Thursday, 2008-05-22

[2008/05/22 00:00:04] <ashp> Hmm, I haven't seen nginx
[2008/05/22 00:00:07] <ashp> I have some research to do!
[2008/05/22 00:00:22] <ashp> once i find out why the <virtualhost> statement in my template is making puppet explode
[2008/05/22 00:01:46] <ashp> (don't use source when you mean content, that's why)
[2008/05/22 00:01:52] <ashp> so what's nginx, just another tiny webserver?
[2008/05/22 00:04:21] @ Quit: jfluhmann: Remote closed the connection
[2008/05/22 00:05:19] @ shenson_not_here is now known as shenson
[2008/05/22 00:07:42] <duritong> ashp: http://nginx.net/
[2008/05/22 00:09:11] <ashp> I'm hoping that development on lighttpd picks up again as it seems to have slowed down
[2008/05/22 00:09:16] <ashp> and we desperately need alternatives to apache
[2008/05/22 00:09:40] @ ouba joined channel #puppet
[2008/05/22 00:09:53] <ouba> hello everybody
[2008/05/22 00:10:18] <duritong> ashp: the only disadvantage I had yet was that nginx couldn't do nested SSI which I had some sites with that
[2008/05/22 00:10:42] <ashp> most of the stuff I use is really straightforward configuration wise
[2008/05/22 00:10:51] <ashp> only our main site is horrendeous, and most of that goes away with the cms/rewrite going on
[2008/05/22 00:11:01] <duritong> I then simply told nginx to server these files by apache and let nginx act as a reverseproxy, but serving all images and plain textfiles as well
[2008/05/22 00:11:39] <duritong> so you can let blow nginx all the static content, and let apache do the dynamic stuff
[2008/05/22 00:11:44] <gepetto> ::puppet:: Ticket #1244 (defect created): User type RSpec tests fail as non-root @ http://reductivelabs.com/trac/puppet/ticket/1244 (by marcin@owsiany.pl)
[2008/05/22 00:17:16] @ kolla joined channel #puppet
[2008/05/22 00:21:50] <ashp> I struggle with my apache setup because
[2008/05/22 00:22:00] <ashp> so many different machines need apache and various extra bits
[2008/05/22 00:22:09] <ashp> it takes a lot of work to get a decent module
[2008/05/22 00:27:01] <ashp> I wonder if the pragmatic programmers ruby studio is any good
[2008/05/22 00:27:06] <ashp> my boss keeps bugging me about signing up for training
[2008/05/22 00:30:12] <gepetto> ::puppet:: Ticket #1245 (defect created): "Global resource removal is deprecated" makes tests fail @ http://reductivelabs.com/trac/puppet/ticket/1245 (by marcin@owsiany.pl)
[2008/05/22 00:31:54] @ porridge joined channel #puppet
[2008/05/22 00:32:20] @ jfluhmann joined channel #puppet
[2008/05/22 00:32:39] @ Quit: johnf: Read error: 110 (Connection timed out)
[2008/05/22 00:32:59] @ shake-n-bake joined channel #puppet
[2008/05/22 00:34:22] @ notbrien joined channel #puppet
[2008/05/22 00:34:29] @ Quit: jsgotangco: "This computer has gone to sleep"
[2008/05/22 00:35:05] @ brscott joined channel #puppet
[2008/05/22 00:35:41] @ brscott left channel #puppet ()
[2008/05/22 00:35:48] <gepetto> ::puppet:: Ticket #1246 (defect created): Puppet::Util::Storage test fails @ http://reductivelabs.com/trac/puppet/ticket/1246 (by marcin@owsiany.pl)
[2008/05/22 00:36:05] <ashp> One of you guys should do a week's 'ruby' or 'puppet' training so I can get my boss to give you a bunch of money
[2008/05/22 00:36:09] <ashp> we can hold the 'training' in a bar
[2008/05/22 00:36:25] <ashp> all you need is a company to bill my boss, it'll be great
[2008/05/22 00:37:09] @ thegcat joined channel #puppet
[2008/05/22 00:38:38] <DavidS> ashp: lak is doing a course soon, talk to him, or search the ML
[2008/05/22 00:38:56] <ashp> Yeah, it's not in boston sadly, and my wife is about to give birth so I can't travel.
[2008/05/22 00:39:06] <ashp> that's why I need someone local with a company, so we can drink the training budget. :)
[2008/05/22 00:39:37] * fsweetser quitely goes off to file the paperwork =)
[2008/05/22 00:39:55] <ashp> we can sit in the pub and discuss puppet, it's kind of like training
[2008/05/22 00:42:17] <gepetto> ::puppet:: Ticket #1247 (defect created): "undefined method `clear_cache' for Puppet::Indirector::Indirection:C... @ http://reductivelabs.com/trac/puppet/ticket/1247 (by marcin@owsiany.pl)
[2008/05/22 00:43:48] <DavidS> ashp: bad luck for the training, good luck for your wife && child!
[2008/05/22 00:44:23] <ashp> :) thanks!
[2008/05/22 00:44:40] <ashp> I really do need to arrange training or i'll lose the budget, I'm going to end up doing redhat training I don't want :/
[2008/05/22 00:45:27] <fsweetser> if you can't travel, SANS has some really good online training courses
[2008/05/22 00:46:28] <fsweetser> or stuff in boston: http://www.sans.org/boston08/
[2008/05/22 00:47:10] <ashp> Ahhh, I'll check that out
[2008/05/22 00:52:20] <fsweetser> lak: got a minute for a provider development question?
[2008/05/22 00:53:43] <ashp> http://github.com/apenney/puppet/tree/master/iclassify <-- I just pushed a ton of changes to this in case anyone is interested
[2008/05/22 00:53:56] <ashp> that sets up most things, but the apache stuff isn't finished/tested
[2008/05/22 00:57:57] <ouba> I'm facing a problem, I use debian stable etch, so I am sticked with puppet-0.20 ... It seems puppet 0.24 is not available via backports.org, but only on lenny (testing version) ...
[2008/05/22 00:58:21] <ouba> I would like to know on which versino you are running, and through what channel you installed it ...
[2008/05/22 00:58:28] <porridge> ouba: just install it, runs fine
[2008/05/22 00:58:43] @ martha joined channel #puppet
[2008/05/22 00:58:47] <porridge> ouba: copy to your local repository or directly dpkg -i it
[2008/05/22 00:58:49] <ashp> You could download it and manually push it to all clients for an upgrade via puppet itself, if all else fails
[2008/05/22 00:59:10] <ouba> I just wonder what is the most appropriate method
[2008/05/22 00:59:23] <ouba> as we try to have only packaged program on our OS
[2008/05/22 00:59:25] <porridge> ouba: whatever works for you best :)
[2008/05/22 00:59:50] <porridge> well, it's still packaged, isn't it?
[2008/05/22 00:59:59] <ouba> ?
[2008/05/22 01:00:08] <porridge> the lenny version
[2008/05/22 01:00:24] <porridge> it's a binary-all package so does not have any deps outside etch anyway
[2008/05/22 01:00:34] <ouba> yes, but what about dependency, etc ... if I get source .deb, I could generate a package for my etch ?
[2008/05/22 01:00:41] <ouba> ok
[2008/05/22 01:00:56] <ouba> so it should be the "right" way for me :)
[2008/05/22 01:00:59] <porridge> you could, but there would be no real gain, I think
[2008/05/22 01:01:21] <Volcane> hey porridge
[2008/05/22 01:01:30] <porridge> Volcane: hello
[2008/05/22 01:02:01] <ouba> and what about redhat ?
[2008/05/22 01:02:13] <ouba> we run as3 and as4
[2008/05/22 01:02:24] <Volcane> ouba: rhel4?
[2008/05/22 01:02:44] <ouba> yes rhel 3 as and rhel 4
[2008/05/22 01:02:56] <Volcane> http://yum.reductivelabs.com/rhel4/
[2008/05/22 01:03:00] <Volcane> there are rhel4 ones
[2008/05/22 01:03:20] <Volcane> doubt ruby was even avail for 3, so you might face quite a battle
[2008/05/22 01:03:42] <ouba> :(
[2008/05/22 01:03:51] <ouba> ok, thanks a lot everybody
[2008/05/22 01:04:18] <ouba> just a last question, if I correctly read the documentation, modules are not available before version 0.22 ?
[2008/05/22 01:04:31] <Volcane> think they came in 0.23?
[2008/05/22 01:04:35] <DavidS> ouba: yes
[2008/05/22 01:04:41] <ouba> ok ...
[2008/05/22 01:07:30] @ Quit: \|Innocenti\|: Client Quit
[2008/05/22 01:11:08] <ashp> Oh no, it's one of these days.
[2008/05/22 01:11:15] <ashp> I just wrote 'the project as a whore' instead of whole in an email
[2008/05/22 01:11:46] <DavidS> ashp: the universe doesn't support undo, yet
[2008/05/22 01:12:08] <Volcane> DavidS: if it did, surely someone at RIM would have undone their lovely domain http://rim.jobs yes :P
[2008/05/22 01:12:10] <ashp> ah well, these things can't be helped
[2008/05/22 01:13:17] <DavidS> ashp: yeah, in the best case everyone just has a good chuckle on you, no hurt there ...
[2008/05/22 01:13:56] <ashp> I should run the test suite that there's all these mails about
[2008/05/22 01:13:58] <ashp> and see if it fails for me
[2008/05/22 01:16:45] <gepetto> ::puppet:: Ticket #1248 (defect created): 20 tests fail without rails @ http://reductivelabs.com/trac/puppet/ticket/1248 (by marcin@owsiany.pl)
[2008/05/22 01:17:17] <ashp> If i can work out how to get git to download just a specific branch...
[2008/05/22 01:19:41] @ kolla_ joined channel #puppet
[2008/05/22 01:22:23] <ashp> Anyone used git to download 0.24.x from github?
[2008/05/22 01:22:42] <ashp> i'm baffled as to how to get it working
[2008/05/22 01:22:50] <ashp> if I do a clone of the repo it just gets master, and doesn't list other branches
[2008/05/22 01:23:11] <DavidS> ashp: try "git fetch 0.24.x"
[2008/05/22 01:23:29] @ Quit: lak:
[2008/05/22 01:24:48] <ashp> hmm, if I do that from inside puppet/ after cloning it
[2008/05/22 01:24:50] <ashp> it just fails
[2008/05/22 01:24:58] <ashp> apenney@hlslinutil02(puppet)$ git fetch 0.24.x
[2008/05/22 01:24:58] <ashp> fatal: '0.24.x': unable to chdir or not a git archive
[2008/05/22 01:25:04] <DavidS> oh
[2008/05/22 01:25:20] <ashp> I guess I have to add some kind of remote origin
[2008/05/22 01:25:31] <ashp> apenney@hlslinutil02(puppet)$ git branch
[2008/05/22 01:25:32] <ashp> * master
[2008/05/22 01:25:35] <ashp> It only lists that one branch
[2008/05/22 01:26:24] <ashp> I figure I don't want to run the tests on master/ as that's not so helpful :)
[2008/05/22 01:26:46] <DavidS> git branch -r?
[2008/05/22 01:26:55] @ Quit: mccune: Read error: 104 (Connection reset by peer)
[2008/05/22 01:27:23] <ashp> Aha, that's better
[2008/05/22 01:27:27] <ashp> maybe I can do a fetch -r
[2008/05/22 01:28:28] <DavidS> probably git-fetch remotes/origin/:origin/ or something
[2008/05/22 01:29:40] <ashp> it's very confusing, I think maybe I'm supposed to do a merge
[2008/05/22 01:34:21] @ Quit: kolla: Read error: 110 (Connection timed out)
[2008/05/22 01:35:04] <DavidS> you want to get the 0.24.x branch checked out to your working directory?
[2008/05/22 01:35:09] <ashp> yes
[2008/05/22 01:35:16] <ashp> I'm just trying to download 0.24.x files out of github
[2008/05/22 01:35:30] <ashp> i tried doing a checkout to origin/0.24.x
[2008/05/22 01:35:36] <ashp> i think that was right, but then my pull fails
[2008/05/22 01:36:57] <ashp> apenney@hlslinutil02(puppet)$ git pull origin 0.24.x
[2008/05/22 01:36:57] <ashp> Already up-to-date.
[2008/05/22 01:37:01] <ashp> maybe I already have those files somehow
[2008/05/22 01:38:08] <DavidS> ashp: which version of git are you using?
[2008/05/22 01:38:27] @ tim\|mb joined channel #puppet
[2008/05/22 01:38:42] <ashp> git version 1.5.3.6
[2008/05/22 01:39:25] <DavidS> pastie: url me for a demonstration how to get the 0.24.x branch
[2008/05/22 01:39:43] <pastie> http://pastie.org/200878 by DavidS.
[2008/05/22 01:40:04] <DavidS> ashp: ^^ that's how it works for me
[2008/05/22 01:40:23] <ashp> Aha, I didn't have the -b business
[2008/05/22 01:40:29] <ashp> now I have that, can I just do pull to actually update the files?
[2008/05/22 01:40:39] <DavidS> it creates a new branch for you locally, so you have a local handle on stuff
[2008/05/22 01:40:55] <ashp> I just need to trigger the actual files to download now, that's where I'm confused still
[2008/05/22 01:41:04] <ashp> because changing the branch didn't seem to go changing a bunch of local files
[2008/05/22 01:41:05] @ dysinger joined channel #puppet
[2008/05/22 01:41:14] <DavidS> you can check with "git log -n 1" what you have checked out right now
[2008/05/22 01:41:27] <DavidS> ashp: git is damn fast ;)
[2008/05/22 01:41:37] <ashp> oh, maybe it's just so fast
[2008/05/22 01:41:43] <ashp> that i didn't realise it had done it!
[2008/05/22 01:41:46] <DavidS> for maximal paranoia check the fingerprint against github
[2008/05/22 01:41:53] <ashp> that's the issue, I had got it working, because the commit log is right
[2008/05/22 01:41:55] <DavidS> :))
[2008/05/22 01:41:58] <ashp> it just operated faster than expected
[2008/05/22 01:42:05] @ Quit: f--z: "KVIrc 3.2.5 Anomalies http://www.kvirc.net/"
[2008/05/22 01:42:07] <ashp> I expected that to take like a minute
[2008/05/22 01:42:07] <DavidS> :)))
[2008/05/22 01:42:15] <ashp> very nice :)
[2008/05/22 01:42:34] <ashp> time to run the tests and see what I get
[2008/05/22 01:43:17] <ashp> rhn is broken today so I can't download mod_ssl, so I'm wasting time until the load drops (thanks to rhel 5.2)
[2008/05/22 01:44:25] <dysinger> Did puppet move to github ?
[2008/05/22 01:45:24] <DavidS> dysinger: lak moved his "private" development repo there in the hope to get increased visibility on what he's doing and more contributions
[2008/05/22 01:45:59] <dysinger> heh moving it to github will make it not so private :)
[2008/05/22 01:46:16] <ashp> Create a package at /home/luke/rpm/RPMS/noarch/enhost-1.0.1-1.noarch.rpm for testing
[2008/05/22 01:46:23] <dysinger> So is the baseline at github or still at rl ?
[2008/05/22 01:46:24] <ashp> hardcoding your home directory into tests is very naughty
[2008/05/22 01:47:30] @ Quit: tim\|macbook: Read error: 110 (Connection timed out)
[2008/05/22 01:47:37] <DavidS> dysinger: the "released" stuff is still on rl, but with git, it'S always "just a clone" anyways ...
[2008/05/22 01:47:38] <DavidS> ashp: indeed
[2008/05/22 01:47:49] <dysinger> yes
[2008/05/22 01:47:59] <dysinger> but you can pull from many locations
[2008/05/22 01:47:59] <ashp> 832 tests, 9594 assertions, 5 failures, 11 errors
[2008/05/22 01:48:00] <ashp> rake aborted!
[2008/05/22 01:48:06] <ashp> Ouch, it aborted, that's never really a good sign.
[2008/05/22 01:48:07] <dysinger> I am pulling from rl right now
[2008/05/22 01:48:38] <dysinger> so your active development is what I am asking - did it move to github ? Should I pull from there as a primary ?
[2008/05/22 01:49:39] <DavidS> dysinger: you have to talk to either lak or jamesturnbull for definitive answers
[2008/05/22 01:49:47] * DavidS is confused now
[2008/05/22 01:49:48] <gepetto> ::puppet:: Ticket #1249 (defect created): Hardcoded path in tests. @ http://reductivelabs.com/trac/puppet/ticket/1249
[2008/05/22 01:50:02] <DavidS> dysinger: but search the ml archive first for github ..
[2008/05/22 01:50:07] <DavidS> i remeber a mail about that topic
[2008/05/22 01:50:20] <dysinger> k
[2008/05/22 01:52:11] @ gileswork joined channel #puppet
[2008/05/22 01:59:40] @ Quit: andyhold: Remote closed the connection
[2008/05/22 02:07:21] <thegcat> anyone has a pythonversion facter?
[2008/05/22 02:07:56] <benp-> lak mentioned in here the other day that he'd consider moving puppet to github after trying it out for a few months, so im pretty sure it hasnt moved
[2008/05/22 02:15:29] @ Quit: exodos: "leaving"
[2008/05/22 02:16:43] <benp-> thegcat: `python -V 2>&1`.split(" ")[1]
[2008/05/22 02:17:11] <thegcat> thx
[2008/05/22 02:20:51] <jbooth> Ugh. Mongrel + 8 puppetmaster servers still = 120 sec configuration compiles. Guess I need to take my scaling further.
[2008/05/22 02:21:08] <ashp> notice: //Node[default]/iclassify/iclassify::install/Package[mysql-server]/ensure: ensure changed '5.0.45-6.el5' to '5.0.45-7.el5'
[2008/05/22 02:21:08] <benp-> whoa, how many nodes are you deal with?
[2008/05/22 02:21:19] <ashp> Someone complained that ensure => latest, was broken the other day, but it works ok for me.
[2008/05/22 02:21:23] <ashp> jbooth: jesus christ :(
[2008/05/22 02:21:27] <jbooth> benp-: I'm rebooting ~128 at a time right now
[2008/05/22 02:22:04] <benp-> ing
[2008/05/22 02:24:38] <benp-> thats a few
[2008/05/22 02:25:15] <thegcat> benp-: doesn't seem to work for some reason
[2008/05/22 02:25:35] <benp-> it shouldn't.. you'll need more code than that
[2008/05/22 02:26:50] <thegcat> tried it with ruby -e , if I read the manpage correctly, it should execute the code snippet
[2008/05/22 02:27:17] <benp-> it worked in irb..
[2008/05/22 02:27:49] <DavidS> jbooth: which version are you using? storeconfigs? database?
[2008/05/22 02:28:38] <jbooth> DavidS: puppet-0.24.4-1.fc8
[2008/05/22 02:28:38] <benp-> thegcat: ruby -e 'p `python -V 2>&1`.split(" ")[1]'
[2008/05/22 02:28:39] <thegcat> benp-: odd..
[2008/05/22 02:28:39] <thegcat> does here too
[2008/05/22 02:28:54] <jbooth> DavidS: I'm using flatfiles backing it, I'm not sure about the answer to the storeconfigs or db part?
[2008/05/22 02:29:22] <thegcat> benp-: thanks again :-)
[2008/05/22 02:29:29] <DavidS> jbooth: if you don't know what storeconfigs is, you don't use it :)
[2008/05/22 02:29:39] <ouba> tcho everybody !
[2008/05/22 02:29:43] @ Quit: ouba: "Quitte"
[2008/05/22 02:29:44] <DavidS> how big is your manifest?
[2008/05/22 02:30:08] <benp-> thegcat: you may want to also test if a python binary exists
[2008/05/22 02:31:24] <thegcat> benp-: I was going to say I install python in my puppet stuff, but that won't help with the first run
[2008/05/22 02:31:57] @ Quit: shake-n-bake: Read error: 110 (Connection timed out)
[2008/05/22 02:33:08] <jbooth> DavidS: Uhh, not that big? Only ~600 lines
[2008/05/22 02:33:27] <benp-> how many nodes do you have total jbooth?
[2008/05/22 02:33:29] <jbooth> DavidS: I do do a fair amount of file{} copies though off the puppet server.
[2008/05/22 02:33:40] <jbooth> benp-: 768. And yes I plan on rebooting them all at one time eventually.
[2008/05/22 02:34:20] <DavidS> jbooth: you could add splay (see wiki:ConfigurationReference) to ease the initial load
[2008/05/22 02:34:28] <gepetto> DavidS: jbooth: wiki:ConfigurationReference is http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference
[2008/05/22 02:35:31] <ashp> I wonder if the new rest stuff will help you
[2008/05/22 02:35:51] <ashp> jbooth: You should see if you can run head for some testing, as lak's work is apparently meant to speed up file{} stuff
[2008/05/22 02:36:26] <jbooth> DavidS: it might. Probably an answer I should split off the config and file serving in the optimization stuff, as well as just spawning more servers.
[2008/05/22 02:37:20] <DavidS> jbooth: for transferring big amounts of files (especially recursivly, rsync is much better suited
[2008/05/22 02:37:49] <ashp> Yeah, it's pretty easy to just run some exec {rsync}'s for large copying
[2008/05/22 02:38:01] <ashp> I try to bundle all binary files into rpms where I can and use straight http for those
[2008/05/22 02:38:15] <jbooth> That doesn't work so well since they are mostly configuration files.
[2008/05/22 02:38:23] <ashp> ahhh ok
[2008/05/22 02:38:26] <jbooth> And RPM gets cranky when I try to overwrite openssh's /etc/ssh/...
[2008/05/22 02:38:27] <ashp> then the REST stuff is going to help a lot
[2008/05/22 02:38:51] <jbooth> I suppose I could make everything require ssh so that rsync, ssh, or other file transfer methods are available.
[2008/05/22 02:39:54] <DavidS> jbooth: if you have no hard requirement of configuring-on-boot, add splay to your default puppet.conf
[2008/05/22 02:40:09] <DavidS> also, you might want to look into puppetrun, to avoid having reboot all nodes at once
[2008/05/22 02:40:17] @ Quit: dysinger:
[2008/05/22 02:41:23] @ Quit: DerekW: "Leaving"
[2008/05/22 02:41:34] @ pleemans joined channel #puppet
[2008/05/22 02:42:52] @ dysinger joined channel #puppet
[2008/05/22 02:44:22] @ shake-n-bake_ joined channel #puppet
[2008/05/22 02:50:11] @ Quit: jvanzyl:
[2008/05/22 02:51:49] <jbooth> DavidS: about to idle, but making nodes all puppet is easy: pdsh -w "node spec" service puppet start. The hard part is not having them beat the server into the ground!
[2008/05/22 02:52:31] <jbooth> DavidS: Splay would be good, but how long does it sleep for? I mean, making it work for 32 nodes won't strictly make it work for 768 nodes. My config runs take ~30 sec on an otherwise un-loaded server.
[2008/05/22 02:52:51] <jbooth> Serailizing that wouldn't be a tenable solution
[2008/05/22 02:56:26] @ Quit: sparanjape: "For Sale: Parachute. Only used once, never opened, small stain."
[2008/05/22 02:57:57] <DavidS> jbooth: if you have only one CPU, you'll need 6.4 hours to compile all nodes ...
[2008/05/22 03:16:44] <ashp> Hm, my notify => Service['mysqld'] doesn't work, I wonder why
[2008/05/22 03:16:56] @ shenson is now known as shenson_not_here
[2008/05/22 03:17:02] <ashp> I put that into the package{} thinking it should ensure it's started, but something is wrong
[2008/05/22 03:17:43] <ashp> that should be supported right, notifying in a package{} to the service{} to start it up?
[2008/05/22 03:18:06] @ Quit: Wakko666: "Leaving."
[2008/05/22 03:19:08] @ shenson_not_here is now known as shenson
[2008/05/22 03:19:16] @ plathrop joined channel #puppet
[2008/05/22 03:19:27] @ Quit: plathrop: Remote closed the connection
[2008/05/22 03:19:54] @ plathrop joined channel #puppet
[2008/05/22 03:20:42] @ Wakko666 joined channel #puppet
[2008/05/22 03:21:22] @ Quit: Wakko666: Remote closed the connection
[2008/05/22 03:24:53] <ashp> Hmm, I can use arrays with notify right?
[2008/05/22 03:24:56] <ashp> notify => [ Exec['mysql-password'], Service['mysqld'] ],
[2008/05/22 03:30:45] <benp-> yes
[2008/05/22 03:30:53] <ashp> I wonder why it doesn't work then, rats.
[2008/05/22 03:31:07] <ashp> I'll try with debug, I can't figure this one out
[2008/05/22 03:32:25] @ shake-n-bake__ joined channel #puppet
[2008/05/22 03:32:58] @ Quit: shake-n-bake_: Read error: 110 (Connection timed out)
[2008/05/22 03:40:46] <DavidS> ashp: service{something: ensure => running, enable => true }
[2008/05/22 03:41:12] <DavidS> notify => Service only restarts the service if the notifying resource has changed
[2008/05/22 03:41:39] <DavidS> (and of course takes care that the service is only managed after the notifying resource)
[2008/05/22 03:43:38] <ashp> ahh
[2008/05/22 03:43:44] <ashp> it might be the enable => true i need
[2008/05/22 03:43:51] @ bradly joined channel #puppet
[2008/05/22 03:44:00] <ashp> The idea was that on first install mysql would start up and set a password
[2008/05/22 03:45:16] <ashp> oh never mind, svn sabotaged me
[2008/05/22 03:47:57] <ashp> i am going to drink this coffee before tackling this, as something is wrong and it's probably me
[2008/05/22 03:50:17] <DavidS> ashp: ...
[2008/05/22 03:50:23] <ashp> http://pastebin.com/d29733e14
[2008/05/22 03:50:28] <ashp> can anyone see anything obviously wrong there?
[2008/05/22 03:50:39] <ashp> Because it says service['mysqld'] can't be found, but it exists
[2008/05/22 03:51:52] <tim\|mb> short password
[2008/05/22 03:51:57] <ashp> ;)
[2008/05/22 03:51:58] <tim\|mb> but nothing wrong that i can see
[2008/05/22 03:52:06] <ashp> oh god i missed removing one
[2008/05/22 03:52:10] <ashp> i knew i'd bugger that up, oh well
[2008/05/22 03:52:19] @ ricky__ joined channel #puppet
[2008/05/22 03:52:23] <tim\|mb> only thing that i can think of is that it's not really including the service
[2008/05/22 03:52:23] @ Quit: ricky__: Remote closed the connection
[2008/05/22 03:53:02] <ashp> I wondered if I should make the service into a virtual as well
[2008/05/22 03:53:05] <ashp> but that seems unrequired
[2008/05/22 03:53:12] <ashp> it should be able to handle that just fine
[2008/05/22 03:53:59] <ashp> I just don't know why it would think the service{} doesn't exist, other than that service isn't in the iclassify module
[2008/05/22 03:54:33] <ashp> iclassify::mysql includes mysql, so there shouldn't be any reason for it to not exist at that point
[2008/05/22 03:54:49] <DavidS> perhaps there is something else broken and puppetmaster doesn'T reload?
[2008/05/22 03:55:08] <ashp> May 21 13:46:56 hlslinutil02 puppetmasterd[24060]: Compiled configuration for hlsbuild01.law.harvard.edu in 0.83 seconds
[2008/05/22 03:55:12] <ashp> Seems happy :/
[2008/05/22 03:56:07] <DavidS> indeed
[2008/05/22 03:56:54] <ashp> I'm kind of at a loss as to why it's unhappy
[2008/05/22 03:57:26] <ashp> I had the require on package['mysql-server'] at first
[2008/05/22 03:57:29] <ashp> but that didn't ensure it was running
[2008/05/22 04:04:51] <ashp> hmm, adding include mysql::service into iclassify::mysql
[2008/05/22 04:04:52] <ashp> fixed it
[2008/05/22 04:04:59] <ashp> I had include mysql, which in turn had include mysql::service
[2008/05/22 04:05:04] <ashp> so it didn't follow the chain down for some reason
[2008/05/22 04:05:17] @ Quit: bradly:
[2008/05/22 04:06:57] <thegcat> in facts code, does it make a difference putting some internal logic between the setcode do ... end bit or outside?
[2008/05/22 04:08:43] @ stahnma joined channel #puppet
[2008/05/22 04:12:36] @ Quit: tim\|mb: "This computer has gone to sleep"
[2008/05/22 04:16:37] <ashp> Argh, now I included mysql::service it doesn't try to install the package mysql-server anymore
[2008/05/22 04:17:02] <ashp> I am in a maze of twisty manifests, none alike.
[2008/05/22 04:17:33] <gepetto> ::puppet:: Recipes/Python Version edited by thegcat @ http://reductivelabs.com/trac/puppet/wiki/Recipes/PythonVersion (by felix.schaefer@tu-dortmund.de)
[2008/05/22 04:26:03] <jbooth> DavidS: That's wallclock, not cpu time on the server. I'm not sure I can measure cpu time of puppetmaster down to that accuracy easily.
[2008/05/22 04:27:05] <DavidS> since puppetmaster is quite singlethreaded, wallclock time == cpu time for compiling, mostly
[2008/05/22 04:27:38] <jbooth> DavidS: Not when I'm measuring wallclock on the node.
[2008/05/22 04:28:15] <jbooth> DavidS: particularly when the node does yum install/update which takes /forever/ a bunch of times.
[2008/05/22 04:28:38] <ashp> yum is such a hog
[2008/05/22 04:28:44] <ashp> it's the worst piece of software
[2008/05/22 04:29:38] <DavidS> jbooth: the interesting thing is the "notice: Compiled configuration for ... in 20.15 seconds"
[2008/05/22 04:29:43] <DavidS> on the puppetmaster
[2008/05/22 04:30:39] <DavidS> yum on the node is irrelevant to scaling the puppetmaster ...
[2008/05/22 04:31:56] @ a-priori__ is now known as a-priori
[2008/05/22 04:32:45] <jbooth> DavidS: Oh, my compiled configs only takes ~1 sec or less if it is one node. The 20-30 seconds is for the config to actually apply.
[2008/05/22 04:33:10] <jbooth> Sorry, I wasn't clear in my english before. :-P
[2008/05/22 04:33:17] @ Quit: mikepea: Read error: 104 (Connection reset by peer)
[2008/05/22 04:33:47] @ mikepea joined channel #puppet
[2008/05/22 04:34:05] <jbooth> Wonder if there's a way to optimize that... I mean, the nodes are all identical except for MAC addys.
[2008/05/22 04:35:19] <Volcane> why's the run time on the node a big concern?
[2008/05/22 04:35:27] @ shake-n-bake joined channel #puppet
[2008/05/22 04:35:35] <Volcane> 20 seconds seams very reasonably
[2008/05/22 04:36:13] <jbooth> It isn't, it was mostly as a comment that even the splay parameter won't actually solve my problem.
[2008/05/22 04:36:21] <Volcane> oh ok
[2008/05/22 04:36:52] <Volcane> sorry, i shouldnt but in half way without reading the history, but theres a lot to read in this conversation hehe
[2008/05/22 04:38:29] <jbooth> Yeah. Well I idled for an hour and a half for a meeting, it doesn't help I'm sure.
[2008/05/22 04:40:23] <Volcane> ah, i just remmber before i came to the datacenter you discussed it and now while logging in at the dc i noticed you're still at it, fgured theres a hour of back reading :)
[2008/05/22 04:40:48] <jbooth> My site tends to break things... Apple's NFS, Xsan, process limits on OS X, torque/moab...
[2008/05/22 04:41:52] <Volcane> hehe
[2008/05/22 04:42:34] @ Quit: shake-n-bake__: Read error: 110 (Connection timed out)
[2008/05/22 04:46:49] <jbooth> Also, yum for puppet wouldn't be so bad if it was called /once/
[2008/05/22 04:47:03] <jbooth> This call it each time for each package is the problem (for me)
[2008/05/22 04:49:59] <ashp> I guess what we need is a smarter yum provider
[2008/05/22 04:50:06] <ashp> that's capable of building all the requests into one yum call
[2008/05/22 04:50:13] <ashp> or at least fewer runs
[2008/05/22 04:50:23] @ Quit: mikepea: Read error: 110 (Connection timed out)
[2008/05/22 04:50:46] @ Londo_ joined channel #puppet
[2008/05/22 04:52:44] <DavidS> jbooth: ah, so your problem is really fileserving, not compiling? this can probably be helped with additional puppetmasters until your server fills up with I/O
[2008/05/22 04:53:11] <DavidS> or, as suggested use rsync instead of the puppet://
[2008/05/22 04:53:55] <DavidS> if you need to distribute the files throughout the node, you can rsync or git-pull or NFS-mount a storage area and copy locally with puppet
[2008/05/22 04:54:13] <DavidS> i.e. source => '/srv/repos/.../...'
[2008/05/22 04:55:22] @ Quit: kolla_: Remote closed the connection
[2008/05/22 04:58:00] @ stahnma left channel #puppet ("Time for something else....")
[2008/05/22 05:01:33] @ Quit: Londo_:
[2008/05/22 05:13:31] @ Quit: kenvandine: "Ex-Chat"
[2008/05/22 05:14:03] @ [newbie] joined channel #puppet
[2008/05/22 05:24:35] @ shenson is now known as shenson_not_here
[2008/05/22 05:26:25] @ shenson_not_here is now known as shenson
[2008/05/22 05:26:41] @ madheadroom joined channel #puppet
[2008/05/22 05:27:10] <madheadroom> hi
[2008/05/22 05:27:36] <ashp> I was so close to having iclassify work :)
[2008/05/22 05:28:50] <madheadroom> Can anybody say, if puppet support user home creation?
[2008/05/22 05:31:02] <plathrop> ashp: How long has it taken you at this point? Couple days?
[2008/05/22 05:31:09] <plathrop> madheadroom: Depends on your platform.
[2008/05/22 05:31:39] <madheadroom> puppet on debian
[2008/05/22 05:31:41] <plathrop> madheadroom: Take a look at http://reductivelabs.com/trac/puppet/wiki/TypeReference#id199
[2008/05/22 05:31:47] @ shadoi joined channel #puppet
[2008/05/22 05:31:52] <plathrop> madheadroom: You should be able to manage homes on Debian, yes
[2008/05/22 05:33:17] @ [newbie] is now known as f--z
[2008/05/22 05:34:23] @ happymcplaksin joined channel #puppet
[2008/05/22 05:35:15] <madheadroom> thanks thats super
[2008/05/22 05:35:32] @ Quit: happymcplaksin: Remote closed the connection
[2008/05/22 05:38:07] @ Quit: f--z: "KVIrc 3.2.5 Anomalies http://www.kvirc.net/"
[2008/05/22 05:38:21] @ Wakko666 joined channel #puppet
[2008/05/22 05:40:09] @ thegcat_ joined channel #puppet
[2008/05/22 05:40:13] @ Quit: lutter_gone: "Leaving."
[2008/05/22 05:40:20] <ashp> plathrop: At least a few days
[2008/05/22 05:40:26] <ashp> plathrop: I suspect someone less stupid would have been done in an hour
[2008/05/22 05:40:27] @ mikepea joined channel #puppet
[2008/05/22 05:40:41] <ashp> It's just all the various dependencies and little files that need templating and tweaking that seem to take forever
[2008/05/22 05:41:05] <plathrop> ashp: I doubt you qualify as "stupid" - it strikes me as being non-trivial to set up.
[2008/05/22 05:41:13] <ashp> that and constant testing of all the dependences, and making sure they install in order
[2008/05/22 05:41:19] <ashp> oh, I've done and found some REALLY stupid things while doing this!
[2008/05/22 05:41:31] @ lutter joined channel #puppet
[2008/05/22 05:42:40] <ashp> next comes the terrifying bit
[2008/05/22 05:42:46] @ jvanzyl joined channel #puppet
[2008/05/22 05:42:47] <ashp> when I wipe the box and install from scratch
[2008/05/22 05:42:58] <ashp> and it exposes all my dependence flaws
[2008/05/22 05:43:22] <ashp> notice: //Node[default]/iclassifyserver/iclassify/iclassify::solr/File[/etc/sv/iclassify-solr/run]/mode: mode changed '755' to '644'
[2008/05/22 05:43:28] <ashp> root@hlslinutil02(manifests)$ grep 644 *
[2008/05/22 05:43:28] <ashp> root@hlslinutil02(manifests)$
[2008/05/22 05:43:38] <ashp> It's supposed to change it TO 755, not FROM. :/
[2008/05/22 05:44:15] <ashp> oh, I didn't have a mode at all, it really should leave files alone unless asked to change the modes.
[2008/05/22 05:45:26] <madheadroom> another question: what does "]/service=nagios-nrpe-server/ensure) ensure changed 'stopped' to 'running'" means?
[2008/05/22 05:45:50] <ashp> It means it started nagios-nrpe-server
[2008/05/22 05:45:56] <ashp> sometimes the service is already running
[2008/05/22 05:46:03] <ashp> and so it's just kind of updating itself I think
[2008/05/22 05:46:09] <ashp> like it's like 'hey it's not stopped, it's running and I'm dumb'
[2008/05/22 05:47:20] @ Quit: dysinger:
[2008/05/22 05:47:24] <madheadroom> thats looks not so sexy
[2008/05/22 05:47:31] <madheadroom> May 21 20:05:38 syslog puppetd[4756]: Starting configuration run
[2008/05/22 05:47:32] <madheadroom> May 21 20:05:43 syslog nrpe[12191]: Starting up daemon
[2008/05/22 05:47:34] <madheadroom> May 21 20:05:43 syslog nrpe[12191]: There's already an NRPE server running (PID
[2008/05/22 05:47:36] <madheadroom> 5014). Bailing out...
[2008/05/22 05:47:38] <madheadroom> May 21 20:05:43 syslog puppetd[4756]: (Class[main]/Node[countryboxen]/Class[nagi
[2008/05/22 05:47:40] <madheadroom> os]/service=nagios-nrpe-server/ensure) ensure changed 'stopped' to 'running'
[2008/05/22 05:47:53] <madheadroom> an these Messages every config run....
[2008/05/22 05:49:19] <madheadroom> I had setup a similar services with ssh and there are no messages
[2008/05/22 05:49:31] @ spheromak joined channel #puppet
[2008/05/22 05:51:18] @ Quit: thegcat: Read error: 113 (No route to host)
[2008/05/22 05:52:55] <plathrop> madheadroom: It's possible your startup script doesn't respond to status, AND the script name doesn't match the process name
[2008/05/22 05:55:12] <DavidS> ashp: you have to set hasstatus or pattern on the service, so puppet can detect whether the service is running
[2008/05/22 05:55:16] <DavidS> bye!
[2008/05/22 05:56:04] <ashp> Argh I am constantly running into the inability to do a custom check on a file{} statement
[2008/05/22 05:56:05] <DavidS> ashp: you use puppet, so you're smart and you're haven't given up yet, so you're not lazy either
[2008/05/22 05:56:17] <ashp> I don't have anything I can require => against to fix the dependencies
[2008/05/22 05:56:17] @ Quit: DavidS: "Leaving."
[2008/05/22 05:56:23] <madheadroom> plathrop: the initscript has no status
[2008/05/22 05:56:24] <ashp> as the command to install iclassify will only run once, ever
[2008/05/22 05:56:29] <ashp> so I can't require against it :/
[2008/05/22 05:57:25] @ kenvandine joined channel #puppet
[2008/05/22 05:57:35] @ Quit: jvanzyl:
[2008/05/22 05:58:11] @ Quit: kenvandine: Remote closed the connection
[2008/05/22 06:01:50] <plathrop> madheadroom: Check out the "pattern" parameter, it will help
[2008/05/22 06:03:03] @ kenvandine joined channel #puppet
[2008/05/22 06:03:05] <madheadroom> plathrop: thanks
[2008/05/22 06:05:11] <Volcane> argargarg not picking up new node files are driving me batty
[2008/05/22 06:05:51] <madheadroom> plathrop: syslog puppetd[14131]: Class user does not accept argument(s) managehome in file /etc/puppet/manifests/classes/user.pp at line 8
[2008/05/22 06:06:50] <madheadroom> plathrop: forget it, puppetd is 0.20.1
[2008/05/22 06:08:01] <madheadroom> thanks for all
[2008/05/22 06:08:10] @ Quit: madheadroom: "WeeChat 0.2.6"
[2008/05/22 06:09:13] @ Quit: jfluhmann: Remote closed the connection
[2008/05/22 06:16:20] <ashp> Now solr is being a pain :(
[2008/05/22 06:17:14] @ jfluhmann joined channel #puppet
[2008/05/22 06:27:09] @ Quit: pleemans: "Ex-Chat"
[2008/05/22 06:27:14] @ randybias joined channel #puppet
[2008/05/22 06:28:23] <plathrop> wiki:DeveloperRepositories
[2008/05/22 06:28:25] <gepetto> plathrop: wiki: wiki:DeveloperRepositories is http://reductivelabs.com/trac/puppet/wiki/DeveloperRepositories
[2008/05/22 06:28:33] <plathrop> Thanks, gepetto!
[2008/05/22 06:30:16] @ Quit: Zothar_Work: "ChatZilla 0.9.82.1 [Firefox 2.0.0.14/2008040414]"
[2008/05/22 06:42:54] @ jvanzyl joined channel #puppet
[2008/05/22 06:47:20] @ Quit: porridge: "zzz"
[2008/05/22 06:54:03] <ashp> it's embarrassing how much of puppet failed when ran on a clean install
[2008/05/22 06:54:34] <ashp> thanks to rhn :)
[2008/05/22 06:56:04] <hacim> how do I get warning("blah") to be displayed? it doesn't show up on the puppetmaster, or on the client when the manifest is run
[2008/05/22 06:59:41] <plathrop> Man, Right after I pay for my GitHub account, it goes down :-(
[2008/05/22 06:59:53] <plathrop> hacim: I think it shows up in the "logs" of the puppetmaster
[2008/05/22 07:01:26] @ a-priori_ joined channel #puppet
[2008/05/22 07:07:40] @ a-priori__ joined channel #puppet
[2008/05/22 07:11:41] @ Quit: kenvandine: "Ex-Chat"
[2008/05/22 07:17:51] @ nigelk joined channel #puppet
[2008/05/22 07:18:24] <nigelk> shadoi: if you see lak....
[2008/05/22 07:18:39] <nigelk> the trac@reductivelabs.com address has had it's status reset
[2008/05/22 07:18:49] <nigelk> the problem is apparently it sending them too fast.
[2008/05/22 07:18:58] <nigelk> finding out what the limit should be, will update on that when I find out
[2008/05/22 07:19:04] <nigelk> (this is re the google groups issue btw)
[2008/05/22 07:19:35] @ n5red-0 joined channel #puppet
[2008/05/22 07:20:19] @ shenson is now known as shenson_not_here
[2008/05/22 07:22:21] @ Quit: notbrien:
[2008/05/22 07:22:42] @ Quit: a-priori: Read error: 113 (No route to host)
[2008/05/22 07:25:03] @ Quit: a-priori_: Read error: 110 (Connection timed out)
[2008/05/22 07:25:06] @ cote joined channel #puppet
[2008/05/22 07:26:50] @ Quit: kambiz: "Leaving"
[2008/05/22 07:30:38] @ a-priori joined channel #puppet
[2008/05/22 07:32:55] @ fbe joined channel #puppet
[2008/05/22 07:37:52] @ Quit: fbe: Remote closed the connection
[2008/05/22 07:43:25] @ Quit: mikepea:
[2008/05/22 07:44:40] @ sigmonsays joined channel #puppet
[2008/05/22 07:44:44] <sigmonsays> So..
[2008/05/22 07:45:10] <sigmonsays> What's the syntax to override a already defined resource?
[2008/05/22 07:45:20] <sigmonsays> i'm hoping to accomplish this using a include
[2008/05/22 07:46:28] @ Quit: a-priori__: Read error: 110 (Connection timed out)
[2008/05/22 07:47:53] <n5red-0> As a total beginner with Puppet, I have a quick architectural question.
[2008/05/22 07:48:02] <sigmonsays> n5red-0, shoot
[2008/05/22 07:48:22] <n5red-0> I have a bunch of systems that I would like to manage with Puppet that are on a private subnet
[2008/05/22 07:48:24] <sigmonsays> I will try.. i'm someone beyond neb
[2008/05/22 07:48:26] <sigmonsays> newb*
[2008/05/22 07:49:01] <n5red-0> there are only a couple of system that I have direct access to from my desk or where I would like to manage them from
[2008/05/22 07:49:12] <fujin> sigmonsays: you cannot override a resource using include, you have to inherit a baseclas and override it in the new class
[2008/05/22 07:49:14] <n5red-0> Is there a simple way to proxy?
[2008/05/22 07:49:26] <sigmonsays> fujin, so I just discovered
[2008/05/22 07:49:51] <fujin> the syntax is Type[name] { param => value\|undef }
[2008/05/22 07:49:53] <n5red-0> It's a compute cluster
[2008/05/22 07:50:02] <sigmonsays> fujin, I got it.
[2008/05/22 07:50:04] <sigmonsays> thx
[2008/05/22 07:50:06] <fujin> n5red-0: It's HTTPS
[2008/05/22 07:50:41] <fujin> Having to proxy your management implies bad network architecture, imho
[2008/05/22 07:50:54] <fujin> draw a picture of your network
[2008/05/22 07:51:02] <fujin> You can probably do it without a proxy quite happily
[2008/05/22 07:51:35] @ mikepea joined channel #puppet
[2008/05/22 07:51:36] <fujin> :>
[2008/05/22 07:51:54] <n5red-0> No, I can't. The compute nodes are on a seperate internal network that doesn't extend past the racks
[2008/05/22 07:52:21] <sigmonsays> no router n5red-0 ?
[2008/05/22 07:52:49] <n5red-0> No, not allowed. Just the login node and a file transfeer node are visible outside
[2008/05/22 07:53:10] <sigmonsays> puppetd (the client) uses https outbound connections to a programed puppetmasterd
[2008/05/22 07:53:47] <fujin> So how did you manage these nodes before?
[2008/05/22 07:53:57] <fujin> take a laptop to the rack, plug it into the dumbswitch?
[2008/05/22 07:54:05] <n5red-0> I've never set up a web proxy, but I was planning on setting up a caching server to access the yum repositories.
[2008/05/22 07:54:19] <n5red-0> Nodes haven't been powered up yet.
[2008/05/22 07:54:29] @ a-priori_ joined channel #puppet
[2008/05/22 07:54:38] <n5red-0> Still waiting for facilities to give us power drops.
[2008/05/22 07:54:49] <fujin> cool - sounds like you're in the perfect position to redesign your network
[2008/05/22 07:55:18] <n5red-0> Not really. I have very limited control over the campus network
[2008/05/22 07:55:28] <fujin> on another semirelated matter, how do you plan to monitor and trend these nodes?
[2008/05/22 07:55:40] <sigmonsays> fujin, puppetd can't live on your login node or file transfer node?
[2008/05/22 07:55:44] <n5red-0> Good question. What do you recommend?
[2008/05/22 07:55:50] <fujin> A network redesign
[2008/05/22 07:55:52] <fujin> <G>
[2008/05/22 07:55:53] <sigmonsays> recommend?
[2008/05/22 07:55:58] <sigmonsays> heh ^^^^
[2008/05/22 07:56:24] <fujin> sorry - all joking aside
[2008/05/22 07:56:26] <n5red-0> I could run it on the head node, but I would prefer to have it external to the cluster.
[2008/05/22 07:56:35] <sigmonsays> but if your network policy doesn't allow outbound connections except to the two mentioned nodes.. then that's your problem
[2008/05/22 07:56:38] <fujin> slap a puppetmaster box in the subnet in your rack
[2008/05/22 07:56:49] <fujin> setup a nat so you can talk to your puppetmaster or something
[2008/05/22 07:57:23] <fujin> on a non-routed network (no NAT or routes or anything) it'll be very hard to do any kind of management stuff like configuration management/monitoring/trending
[2008/05/22 07:57:57] <n5red-0> I will get yelled at if I do NAT. That would be bad, the manager of that group sometimes buys me beer.
[2008/05/22 07:58:28] <n5red-0> Guinness, even...
[2008/05/22 07:58:32] <fujin> heh
[2008/05/22 07:58:43] @ BarnacleBob joined channel #puppet
[2008/05/22 07:58:59] <BarnacleBob> is there any place where i can see a working example of nagios manifests?
[2008/05/22 07:59:23] <fujin> n5red-0: I really don't know what to tell you - you're not giving yourself many options
[2008/05/22 07:59:37] <fujin> BarnacleBob: see DavidS' repo (http://git.black.co.at/
[2008/05/22 07:59:40] <fujin> module-nagios
[2008/05/22 07:59:41] <n5red-0> If I have to run on the head node, I will
[2008/05/22 08:00:25] <fujin> n5red-0: what network is the 'head node' on?
[2008/05/22 08:00:38] <n5red-0> I was hoping to keep the management outside of the cluster to make it easier to rebuild any system within the cluster
[2008/05/22 08:00:48] <BarnacleBob> cool thanks fujin
[2008/05/22 08:01:00] <n5red-0> head node and transfer nodes are on the camput network
[2008/05/22 08:01:17] <n5red-0> 126 compute nodes and 2 fileserver nodes are not
[2008/05/22 08:01:47] <fujin> right, so the head and transfer node can comms quite happily with your 126/2 backend nodes?
[2008/05/22 08:01:47] <chadh_> n5red-0: you can't put an additional node parallel to the head node as a management node? that's pretty normal
[2008/05/22 08:01:55] <fujin> +1 chadh_
[2008/05/22 08:01:57] <chadh_> how are you doing user authentication?
[2008/05/22 08:01:58] <fujin> ./agree
[2008/05/22 08:02:33] <fujin> I seriously wonder how anyone would signoff on such a massive cluster with no thought of management at all, let alone monitoring and trending
[2008/05/22 08:02:36] * fujin looks around
[2008/05/22 08:02:41] <fujin> I'd get castrated for attempted to architect such a solution
[2008/05/22 08:03:06] <n5red-0> I'm new here. There wasn't quite as much design work as there should have been
[2008/05/22 08:03:17] <fujin> n5red-0: Ideal solution is put a puppetmaster node in the same network as your frontend nodes which can talk to the backend ones
[2008/05/22 08:03:25] <fujin> and the install puppet on all of your backend nodes
[2008/05/22 08:03:57] <n5red-0> Ok. That's what I will do.
[2008/05/22 08:05:01] <BarnacleBob> wtf
[2008/05/22 08:05:02] <n5red-0> If some sort of proxying isn't practical, then I'll run it inside of the cluster.
[2008/05/22 08:05:05] <BarnacleBob> how do i use this site
[2008/05/22 08:05:08] <BarnacleBob> i just want to see the file
[2008/05/22 08:05:13] <BarnacleBob> !score git -500
[2008/05/22 08:05:20] <fujin> engage your brain
[2008/05/22 08:05:22] <n5red-0> Now I can quit trying to figure out how to proxy.
[2008/05/22 08:05:53] <nigelk> another option... :)
[2008/05/22 08:05:58] <nigelk> depending on the security of your network...
[2008/05/22 08:06:18] <nigelk> is to set up mongrel on your puppet server to allow binding to the non-loopback address
[2008/05/22 08:06:19] <n5red-0> big boss is on a serious security kick.
[2008/05/22 08:06:32] <nigelk> and then have pound proxy the requests to the mongrel backend on another machine
[2008/05/22 08:06:32] <BarnacleBob> i just worked for 7 days straight my brain is fried
[2008/05/22 08:06:33] <n5red-0> He used to be a honcho at NSF
[2008/05/22 08:06:43] @ Quit: a-priori: Read error: 110 (Connection timed out)
[2008/05/22 08:06:43] <BarnacleBob> this is the last thing i need to do before i'm free
[2008/05/22 08:07:17] <nigelk> but given that if you expose the mongrels to the world, no actual SSL cert verification happens , and you can fake the headers to talk directly to mongrel, that may expose stuff you don't want exposed
[2008/05/22 08:07:37] <n5red-0> I think I'll pass on that.
[2008/05/22 08:08:12] <nigelk> well it's not necessarily as insecure as it sounds
[2008/05/22 08:08:40] <nigelk> given you could restrict such access via firewalling and you may actually not be passing out anything particularly secure via puppet
[2008/05/22 08:08:50] <nigelk> (that isn't already exposed via all the puppet clients)
[2008/05/22 08:09:08] <BarnacleBob> fujin, it doesn't look like this stuff uses the native nagios types
[2008/05/22 08:09:41] <n5red-0> I don't think that aproach would pass the political layer...
[2008/05/22 08:09:49] <fujin> BarnacleBob: It doesn't need to
[2008/05/22 08:10:12] <fujin> I actually haven't seen a working implementation with the native nagios types yet.
[2008/05/22 08:10:51] <BarnacleBob> o
[2008/05/22 08:11:06] <gepetto> ::puppet:: Ticket #1250 (enhancement created): FreeBSD and OpenBSD: need different package name on install @ http://reductivelabs.com/trac/puppet/ticket/1250 (by rouslan@rshell.net)
[2008/05/22 08:11:34] <BarnacleBob> well i'm gonna try it then
[2008/05/22 08:12:43] <fujin> Good luck
[2008/05/22 08:12:59] <n5red-0> Thanks for the help!
[2008/05/22 08:22:00] <fujin> n5red-0: while you're at it, you may want to suggest another node for monitoring and trending, if it is important to you, in teh same location as your head/ft/puppetmaster nodes
[2008/05/22 08:22:09] <fujin> (OT suggestion, but worth mentioning if you hadn't thought about it already)
[2008/05/22 08:22:44] <n5red-0> Yes, I have been trying to figure out the best way of doing perf monitoring
[2008/05/22 08:24:06] <fujin> n5red-0: Nagios + Munin => done
[2008/05/22 08:24:23] <fujin> there's a sexy Munin puppet module @ git.black.co.at
[2008/05/22 08:24:34] <fujin> and I've not used his Nagios module - but if it is anything like his Munin one, it'll be excellent
[2008/05/22 08:24:54] <n5red-0> I will look into those. ganglia has been mentioned, but I'm not impressed with it.
[2008/05/22 08:26:56] <fujin> Not even heard of that one :\
[2008/05/22 08:27:29] <n5red-0> I'm guessing you don't hang around the HPC world. Probably wise.
[2008/05/22 08:28:30] @ kambiz joined channel #puppet
[2008/05/22 08:28:56] <n5red-0> It is full of some really brilliant computational scientists who often aren't the greatest sysadmins.
[2008/05/22 08:30:28] <fujin> I tend to hang around in the "doing it right" world
[2008/05/22 08:30:44] <BarnacleBob> these native types are working pretty well so far
[2008/05/22 08:30:55] <BarnacleBob> how do you set the defaults for a type?
[2008/05/22 08:31:12] <BarnacleBob> is it just File {the_default=>asdf}
[2008/05/22 08:31:20] <fujin> Type { param => default }
[2008/05/22 08:31:25] <BarnacleBob> sweet thanks
[2008/05/22 08:31:48] <BarnacleBob> still no idea how i can autogenerate this stuff based on the stuff already in the puppet configs
[2008/05/22 08:31:51] <BarnacleBob> but this will work for now
[2008/05/22 08:31:58] <BarnacleBob> i'm running with no monitoring :(
[2008/05/22 08:32:39] <BarnacleBob> i've had trouble getting notify to restart services
[2008/05/22 08:33:06] <BarnacleBob> is doing service{"httpd":} file{"asdf": notify=>Service["httpd"]} proper?
[2008/05/22 08:33:13] <fujin> weh? no
[2008/05/22 08:33:27] <fujin> oh
[2008/05/22 08:33:27] <BarnacleBob> you have to do subscribe in the service?
[2008/05/22 08:33:40] <fujin> just reread
[2008/05/22 08:33:42] <fujin> yes, that should work fine
[2008/05/22 08:33:45] <BarnacleBob> hrm
[2008/05/22 08:33:48] <fujin> a file can notify a service quite happily
[2008/05/22 08:34:09] <BarnacleBob> hrm i've seen several times where the file changes but the restart is not scheduled for the service
[2008/05/22 08:34:20] <BarnacleBob> course at that point i had been awake for 36 hours straight
[2008/05/22 08:34:25] <fujin> cool
[2008/05/22 08:34:31] <fujin> I'm not psychic
[2008/05/22 08:34:35] <fujin> go paste
[2008/05/22 08:34:45] <BarnacleBob> i'll have to find something reproducable
[2008/05/22 08:34:51] <BarnacleBob> just wanted to be sure that was the way it works
[2008/05/22 08:34:59] <fujin> yes
[2008/05/22 08:35:06] <BarnacleBob> thanks much fujin
[2008/05/22 08:35:21] <fujin> service { "apache2" => hasrestart => true, hasstatus => false, pattern => "/usr/sbin/httpd", enable => true, ensure => running }
[2008/05/22 08:35:35] <fujin> file { "/etc/apache2/dummy": content => "test", notify => Service[apache2] }
[2008/05/22 08:37:21] <fujin> you can also do the opposite
[2008/05/22 08:37:25] <fujin> and subscribe to the file from the service
[2008/05/22 08:37:28] <fujin> I prefer to notify
[2008/05/22 08:37:30] <BarnacleBob> yeah thats what i did at one point. but i was freaking out at the time. spent 36 hours writing a bunch of puppet configs and reinstalling a 100 machine network
[2008/05/22 08:37:36] <fujin> heh
[2008/05/22 08:37:37] <BarnacleBob> probably did it wrong
[2008/05/22 08:42:38] @ Quit: shadoi: Read error: 104 (Connection reset by peer)
[2008/05/22 08:43:19] @ shadoi joined channel #puppet
[2008/05/22 08:43:52] @ Quit: spheromak:
[2008/05/22 08:49:50] <fujin> morning shadoi
[2008/05/22 08:50:17] <fujin> print Date.now.apprpriate_greeting
[2008/05/22 08:50:23] * fujin grins
[2008/05/22 09:03:31] <MrProper_> how can i start the puppetd client at a random interval, i know theres splay but that seems to be just a single delay not a random time
[2008/05/22 09:03:51] @ Quit: cote: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:03:52] @ Quit: jfluhmann: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:03:53] @ Quit: BarnacleBob: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:03:55] @ Quit: Demosthenes: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:03:57] @ Quit: jshare: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:03:59] @ Quit: Hunnur: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:04:01] @ Quit: lefant: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:04:04] @ Quit: spike: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:04:06] @ Quit: Ned_: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:04:09] @ Quit: gore: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:04:29] @ jshare joined channel #puppet
[2008/05/22 09:05:37] @ BarnacleBob joined channel #puppet
[2008/05/22 09:05:38] @ cote joined channel #puppet
[2008/05/22 09:05:39] @ jfluhmann joined channel #puppet
[2008/05/22 09:05:39] @ Demosthenes joined channel #puppet
[2008/05/22 09:05:40] @ Hunnur joined channel #puppet
[2008/05/22 09:05:40] @ gore joined channel #puppet
[2008/05/22 09:05:41] @ lefant joined channel #puppet
[2008/05/22 09:05:43] @ spike joined channel #puppet
[2008/05/22 09:05:45] @ Ned_ joined channel #puppet
[2008/05/22 09:08:36] @ Quit: jvanzyl:
[2008/05/22 09:09:21] <plathrop> gepetto: seen lak
[2008/05/22 09:09:22] <gepetto> plathrop: lak was last seen 7 hours, 45 minutes and 52 seconds ago, quitting IRC ()
[2008/05/22 09:09:55] <holaway> plathrop: I think he's still on-site with a client
[2008/05/22 09:09:59] <holaway> given recent email threads
[2008/05/22 09:10:09] <plathrop> holaway: Yeah, I think so too.
[2008/05/22 09:10:18] <plathrop> Was just hoping :-)
[2008/05/22 09:10:23] <plathrop> Maybe you can help
[2008/05/22 09:11:01] <plathrop> Of course, maybe I should figure out how to formulate the problem...
[2008/05/22 09:13:04] <holaway> what's up?
[2008/05/22 09:13:22] <plathrop> How familiar are you with the RSpec testing infrastructure we're using?
[2008/05/22 09:14:14] <plathrop> Tests seem to run differently in 0.24.x branch than in the master branch. I don't mean they have different results, I mean that RSpec's behavior is different.
[2008/05/22 09:14:45] <plathrop> My tests have before(:all) do and before(:each) do blocks in the top-level describe block.
[2008/05/22 09:14:54] <plathrop> On 0.24.x, these are being executed as you'd expect.
[2008/05/22 09:15:02] <plathrop> On master, they just aren't being executed.
[2008/05/22 09:16:14] <holaway> plathrop: wow
[2008/05/22 09:16:16] <holaway> that is odd
[2008/05/22 09:16:38] <plathrop> Wait... actually the before(:all) is being executed as before(:each)
[2008/05/22 09:16:46] <plathrop> pastie: url me
[2008/05/22 09:17:09] <holaway> same version of rspec? only difference is which branch you run the tests from?
[2008/05/22 09:17:42] <pastie> http://pastie.org/201234 by plathrop.
[2008/05/22 09:17:47] <chadh_> do you guys know if a parser function works as a default argument value for a define?
[2008/05/22 09:17:53] @ chadh_ is now known as chadh
[2008/05/22 09:18:16] <plathrop> holaway: Unless there's an RSpec embedded in the codebase that is being called, yeah.
[2008/05/22 09:18:23] <plathrop> Check out my paste
[2008/05/22 09:19:01] <holaway> what's the vendor/gems stuff?
[2008/05/22 09:19:08] <holaway> that smells like embedded rspec
[2008/05/22 09:19:20] <plathrop> You're right it does. I'm using autotest...
[2008/05/22 09:19:34] <plathrop> But I'm using autotest in both branches
[2008/05/22 09:19:44] <holaway> dollars to donuts, the rspec gem in vendor is different on those two branches
[2008/05/22 09:20:34] <plathrop> holaway: I bet you're right.
[2008/05/22 09:24:25] <sigmonsays> so, why is the syntax of a class that has a parent different than another class?
[2008/05/22 09:24:37] <sigmonsays> seems silly to have to recode it later
[2008/05/22 09:24:41] <sigmonsays> unless i'm missing something...
[2008/05/22 09:24:54] <fujin> clarify
[2008/05/22 09:25:05] <sigmonsays> base class creates a nrpe resource
[2008/05/22 09:25:07] <sigmonsays> right. .
[2008/05/22 09:25:09] <fujin> mm
[2008/05/22 09:25:16] <sigmonsays> then www server needs to inherit base and override nrpe
[2008/05/22 09:25:21] <fujin> yup
[2008/05/22 09:25:21] @ johnf joined channel #puppet
[2008/05/22 09:25:32] <sigmonsays> www-server class syntax has to change if it wasn't originally designed to inherit base
[2008/05/22 09:25:46] <sigmonsays> makes it hard to adapt
[2008/05/22 09:26:15] <fujin> huh?
[2008/05/22 09:26:23] <sigmonsays> lemme write a paste example
[2008/05/22 09:26:26] <sigmonsays> 1 min
[2008/05/22 09:26:33] <fujin> you are complaining about having to modify syntax to do something different?
[2008/05/22 09:26:37] <fujin> paradox much?
[2008/05/22 09:26:38] <plathrop> holaway: How's your git-foo? Is there an easy way to compare a file on one branch against a file on another branch?
[2008/05/22 09:26:49] <fujin> plathrop: git diff branchA..branchB -- file
[2008/05/22 09:26:58] <fujin> fwiw, the rspec dir on master == same on 0.24.x
[2008/05/22 09:27:02] <plathrop> Thanks, fujin!
[2008/05/22 09:27:46] <plathrop> fujin: You're right.
[2008/05/22 09:27:50] <plathrop> hrm...
[2008/05/22 09:29:13] <sigmonsays> fujin, it is probably complaining but ti seems like a logical shortcut to me
[2008/05/22 09:29:16] <sigmonsays> http://rafb.net/p/k1A4bI16.html
[2008/05/22 09:29:37] <sigmonsays> oops
[2008/05/22 09:29:42] <fujin> so what's the problem?
[2008/05/22 09:29:49] <fujin> a capitalised resource refers to an already defined resource
[2008/05/22 09:29:54] <fujin> a non-capitalised resource defines it
[2008/05/22 09:30:02] <fujin> simple concept really, one creates, one changes
[2008/05/22 09:30:05] <plathrop> Looks like the tests are behaving the same, it must be something in the code that is different, but it seems weird because the tests are the same in both branches, and so is the tested code.
[2008/05/22 09:30:11] <fujin> the parser needs a way to differentiate
[2008/05/22 09:30:15] @ Quit: lefant: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:30:16] @ Quit: Hunnur: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:30:18] @ Quit: Ned_: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:30:19] @ Quit: gore: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:30:20] @ Quit: Demosthenes: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:30:21] @ Quit: spike: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:30:22] @ Quit: cote: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:30:24] @ Quit: BarnacleBob: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:30:25] @ Quit: jfluhmann: kubrick.freenode.net irc.freenode.net
[2008/05/22 09:30:29] <sigmonsays> fujin, that's right but it makes it hard to move a resource from one class to another
[2008/05/22 09:30:44] <fujin> how so?
[2008/05/22 09:31:01] <fujin> the second syntax is used only for overriding existing resources in superclasses
[2008/05/22 09:31:20] <sigmonsays> I know
[2008/05/22 09:31:31] <sigmonsays> but the second syntax rarely exists until you need to subclass
[2008/05/22 09:31:58] <fujin> so what is the problem?
[2008/05/22 09:32:22] <fujin> are you saying you should be able to redefine types in sublcasses with the same syntax?
[2008/05/22 09:32:23] <sigmonsays> basically, you have the wrong way setup at first (mostly likely) with tons of other resources just like it. Now you decide you need to split off some servers into a new kind of class because something changed
[2008/05/22 09:32:27] <fujin> s/should/want to/
[2008/05/22 09:32:47] <holaway> so, anyone else getting busted yum with the red hat 5.2 update?
[2008/05/22 09:32:55] <sigmonsays> fujin, basically yeah
[2008/05/22 09:33:00] <fujin> sigmonsays: file a ticket
[2008/05/22 09:33:38] <sigmonsays> well I have to ask if that makes sense
[2008/05/22 09:33:50] <fujin> I suppose theoretically you could say that child classes should have the ability to check with their parent classes for resources defined with the same name, and then apply the overrides to them
[2008/05/22 09:34:01] <fujin> without having to use the caps syntax
[2008/05/22 09:34:15] <fujin> sigmonsays: but the caps syntax is used in other places, in resource dependancy chains
[2008/05/22 09:34:21] <fujin> to denote "a resource which already exists"
[2008/05/22 09:34:32] @ spike joined channel #puppet
[2008/05/22 09:34:42] <sigmonsays> see i'm pretty new to puppet still -- I don't think i will open a ticket, just tryin to understand
[2008/05/22 09:35:08] <plathrop> Ah hah!
[2008/05/22 09:35:17] @ BarnacleBob joined channel #puppet
[2008/05/22 09:35:18] @ cote joined channel #puppet
[2008/05/22 09:35:19] @ jfluhmann joined channel #puppet
[2008/05/22 09:35:20] @ Demosthenes joined channel #puppet
[2008/05/22 09:35:21] @ Hunnur joined channel #puppet
[2008/05/22 09:35:22] @ gore joined channel #puppet
[2008/05/22 09:35:23] @ lefant joined channel #puppet
[2008/05/22 09:35:24] @ Ned_ joined channel #puppet
[2008/05/22 09:35:39] <sigmonsays> can I read about dependancy chains somewhere?
[2008/05/22 09:36:11] @ jvanzyl joined channel #puppet
[2008/05/22 09:36:32] <sigmonsays> fujin, you mean before => Blah["..."] , after => Blah[..]
[2008/05/22 09:37:01] <fujin> yes
[2008/05/22 09:37:06] <fujin> and require, notify, subscribe
[2008/05/22 09:37:36] <sigmonsays> that hurts ;)
[2008/05/22 09:38:26] <fujin> how so?
[2008/05/22 09:39:16] <sigmonsays> seems like a good convention
[2008/05/22 09:39:25] <MrProper_> anyone here run puppetd from cron?
[2008/05/22 09:39:35] <plathrop> Bad unit test! Not stubbing/mocking external behavior. Bad! No biscuit! :-P
[2008/05/22 09:39:39] <sigmonsays> MrProper_, hmm no, and why would u want to?
[2008/05/22 09:39:48] <nigelk> MrProper_: I do
[2008/05/22 09:40:04] <MrProper_> sigmonsays, because i have random puppetd clients that go into a hung state without any apparent reason
[2008/05/22 09:40:07] <nigelk> because the gratuitous select() calls and resident memory annoyed my users
[2008/05/22 09:40:16] <MrProper_> nigelk, what do you use to randomize the client runs
[2008/05/22 09:40:23] <nigelk> so we run it out of cron (well launchd) as --ontime
[2008/05/22 09:40:24] <nigelk> ah
[2008/05/22 09:40:37] <nigelk> so we use launchd and rather than specifying explicit times, we simply specify the period
[2008/05/22 09:40:46] <MrProper_> launchd?
[2008/05/22 09:40:48] <nigelk> and as they're all clients rather than servers, that's random enough
[2008/05/22 09:40:51] <nigelk> Mac OS X
[2008/05/22 09:40:54] <MrProper_> ah
[2008/05/22 09:41:05] <nigelk> kind of a replacement next gen approach to replace cron, init, etc etc
[2008/05/22 09:41:17] @ sigmonsays is now known as sigmonsays-afk
[2008/05/22 09:41:31] <nigelk> Apple open sourced it: http://launchd.macosforge.org/
[2008/05/22 09:42:55] <ashp> So, I think (once tested) I finally have an iclassify module for anyone who's been thinking of trying it out
[2008/05/22 09:43:17] <ashp> it defaults to some rhel paths and you have to provide your own mysql/apache classes, but it should be pretty easy to mod for other distributions
[2008/05/22 09:44:56] <nigelk> MrProper_: did you look at the splaylimit config option?
[2008/05/22 09:45:35] <MrProper_> nigelk, yeah its not very descriptive though
[2008/05/22 09:45:46] <MrProper_> nigelk, and it only appears to be used in daemon mode
[2008/05/22 09:46:04] <nigelk> why not manage the time that puppet runs with puppet ?
[2008/05/22 09:46:10] <nigelk> I take it you're using conf.d or something?
[2008/05/22 09:46:14] <nigelk> cron.d I mean
[2008/05/22 09:46:18] <MrProper_> aye
[2008/05/22 09:46:25] <nigelk> have an erb template that randomly picks a number
[2008/05/22 09:46:28] <nigelk> ?
[2008/05/22 09:47:07] <MrProper_> im currently just using the daemon, im just tired of a client dropping out and it not being noticed. i resorted for a while to have a script go through the stored configs to check the last compile time to see if a client has dropped out
[2008/05/22 09:47:40] <nigelk> that's a problem we're trying to resolve too. How to tell which clients are no longer working correctly
[2008/05/22 09:47:43] <MrProper_> the crap thing is i cant see why its doing it, strace doenst give me anything to note, the logs dont mention anything and the process looks like its in a normal state
[2008/05/22 09:47:52] <nigelk> we've resorted to a rescue script that checks the timestamp on the state files
[2008/05/22 09:48:03] <nigelk> and reinstalls puppet preserving configuration data if it's too old
[2008/05/22 09:48:04] <MrProper_> nigelk, do you use stored configs?
[2008/05/22 09:48:16] <MrProper_> reinstalls puppet?
[2008/05/22 09:48:19] <nigelk> they were just too flaky up to 0.24.1
[2008/05/22 09:48:42] <nigelk> yeah, our deployment is a little ... special in that regard :)
[2008/05/22 09:48:46] <MrProper_> dead clients can be rescued just by killing the proc and removing the puppetdlock
[2008/05/22 09:48:51] <nigelk> well no
[2008/05/22 09:48:56] <nigelk> not if an end user has broken something
[2008/05/22 09:49:05] <nigelk> remember these aren't servers :)
[2008/05/22 09:49:08] <nigelk> well not all of them
[2008/05/22 09:49:14] <MrProper_> lol, like what removing a binary =P
[2008/05/22 09:49:21] <nigelk> mmm
[2008/05/22 09:49:27] <MrProper_> do you use storeconfigs?
[2008/05/22 09:49:38] <nigelk> no, they're still too flaky under 0.24.1
[2008/05/22 09:49:44] <nigelk> and I haven't updated my servers yet.
[2008/05/22 09:49:53] <MrProper_> ahh ok, 24.4 is alot nicer =)
[2008/05/22 09:50:01] <nigelk> turning it on gives me that bug where it thinks all the resources are already being managed
[2008/05/22 09:50:11] <MrProper_> oh nice
[2008/05/22 09:50:29] <nigelk> and I had some issues with storeconfigs and the load we place our puppet servers under anyway
[2008/05/22 09:51:04] <nigelk> so I've been concentrating more on scalability and getting load balancing working across the servers
[2008/05/22 09:52:32] <gepetto> ::puppet:: Ticket #1251 (defect created): Unit tests for storage.rb are broken when run against master branch. @ http://reductivelabs.com/trac/puppet/ticket/1251 (by paul@tertiusfamily.net)
[2008/05/22 10:07:36] <gepetto> ::puppet:: Ticket #1252 (defect created): ssh_authorized_key unit tests broken when run against master @ http://reductivelabs.com/trac/puppet/ticket/1252 (by paul@tertiusfamily.net)
[2008/05/22 10:12:20] @ Quit: randybias:
[2008/05/22 10:14:52] @ Quit: nigelk:
[2008/05/22 10:15:55] @ Quit: johnf: Read error: 110 (Connection timed out)
[2008/05/22 10:21:03] <MrProper_> does anyone know what the -w 0 flag is for puppetd
[2008/05/22 10:21:38] <plathrop> MrProper_: It tells Puppet not to wait for a certificate and just shutdown if it doesn't get one
[2008/05/22 10:21:47] <MrProper_> plathrop, ahh ok
[2008/05/22 10:21:52] @ Quit: a-priori_:
[2008/05/22 10:21:55] <MrProper_> plathrop, cant see that documented anywhere thats all
[2008/05/22 10:23:21] @ a-priori joined channel #puppet
[2008/05/22 10:24:40] @ lak joined channel #puppet
[2008/05/22 10:26:53] <plathrop> Howdy, lak!
[2008/05/22 10:27:01] <lak> hi
[2008/05/22 10:27:08] @ Quit: shadoi: Read error: 110 (Connection timed out)
[2008/05/22 10:28:25] <plathrop> If I patch something against 0.24.x, should I reassign the ticket to jamesturnbull instead of you now?
[2008/05/22 10:28:30] <plathrop> When it's ready for checkin?
[2008/05/22 10:28:37] <lak> yes
[2008/05/22 10:28:46] <plathrop> Okay. Sorry about the few I haven't.
[2008/05/22 10:30:55] <gepetto> ::puppet:: Ticket #1253 (defect created): http_pool unit tests broken when run against master branch @ http://reductivelabs.com/trac/puppet/ticket/1253 (by paul@tertiusfamily.net)
[2008/05/22 10:30:55] <gepetto> ::puppet:: Ticket #1254 (defect created): puppetd client randomly hangs @ http://reductivelabs.com/trac/puppet/ticket/1254 (by brendan@sitesuite.com.au)
[2008/05/22 10:31:14] <plathrop> I've been a testing machine today :-)
[2008/05/22 10:33:50] <fujin> 'randomly hangs'.. lol, that's descriptive
[2008/05/22 10:34:45] <plathrop> Those are terrible bugs when they are actually bugs.
[2008/05/22 10:35:18] <lak> awesome
[2008/05/22 10:37:14] @ kambiz_ joined channel #puppet
[2008/05/22 10:37:26] @ Quit: kambiz_: Remote closed the connection
[2008/05/22 10:38:41] @ Quit: lak:
[2008/05/22 10:38:50] <BarnacleBob> anyone familiar with the native nagios types. despite the docs saying that nagios_host{"asdf": contact_groups=>"blah"} is a parameter when i try to run puppet on the node i get Invalid parameter 'contact_groups' for type 'Nagios_host'
[2008/05/22 10:39:29] <BarnacleBob> using 24.4
[2008/05/22 10:39:38] @ anarcat joined channel #puppet
[2008/05/22 10:39:48] <anarcat> i'm having problems with the sshkey type under 24.4
[2008/05/22 10:39:51] <MrProper_> fujin, how else would you like to me describe the client stops responding?
[2008/05/22 10:39:57] <anarcat> oh, wait, maybe it's the ssh module
[2008/05/22 10:40:44] <fujin> oh wasn't a personal attack
[2008/05/22 10:40:48] <fujin> I just hate those bugs
[2008/05/22 10:40:53] @ M- joined channel #puppet
[2008/05/22 10:40:59] <anarcat> ew, nasty
[2008/05/22 10:41:00] <fujin> nearly 25,000 lines of code.. "puppetd hangs"
[2008/05/22 10:41:06] <fujin> you do the math
[2008/05/22 10:41:23] <MrProper_> fujin, i agree, hence why i gave up trying to find the cause myself heh
[2008/05/22 10:41:46] <anarcat> so here's my issue: facter outputs the host RSA key with "ssh-rsa" prefixed
[2008/05/22 10:41:54] <MrProper_> fujin, this one has been around for a few versions back to 22.x
[2008/05/22 10:42:07] <BarnacleBob> how would i go about verifying in the code what properties a module has?
[2008/05/22 10:42:15] <anarcat> the sshkey Type takes a "key" argument that expects to be without the ssh-rsa prefix
[2008/05/22 10:42:18] <BarnacleBob> although i think the nagios types are a special case
[2008/05/22 10:42:42] <anarcat> so if i do sshkey { "$fqdn": key => $sshrsakey }, it generates something like this:
[2008/05/22 10:42:54] <anarcat> $fqdn ssh-rsa ssh-rsa AAAA...
[2008/05/22 10:42:57] <anarcat> which is obviously wrong
[2008/05/22 10:44:11] <anarcat> oh, i see, this is #1164
[2008/05/22 10:44:13] <gepetto> anarcat: oh: #1164 is http://reductivelabs.com/trac/puppet/ticket/1164 "sshkey type is creating invalid ssh_known_hosts file"
[2008/05/22 10:44:19] <plathrop> anarcat: You need to update facter I think.
[2008/05/22 10:44:21] <fujin> MrProper_: hard to believe
[2008/05/22 10:44:57] <anarcat> :(
[2008/05/22 10:45:05] @ Quit: kambiz: Read error: 110 (Connection timed out)
[2008/05/22 10:45:18] <anarcat> plathrop: i'll try that
[2008/05/22 10:45:25] @ Quit: tmz: "leaving"
[2008/05/22 10:45:33] <MrProper_> fujin, well its either 22.x or 23.x not sure, but its been there a while but i had it at my last job and 24.x wasnt out at that time
[2008/05/22 10:45:40] <anarcat> hmmm....
[2008/05/22 10:45:46] <anarcat> plathrop: it seems i have the latest facter here
[2008/05/22 10:46:01] <anarcat> 1.3.5-1 on debian
[2008/05/22 10:46:03] <plathrop> anarcat: Hrm. I forget what I figured out the problem was, then...
[2008/05/22 10:46:06] <anarcat> no, wait
[2008/05/22 10:46:08] <anarcat> grr
[2008/05/22 10:46:31] @ jsgotangco joined channel #puppet
[2008/05/22 10:47:10] <gepetto> ::puppet:: Ticket #1255 (defect created): Broken unit tests in branch 0.24.x when running as root on OSX 10.5 @ http://reductivelabs.com/trac/puppet/ticket/1255 (by paul@tertiusfamily.net)
[2008/05/22 10:50:34] <fujin> man Yum is shit
[2008/05/22 10:50:51] <fujin> I can't believe they get away with making such a terrible piece of software
[2008/05/22 10:53:14] @ tmz joined channel #puppet
[2008/05/22 10:53:34] <BarnacleBob> its gotten alot better recently
[2008/05/22 10:53:36] @ tmz_ joined channel #puppet
[2008/05/22 10:56:47] @ Quit: BarnacleBob: "This computer has gone to sleep"
[2008/05/22 10:59:07] <MrProper_> fujin, you gotta find it funny that its so horribly they pulled the utility of a rival distribution and mashed it around their packages
[2008/05/22 10:59:43] <holaway> okay, so, whoever broke out every nagios plugin into a seperate rpm is on my list of people tto hate
[2008/05/22 10:59:46] <holaway> :)
[2008/05/22 11:00:06] <fujin> heh
[2008/05/22 11:00:13] <fujin> that fails
[2008/05/22 11:00:17] <holaway> really, they thought they were being so fucking clever
[2008/05/22 11:00:25] <holaway> "hey, man, think about how many fewer deps this will have?"
[2008/05/22 11:00:25] <fujin> at least ubu ships big packages containing billions of nagios plugins
[2008/05/22 11:00:38] <anarcat> holaway: you gotta be kidding
[2008/05/22 11:00:44] <holaway> no
[2008/05/22 11:00:47] <anarcat> wow
[2008/05/22 11:00:48] <holaway> no, sadly, I am not
[2008/05/22 11:00:54] <anarcat> that's pretty bad
[2008/05/22 11:00:55] <anarcat> damn
[2008/05/22 11:01:00] @ johnf joined channel #puppet
[2008/05/22 11:01:15] <anarcat> i'm banging my head on a stupid problem... i'm trying to upgrade package X (facter in this case) on all clients using a .deb
[2008/05/22 11:01:42] <anarcat> Package type doesn't cut it because since the dpkg provider is not versionnable, it's just happy to live with the already installed version
[2008/05/22 11:01:55] <anarcat> how do i do this (without creating a fully-fledged apt repository of course)
[2008/05/22 11:02:13] @ Quit: plathrop: "ERC Version 5.2 (IRC client for Emacs)"
[2008/05/22 11:03:00] <anarcat> i guess this would apply to rpms too
[2008/05/22 11:03:01] <fujin> anarcat: can't you package { facter: ensure => absent, provider => apt } package { "facter.deb": source => "/path/to/facter.deb", provider => dpkg } ?
[2008/05/22 11:03:14] <fujin> with some requires
[2008/05/22 11:03:19] <fujin> and a file{} to drop the deb
[2008/05/22 11:03:20] <anarcat> fujin: i guess i can try that
[2008/05/22 11:05:24] <anarcat> it's going into a funny endless loop here (since i do that with the puppet package too :)
[2008/05/22 11:05:50] <anarcat> so that's a no go
[2008/05/22 11:07:06] <anarcat> basically, the end result is that facter gets uninstalled here
[2008/05/22 11:09:17] <anarcat> hum
[2008/05/22 11:09:18] <anarcat> weird
[2008/05/22 11:09:25] <anarcat> now ensure => latest just seems to work
[2008/05/22 11:10:15] @ plathrop joined channel #puppet
[2008/05/22 11:16:20] @ kenvandine joined channel #puppet
[2008/05/22 11:16:37] @ holaway is now known as holoway
[2008/05/22 11:19:30] @ shadoi joined channel #puppet
[2008/05/22 11:30:34] <MrProper_> anarcat, i can give you a really easy way to do debian custom repositories
[2008/05/22 11:30:46] <MrProper_> anarcat, without using reprepro and all that junk
[2008/05/22 11:32:54] @ Quit: tmz_: "leaving"
[2008/05/22 11:34:36] @ Quit: plathrop: Remote closed the connection
[2008/05/22 11:39:46] <holoway> okay, shell is really rusty
[2008/05/22 11:40:05] <holoway> if I want an if statement that only runs if the exit code of a command is 0
[2008/05/22 11:40:14] <holoway> whose got the love? :)
[2008/05/22 11:40:17] <MrProper_> RETVAL = $?
[2008/05/22 11:40:27] @ randybias joined channel #puppet
[2008/05/22 11:40:40] <MrProper_> if [ $RETVAL != 0 ]; then ; foo ;fi
[2008/05/22 11:40:47] <holoway> MrProper_: sweet
[2008/05/22 11:40:51] <holoway> thanks
[2008/05/22 11:41:03] <MrProper_> obviously set RETVAL after your command has been run
[2008/05/22 11:41:31] <MrProper_> my-command-of-awesomeness; RETVAL=$?;
[2008/05/22 11:46:32] <holoway> MrProper_: thank you for that
[2008/05/22 11:46:42] * holoway has been in perl and ruby for way too long
[2008/05/22 11:47:10] @ Quit: shake-n-bake:
[2008/05/22 11:47:21] <MrProper_> holoway, i know how that feels
[2008/05/22 11:49:41] <chadh> What is /etc/puppet/ssl for ?
[2008/05/22 11:51:01] <MrProper_> ssl certs
[2008/05/22 11:51:34] <holoway> chadh: was that too obvious? :)
[2008/05/22 11:51:43] <MrProper_> =)
[2008/05/22 11:52:23] <chadh> holoway: yeah, all of my certs are in /var/lib/puppet/ssl
[2008/05/22 11:52:41] <MrProper_> chadh, they used to be in /etc/puppet/ssl
[2008/05/22 11:52:42] <holoway> chadh: I think it's a configurable option
[2008/05/22 11:52:55] * holoway keeps his in /etc/puppet/ssl still
[2008/05/22 11:53:17] <MrProper_> holoway, i keep my puppetmaster ssl certs in /etc/puppet/ssl and the clients in /var/lib/puppet/ssl
[2008/05/22 11:53:34] <chadh> okay. For some reason I never had that directory before I installed 0.24.4, so I thought it was a new thing
[2008/05/22 11:54:03] <chadh> puppet makes the /etc/puppet/ssl directory regardless of your ssldir config variable, I think
[2008/05/22 12:02:28] @ Quit: ricky: "reconnecting."
[2008/05/22 12:02:34] @ ricky joined channel #puppet
[2008/05/22 12:03:46] @ lak joined channel #puppet
[2008/05/22 12:03:58] @ Quit: randybias:
[2008/05/22 12:09:20] <hacim> alright you git'masters
[2008/05/22 12:09:36] * fujin nods
[2008/05/22 12:09:37] @ flakrat_ joined channel #puppet
[2008/05/22 12:09:41] <hacim> i'm trying to pull out my modules from my master git repository so I can publish them individually
[2008/05/22 12:09:48] <hacim> (including the history)
[2008/05/22 12:10:08] @ Quit: johnf: Read error: 110 (Connection timed out)
[2008/05/22 12:10:17] <hacim> i understand that I need to do something like git clone my original repository and then do something like a git-filter-brach to remove everything except the modules that I want to publish?
[2008/05/22 12:10:52] <fujin> not something I've attempted to do, sorry
[2008/05/22 12:10:58] <fujin> one of the experts in hashgit should be able to help
[2008/05/22 12:10:59] <hacim> you are not a git master!!
[2008/05/22 12:11:01] <hacim> hehe
[2008/05/22 12:11:10] <fujin> evidently not
[2008/05/22 12:11:14] <hacim> fujin: I've been in there, and so far have gotten a few different suggestions which haven't worked
[2008/05/22 12:11:35] <fujin> can probably use rev-list if you want the history
[2008/05/22 12:11:38] <fujin> haven't looked at filter-branch
[2008/05/22 12:15:44] <hacim> it just seems backwards to have to remove everything
[2008/05/22 12:16:26] @ a-priori_ joined channel #puppet
[2008/05/22 12:16:29] <hacim> also, with 3,000 commits, it takes forever
[2008/05/22 12:16:57] @ martha left channel #puppet ()
[2008/05/22 12:17:37] <holoway> fujin: whats the right email to use to talk more about your doing some work with us?
[2008/05/22 12:17:44] <fujin> aj@junglist.gen.nz
[2008/05/22 12:17:48] <holoway> cool
[2008/05/22 12:17:56] <holoway> we should be in touch tomorrow
[2008/05/22 12:18:01] <fujin> cool
[2008/05/22 12:18:29] <fujin> ;]
[2008/05/22 12:19:58] <hacim> does anyone run any trim operations on their db?
[2008/05/22 12:20:09] <hacim> it seems like a lot of tables are getting infinately larger, like tags
[2008/05/22 12:21:51] <fujin> I don't think anyone has posed the question :)
[2008/05/22 12:23:38] <hacim> i like to be the first
[2008/05/22 12:24:26] <fujin> the problem with cleanup operations is it could cause recollections to occur
[2008/05/22 12:24:38] <fujin> depending on what you archived
[2008/05/22 12:25:26] <hacim> right, but I'm not sure I need tens of thousands of tag rows from last year
[2008/05/22 12:25:34] <hacim> although I'm not sure what ones I do need
[2008/05/22 12:26:19] @ Quit: shadoi: Read error: 110 (Connection timed out)
[2008/05/22 12:26:58] @ Gwayne joined channel #puppet
[2008/05/22 12:31:00] @ Quit: a-priori: Read error: 104 (Connection reset by peer)
[2008/05/22 12:49:11] @ plathrop joined channel #puppet
[2008/05/22 12:55:22] @ Quit: lak:
[2008/05/22 12:55:45] @ Quit: plathrop: "ERC Version 5.2 (IRC client for Emacs)"
[2008/05/22 13:00:23] @ Quit: neh: Read error: 104 (Connection reset by peer)
[2008/05/22 13:01:41] @ lak joined channel #puppet
[2008/05/22 13:04:41] @ Quit: lefant: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:44] @ Quit: Hunnur: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:45] @ Quit: Ned_: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:46] @ Quit: gore: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:47] @ Quit: Demosthenes: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:49] @ Quit: cote: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:51] @ Quit: jfluhmann: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:53] @ Quit: Gwayne: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:55] @ Quit: pawalls: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:55] @ Quit: phips: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:57] @ Quit: thom: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:04:58] @ Quit: Volcane: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:05:00] @ Quit: kajtzu: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:05:01] @ Quit: StyleWarz: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:05:04] @ Quit: yure_: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:05:07] @ Quit: barnbarn: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:05:09] @ Quit: anarcat: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:05:10] @ Quit: kombucha: kubrick.freenode.net irc.freenode.net
[2008/05/22 13:05:13]