to share my puppet knowledge as it grows, but I'm a bad blogger and don't write often enough :-P
[2008/05/06 08:12:20] <plathrop> benp-: Not really
[2008/05/06 08:13:26] <benp-> it comes with completion for ssh and dozens of other things, things like ifconfig, rpm. it'll even complete paths on the remote host when you're using scp. you'd like it.
[2008/05/06 08:13:56] <plathrop> benp-: That's pretty nifty
[2008/05/06 08:14:00] @ Quit: mccune: "Leaving."
[2008/05/06 08:14:01] <plathrop> I'll check it out
[2008/05/06 08:14:18] <infinity3> this looks liek a good thing for a beginner
[2008/05/06 08:14:19] <infinity3> http://reductivelabs.com/trac/puppet/wiki/Recipes/CentralizedSudoers
[2008/05/06 08:14:31] <infinity3> i found a working link
[2008/05/06 08:17:56] <benp-> infinity3: thats very simple.. i'd still recommend setting up some kind of daemon or agent that isn't mission critical but is in the category of 'nice to have but too much hassle to install everywhere'. for me that was net-snmp.. another good one is ntp. i think if you focus on setting up a package, a config file and a service as your first project with puppet, you'll get into it pretty quickly
[2008/05/06 08:20:10] <infinity3> benp-: k.
[2008/05/06 08:21:57] <benp-> imo the most important docs on the wiki are the language tutorial and the type reference.. you'll want to keep those open or printed (if you're into that) while you're working..
[2008/05/06 08:23:21] @ zobbo joined channel #puppet
[2008/05/06 08:26:49] <plathrop> Does anyone here use Puppet for code deployment?
[2008/05/06 08:31:22] <holoway> plathrop: I use it to bootstrap Capistrano
[2008/05/06 08:31:48] <holoway> capistrano is a pretty solid framework for building a custom code deployment mechanism
[2008/05/06 08:31:53] <plathrop> holoway: Then you use Capistrano for deployment?
[2008/05/06 08:32:05] <holoway> we do rails, java, php and perl apps with capistrano
[2008/05/06 08:32:07] <holoway> yep
[2008/05/06 08:32:26] <plathrop> holoway: You totally read my mind; was about to ask if you could deploy non-rails stuff
[2008/05/06 08:32:35] <holoway> everyone always does! :0
[2008/05/06 08:32:49] <holoway> yeah, it's a great wrapper for parallel ssh and rake
[2008/05/06 08:32:52] <plathrop> I guess that wasn't clear from the website
[2008/05/06 08:33:01] <holoway> no, not at all
[2008/05/06 08:33:11] <plathrop> Awesome, I'll have to dig in deeper.
[2008/05/06 08:33:23] <holoway> Capistrano is the Ad Hoc change tool to Puppets authoritatian ruler
[2008/05/06 08:33:31] <infinity3> is this bad?
[2008/05/06 08:33:32] <infinity3> Could not retrieve catalog: Certificates were not trusted: hostname was not match
[2008/05/06 08:33:33] <holoway> peanut butter to jelly, in my opinion
[2008/05/06 08:33:44] <holoway> plathrop: feel free to shout questions at me
[2008/05/06 08:33:46] <plathrop> I might bug you for hints. We're trying to use consistent tools between development and ops
[2008/05/06 08:33:50] <holoway> are you using an external nodes tool?
[2008/05/06 08:33:56] <holoway> LDAP or iClassify?
[2008/05/06 08:34:01] <plathrop> holoway: Not yet, but we definitely will be
[2008/05/06 08:34:22] <holoway> plathrop: with an external nodes tool, capistrano becomes ridiculously useful
[2008/05/06 08:34:37] <holoway> because you can run arbitrary tasks based on an always-accurate representation of your infrastructure
[2008/05/06 08:35:02] <holoway> so "cap deploy" can ask your external nodes tool what servers to deploy to, what databases they should use, all kinds of good stuff
[2008/05/06 08:35:10] <plathrop> That's awesome.
[2008/05/06 08:35:13] <holoway> it is
[2008/05/06 08:35:20] <benp-> no its not
[2008/05/06 08:35:22] <plathrop> I've only scratched the surface of capistrano it seems :-)
[2008/05/06 08:35:23] <benp-> just kidding, it is
[2008/05/06 08:35:50] <holoway> I do things like "cap -S recipe=iclassify QUERY='tag:appserver' tail_app_logs"
[2008/05/06 08:36:01] <holoway> that dynamically tails all the app log files
[2008/05/06 08:36:09] <holoway> all the time
[2008/05/06 08:39:59] <holoway> doing the same with LDAP would be trivial, fwiw
[2008/05/06 08:39:59] * plathrop is awed.
[2008/05/06 08:40:05] * plathrop can hardly wait.
[2008/05/06 08:41:45] <duritong> infinity3: see topic
[2008/05/06 08:41:54] <duritong> your setup won't work with this error
[2008/05/06 08:42:22] <plathrop> Why do templates take so darn long?
[2008/05/06 08:42:26] <holoway> plathrop: well, when you get to it, just holler, and I would be happy to show you how we do it
[2008/05/06 08:42:35] <infinity3> duritong: eh? i need to upgrade? what do you mean?
[2008/05/06 08:42:35] <plathrop> holoway: Much appreciated
[2008/05/06 08:43:04] <duritong> See
[2008/05/06 08:43:05] <duritong> http://snurl.com/1udr3 about SSL issues
[2008/05/06 08:43:10] <infinity3> ah
[2008/05/06 08:43:47] <plathrop> holoway: You are the champion of the templates, right?
[2008/05/06 08:43:48] <plathrop> :-)
[2008/05/06 08:44:22] <holoway> plathrop: I am
[2008/05/06 08:44:29] <plathrop> Any way to make it, well, faster?
[2008/05/06 08:44:41] <holoway> templates + definitions + centralized data storage == victory, imnsho :)
[2008/05/06 08:44:45] <plathrop> The first time I run puppet after adding new templates, it often times out...
[2008/05/06 08:44:51] <holoway> really?
[2008/05/06 08:44:54] <holoway> does it speed up later?
[2008/05/06 08:45:05] <holoway> how big are your templates?
[2008/05/06 08:45:10] <plathrop> Yeah, the second run and after are always quick.
[2008/05/06 08:45:17] <plathrop> hold on, let me wc -l
[2008/05/06 08:45:42] <plathrop> Longest template I just added was 159 lines
[2008/05/06 08:46:07] <plathrop> And it's only a template because I think I'll be doing templatey things later, right now it has NO ERB tags in it.
[2008/05/06 08:46:24] <plathrop> First run after adding the templates timed out at 2 minutes.
[2008/05/06 08:46:32] <plathrop> Second run: notice: Finished catalog run in 32.03 seconds
[2008/05/06 08:47:16] <holoway> wow
[2008/05/06 08:47:21] <holoway> I've never seen that behavior
[2008/05/06 08:47:24] <holoway> what version of puppet?
[2008/05/06 08:47:32] <plathrop> 0.24.4
[2008/05/06 08:47:44] <holoway> huh
[2008/05/06 08:47:50] <holoway> I have some much larger templates
[2008/05/06 08:48:01] <holoway> making external calls to web servcies
[2008/05/06 08:48:04] <holoway> and other such things
[2008/05/06 08:48:06] <holoway> that don't have that issue
[2008/05/06 08:48:28] <plathrop> Huh. Maybe my puppetmaster is wimpy...
[2008/05/06 08:48:46] <plathrop> Ah, well, I'll look at that more later.
[2008/05/06 08:48:54] <plathrop> I got a deadline to meet :-(
[2008/05/06 08:51:04] <holoway> best of luck to you :)
[2008/05/06 08:51:18] <infinity3> duritong: ahh. whew. that would have taken awhile to find!
[2008/05/06 08:51:34] @ Quit: felix_da_catz: Connection timed out
[2008/05/06 08:52:02] <infinity3> okay. looks like my sudo file works and is running on two clients. time to find another puppet use.
[2008/05/06 09:01:46] <infinity3> apcupsd needs a receipe
[2008/05/06 09:05:45] @ johnf joined channel #puppet
[2008/05/06 09:10:50] @ MrProper_ joined channel #puppet
[2008/05/06 09:14:36] <infinity3> how can i manage fiels in /etc/yum.repos.d using puppet
[2008/05/06 09:16:26] <plathrop> infinity3: You really want to read the TypeReference
[2008/05/06 09:16:37] <infinity3> ya. i see its a resource type
[2008/05/06 09:17:41] @ Quit: kposs: Read error: 110 (Connection timed out)
[2008/05/06 09:27:55] <plathrop> Compiled configuration for ash023.internal in 174.17 seconds
[2008/05/06 09:28:18] <plathrop> I'm really unhappy with that performance. I wonder what I'm doing that makes it so slow?
[2008/05/06 09:28:46] <holoway> plathrop: export/collect? store configs?
[2008/05/06 09:28:47] <plathrop> I'm serving files, but none of them are particularly large...
[2008/05/06 09:28:55] <plathrop> I have one thing in stored configs
[2008/05/06 09:29:07] <plathrop> Sorry, one thing in export/collect
[2008/05/06 09:29:07] <holoway> that might be it
[2008/05/06 09:29:23] <holoway> I have very little experience in that arena, though
[2008/05/06 09:29:36] <plathrop> holoway: Do you collect SSH keys using some other method?
[2008/05/06 09:29:38] <holoway> that does feel like a long time for compiling, though
[2008/05/06 09:29:57] <holoway> plathrop: iClassify stores them as attributes, and then I have a template that prints them in a template
[2008/05/06 09:30:14] <holoway> takes a few seconds for hundreds of nodes
[2008/05/06 09:30:39] <plathrop> holoway: So how do you get them into the datastore in the first place? Do you generate them separately?
[2008/05/06 09:31:11] <holoway> if we're talking about host keys, icagent collects all the facter facts and stores them
[2008/05/06 09:31:24] <plathrop> holoway: That's kinda hot
[2008/05/06 09:31:41] <holoway> plathrop: welcome to my heresy
[2008/05/06 09:31:43] <holoway> :)
[2008/05/06 09:32:05] <plathrop> Well, if export/collect is the reason for the slowness, you'll get a convert.
[2008/05/06 09:32:05] <holoway> we do stuff like that all the time
[2008/05/06 09:32:19] <plathrop> At least until I have time to fix the performance issue. After I learn Ruby
[2008/05/06 09:32:27] <plathrop> You know, in my copious free time
[2008/05/06 09:32:34] <holoway> hey, if you can learn puppet's syntax, you can learn ruby
[2008/05/06 09:33:02] @ dysinger joined channel #puppet
[2008/05/06 09:33:29] <plathrop> holoway: There's a far cry from basic declarative stuff to full-scale development
[2008/05/06 09:33:35] <plathrop> It was totally storeconfigs
[2008/05/06 09:33:49] <plathrop> Compiled configuration for ash023.internal in 7.99 seconds
[2008/05/06 09:34:15] @ \ask_ joined channel #puppet
[2008/05/06 09:35:36] <benp-> that does sound good
[2008/05/06 09:36:59] <plathrop> Yeah, I'm no longer using storeconfigs. It's just too slow. I'm not even in production yet.
[2008/05/06 09:37:36] <holoway> pastie: url me
[2008/05/06 09:41:37] <pastie> http://pastie.org/192092 by holoway.
[2008/05/06 09:41:57] <holoway> is a simple way to do host keys with iclassify
[2008/05/06 09:42:02] <holoway> and a template
[2008/05/06 09:43:59] <plathrop> awesome
[2008/05/06 09:44:09] <infinity3> does someone have an example of the yumrepo resource type use?
[2008/05/06 09:44:31] <infinity3> do i need to specific every single type and architecture for yum?
[2008/05/06 09:45:45] @ Quit: lak:
[2008/05/06 09:46:39] <infinity3> is there a lsit of fact variables?
[2008/05/06 09:47:55] <plathrop> infinity3: Run 'facter' on any host
[2008/05/06 09:48:04] <plathrop> infinity3: That will give you a list
[2008/05/06 09:48:36] <infinity3> wow. lots!
[2008/05/06 09:48:37] <infinity3> tnx
[2008/05/06 09:49:16] @ \ask__ joined channel #puppet
[2008/05/06 09:50:00] @ Quit: \ask: Read error: 104 (Connection reset by peer)
[2008/05/06 09:50:12] @ Quit: \ask_: Read error: 104 (Connection reset by peer)
[2008/05/06 09:50:33] @ \ask joined channel #puppet
[2008/05/06 10:16:46] <infinity3> can someone suggest whats wrong with this?
[2008/05/06 10:16:46] <infinity3> http://pastebin.com/m30dd4133
[2008/05/06 10:17:01] <infinity3> thats a snip of my site.pp file. it errors
[2008/05/06 10:20:33] @ Quit: huangmingyou: "Leaving."
[2008/05/06 10:20:42] @ huangmingyou joined channel #puppet
[2008/05/06 10:40:18] @ M- joined channel #puppet
[2008/05/06 10:46:50] <Gwayne> Good morning
[2008/05/06 10:48:52] <Gwayne> infinity3, Whats the error ?
[2008/05/06 10:57:01] @ martha left channel #puppet ()
[2008/05/06 10:58:05] @ john1 joined channel #puppet
[2008/05/06 10:58:38] @ Quit: johnf: Read error: 104 (Connection reset by peer)
[2008/05/06 11:01:55] @ lak joined channel #puppet
[2008/05/06 11:02:35] @ Quit: jeckersb: "Leaving"
[2008/05/06 11:02:47] @ Quit: plathrop: "good night"
[2008/05/06 11:04:44] @ pawalls_ joined channel #puppet
[2008/05/06 11:04:49] @ pawalls_ left channel #puppet ("Leaving")
[2008/05/06 11:38:10] @ Quit: \ask__:
[2008/05/06 11:39:33] @ kenvandine joined channel #puppet
[2008/05/06 11:42:43] @ Quit: shake-n-bake_:
[2008/05/06 11:43:59] <fastjay> when was the interface type introduced ?
[2008/05/06 11:44:22] <holoway> fastjay: I want to say in the 0.24 series
[2008/05/06 11:44:26] <holoway> but I might be wrong
[2008/05/06 11:44:44] <fastjay> 24.0 or somewhere in 24 ?
[2008/05/06 11:45:03] <holoway> I dunno - if you're running 0.24.0, you need to upgrade to 0.24.4 ASAP
[2008/05/06 11:45:10] <fastjay> i am running 24.1
[2008/05/06 11:45:17] <holoway> #1010
[2008/05/06 11:45:20] <gepetto> holoway: #1010 is http://reductivelabs.com/trac/puppet/ticket/1010 "puppet/puppetmaster randomly corrupts file{} resources, seemingly after leaking RAM for some time"
[2008/05/06 11:45:28] <holoway> is the big reason to upgrade to 0.24.4
[2008/05/06 11:45:28] <fastjay> oh yeah we have seen that :)
[2008/05/06 11:46:01] <fastjay> just have not had time to upgrade yet
[2008/05/06 11:46:10] <fastjay> well one way to find out if interface is supported :)
[2008/05/06 11:55:12] <fastjay> its there but doesnt like something about the 'network=' method
[2008/05/06 12:08:04] @ randybias joined channel #puppet
[2008/05/06 12:08:50] @ Quit: gh: "Leaving."
[2008/05/06 12:09:39] @ kposs joined channel #puppet
[2008/05/06 12:20:47] @ Quit: \ask:
[2008/05/06 12:39:46] <gepetto> ::puppet:: Managed ByPuppet edited by luke @ http://reductivelabs.com/trac/puppet/wiki/ManagedByPuppet (by luke@madstop.com)
[2008/05/06 12:46:36] @ \ask joined channel #puppet
[2008/05/06 13:21:19] @ felix_da_catz joined channel #puppet
[2008/05/06 13:27:34] @ a-priori joined channel #puppet
[2008/05/06 13:45:05] @ Quit: a-priori__: Read error: 110 (Connection timed out)
[2008/05/06 14:04:11] @ Quit: felix_da_catz: Read error: 110 (Connection timed out)
[2008/05/06 14:11:01] <gepetto> ::puppet:: Ticket #1212 (defect closed): Adding only valid values for dump param in mount type @ http://reductivelabs.com/trac/puppet/ticket/1212#comment:2 (by luke@madstop.com)
[2008/05/06 14:11:58] @ rizwank joined channel #puppet
[2008/05/06 14:13:43] <rizwank> Hey there. I'm trying to setup my first puppet master using the 'best practices document'. I've made a class that sets my yum repositories correctly used cft to make it, but when I place it into modules/yum/centos.pp, puppet can't find the classes. Do I have to manually include them, or do I need a modules/yum/manifests/init.pp ?
[2008/05/06 14:18:18] @ Quit: rizwank:
[2008/05/06 14:42:36] @ Quit: M-: Read error: 104 (Connection reset by peer)
[2008/05/06 14:54:13] <jamesturnbull> fastjay: might be in the wiki:UPGRADE document when the type was introduced
[2008/05/06 14:54:20] <gepetto> jamesturnbull: fastjay: wiki:UPGRADE is http://reductivelabs.com/trac/puppet/wiki/UPGRADE
[2008/05/06 15:22:09] @ Quit: lak:
[2008/05/06 15:22:56] @ M- joined channel #puppet
[2008/05/06 15:26:18] @ Quit: dysinger:
[2008/05/06 15:31:34] @ Demosthenex joined channel #puppet
[2008/05/06 15:33:46] @ Quit: Demosthenes: Read error: 110 (Connection timed out)
[2008/05/06 15:42:05] @ Quit: a-priori: Remote closed the connection
[2008/05/06 15:42:44] @ a-priori joined channel #puppet
[2008/05/06 15:46:00] @ dysinger joined channel #puppet
[2008/05/06 15:51:22] <MrProper_> when did the user resource stop allowing password management from the useradd provider?
[2008/05/06 15:56:03] <MrProper_> "err: Could not create root: Class user does not accept argument(s) password in file"
[2008/05/06 15:59:55] <MrProper_> http://reductivelabs.com/trac/puppet/wiki/TypeReference#id199 says that useradd doesnt support manage_password
[2008/05/06 16:00:44] <daork> somewhere around 0.21 or so I think
[2008/05/06 16:05:02] <MrProper_> why?
[2008/05/06 16:05:28] <daork> don't ask me, I just remember noticing it
[2008/05/06 16:06:14] <daork> maybe some systems' useradd don't support -p
[2008/05/06 16:07:47] @ Quit: andyhold: Read error: 104 (Connection reset by peer)
[2008/05/06 16:08:19] @ Quit: kposs:
[2008/05/06 16:10:02] @ _newbie_ joined channel #puppet
[2008/05/06 16:13:15] @ jvanzyl joined channel #puppet
[2008/05/06 16:45:45] @ Quit: fbe: Read error: 110 (Connection timed out)
[2008/05/06 16:46:27] @ jvanzyl_ joined channel #puppet
[2008/05/06 16:47:15] @ Quit: jvanzyl_: Client Quit
[2008/05/06 16:57:17] @ Quit: jvanzyl: Read error: 113 (No route to host)
[2008/05/06 17:03:26] @ _newbie_ is now known as f--z
[2008/05/06 17:14:27] @ Quit: yure: Remote closed the connection
[2008/05/06 17:18:15] @ sparanjape joined channel #puppet
[2008/05/06 17:27:29] @ roald joined channel #puppet
[2008/05/06 17:29:29] @ Quit: roald: Client Quit
[2008/05/06 17:32:59] @ roald joined channel #puppet
[2008/05/06 17:40:34] @ tim\|macbook joined channel #puppet
[2008/05/06 17:40:43] @ Quit: tim\|macbook: Client Quit
[2008/05/06 17:47:20] @ Quit: M-: "Leaving"
[2008/05/06 17:48:34] @ Quit: bartc: "leaving"
[2008/05/06 17:57:34] @ Quit: john1: Read error: 110 (Connection timed out)
[2008/05/06 17:57:55] @ bartc joined channel #puppet
[2008/05/06 17:58:57] @ fbe joined channel #puppet
[2008/05/06 17:59:36] <jamesturnbull> MrProper_: user does support passwords
[2008/05/06 17:59:49] <jamesturnbull> MrProper_: you need the ruby-shadow library for it
[2008/05/06 18:00:07] <daork> jamesturnbull: does the useradd provider support passwords?
[2008/05/06 18:00:18] <jamesturnbull> daork: yes
[2008/05/06 18:00:28] <daork> why does it need ruby-shadow, I want to just stick the output from crypt(3) in there, and have it passed to useradd -p
[2008/05/06 18:01:21] <jamesturnbull> daork: it uses ruby-shadow to manipulate the internals
[2008/05/06 18:01:47] <daork> oh, to manipulate shadow(5) you mean?
[2008/05/06 18:01:52] <jamesturnbull> daork: daork yep
[2008/05/06 18:02:00] @ tim\|macbook joined channel #puppet
[2008/05/06 18:07:18] <jamesturnbull> daork: best way to get a handle on the useradd provider is look at the code - but the doco is misleading because the box luke builds the doco on doesn't have ruby-shadow installed and hence outputs saying it is supported
[2008/05/06 18:08:12] <jamesturnbull> s/it is/it is not/
[2008/05/06 18:18:40] @ Innocenti joined channel #puppet
[2008/05/06 18:21:22] @ DerekW joined channel #puppet
[2008/05/06 18:38:55] @ thom joined channel #puppet
[2008/05/06 18:54:49] @ pleemans joined channel #puppet
[2008/05/06 18:58:32] @ johnf joined channel #puppet
[2008/05/06 19:08:25] @ CB2045 joined channel #puppet
[2008/05/06 19:10:03] @ Quit: \ask:
[2008/05/06 19:10:11] <CB2045> When I try to run puppetd --listen on a Solaris 10 machine it will not start, it produces the error /opt/csw/bin/puppetd:158:in 'require': no such file to load --puppet
[2008/05/06 19:15:47] @ ^florian joined channel #puppet
[2008/05/06 19:15:51] @ Quit: roald: Remote closed the connection
[2008/05/06 19:16:16] @ Quit: ^florian: Client Quit
[2008/05/06 19:16:45] @ ^florian joined channel #puppet
[2008/05/06 19:17:41] @ ^florian left channel #puppet ()
[2008/05/06 19:19:07] <CB2045> anyone able to help?
[2008/05/06 19:19:38] @ Quit: daork:
[2008/05/06 19:40:53] @ _lunix_ joined channel #puppet
[2008/05/06 19:47:21] @ Quit: fdz: Remote closed the connection
[2008/05/06 19:48:41] @ fdz joined channel #puppet
[2008/05/06 19:48:44] * duritong announces serchilo support for puppet-page: http://wiki.serchilo.net/Puppet_Reductive_Labs :)
[2008/05/06 19:52:09] @ Quit: CB2045: "http://www.mibbit.com ajax IRC Client"
[2008/05/06 19:52:24] @ glaw joined channel #puppet
[2008/05/06 19:54:25] @ roald joined channel #puppet
[2008/05/06 20:11:58] @ tim\|mb joined channel #puppet
[2008/05/06 20:23:49] @ Quit: tim\|macbook: Read error: 110 (Connection timed out)
[2008/05/06 20:30:05] @ kolla joined channel #puppet
[2008/05/06 20:55:03] @ Quit: johnf: Read error: 113 (No route to host)
[2008/05/06 21:10:55] @ Quit: dysinger:
[2008/05/06 21:14:32] <gepetto> ::puppet:: kill_node_in_storedconfigs_db.rb.txt attached to UsingStoredConfiguration @ http://reductivelabs.com/trac/puppet/attachment/wiki/UsingStoredConfiguration/kill_node_in_storedconfigs_db.rb.txt (by james@lovedthanlost.net)
[2008/05/06 21:21:48] <gepetto> ::puppet:: kill_node_in_storedconfigs_db.rb attached to UsingStoredConfiguration @ http://reductivelabs.com/trac/puppet/attachment/wiki/UsingStoredConfiguration/kill_node_in_storedconfigs_db.rb (by james@lovedthanlost.net)
[2008/05/06 21:21:48] <gepetto> ::puppet:: Using Stored Configuration edited by jamtur01 @ http://reductivelabs.com/trac/puppet/wiki/UsingStoredConfiguration (by james@lovedthanlost.net)
[2008/05/06 21:22:57] @ Quit: pleemans: Read error: 104 (Connection reset by peer)
[2008/05/06 21:23:36] @ pleemans joined channel #puppet
[2008/05/06 21:24:53] @ Quit: sparanjape: "Leaving"
[2008/05/06 21:31:26] @ Quit: kenvandine: "Ex-Chat"
[2008/05/06 21:36:04] @ johnf joined channel #puppet
[2008/05/06 21:36:25] @ Quit: johnf: Client Quit
[2008/05/06 21:45:23] @ Quit: Gwayne: Read error: 60 (Operation timed out)
[2008/05/06 22:01:53] @ Gwayne joined channel #puppet
[2008/05/06 22:12:29] @ Zothar_Work joined channel #puppet
[2008/05/06 22:15:39] @ Quit: Gwayne: Remote closed the connection
[2008/05/06 22:16:14] @ CB2045 joined channel #puppet
[2008/05/06 22:16:28] <CB2045> anyone able to help with a solaris issue?
[2008/05/06 22:18:28] @ Quit: CB2045: Client Quit
[2008/05/06 22:20:25] @ CB2045 joined channel #puppet
[2008/05/06 22:20:40] @ CB2045 left channel #puppet ()
[2008/05/06 22:22:00] * Arri wonders why puppetmaster on debian now defaults to listen on port 18140
[2008/05/06 22:22:32] @ Arri is now known as Volcane
[2008/05/06 22:27:05] <fujin> lol
[2008/05/06 22:27:12] <fujin> check your /etc/default/puppetmaster
[2008/05/06 22:27:22] <fujin> the init script was updated to work with mongrel by hacim
[2008/05/06 22:27:28] <fujin> I had some issues with it so went back to my handmade one
[2008/05/06 22:28:19] <Volcane> yeah but why on earth default to:
[2008/05/06 22:28:19] <Volcane> SERVERTYPE=webrick
[2008/05/06 22:28:24] <Volcane> PORT=8140
[2008/05/06 22:28:26] <Volcane> just seems broken
[2008/05/06 22:28:45] <Volcane> as in, why ship iwth a broken by default setting
[2008/05/06 22:29:57] <fujin> eh?
[2008/05/06 22:30:01] <fujin> that's not broken, that's normal
[2008/05/06 22:30:09] <fujin> webrick/8140 are the defaults
[2008/05/06 22:31:47] <Volcane> sorry
[2008/05/06 22:31:55] <Volcane> i mean PORT=18140
[2008/05/06 22:31:59] <Volcane> i pasted my already fixed one
[2008/05/06 22:32:09] <Volcane> by default its webrick/18140
[2008/05/06 22:34:10] <Zothar_Work> maybe the Debian package changelog gives a hint
[2008/05/06 22:34:16] <Volcane> its not like i am surprised, its SUCH a typical situation with debian, one day something works, then you install a new box and old configs dont do the same thing anymore and lal you can see is a small point release upgrade in the package
[2008/05/06 22:34:32] <Volcane> no concept of backward compatibity or behaving in any way in a way that enterprise level software should
[2008/05/06 22:40:27] @ johnf joined channel #puppet
[2008/05/06 22:42:03] <Zothar_Work> funny how I tend to think of it in the opposite way in general; I think it depends on the package though; some packages don't seem to be fully thought out during the packaging process
[2008/05/06 22:42:53] <Volcane> Zothar_Work: I've come across so many similar broken things in debian in the last 5 months its shocking
[2008/05/06 22:43:15] <Volcane> Zothar_Work: its REALLY bad on machines upgraded from 3 to 4
[2008/05/06 22:43:32] <Zothar_Work> OTOH, I have to use Red hat at work, so it's been a very long while since I've had to freshly install a Debian box
[2008/05/06 22:43:55] <Volcane> really does just demonstrate to me at least that as a distro and as a group of comitters, they dont have the right mindset for use in enterprises where 100s of identical and predictable machines are terribly important
[2008/05/06 22:44:25] <Volcane> Zothar_Work: yeah, i too am a redhat person, but am on a contract now where i have the missfortune of dealing with 30 odd debian machines,
[2008/05/06 22:44:38] <Volcane> i did a little test the other day
[2008/05/06 22:44:50] <Volcane> grabbed my RedHat 6 book off the shelve (pre enterprise 6)
[2008/05/06 22:45:04] <Volcane> and opened it randomly and tried to see if knowledge from those days would still be relevant
[2008/05/06 22:45:24] <Volcane> and it is, redhats so consistant and manage improvements so carefully and incrementally, always having the goal of consistancy
[2008/05/06 22:46:08] <Zothar_Work> I didn't say I was a Red Hat person, simply that I had to use it at work; there are some things about Red Hat's general paradigm that really bug me, but at least I've learned how to work manage them as best I can
[2008/05/06 22:46:12] <Volcane> so the tons of inconsistancies in debian and unpredictable outcomes in doing the same thing over and over is really off putting
[2008/05/06 22:47:42] <Volcane> ah for sure there are some weird stuff in redhat, stuff thats specifically redhat like and all
[2008/05/06 22:47:54] <Zothar_Work> I started my Linux life on Slackware because it was the first distro I got to install successfully back in 93-94. I didn't switch distros until I tried Debian because Debian just worked the way I wanted to; that was after having tried several mainstream RPM-based distros in the late 90s
[2008/05/06 22:48:19] <Volcane> ah, i went from slackware to RH when the first RH beta came out
[2008/05/06 22:48:23] <Volcane> SLS before slackware
[2008/05/06 22:50:01] <Zothar_Work> on of my "minor" beefs with RH is the need to re-install the system to upgrade; that was the same problem I had with Slackware; because of that my Slackware boxes would get out of date because it was such a pain to keep them updated; Debian didn't have that problem for me, I just had to be a little careful with upgrades between distro versions because of changes that aren't always handled...
[2008/05/06 22:50:03] <Zothar_Work> ...automatically, especially in some of the less widely used packages
[2008/05/06 22:51:13] <Volcane> Zothar_Work: thats improved a bit recently but yeah thats a concern still. thogh having seen the general chaos with debian 3 to 4 machines and the great amout of inconsistancies it causes, I think I'll reinstall debian machines rather than upgrade
[2008/05/06 22:51:39] <Volcane> Zothar_Work: debians very fragile, conceptually, i want if i apt-get install sendmail on 10 machines, the result should ALWAYS be the same
[2008/05/06 22:51:57] <Volcane> Zothar_Work: not so, debian does all these debianesque automations, like use dns to find hostname etc, at install time
[2008/05/06 22:52:29] <Volcane> Zothar_Work: rendering the whole consistancy of your builds vulnerable to a network timeout for example, and worse is they dont parse the results, so i had sendmail machines with dig error messages as their hostname etc
[2008/05/06 22:53:06] <Volcane> that for anyone who relies on large number of machines being rolled out automatically should jsut be a red flag
[2008/05/06 23:01:37] <ashp> holoway: When you turn up, see anything helpful in my configuration? :)
[2008/05/06 23:02:05] <fujin> Volcane: talk to hacim if you want a change
[2008/05/06 23:02:06] <fujin> or thom
[2008/05/06 23:06:56] <Zothar_Work> I think i remember seeing those problems at times; definitely before my days with Puppet; my roll out of Puppet on my handful of personal Debian machines isn't very advanced; I guess I'd probably put a minimal install on the box to run Puppet, get the hostname and such screw ups sorted out and then do the real install; in any case, we're probably at least partially off topic; hopefully in a...
[2008/05/06 23:06:58] <Zothar_Work> ...few years time, all of the distros will be better :)
[2008/05/06 23:07:19] <Demosthenex> Volcane: can't you override that with debconf entries?
[2008/05/06 23:07:22] @ shenson_not_here is now known as shenson
[2008/05/06 23:07:42] @ kenvandine joined channel #puppet
[2008/05/06 23:08:15] @ felix_da_catz joined channel #puppet
[2008/05/06 23:14:25] <Volcane> Demosthenex: sure i can, but you shouldnt NEED to fix your distro's sloppyness using another tool :)
[2008/05/06 23:16:58] <Demosthenex> Volcane: the only problems i've had installing debian items comes from the default assumption that a user will interact with apt during the install... and if you supplant that with debconf items then the installs are reproduceable.
[2008/05/06 23:17:49] <Volcane> Demosthenex: nods, debian is very much advanced end user orientated in my eye, I think its a solid server for guy at home, or small guy with 5 mahcines all doing different stuff, massive time saver there
[2008/05/06 23:18:06] <thom> Volcane: so pre-seed the answers; most all of your complaints should be trivially fixed
[2008/05/06 23:18:36] <thom> and we run hundreds of ubuntu/debian servers consistently
[2008/05/06 23:18:56] <Demosthenex> i think thats the issue, your dns example is allowing apt to think ahead and prompt a user, if you preseed thats not an issue
[2008/05/06 23:19:15] <Volcane> no, the deb conf scripts are a pile of s..
[2008/05/06 23:19:33] <Demosthenex> can you control package defaults for rpm?
[2008/05/06 23:19:37] <Volcane> the whole way that debian takes something like exim/apache/whatever
[2008/05/06 23:19:50] <Volcane> and turn it into something so bastardised that its own parent wouldnt recognise it
[2008/05/06 23:19:54] <Volcane> is broken by design
[2008/05/06 23:20:10] <Demosthenex> thom: have you looked at ubuntu's LTS?
[2008/05/06 23:21:03] <Volcane> Demosthenex: rpms have defaults, ala /etc/default on debian, and you are supposed to edit those after install as per debian, they dont every interact with the user at rpm install time which is much more acceptible for large deployments
[2008/05/06 23:21:45] <Demosthenex> Volcane: i agree user interaction can cause problems, but that it can be disabled.
[2008/05/06 23:22:01] <Volcane> but unlike, lets say the snmp deb, rpms dont tend to overwrite your changes that you make to /etc/default/*
[2008/05/06 23:22:16] <Volcane> which is just a very big wtf in my book
[2008/05/06 23:24:57] @ jeckersb joined channel #puppet
[2008/05/06 23:29:12] <thom> Volcane: debian packages won't overwrite changes to things in /etc . they'll ask
[2008/05/06 23:29:28] <thom> Demosthenex: hardy? running it for some things
[2008/05/06 23:29:39] @ Quit: wrobel: Read error: 104 (Connection reset by peer)
[2008/05/06 23:30:20] <Volcane> thom: thats wha tyou'd thing
[2008/05/06 23:30:22] <Volcane> think
[2008/05/06 23:30:29] <Volcane> but, fact remains, snmp package does
[2008/05/06 23:30:52] <Volcane> set it in /etc/default to listen on $publicip, apt-get update etc
[2008/05/06 23:31:04] <Volcane> it messes with the file in default and sets it to listen on 127.0.0.1
[2008/05/06 23:31:05] <Volcane> retarded
[2008/05/06 23:31:29] <thom> it's never done that for me
[2008/05/06 23:31:37] <thom> and, like i say, 200 or so deployments
[2008/05/06 23:34:00] @ Quit: johnf: "Leaving."
[2008/05/06 23:34:36] @ CB2045 joined channel #puppet
[2008/05/06 23:34:43] @ a-priori_ joined channel #puppet
[2008/05/06 23:34:52] <CB2045> anyone around to help on a solaris issue?
[2008/05/06 23:38:10] @ martha joined channel #puppet
[2008/05/06 23:40:35] <Demosthenex> thom: i've tended to use debian stable (etch currently), and i just couldn't see a difference.
[2008/05/06 23:46:11] @ wrobel joined channel #puppet
[2008/05/06 23:46:23] * Volcane thinks a lot of the hassles he has with debian is down to using boxen that was once 3 and dist upgraded to 4
[2008/05/06 23:48:27] <thom> Demosthenex: having a stable release cycle is quite nice, likewise a full time security team
[2008/05/06 23:52:10] @ Quit: a-priori: Read error: 110 (Connection timed out)
[2008/05/06 23:52:46] @ lak joined channel #puppet
[2008/05/06 23:53:12] @ Quit: a-priori_: Read error: 104 (Connection reset by peer)
[2008/05/06 23:53:46] @ a-priori joined channel #puppet
[2008/05/06 23:54:36] @ Quit: a-priori: Client Quit
[2008/05/06 23:55:10] <CB2045> can anyone give me a hand getting puppet running on a solaris machine pls?
[2008/05/06 23:55:54] @ greenmoss joined channel #puppet
[2008/05/06 23:56:32] @ a-priori joined channel #puppet

Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!