Tuesday, 2008-05-20

« Monday, 2008-05-19 Index Wednesday, 2008-05-21 »
[2008/05/20 00:02:56] <thegcat> well, it would really be nice if I could define my hosts only once in puppet, and be able to use the list in my templates, instead of having to update every config file or template each time we have a new machine in the net
[2008/05/20 00:08:04] <Volcane> yeah would be nice
[2008/05/20 00:09:02] <chesty> you could use m4 (not that i would know how, but that's how someone i know manages cfengine)
[2008/05/20 00:09:06] @ markl__ joined channel #puppet
[2008/05/20 00:15:38] @ Quit: Innocenti: Client Quit
[2008/05/20 00:17:20] @ flakrat joined channel #puppet
[2008/05/20 00:30:31] @ Quit: kenvandine: "Ex-Chat"
[2008/05/20 00:34:53] <f3ew> chesty, ick
[2008/05/20 00:35:34] <f3ew> thegcat, perhaps you need a node with all the common bits defined, and then inheritance?
[2008/05/20 00:38:23] @ lak joined channel #puppet
[2008/05/20 00:40:13] <thegcat> f3ew: even with inheritance, how could I recurse over all the hosts
[2008/05/20 00:41:21] <f3ew> thegcat, you define your hosts only in site.pp?
[2008/05/20 00:41:38] <thegcat> in hosts.pp, but yes
[2008/05/20 00:43:18] @ Quit: aiurea: "Leaving"
[2008/05/20 00:46:39] @ Quit: f--z: "KVIrc 3.2.5 Anomalies http://www.kvirc.net/"
[2008/05/20 00:47:33] @ martha joined channel #puppet
[2008/05/20 00:52:01] @ brscott joined channel #puppet
[2008/05/20 00:52:30] @ brscott left channel #puppet ()
[2008/05/20 00:58:02] @ freiheit joined channel #puppet
[2008/05/20 00:58:38] <thegcat> can I test if a certain module/class is included for the current host in another module/class
[2008/05/20 00:59:10] @ Quit: lak:
[2008/05/20 01:02:56] @ lak joined channel #puppet
[2008/05/20 01:03:57] <thegcat> brb
[2008/05/20 01:04:00] @ Quit: thegcat:
[2008/05/20 01:06:42] @ Quit: tim|macbook: "This computer has gone to sleep"
[2008/05/20 01:18:15] @ shake-n-bake joined channel #puppet
[2008/05/20 01:19:53] @ shake-n-bake_ joined channel #puppet
[2008/05/20 01:24:05] @ Quit: lak:
[2008/05/20 01:27:08] @ a-priori_ joined channel #puppet
[2008/05/20 01:28:30] @ Quit: strerror_work:
[2008/05/20 01:28:33] @ Zothar_Work joined channel #puppet
[2008/05/20 01:36:15] @ kenvandine joined channel #puppet
[2008/05/20 01:36:41] @ Quit: shake-n-bake: Read error: 110 (Connection timed out)
[2008/05/20 01:48:40] <jbooth> re: using mongrel, the "puppetca --generate <domain>" shouldn't that be FQDN?
[2008/05/20 01:50:34] <kombucha> what is mongrel?
[2008/05/20 01:51:37] <lassizci> don't know about mongrel but if you are generating a certificate for a machine, it should be fqdn in almost every case
[2008/05/20 01:52:22] @ Quit: kombucha: "leaving"
[2008/05/20 01:58:23] <jbooth> wiki: UsingMongrel
[2008/05/20 01:58:35] <jbooth> Bah, musta got syntax wrong
[2008/05/20 01:58:44] <plathrop> wiki:UsingMongrel
[2008/05/20 01:58:46] <gepetto> plathrop: wiki: wiki:UsingMongrel is http://reductivelabs.com/trac/puppet/wiki/UsingMongrel
[2008/05/20 01:58:50] <plathrop> jbooth: No space
[2008/05/20 01:59:20] <jbooth> plathrop: ah thanks :)
[2008/05/20 01:59:33] <plathrop> jbooth: np
[2008/05/20 02:08:11] @ Wakko666 joined channel #puppet
[2008/05/20 02:19:56] @ Quit: plathrop: Read error: 110 (Connection timed out)
[2008/05/20 02:25:23] @ _newbie_ joined channel #puppet
[2008/05/20 02:26:38] @ ezralini joined channel #puppet
[2008/05/20 02:26:55] @ Quit: roald: Remote closed the connection
[2008/05/20 02:27:55] @ Quit: ezralini: Remote closed the connection
[2008/05/20 02:28:12] @ ezralini joined channel #puppet
[2008/05/20 02:29:47] @ _newbie_ is now known as f--z
[2008/05/20 02:44:43] @ pleemans joined channel #puppet
[2008/05/20 02:44:55] <sigmonsays> is /var/lib/puppet/bucket the backup file bucket?
[2008/05/20 02:50:35] @ plathrop joined channel #puppet
[2008/05/20 02:53:00] @ rickbradley joined channel #puppet
[2008/05/20 02:58:37] <Zothar_Work> /var/lib/puppet/clientbucket on my version (client side only filebucket, nothing to server)
[2008/05/20 03:00:30] <sigmonsays> I have File { backup : main } and puppetd claims it made a backup
[2008/05/20 03:00:36] <sigmonsays> but I dunno where it went ;-)
[2008/05/20 03:02:28] <sigmonsays> So.. question here
[2008/05/20 03:02:45] <sigmonsays> I have a list of files (pretty big list) that I want in sync
[2008/05/20 03:03:07] <sigmonsays> I was hoping to "repeat" the same file block for all the files.. but I need a variable source per files
[2008/05/20 03:03:42] <sigmonsays> IE: $files [ "file1", "file2" ] ; file { $files : source => "puppet://$server/$filename" } --- $filename needs to be file1, file2, etc
[2008/05/20 03:04:18] <sigmonsays> I think that's what a define would be used for..
[2008/05/20 03:11:37] <Volcane> are tehy all in one subdir or all over the place?
[2008/05/20 03:11:44] <sigmonsays> all in one subdir
[2008/05/20 03:11:55] <Volcane> see the recurse option to the file type
[2008/05/20 03:11:57] <sigmonsays> I can't get my define to repeat..
[2008/05/20 03:12:06] <sigmonsays> well I don't trust recurse
[2008/05/20 03:12:11] <sigmonsays> I want to be a bit more verbose
[2008/05/20 03:12:19] <Volcane> heh, well then you'll have o script something
[2008/05/20 03:12:57] <sigmonsays> ["file1", "file2"].each |$k| { phpd_config($k) } ?
[2008/05/20 03:13:05] <sigmonsays> I don't know ruby very well..
[2008/05/20 03:13:14] <Volcane> if u just want a array like u suggest above then
[2008/05/20 03:13:24] <Volcane> $file = ["this", "that", "theother"]
[2008/05/20 03:13:37] <Volcane> then you can use $file in your in your type
[2008/05/20 03:13:44] <Volcane> though not sure that'll work too hot with the source param
[2008/05/20 03:14:01] <Volcane> yeah that wont work
[2008/05/20 03:14:04] <sigmonsays> yah. that's why I got it in a define
[2008/05/20 03:14:20] <Volcane> nods, shrug
[2008/05/20 03:14:27] <sigmonsays> http://rafb.net/p/C9ygFj68.html
[2008/05/20 03:14:31] <sigmonsays> I just can't repeat the define
[2008/05/20 03:15:32] @ golak joined channel #puppet
[2008/05/20 03:15:36] <sigmonsays> so I need to loop
[2008/05/20 03:16:05] <Volcane> nods, sux, do wish often puppet has loops and such
[2008/05/20 03:17:27] <Volcane> and thigns like multi dimensional arrays and ways to walk those etc
[2008/05/20 03:17:49] <sigmonsays> I *think* I found a solution..
[2008/05/20 03:18:00] @ Quit: sparanjape: "Easy as 3.14159265358979323846..."
[2008/05/20 03:18:01] <Volcane> yeah?
[2008/05/20 03:18:09] <sigmonsays> http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial#arrays, php:pear()
[2008/05/20 03:18:24] <sigmonsays> kind of an odd syntax
[2008/05/20 03:18:42] <Volcane> ah
[2008/05/20 03:19:11] <Volcane> thought using $name might be worth trying but didnt think it'd work
[2008/05/20 03:19:14] <duritong_> read the philosphical discussion recently ;)
[2008/05/20 03:19:20] @ duritong_ is now known as duritong
[2008/05/20 03:19:37] @ Quit: f--z: Read error: 104 (Connection reset by peer)
[2008/05/20 03:19:40] @ _newbie_ joined channel #puppet
[2008/05/20 03:20:22] <Volcane> duritong: got bored of it :)
[2008/05/20 03:21:13] <sigmonsays> so, in this example: http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial#arrays, how would parameters after the colon pn the php:pear() line work?
[2008/05/20 03:21:38] <sigmonsays> php::pear { ["ldap", "mysql", "ps", "snmp", "sqlite", "tidy", "xmlrpc"]: what_do_i_do? }
[2008/05/20 03:22:30] <Volcane> file {"/etc/blah/$name": source => "puppet://$server/files/etc/blah/$name"}
[2008/05/20 03:23:23] <Volcane> then you should be able to call your define with an array
[2008/05/20 03:23:36] <sigmonsays> yeah. I got it working
[2008/05/20 03:23:47] <sigmonsays> i'm just trying to figure out the ILLogic
[2008/05/20 03:24:10] <Volcane> $name is a special variable, that points to the resource name
[2008/05/20 03:24:17] <sigmonsays> php:pear { ["item1", "item2" ] : $what_do_i_do }
[2008/05/20 03:24:31] <Volcane> so if you pass an array of file names to the file type, it will make individual file instances for each array member
[2008/05/20 03:24:36] <Volcane> and each one would have a unique $name
[2008/05/20 03:24:44] <sigmonsays> yes. I agree
[2008/05/20 03:24:50] <Volcane> so thats the logic
[2008/05/20 03:24:52] <sigmonsays> but when you call the define, it uses a silly syntax
[2008/05/20 03:25:09] <sigmonsays> my_define { $some_list : $foobar }
[2008/05/20 03:25:12] <sigmonsays> what does $foobar do?
[2008/05/20 03:25:32] <sigmonsays> note how $foobar is missing in the example
[2008/05/20 03:25:37] @ kombucha joined channel #puppet
[2008/05/20 03:26:07] <sigmonsays> I can't use something I don't fully understand
[2008/05/20 03:26:07] <sigmonsays> heh
[2008/05/20 03:26:12] <kombucha> my puppet client is on debian, i keep getting: Could not describe /files/blah: Could not connect to localhost on port 8140
[2008/05/20 03:26:30] <kombucha> i have no idea why it is looking for the files on localhost, i have defined a puppetmaster successfully
[2008/05/20 03:26:35] <sigmonsays> unless your client is your puppetmaster
[2008/05/20 03:26:43] <sigmonsays> "localhost" is wrong
[2008/05/20 03:26:44] <Volcane> sigmonsays: if you dont specify foobar like in the example there are either no paramters to pass or they all stay to whatever the default is
[2008/05/20 03:26:53] <sigmonsays> Volcane, ahh
[2008/05/20 03:26:57] <sigmonsays> Volcane, so I could override
[2008/05/20 03:27:01] <Volcane> yes
[2008/05/20 03:27:52] <kombucha> sigmonsays: my client is not my puppetmaster. what is weird is it successfully implemnts a testclass ( just 'touch /tmp/foo') but it looks for stuff in files on localhost, i dunno why
[2008/05/20 03:29:29] <Volcane> kambiz: show your file{} section from the manifest
[2008/05/20 03:30:32] <kambiz> Volcane: no!
[2008/05/20 03:30:49] <kambiz> :)
[2008/05/20 03:30:52] <Volcane> i mean kombucha sorry :)
[2008/05/20 03:31:21] <Volcane> tab completion combined with tiny font mistake :)
[2008/05/20 03:33:06] <nDuff> Does puppet create a pidfile if no location is specified in the configuration file or on the command line?
[2008/05/20 03:33:54] <kombucha> Volcane: http://pastebin.com/m2f8ad73a
[2008/05/20 03:35:24] @ londo__ joined channel #puppet
[2008/05/20 03:35:37] <Volcane> kombucha: try puppet://puppet/files/.ssh/.....
[2008/05/20 03:36:40] @ Quit: londo_: No route to host
[2008/05/20 03:37:15] @ londo__ is now known as londo_
[2008/05/20 03:39:10] <kombucha> Volcane: same erorr. "Could not connect to localhost on port 8140
[2008/05/20 03:44:32] @ Quit: Zothar_Work: Remote closed the connection
[2008/05/20 03:45:44] <sigmonsays> Volcane, how are you starting puppetd ?
[2008/05/20 03:45:46] @ shadoi joined channel #puppet
[2008/05/20 03:45:58] <sigmonsays> s/Volcane/kombucha/
[2008/05/20 03:46:30] @ Quit: plathrop: "ERC Version 5.2 (IRC client for Emacs)"
[2008/05/20 03:46:39] <sigmonsays> kombucha, using /etc/init.d/puppet reads puppetd params from /etc/sysconfig/puppet -- which specifies a server
[2008/05/20 03:46:44] <sigmonsays> (distro specific)
[2008/05/20 03:46:47] @ plathrop joined channel #puppet
[2008/05/20 03:55:19] @ roald joined channel #puppet
[2008/05/20 04:01:11] @ Quit: londo_: Remote closed the connection
[2008/05/20 04:01:11] <gepetto> ::puppet:: Ticket #1230 (defect created): facts not (always) set in a puppet run @ http://reductivelabs.com/trac/puppet/ticket/1230 (by udo.waechter@uni-osnabrueck.de)
[2008/05/20 04:03:21] @ Quit: kenvandine: "Ex-Chat"
[2008/05/20 04:07:08] @ jshar1 joined channel #puppet
[2008/05/20 04:07:09] @ Quit: jshare: Read error: 104 (Connection reset by peer)
[2008/05/20 04:07:43] <gepetto> ::puppet:: Ticket #681 (defect closed): yum reports old version with ensure=>latest @ http://reductivelabs.com/trac/puppet/ticket/681#comment:17 (by dlutter@redhat.com)
[2008/05/20 04:12:41] @ kenvandine joined channel #puppet
[2008/05/20 04:14:56] @ Quit: golak: "ChatZilla 0.9.82 [Firefox 2.0.0.14/2008040413]"
[2008/05/20 04:15:37] @ Quit: shadoi: Read error: 110 (Connection timed out)
[2008/05/20 04:18:40] <mmestnik> Hello, I'm amazed at how simple adding new clients was. I'm having a problem with fileserver.conf needing updating to accomidate new clients. Is there something I'm doing wrong?
[2008/05/20 04:19:27] @ Norm joined channel #puppet
[2008/05/20 04:19:45] <Norm> so i know new client talking to old server is bad... how about old client talking to new server?
[2008/05/20 04:19:58] <Norm> in this case, 0.22.4 vs 0.24.4
[2008/05/20 04:20:34] <plathrop> Norm: old clients talking to new servers is *supposed* to be explicitly supported. That said, there is a version (I forget which offhand) that fails badly at this.
[2008/05/20 04:20:37] @ randybias joined channel #puppet
[2008/05/20 04:20:53] @ shadoi joined channel #puppet
[2008/05/20 04:22:07] @ Quit: _newbie_: Read error: 104 (Connection reset by peer)
[2008/05/20 04:22:58] <Norm> okay thanks
[2008/05/20 04:24:42] @ Quit: a-priori_: Read error: 104 (Connection reset by peer)
[2008/05/20 04:26:15] @ Zothar_Work joined channel #puppet
[2008/05/20 04:27:32] <plathrop> Question about variables and namespaces. Can I set a variable within a namespace from site.pp? Something like ldap::$ssl_enabled = true ?
[2008/05/20 04:29:22] <holoway> plathrop: I don't know.. my gut says you can't
[2008/05/20 04:29:32] <holoway> but it's been wrong before
[2008/05/20 04:29:35] <holoway> have you tried it?
[2008/05/20 04:29:37] <holoway> :)
[2008/05/20 04:29:41] <plathrop> holoway: I'm trying it out. I'll let you know
[2008/05/20 04:29:45] <holoway> we do a lot of
[2008/05/20 04:29:56] <holoway> setting those kind of top-level variables
[2008/05/20 04:30:04] <holoway> that drive decisions in other modules
[2008/05/20 04:30:11] <holoway> in a "variables.pp" file we include from site
[2008/05/20 04:31:07] <plathrop> holoway: Yeah, I do that a lot as well.
[2008/05/20 04:31:47] <holoway> we also do it for things that could be facts, but are so easy to do well with puppets case/selector logic
[2008/05/20 04:31:55] <holoway> pastie: gimme some sugar
[2008/05/20 04:32:26] <pastie> http://pastie.org/199647 by holoway.
[2008/05/20 04:33:32] <Wakko666> fsweetser: ping
[2008/05/20 04:34:13] <fsweetser> Wakko666: pong
[2008/05/20 04:35:06] <Wakko666> i think i've got a better set of tests for the selinux types, but i'm running into a problem with the seboolean tests.
[2008/05/20 04:35:26] <Wakko666> it's failing to find a default provider, and i'm not really sure why
[2008/05/20 04:35:48] <fsweetser> if you can post the test, I'll be happy to poke at it
[2008/05/20 04:36:05] @ Quit: randybias:
[2008/05/20 04:36:20] <Wakko666> http://pastie.org/199655
[2008/05/20 04:37:29] <fsweetser> trying it now...
[2008/05/20 04:38:04] <plathrop> holoway: No, it doesn't work.
[2008/05/20 04:38:47] <holoway> plathrop: yeah, that figures
[2008/05/20 04:39:00] <holoway> I would rock $ldap_ssl_enabled = true
[2008/05/20 04:39:10] <plathrop> holoway: Yeah, that's what I was thinking.
[2008/05/20 04:39:12] @ _newbie_ joined channel #puppet
[2008/05/20 04:39:13] <holoway> unless you're feeling like hacking on the variable support
[2008/05/20 04:39:21] <plathrop> Here's another question, though.
[2008/05/20 04:39:40] <plathrop> What I'm thinking of doing is providing the ability to have an SSL-enabled slapd or not.
[2008/05/20 04:39:50] <plathrop> Better to have separate classes, or one class with a variable?
[2008/05/20 04:40:27] <holoway> hey, I'm the template guy.. I would say the variable and an if block in your slapd.conf
[2008/05/20 04:40:44] <holoway> if you wanted to be fancy, you might wrap the slapd.conf in a definition
[2008/05/20 04:40:50] <holoway> that has defaults for all your variables
[2008/05/20 04:41:04] <holoway> so the openldap::server class
[2008/05/20 04:41:26] <holoway> calls slapd_conf { "foo": ssl_enable => true, ... }
[2008/05/20 04:41:27] @ Demosthenes joined channel #puppet
[2008/05/20 04:45:28] <fsweetser> Wakko666: looks like it's the path issue again
[2008/05/20 04:45:46] <fsweetser> changing the provider to look for fully qualified binaries allows the type to find it
[2008/05/20 04:46:54] <Wakko666> hrm... ok. looks like we should probably just fix that in your patch.
[2008/05/20 04:46:55] <fsweetser> oh, and I also had to throw in "require 'puppet/type/selboolean'"
[2008/05/20 04:47:17] @ Quit: kenvandine: "Ex-Chat"
[2008/05/20 04:47:20] <fsweetser> my only concern would be trying to use it in an envronment that doesn't put those tools in /usr/sbin
[2008/05/20 04:47:33] <fsweetser> let me see if I can make the provider smarter about looking for them...
[2008/05/20 04:47:35] <holoway> plathrop: but honestly, I would probably just have the openldap::server class, and let the ssl-enable/disable happen there
[2008/05/20 04:47:44] <Wakko666> well... in selmodule, you call out /usr/sbin explicitly.
[2008/05/20 04:48:00] <Wakko666> so, either selboolean should follow suit, or both should be changed to do a single behavior
[2008/05/20 04:48:07] <jbooth> What is the right way to deal with multiple things wanting to stick a notify/subscribe onto a service? Is there a way to do it cleanly?
[2008/05/20 04:48:16] <holoway> jbooth: what do you mean?
[2008/05/20 04:48:23] <fsweetser> Wakko666: heh. probably had the same problem there, and just hacked it instead of fixing it =)
[2008/05/20 04:48:26] <holoway> as many things as make sense can subscribe/notify to a service
[2008/05/20 04:48:34] <holoway> puppet is smart enough to only take action on it once
[2008/05/20 04:48:47] <Wakko666> fsweetser: that's fine. according to my understanding of the FHS, /usr/sbin is the right place for the SE tools.
[2008/05/20 04:48:49] <jbooth> For example, two different things dropping in a /etc/httpd/conf.d/<thing> both wanting to reload httpd
[2008/05/20 04:49:00] <fsweetser> Wakko666: I'd say just put the full paths in your copy for now to get the tests working, and I'll see about a cleaner solution in the provider
[2008/05/20 04:49:05] <holoway> so if you have a thousand file resources that all should restart apache, they can all notify => Service[apache2]
[2008/05/20 04:49:11] <holoway> and it'll only restart once
[2008/05/20 04:49:17] <holoway> (not a thousand times)
[2008/05/20 04:49:29] <jbooth> Hmm, okay. That makes sense.
[2008/05/20 04:49:43] <jbooth> I'd seen the subscribe and notify and hadn't figured out why.
[2008/05/20 04:49:53] <jbooth> This declarative thing is still strange. :-P
[2008/05/20 04:50:00] <Wakko666> fsweetser: sounds good. next issue: in the selmodule test, syncversion returns :true instead of true. i'm not sure which value is correct. (then there's the need to have it return false as well as true)
[2008/05/20 04:50:02] <holoway> jbooth: the reason is that notify makes the Service[Apache] dependent on the things that might notify it
[2008/05/20 04:50:20] <holoway> at least, in a mental sense
[2008/05/20 04:50:23] <holoway> :)
[2008/05/20 04:50:25] <fsweetser> Wakko666: brb....
[2008/05/20 04:51:27] @ kenvandine joined channel #puppet
[2008/05/20 04:55:09] <fsweetser> Wakko666: back...
[2008/05/20 04:56:44] <fsweetser> hm... :true is what I got to work for me, and unfortunatelly lak isn't around to pester at the moment
[2008/05/20 04:57:11] @ Quit: zobbo: Connection timed out
[2008/05/20 04:59:30] <Wakko666> fsweetser: ok... for now i'll just have the tests expect :true and :false
[2008/05/20 05:00:47] <fsweetser> okay, I just added the extra line to make :false a valid value
[2008/05/20 05:00:54] <fsweetser> and with that, all tests pass for me =)
[2008/05/20 05:02:04] <Wakko666> excellent. :) can you merge those tests into your tree, and then i'll go ahead and update the ticket for it?
[2008/05/20 05:02:10] <fsweetser> will do
[2008/05/20 05:02:26] <fsweetser> thanks again
[2008/05/20 05:02:35] <Wakko666> no problem. happy to help out. :)
[2008/05/20 05:03:14] <Wakko666> it looks like making tests for the providers themselves are going to take a bit more work, because they're trying to actually change things.
[2008/05/20 05:04:31] <fsweetser> yep
[2008/05/20 05:05:05] <fsweetser> it may be worth asking in #selinux about creating a no-op policy module that could be loaded and unloaded with no side effects
[2008/05/20 05:05:57] @ Quit: kolla: Remote closed the connection
[2008/05/20 05:06:28] <Wakko666> yeah... alternately, i can just create one for using in these tests.
[2008/05/20 05:07:54] <fsweetser> that's what I was thinking
[2008/05/20 05:08:08] <fsweetser> I doubt any of the existing ones would fall into that category
[2008/05/20 05:09:26] <fsweetser> okay, your test has now been pushed to the repo on spook
[2008/05/20 05:09:35] <Wakko666> awesome. i'll update the ticket :)
[2008/05/20 05:09:52] * fsweetser crosses his fingers that luk will take it =)
[2008/05/20 05:21:33] <Wakko666> fsweetser: i did think of one thing that isn't covered by your patch: semanage
[2008/05/20 05:22:02] <Wakko666> but, i think that's definitely something that can be added later, once initial support for it is merged :)
[2008/05/20 05:22:12] <Wakko666> s/it/selinux/
[2008/05/20 05:26:45] <fsweetser> any thoughts on what that might look like? I haven't wrapped my brain around semanage enough to get a good feel for it yet
[2008/05/20 05:28:56] @ dysinger joined channel #puppet
[2008/05/20 05:35:39] <Wakko666> well... i think there's a few key tasks that might use semanage: dealing with file context regexes, dealing with users and roles, managing selinux controls on ports and interfaces
[2008/05/20 05:39:19] <Wakko666> the semanage knobs for seuser and role could be a separate feature, or they could extend the User type in the same way that you've already extended the File type
[2008/05/20 05:41:41] <fsweetser> if I understand it right, semanage controls aspects of user settings (among other things) that are more or less global, correct?
[2008/05/20 05:44:35] @ randybias joined channel #puppet
[2008/05/20 05:45:45] <Wakko666> basically... semanage allows you to customize certain aspects of the running policy without needing to recompile the policy or build a full policy module.
[2008/05/20 05:54:19] <plathrop> holoway: you still around?
[2008/05/20 05:54:22] <plathrop> pastie: url me
[2008/05/20 05:56:14] <pastie> http://pastie.org/199735 by plathrop.
[2008/05/20 05:56:31] <plathrop> anyone here want to tell me why neither of the notice statements in that paste happen?
[2008/05/20 05:57:01] @ muerr joined channel #puppet
[2008/05/20 05:57:31] <muerr> Anyone know of a heartbeat puppet module, defined type or custom type?
[2008/05/20 05:58:40] <plathrop> gepetto: seen lak
[2008/05/20 05:58:41] <gepetto> plathrop: lak was last seen 4 hours, 34 minutes and 35 seconds ago, quitting IRC ()
[2008/05/20 06:00:42] <kombucha> hi so here in my puppet log, you can see my puppet client getting config info from a puppetmaster... but then it looks for the actual file on 'localhost'. why would it do that ? http://pastebin.com/m2f924509
[2008/05/20 06:02:19] <kombucha> here is my fileserver.conf: http://pastebin.com/m5360525f
[2008/05/20 06:02:20] @ Quit: barnbarn: Read error: 104 (Connection reset by peer)
[2008/05/20 06:02:23] @ Quit: pleemans: "Ex-Chat"
[2008/05/20 06:08:02] @ barnbarn joined channel #puppet
[2008/05/20 06:14:46] @ a-priori joined channel #puppet
[2008/05/20 06:20:25] @ Quit: _newbie_: "KVIrc 3.2.5 Anomalies http://www.kvirc.net/"
[2008/05/20 06:23:17] * rickbradley wonders how out of date this page is: http://reductivelabs.com/trac/puppet/wiki/TestingGuide
[2008/05/20 06:23:36] <rickbradley> seems like "fairly" is the answer
[2008/05/20 06:24:06] * rickbradley is just trying to get a minimal puppetmasterd + client running in a local directory (i.e., not managing the machine it's on)
[2008/05/20 06:28:57] @ dysinger_ joined channel #puppet
[2008/05/20 06:29:07] <rickbradley> so how do I set the location of puppet.conf ?
[2008/05/20 06:33:16] <duritong> plathrop: notices are only logged on the server site
[2008/05/20 06:33:17] <waawaamilk> put it in the config file
[2008/05/20 06:33:21] * waawaamilk runs
[2008/05/20 06:34:23] <sigmonsays> what is "waa-waa-milk" ??
[2008/05/20 06:34:32] <sigmonsays> i have an idea... but I dunno
[2008/05/20 06:34:34] @ shenson is now known as shenson_not_here
[2008/05/20 06:34:35] <waawaamilk> ehehe
[2008/05/20 06:34:55] <plathrop> duritong: Yeah, I figured that out. Funny since I've sung the "functions only run server-side" tune myself so many times...
[2008/05/20 06:35:11] <duritong> hehe
[2008/05/20 06:41:43] @ Quit: kambiz: Read error: 110 (Connection timed out)
[2008/05/20 06:51:12] <jason^> is anyone doing anything cool with iptables and puppet?
[2008/05/20 06:51:59] @ Quit: dysinger: Read error: 113 (No route to host)
[2008/05/20 06:56:22] @ Quit: jvanzyl:
[2008/05/20 06:56:43] @ jvanzyl joined channel #puppet
[2008/05/20 06:57:47] @ Quit: randybias:
[2008/05/20 07:01:52] @ Quit: dysinger_:
[2008/05/20 07:03:16] <holoway> jason^: depends on your definition of cool
[2008/05/20 07:03:28] <holoway> Digant and Stanford have some nifty definitions
[2008/05/20 07:03:29] @ dysinger joined channel #puppet
[2008/05/20 07:03:32] <holoway> and are working on a native type
[2008/05/20 07:04:51] <kombucha> im running a debian puppet client, any idea why it would act this way? no my puppetmaster is NOT localhost: http://pastebin.com/m538feb22
[2008/05/20 07:04:51] @ randybias joined channel #puppet
[2008/05/20 07:05:19] @ Quit: dysinger: Client Quit
[2008/05/20 07:05:42] @ Quit: randybias: Client Quit
[2008/05/20 07:06:53] <sigmonsays> kombucha, try a rerun with puppetd -dvt -- more debug info
[2008/05/20 07:12:04] <kombucha> sigmonsays: im getting the same weirdo 'cant connect to localhost' error. here is my puppet.conf
[2008/05/20 07:12:07] <kombucha> http://pastebin.com/m11787833
[2008/05/20 07:12:59] <fujin> does 'puppet' resolve to localhost?
[2008/05/20 07:13:17] <kombucha> fujin: no.
[2008/05/20 07:13:25] <fujin> holoway: anyway to run merb w/ your mongrel_runit stuff?
[2008/05/20 07:13:29] <fujin> kombucha: what does it resolve to
[2008/05/20 07:14:02] <holoway> fujin: should be simple
[2008/05/20 07:14:15] <kombucha> fujin: if you look at http://pastebin.com/m538feb22 , you'll notice my puppet client grabbing info from the puppetmaster, but then it wants to grab the files off of 'localhost'. puppet resolves to 10.10.0.102 , the ip address of the puppetmaster on my network
[2008/05/20 07:14:31] <holoway> fujin: look at the puppetmasterd example
[2008/05/20 07:14:41] <fujin> jesus christ
[2008/05/20 07:14:48] <fujin> 0.20.1?
[2008/05/20 07:14:51] * fujin falls over
[2008/05/20 07:15:00] <holoway> kombucha: time for an upgrade
[2008/05/20 07:15:11] <kombucha> upgrade of what ?
[2008/05/20 07:15:14] <holoway> puppet
[2008/05/20 07:15:17] <fujin> Puppet, heh
[2008/05/20 07:15:32] <kombucha> so is debian incredibly out of date ?
[2008/05/20 07:15:41] <fujin> stock packages are yeah
[2008/05/20 07:15:51] <fujin> 0.24.4 is in umm Testing I think
[2008/05/20 07:16:01] <fujin> quite simple to backport though
[2008/05/20 07:17:35] <fujin> ah found them
[2008/05/20 07:17:36] <fujin> http://pastie.caboo.se/pastes/190209
[2008/05/20 07:17:40] <fujin> http://pastie.caboo.se/pastes/189631
[2008/05/20 07:17:41] <fujin> pretty
[2008/05/20 07:17:50] <fujin> holoway: kinda sucks that it doesn't use mongrel..
[2008/05/20 07:17:58] <fujin> unless I missed something
[2008/05/20 07:20:58] <muerr> kombucha: debian isn't exactly well known for having updated packages, at least for the 'stable' release.
[2008/05/20 07:21:09] <fujin> Isn't that the idea, muerr ?
[2008/05/20 07:21:24] <fujin> unfortunately in the case of puppet stable != old
[2008/05/20 07:22:03] <muerr> fujin: i would argue that in a lot of cases old != stable necessarily.
[2008/05/20 07:22:29] <muerr> new packages for a variety of software often introduce better stability.
[2008/05/20 07:24:45] <holoway> fujin: it uses mongrel
[2008/05/20 07:25:04] <kombucha> so i have to install debian unstable to get puppet to work? how sad
[2008/05/20 07:25:07] <holoway> basically, you just need to call
[2008/05/20 07:25:17] <holoway> merb -p somenumber
[2008/05/20 07:25:22] <holoway> and you'll get what you want
[2008/05/20 07:25:35] <holoway> merb ships with mongrel_cluster style functinality built in, too
[2008/05/20 07:25:40] <holoway> somewhat terrifyingly
[2008/05/20 07:25:47] <muerr> kombucha: I would get the puppet source tarball for the latest version and install that.
[2008/05/20 07:26:37] <muerr> Maybe you can enable the sid or lenny repo just for puppet.
[2008/05/20 07:28:42] <fujin> heh
[2008/05/20 07:28:47] <fujin> no one said anything about installing debian unstable
[2008/05/20 07:28:52] <fujin> Like I said, backport
[2008/05/20 07:28:58] <fujin> or even pin the packages
[2008/05/20 07:32:15] @ notbrien joined channel #puppet
[2008/05/20 07:32:49] @ magnachef joined channel #puppet
[2008/05/20 07:33:08] <jbooth> holoway: Can I use the notify => thing to run an exec{} (only once) in the same way as a service?
[2008/05/20 07:33:30] <fujin> yes
[2008/05/20 07:33:35] <fujin> with refreshonly => true on your exec
[2008/05/20 07:33:39] <fujin> it wil only run when notified
[2008/05/20 07:33:45] <magnachef> does anyone know of a (CentOS/RHEL) source rpm for version 0.24.4? All I can find is 22.4
[2008/05/20 07:33:57] <fujin> lutters repo has some
[2008/05/20 07:34:05] @ apathy joined channel #puppet
[2008/05/20 07:34:09] <magnachef> what's the link for that?
[2008/05/20 07:34:13] <fujin> www.google.com
[2008/05/20 07:34:16] <jbooth> It's a noarch, pull it from fedora?
[2008/05/20 07:34:17] <magnachef> heh, thanks
[2008/05/20 07:43:52] @ Quit: shadoi: Read error: 104 (Connection reset by peer)
[2008/05/20 07:44:48] @ shadoi joined channel #puppet
[2008/05/20 07:45:51] @ Quit: shadoi: Client Quit
[2008/05/20 07:50:40] @ Hunnur joined channel #puppet
[2008/05/20 07:51:08] <Volcane> magnachef: yum.reductivelabs.com
[2008/05/20 07:51:25] <fujin> sorry - that wasn't very helpful of me
[2008/05/20 07:51:32] <fujin> not really a RH person
[2008/05/20 08:06:47] <notbrien> does anyone know why transferring a 40MB .deb file would cause a time out, ruby to throw an exception, or a crash? if i replace the .deb file with a couple byte text file, it works fine. I'm using the file resource type.
[2008/05/20 08:09:11] <fujin> It's 40MB.
[2008/05/20 08:09:24] <fujin> The XMLRPC comms mean that we have to CGI::Escape the file contents
[2008/05/20 08:09:29] <fujin> URLENCODE
[2008/05/20 08:10:18] <fujin> notbrien: create a repository, host the .deb there
[2008/05/20 08:10:23] @ shadoi joined channel #puppet
[2008/05/20 08:10:45] <notbrien> fujin: dang. i was hoping i wouldn't have to do something like that
[2008/05/20 08:12:53] <apathy> is there any simple documentation on a basic file copy from master to puppet?
[2008/05/20 08:12:55] <magnachef> yeah, I found some off of RPMFind that were no arch and just repackaged their src rpm
[2008/05/20 08:12:57] <magnachef> thanks!
[2008/05/20 08:13:14] @ Quit: roald: Read error: 110 (Connection timed out)
[2008/05/20 08:13:29] <plathrop> notbrien: It's really easy to do, and really a good idea.
[2008/05/20 08:14:45] <notbrien> plathrop: cool. I'm looking into it now. do you recommend any good documentation? i'm just googling at the moment.
[2008/05/20 08:15:04] <shadoi> apathy: you mean using source => puppet://?
[2008/05/20 08:16:14] <plathrop> notbrien: Unfortunately the documentation sucks. The tool you want is reprepro and you will tear your hear out learning it. But once you get over the learning curve, it's okay.
[2008/05/20 08:16:44] <plathrop> notbrien: Do yourself a favor and remember that no matter how trivial the change, you must bump the package version in the Debian changelog.
[2008/05/20 08:17:02] <apathy> yes, but I'm not sure I have the files in the right location or what I'm missing. Everytime client runs. the output says cant describe /test: Fileserver module 'test' not mounted
[2008/05/20 08:17:51] <shadoi> apathy: if you're trying to copy a file inside a module you need to provide the module name in the url
[2008/05/20 08:18:05] <shadoi> like so: puppet:///module/file
[2008/05/20 08:18:10] <muerr> notbrien: Our puppetmaster is also an HTTPD server because its our local yum repo and kickstart server. For things we want to distribute but not create rpms, we put the file on there and use a puppet exec {wget}.
[2008/05/20 08:20:22] <shadoi> I like to setup an rsyncd on the puppetmaster, each module gets an rsyncd module, and then there's a common area for shared files.
[2008/05/20 08:20:32] <fujin> notbrien: ubuntu or debian?
[2008/05/20 08:20:43] <notbrien> fujin: ubuntu
[2008/05/20 08:20:48] <fujin> ah, good.
[2008/05/20 08:20:51] <notbrien> pastie: thanks for your help
[2008/05/20 08:20:52] <fujin> wiki:BootstrappingWithPuppet
[2008/05/20 08:20:54] <gepetto> fujin: wiki: wiki:BootstrappingWithPuppet is http://reductivelabs.com/trac/puppet/wiki/BootstrappingWithPuppet
[2008/05/20 08:20:57] <fujin> notbrien: ^
[2008/05/20 08:21:16] <fujin> I wrote that a while ago, it covers some points surrounding using 'reprepro' for no-frills hassle free APT repo management.
[2008/05/20 08:21:21] <notbrien> plathrop: thanks for your help
[2008/05/20 08:21:54] <plathrop> notbrien: No problem.
[2008/05/20 08:22:36] <notbrien> fujin: thanks!
[2008/05/20 08:22:55] <fujin> and also covers going from an ancient version of Puppet on Ubuntu (0.22) upto the latest version
[2008/05/20 08:24:16] <fujin> prevu + reprepro makes it very very easy
[2008/05/20 08:25:16] * holoway hearts prevu
[2008/05/20 08:30:05] <fujin> ./agree
[2008/05/20 08:30:20] <shadoi> -bash: ./agree: No such file or directory
[2008/05/20 08:30:51] <holoway> I learned the other day that an old co-worker of mine
[2008/05/20 08:31:06] <holoway> who once learned he was fired by watching his accounts get shut off and thinking they might be getting hacked
[2008/05/20 08:31:10] <holoway> has a script in his homedir
[2008/05/20 08:31:15] <holoway> ~/jamie/bin/works_here
[2008/05/20 08:31:32] <holoway> that he updates with each new place of employment, to look at the auth system and double check
[2008/05/20 08:31:37] <shadoi> hahaha
[2008/05/20 08:31:48] <shadoi> that's sort of sad.
[2008/05/20 08:32:08] <holoway> he's the best pure SA I've ever seen
[2008/05/20 08:32:10] <holoway> he's amazing
[2008/05/20 08:32:36] <holoway> and totally shell shocked
[2008/05/20 08:32:36] <holoway> :)
[2008/05/20 08:33:28] <fujin> fuck, how thelol
[2008/05/20 08:33:33] <fujin> awesomens
[2008/05/20 08:33:47] <shadoi> haha.. fujin you been drinking again?
[2008/05/20 08:34:15] <fujin> ha
[2008/05/20 08:34:25] <fujin> naw man I'm trying to work out how to install stuff on RHEL 5.1 for a colleague
[2008/05/20 08:34:31] <fujin> they've got some shitty proprietary software that needs installnig
[2008/05/20 08:34:36] <fujin> anyway, no licenses for RHEL 5.1 so I cna't yum
[2008/05/20 08:34:39] <holoway> fujin: your theme song! http://youtube.com/watch?v=305vRNoofr8
[2008/05/20 08:34:40] * fujin throws hands in the air
[2008/05/20 08:35:13] <fujin> hahaha
[2008/05/20 08:35:40] @ zobbo joined channel #puppet
[2008/05/20 08:36:26] @ Innocenti joined channel #puppet
[2008/05/20 08:37:25] <fujin> blagh
[2008/05/20 08:37:27] <fujin> I'll just nuke it
[2008/05/20 08:37:34] <fujin> wha'ts better these days? CentOS or FC?
[2008/05/20 08:37:45] <shadoi> debian
[2008/05/20 08:37:47] <shadoi> :P
[2008/05/20 08:38:00] <holoway> fujin: if you need RHEL 5.1 compat, use CentOS 5.1
[2008/05/20 08:38:22] <shadoi> yeah I always go for centos too
[2008/05/20 08:38:52] <fujin> oh I know debian is better
[2008/05/20 08:38:55] <holoway> honestly, CentOS is totally reasonable, considering it's baggade
[2008/05/20 08:38:57] <holoway> er baggage
[2008/05/20 08:38:58] <fujin> but debian + proprietary RPM's
[2008/05/20 08:38:58] <fujin> = fail
[2008/05/20 08:39:07] <fujin> WTF do I have to download all 6 cd's?
[2008/05/20 08:39:27] <fujin> ah thank god there is a netinstall disk
[2008/05/20 08:42:07] <fujin> oh, there's a dvd too. handy.
[2008/05/20 08:43:23] <a-priori> hey, does anyone know how to get puppet to get the status of courier-imap services properly? right now it always thinks they're not running
[2008/05/20 08:43:56] <fujin> fix the script
[2008/05/20 08:44:01] <fujin> specify pattern => 'a regex'
[2008/05/20 08:44:04] <fujin> sorry
[2008/05/20 08:44:11] <fujin> either fix the script, or specify pattern =>
[2008/05/20 08:44:25] <a-priori> by script, you mean the init.d script?
[2008/05/20 08:44:29] <fujin> aye
[2008/05/20 08:44:32] <jamesturnbull> a-priori: yeah
[2008/05/20 08:44:33] <a-priori> alright, thanks
[2008/05/20 08:44:35] <fujin> it needs to be LSB conformat, and respond to 'status'
[2008/05/20 08:44:44] @ Quit: ezralini:
[2008/05/20 08:45:14] <fujin> morning james
[2008/05/20 08:45:27] <jamesturnbull> fujin: morning AJ
[2008/05/20 08:45:33] <fujin> how's it goin?
[2008/05/20 08:45:50] <jamesturnbull> fujin: not bad - doing some email before heading down to CeBIT
[2008/05/20 08:46:01] <jamesturnbull> fujin: going to talk up some Puppet
[2008/05/20 08:46:15] <fujin> oh nice
[2008/05/20 08:47:21] @ Quit: muerr: "Leaving."
[2008/05/20 08:47:31] <MrProper_> i've been thinking, why does the puppetd daemon sit at around 90MB physical ram usage when its not doing a run, why wouldnt i just run a cron job every 30minutes (plus minus a couple random minutes ) with puppetd --test
[2008/05/20 08:47:49] @ dysinger joined channel #puppet
[2008/05/20 08:47:53] <holoway> MrProper_: unless you are using puppetrun, no reason
[2008/05/20 08:48:18] <holoway> MrProper_: you don't even have to do the couple random minutes, puppetd can splay for you
[2008/05/20 08:48:53] <MrProper_> holoway: really? sweet, how do most people run theirs, do more people use the daemon or cron?
[2008/05/20 08:49:06] <jamesturnbull> MrProper_: I prefer the daemon but a lot of people do cron
[2008/05/20 08:49:21] <jamesturnbull> MrProper_: with puppetd --splay
[2008/05/20 08:49:24] <holoway> MrProper_: I'm in jamesturnbull's camp
[2008/05/20 08:49:25] <MrProper_> holoway, i notice issues with the puppetd daemon going zombie and it stops doing its runs
[2008/05/20 08:49:38] <jamesturnbull> MrProper_: really? I've never seen that
[2008/05/20 08:49:53] <fujin> I do crun :>
[2008/05/20 08:49:59] <fujin> cron
[2008/05/20 08:50:01] <jamesturnbull> MrProper_: what platform? do you have any traces or something I can take a squizz at?
[2008/05/20 08:50:05] <fujin> but will probably move to puppetrun etc soon
[2008/05/20 08:50:15] <jamesturnbull> fujin: me daemonz! you crun!
[2008/05/20 08:51:04] <MrProper_> jamesturnbull, i chased this up a while ago, its been present for some time (version wise), mostly debian for me, basically the process still looks active but no longer functions. so when i monitor it via the process it all looks fine
[2008/05/20 08:51:24] <holoway> fujin: or just use capistrano, so you can see verbose output
[2008/05/20 08:51:30] <holoway> if that sort of things moves you
[2008/05/20 08:52:40] <MrProper_> "if i do not know the riddle of puppet, crun will laugh at me from his mountain"
[2008/05/20 08:53:13] <fujin> holoway: still haven't looked at cap yet
[2008/05/20 08:53:29] <fujin> BY CROM!
[2008/05/20 08:53:30] <fujin> BY MITRA!
[2008/05/20 08:55:40] <MrProper_> lol
[2008/05/20 08:55:55] <holoway> fujin: jelly to puppet's peanut butter
[2008/05/20 08:56:04] <fujin> I see
[2008/05/20 08:56:18] <holoway> fujin: especially since you've got some ruby skills
[2008/05/20 08:56:38] <fujin> where some = not many
[2008/05/20 08:56:54] <holoway> fujin: enough to roll a capistrano task, for sure
[2008/05/20 08:56:58] <jamesturnbull> MrProper_: weird - and no output? Can you run it with a strace or something and post to a ticket?
[2008/05/20 08:57:55] <MrProper_> jamesturnbull, i've got one at the moment with strace but its not doing anything
[2008/05/20 08:58:28] <MrProper_> Process 2866 attached - interrupt to quit
[2008/05/20 08:58:28] <MrProper_> select(8, [7], [], [], NULL
[2008/05/20 08:58:33] <MrProper_> thats it
[2008/05/20 08:58:59] <MrProper_> im waiting to see if it does anything when the interval starts
[2008/05/20 09:01:10] @ Quit: johnf: Read error: 101 (Network is unreachable)
[2008/05/20 09:02:03] @ johnf joined channel #puppet
[2008/05/20 09:14:46] <plathrop> What's your favorite wiki implementation?
[2008/05/20 09:15:39] <plathrop> I know I'm off-topic but you guys are smart :-)
[2008/05/20 09:16:08] <fujin> I like redmine's implementation (simply because it ties into everything else quite well) but it's a shame that it's only Textile
[2008/05/20 09:16:20] <fujin> rolled it out here for our NOC wiki
[2008/05/20 09:16:31] * plathrop doesn't care too much about the format, going to use it for a tiny personal project.
[2008/05/20 09:17:17] <plathrop> Redmine doesn't just come in 'plain wiki' though, does it?
[2008/05/20 09:17:35] <fujin> no, unfortunately not
[2008/05/20 09:17:56] @ spheromak joined channel #puppet
[2008/05/20 09:17:59] <plathrop> Yeah, that won't do...
[2008/05/20 09:18:00] <fujin> moinmoin?
[2008/05/20 09:18:35] <fujin> thats the other one I like, for plain wiki
[2008/05/20 09:18:43] <fujin> https://help.ubuntu.com/community/
[2008/05/20 09:18:45] <fujin> ^ moinmoin
[2008/05/20 09:18:45] <josb> Couldn't you turn off everything but the wiki bits in Redmine?
[2008/05/20 09:19:04] <fujin> indeed, I think you can disable all of the other tabs
[2008/05/20 09:19:17] <josb> Yeah.
[2008/05/20 09:21:20] @ rmiller joined channel #puppet
[2008/05/20 09:21:25] <plathrop> Thanks. I'll take a look
[2008/05/20 09:21:47] <holoway> plathrop: if you are doing an open source project
[2008/05/20 09:21:56] <holoway> confluence is the best wiki I have ever used
[2008/05/20 09:22:00] <holoway> regardless of it being java
[2008/05/20 09:22:26] <holoway> I like it enough I paid for it instead of using an open source wiki
[2008/05/20 09:23:17] <plathrop> thanks holoway
[2008/05/20 09:23:23] <plathrop> I'll look at that too
[2008/05/20 09:25:11] <holoway> while I'm pimping Atlassian
[2008/05/20 09:25:15] <holoway> Jira is great too
[2008/05/20 09:30:27] @ randybias joined channel #puppet
[2008/05/20 09:40:47] * nDuff is a big fan of trac
[2008/05/20 09:41:15] <nDuff> (beautiful pluggable architecture, and all the non-wiki bits can indeed be disabled)
[2008/05/20 09:43:43] <rmiller> so I have a question
[2008/05/20 09:43:51] <rmiller> I don't want to inherit a class, I want to undefine it
[2008/05/20 09:43:54] <rmiller> how do I go about doing this?
[2008/05/20 09:44:17] <holoway> rmiller: explain what you want to do
[2008/05/20 09:44:21] <rmiller> ok
[2008/05/20 09:44:32] <rmiller> we have a common manifest that we include into our individual role manifests
[2008/05/20 09:44:37] <rmiller> it includes a specific file
[2008/05/20 09:44:42] <rmiller> I want to uninclude that file.
[2008/05/20 09:44:48] <rmiller> I realize that the class is already included
[2008/05/20 09:44:56] <rmiller> so I want to say "no, I want to undefine this class".
[2008/05/20 09:45:00] <rmiller> how do I do this?
[2008/05/20 09:45:02] <holoway> rmiller: not possible
[2008/05/20 09:45:09] <fujin> not the entire class
[2008/05/20 09:45:10] <holoway> don't include it in the first place
[2008/05/20 09:45:16] <fujin> you could inherit the class and override the resource
[2008/05/20 09:45:32] <rmiller> can I override all resources in the class?
[2008/05/20 09:45:36] <fujin> indeed
[2008/05/20 09:46:01] <plathrop> rmiller: You can, but it seems odd. Why not just not include the common manifest in the special case?
[2008/05/20 09:46:09] <fujin> or refactor your manifests
[2008/05/20 09:46:13] <fujin> a base class which doesn't set any ensures
[2008/05/20 09:46:17] <fujin> and a yes/no inheritance class
[2008/05/20 09:46:21] <fujin> which does yes/no where you want it
[2008/05/20 09:46:33] <fujin> it sounds like you need to re-think what you're trying to achieve
[2008/05/20 09:46:44] <rmiller> normally I would but this is a one off
[2008/05/20 09:46:53] <rmiller> that I'm actually trying to do cleanly
[2008/05/20 09:47:06] <fujin> care to paste what you have so far, and what you're trying to achieve?
[2008/05/20 09:47:58] @ Quit: Innocenti: Client Quit
[2008/05/20 09:51:05] @ Quit: randybias: Remote closed the connection
[2008/05/20 09:51:37] @ randybias joined channel #puppet
[2008/05/20 09:51:48] @ Quit: randybias: Read error: 104 (Connection reset by peer)
[2008/05/20 09:56:14] <fujin> guess not ;>
[2008/05/20 09:56:45] @ Quit: Gwayne: Read error: 113 (No route to host)
[2008/05/20 09:57:38] <plathrop> Ugh. moinmoin setup is a *pain*
[2008/05/20 09:57:44] <plathrop> On to the next option...
[2008/05/20 09:59:23] @ Quit: shadoi: Read error: 110 (Connection timed out)
[2008/05/20 10:00:35] @ Quit: apathy: Read error: 110 (Connection timed out)
[2008/05/20 10:07:55] <Wakko666> plathrop: you should go ask mmcgrath over in #fedora-admin his opinion of moinmoin. ;-)
[2008/05/20 10:08:12] <plathrop> Wakko666: oh?
[2008/05/20 10:08:48] <Wakko666> plathrop: yeah, the fedora infrastructure guys just migrated from moin to mediawiki.
[2008/05/20 10:09:12] @ Quit: notbrien:
[2008/05/20 10:09:40] <Wakko666> or... i should say... are in the process of doing it. it's not done yet.
[2008/05/20 10:10:07] @ g1 joined channel #puppet
[2008/05/20 10:10:35] @ g1 is now known as gh_spk
[2008/05/20 10:14:08] <rmiller> thanks.
[2008/05/20 10:14:09] @ Quit: rmiller: "leaving"
[2008/05/20 10:14:52] @ shadoi joined channel #puppet
[2008/05/20 10:16:20] @ lak joined channel #puppet
[2008/05/20 10:19:30] @ martha left channel #puppet ()
[2008/05/20 10:20:08] @ Quit: plathrop: Remote closed the connection
[2008/05/20 10:29:29] @ Quit: Laos18549: Remote closed the connection
[2008/05/20 10:46:35] <fujin> how close in compat is centos to rhel?
[2008/05/20 10:47:17] <spheromak> close
[2008/05/20 10:47:21] <holoway> fujin: identical for the core, basically
[2008/05/20 10:47:23] <spheromak> well enough to install oracle on it
[2008/05/20 10:47:28] <fujin> really? awesome
[2008/05/20 10:47:33] <holoway> the only changes are de-redhat-ification
[2008/05/20 10:47:37] <spheromak> yup
[2008/05/20 10:47:39] <holoway> in terms of trademarks
[2008/05/20 10:47:43] <holoway> there have more packages in extras
[2008/05/20 10:47:51] <holoway> things like heartbeat and drbd, for example
[2008/05/20 10:47:55] <fujin> we ran out of rhel5.1 licenses so using centos to try and achieve what I'm doing
[2008/05/20 10:47:56] <holoway> which redhat sells you as part of cluster server
[2008/05/20 10:48:01] @ Gwayne joined channel #puppet
[2008/05/20 10:48:03] <fujin> lol
[2008/05/20 10:48:13] <fujin> RHCS + DRBD + MYSQL =win
[2008/05/20 10:48:18] <fujin> my best robust clustering solution yet
[2008/05/20 10:48:26] <spheromak> fujin: only rhel boxes i got are actually some older oracle stuff that the dbas setup
[2008/05/20 10:48:48] <holoway> fujin: god, drbd + postgresql + heartbeat made me freak out it was so awesome
[2008/05/20 10:48:48] <fujin> ah yep
[2008/05/20 10:49:02] <holoway> drbd has come so far
[2008/05/20 10:49:02] <fujin> going from heartbeat -> rhcs is awesome
[2008/05/20 10:49:10] <fujin> CMAN & RGmanager
[2008/05/20 10:49:15] <spheromak> dunno i didn't like rhcs
[2008/05/20 10:49:15] <fujin> aye
[2008/05/20 10:49:22] <fujin> drbd 8.x is what I'm running I think
[2008/05/20 10:49:24] <spheromak> and cman was a bitch for me to get running
[2008/05/20 10:49:30] <fujin> really?
[2008/05/20 10:49:33] <fujin> apt-get install rgmanager
[2008/05/20 10:49:34] <fujin> = done
[2008/05/20 10:49:41] <fujin> once you get a hang of the config file
[2008/05/20 10:49:47] <spheromak> yea well it not that easy since we got some custom kernel shit :P
[2008/05/20 10:49:56] <spheromak> and i was trying to get some iscsi clvm shit going
[2008/05/20 10:50:25] <spheromak> ended up just using heartbeat and some rpc stonith stuff to do the disk failover
[2008/05/20 10:50:33] <holoway> fujin: I want nothign to do with the fancy post r1 heartbeat configs
[2008/05/20 10:50:34] <fujin> ah yep
[2008/05/20 10:50:42] <holoway> all that xml makes my eyes bleed
[2008/05/20 10:50:49] <fujin> holoway: ew, the heartbeat2 configs are quite terrible
[2008/05/20 10:51:02] <fujin> the XML config for rhcs isn't too bad for a full setup
[2008/05/20 10:51:13] <holoway> yeah, I was like, no, fuck that, we're rolling haresources old skool style
[2008/05/20 10:51:16] <fujin> pastie: show me whatcha workin' with
[2008/05/20 10:51:52] <pastie> http://pastie.org/199958 by fujin.
[2008/05/20 10:52:01] <fujin> take a lookie
[2008/05/20 10:52:17] <Gwayne> holoway, do you know what rules ? xen + drbd + heartbeat2 :)
[2008/05/20 10:52:31] <holoway> Gwayne: totally
[2008/05/20 10:52:50] <Gwayne> holoway, I just build a datacenter with that
[2008/05/20 10:52:58] @ M- joined channel #puppet
[2008/05/20 10:53:05] <gepetto> ::puppet:: Ticket #1231 (defect created): Exceptions during startup are often unclear @ http://reductivelabs.com/trac/puppet/ticket/1231 (by luke@madstop.com)
[2008/05/20 10:53:28] <Gwayne> holoway, clusternodes with xen machines that now life migrate :)
[2008/05/20 10:53:33] <holoway> fujin: yeah, that's a lot nicer than heartbeat2's nutsy xml
[2008/05/20 10:53:49] <holoway> Gwayne: yeah, that's super sweet
[2008/05/20 10:53:54] @ nigelk joined channel #puppet
[2008/05/20 10:53:55] <fujin> that's an older version of cman/rgmanager aswell.. the syntax has gotten a little better
[2008/05/20 10:54:01] <fujin> but you know
[2008/05/20 10:54:02] <fujin> you can read it
[2008/05/20 10:54:04] <fujin> and see what it does
[2008/05/20 10:54:07] <holoway> right
[2008/05/20 10:54:18] <Gwayne> well I can read the xml as well :)
[2008/05/20 10:54:23] <fujin> not like that shitty arse heartbeat2
[2008/05/20 10:54:23] <holoway> and it can do things that are more complicated than haresources left->right right->left
[2008/05/20 10:54:26] <Gwayne> It took some time though
[2008/05/20 10:54:35] <fujin> holoway: yes, indeed
[2008/05/20 10:54:41] <fujin> alot more interesting stuff than that
[2008/05/20 10:54:48] <holoway> although for basic database failover, that's all you need
[2008/05/20 10:54:50] <fujin> and you don't need to rely on a third-party tool to do service status checking - rgmanager handles it
[2008/05/20 10:54:51] <Gwayne> but heartbeat2 = N nodes
[2008/05/20 10:55:09] <Gwayne> If you only need 2 nodes, then hb1 is good enough
[2008/05/20 10:55:12] <fujin> rgmanager polls all of your services (relying on LSB conformance) for their status
[2008/05/20 10:55:22] <fujin> and then can be configured to restart a number of times, then try relocating, otherwise disabling
[2008/05/20 10:55:26] <fujin> fencing
[2008/05/20 10:55:27] <fujin> fencing makes me happy
[2008/05/20 10:55:44] <Gwayne> fujin, I think I found a bug in puppet
[2008/05/20 10:55:59] <holoway> fujin: describe fencing?
[2008/05/20 10:56:16] <nevyn> sigh.
[2008/05/20 10:56:18] <nevyn> webmin
[2008/05/20 10:56:57] <nevyn> stabby
[2008/05/20 10:57:02] <Gwayne> fujin, I have a file called gosa+samba3.schema :) and the copy chokes on the +, if I rename it to gosaandsama3.schema no problem :)
[2008/05/20 10:58:26] <fujin> Gwayne: post a bug, probably a regex somewhere that needs tweaking
[2008/05/20 10:58:29] <fujin> Gwayne: do you get a trace?
[2008/05/20 10:58:37] <fujin> holoway: fencing is just STONITH
[2008/05/20 10:58:41] <holoway> fujin: gotcha
[2008/05/20 10:58:43] <fujin> but RHCS ships with multiple fence devices built in
[2008/05/20 10:58:50] <fujin> fence_apc, fence_snmp, fence_iLO, fence_drac etc etc.
[2008/05/20 10:58:56] <fujin> fence_iSCSI
[2008/05/20 10:59:01] <holoway> neat
[2008/05/20 10:59:38] <Gwayne> fujin, no it just says not found :)
[2008/05/20 10:59:46] <fujin> Gwayne: on the puppetmaster?
[2008/05/20 10:59:54] <fujin> run your puppetmaster with --no-daemonize --debug --trace
[2008/05/20 10:59:55] <Gwayne> fujin, its a recursive copy
[2008/05/20 11:00:02] <fujin> ah. interesting.
[2008/05/20 11:00:22] <Gwayne> fujin, So I think its only in recursive
[2008/05/20 11:00:36] <Gwayne> fujin, Did not check 1:1 sorry
[2008/05/20 11:00:49] <Gwayne> If I have some time today I will do that
[2008/05/20 11:02:12] <gepetto> ::puppet:: Ticket #1232 (defect created): puppetd should not require the 'puppet' user @ http://reductivelabs.com/trac/puppet/ticket/1232 (by luke@madstop.com)
[2008/05/20 11:04:13] <nigelk> does anyone know for sure if the unix/posix/whatever standards say group names can't be numeric?
[2008/05/20 11:04:38] <nigelk> realized the posix patch I've been working on assumed that they can't be... and can't actually find it codified anywhere.
[2008/05/20 11:07:31] <shadoi> it's a horrible practice even if it's allowed
[2008/05/20 11:07:34] <shadoi> talk about confusing
[2008/05/20 11:08:18] <nigelk> yes.
[2008/05/20 11:08:30] <nevyn> nigelk: I know that solaris 2.7 has a max of 16 groups
[2008/05/20 11:08:31] <nigelk> so the susv2 standard seems to suggest it's allowed
[2008/05/20 11:08:32] <spheromak> yea would be funny
[2008/05/20 11:08:39] <nigelk> "If a numeric group operand exists in the group database as a group name, the group ID number associated with that group name is used as the group ID."
[2008/05/20 11:09:10] <nevyn> so you can have anonymous groups.
[2008/05/20 11:09:47] <nigelk> so puppet currently assumes that an integer was a gid not a name I think.
[2008/05/20 11:10:07] <nigelk> which is what I've been assuming. Dealing with that edge case is a bit of a nightmare though
[2008/05/20 11:10:44] <holoway> nigelk: I think you would probably be safe in assuming that you can't have a number for a group name
[2008/05/20 11:10:55] <shadoi> nigelk: yeah, don't allow it. :)
[2008/05/20 11:10:55] <holoway> at the least because, if someone actually runs in to it, they can file a bug
[2008/05/20 11:11:05] <nigelk> ok.
[2008/05/20 11:11:05] <holoway> and cite something that would let them do that
[2008/05/20 11:11:17] <nigelk> it's bad enough already given the ruby bug that's led to this problem
[2008/05/20 11:11:18] <holoway> but that sounds like crazy talk to me
[2008/05/20 11:11:46] <nigelk> http://pastie.caboo.se/199962
[2008/05/20 11:11:53] <nigelk> that's already what I'm having to do.
[2008/05/20 11:11:54] @ pawalls_ is now known as pawalls
[2008/05/20 11:12:16] <nigelk> as some ruby versions don't do the getgrnam stuff properly
[2008/05/20 11:12:52] <holoway> nigelk: really?
[2008/05/20 11:12:53] <holoway> which versions?
[2008/05/20 11:13:43] <nigelk> lak pointed it out to me when I asked why puppet was looking up groups the slow way
[2008/05/20 11:13:45] <nigelk> lemme dig it out
[2008/05/20 11:13:58] <lak> nigelk: it's not ruby, it's libc
[2008/05/20 11:14:35] <nigelk> lak: you sure? this is the one where it returns the group of the current process, not the one you've asked it for?
[2008/05/20 11:14:48] <nigelk> I think you're talking about a different one?
[2008/05/20 11:14:48] <lak> yeah; got the same behaviour in perl
[2008/05/20 11:14:55] <lak> i don't think so
[2008/05/20 11:14:58] <nigelk> oh. ok.
[2008/05/20 11:15:08] <lak> i'm not drunk yet, altho i'm pretty tired :/
[2008/05/20 11:15:14] <nigelk> I like the yet
[2008/05/20 11:15:14] * lak is in san antonio working with a client
[2008/05/20 11:15:23] <nigelk> not drunk yet would be a nice state. :)
[2008/05/20 11:15:23] <lak> i don't :(
[2008/05/20 11:16:19] <nigelk> ok. if the conclusion is that not dealing with numeric group names is fine and wait till someone reports it, I'll submit this tomorrow then once I've unit tested on some more platforms
[2008/05/20 11:16:55] <lak> yeah, i assume that all over the place
[2008/05/20 11:17:08] <lak> and frankly, if someone tells me they want that feature, they'd better be prepared to pay out the nose for it
[2008/05/20 11:17:16] <nigelk> I didn't even think about it until I messed up a unit test
[2008/05/20 11:17:25] <nigelk> and accidentally put a number in the name for the dummy group
[2008/05/20 11:17:44] <lak> ah
[2008/05/20 11:17:49] <lak> well, time for dinner for me
[2008/05/20 11:17:51] @ Quit: lak:
[2008/05/20 11:17:57] <gepetto> ::puppet:: Ticket #1230 (defect closed): facts not (always) set in a puppet run @ http://reductivelabs.com/trac/puppet/ticket/1230#comment:2 (by luke@madstop.com)
[2008/05/20 11:18:04] <nigelk> mm. time to cycle home and clear my head of damn computers.
[2008/05/20 11:18:12] <nigelk> later puppeteers
[2008/05/20 11:18:16] @ Quit: nigelk:
[2008/05/20 11:24:37] * Gwayne chuckles, his day just started
[2008/05/20 11:25:43] * Gwayne ponders if he shall file a bug about groups not being able to be a number before the patch is applied.
[2008/05/20 11:25:52] @ Quit: rickbradley: Read error: 110 (Connection timed out)
[2008/05/20 11:26:07] <fujin> ha
[2008/05/20 11:26:10] * shadoi shoots Gwayne
[2008/05/20 11:26:20] <fujin> you'll get stabbed so bad.
[2008/05/20 11:26:52] * Gwayne chuckles
[2008/05/20 11:27:12] <Gwayne> Sorry its my evil side :)
[2008/05/20 11:27:25] <Gwayne> And yes I have used number groups in the past :)
[2008/05/20 11:29:09] * shadoi shoots Gwayne again
[2008/05/20 11:29:46] @ Quit: a-priori:
[2008/05/20 11:30:47] <Gwayne> Why do people always shoot me :)
[2008/05/20 11:31:10] <Gwayne> I just created several ldap servers with puppet :)
[2008/05/20 11:31:30] <shadoi> stop smiling!
[2008/05/20 11:31:39] <Gwayne> Grins evilly
[2008/05/20 11:31:41] <shadoi> ;)
[2008/05/20 11:31:51] <shadoi> Gwayne: no that's cool
[2008/05/20 11:31:52] <Gwayne> hehehe
[2008/05/20 11:32:14] <Gwayne> shadoi, with openldap24 in a master master environment
[2008/05/20 11:32:49] <shadoi> cool, and you've written a native type that will manage ACLs too right?
[2008/05/20 11:32:49] <Gwayne> shadoi, So I had to fill one ldapserver with data and it was replacated to all the newly created servers
[2008/05/20 11:32:50] <shadoi> hehe
[2008/05/20 11:33:11] <Gwayne> shadoi, I wish :)
[2008/05/20 11:33:28] <Gwayne> shadoi, But these are all the same :)
[2008/05/20 11:36:31] @ a-priori joined channel #puppet
[2008/05/20 11:37:09] @ Quit: a-priori: Remote closed the connection
[2008/05/20 11:37:18] @ a-priori joined channel #puppet
[2008/05/20 11:45:04] @ Quit: a-priori:
[2008/05/20 11:46:24] <fujin> I'm beached bro
[2008/05/20 11:47:59] @ lak joined channel #puppet
[2008/05/20 11:48:20] * nevyn cries.
[2008/05/20 11:48:22] <nevyn> http://www.openldap.org/lists/openldap-software/200208/msg00676.html
[2008/05/20 11:48:33] <nevyn> 6 years and the situation is no better.
[2008/05/20 11:55:24] @ Quit: andrewcshafer:
[2008/05/20 12:04:17] <fujin> http://youtube.com/watch?v=z2l86jJqyww
[2008/05/20 12:17:54] @ notbrien joined channel #puppet
[2008/05/20 12:21:46] @ a-priori joined channel #puppet
[2008/05/20 12:33:18] @ Quit: lak: Read error: 104 (Connection reset by peer)
[2008/05/20 12:33:52] @ lak joined channel #puppet
[2008/05/20 12:39:18] @ Gwayne left channel #puppet ("I was raided by the FBI and all I got to keep was this lousy quit message!")
[2008/05/20 13:00:47] <gh_spk> where does puppet get the hostname of a system from? `hostname` ?
[2008/05/20 13:01:13] @ randybias joined channel #puppet
[2008/05/20 13:02:52] @ Quit: randybias: Client Quit
[2008/05/20 13:03:06] <shadoi> gh_spk: facter
[2008/05/20 13:03:08] @ randybias joined channel #puppet
[2008/05/20 13:03:26] @ plathrop joined channel #puppet
[2008/05/20 13:03:32] <gh_spk> hmm, my fqdn is correct
[2008/05/20 13:03:41] <gh_spk> err: Could not retrieve configuration: Certificates were not trusted: hostname not match with the server certificate
[2008/05/20 13:04:08] <shadoi> puppetca has a text option that will show you want the cert has
[2008/05/20 13:04:47] <gh_spk> i regenerated my cert and copied it to the host after i changed the hostname
[2008/05/20 13:04:53] <a-priori> I had that problem when I set up my server
[2008/05/20 13:05:54] <a-priori> turned out the problem was that the certificate used the unqualified hostname, and puppetd was connecting to the qualified name
[2008/05/20 13:06:09] <gh_spk> ah.. i generated with the fqdn
[2008/05/20 13:07:32] <gh_spk> anyway to turn up my verbosity? i'm not seeing anything in logs on the puppetmaster
[2008/05/20 13:07:53] <shadoi> --debug
[2008/05/20 13:08:13] @ maxquerry joined channel #puppet
[2008/05/20 13:09:00] <gh_spk> only get the error on the client side.. that didnt work :\
[2008/05/20 13:09:07] <maxquerry> hi is there any plugins for nagios in puppet?
[2008/05/20 13:09:16] <maxquerry> ohhh
[2008/05/20 13:09:45] <maxquerry> can i modify hosts.cfg files through puppet ?
[2008/05/20 13:10:02] <plathrop> maxquerry: You can do just about anything through puppet.
[2008/05/20 13:10:15] <a-priori> gh_spk: did you run the puppetmaster with --verbose
[2008/05/20 13:10:27] <gh_spk> -v -d --no-daemonize
[2008/05/20 13:10:35] <plathrop> But if you are asking for native support, some people are using the nagios types successfully
[2008/05/20 13:11:19] @ Quit: Demosthenes: "Lost terminal"
[2008/05/20 13:12:29] <maxquerry> actully evryday i ahve to add manually the new checks on nagios in hosts.sfg files for evry hosts ..
[2008/05/20 13:12:42] <maxquerry> i want to manage tht through puppet..
[2008/05/20 13:13:40] <gepetto> ::puppet:: Ticket #1230 (defect closed): facts not (always) set in a puppet run @ http://reductivelabs.com/trac/puppet/ticket/1230#comment:2 (by luke@madstop.com)
[2008/05/20 13:13:40] <gepetto> ::puppet:: Ticket #1228 (refactor closed): Create RSpec tests for lib/puppet/util/storage.rb @ http://reductivelabs.com/trac/puppet/ticket/1228#comment:8 (by luke@madstop.com)
[2008/05/20 13:15:01] <maxquerry> whenever i want to monitor new service i need to make change on arround 20 to 300 hosts.cfg files ..
[2008/05/20 13:16:08] <maxquerry> ?
[2008/05/20 13:16:23] <waawaamilk> where is the wiki documentation for writing "define"s?
[2008/05/20 13:17:40] <gepetto> ::puppet:: Ticket #1229 (refactor closed): Clean up unused files @ http://reductivelabs.com/trac/puppet/ticket/1229#comment:2 (by luke@madstop.com)
[2008/05/20 13:18:19] @ rickbrad_ joined channel #puppet
[2008/05/20 13:22:31] <plathrop> waawaamilk: wiki:LanguageTutorial
[2008/05/20 13:22:35] <gepetto> plathrop: waawaamilk: wiki:LanguageTutorial is http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial
[2008/05/20 13:23:33] <waawaamilk> aha
[2008/05/20 13:23:43] * waawaamilk found the section in the puppetbook
[2008/05/20 13:23:59] <waawaamilk> the website is probably more up to date tho
[2008/05/20 13:24:00] @ Demosthenes joined channel #puppet
[2008/05/20 13:24:02] <waawaamilk> thanks
[2008/05/20 13:24:42] @ Quit: \ask:
[2008/05/20 13:27:48] @ nigelk joined channel #puppet
[2008/05/20 13:30:54] <gh_spk> can you use puppet without DNS?
[2008/05/20 13:31:05] @ Quit: nigelk: Client Quit
[2008/05/20 13:31:06] <shadoi> yes, but I don't recommend it
[2008/05/20 13:31:12] <shadoi> it's a pain
[2008/05/20 13:31:27] <gh_spk> i seem to be having lots of issues surrounding domain names and certs
[2008/05/20 13:31:28] <plathrop> I don't recommend doing much of *anything* without DNS
[2008/05/20 13:31:39] <gh_spk> and i'm attempting to get the DNS box online :)
[2008/05/20 13:31:57] <shadoi> gh_spk: safe bet is to _always_ use fqdn
[2008/05/20 13:32:14] <shadoi> or switch to something else like UUIDs for node names
[2008/05/20 13:32:19] <shadoi> which some of the larger installations do
[2008/05/20 13:32:24] <shadoi> like google, etc.
[2008/05/20 13:32:37] <gh_spk> i did the `openssl s_client -connect puppet:8140 ` and found out that the fqdn of my server is not the hostname of my puppetmaster
[2008/05/20 13:33:22] <gh_spk> should i put [puppetmasterd] certname=fqdn in the puppetmaster's puppet.conf? will that mean that all of my clients will then be unable to connect if new certs are generated?
[2008/05/20 13:33:42] <shadoi> yes
[2008/05/20 13:33:54] <shadoi> you'll have to give sign new certs for them
[2008/05/20 13:34:01] <gh_spk> ouch
[2008/05/20 13:34:30] <gh_spk> the url in the topic reads to have the certname just a hostname, but that should be the fqdn that matches the hostname of the puppetmaster, no?
[2008/05/20 13:34:32] <shadoi> if you're on debian you probably need to anyway. :)
[2008/05/20 13:37:58] <gh_spk> instead i tried just resetting the hostname on the puppetmaster
[2008/05/20 13:38:08] <gh_spk> ran facter and it it reported the changed name, but the client still errors
[2008/05/20 13:39:18] <gh_spk> strange, since my subject=/CN=fqdn is the fqdn reported by facter on the PM
[2008/05/20 13:39:27] <fujin> pupopet without DNS?
[2008/05/20 13:39:30] <fujin> that's a super idea
[2008/05/20 13:39:31] <fujin> I do it!
[2008/05/20 13:40:13] <a-priori> sounds like a pain in the ass to me
[2008/05/20 13:40:32] <gh_spk> well, i changed the hostname of the dns box, since it moved to a different location.. getting it back in sync with puppet is a no go
[2008/05/20 13:40:56] <gh_spk> yep :) .. bootstrapping process really, so that we can provision boxes in the field, instead of in the lab and then shipping them out
[2008/05/20 13:43:57] <fujin> I shifted to using puppet without DNS when the file{} corruption was happening
[2008/05/20 13:43:58] <a-priori> quick question: how do I get rid of the "executed successfully" message on execs? setting logoutput to false or on_failure aren't working.
[2008/05/20 13:45:13] <gh_spk> fujin: do i need any special settings in my puppet.conf ?
[2008/05/20 13:47:13] <fujin> server=puppet
[2008/05/20 13:47:38] <fujin> echo "x.x.x.x puppet" >> /etc/hosts
[2008/05/20 13:47:54] <fujin> or use a puppet host{} type to manage /etc/hosts
[2008/05/20 13:47:54] <fujin> that way you can manage it on all of your nodes ;)
[2008/05/20 13:49:36] @ \ask joined channel #puppet
[2008/05/20 13:53:39] @ rickbrad_ is now known as rickbradley
[2008/05/20 13:56:48] <gh_spk> woohoo! got it
[2008/05/20 13:57:43] <fujin> easy, no?
[2008/05/20 13:57:56] <fujin> using host{} makes it quite handy
[2008/05/20 13:58:04] <fujin> I prefer critical stuff like Puppet to be not reliant on DNS
[2008/05/20 13:58:09] <fujin> well, that's the only thing really
[2008/05/20 13:58:45] <gh_spk> heh, thought i had it.. it updated some stuff and when i run it again it runs, but finds no changes.. which is odd, cause i stopped services, so those should be turning on when i run puppet
[2008/05/20 13:59:09] <fujin> they have pattern => and hasstatus =>?
[2008/05/20 14:00:20] <gh_spk> no.. but i think its not matching the name with the node name
[2008/05/20 14:00:31] <fujin> s/node/process/
[2008/05/20 14:00:33] <fujin> service
[2008/05/20 14:00:37] @ Quit: notbrien:
[2008/05/20 14:00:40] * fujin is confused
[2008/05/20 14:00:43] <fujin> what is not happening?
[2008/05/20 14:04:17] <gh_spk> appears that my bind module isnt running..
[2008/05/20 14:04:23] <gh_spk> other modules work.. weird
[2008/05/20 14:04:38] <fujin> odd - you don't have pluginsource= specified, do you?
[2008/05/20 14:05:00] <fujin> & all of your source => lines contain "puppet:///mount/file"
[2008/05/20 14:05:50] <gh_spk> correct
[2008/05/20 14:05:58] <gh_spk> cause other files are just fine..
[2008/05/20 14:08:53] * gh_spk pokes himself in the eye
[2008/05/20 14:09:16] <gh_spk> help if i include the module in my manifest.. too little sleep strikes again
[2008/05/20 14:18:57] <gepetto> ::puppet:: Ticket #1233 (task created): Add Rspec tests for util/warnings.rb @ http://reductivelabs.com/trac/puppet/ticket/1233 (by paul@tertiusfamily.net)
[2008/05/20 14:28:55] <waawaamilk> heh
[2008/05/20 14:29:09] * waawaamilk is using puppet for the first time in real anger at work today
[2008/05/20 14:29:20] <waawaamilk> first thing to do? set up etc/hosts files on all boxes :p
[2008/05/20 14:29:24] * waawaamilk runs from fujin
[2008/05/20 14:36:16] <fujin> :D
[2008/05/20 14:36:22] <fujin> It's a good idea!
[2008/05/20 14:37:00] <waawaamilk> orly
[2008/05/20 14:37:10] <gh_spk> especially when you are building out your DNS infrastructure
[2008/05/20 14:37:26] <waawaamilk> admittedly it's because the servers don't actually have dns yet
[2008/05/20 14:37:34] <waawaamilk> but I doubt I'll be changing things
[2008/05/20 14:38:09] <waawaamilk> hmmm
[2008/05/20 14:38:11] @ getha joined channel #puppet
[2008/05/20 14:38:18] <waawaamilk> what does the 'host' type actually do
[2008/05/20 14:38:25] <fujin> manages /etc/hosts
[2008/05/20 14:38:27] <waawaamilk> It doesn't seem to competely replace the file?
[2008/05/20 14:38:30] <fujin> no
[2008/05/20 14:38:34] <fujin> ParsedFile provider
[2008/05/20 14:38:37] <waawaamilk> it just puts a header in at the start and lines at the end?
[2008/05/20 14:38:40] <fujin> reads it in and spits it out
[2008/05/20 14:38:49] <waawaamilk> hmm
[2008/05/20 14:39:03] <waawaamilk> I should probably remove the default content then
[2008/05/20 14:39:21] <waawaamilk> (except for the ipv6 default stuff that debian recommends)
[2008/05/20 14:42:35] @ Quit: thijso: Read error: 113 (No route to host)
[2008/05/20 14:43:29] @ Quit: Kindred: Read error: 104 (Connection reset by peer)
[2008/05/20 14:43:37] @ Kindred joined channel #puppet
[2008/05/20 14:43:39] <fujin> blagh, ipv6
[2008/05/20 14:43:42] @ Quit: Kindred: Read error: 113 (No route to host)
[2008/05/20 14:43:53] <fujin> hey waawaamilk you know anyone who'd be interested in a snr. systems engineer position at Maxnet?
[2008/05/20 14:46:55] @ andrewcshafer joined channel #puppet
[2008/05/20 14:47:02] <lak> Wakko666: you around?
[2008/05/20 14:48:38] @ Kindred joined channel #puppet
[2008/05/20 14:51:59] @ Quit: gh_spk: "Leaving."
[2008/05/20 14:52:01] <waawaamilk> fujin: that would involve us having a senior systems engineer ;)
[2008/05/20 14:52:08] <waawaamilk> is 'mode' octal?
[2008/05/20 14:52:11] <waawaamilk> for File
[2008/05/20 14:52:37] <a-priori> yes
[2008/05/20 14:52:39] <a-priori> like chmod
[2008/05/20 14:52:53] <waawaamilk> er, so 0 in front?
[2008/05/20 14:52:56] <waawaamilk> or not necessary?
[2008/05/20 14:52:59] <a-priori> no
[2008/05/20 14:53:07] <waawaamilk> k
[2008/05/20 14:56:23] @ Quit: jmeeuwen: Read error: 104 (Connection reset by peer)
[2008/05/20 14:56:40] @ jmeeuwen joined channel #puppet
[2008/05/20 14:59:02] <fujin> Anyone used Augeas?
[2008/05/20 14:59:14] @ Quit: \ask:
[2008/05/20 14:59:28] <fujin> is there a list of what lenses it ships with I wonder
[2008/05/20 15:10:41] @ Quit: lak:
[2008/05/20 15:16:56] @ Quit: machpo: Remote closed the connection
[2008/05/20 15:22:31] @ lak joined channel #puppet
[2008/05/20 15:22:58] @ Quit: lak: Client Quit
[2008/05/20 15:35:49] @ thegcat joined channel #puppet
[2008/05/20 15:42:18] @ Quit: huangmingyou: Remote closed the connection
[2008/05/20 15:45:30] @ huangmingyou joined channel #puppet
[2008/05/20 15:46:29] @ huangmingyou left channel #puppet ()
[2008/05/20 15:58:48] @ Quit: plathrop: Remote closed the connection
[2008/05/20 16:03:01] @ Quit: shake-n-bake_:
[2008/05/20 16:05:07] @ machpo joined channel #puppet
[2008/05/20 16:20:08] <nevyn> so if I have a file resource is there a way to say create any required directories in the path?
[2008/05/20 16:35:28] @ Joined channel #puppet
[2008/05/20 16:35:28] @ Topic is "0.24.4 is out: http://snurl.com/22lnx | Please see http://snurl.com/1udr1 for channel guidelines | See http://snurl.com/1udr3 and http://snurl.com/2901u about two SSL issues"
[2008/05/20 16:35:28] @ Topic set by lak on Fri May 16 03:17:25 +1000 2008
« Monday, 2008-05-19 Index Wednesday, 2008-05-21 »

Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!