Thursday, 2008-06-19

[2008/06/19 00:01:55] <hessml> can you pull files from 2 different puppetmasters. i.e. can a client have be keyed to 2 different puppetmasters at the same time so that when you use the puppet://<server> specfier that you can also have a puppet://<server2> one also?
[2008/06/19 00:04:41] <lak> only if they were signed by the same CA
[2008/06/19 00:05:19] <hessml> ah... how do you make that happen.....
[2008/06/19 00:05:21] @ randybias joined channel #puppet
[2008/06/19 00:08:42] <lak> generally, you have to have one be the CA
[2008/06/19 00:10:44] <hessml> understood. but is this an install option, a utility, a configuration setting?
[2008/06/19 00:10:56] <lak> config setting; caserver and caport
[2008/06/19 00:11:04] <lak> and start the second master up as a client of the first
[2008/06/19 00:11:07] <lak> at least initially
[2008/06/19 00:13:08] <hessml> 1) the second master is started as a client of the first
[2008/06/19 00:13:40] <hessml> 2) the second master generates new keys based off the CA of the first master
[2008/06/19 00:14:30] <hessml> 3) after that you can can turn off the caserver an caport because it has already generated the new keys
[2008/06/19 00:14:31] @ densone joined channel #puppet
[2008/06/19 00:14:35] <hessml> right?
[2008/06/19 00:18:45] <lak> the second master can't be a ca
[2008/06/19 00:20:03] <hessml> I can't find caserver in the wiki, or the source. Are you sure that is the right setting?
[2008/06/19 00:20:19] <MrProper_> hessml, puppetmasterd --genconfig \| less
[2008/06/19 00:20:39] <lak> no, i'm not sure
[2008/06/19 00:20:43] <lak> but i think it is :)
[2008/06/19 00:20:54] <fujin> haha, if anyone is sure, it's lak
[2008/06/19 00:20:59] <fujin> genconfig will show you though
[2008/06/19 00:21:41] <fujin> it's ca_server
[2008/06/19 00:21:46] <fujin> ca_
[2008/06/19 00:21:54] <fujin> wiki:ConfigurationReference
[2008/06/19 00:22:06] <gepetto> fujin: wiki: wiki:ConfigurationReference is http://reductivelabs.com/trac/puppet/wiki/ConfigurationReference
[2008/06/19 00:22:58] @ muerr joined channel #puppet
[2008/06/19 00:22:59] <hessml> close, it is ca_server
[2008/06/19 00:23:11] <hessml> and ca_port
[2008/06/19 00:23:24] <hessml> thank you MrProper
[2008/06/19 00:24:30] <lak> g'night all
[2008/06/19 00:24:36] <hessml> thanks lak
[2008/06/19 00:24:40] @ Quit: lak:
[2008/06/19 00:26:07] @ Quit: snerd: Read error: 110 (Connection timed out)
[2008/06/19 00:27:23] @ Quit: muerr: Client Quit
[2008/06/19 00:28:47] @ snerd joined channel #puppet
[2008/06/19 00:29:37] @ muerr joined channel #puppet
[2008/06/19 00:30:16] @ edibrac1 joined channel #puppet
[2008/06/19 00:47:50] <muerr> so whats it say if i'm using puppet to manage which packages and settings i have on my laptop :-x
[2008/06/19 00:49:09] <fujin> heh
[2008/06/19 00:49:20] <fujin> if I had a laptop that'd run puppet, I probably would too
[2008/06/19 00:49:27] <fujin> use it on my personal dev server for managing lots of stuff though
[2008/06/19 00:49:34] <fujin> in short, it says you're awesome
[2008/06/19 00:50:16] <muerr> the manifest is 83 lines :-x
[2008/06/19 00:50:28] <muerr> and 8 classes.
[2008/06/19 00:50:41] @ Quit: catdude:
[2008/06/19 00:52:15] <muerr> course, its not as condensed as it could be.
[2008/06/19 00:53:40] @ Quit: randybias:
[2008/06/19 00:57:02] @ randybias joined channel #puppet
[2008/06/19 00:58:34] @ hessml is now known as hessml\|away
[2008/06/19 01:02:07] @ hessml\|away is now known as hessml
[2008/06/19 01:07:27] @ Quit: kenvandine: Read error: 104 (Connection reset by peer)
[2008/06/19 01:07:40] @ kenvandine joined channel #puppet
[2008/06/19 01:13:35] @ magnachef__ joined channel #puppet
[2008/06/19 01:26:43] @ rcoup joined channel #puppet
[2008/06/19 01:34:58] @ magnachef_ joined channel #puppet
[2008/06/19 01:35:55] @ Quit: magnachef__: Read error: 110 (Connection timed out)
[2008/06/19 01:46:48] @ jtimberman joined channel #puppet
[2008/06/19 01:46:53] @ Quit: jtimberman: "ircII EPIC4-2.6 -- Are we there yet?"
[2008/06/19 01:47:08] @ Quit: randybias:
[2008/06/19 01:48:20] @ Maliuta joined channel #puppet
[2008/06/19 01:57:28] @ Quit: densone:
[2008/06/19 01:58:07] @ densone joined channel #puppet
[2008/06/19 02:00:28] <edibrac1> i get "no certificates to sign" when i run puppetca --list -- i'm following this: http://reductivelabs.com/trac/puppet/wiki/InstallationGuide
[2008/06/19 02:00:54] <edibrac1> i guess..the client isn't presenting it's cert to the server?
[2008/06/19 02:02:35] <edibrac1> in other words, i have puppetmasterd running on the server, then on the client, I run puppetd --server 10.0.1.36 --waitforcert 60 --test -- but the server says "no certificates to sign" when I do: puppetca --list
[2008/06/19 02:03:16] <edibrac1> i figure this is something basic, that i'm overlooking something obvious? I can ssh from the client to the server, and i don't have iptables running on either machine
[2008/06/19 02:03:32] @ Quit: magnachef_: Read error: 110 (Connection timed out)
[2008/06/19 02:03:46] @ magnachef_ joined channel #puppet
[2008/06/19 02:10:53] @ Quit: muerr: "Leaving"
[2008/06/19 02:11:36] @ Quit: jvanzyl_:
[2008/06/19 02:16:39] @ jvanzyl joined channel #puppet
[2008/06/19 02:25:14] @ Quit: rcoup:
[2008/06/19 02:29:12] @ Quit: marcoecc: Excess Flood
[2008/06/19 02:30:54] @ marcoecc joined channel #puppet
[2008/06/19 02:43:01] <jamesturnbull> edibrac1: are you running as root?
[2008/06/19 02:43:11] @ Quit: jvanzyl:
[2008/06/19 02:56:40] @ Ol_ joined channel #puppet
[2008/06/19 02:58:42] @ Quit: densone:
[2008/06/19 03:02:22] @ densone joined channel #puppet
[2008/06/19 03:11:49] @ Quit: hessml: "Leaving..."
[2008/06/19 03:13:58] <mcbride> 0zYTfv0!c3
[2008/06/19 03:14:07] <jamesturnbull> mcbride: capise?
[2008/06/19 03:14:13] @ hessml joined channel #puppet
[2008/06/19 03:14:14] <mcbride> whoops
[2008/06/19 03:14:22] <mcbride> changing some passwords now :-)
[2008/06/19 03:14:23] <jamesturnbull> mcbride: I'd be changing that
[2008/06/19 03:14:35] @ Quit: densone:
[2008/06/19 03:14:36] <jamesturnbull> mcbride: good password though
[2008/06/19 03:14:59] <mcbride> random
[2008/06/19 03:15:10] <mcbride> a little short, usually I go for 16 characters.
[2008/06/19 03:15:25] <mcbride> at least for the important ones.
[2008/06/19 03:16:13] <nevyn> if someone compramised my copy buffer I'd be in a lot of hurt
[2008/06/19 03:16:27] * nevyn prefers keys.
[2008/06/19 03:16:36] <nevyn> I actually don't like passwords.
[2008/06/19 03:16:37] <jamesturnbull> I find 10 chars is enough for most things - takes a lot of grunt to break a reasonably complex 10 char password
[2008/06/19 03:16:58] <nevyn> I like central authentication.
[2008/06/19 03:17:04] <nevyn> I like accountibility.
[2008/06/19 03:17:06] <mcbride> yes, usually I use keys, and a cut-n-paste database of passwords.
[2008/06/19 03:17:22] <mcbride> but neither works for screensaver passwords.
[2008/06/19 03:17:24] <nevyn> I like accountibility and central authentication for system admins.
[2008/06/19 03:17:42] <nevyn> so all the admins use sudo to do stuff on systems
[2008/06/19 03:18:00] <nevyn> and the root password is only used to fix network/authentication type problems.
[2008/06/19 03:18:28] <mcbride> I don't even know the root password on most systems I manage (including my personal laptops)
[2008/06/19 03:19:06] <nevyn> mcbride: I saw a cute password management system that implementd access control to root passwords
[2008/06/19 03:19:34] <nevyn> it had an agent that changed it to a new random password after the access time had expired and stuff
[2008/06/19 03:20:25] <msf> cool.. i would just focus my time trying to crack the password manager then ;-)
[2008/06/19 03:20:32] <mcbride> in formal situations, I generally do the "password in an envelope in the safe" thing
[2008/06/19 03:21:10] <nevyn> msf: windows 2003 server with an encrypted disk but yes... that's a problem.
[2008/06/19 03:21:19] <Volcane> 2 managers of my clients can log in somewhere, first one sudo runs a command which decrypts a file - yielding another.
[2008/06/19 03:21:33] <Volcane> then the 2nd manager logs in and run his sudo command and they get the password
[2008/06/19 03:21:56] <nevyn> that's cute.
[2008/06/19 03:22:10] <Volcane> with many warnings and such about me being mailed and them getting a 10 hour bill for changing passwords if they do go ahead etc
[2008/06/19 03:22:37] <nevyn> a 10 hr bill to cycle passwords?
[2008/06/19 03:22:48] <Volcane> that was before puppet :p
[2008/06/19 03:23:12] <nevyn> but the customers don't know about puppet? ;-P
[2008/06/19 03:23:32] <Volcane> heh they do, in 3 years they've only once even tried to access the passwords
[2008/06/19 03:23:37] <nevyn> Volcane: do they get specific passwords or all their passwords with once procedure?
[2008/06/19 03:23:45] <Volcane> and lost their nerve half way through the processs thanks to the warnings and called me instead
[2008/06/19 03:23:57] <Volcane> nevyn: specific
[2008/06/19 03:24:08] <nevyn> it seems a little cruel.
[2008/06/19 03:24:13] <nevyn> but I kinda like it.
[2008/06/19 03:24:35] <Volcane> nevyn: they like it, i got a specific brief to built hteir site so they dont need sysadmins, which means they dont get root
[2008/06/19 03:24:41] <Volcane> nevyn: been 3 years, and they're happy.
[2008/06/19 03:25:14] <Volcane> nevyn: and so am i cos I've never had outage caused by someone doing weird things
[2008/06/19 03:25:19] <jamesturnbull> Volcane: can work well with some shops - especially those not techical
[2008/06/19 03:25:26] <jamesturnbull> Volcane: nightmare if the client has techos
[2008/06/19 03:25:55] <Volcane> jamesturnbull: yeah they have 3 developers, quite technical, but bought into the idea well. and I enabled them to do what thye need, roll out new tomcat webapps etc via sudo and some scritps
[2008/06/19 03:26:14] @ roald joined channel #puppet
[2008/06/19 03:26:22] <jamesturnbull> Volcane: it's us types that make it difficult
[2008/06/19 03:26:31] <Volcane> jamesturnbull: once the techs feel the restrictions doesnt restrict their day job, they end up enjoying it cos they know they wont be compelled to do stuf that will distract them from what they enjoy
[2008/06/19 03:26:49] <mcbride> nevyn: regarding passwords in the copy buffer
[2008/06/19 03:27:02] <jamesturnbull> Volcane: but I have been forcing myself to use sudo 99% of the time myself - stop the lazy su
[2008/06/19 03:27:27] <mcbride> pwsafe is kind of neat, it puts the password straight into the buffer without displaying it
[2008/06/19 03:27:41] <mcbride> then wotches the buffer and clears it after the first paste.
[2008/06/19 03:27:47] <Volcane> jamesturnbull: hehe, the other thing now that they have puppet, they can do stuff htey couldnt do before, like, they couldnt make vhosts cos i didnt trust them to do it the way i like it
[2008/06/19 03:28:28] @ tim\|macbook joined channel #puppet
[2008/06/19 03:28:30] <Volcane> jamesturnbull: now though, apache::vhost{"some.com": } is what they need to do, and they save money (dont call me) and feel more emppowered without destroying the good working env
[2008/06/19 03:29:06] <jamesturnbull> Volcane: neat this puppet thing isn't it?
[2008/06/19 03:30:23] <Volcane> yip :) arg they can get root any of a 100 ways if they need it, i dont restrict them from for example editing anything in puppet, but they've bought into the idea of seperation of responsibilities and so they dont
[2008/06/19 03:34:58] @ DerekW joined channel #puppet
[2008/06/19 03:35:08] @ zipkid joined channel #puppet
[2008/06/19 03:35:21] <zipkid> Goodmorning!
[2008/06/19 03:35:29] @ DerekW_ joined channel #puppet
[2008/06/19 03:37:54] <Volcane> hmm, is there really no getopt implimentation in base ruby? weird
[2008/06/19 03:38:05] @ exodos joined channel #puppet
[2008/06/19 03:40:20] <jamesturnbull> Volcane: there is one I think
[2008/06/19 03:40:48] <jamesturnbull> Volcane: http://raa.ruby-lang.org/project/getopt/
[2008/06/19 03:41:19] <Volcane> but not distributed with the language itself i mean, saw that one
[2008/06/19 03:41:56] <jamesturnbull> Volcane: standards libraries have them
[2008/06/19 03:42:05] * Volcane checks
[2008/06/19 03:42:08] <jamesturnbull> GetOptLong and OptionParser
[2008/06/19 03:43:34] <Volcane> ah kewl, thats nice thanks
[2008/06/19 03:43:40] <Volcane> figured its gotta be there
[2008/06/19 03:44:15] @ Quit: hessml: "Leaving..."
[2008/06/19 03:48:53] @ Quit: raasdnil: Read error: 110 (Connection timed out)
[2008/06/19 04:05:53] @ rcoup joined channel #puppet
[2008/06/19 04:10:20] @ Quit: f3ew: Read error: 113 (No route to host)
[2008/06/19 04:35:02] @ glaw joined channel #puppet
[2008/06/19 04:45:36] @ Quit: silent-ion: Remote closed the connection
[2008/06/19 04:58:19] @ f3ew joined channel #puppet
[2008/06/19 05:03:21] <andrewcshafer> anyone awake?
[2008/06/19 05:04:19] <e^ipi> no
[2008/06/19 05:04:22] <andrewcshafer> nice
[2008/06/19 05:05:08] <zipkid> i try to pretend i am....
[2008/06/19 05:05:50] <andrewcshafer> I'm working on some shirts for velocity swag, looking for opinions on the prototypes
[2008/06/19 05:06:14] <e^ipi> i don't even know what you just said
[2008/06/19 05:06:38] <zipkid> i don't understand what you just said
[2008/06/19 05:06:58] <andrewcshafer> http://www.reductivelabs.com/images/Layouts.pdf
[2008/06/19 05:07:08] <andrewcshafer> T-shirts for a conference next week
[2008/06/19 05:07:14] <jamesturnbull> andrewcshafer: awake here
[2008/06/19 05:07:18] <andrewcshafer> its about 2 mb
[2008/06/19 05:07:28] <jamesturnbull> andrewcshafer: opening now
[2008/06/19 05:07:38] <andrewcshafer> but you can zoom a lot
[2008/06/19 05:07:44] @ keithlard joined channel #puppet
[2008/06/19 05:07:58] <zipkid> andrewcshafer: looks nice
[2008/06/19 05:08:09] <zipkid> will you send me one :-P
[2008/06/19 05:08:55] <zipkid> i like the first one best....
[2008/06/19 05:09:04] <zipkid> simple & clear
[2008/06/19 05:09:13] <jamesturnbull> andrewcshafer: I like the 3rd
[2008/06/19 05:09:29] <jamesturnbull> andrewcshafer: actually it;s the last
[2008/06/19 05:09:32] <andrewcshafer> we're going to do a run of 100 for the week, promised one to everyone from the training, and we'll probably give most of the rest away
[2008/06/19 05:09:38] <jamesturnbull> andrewcshafer: be nice in black
[2008/06/19 05:09:41] <andrewcshafer> but we'll do another run
[2008/06/19 05:10:09] <andrewcshafer> yeah, I'm doing the first run on natural unbleached cotton, cause that's how I roll :/
[2008/06/19 05:11:00] <andrewcshafer> but a run in black would be sweet too
[2008/06/19 05:11:00] <e^ipi> hippie
[2008/06/19 05:11:07] <jamesturnbull> andrewcshafer: damn hippy
[2008/06/19 05:11:09] <andrewcshafer> something :/
[2008/06/19 05:11:29] <andrewcshafer> Did you guys know Luke grew up on a hippy commune?
[2008/06/19 05:12:08] <jamesturnbull> andrewcshafer: yep
[2008/06/19 05:12:22] <jamesturnbull> andrewcshafer: no programmer is perfect
[2008/06/19 05:12:29] <andrewcshafer> tru dat
[2008/06/19 05:12:39] <andrewcshafer> http://en.wikipedia.org/wiki/The_Farm_%28Tennessee%29
[2008/06/19 05:13:31] <zipkid> actually... now that there is life in here.....
[2008/06/19 05:13:48] <zipkid> i have comment about module autodiscovery
[2008/06/19 05:13:49] <e^ipi> what is life?
[2008/06/19 05:14:00] <zipkid> anyone care to listen?
[2008/06/19 05:14:13] * andrewcshafer ways past bedtime
[2008/06/19 05:14:19] <andrewcshafer> sure
[2008/06/19 05:14:33] <zipkid> well, it works sweet :-)
[2008/06/19 05:14:34] <andrewcshafer> as long as it isn't a long comment :/
[2008/06/19 05:14:38] <zipkid> but not deep
[2008/06/19 05:14:49] <andrewcshafer> elaborate
[2008/06/19 05:15:03] <andrewcshafer> in 10 words or less :)
[2008/06/19 05:15:06] <zipkid> if you use module::filename say in site.pp it works fine
[2008/06/19 05:15:09] <zipkid> oops...
[2008/06/19 05:15:22] <andrewcshafer> just kidding, I want to hear
[2008/06/19 05:15:43] <zipkid> but if you go on deeper and use modules lteron (deeper) it finds the files but not the claas or define
[2008/06/19 05:15:56] <zipkid> s/lteron/lateron/
[2008/06/19 05:16:35] <andrewcshafer> hmm, sounds like a bug
[2008/06/19 05:16:40] <zipkid> i use 1 file / class or define with the same name
[2008/06/19 05:17:08] <andrewcshafer> Open an issue with the simplest way to reproduce it
[2008/06/19 05:17:20] <zipkid> if the module was used in the 1st level (i call it that...) then all files will work but not otherwise
[2008/06/19 05:17:24] <jamesturnbull> zipkid: can you give me a clear example and some error messages?
[2008/06/19 05:17:28] <andrewcshafer> fujin will probably close it, but hey
[2008/06/19 05:17:37] <zipkid> jamesturnbull: i can try
[2008/06/19 05:17:47] <zipkid> andrewcshafer: same answer....
[2008/06/19 05:17:55] <jamesturnbull> andrewcshafer: fujin just shouldn't triage tickets without coffee
[2008/06/19 05:19:03] <zipkid> maybe there is something totally wrong in my setup though..... because template relative paths do not work either.....
[2008/06/19 05:19:27] <andrewcshafer> yep, must be you, problem solved
[2008/06/19 05:19:41] <zipkid> but i will try to see if i can reproduce this on a clean setup
[2008/06/19 05:19:53] <andrewcshafer> cool, I'm going to bed
[2008/06/19 05:19:56] <jamesturnbull> andrewcshafer: yeah first shirt nad last shirt
[2008/06/19 05:19:59] <zipkid> andrewcshafer: ah, thx, i felt something wierd....
[2008/06/19 05:20:01] <jamesturnbull> andrewcshafer: others are kinda busy
[2008/06/19 05:20:44] <andrewcshafer> cool, I'm nailing it down tomorrow morning
[2008/06/19 05:20:47] @ Quit: keithlard:
[2008/06/19 05:20:52] <andrewcshafer> cheers
[2008/06/19 05:21:00] <zipkid> andrewcshafer: will it look good with nailholes?
[2008/06/19 05:21:30] <andrewcshafer> maybe, depends on your taste for nailholes
[2008/06/19 05:22:04] <zipkid> ow, right..... as you said...: < andrewcshafer> yep, must be you, problem solved
[2008/06/19 05:22:23] <zipkid> goodnight.... 11:22 AM here :-)
[2008/06/19 05:28:38] <jamesturnbull> zipkid: where are you?
[2008/06/19 05:28:44] <zipkid> .be
[2008/06/19 05:28:46] <jamesturnbull> zipkid: 7.30pm here
[2008/06/19 05:28:50] <jamesturnbull> zipkid: .au
[2008/06/19 05:28:58] <zipkid> opposites....
[2008/06/19 05:29:12] <jamesturnbull> zipkid: brussels?
[2008/06/19 05:29:25] <zipkid> nope, Brugge
[2008/06/19 05:29:40] <zipkid> like the movie... In Bruges :-P
[2008/06/19 05:29:46] @ silent-ion joined channel #puppet
[2008/06/19 05:31:07] <jamesturnbull> zipkid: been to Ghent, Brussels and Antwerp not Brugge
[2008/06/19 05:31:35] <zipkid> oh well... just another tourist-trap you missed...
[2008/06/19 05:32:04] <jamesturnbull> zipkid: was working so no tourism... :
[2008/06/19 05:32:11] <zipkid> doing?
[2008/06/19 05:32:42] <jamesturnbull> zipkid: first trip working for KPN and the second visiting Swift
[2008/06/19 05:33:10] <zipkid> Swift? Sven Vermeulen?
[2008/06/19 05:33:45] <jamesturnbull> financial telecommunications
[2008/06/19 05:33:51] <zipkid> ah :-)
[2008/06/19 05:33:56] <jamesturnbull> in La Huple
[2008/06/19 05:34:03] <zipkid> IBM....
[2008/06/19 05:34:07] <zipkid> ex IBM ...
[2008/06/19 05:34:20] <zipkid> anyway... interesting
[2008/06/19 05:34:56] * zipkid did not visit .au only .ca and .us (and European countries)
[2008/06/19 05:34:57] <silent-ion> Hi
[2008/06/19 05:34:58] <silent-ion> I have different classes which depends on /etc/services
[2008/06/19 05:35:00] <silent-ion> How can I manage this dependence?
[2008/06/19 05:35:02] <silent-ion> Now
[2008/06/19 05:35:03] <silent-ion> I create base class
[2008/06/19 05:35:05] <silent-ion> class common:services {
[2008/06/19 05:35:06] <silent-ion> file { "/etc/services":
[2008/06/19 05:35:07] <silent-ion> ...
[2008/06/19 05:35:09] <silent-ion> }
[2008/06/19 05:35:10] <silent-ion> And other class inherits this base class.
[2008/06/19 05:35:12] <silent-ion> class inetd inherits common::services {
[2008/06/19 05:35:14] <silent-ion> service { "inetd":
[2008/06/19 05:35:15] <silent-ion> require => File["/etc/services"];
[2008/06/19 05:35:16] <silent-ion> Is this a right way?
[2008/06/19 05:35:52] <zipkid> no, it will complain if you inherit it more than once
[2008/06/19 05:35:56] <zipkid> iirc ...
[2008/06/19 05:36:03] <zipkid> have you tried?
[2008/06/19 05:38:02] <jamesturnbull> silent-ion: that should work
[2008/06/19 05:38:15] <zipkid> ok, i'll shut up ....
[2008/06/19 05:38:44] * zipkid contemplates : < andrewcshafer> yep, must be you, problem solved
[2008/06/19 05:40:13] <silent-ion> maybe is a more flexible or better way to manage such dependence?
[2008/06/19 05:41:38] <jamesturnbull> silent-ion: that's a fairly reasonably way of doing it
[2008/06/19 05:46:32] @ strerror_work joined channel #puppet
[2008/06/19 05:47:53] <jamesturnbull> silent-ion: you could also include the class rather than inherit it
[2008/06/19 05:49:52] <fujin> andrewcshafer: hey come on man, digs at me while I aint around :\|
[2008/06/19 05:50:09] <fujin> that was an accidental closing!
[2008/06/19 05:50:16] <fujin> I was merely offering constructive input
[2008/06/19 05:50:24] <fujin> I coulda just said 'stop trying to do it wrong'
[2008/06/19 05:50:59] <silent-ion> ok. thanks.
[2008/06/19 05:51:01] <silent-ion> I worry a little if in the future I'll want that inetd inherit not only from common::services.
[2008/06/19 05:51:02] <silent-ion> AFAIR puppet supports only one inheritance.
[2008/06/19 06:00:47] @ keithlard joined channel #puppet
[2008/06/19 06:04:10] <zipkid> silent-ion: follow jamesturnbull's advice
[2008/06/19 06:04:11] <jamesturnbull> silent-ion: only one per class
[2008/06/19 06:04:52] <jamesturnbull> fujin: heh - it was partly me too - and I am guilty of it too - too little caffeine and triage :)
[2008/06/19 06:04:53] <zipkid> silent-ion: the 'problem' is it only supports one definition / class
[2008/06/19 06:05:11] <zipkid> ok... Lunch!
[2008/06/19 06:05:31] * zipkid will have Scampi with Saffronsauce... mmm
[2008/06/19 06:05:35] <zipkid> bbl
[2008/06/19 06:07:44] <jamesturnbull> silent-ion: have a look at the wiki:PuppetBestPractice page - it has some good ideas
[2008/06/19 06:07:47] <gepetto> jamesturnbull: silent-ion: wiki:PuppetBestPractice is http://reductivelabs.com/trac/puppet/wiki/PuppetBestPractice
[2008/06/19 06:16:14] <silent-ion> ok. thanks
[2008/06/19 06:16:32] @ Quit: yure: Remote closed the connection
[2008/06/19 06:57:14] @ Quit: rcoup:
[2008/06/19 06:58:10] @ Demosthenes joined channel #puppet
[2008/06/19 07:02:17] @ Quit: roald: Remote closed the connection
[2008/06/19 07:19:03] <zipkid> dende:/etc/puppet/ssl # puppetmasterd --no-daemonize --debug --verbose
[2008/06/19 07:19:03] <zipkid> dende:/etc/puppet/ssl # ps -ef \| grep pupp
[2008/06/19 07:19:03] <zipkid> puppet 31660 1 0 13:13 ? 00:00:00 /usr/bin/ruby /usr/sbin/puppetmasterd --no-daemonize --debug --verbose
[2008/06/19 07:19:13] @ Quit: kenvandine: Read error: 110 (Connection timed out)
[2008/06/19 07:19:16] <zipkid> why does it not stay in the fg ?
[2008/06/19 07:22:33] <ashp> www.untaken.net/images/babby.jpg
[2008/06/19 07:22:38] <ashp> Finally, my own minion!
[2008/06/19 07:24:42] <Volcane> ashp: congrats!
[2008/06/19 07:24:57] <zipkid> ashp: cool hat! ;-)
[2008/06/19 07:27:07] <ashp> thanks, that's hospital provided so I can't take credit :)
[2008/06/19 07:27:14] <ashp> 10 minutes from starting to push until we were holding her, nice and fast
[2008/06/19 07:28:06] <zipkid> anyone can help me on that escaping puppetmaster prob?
[2008/06/19 07:29:37] @ Quit: magnachef_: Read error: 60 (Operation timed out)
[2008/06/19 07:33:38] <lazzurs> ashp: awwww, lovely :) congrats :D
[2008/06/19 07:33:48] <lazzurs> and wow that is amazingly fast
[2008/06/19 07:36:51] <bda> ashp: Congratulations!
[2008/06/19 07:38:40] @ greenmoss joined channel #puppet
[2008/06/19 07:40:35] @ rcoup joined channel #puppet
[2008/06/19 07:40:41] <zipkid> Ok, i obviously asked my question at an unlucky moment... everyone is flabbergasted by the baby... ashp just wait 10 - 12 years , you'll be flbbergasted at what will happen then ... :-)
[2008/06/19 07:41:48] @ Quit: rcoup: Read error: 104 (Connection reset by peer)
[2008/06/19 07:41:50] @ rcoup joined channel #puppet
[2008/06/19 07:47:13] @ snerdly joined channel #puppet
[2008/06/19 07:48:08] @ Quit: greenmoss:
[2008/06/19 07:51:58] @ kambiz joined channel #puppet
[2008/06/19 07:56:36] @ Quit: snerd: Read error: 110 (Connection timed out)
[2008/06/19 07:59:17] @ Quit: glaw: "http://xkcd.com/137/"
[2008/06/19 08:07:08] @ jsgotangco joined channel #puppet
[2008/06/19 08:18:39] @ kenvandine joined channel #puppet
[2008/06/19 08:21:44] <silent-ion> Hi
[2008/06/19 08:21:46] <silent-ion> define clsuid() {
[2008/06/19 08:21:48] <silent-ion> file { "${name}": mode => 644 }
[2008/06/19 08:21:49] <silent-ion> }
[2008/06/19 08:21:51] <silent-ion> clsuid { ["/sbin/ping", "/sbin/rcp"]: }
[2008/06/19 08:21:52] <silent-ion> Can I use such construction and define not only $name but $mode also?
[2008/06/19 08:22:20] <zipkid> define clsuid( $mode ) {}
[2008/06/19 08:22:38] <zipkid> clsuid { ["/sbin/ping", "/sbin/rcp"]: mode => "yourmode" }
[2008/06/19 08:23:06] <zipkid> file { "$name": mode => $mode }
[2008/06/19 08:23:22] <silent-ion> ooh
[2008/06/19 08:23:24] <silent-ion> thanks.. I'll try it now
[2008/06/19 08:23:35] <zipkid> silent-ion: this is really explained very well on the site......
[2008/06/19 08:23:55] * zipkid feels that question deserved an RTFM .....
[2008/06/19 08:27:36] @ Vivek joined channel #puppet
[2008/06/19 08:34:44] <zipkid> ok.... i'm having a horrible time with the certificates when moving the puppetmaster to a different machine......
[2008/06/19 08:37:13] @ Quit: kambiz: "Leaving"
[2008/06/19 08:52:02] @ Quit: snerdly: Read error: 110 (Connection timed out)
[2008/06/19 08:52:16] @ cabbiepete joined channel #puppet
[2008/06/19 09:00:38] @ Quit: cabbiepete: "Bye for now"
[2008/06/19 09:04:43] @ lak joined channel #puppet
[2008/06/19 09:06:36] @ Quit: lak: Client Quit
[2008/06/19 09:08:08] @ Quit: Demosthenes: "leaving"
[2008/06/19 09:20:31] @ jvanzyl joined channel #puppet
[2008/06/19 09:21:16] @ Quit: rcoup:
[2008/06/19 09:25:54] <jamesturnbull> silent-ion: wiki:LanguageTutorial
[2008/06/19 09:25:59] <gepetto> jamesturnbull: silent-ion: wiki:LanguageTutorial is http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial
[2008/06/19 09:26:14] <jamesturnbull> silent-ion: also a great book - Pulling Strings with Puppet - * where great = written by me
[2008/06/19 09:28:41] * kjetilho has it next to his keyboard :)
[2008/06/19 09:30:18] <zipkid> jamesturnbull: !
[2008/06/19 09:30:58] <jamesturnbull> zipkid: http://www.apress.com/book/view/1590599780
[2008/06/19 09:31:04] <zipkid> dende:/etc # puppetmasterd --no-daemonize --debug --verbose
[2008/06/19 09:31:16] <zipkid> it does NOT stay in fg...
[2008/06/19 09:31:34] <zipkid> jamesturnbull: google showed me the amazon page...
[2008/06/19 09:32:22] <jamesturnbull> zipkid: never seen that
[2008/06/19 09:33:27] <zipkid> sadly i do .... i even reinstalled...
[2008/06/19 09:33:33] <zipkid> rebooted...
[2008/06/19 09:33:36] <zipkid> re...
[2008/06/19 09:33:44] <jamesturnbull> platform?
[2008/06/19 09:33:50] <jamesturnbull> version?
[2008/06/19 09:34:14] <zipkid> SLES 10 SP1 - Linux dende 2.6.16.46-0.12-smp #1 SMP Thu May 17 14:00:09 UTC 2007 x86_64 x86_64 x86_64 GNU/Linux
[2008/06/19 09:34:15] <gepetto> zipkid: #1 is http://reductivelabs.com/redmine/issues/show/1
[2008/06/19 09:34:29] <zipkid> dende:/etc # puppetmasterd -V
[2008/06/19 09:34:29] <zipkid> 0.24.4
[2008/06/19 09:34:43] <jamesturnbull> zipkid: any output? logs/debug?
[2008/06/19 09:36:13] <zipkid> yes....
[2008/06/19 09:36:26] <jamesturnbull> pastie: url zipkid
[2008/06/19 09:36:40] <jamesturnbull> pastie: help
[2008/06/19 09:37:24] @ jbrothers joined channel #puppet
[2008/06/19 09:37:34] @ Innocenti joined channel #puppet
[2008/06/19 09:37:40] @ Quit: DarkFlib: Remote closed the connection
[2008/06/19 09:40:56] @ kambiz joined channel #puppet
[2008/06/19 09:41:30] <zipkid> jamesturnbull: http://pastie.org/217981
[2008/06/19 09:42:33] <jamesturnbull> zipkid: are you sure you don't have a stray master running?
[2008/06/19 09:42:45] <jamesturnbull> zipkid: also any syslog outut?
[2008/06/19 09:43:14] @ DarkFlib joined channel #puppet
[2008/06/19 09:43:41] <zipkid> hmm.... it's all in syslog....
[2008/06/19 09:44:10] <jamesturnbull> not the webrick server - but anythign in messages?
[2008/06/19 09:44:47] <jamesturnbull> zipkid: TCPServer Error: Address already in use - bind(2)
[2008/06/19 09:45:03] <jamesturnbull> zipkid: suggests something is already bound to the port nad it's failing to start a new master
[2008/06/19 09:45:05] <zipkid> i had that on the working server too
[2008/06/19 09:46:25] @ roald joined channel #puppet
[2008/06/19 09:46:46] <zipkid> but it runs and listens.....
[2008/06/19 09:48:33] <jamesturnbull> zipkid: nothing in var/log/messages?
[2008/06/19 09:48:57] <zipkid> yes.... everything ....
[2008/06/19 09:49:07] <zipkid> now i saw because you hinted
[2008/06/19 09:49:26] * zipkid was to dim to look there as he expected it on stdout...
[2008/06/19 09:49:58] @ Quit: kambiz: "Leaving"
[2008/06/19 09:50:26] <jamesturnbull> zipkid: well if something is busted it'll generally always log to syslog
[2008/06/19 09:50:41] <jamesturnbull> zipkid: also try adding --trace to the command line
[2008/06/19 09:50:48] @ hessml joined channel #puppet
[2008/06/19 09:50:54] <zipkid> ok... i will do the exercise all over but look at syslog too....
[2008/06/19 09:51:08] <zipkid> and add --trace :-)
[2008/06/19 09:56:46] @ Disconnect joined channel #puppet
[2008/06/19 10:02:09] @ ski98033 joined channel #puppet
[2008/06/19 10:02:39] @ Quit: Pikshik[work]: Read error: 110 (Connection timed out)
[2008/06/19 10:03:08] @ Pikshik[work] joined channel #puppet
[2008/06/19 10:05:52] <zipkid> jamesturnbull: http://pastie.org/218000
[2008/06/19 10:06:54] <zipkid> DAMN !!!
[2008/06/19 10:06:59] <zipkid> i found it.....
[2008/06/19 10:07:06] <jamesturnbull> zipkid: oh?
[2008/06/19 10:07:54] <zipkid> yep.... i removed the symlinks puppetca.conf -> puppet.conf and puppetmasterd.conf -> puppet.conf
[2008/06/19 10:08:04] <zipkid> now it stays in the fg....
[2008/06/19 10:08:15] <jamesturnbull> zipkid: ah okay - weird
[2008/06/19 10:08:56] <zipkid> these come from the rpm....
[2008/06/19 10:09:25] <jamesturnbull> zipkid: that's a packaging error then - the individual conf files are deprecated
[2008/06/19 10:09:42] <jamesturnbull> zipkid: I'd log a ticket with the whoever packages it
[2008/06/19 10:09:54] <zipkid> i know, that is why i removed them on the previous(test) server but i forgot here....
[2008/06/19 10:10:18] <zipkid> "Martin Vuk has set up the SuSE build service to create Puppet and Facter SuSE packages."
[2008/06/19 10:10:28] <zipkid> there he is....
[2008/06/19 10:10:55] @ Quit: tim\|macbook: "This computer has gone to sleep"
[2008/06/19 10:15:05] @ Quit: roald: Read error: 113 (No route to host)
[2008/06/19 10:18:19] <jamesturnbull> zipkid: hmmm can't see any way to contact Martin
[2008/06/19 10:21:20] <zipkid> Packager : Martin Vuk <martin.vuk@fri.uni-lj.si>
[2008/06/19 10:23:18] @ shenson_not_here is now known as shenson
[2008/06/19 10:26:14] @ Quit: ski98033: "Leaving."
[2008/06/19 10:26:44] <jamesturnbull> zipkid: okay emailed him
[2008/06/19 10:27:57] <zipkid> you are a very, extremely usefull guy ;-)
[2008/06/19 10:28:28] <zipkid> thanks... now i will try to reproduce my auto-detect bug for modules....
[2008/06/19 10:29:10] @ rraphink joined channel #puppet
[2008/06/19 10:31:58] @ Quit: raphink: Connection timed out
[2008/06/19 10:34:17] <jamesturnbull> alright night all - sleep time in Oz...
[2008/06/19 10:37:59] @ Quit: DerekW_: "Leaving"
[2008/06/19 10:45:50] @ hessml is now known as hessml\|away
[2008/06/19 10:47:34] @ Quit: hessml\|away: "Leaving..."
[2008/06/19 10:48:33] @ Quit: jsgotangco: "Ciao"
[2008/06/19 10:53:16] @ falsch joined channel #puppet
[2008/06/19 10:54:35] <zipkid> hm.... i can reproduce ..... how do i submit....
[2008/06/19 10:54:44] <zipkid> it is somewhat elaborate
[2008/06/19 10:55:40] @ brscott joined channel #puppet
[2008/06/19 10:55:43] <fujin> zipkid: fire up a ticket
[2008/06/19 10:55:59] <fujin> http://reductivelabs.com/redmine
[2008/06/19 11:00:29] <zipkid> actually there is a ticket that looks like it... but it says : Fixed in [2925ad1].
[2008/06/19 11:04:55] @ hessml joined channel #puppet
[2008/06/19 11:04:56] <zipkid> how do i know what version i have?
[2008/06/19 11:05:23] <zipkid> puppet -V -> 0.24.4
[2008/06/19 11:05:31] <zipkid> how do these correspond?
[2008/06/19 11:07:46] @ rakslice_ joined channel #puppet
[2008/06/19 11:09:04] @ Quit: rakslice: Read error: 104 (Connection reset by peer)
[2008/06/19 11:13:08] @ roald joined channel #puppet
[2008/06/19 11:13:37] @ andrewcshafer_ joined channel #puppet
[2008/06/19 11:14:57] @ Quit: Innocenti: Client Quit
[2008/06/19 11:19:03] <silent-ion> As I know: puppet look at resource by it title.
[2008/06/19 11:19:04] <silent-ion> I think that these definitions are different:
[2008/06/19 11:19:06] <silent-ion> file { "create_nginx_nodes_dir":
[2008/06/19 11:19:08] <silent-ion> name => "/usr/local/nginx/conf/nodes",
[2008/06/19 11:19:09] <silent-ion> owner => "accel",
[2008/06/19 11:19:11] <silent-ion> group => "accel",
[2008/06/19 11:19:12] <silent-ion> mode => "755";
[2008/06/19 11:19:14] <silent-ion> }
[2008/06/19 11:19:15] <silent-ion> file { "/usr/local/nginx/conf/nodes":
[2008/06/19 11:19:17] <silent-ion> ensure => directory,
[2008/06/19 11:19:18] <silent-ion> purge => true,
[2008/06/19 11:19:20] <silent-ion> recurse => true,
[2008/06/19 11:19:21] <silent-ion> force => true,
[2008/06/19 11:19:23] <silent-ion> source => "puppet:///nginx/emtpy",
[2008/06/19 11:19:24] <silent-ion> require => [ Package["nginx"], File["create_nginx_nodes_dir"] ];
[2008/06/19 11:19:26] <silent-ion> }
[2008/06/19 11:19:28] <silent-ion> because they have different title.
[2008/06/19 11:19:29] <silent-ion> But puppet disagree with me :-)
[2008/06/19 11:19:30] <silent-ion> Could not retrieve catalog: Puppet::Parser::AST::Resource failed with error ArgumentError: Duplicate definition:
[2008/06/19 11:19:32] <silent-ion> What are you think???
[2008/06/19 11:21:29] @ Quit: andrewcshafer: Read error: 113 (No route to host)
[2008/06/19 11:22:22] <Volcane> silent-ion: use pastie.org for pasting
[2008/06/19 11:23:41] <Volcane> silent-ion: anyway, name => in the first one makes it the sae as the second one...
[2008/06/19 11:25:55] <zipkid> silent-ion: try replacing name => "/usr/local/nginx/conf/nodes", with path => "/usr/local/nginx/conf/nodes",
[2008/06/19 11:27:01] * Volcane really doubs you can convince puppet to manage the same file twice no matter how much you muck about with naming
[2008/06/19 11:27:04] @ martha joined channel #puppet
[2008/06/19 11:27:22] <benp-> i thought you could when i first started using puppet
[2008/06/19 11:27:45] <zipkid> Volcane: i think you can, with the name / path combination....
[2008/06/19 11:28:16] <benp-> but you can't
[2008/06/19 11:28:48] @ muerr joined channel #puppet
[2008/06/19 11:29:50] @ lak joined channel #puppet
[2008/06/19 11:30:06] <Volcane> zipkid: try it
[2008/06/19 11:30:28] <muerr> top o' the marnin
[2008/06/19 11:30:39] <Volcane> there really are no decent YAML parsers for php, sigh
[2008/06/19 11:30:41] <zipkid> Volcane: tell silent-ion to...
[2008/06/19 11:32:00] <silent-ion> I'm trying now
[2008/06/19 11:32:02] <Volcane> either all the php ones are broken or the ruby one is odd
[2008/06/19 11:32:21] <Volcane> looking at the code of the php ones, i think they're all broken
[2008/06/19 11:34:26] <zipkid> Volcane: you are right, but i thinkk this goes against the global puppet explanation.....
[2008/06/19 11:34:42] <zipkid> i think it _should_ work...
[2008/06/19 11:34:54] @ Quit: roald: "KVIrc 3.4.0 Virgo http://www.kvirc.net/"
[2008/06/19 11:35:05] <Volcane> zipkid: puppet is all about managing resources, and u cant manage one resource twice
[2008/06/19 11:35:44] <zipkid> Volcane: what about managing 2 files with the same name on different servers with different purposes....
[2008/06/19 11:36:00] <zipkid> it might be a wierd situation but it is possible...
[2008/06/19 11:36:10] <Volcane> it will only coplain when you import both resources onto one server
[2008/06/19 11:36:30] <Volcane> you can define management of the sae file 100 times, just dont use it twice on the same box
[2008/06/19 11:36:43] <zipkid> hmmmm.... that might be the final, correct answer :-)
[2008/06/19 11:37:02] <muerr> Volcane: caveat, unless you use virtual resources :-)
[2008/06/19 11:37:40] <Volcane> muerr: yeah
[2008/06/19 11:37:59] <muerr> but even then, the resource only gets applied one time.
[2008/06/19 11:38:07] <muerr> great example is users.
[2008/06/19 11:38:26] @ emerose joined channel #puppet
[2008/06/19 11:38:48] @ Quit: jvanzyl:
[2008/06/19 11:43:05] @ rraphink is now known as raphink
[2008/06/19 11:43:36] <jbrothers> is windows support on the horizon?
[2008/06/19 11:44:42] @ brscott left channel #puppet ()
[2008/06/19 11:45:03] <jbrothers> oh, the faq says no one is working on it. nevermind
[2008/06/19 11:45:10] <Volcane> click{"4 left, 3 across": type => double }
[2008/06/19 11:46:56] <muerr> heh.
[2008/06/19 11:47:29] <muerr> http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1313370,00.html
[2008/06/19 11:47:57] <muerr> Ed Skoudis, the author of that article, has a whole course with SANS on "Windows Commandline Kung Fu"
[2008/06/19 11:48:31] <Volcane> yeah the new shell isnt bad (didnt read that link, but have read about the hsell)
[2008/06/19 11:48:58] @ densone joined channel #puppet
[2008/06/19 11:54:20] <andrewcshafer_> Taking a poll/open question: What's a good tag line for the first run of puppet T-shirts? Current proposals '...because ssh is not a solution' and 'ssh doesn't cut it'
[2008/06/19 11:55:08] <muerr> Volcane: actually that article is applicable with 'cmd.exe'
[2008/06/19 11:55:18] <muerr> i didn't know the registry was so... accessible.
[2008/06/19 11:55:34] <muerr> I shudder to think about trying to apply puppet configuration to the windows registry though.
[2008/06/19 11:55:36] @ jvanzyl joined channel #puppet
[2008/06/19 11:55:39] <lak> well, i was thinking more "...because ssh just doesn't cut it"
[2008/06/19 11:55:45] <lak> couple extra words :)
[2008/06/19 11:56:02] <lak> muerr: and yet, that'll be the first thing someone will want to do
[2008/06/19 11:56:04] <lak> awesome, huh?
[2008/06/19 11:56:23] @ jsgotangco joined channel #puppet
[2008/06/19 11:56:24] <muerr> lak: of course, because Windows registry is somewhat synonomous with say, /etc/*
[2008/06/19 11:56:51] <lak> yeppers
[2008/06/19 11:57:56] <andrewcshafer_> come on people. . . drink your coffee :/
[2008/06/19 11:57:56] <muerr> i shudder to think of the complexity that would add to facter alone.
[2008/06/19 11:58:03] <muerr> andrewcshafer_: already drank it.
[2008/06/19 11:58:19] @ andrewcshafer_ left channel #puppet ()
[2008/06/19 11:58:24] @ andrewcshafer_ joined channel #puppet
[2008/06/19 11:58:38] <muerr> Puppet - because ssh isn't in control?
[2008/06/19 11:59:11] @ shake-n-bake joined channel #puppet
[2008/06/19 11:59:32] <Volcane> right, php puppet report thingum is defo working now, yaml--
[2008/06/19 11:59:58] <andrewcshafer_> We need a coliseum with lions, I bet then people would pay attention :/
[2008/06/19 12:00:10] <muerr> I've made a suggestion!
[2008/06/19 12:00:17] <Volcane> the yaml puppet makes is defo weird
[2008/06/19 12:00:21] <Volcane> for reports
[2008/06/19 12:00:45] <andrewcshafer_> muerr: you will be spared. . .
[2008/06/19 12:01:03] <muerr> Whew.
[2008/06/19 12:02:04] <andrewcshafer_> I'm glad I get Asian porn on the puppet user list, cause I was having trouble finding that. . .
[2008/06/19 12:02:17] <Disconnect> lak: re the shirts.. wouldn't that be better for capistrano than puppet?
[2008/06/19 12:02:54] <dryrot> i am reading the puppet book!
[2008/06/19 12:03:00] <andrewcshafer_> Disconnect: k, what do you think is good?
[2008/06/19 12:03:02] <dryrot> was the puppet book invented before modueles ?
[2008/06/19 12:03:20] <martha> Puppet - get control of your servers
[2008/06/19 12:03:23] <lak> modules were still young when it was written
[2008/06/19 12:03:29] <martha> or Puppet - get a handle on your servers
[2008/06/19 12:03:49] <Disconnect> puppet: get tangled up in it today
[2008/06/19 12:03:54] <lak> martha: btw, you never posted back on the naming thread
[2008/06/19 12:04:17] <lak> my answers make sense? i know it's not really what you wanted to hear, but i was finding the current situation too complex to maintain
[2008/06/19 12:04:32] <lak> you'll get your backward compatibility, but generally not for external node stuff
[2008/06/19 12:04:39] <lak> Disconnect: nice
[2008/06/19 12:05:02] <fastjay> morning
[2008/06/19 12:05:21] <barnum> have to be like splunk and have a bunch of catchy taglines
[2008/06/19 12:05:23] <andrewcshafer_> Puppet - its design is not as sucky as Luke says it is
[2008/06/19 12:05:29] @ Quit: jsgotangco: "Ciao"
[2008/06/19 12:05:30] <lak> hah!
[2008/06/19 12:05:42] <fastjay> i work like 1/2 a block from the splunk peeps
[2008/06/19 12:05:43] <lak> barnum: yeah, that's our goal, we're just working on the first one :)
[2008/06/19 12:05:50] <martha> puppet - control your servers, don't let them control you!
[2008/06/19 12:05:51] <fastjay> splunk t shirts EVERYWHERE
[2008/06/19 12:05:53] <barnum> whos pulling your strings?
[2008/06/19 12:06:12] * lak attempts to avoid being crude
[2008/06/19 12:06:19] <martha> lak: I understand, I just have to figure out a work-around for my server
[2008/06/19 12:06:23] @ robin_ joined channel #puppet
[2008/06/19 12:06:27] <andrewcshafer_> I just need one to go into production today
[2008/06/19 12:06:35] <martha> puppet - master your servers
[2008/06/19 12:06:36] <barnum> yeah our office you can find probably one person wearing a splunk t on any given day
[2008/06/19 12:06:56] <lak> splunk just gives a whole different meaning if you s/l//
[2008/06/19 12:06:57] <fastjay> barnum: ugg
[2008/06/19 12:07:13] <lak> and yes, ftr, i actually do think in regexes
[2008/06/19 12:07:23] <fastjay> i get my hair cut at spunksalon
[2008/06/19 12:07:26] <fastjay> no joke
[2008/06/19 12:07:28] <fastjay> :)
[2008/06/19 12:07:47] <barnum> im just up the street at 4th / market
[2008/06/19 12:07:56] <fastjay> nice
[2008/06/19 12:08:01] <fastjay> i live at 17th/castro
[2008/06/19 12:08:03] <barnum> well not this week but next week
[2008/06/19 12:08:09] <barnum> i live at 27th / castro
[2008/06/19 12:08:10] <barnum> hehe
[2008/06/19 12:08:19] * lak will be in castro this weekend
[2008/06/19 12:08:27] <barnum> you going to be in next week too right?
[2008/06/19 12:08:31] <lak> yeah
[2008/06/19 12:08:36] <fastjay> someone got hit on castro last night
[2008/06/19 12:08:41] <lak> but i'm actually staying with friends in the castro over the weekend
[2008/06/19 12:08:46] <lak> well, fri and sat
[2008/06/19 12:08:50] @ Quit: strerror_work:
[2008/06/19 12:08:52] <barnum> nice ill probably come down on sunday for the week
[2008/06/19 12:09:04] <fastjay> lak: if you need a ride or anything to/from airport and what not let me know
[2008/06/19 12:09:14] <lak> thanks
[2008/06/19 12:09:22] <fastjay> work has no problem w/ me doing stuff like that
[2008/06/19 12:09:29] <lak> fortunately i've got friends picking me up, and the bart should be ok on friday to leave
[2008/06/19 12:09:40] <barnum> bart rocks for leaving
[2008/06/19 12:09:57] <lak> but we could maybe plan on an early lunch + ride on friday if you want
[2008/06/19 12:10:08] <lak> i'll be staying at the hilton downtownish
[2008/06/19 12:10:18] <fastjay> my car lives in soma right now
[2008/06/19 12:10:41] <fastjay> but yeah I am down
[2008/06/19 12:10:54] <lak> cool
[2008/06/19 12:11:00] <lak> i might call a puppet meetup on thurs
[2008/06/19 12:11:05] <lak> since it's otherwise a bit clear, surprisingly
[2008/06/19 12:11:10] <fastjay> that would be sweet.
[2008/06/19 12:11:16] <lak> and we haven't had one in sf, that i know of
[2008/06/19 12:11:20] <lak> and it should be pretty popular
[2008/06/19 12:11:32] <fastjay> there was soemthing around the web 2.0 conf
[2008/06/19 12:11:34] <fastjay> iirc
[2008/06/19 12:11:37] @ sknight joined channel #puppet
[2008/06/19 12:11:37] <barnum> baysec is tonght if your already in the city
[2008/06/19 12:11:46] <barnum> usualy a pretty intersting group
[2008/06/19 12:11:50] @ Quit: DerekW: "Leaving"
[2008/06/19 12:11:56] <fastjay> we could talk about doing the sfbay puppet conf.. i didnt get much ofa response on the mailing lists but if we all meeet up
[2008/06/19 12:12:09] <sknight> hey guys, I want to add a variable to my node classes such that every host in that node classification gets that variable. how do I do that"?
[2008/06/19 12:12:50] <Volcane> 1 node per host surely?
[2008/06/19 12:13:02] <sknight> ...yes?
[2008/06/19 12:13:09] <sknight> I thought that was how it worked?
[2008/06/19 12:13:11] <fastjay> on that note.. tiem to put on some pants and bike in.
[2008/06/19 12:13:22] <sknight> fastjay: pants are overrated
[2008/06/19 12:13:27] <andrewcshafer_> lak: you don't have a room til friday :/
[2008/06/19 12:13:29] <barnum> yeah just bike in
[2008/06/19 12:13:29] <fastjay> true true
[2008/06/19 12:13:40] <lak> andrewcshafer_: what?
[2008/06/19 12:13:42] <fastjay> it is the castro
[2008/06/19 12:13:52] <andrewcshafer_> look at your trip it
[2008/06/19 12:13:55] @ ski98033 joined channel #puppet
[2008/06/19 12:14:03] <lak> i am
[2008/06/19 12:14:03] <andrewcshafer_> I told you this before
[2008/06/19 12:14:07] <lak> hilton checkout, friday
[2008/06/19 12:14:08] <barnum> pride is next weekend
[2008/06/19 12:14:19] <andrewcshafer_> did you change it?
[2008/06/19 12:14:26] <lak> yeah, this weekend
[2008/06/19 12:14:51] <andrewcshafer_> ahh, see, where was I
[2008/06/19 12:14:58] <sknight> Volcane: here's my nodes.pp:
[2008/06/19 12:15:04] <Volcane> dont paste it
[2008/06/19 12:15:04] <sknight> http://pastebin.com/d6ea72595
[2008/06/19 12:15:07] <Volcane> ah :)
[2008/06/19 12:15:14] <sknight> <--- crazy, not stupid :-p
[2008/06/19 12:15:26] <lak> andrewcshafer_: well, looks like we don't have much in terms of a good phrase, so just go with what you like, i guess
[2008/06/19 12:15:39] <Volcane> sknight: i see, node "box" { $somethig = 10 }
[2008/06/19 12:16:07] <sknight> but here's my templates.pp file: http://pastebin.com/d20134d5c
[2008/06/19 12:16:12] <andrewcshafer_> I like 'solution', not quite snarky enough for real people, but execs love that word
[2008/06/19 12:16:16] <martha> I like puppet - master you servers
[2008/06/19 12:16:33] <andrewcshafer_> that and 'maximize'
[2008/06/19 12:16:43] <Volcane> sknight: i think there were some hassle with variables defined in the base class for a node, needs to be in each node
[2008/06/19 12:17:11] <sknight> can you modify my nodes.pp for me to illustrate what you mean, then?
[2008/06/19 12:17:40] * Volcane isnt thinking str8 enough now, migraine :(
[2008/06/19 12:17:51] <sknight> ouch, that sucks man. I'm sorry :-(
[2008/06/19 12:18:03] <andrewcshafer_> martha: I like it too, but not more than 'ssh in a loop', see if you can rally the voters :/
[2008/06/19 12:18:47] <Volcane> sknight: http://reductivelabs.com/trac/puppet/wiki/CommonMisconceptions#node-inheritance-and-variable-scope
[2008/06/19 12:20:59] <sknight> I don't want a file to have contents or anything, I just want to be able to define a variable called 'servertype', and be able to point to 'filename.$servertype', such that all 'vps' servers get the 'iptables.vps' filename, all dns servers get 'iptables.dns', etc etc
[2008/06/19 12:21:24] <sknight> being able to do that will make life significantly less hateful
[2008/06/19 12:22:07] <Volcane> sknight: so you have... node "1", "2" inherits vps {} just do that
[2008/06/19 12:22:19] <Volcane> sknode "1", "2" inherits vps { $something = "blah"}
[2008/06/19 12:22:29] @ jfluhmann joined channel #puppet
[2008/06/19 12:22:50] @ Quit: jfluhmann: Read error: 54 (Connection reset by peer)
[2008/06/19 12:23:19] <Volcane> sknight: oh, and u have multiple inheritance i doubt that will work?
[2008/06/19 12:23:40] <Volcane> sknight: node1 inherits vps, vps inherits base
[2008/06/19 12:23:43] <Volcane> i dont know, not tried that
[2008/06/19 12:23:58] <lak> bbiab
[2008/06/19 12:24:02] @ Quit: lak:
[2008/06/19 12:24:10] <sknight> can anyone else chime in on this, before I try to push something to production that could potentially fsck my puppet setup? :-)
[2008/06/19 12:24:14] @ flakrat joined channel #puppet
[2008/06/19 12:24:25] <Volcane> sknight: test it elsewhere first :P
[2008/06/19 12:24:48] @ Quit: shake-n-bake: Read error: 110 (Connection timed out)
[2008/06/19 12:25:08] @ shake-n-bake joined channel #puppet
[2008/06/19 12:25:45] @ Quit: jvanzyl:
[2008/06/19 12:28:01] <sknight> well, it seems to have started OK
[2008/06/19 12:28:24] <sknight> can I log onto a server and just do a 'facter' and see if that variable shows up?
[2008/06/19 12:28:34] <Volcane> no
[2008/06/19 12:28:53] <muerr> sknight: there was discussion about this on the list at some point. generally it is better instead of using node inheritance, to use a set of "node type" classes that you include for each node.
[2008/06/19 12:29:05] <sknight> muerr: do you have an example?
[2008/06/19 12:29:10] <muerr> like, class backup { stuff for backup nodes }
[2008/06/19 12:29:28] <muerr> then node 'vbackup01.eigvps.net' { include backup }
[2008/06/19 12:29:58] <sknight> we already do that, kind of. But we have a 'base' node class that has all the generic stuff that every server gets
[2008/06/19 12:30:25] <muerr> I don't think the example discussed on the list is on the google group, i think it was on the mailing list before luke converted.
[2008/06/19 12:31:25] @ pleemans joined channel #puppet
[2008/06/19 12:31:43] <muerr> wiki:PuppetBestPractice looks to have the changes to the templates.pp discussed on the list.
[2008/06/19 12:31:46] <gepetto> muerr: wiki: wiki:PuppetBestPractice is http://reductivelabs.com/trac/puppet/wiki/PuppetBestPractice
[2008/06/19 12:31:49] <muerr> thanks gepetto
[2008/06/19 12:32:08] <Volcane> sknight: so what they're saying is make a common class or module and 'include common::linux' everywhere rather than inherit
[2008/06/19 12:32:26] <sknight> man, I really gotta get my head around classes
[2008/06/19 12:32:33] <muerr> classes are easy
[2008/06/19 12:32:40] <muerr> :-)
[2008/06/19 12:32:41] <sknight> I'm not a programmer, so thinking in inheiritance is a lot easier for me than this inheiritance stuff
[2008/06/19 12:32:44] <sknight> errrr
[2008/06/19 12:32:53] <sknight> s/inheiritance stuff/classes stuff
[2008/06/19 12:33:03] <Volcane> a class just groups a bunch of defines
[2008/06/19 12:33:10] <andrewcshafer_> martha: I think I'll use the ssh loop for these Ts and use 'master your servers' on the website
[2008/06/19 12:33:13] <muerr> No.
[2008/06/19 12:33:18] <muerr> A class groups together a bunch of resources.
[2008/06/19 12:33:19] <Volcane> err
[2008/06/19 12:33:22] <Volcane> yeah
[2008/06/19 12:33:29] <muerr> And a class is a "single instance".
[2008/06/19 12:33:33] <Volcane> i realised the mistake when i pressed enter :P
[2008/06/19 12:33:55] <martha> feel free to use it
[2008/06/19 12:33:56] <muerr> A define also groups a bunch of resources, and can be used for multiple things, like setting up an Apache virtual host (or twelve), or a set of network interfaces.
[2008/06/19 12:35:01] <sknight> I think I'd need to see a working puppet setup with that, that sounds an awful lot like node classification with inheritance to me...
[2008/06/19 12:35:04] <muerr> Defines are not functions!
[2008/06/19 12:35:24] <muerr> sknight: one moment :-)
[2008/06/19 12:36:36] @ lak joined channel #puppet
[2008/06/19 12:38:11] <muerr> sknight, here you go: http://pastie.org/218140
[2008/06/19 12:38:22] <muerr> Thats an example of one of our zimbra cluster nodes.
[2008/06/19 12:38:36] <muerr> shows some defines, some classes and a variable used.
[2008/06/19 12:39:03] <muerr> You can see the md3000 class, the network interface defines here http://github.com/jtimberman/puppet/tree/master
[2008/06/19 12:39:40] <muerr> the rh cluster stuff is pretty straight forward, it just installs the packages for RHCS (luci and ricci for conga, cman, dlm, fence, etc for rhcs itself)
[2008/06/19 12:39:59] <sknight> yeah, see, I don't think that'd work too well for us
[2008/06/19 12:40:05] <lak> fastjay: you still around?
[2008/06/19 12:40:13] <sknight> we're trying to keep this as clean and as simple as possible
[2008/06/19 12:40:32] <muerr> sknight: thats what we're doing :-)
[2008/06/19 12:40:36] <sknight> that might fly for servers where we only have one or two of, but we're gonna have like 200 of these VPS nodes
[2008/06/19 12:40:56] <muerr> Sure.
[2008/06/19 12:41:59] @ Quit: shake-n-bake: Read error: 110 (Connection timed out)
[2008/06/19 12:42:02] <muerr> You probably want to look at an external node classification tool.
[2008/06/19 12:42:19] <muerr> I don't know of anyone in the community managing more than 50 servers that doesn't use external nodes.
[2008/06/19 12:42:43] <muerr> holoway's company published a tool called iclassify that can be used for exactly that.
[2008/06/19 12:42:49] <sknight> oooh, link?
[2008/06/19 12:43:00] <robin_> muerr: <raises hand>
[2008/06/19 12:43:12] <muerr> http://oss.hjksolutions.com/iclassify
[2008/06/19 12:43:18] <robin_> muerr: I am still managing a 1000-line nodes.pp :)
[2008/06/19 12:43:28] <muerr> heh.
[2008/06/19 12:43:29] <sknight> yeah, when all is said and done with this puppet project, we're going to have 2000+ servers, and maybe 3 puppetmasters
[2008/06/19 12:43:38] <muerr> i'm managing a 2068 line nodes.pp, but only 26 nodes :-x
[2008/06/19 12:44:04] <muerr> 1850 lines are not comments or blank lines.
[2008/06/19 12:44:21] <robin_> hehe
[2008/06/19 12:44:26] <muerr> of course, many of the nodes are like the one in my pastie, with a bunch of netiface stuff, sicne we do bonded interfaces with two slaves for each server.
[2008/06/19 12:44:36] <muerr> And our backup configuration is... uh. Special.
[2008/06/19 12:45:03] <muerr> 600 lines are just the backup config.
[2008/06/19 12:45:06] <robin_> hehe
[2008/06/19 12:45:34] @ plathrop joined channel #puppet
[2008/06/19 12:45:37] <muerr> http://github.com/jtimberman/puppet/tree/master/dirvish/manifests/init.pp
[2008/06/19 12:45:47] <muerr> those defines are ... verbose... in the nodes.pp
[2008/06/19 12:47:36] <muerr> heh.. every host has this in the backup config: http://pastie.org/218149
[2008/06/19 12:47:48] <muerr> some have more depending on the filesystems they have.
[2008/06/19 12:51:50] <lak> muerr: lots of peole are still avoiding external nodes
[2008/06/19 12:52:02] <lak> hopefully we'll be putting out a lighter-weight solution than iclassify soon
[2008/06/19 12:52:23] <lak> i'd like to have a text solution akin do the current node stuff, and then a web-based solution, too
[2008/06/19 12:53:06] @ Quit: hessml: "Leaving..."
[2008/06/19 12:53:20] <muerr> lak: we've avoided it because of the complexity of converting.
[2008/06/19 12:53:32] <muerr> and with me leaving, the chances of someone converting are pretty slim.
[2008/06/19 12:54:03] <lak> muerr: any chance your company'd like some consulting help doing the conversion?
[2008/06/19 12:54:14] <lak> we'd like to work with a couple of companies during the dev process
[2008/06/19 12:54:15] @ Quit: exodos: "leaving"
[2008/06/19 12:54:20] <muerr> lak: the one i'm at now?
[2008/06/19 12:54:26] <lak> i don't want to create a solution in a vacuum
[2008/06/19 12:54:27] <muerr> if so, it'll be through my new employer :D
[2008/06/19 12:54:33] <lak> heh, ok :)
[2008/06/19 12:57:24] <Volcane> lak: yeah iclassify is way too complex, its supposed to make things simpler than just editing/scripting creation of nodefiles
[2008/06/19 12:58:25] @ shake-n-bake joined channel #puppet
[2008/06/19 12:59:39] <fastjay> lak: i am back
[2008/06/19 13:00:05] <lak> fastjay: any chance you could find an available conf room or something in sf on thurs night? we could have a quick miniconf, then go out for drinks
[2008/06/19 13:00:35] <fastjay> yeah i think so i have to doublecheck w/ bryan but yeah
[2008/06/19 13:00:48] <fastjay> drop me an email @ jason@imeem.com with thoughts on time.
[2008/06/19 13:00:56] <fastjay> (rough is fine)
[2008/06/19 13:01:36] <fastjay> i have to reserve it in exchange to do so anywho so. ;)
[2008/06/19 13:03:54] @ sknight42 joined channel #puppet
[2008/06/19 13:04:08] <lak> fastjay: time should be easy -- i figure maybe 5:30-7:30 or maybe 8
[2008/06/19 13:04:16] <lak> then drinks at a nearby pub or something
[2008/06/19 13:05:58] <sknight42> hey lak
[2008/06/19 13:06:05] <lak> hullo
[2008/06/19 13:06:14] <sknight42> what's up with variable-inheiritance?
[2008/06/19 13:06:23] <sknight42> i.e. why isn't this working:
[2008/06/19 13:07:13] <sknight42> http://pastebin.com/d538ddd03
[2008/06/19 13:07:23] <plathrop> sknight42: Before you finish, go back and read the Language Tutorial section on variables really carefully
[2008/06/19 13:07:39] <Volcane> sknight42: http://reductivelabs.com/trac/puppet/wiki/CommonMisconceptions#node-inheritance-and-variable-scope (again)
[2008/06/19 13:08:00] <sknight42> Volcane: yeah, that's not particularily clear to me unfortunately
[2008/06/19 13:08:22] <Volcane> ok, then assume its a feature :P
[2008/06/19 13:08:28] <Volcane> and learn how classes work
[2008/06/19 13:09:52] <sknight42> I mean, I understand that 'it doesn't work', but I don't understand how I can implement the given workaround in my environment
[2008/06/19 13:09:53] @ jvanzyl joined channel #puppet
[2008/06/19 13:10:15] <muerr> sknight: instead of using node inheritance, use node type "classes" :-).
[2008/06/19 13:10:17] <sknight42> I'm not trying to populate a text file, I'm trying to define which file-paths a File grabs
[2008/06/19 13:10:33] <muerr> sure, the variable scoping rules don't change because of what you're doing.
[2008/06/19 13:10:37] <plathrop> sknight42: It's conceptually the same thing.
[2008/06/19 13:11:34] <Volcane> you're trying to use a variable defined in a node in a different scope, just like the example in that url, and that wont work.
[2008/06/19 13:12:03] <muerr> lak: http://reductivelabs.com/trac/puppet/wiki/ExternalNodeClassification - kinial, is that the tool you're working on to be a "lighter" tool than iclassify?
[2008/06/19 13:12:23] <lak> hrm, it's more of a name for the tool i want to work on
[2008/06/19 13:12:27] <lak> not sure i'll stick with the name, tho
[2008/06/19 13:12:42] <muerr> I haven't read that page entirely, saw the name though.
[2008/06/19 13:14:28] <lak> yeah, i talked it all up, and never had the time to write it
[2008/06/19 13:14:48] @ AimanA joined channel #puppet
[2008/06/19 13:15:25] @ Quit: gileswork: Read error: 113 (No route to host)
[2008/06/19 13:18:06] @ Quit: sknight: Read error: 110 (Connection timed out)
[2008/06/19 13:19:04] <fastjay> lak: ok sounds good i'll schedule that up for next week when bry gets in.
[2008/06/19 13:19:15] <lak> perfect
[2008/06/19 13:19:20] @ randybias joined channel #puppet
[2008/06/19 13:19:21] <lak> should i email the list, or do you want to?
[2008/06/19 13:19:40] @ Quit: randybias: Remote closed the connection
[2008/06/19 13:19:43] <fastjay> feel free to.
[2008/06/19 13:19:48] <fastjay> but let me make sure I have the room first :)
[2008/06/19 13:21:09] @ Quit: andrewcshafer_: Client Quit
[2008/06/19 13:24:14] <lak> ok
[2008/06/19 13:27:21] * lak lunch &
[2008/06/19 13:29:52] @ Quit: chesty: "Coyote finally caught me"
[2008/06/19 13:33:35] @ Quit: AimanA: Read error: 113 (No route to host)
[2008/06/19 13:35:04] @ kambiz joined channel #puppet
[2008/06/19 13:40:00] @ AimanA joined channel #puppet
[2008/06/19 13:40:08] @ Quit: spheromak: Remote closed the connection
[2008/06/19 13:40:39] @ spheromak joined channel #puppet
[2008/06/19 13:50:42] @ Quit: Vivek: Read error: 104 (Connection reset by peer)
[2008/06/19 13:53:41] @ hessml joined channel #puppet
[2008/06/19 13:53:49] @ catdude joined channel #puppet
[2008/06/19 13:53:53] @ Vivek joined channel #puppet
[2008/06/19 13:55:50] @ Quit: shake-n-bake:
[2008/06/19 13:56:15] @ Quit: edibrac1: Read error: 110 (Connection timed out)
[2008/06/19 13:56:50] @ Quit: hessml: Client Quit
[2008/06/19 13:58:37] @ hessml joined channel #puppet
[2008/06/19 14:02:02] @ Quit: hessml: Client Quit
[2008/06/19 14:04:31] @ shake-n-bake joined channel #puppet
[2008/06/19 14:06:23] @ shenson is now known as shenson_not_here
[2008/06/19 14:06:30] @ hessml joined channel #puppet
[2008/06/19 14:07:38] @ exodos joined channel #puppet
[2008/06/19 14:09:17] @ Quit: hessml: Client Quit
[2008/06/19 14:10:27] @ Quit: keithlard:
[2008/06/19 14:10:28] @ cote joined channel #puppet
[2008/06/19 14:11:49] @ edibrac1 joined channel #puppet
[2008/06/19 14:13:11] @ hessml joined channel #puppet
[2008/06/19 14:14:44] @ Quit: cote: Client Quit
[2008/06/19 14:15:06] @ shenson_not_here is now known as shenson
[2008/06/19 14:16:07] @ gileswork joined channel #puppet
[2008/06/19 14:17:23] @ Quit: hessml: Client Quit
[2008/06/19 14:20:51] <fastjay> lak: looks good.. might even have a pizza sponsor :)
[2008/06/19 14:30:53] @ hessml joined channel #puppet
[2008/06/19 14:31:10] <lak> fastjay: that'd be awesome
[2008/06/19 14:31:15] <lak> so i should email the list?
[2008/06/19 14:31:41] <fastjay> yeah
[2008/06/19 14:32:01] <fastjay> i am doing 7:00->8:00 reservation on the conf room
[2008/06/19 14:33:59] <lak> ok
[2008/06/19 14:34:03] <lak> can you email the location?
[2008/06/19 14:35:26] @ andrewcshafer joined channel #puppet
[2008/06/19 14:35:56] <fastjay> yeah i can follow up with the locatoin.. just putting the conf room reservation in now
[2008/06/19 14:36:11] @ cote joined channel #puppet
[2008/06/19 14:38:07] @ Quit: cote: Client Quit
[2008/06/19 14:44:03] @ shake-n-bake_ joined channel #puppet
[2008/06/19 14:44:31] @ jlord joined channel #puppet
[2008/06/19 14:44:42] <fastjay> room is reserved
[2008/06/19 14:48:47] @ Quit: jvanzyl:
[2008/06/19 15:01:59] @ Quit: shake-n-bake: Read error: 110 (Connection timed out)
[2008/06/19 15:04:36] @ jvanzyl joined channel #puppet
[2008/06/19 15:05:22] @ Quit: plathrop: "ERC Version 5.2 (IRC client for Emacs)"
[2008/06/19 15:06:25] @ sazma joined channel #puppet
[2008/06/19 15:07:04] <sazma> is the password element of a user only applied during user creation?
[2008/06/19 15:07:22] <lak> should be any time
[2008/06/19 15:07:32] <lak> it's just managehome that happens only at creation time
[2008/06/19 15:07:35] <sazma> ok I'll keep looking then :)
[2008/06/19 15:08:13] <Disconnect> anyone got a module for managing file mounts the way hosts/services is managed?
[2008/06/19 15:08:28] <lak> what about the 'mount' type?
[2008/06/19 15:08:51] <Disconnect> ...that'd be what i'm looking for exactly I suspect :)
[2008/06/19 15:09:08] * Disconnect is discovering the book to be less useful without an index :(
[2008/06/19 15:11:36] <muerr> Disconnect: my coworker foudn that to be a trouble as well
[2008/06/19 15:11:44] <sazma> yea me too :)
[2008/06/19 15:12:23] <sazma> is there a quick way to test puppet is working with the installed librubyshadow?
[2008/06/19 15:14:08] <lak> ruby -rpuppet -e 'puts Puppet.features.libshadow?'
[2008/06/19 15:14:26] <sazma> true
[2008/06/19 15:14:57] <lak> then it's there and should be working
[2008/06/19 15:15:37] <sazma> very odd... running --debug now
[2008/06/19 15:16:07] <dryrot> hello i have a big tar file on my puppetmaster, i want to be sure this tar file is distributed to a puppet client, and untarred, and stuck somewhere. what would be a good way to do that ?
[2008/06/19 15:16:17] <Volcane> how big?
[2008/06/19 15:17:15] <dryrot> 80 megs
[2008/06/19 15:17:22] <sazma> hmm fyi there seems to be a similar problem to the bug I reported where if librubyshadow isn't there when puppet was started, it thinks it can't do passwords :) restarted it and it works
[2008/06/19 15:17:23] <Disconnect> hmm. if i have "file { "/foo/fum/drum": ensure=>directory,recurse=true }" will that cause it to create the whole tree? (assuming /foo doesn't exist)
[2008/06/19 15:17:45] <dryrot> several weeks ago i tried something with 'recurse-true' but that didnt work very well at all
[2008/06/19 15:18:08] <Disconnect> seems like it could be dangerous.
[2008/06/19 15:18:19] <lak> dryrot: i recommend rsync or tar for that, really
[2008/06/19 15:18:22] <Volcane> dryrot: puppetmaster might not be too hot with distributing that
[2008/06/19 15:18:30] <lak> i'd like puppet's fs to be fast enough for that, but it's not yet
[2008/06/19 15:18:53] <Disconnect> (its for mounting, and when mounted foo/fum/drum/* will contain about 30T of data.. if it chews that up i'm really f'd)
[2008/06/19 15:19:03] <Disconnect> guess i can just do 3 declarations
[2008/06/19 15:19:40] <holoway> hey, puppet folks in SF
[2008/06/19 15:19:52] <sazma> I think that bug got marked fixed, but I dunno if it had this angle to it
[2008/06/19 15:19:55] <holoway> you should come to the Ignite! happening at Velocity
[2008/06/19 15:19:57] <holoway> on Monday
[2008/06/19 15:20:12] <holoway> would be an easy way to turn it into a BoF
[2008/06/19 15:20:18] <holoway> afterwords
[2008/06/19 15:20:30] <lak> sazma: what's different about the angle you're on?
[2008/06/19 15:21:59] <sazma> well the bug I reported was about provider commands not being present and then being instantiated and wanting to be used. This is a very similar problem, but slightly different in that if, like I said, librubyshadow isn't around when puppet starts, you have to dsh to all of your machines to restart it so that peoples passwords get set
[2008/06/19 15:22:47] <sazma> see what I mean?
[2008/06/19 15:24:41] <lak> ah; yeah
[2008/06/19 15:24:46] <lak> hard to get around that one :/
[2008/06/19 15:24:55] <lak> i guess you'd need to check every time it's asked for :/
[2008/06/19 15:25:39] <Volcane> yeha its a tad annoying, i just make sure with kickstart that its there
[2008/06/19 15:26:07] * lak &
[2008/06/19 15:26:16] <Volcane> cos i dont really wnat to dsh mass restart things
[2008/06/19 15:26:20] <Volcane> i odnt run mongrel
[2008/06/19 15:28:21] @ \ask_ joined channel #puppet
[2008/06/19 15:30:35] @ Quit: \ask_: Client Quit
[2008/06/19 15:30:39] @ \ask_ joined channel #puppet
[2008/06/19 15:34:37] @ rcoup joined channel #puppet
[2008/06/19 15:34:47] <dryrot> what is Velocity, Cloudcamp, and Structure?
[2008/06/19 15:35:35] @ Quit: Ned: Remote closed the connection
[2008/06/19 15:35:42] @ Quit: mikearr: Read error: 104 (Connection reset by peer)
[2008/06/19 15:37:41] @ manabou joined channel #puppet
[2008/06/19 15:39:36] <Volcane> dryrot: theres a bit conference going on
[2008/06/19 15:39:46] <Volcane> velocity conference
[2008/06/19 15:40:57] <muerr> dryrot: to answer your file question - i don't think anyone responded - put it on a http server and do an exec { wget } and exec { tar }
[2008/06/19 15:45:34] <Volcane> muerr: how to deal with new ones on the http server or to precent it from downloading each time?
[2008/06/19 15:46:03] <Volcane> precent=prevent
[2008/06/19 15:46:13] <muerr> creates => "/path/to/file/wget'd"
[2008/06/19 15:46:28] <Volcane> so how to distribute a new one then?
[2008/06/19 15:46:55] <muerr> I've got a define... let me look
[2008/06/19 15:47:14] <muerr> http://github.com/jtimberman/puppet/tree/master/pmwiki/manifests/init.pp
[2008/06/19 15:47:26] <Volcane> cos with just creates and notify etc, you can easily do it once, but next time is harder
[2008/06/19 15:47:26] @ mikearr joined channel #puppet
[2008/06/19 15:47:28] <muerr> having our stuff on github sure is handy!
[2008/06/19 15:47:47] <muerr> yeah. my define has a 'version' parameter, so a new version can be pushed out.
[2008/06/19 15:48:51] <Volcane> nods
[2008/06/19 15:49:25] @ Quit: jvanzyl:
[2008/06/19 15:49:46] @ Quit: kambiz: "Leaving"
[2008/06/19 15:50:41] <dryrot> hmm. seems like a lot more work than i thought
[2008/06/19 15:51:21] <Volcane> dryrot: the basic problem is with a puppet:// type file transfer puppet checksums on the server and only sends when it changes, but with puppet not being too hot with xfering larger files you need all kinds of hacks
[2008/06/19 15:51:43] <Volcane> dryrot: and especially cos with a normal wget you cant do the checksums etc
[2008/06/19 15:51:55] <Volcane> so you need to do stuff to prevent it from wget'ing each time
[2008/06/19 15:53:53] @ kambiz joined channel #puppet
[2008/06/19 15:55:11] @ catdude left channel #puppet ()
[2008/06/19 15:55:42] @ catdude joined channel #puppet
[2008/06/19 15:56:09] <muerr> iirc, the actual problem is that because puppet:// uses XMLRPC, it has to reencode the entire file when it sends to validiate input etc.
[2008/06/19 15:56:38] @ Quit: catdude:
[2008/06/19 15:56:55] @ catdude joined channel #puppet
[2008/06/19 15:57:31] <muerr> bbiab
[2008/06/19 15:57:35] @ Quit: muerr: "Leaving"
[2008/06/19 16:02:16] <dryrot> now i can't get to http://github.com/jtimberman/puppet/tree
[2008/06/19 16:07:34] * Disconnect was @ github.com/wesabe and - eventually - got the crying-kitty
[2008/06/19 16:11:07] @ diggyk joined channel #puppet
[2008/06/19 16:13:19] <dryrot> is github hosted on someone's laptop
[2008/06/19 16:18:37] @ diggyk left channel #puppet ()
[2008/06/19 16:19:25] @ Quit: exodos: "Lost terminal"
[2008/06/19 16:21:37] <Cuchulain> dryrot: seems ok here?
[2008/06/19 16:22:14] @ Quit: pleemans: "Ex-Chat"
[2008/06/19 16:22:41] @ densone left channel #puppet ()
[2008/06/19 16:23:06] @ densone joined channel #puppet
[2008/06/19 16:23:13] <densone> anyone running puppetd with monit?
[2008/06/19 16:28:59] <Disconnect> ya but i'm unlikely to be any help at al
[2008/06/19 16:29:01] <Disconnect> :(
[2008/06/19 16:29:18] <Disconnect> actually scratch that, my bad. puppetd w/ mongrel-cluster.
[2008/06/19 16:29:39] <densone> well, puppetmasterd would run on cluster right? '
[2008/06/19 16:29:48] <densone> I am talking about just the client part
[2008/06/19 16:29:48] <gepetto> ::puppet:: Version Control Puppet edited by technician @ http://reductivelabs.com/trac/puppet/wiki/VersionControlPuppet
[2008/06/19 16:30:13] <Volcane> densone: does your puppetd's die unexpectadly?
[2008/06/19 16:30:34] <densone> no, but I am not using init.d on these systems
[2008/06/19 16:30:42] <densone> so monits starts everything up
[2008/06/19 16:31:32] <Volcane> what starts monit?
[2008/06/19 16:31:56] <Volcane> and if u dont mind me asking, why such a round-a-bout way of doing it?
[2008/06/19 16:32:24] @ Quit: andrewcshafer:
[2008/06/19 16:32:30] <Shamgar> Ok - here is a question. My puppetmaster is choking on a segfault. From what I can find on the site, these are not unheard of under ruby.
[2008/06/19 16:32:54] <Shamgar> I'm curious if anyone is familiar with this one: /usr/lib/ruby/1.8/yaml/rubytypes.rb:315: [BUG] Segmentation fault
[2008/06/19 16:33:08] <Shamgar> the only answers I can find so far suggest upgrading to 1.8.5
[2008/06/19 16:33:14] <Shamgar> I'm wondering if anyone has another way.
[2008/06/19 16:33:24] <Volcane> no bells
[2008/06/19 16:33:34] <densone> Volcane: almost all of my cores are running monit to monit daemons , and sometimes there is just no need for an init script
[2008/06/19 16:33:45] <densone> what does the init script run?
[2008/06/19 16:33:50] <densone> --daemonize -w 0 ?
[2008/06/19 16:34:25] <Volcane> puppet 15110 4.5 31.9 142536 125692 ? Ssl Jun16 208:58 /usr/bin/ruby /usr/sbin/puppetmasterd
[2008/06/19 16:35:02] <densone> thats for puppetmasterd
[2008/06/19 16:35:06] <densone> what about puppetd
[2008/06/19 16:35:08] <Volcane> oh sorry
[2008/06/19 16:35:16] <Volcane> just runs it, no args
[2008/06/19 16:35:23] <Volcane> puppet.conf can give it all it needs
[2008/06/19 16:36:07] <Volcane> my init scripts supports having --server, --logdest and --port set, but none by default
[2008/06/19 16:36:38] <densone> ahh
[2008/06/19 16:40:38] @ plathrop joined channel #puppet
[2008/06/19 16:42:03] <Disconnect> any way to browse puppet's puppet:// filestore?
[2008/06/19 16:42:47] * Disconnect needs to figure out why this file isn't showing up
[2008/06/19 16:43:47] <Volcane> i think if u run the master iwth verbose or maybe debug it logs each file request and white fail
[2008/06/19 16:43:58] <plathrop> Or you can just look in syslog
[2008/06/19 16:44:14] <plathrop> On Debian: tail -f /var/log/messages \| grep puppet
[2008/06/19 16:44:21] @ Quit: sazma: "Ex-Chat"
[2008/06/19 16:44:22] <plathrop> sorr /var/log/daemon
[2008/06/19 16:44:23] @ Quit: gileswork: Remote closed the connection
[2008/06/19 16:44:40] <Volcane> my debian master doenst log it by default
[2008/06/19 16:46:03] @ Quit: flakrat: "Leaving"
[2008/06/19 16:48:55] <plathrop> Volcane: Huh. Maybe I set something I'm forgetting :-P
[2008/06/19 16:49:21] <densone> a lot of our machines only poll , so its hard to manage without monit sometimes
[2008/06/19 16:49:25] <densone> :q
[2008/06/19 16:49:29] <densone> oops
[2008/06/19 16:50:43] <Volcane> densone: ah right
[2008/06/19 16:52:55] <densone> should puppetd run as user puppet?
[2008/06/19 16:53:00] <densone> or root
[2008/06/19 16:53:30] <densone> if as user puppet, how does it add certain packages and such
[2008/06/19 16:53:42] <plathrop> puppetd runs as root
[2008/06/19 16:53:48] <densone> thanks
[2008/06/19 16:53:55] <densone> that what I thought
[2008/06/19 16:58:45] <sknight42> y'know, would it be more secure to have puppetd run as user puppet, and then jsut have entries in /etc/sudoers as to what it can and cannot do?
[2008/06/19 16:59:07] <sknight42> there are a lot of sites that probably wouldn't want to manage sudoers via puppet
[2008/06/19 16:59:32] @ Quit: ashp: Read error: 113 (No route to host)
[2008/06/19 16:59:56] @ diggyk joined channel #puppet
[2008/06/19 17:00:02] <plathrop> sknight42: If you/your org. are that paranoid, centralized management is probably not a good choice for that environment
[2008/06/19 17:00:40] <diggyk> I need a term to define a system that keeps trying to do the same thing everytime puppet runs (like when it keeps trying to start apache every 30 minutes but can't start apache b/c apache has a config error).
[2008/06/19 17:01:14] <holoway> diggyk: unconverged
[2008/06/19 17:01:15] <holoway> ?
[2008/06/19 17:02:03] <diggyk> That seems okay. What else? I was thinking something like "stuck"?
[2008/06/19 17:02:10] <holoway> yeah, stuck or wedged
[2008/06/19 17:02:16] <holoway> what do you call the end state if it's working?
[2008/06/19 17:02:26] <holoway> and the beginning state, where no management has been applied?
[2008/06/19 17:02:28] <diggyk> lubricated? :)
[2008/06/19 17:02:39] <holoway> ha
[2008/06/19 17:02:39] <diggyk> virgin?
[2008/06/19 17:02:50] <diggyk> virgin, wedged, lubricated.
[2008/06/19 17:03:15] <holoway> so we move from virgin -> lubricated -> married?
[2008/06/19 17:03:18] <diggyk> I'll used wedged. I'm modifying my database enabled logcache report to notify someone when a puppet server seems wedged.
[2008/06/19 17:03:33] <diggyk> heh
[2008/06/19 17:03:36] <Volcane> holoway: lol
[2008/06/19 17:04:04] <holoway> diggyk: I like 'wedged'
[2008/06/19 17:04:12] <plathrop> wedgied?
[2008/06/19 17:04:23] <diggyk> holoway: yeah I think I'm going to go with wedged
[2008/06/19 17:04:35] <holoway> plathrop: wouldn't that be when puppet plays tricks on kind of lesser-loved servers?
[2008/06/19 17:04:36] <diggyk> plathrop: that's when the server is getting bullied by the puppetmaster
[2008/06/19 17:04:41] <holoway> hedhehe
[2008/06/19 17:04:54] * plathrop chuckles.
[2008/06/19 17:04:56] <holoway> that's the in-between state
[2008/06/19 17:05:07] @ Quit: nwp: Remote closed the connection
[2008/06/19 17:05:14] <holoway> puppetmasterd commences giving wedgies
[2008/06/19 17:05:15] @ shenson is now known as shenson_not_here
[2008/06/19 17:05:58] <holoway> those who make it past that state become un-wedged
[2008/06/19 17:05:59] <holoway> or stay wedged
[2008/06/19 17:05:59] <holoway> clearly, this should become canonical terminology
[2008/06/19 17:06:34] <diggyk> holoway: I do like creating terminology
[2008/06/19 17:07:06] <diggyk> Beats doing real work
[2008/06/19 17:07:07] <diggyk> :)
[2008/06/19 17:07:37] <lak> if it's getting documented, i'd prefer wedged to mean something essentially fatal
[2008/06/19 17:08:25] <plathrop> lak: Guess you'd never seen a proper wedging. It sure looks fatal :-P
[2008/06/19 17:08:43] <diggyk> lak: hmm, what if a server isn't dead, it just can't seem to get a clean puppet run and keeps looping the same messages?
[2008/06/19 17:08:48] <lak> plathrop: well, diggyk is asking about a case where a resource thinks it's out of sync
[2008/06/19 17:09:03] <lak> diggyk: right, i don't think that's wedged
[2008/06/19 17:09:06] <diggyk> lak: what term do you prefer?
[2008/06/19 17:09:16] <lak> like it's some kind of memory loss, or the inability to correctly self-assess
[2008/06/19 17:09:23] <lak> ...thinking...
[2008/06/19 17:09:27] <plathrop> lak: Sorry, was attempting funny. EPIC FAIL
[2008/06/19 17:09:39] <diggyk> lak: I had been telling my team that the server was "spamming reports" but I hate to say a server is spamming b/c to us, it means it is sending out spam through a compromised student account
[2008/06/19 17:10:03] <lak> turetts?
[2008/06/19 17:10:04] <plathrop> 'out of sync'?
[2008/06/19 17:10:10] <plathrop> 'unsynchronized'?
[2008/06/19 17:10:19] <plathrop> 'phase mismatch'?