Thursday, 2008-08-21

[2008/08/21 00:09:10] @ Log started by gepetto
[2008/08/21 00:09:10] @ wrobel joined channel #puppet
[2008/08/21 00:09:39] @ nigelk joined channel #puppet
[2008/08/21 00:34:42] <lak> hrm, that confine warning seems to be a ruby version issue
[2008/08/21 00:34:48] <lak> with the change in case, i now get it
[2008/08/21 00:49:49] <groove> ok, can you use variables with include or inherits directives?
[2008/08/21 00:53:27] <lak> anyone know of a good example configuration file for specifying authorization to REST-style URIs?
[2008/08/21 00:54:00] <lak> groove: include $variable?
[2008/08/21 00:54:14] @ Quit: nigelk:
[2008/08/21 00:54:20] <groove> lak: yeah like that. can you do that?
[2008/08/21 00:54:37] <lak> try it :)
[2008/08/21 00:58:23] <andrewcshafer> shadoi_: You around?
[2008/08/21 00:58:38] <shadoi_> andrewcshafer: ... almost?
[2008/08/21 00:58:55] @ shadoi_ is now known as shadoi
[2008/08/21 00:59:03] <groove> i get syntax errors but i don't even really know what i'm doing
[2008/08/21 00:59:16] <jamesturnbull> lak: don't believe he did provide said patch'
[2008/08/21 00:59:40] <lak> jamesturnbull: he did and you applied it, but it's apparently a problem with tcase that ruby changed
[2008/08/21 00:59:50] <lak> he switched it to No, but my ruby is spitting out 'no'
[2008/08/21 01:01:05] <jamesturnbull> lak: ah I see
[2008/08/21 01:01:40] <jamesturnbull> lak: is the comment in the ticket aimed at me or digant?
[2008/08/21 01:01:50] <lak> you, please, since it should be wicked-easy
[2008/08/21 01:02:02] <lak> if you'd prefer, i can shunt you a patch
[2008/08/21 01:13:16] <jamesturnbull> I'll take a look
[2008/08/21 01:14:17] <jamesturnbull> looks pretty simple so I'll do it
[2008/08/21 01:15:47] @ Quit: edwardam: Remote closed the connection
[2008/08/21 01:16:26] @ edwardam joined channel #puppet
[2008/08/21 01:17:30] @ SuperTaz joined channel #puppet
[2008/08/21 01:19:19] @ Quit: Shazburg\|away: Read error: 110 (Connection timed out)
[2008/08/21 01:20:22] @ Quit: gdurand1: Read error: 104 (Connection reset by peer)
[2008/08/21 01:23:13] @ pleemans joined channel #puppet
[2008/08/21 01:29:03] @ sparanjape joined channel #puppet
[2008/08/21 01:29:14] @ Quit: shadoi:
[2008/08/21 01:40:03] @ Quit: edwardam: Read error: 110 (Connection timed out)
[2008/08/21 01:48:42] @ Quit: lak:
[2008/08/21 01:57:22] <groove> does the following manifest example look like it could be used to successfully tell puppet to selective not manage a particular service? http://pastebin.com/d636f73a1
[2008/08/21 01:57:23] @ edwardam joined channel #puppet
[2008/08/21 02:02:45] @ ramteid joined channel #puppet
[2008/08/21 02:24:39] @ meandtheshell joined channel #puppet
[2008/08/21 02:42:07] @ Quit: meandtheshell: "Leaving."
[2008/08/21 02:52:45] @ ijcd joined channel #puppet
[2008/08/21 02:53:29] @ Quit: punkcut: Read error: 104 (Connection reset by peer)
[2008/08/21 02:56:33] @ groove left channel #puppet ()
[2008/08/21 02:56:43] @ meandtheshell joined channel #puppet
[2008/08/21 03:01:43] @ fbe joined channel #puppet
[2008/08/21 03:14:50] @ Quit: teyo:
[2008/08/21 03:16:15] @ ski98033 joined channel #puppet
[2008/08/21 03:36:16] @ Quit: meandtheshell: "Leaving."
[2008/08/21 03:42:01] @ meandtheshell joined channel #puppet
[2008/08/21 03:42:47] @ DavidS joined channel #puppet
[2008/08/21 03:44:06] @ Quit: DavidS: Client Quit
[2008/08/21 03:54:47] @ bajan joined channel #puppet
[2008/08/21 03:59:02] <andreid20> would you say that having a define that upgrades packages in a string is more logical than to divide the packages in a per class basis
[2008/08/21 04:01:11] <andreid20> for example let's say I have these packages: mysql, apache, puppet and I only want to upgrade them should I include the upgrade in the class in which I configure them or should I just create a class for upgrading packages and add them there ... which would you say would be the best practice in such a situation
[2008/08/21 04:06:50] <fujin> have a class that installs them, inherit it, override them each to absent / latest
[2008/08/21 04:07:31] <fujin> if your class is designed to put the system into a specific state (eg bare system => puppetmaster) then make a class for it
[2008/08/21 04:07:40] <fujin> no need to put hte packages in a seperate one
[2008/08/21 04:07:48] <fujin> ultimately it comes down to how you want to do it :)
[2008/08/21 04:11:42] <andreid20> hmmm, I think I'll just divide the whole strategy into services, for each service a module no matter what it contains (installs, upgrades, configs) and then divide that into classes and inherited classes and so on based on the state I need to bring the system in just as you said
[2008/08/21 04:11:45] <andreid20> thanks for the tip
[2008/08/21 04:12:32] <fujin> I have apretty odd design philosophy
[2008/08/21 04:12:40] <fujin> if I should ask myself "is X running on system Y", I make a module for X
[2008/08/21 04:13:00] <fujin> x has numerous childclasses to perform different configuration, all related to X
[2008/08/21 04:13:12] <fujin> going for a drive, bbiab
[2008/08/21 04:13:48] <mcbride> in my opinion the best way to handle upgrades is not to do them.
[2008/08/21 04:14:05] <mcbride> rebuild the system from scratch the way you want it to be.
[2008/08/21 04:14:22] <mcbride> this ensures that everything you need is included in your build process
[2008/08/21 04:14:43] <mcbride> avoids a buildup of cruft
[2008/08/21 04:14:54] <mcbride> and builds confidence in your process
[2008/08/21 04:15:25] <andreid20> mcbride: :), but there are times when just a simple upgrade is necessary, or just a service that you want to be cutting edge ... like puppet
[2008/08/21 04:16:06] <mcbride> sure. so rebuild the system from scratch.
[2008/08/21 04:16:12] <mcbride> it's all automated, right?
[2008/08/21 04:16:38] <mcbride> it will take you less time than developing and testing your upgrade module :-)
[2008/08/21 04:16:53] <mcbride> or it _should_, at least.
[2008/08/21 04:17:04] <andreid20> not all of it, I'm working on that now actually but wanted to upgrade puppet on all servers before I do it
[2008/08/21 04:19:39] <Volcane> many people manage one-off machines with puppet
[2008/08/21 04:19:48] <Volcane> where rebuilding frequently isnt an option
[2008/08/21 04:20:40] <mcbride> yeah, feel free to ignore me.
[2008/08/21 04:20:57] <mcbride> I come from the grumpy pessemist school of system administration
[2008/08/21 04:21:32] <Volcane> :)
[2008/08/21 04:21:36] <mcbride> if you have a one-off machine without a backup, it's clearly not so important that you can't take it offline for 30 minutes to rebuild it from scratch :-)
[2008/08/21 04:22:11] * f3ew does not
[2008/08/21 04:22:30] <f3ew> I refuse to be a grumpy pessimist
[2008/08/21 04:23:28] <kjetilho> mcbride: why bother with Puppet, then? you can do it all in the postinstall scripts of Kickstart or whatever
[2008/08/21 04:23:35] <f3ew> Just because your glass is half full, does not mean I drink out of a glass ;)
[2008/08/21 04:24:22] <mcbride> not all unixes come with such tools
[2008/08/21 04:24:31] <mcbride> and it's nice to be able to use one tool for everything.
[2008/08/21 04:24:38] <f3ew> mcbride, you forgot about the database servers (rebuilds aren't an option)
[2008/08/21 04:24:39] <mcbride> also, configuration management.
[2008/08/21 04:24:56] <mcbride> well, clearly you have to take care for your actual data.
[2008/08/21 04:25:06] <mcbride> but you have backups, right?
[2008/08/21 04:25:11] <f3ew> Yeah
[2008/08/21 04:25:17] <mcbride> and you put your data on a different partition from your operating system, right?
[2008/08/21 04:25:19] <f3ew> and backups of backups
[2008/08/21 04:25:29] <f3ew> different datacentre
[2008/08/21 04:25:40] <f3ew> what do you mean, "partition"?
[2008/08/21 04:25:46] @ Quit: ski98033: "Leaving."
[2008/08/21 04:26:11] <mcbride> if you do newfs on your / partition, it should not nuke your data.
[2008/08/21 04:27:08] <mcbride> anyways, back to the question of doing upgrades with puppet...
[2008/08/21 04:27:30] <Volcane> mcbride: one-offs are backed up, but downtime for frequent rebuilds really isnt feasable..
[2008/08/21 04:27:33] <f3ew> mcbride, ah right. I parsed that as "you keep your backups on a separate partition"
[2008/08/21 04:27:37] <mcbride> I'm not sure how well-suited puppet is for upgrades more involved than just upgrading the package.
[2008/08/21 04:27:55] <f3ew> The bad thing is that my servers are leased, so rebuilds aren't an option
[2008/08/21 04:28:05] <mcbride> like, how would someone handle the dependence chain for doing a postgresql upgrade?
[2008/08/21 04:28:16] <mcbride> where you have to dump -> upgrade -> restore
[2008/08/21 04:28:16] <Volcane> but yeah, i dont think package upgrades for anything more than even trivial packages is in the realm of puppet atm
[2008/08/21 04:28:19] <f3ew> mcbride yum -y upgrade postgresql?
[2008/08/21 04:28:27] <f3ew> yeah
[2008/08/21 04:28:43] <mcbride> and upgrading puppet with puppet... eep.
[2008/08/21 04:29:00] <mcbride> you only get one shot at having that work.
[2008/08/21 04:29:02] <f3ew> I am pushing for moving to Slony and replicating my entire database
[2008/08/21 04:29:15] <f3ew> then I can go across versions farily trivially
[2008/08/21 04:29:20] <f3ew> fairly*
[2008/08/21 04:30:02] <mcbride> f3ew: there is also DRBD
[2008/08/21 04:30:41] <f3ew> doesn't help with upgrades :)
[2008/08/21 04:31:21] <f3ew> 8.2 -> 8.4 via Slony, then stop apps, switch masters, start apps
[2008/08/21 04:33:30] <Volcane> does slony replication work in all cases between diff versions?
[2008/08/21 04:34:50] @ DavidS joined channel #puppet
[2008/08/21 04:37:02] @ Quit: kolla: Remote closed the connection
[2008/08/21 04:39:14] @ DavidS1 joined channel #puppet
[2008/08/21 04:39:29] @ Quit: DavidS: Nick collision from services.
[2008/08/21 04:39:36] @ DavidS1 is now known as DavidS
[2008/08/21 04:44:09] <f3ew> yes
[2008/08/21 04:51:47] <Volcane> cant imagine it does it in all case
[2008/08/21 04:51:58] <Volcane> i mean it essentially does statement based replications
[2008/08/21 04:52:27] <Volcane> and slight differences in statement behaviour, or deprecation of old ones etc
[2008/08/21 04:52:30] <Volcane> could affect it?
[2008/08/21 04:52:50] <bajan> Well, they say it works from 7.4 upwards
[2008/08/21 04:56:19] @ kolla joined channel #puppet
[2008/08/21 04:57:38] <jamesturnbull> holoway: ping
[2008/08/21 04:57:48] <jamesturnbull> fujin: ping
[2008/08/21 05:13:34] <fujin> PONG
[2008/08/21 05:14:20] <fujin> jamesturnbull: sup
[2008/08/21 05:16:44] <jamesturnbull> fujin: is there an easy merb way to write to a network service? I just need to dump some text at a hostname:port
[2008/08/21 05:17:38] <fujin> er
[2008/08/21 05:17:45] <fujin> whaddya mean? when a controller fires?
[2008/08/21 05:18:38] <fujin> just use a ruby socket inside a do_later { } block in your controller if you don't care about the response.. do_later will pop that block onto a queue
[2008/08/21 05:19:47] <fujin> jamesturnbull: will that suffice, or you looking for something else?
[2008/08/21 05:20:05] <fujin> I wish we could s/rails/merb/ all of Puppet, that'd be awesome
[2008/08/21 05:20:11] <fujin> get away from ActiveRecord.. move to like Datamapper
[2008/08/21 05:20:19] <jamesturnbull> fujin: cool
[2008/08/21 05:20:25] <fujin> jamesturnbull: that do what you want?
[2008/08/21 05:20:30] <jamesturnbull> I think so
[2008/08/21 05:20:45] <fujin> http://wiki.merbivore.com/pages/background-tasks
[2008/08/21 05:21:51] <fujin> I write lazy ass little webservices with Merb.. I kinda abuse do_later lol
[2008/08/21 05:36:32] <fujin> jamesturnbull: what ya writin bro
[2008/08/21 05:37:07] <jamesturnbull> fujin: commit bot for buildbot
[2008/08/21 05:37:21] <jamesturnbull> fujin: post-receive hook for github that writes to buildbot and prompts builds
[2008/08/21 05:37:34] <fujin> i see
[2008/08/21 05:37:35] <fujin> nice :()
[2008/08/21 05:39:22] @ chillitom joined channel #puppet
[2008/08/21 05:39:40] <jamesturnbull> fujin: adapting holoways existing bot
[2008/08/21 05:40:15] <fujin> i see
[2008/08/21 05:49:53] @ Quit: chillitom: "Ex-Chat"
[2008/08/21 05:50:26] @ chillitom joined channel #puppet
[2008/08/21 05:58:54] @ nasrat joined channel #puppet
[2008/08/21 06:04:05] <zipkid> hmmmm... in lib/puppet/provider/package/rug.rb i find "# rug install can be used for update, too" but that does not work.....
[2008/08/21 06:11:58] @ keithlard joined channel #puppet
[2008/08/21 06:23:29] @ glaw joined channel #puppet
[2008/08/21 06:26:47] <jamesturnbull> zipkid: log a ticke with the error
[2008/08/21 06:27:04] <jamesturnbull> fujin: not that the buildbot API is exposed or documented - yah
[2008/08/21 06:28:14] <jamesturnbull> fujin: oh I stand corrected - it is documented - badly
[2008/08/21 06:46:13] @ glaw is now known as glaw-lunch
[2008/08/21 06:49:34] @ Quit: nasrat: Read error: 113 (No route to host)
[2008/08/21 06:50:33] @ dragonball_ joined channel #puppet
[2008/08/21 06:53:16] @ tim\|macbook joined channel #puppet
[2008/08/21 06:55:32] <fujin> great! I love bad docs
[2008/08/21 06:55:56] <DavidS> you don't know bad docs until you have read msdn
[2008/08/21 06:56:22] <fujin> argh, that's true. I recall reading msdn docs years ago, doing c# or something.
[2008/08/21 06:56:28] <fujin> nay, c++
[2008/08/21 06:56:42] <fujin> Cripes their catalogue/category system was terrible
[2008/08/21 06:56:47] <fujin> hard to search that shit too
[2008/08/21 06:56:51] <fujin> bbiab, going to pick up food for the mrs
[2008/08/21 07:04:57] @ DerekW joined channel #puppet
[2008/08/21 07:15:00] @ Quit: sparanjape: "Few women admit their age. Few men act theirs."
[2008/08/21 07:31:46] @ Quit: ijcd:
[2008/08/21 07:36:06] @ Quit: chillitom: Read error: 110 (Connection timed out)
[2008/08/21 07:37:40] @ chillitom joined channel #puppet
[2008/08/21 07:51:38] @ Quit: kenvandine: Read error: 110 (Connection timed out)
[2008/08/21 07:59:10] @ snerd joined channel #puppet
[2008/08/21 08:03:27] @ glaw-lunch is now known as glaw-back
[2008/08/21 08:03:32] @ glaw-back is now known as glaw-london
[2008/08/21 08:07:15] @ jj_ joined channel #puppet
[2008/08/21 08:15:32] @ madduck joined channel #puppet
[2008/08/21 08:15:34] <madduck> hi folks
[2008/08/21 08:15:39] <madduck> any idea why I am seeing
[2008/08/21 08:15:42] <madduck> "Failed to generate additional resources during transaction: Certificates were not trusted: tlsv1 alert decrypt error"
[2008/08/21 08:15:49] <madduck> from puppetd on the machine where puppetmaster runs
[2008/08/21 08:15:56] <madduck> after i switched from webrick to mongrel?
[2008/08/21 08:16:03] <madduck> it works fine otherwise, just the local machine...
[2008/08/21 08:16:35] <DavidS> are you sure the local puppetd connects to your proxy and not directly to a puppetmaster?
[2008/08/21 08:16:39] <DavidS> hi madduck :-)
[2008/08/21 08:16:56] <madduck> DavidS: hi!
[2008/08/21 08:17:14] <madduck> well, no. the daemon used to be on 8140 and now there's apache there
[2008/08/21 08:17:21] <madduck> I didn't tell the client about any port change
[2008/08/21 08:17:29] <madduck> so it should still be trying ton 8140, no?
[2008/08/21 08:17:56] <thom> is apache publishing the ca cert correctly?
[2008/08/21 08:18:01] @ yure_ joined channel #puppet
[2008/08/21 08:18:07] <DavidS> the client uses whatever puppet.conf says
[2008/08/21 08:18:30] <madduck> thom: it works for non-local hosts, so I'd say yes
[2008/08/21 08:18:37] <madduck> DavidS: [puppetd]
[2008/08/21 08:18:37] <madduck> server=puppetmaster.madduck.net
[2008/08/21 08:18:58] <madduck> tcp6 0 0 :::8140 :::* LISTEN 25414/apache2
[2008/08/21 08:20:39] <madduck> aha, apache says
[2008/08/21 08:20:39] <madduck> [Thu Aug 21 14:22:22 2008] [warn] Invalid signature on CRL
[2008/08/21 08:20:40] <madduck> [Thu Aug 21 14:22:22 2008] [error] Certificate Verification: Error (8): CRL signature failure
[2008/08/21 08:20:52] <fujin> disable the crl in apache
[2008/08/21 08:21:00] <madduck> but what if I want the crl?
[2008/08/21 08:21:05] <fujin> use nginx
[2008/08/21 08:21:19] <fujin> what does puppetmaster.madduck.net resolve to?
[2008/08/21 08:21:23] <fujin> (for the box that is failing)
[2008/08/21 08:21:28] <fujin> is it th esame as all of the others?
[2008/08/21 08:21:48] <madduck> vera:/var/lib/puppet/ssl/certs# ping puppetmaster.madduck.net
[2008/08/21 08:21:48] <madduck> PING vera.madduck.net (82.197.185.122) 56(84) bytes of data.
[2008/08/21 08:21:52] @ Quit: dragonball_:
[2008/08/21 08:21:54] <madduck> puppetmaster.madduck.net is an alias for vera.madduck.net.
[2008/08/21 08:21:54] <madduck> vera.madduck.net has address 82.197.185.122
[2008/08/21 08:21:56] <madduck> so yes
[2008/08/21 08:22:09] <fujin> so thats the same IP that the others talk to?
[2008/08/21 08:22:13] <madduck> yes
[2008/08/21 08:22:21] <madduck> but it goes via loopback, obviously
[2008/08/21 08:22:34] <madduck> vera:/var/lib/puppet/ssl/certs# ip r g 82.197.185.122
[2008/08/21 08:22:34] <madduck> local 82.197.185.122 dev lo src 82.197.185.122
[2008/08/21 08:22:46] <fujin> sure
[2008/08/21 08:23:14] <fujin> Are you using the CRL for extra protection? there's already the puppetca authentication layer..
[2008/08/21 08:23:14] <madduck> i don't know nginx but I have a lot of apache experience, so I'd prefer to stay with that tbh
[2008/08/21 08:23:15] @ Quit: yure: Read error: 60 (Operation timed out)
[2008/08/21 08:23:17] @ kenvandine joined channel #puppet
[2008/08/21 08:24:00] <madduck> disabling the crl does work
[2008/08/21 08:24:07] <madduck> well, i don't use it for extra protection
[2008/08/21 08:24:15] <madduck> i just figured that if the CRL is published, I might as well use it
[2008/08/21 08:24:23] <madduck> what's the real issue underlying this?
[2008/08/21 08:24:24] <fujin> right
[2008/08/21 08:24:25] @ Quit: yure_: Remote closed the connection
[2008/08/21 08:24:31] <fujin> no idea, apache doesn't really tell us
[2008/08/21 08:24:37] <fujin> I didn't bother looking into it.
[2008/08/21 08:24:40] <fujin> disable crl => fixed
[2008/08/21 08:25:01] <fujin> it's largely irrelevant - there's no way to puppetca --revoke hostname
[2008/08/21 08:25:09] <fujin> you'd have to get busy with openssl manually
[2008/08/21 08:25:10] <madduck> ?
[2008/08/21 08:25:14] <madduck> there is...
[2008/08/21 08:25:19] <fujin> there is?
[2008/08/21 08:25:22] * fujin bangs head
[2008/08/21 08:25:28] <fujin> ah, there is too.
[2008/08/21 08:25:30] <madduck> "revoke: Revoke the certificate of a client."
[2008/08/21 08:25:35] <fujin> yep, I see it
[2008/08/21 08:25:39] <thom> fujin: CRLs work fine for us, including for locals
[2008/08/21 08:25:49] <madduck> thom: mongrel/apache2?
[2008/08/21 08:25:51] <fujin> thom: via apache?
[2008/08/21 08:25:54] <thom> madduck: yup
[2008/08/21 08:26:03] <fujin> I had em working w/ nginx, coudln't get it playing nice on apache
[2008/08/21 08:26:08] <fujin> care to share your apache configuration thom ?
[2008/08/21 08:26:09] <thom> using pretty much exctly the config from the wiki
[2008/08/21 08:26:17] <thom> yeah, i'm just sanitising it
[2008/08/21 08:26:21] <fujin> ta
[2008/08/21 08:26:40] @ Quit: keithlard:
[2008/08/21 08:26:47] <fujin> gee that was embarassing
[2008/08/21 08:26:48] <fujin> what an idiot ;)
[2008/08/21 08:28:05] <thom> http://pastie.org/257169
[2008/08/21 08:29:16] @ keithlard joined channel #puppet
[2008/08/21 08:32:59] <madduck> gah
[2008/08/21 08:33:14] <madduck> so i cleaned the files off the server and wanted to simply make a new cert for the local machine
[2008/08/21 08:33:19] <madduck> info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys/vera.madduck.net.pem
[2008/08/21 08:33:23] <madduck> err: Could not request certificate: Certificate does not match private key. Try 'puppetca --clean vera.madduck.net' on the server.
[2008/08/21 08:33:38] <madduck> I can repeat this at will
[2008/08/21 08:33:38] <fujin> lol
[2008/08/21 08:33:39] <madduck> --clean
[2008/08/21 08:33:42] <madduck> and then
[2008/08/21 08:33:43] <madduck> puppetd --verbose --no-daemonize --waitforcert 20
[2008/08/21 08:33:53] <madduck> puppetca --sign vera.madduck.net
[2008/08/21 08:33:56] <madduck> and same thing
[2008/08/21 08:34:12] <fujin> well thats certainly interesting
[2008/08/21 08:34:18] <madduck> very
[2008/08/21 08:34:44] <madduck> vera:/etc/apache2/sites-available# puppetca --verify vera.madduck.net
[2008/08/21 08:34:44] <madduck> vera.madduck.net: valid
[2008/08/21 08:35:14] <fujin> happen in webrick mode?
[2008/08/21 08:35:21] <madduck> nope, mongrel
[2008/08/21 08:36:55] <madduck> even after a restart
[2008/08/21 08:37:20] <fujin> odd
[2008/08/21 08:37:25] <fujin> make sure --clean is actually cleaning out the certs
[2008/08/21 08:38:32] <madduck> hm, there was a csr left over. weird.
[2008/08/21 08:38:44] <madduck> anyway, the crl problem is still the same.
[2008/08/21 08:39:34] <fujin> try thoms apache config?
[2008/08/21 08:39:41] @ nasrat joined channel #puppet
[2008/08/21 08:39:47] <madduck> except for the balancer settings, it's basically the same
[2008/08/21 08:40:01] <fujin> i see
[2008/08/21 08:40:02] <madduck> thom scares me, he has /etc/puppet/ssl
[2008/08/21 08:40:27] <fujin> lol :}
[2008/08/21 08:41:17] <madduck> and NameVirtualHost *:8140
[2008/08/21 08:41:21] <madduck> without ServerName :)
[2008/08/21 08:45:40] <madduck> thom: could I see /etc/puppet/puppet.conf on the server, and also the version of puppet you run, please?
[2008/08/21 08:46:27] @ Quit: snerd: Remote closed the connection
[2008/08/21 08:47:13] <thom> i was being lazy; that was the minimum i needed :)
[2008/08/21 08:47:24] <thom> 0.24.5 but it's worked for ages
[2008/08/21 08:47:27] <thom> and yes, one sec
[2008/08/21 08:47:47] <madduck> thx
[2008/08/21 08:54:53] @ dsch04_ joined channel #puppet
[2008/08/21 08:55:12] @ Quit: dsch04_: Read error: 104 (Connection reset by peer)
[2008/08/21 08:58:54] @ ashp joined channel #puppet
[2008/08/21 09:00:10] <ashp> anyone whipped up anything to reindent .pp files properly in vim?
[2008/08/21 09:00:16] <ashp> because some of mine have gotten badly messed up :)
[2008/08/21 09:00:30] @ keithlard_ joined channel #puppet
[2008/08/21 09:04:15] <phips> there is a puppet.vim file about somewhere IIRC
[2008/08/21 09:04:19] * phips goes off to look
[2008/08/21 09:04:26] @ keithlard__ joined channel #puppet
[2008/08/21 09:04:45] <ashp> I got 90% of the way with just ==, I always forget about that
[2008/08/21 09:04:53] <ashp> next on my list, figure out how to use svn without any web_dav junk
[2008/08/21 09:05:03] <DavidS> ssh+svn?
[2008/08/21 09:05:27] <ashp> All I'm doing is using svn locally on the box to store puppet confs
[2008/08/21 09:05:32] <phips> ashp: there is indeed a puppet.vim around - luke [lak] wrote it in fact
[2008/08/21 09:05:43] <ashp> so I imported /root/puppet with svn import puppet file:///subversion/puppet
[2008/08/21 09:05:45] <ashp> which worked
[2008/08/21 09:05:51] <ashp> I just have to figure out what variables to set so I can checkout
[2008/08/21 09:07:00] <phips> ashp: http://www.vim.org/scripts/script.php?script_id=2094
[2008/08/21 09:08:02] <ashp> excellent, I'll give it a whirl
[2008/08/21 09:08:07] <ashp> right after I bash my head against ruby all morning
[2008/08/21 09:08:51] <ashp> I have a script that exports users out of ldap into a special syntax, but they asked me to 'make sure 'initial particles such as de or de la' are included under last name
[2008/08/21 09:09:18] <DavidS> omfg
[2008/08/21 09:09:19] <ashp> I don't even know if there's a full list of 'particles' out there for names :/
[2008/08/21 09:10:19] <ashp> right now all I do is: #{record['displayName'].split(/ /).reverse.join("~")}
[2008/08/21 09:10:40] <ashp> So I have to make a list of things to somehow skip the ~ for
[2008/08/21 09:11:00] @ Quit: keithlard_: Read error: 60 (Operation timed out)
[2008/08/21 09:11:17] <DavidS> split all names on whitespace and sort by length ..
[2008/08/21 09:11:24] <DavidS> that should give you a list of particles :-)
[2008/08/21 09:11:27] <kjetilho> ashp: uh, there is a special attribute in LDAP for last names
[2008/08/21 09:11:40] <kjetilho> don't tell me they only register cn?
[2008/08/21 09:11:41] <ashp> kjetilho: Yeah but sadly we're stupid and we just crammed everyone into 'DisplayName'
[2008/08/21 09:11:51] <ashp> Let me go look up the guy with the 'particle', maybe he's got something special :)
[2008/08/21 09:11:53] <DavidS> omfg²
[2008/08/21 09:12:12] <ashp> it's just plain horrible, they must have something else I can filter on, as this is crazy
[2008/08/21 09:13:48] <ashp> sn: De Vincentis
[2008/08/21 09:13:56] <ashp> Hmm, that's just the guys surname, that might be something
[2008/08/21 09:13:58] <kjetilho> assume they have taken care to not capitalize the particle?
[2008/08/21 09:14:10] <DavidS> kjetilho: optimist
[2008/08/21 09:14:30] <ashp> aha, the other guy has sn for the surname
[2008/08/21 09:14:37] <ashp> it's kind of confusing as i have so many to pick from
[2008/08/21 09:14:41] <ashp> if the name is Roberty D. Merrill I get
[2008/08/21 09:15:13] <ashp> sn: Merrill \| givenName: Robert \| cn: Robert D. Merrill \| cn: Robert Merrill \| displayName: Robert D. Merrill \| eduPersonPrincipalName: Robert D. Merrill
[2008/08/21 09:15:16] <kjetilho> in my experience, it's best to make simple rules. users who care will complain to the people in charge of data quality, and everybody wins
[2008/08/21 09:15:17] <ashp> a lot of choices!
[2008/08/21 09:15:26] @ teyo joined channel #puppet
[2008/08/21 09:15:36] <kjetilho> ashp: why? that's perfect
[2008/08/21 09:15:44] <ashp> lawHarvardEduMiddleInitial: D.
[2008/08/21 09:15:45] <ashp> Aha!
[2008/08/21 09:15:49] <madduck> ashp, DavidS: http://bugs.debian.org/495939 -- though the CRL thing does not seem to actually work now
[2008/08/21 09:16:07] <madduck> i suppose I could just file that with redmine.
[2008/08/21 09:16:18] <ashp> So I can just use sn~lawHarvardEduMiddleInitial~givenName
[2008/08/21 09:16:52] <DavidS> madduck: quite skimpy on info your bug report
[2008/08/21 09:17:04] <DavidS> yeah, forward it upstream, I don't think it's a debian specific bug
[2008/08/21 09:17:13] <madduck> DavidS: what's missing?
[2008/08/21 09:17:39] <DavidS> first paragraph: what does "it" refer to? I know, because i've read it here in the channel
[2008/08/21 09:17:42] @ keithlard_ joined channel #puppet
[2008/08/21 09:17:45] <kjetilho> ashp: what? you want to sort on initial before given name?!
[2008/08/21 09:18:17] <ashp> they want surname~initial~firstname
[2008/08/21 09:18:19] <ashp> i don't know why
[2008/08/21 09:18:32] <madduck> DavidS: "local puppetd"
[2008/08/21 09:18:45] <madduck> but yes, not my best report ever
[2008/08/21 09:18:47] @ Quit: keithlard: Read error: 110 (Connection timed out)
[2008/08/21 09:19:03] @ nasrat_ joined channel #puppet
[2008/08/21 09:19:18] <DavidS> madduck: you can improve on the description when filing it to redmin ;-)
[2008/08/21 09:20:41] <madduck> anythign else you'd like to see improved, DavidS?
[2008/08/21 09:21:52] @ nigelk joined channel #puppet
[2008/08/21 09:22:36] <DavidS> a openssl client_s might be useful too?
[2008/08/21 09:22:48] <DavidS> but /me is only guessing
[2008/08/21 09:23:06] <madduck> good idea
[2008/08/21 09:23:19] <DavidS> i'm especially stumped since i always only saw verification- but never decrypt errors
[2008/08/21 09:24:20] <madduck> openssl s_client -connect puppetmaster.madduck.net:8140
[2008/08/21 09:24:30] <madduck> shows nothing else than when I run it locally
[2008/08/21 09:25:24] <DavidS> strange, and the connection works locally too?
[2008/08/21 09:25:29] <madduck> yes
[2008/08/21 09:25:39] <madduck> why wouldn't it?
[2008/08/21 09:25:56] <DavidS> strace the local puppetd to check whether it reads the right certificates?
[2008/08/21 09:27:17] <DavidS> is your crl valid? perhaps the error is referring to that and not the ssl connection itself
[2008/08/21 09:27:28] <DavidS> did i say i'm only guessing?
[2008/08/21 09:28:39] @ Quit: nigelk: Remote closed the connection
[2008/08/21 09:29:13] @ nigelk joined channel #puppet
[2008/08/21 09:29:28] <madduck> /var/lib/puppet/ssl/certs/vera.madduck.net.pem
[2008/08/21 09:29:31] <madduck> sure looks like it
[2008/08/21 09:29:44] <madduck> why would the crl be invalid?
[2008/08/21 09:30:12] <DavidS> sun spots? pebcak? flipped bits?
[2008/08/21 09:31:11] <madduck> openssl crl -in /var/lib/puppet/ssl/ca/ca_crl.pem -text seems happy
[2008/08/21 09:31:18] <madduck> No Revoked Certificates.
[2008/08/21 09:32:11] <DavidS> ho hum
[2008/08/21 09:32:58] @ keithlard joined channel #puppet
[2008/08/21 09:34:44] @ Quit: keithlard__: Read error: 110 (Connection timed out)
[2008/08/21 09:35:44] @ Quit: nasrat: Read error: 110 (Connection timed out)
[2008/08/21 09:36:27] <madduck> http://reductivelabs.com/redmine/issues/show/1525
[2008/08/21 09:40:42] <ashp> God, setting up my own personal server again is a real pain
[2008/08/21 09:40:48] <ashp> thank god I could steal half my work modules
[2008/08/21 09:40:59] <ashp> It was really nice to put them all into place, throw them all in the baseclass and let it go to town :)
[2008/08/21 09:41:21] <ashp> I'm tempted to go back to bind just so I don't have to write the module to install djbdns, remembering how horrible it is :)
[2008/08/21 09:41:48] @ keithlard__ joined channel #puppet
[2008/08/21 09:43:22] @ Quit: nasrat_: Read error: 104 (Connection reset by peer)
[2008/08/21 09:43:34] @ nasrat joined channel #puppet
[2008/08/21 09:43:50] @ Quit: nigelk:
[2008/08/21 09:45:28] @ Quit: kenvandine: Read error: 110 (Connection timed out)
[2008/08/21 09:46:05] <madduck> check out powerdns
[2008/08/21 09:46:26] <f3ew> hehe
[2008/08/21 09:46:31] @ Cope_ joined channel #puppet
[2008/08/21 09:46:32] <f3ew> I told him that yesterday
[2008/08/21 09:47:35] @ keithlard___ joined channel #puppet
[2008/08/21 09:48:16] <ashp> I'm tempted to try powerdns, it's true
[2008/08/21 09:48:22] <ashp> it's just that it's different and different is baddddd
[2008/08/21 09:48:34] <ashp> Unless someone has a module that installs it, that always changes my mind
[2008/08/21 09:51:57] @ Quit: keithlard_: Read error: 110 (Connection timed out)
[2008/08/21 09:52:32] <DavidS> class powerdns { package { powerdns: ensure => installed } }
[2008/08/21 09:52:37] <DavidS> ;-)
[2008/08/21 09:54:02] @ keithlard_ joined channel #puppet
[2008/08/21 09:54:49] <f3ew> ashp which OS/distro again?
[2008/08/21 09:54:59] <ashp> centos
[2008/08/21 09:55:16] <Volcane> DavidS: sounds like your apt-get install puppet-server :P
[2008/08/21 09:55:35] <ashp> DavidS: Haha, it's more the defines to build up the datafiles that's the pain
[2008/08/21 09:56:00] <ashp> I'd like to have dns { "domain.com": ip => "ours", }
[2008/08/21 09:56:01] <DavidS> Volcane: touche
[2008/08/21 09:56:04] <ashp> and have it do all the rest :)
[2008/08/21 09:57:18] @ stasheck joined channel #puppet
[2008/08/21 09:57:19] @ Quit: glaw-london: ""Remember, information is not knowledge, knowledge is not wisdom, wisdom is not truth, truth is not beauty, beauty is not lov
[2008/08/21 09:59:30] @ Quit: keithlard_:
[2008/08/21 10:03:20] <hacim_> what ended up being the solution to the new facter/zombie problems? I noticed that since I installed facter 1.5 all my puppet nodes stopped checking in :P
[2008/08/21 10:03:57] <ashp> zombieeeees
[2008/08/21 10:04:02] @ Quit: keithlard: Read error: 110 (Connection timed out)
[2008/08/21 10:04:15] <hacim_> well, at least I think its zombies
[2008/08/21 10:04:35] @ shenson_not_here is now known as shenson
[2008/08/21 10:05:27] @ Quit: Cope: Read error: 110 (Connection timed out)
[2008/08/21 10:05:36] <Volcane> hacim_: try the new beta for facter
[2008/08/21 10:06:13] @ Quit: keithlard__: Read error: 110 (Connection timed out)
[2008/08/21 10:06:56] <hacim_> Volcane: do you have a reference for this suggestion?
[2008/08/21 10:07:15] <Volcane> hacim_: hmm, theres a ticket on redmine about it, used to be #1440 i think that its been taken over by another
[2008/08/21 10:07:17] <gepetto> Volcane: hacim_: #1440 is http://reductivelabs.com/redmine/issues/show/1440
[2008/08/21 10:07:19] @ hacim_ is now known as micah
[2008/08/21 10:07:39] @ micah is now known as hacim
[2008/08/21 10:07:56] <hacim> Volcane: could you be referring to #1442 ?
[2008/08/21 10:07:58] <gepetto> hacim: Volcane: #1442 is http://reductivelabs.com/redmine/issues/show/1442
[2008/08/21 10:09:16] <Volcane> hacim: check the list archives for this week, luke i think announced a facter beta
[2008/08/21 10:09:50] @ jbrothers joined channel #puppet
[2008/08/21 10:12:50] @ Quit: keithlard___: Read error: 110 (Connection timed out)
[2008/08/21 10:13:08] @ nasrat_ joined channel #puppet
[2008/08/21 10:13:41] @ Quit: nasrat: Read error: 104 (Connection reset by peer)
[2008/08/21 10:20:50] @ Quit: pleemans: "Ex-Chat"
[2008/08/21 10:21:04] <hacim> Volcane: thanks, I found it
[2008/08/21 10:22:40] <ashp> well, that's me updated to .5
[2008/08/21 10:22:42] <ashp> lets hope it works
[2008/08/21 10:23:01] <ashp> I wonder if facts in modules works in .5
[2008/08/21 10:24:03] <ashp> http://github.com/lacklusternet/puppet-tinydns/tree/master <-- nice, exactly what I need, except I want to remove about 90% of the variables and defines from being in nodes.pp because that's horrible :)
[2008/08/21 10:24:32] @ Quit: jbrothers: Read error: 104 (Connection reset by peer)
[2008/08/21 10:25:20] @ sazma joined channel #puppet
[2008/08/21 10:25:43] <sazma> Hi all. How do I get dynamic/generated text into my puppet templates? print doesn't seem to do it.
[2008/08/21 10:25:57] <DavidS> puts ?
[2008/08/21 10:26:07] <DavidS> or <%= variable %>
[2008/08/21 10:26:22] <DavidS> search for templates in the wiki to get some examples
[2008/08/21 10:26:26] <sazma> puts has problems though... it adds \n's or whatever
[2008/08/21 10:27:10] <sazma> I know how to do variables... just not generated text... take for instance the output of the 'banner' command... I've tried $x{} or whatever... no go
[2008/08/21 10:27:35] <sazma> or let's say I want to connect to a database in my template and pull some stuff out of there...
[2008/08/21 10:27:57] <sazma> it seems like variables created in templates don't behave the same as variables inherited from puppet
[2008/08/21 10:37:35] @ keithlard joined channel #puppet
[2008/08/21 10:37:41] <sazma> %x I mean
[2008/08/21 10:39:05] <sazma> nm I figured it out
[2008/08/21 10:41:44] @ Quit: ashp: "leaving"
[2008/08/21 10:43:03] @ brscott joined channel #puppet
[2008/08/21 10:43:06] @ brscott left channel #puppet ()
[2008/08/21 10:44:15] @ Quit: keithlard:
[2008/08/21 10:45:39] @ keithlard joined channel #puppet
[2008/08/21 10:45:56] @ nigelk joined channel #puppet
[2008/08/21 10:46:24] @ masssimoo1 joined channel #puppet
[2008/08/21 10:46:38] @ jbrothers joined channel #puppet
[2008/08/21 10:48:04] <masssimoo1> hello puppeteers, is there a way to write something if a variable is defined else write something else in a erb template?
[2008/08/21 10:48:55] <DavidS> <% if var == "" %> something <% else %> something else <% end %> IIRC
[2008/08/21 10:49:12] <DavidS> there might be a "do" missing, but ruby will tell you
[2008/08/21 10:49:27] <DavidS> or search the wiki for "template" to see some examples
[2008/08/21 10:49:43] <masssimoo1> I tried something like <% if var_url %> <%= var_url %> <% else %> https://someotherurl <% end %>
[2008/08/21 10:50:05] <masssimoo1> but puppet exited with error var_url not defined
[2008/08/21 10:51:04] <DavidS> what's the name of the var in the manifest?
[2008/08/21 10:51:05] <masssimoo1> Could not find value for 'var_url' with the above
[2008/08/21 10:51:57] <masssimoo1> well ideally I have some classes the call the same function with the template in it and some classes have the variable set and others don't
[2008/08/21 10:52:11] <DavidS> what's the name of the var in the manifest?
[2008/08/21 10:52:23] <DavidS> and you have to check for ==""
[2008/08/21 10:52:43] <masssimoo1> at the moment the variable is not defined
[2008/08/21 10:53:20] <masssimoo1> I would like something like if (defined(var_url))
[2008/08/21 10:53:36] <DavidS> if var_url != ""
[2008/08/21 10:54:30] <masssimoo1> Could not find value for 'var_url'
[2008/08/21 10:54:41] <masssimoo1> maybe it's not possible
[2008/08/21 10:55:02] <thom> i've never got that to work reliably
[2008/08/21 10:55:12] @ ashp joined channel #puppet
[2008/08/21 10:55:28] <thom> ended up defining all of the variables as "" in all contexts
[2008/08/21 10:55:49] <masssimoo1> that's what I thought of doing...
[2008/08/21 10:56:41] <masssimoo1> how can you add ruby code in the template, the doc says to use % anyone did that?
[2008/08/21 11:01:20] <Volcane> masssimoo1: <% if var == "" %>
[2008/08/21 11:01:31] <Volcane> masssimoo1: thats ruby code in a template.
[2008/08/21 11:02:59] <ptman> masssimoo1: I think what you are after is if defined?(foo)
[2008/08/21 11:03:23] <Volcane> ptman: that only works in 0.24.5
[2008/08/21 11:03:41] <ptman> Volcane: I thought we were speaking ruby here and not puppet
[2008/08/21 11:04:25] <ptman> in ruby, afaict, that works, tried it in irb a moment ago
[2008/08/21 11:04:26] <Volcane> actually that just wont work at all in templates under puppet
[2008/08/21 11:04:42] <ptman> erb has some restrictions?
[2008/08/21 11:04:53] <Volcane> ptman: when you do <%= var_url %> in puppet erb tmeplates its not quite accessing var_url direct int he name space
[2008/08/21 11:05:03] <Volcane> ptman: fancy shit happens, suffice to say they're not real variables
[2008/08/21 11:05:10] <ptman> oh, bummer
[2008/08/21 11:05:22] <Volcane> yeah so in 0.24.5 theres a helper function to do it
[2008/08/21 11:05:22] <ptman> now I know better
[2008/08/21 11:06:03] <masssimoo1> right so, that's probably why it doesn't work for me... thanks guys
[2008/08/21 11:09:16] @ lak joined channel #puppet
[2008/08/21 11:13:13] @ emerose joined channel #puppet
[2008/08/21 11:24:25] @ muerr joined channel #puppet
[2008/08/21 11:28:06] @ Quit: muerr: Client Quit
[2008/08/21 11:32:13] @ Quit: kolla: Remote closed the connection
[2008/08/21 11:33:12] <csmith_not_here> back
[2008/08/21 11:38:24] <Gh0sty> anyone here run puppet on freebsd? :/
[2008/08/21 11:38:45] <DavidS> Gh0sty: yeah, i believe there are people here doing that
[2008/08/21 11:38:51] <Gh0sty> (or am i the only one crazy enough to run freebsd :p )
[2008/08/21 11:39:06] <fujin> I don't recall the name of the guy who is the puppet bsd dude
[2008/08/21 11:39:17] <fujin> ah, msf
[2008/08/21 11:39:20] <fujin> iirc.
[2008/08/21 11:39:22] * fujin pords
[2008/08/21 11:39:37] <fujin> what seems to be the problem Gh0sty ?
[2008/08/21 11:42:02] <Gh0sty> well i was wondering how to install packages on that one ... :p
[2008/08/21 11:42:37] <Gh0sty> i saw on the wiki there is some descriptions around that but its already from version 0.23 so not sure if it's relevant or not ... :/
[2008/08/21 11:42:49] @ kenvandine joined channel #puppet
[2008/08/21 11:42:52] @ muerr joined channel #puppet
[2008/08/21 11:44:13] <DavidS> Gh0sty: what does wiki:TypeReference#package say?
[2008/08/21 11:44:29] <gepetto> DavidS: Gh0sty: wiki:TypeReference is http://reductivelabs.com/trac/puppet/wiki/TypeReference
[2008/08/21 11:44:45] @ Quit: muerr: Client Quit
[2008/08/21 11:45:05] @ muerr joined channel #puppet
[2008/08/21 11:46:31] <Gh0sty> installable and uninstallable
[2008/08/21 11:47:02] <Gh0sty> so i guess not upgradeable :/
[2008/08/21 11:47:04] <Gh0sty> damn
[2008/08/21 11:48:25] <DavidS> according to the doc, upgradable is only used for "ensure => latest"
[2008/08/21 11:48:50] @ shadoi joined channel #puppet
[2008/08/21 11:49:10] <DavidS> hi shadoi! how's going?
[2008/08/21 11:50:07] <fujin> man, check this out.. http://junglist.gen.nz/files/junglistmail.jpg - who needs a mail client anymore
[2008/08/21 11:50:40] <muerr> heh looks like greasemonkey scriptery.
[2008/08/21 11:50:46] <fujin> Stylish, actually
[2008/08/21 11:50:49] <muerr> Sure.
[2008/08/21 11:50:51] <fujin> It's all css
[2008/08/21 11:51:00] <muerr> I like the default look of gmail :)
[2008/08/21 11:51:01] <fujin> images cached locally
[2008/08/21 11:51:04] <DavidS> fujin: all people who don't trust google with their data
[2008/08/21 11:51:23] <fujin> heh
[2008/08/21 11:51:26] <fujin> big brother google eh
[2008/08/21 11:51:30] @ densone joined channel #puppet
[2008/08/21 11:51:44] <muerr> You have 876 messages in your inbox? Pfft. I have four, which all arrived last night/this morning :-)
[2008/08/21 11:51:45] <shadoi> DavidS: hey :) good
[2008/08/21 11:51:56] <fujin> lol
[2008/08/21 11:52:01] <fujin> I thought I had more than 876..
[2008/08/21 11:52:05] <fujin> my work one has like 6000~
[2008/08/21 11:52:05] <densone> anyone here have experience with the "package" type?
[2008/08/21 11:52:07] <fujin> o_0
[2008/08/21 11:52:16] <fujin> I'm pretty familiar with the package type
[2008/08/21 11:52:17] <fujin> ;>
[2008/08/21 11:52:19] <fujin> Sup?
[2008/08/21 11:52:25] @ Quit: Demosthenes: "leaving"
[2008/08/21 11:52:31] <DavidS> shadoi: any news on the collectd stuff?
[2008/08/21 11:52:39] <muerr> DavidS: your email went over the tubes in clear text unless you encrypted it anyway, doesn't matter if you trust Google if you don't trust every internet provider between you and people you email :-D
[2008/08/21 11:52:39] <madduck> hacim: that works; thanks!
[2008/08/21 11:52:59] <shadoi> DavidS: It's looking good I think, we're cramming for a VC demo, so we haven't been able to deploy it fully yet.
[2008/08/21 11:53:00] <muerr> And mind that some ISPs actually do full-packet capture.
[2008/08/21 11:53:09] <fujin> CARNIVORE
[2008/08/21 11:53:22] <DavidS> muerr: actually i do trust myself, and i implicitely believe that the people i send mail to trust their own provider enough
[2008/08/21 11:53:49] <hacim> madduck: oh yeah, but its not a good solution IMHO
[2008/08/21 11:53:50] <DavidS> shadoi: i figured :)
[2008/08/21 11:53:58] <hacim> madduck: its just a work-around so you can keep going
[2008/08/21 11:54:02] <madduck> jamesturnbull: replying in redmine seems broken, http://reductivelabs.com/redmine/issues/reply/1525?journal_id=4359 gives me source code...
[2008/08/21 11:54:05] <madduck> hacim: yeah...
[2008/08/21 11:54:13] <densone> fujin, is this something I download or is it native to puppet?
[2008/08/21 11:54:28] <madduck> jamesturnbull: only if javascript is turned off
[2008/08/21 11:54:29] <DavidS> muerr: and i'm using ssl/tls for submission and to whichever mta who want's to accept it ...
[2008/08/21 11:54:31] <fujin> densone: huh?
[2008/08/21 11:55:16] <hacim> madduck: my ticket about the case insensitivity issue you sent in (#1515) was rejected because it could not be duplicated, I may need your help to provide more evidence of this
[2008/08/21 11:55:18] <gepetto> hacim: madduck: #1515 is http://reductivelabs.com/redmine/issues/show/1515
[2008/08/21 11:55:27] <fujin> madduck: redmine is pretty heavy on JS..
[2008/08/21 11:55:45] <madduck> hacim: yessir
[2008/08/21 11:55:52] <densone> fujin, http://reductivelabs.com/trac/puppet/wiki/DmgPackages
[2008/08/21 11:56:14] <hacim> madduck: i will require a sit-rep on my desk by oh eighteen hundred hours and salute when you say SIR!
[2008/08/21 11:56:19] <densone> I called it the wrong name , provider I meant
[2008/08/21 11:56:29] <fujin> densone: sorry, I haven't had a chance to use the pkgdmg provider.
[2008/08/21 11:56:46] <muerr> DavidS: I am only pointing out that there's more to trust than just Google in the chain of email if you're truly paranoid about privacy issues :-\
[2008/08/21 11:56:56] <densone> do you know if this is someting I download, or is it part of the puppet install
[2008/08/21 11:57:12] @ Quit: tim\|macbook: "This computer has gone to sleep"
[2008/08/21 11:57:37] <madduck> hacim: maybe the next time i see you in person. /maybe/
[2008/08/21 11:57:39] <DavidS> muerr: and i'm only pointing out that i have my bases pretty well covered already
[2008/08/21 11:57:47] <hacim> madduck: pfff
[2008/08/21 11:59:33] <muerr> if you say so.
[2008/08/21 12:00:37] @ Quit: ramteid:
[2008/08/21 12:01:15] <madduck> hacim: it'll happen...!
[2008/08/21 12:02:40] @ Jaded joined channel #puppet
[2008/08/21 12:06:19] <fujin> hacim: I hope that wasn't an important comment you left on my test blog ;)
[2008/08/21 12:13:37] <hacim> fujin: huh?
[2008/08/21 12:14:14] <hacim> fujin: i suspect smart blog spam? I dont recall making any such comment any time recently
[2008/08/21 12:14:21] @ sigmonsays joined channel #puppet
[2008/08/21 12:14:39] <sigmonsays> morn
[2008/08/21 12:15:23] <sigmonsays> how do I use variables in strings? I put $source_root = "puppet://$server/..../" in side a class block, but when I try to use it I get invalid source
[2008/08/21 12:15:36] <sigmonsays> source => "#{$source_root}/sudoers" ?
[2008/08/21 12:16:32] <bajan> source => [
[2008/08/21 12:16:32] <bajan> "puppet://lhm-srv-puppetmaster.impello.co.uk:8145/files/$base/node/$fqdn/$source",
[2008/08/21 12:16:33] <DavidS> sigmonsays: ${source_root}
[2008/08/21 12:17:39] <sigmonsays> Ahh
[2008/08/21 12:18:06] <sigmonsays> I must have bug elsewhere. that's what I got ;)
[2008/08/21 12:18:50] <bajan> Urr, #{$source_root} != ${source_root} - unless you re-typed instead of copying and pasting.
[2008/08/21 12:20:13] <sigmonsays> got it. thx for listening
[2008/08/21 12:20:20] <sigmonsays> just had a path wrong
[2008/08/21 12:20:34] <sigmonsays> I don't know why I don't follow my own standards when i'm in a rush
[2008/08/21 12:21:23] <Gh0sty> hmm
[2008/08/21 12:21:29] <Gh0sty> how do you something like:
[2008/08/21 12:21:55] <Gh0sty> if package != version 1.xy -> exec command
[2008/08/21 12:22:10] <Gh0sty> which would then invoke upgrade of that package ;)
[2008/08/21 12:22:20] <sigmonsays> exec { } has a unless parameter -- could use grep I suppose
[2008/08/21 12:22:33] <sigmonsays> not sure how to tie that into package { }
[2008/08/21 12:22:34] <Gh0sty> ooh nice :)
[2008/08/21 12:22:39] <Gh0sty> lets see :p
[2008/08/21 12:22:40] <DavidS> isn't there a generic "upgrade all command" in freebsd?
[2008/08/21 12:22:54] <Gh0sty> there is portsnap update
[2008/08/21 12:23:04] <Gh0sty> that does the same as updating the package repository
[2008/08/21 12:23:06] <DavidS> might be more efficient
[2008/08/21 12:23:11] <Gh0sty> so similar to apt-get update
[2008/08/21 12:23:27] <DavidS> i was rather thinking about apt-get dist-upgrade
[2008/08/21 12:23:31] <Gh0sty> and then i would just invoke: portupgrade package :p
[2008/08/21 12:23:32] <ashp> someone needs to design a new package manager (AGAIN) that's designed for working in this type of environment :/
[2008/08/21 12:23:54] <Gh0sty> DavidS: on my production machines i dont want to do dist-upgrade :o
[2008/08/21 12:24:15] <Gh0sty> should be per package controllable :p
[2008/08/21 12:24:16] <ashp> i love the flexibility of the ports with the ability to specify certain options on/off, but no binary packages seem to be close to that flexiblity
[2008/08/21 12:24:21] <Gh0sty> but you gave me a good test :)
[2008/08/21 12:24:23] <ashp> but the flip side is ports are a pain in the ass to manage
[2008/08/21 12:24:29] <Gh0sty> lets see how that unless can help me out :p
[2008/08/21 12:24:45] <Gh0sty> yes i know freebsd in general is a pain ... :p
[2008/08/21 12:24:53] <ashp> personally i'm a massive bsd fan
[2008/08/21 12:24:55] <Gh0sty> but yes not my call and it should be maintained ... :p
[2008/08/21 12:24:58] <ashp> i'd prefer to be running it myself :)
[2008/08/21 12:25:07] <sigmonsays> I think rpm is pretty damn close ashp
[2008/08/21 12:25:09] <ashp> but it is however not well designed for automation via puppet
[2008/08/21 12:25:11] <Gh0sty> i like bsd but not for managing :(
[2008/08/21 12:25:23] <Gh0sty> especially not on this scale :(
[2008/08/21 12:25:27] <ashp> Gh0sty: we'll whip up puppetbsd
[2008/08/21 12:25:34] <Gh0sty> :p
[2008/08/21 12:25:41] <Gh0sty> well since freebsd 6
[2008/08/21 12:25:43] <ashp> totally designed for automation :)
[2008/08/21 12:25:48] <Gh0sty> you can do portsnap fetch update
[2008/08/21 12:25:54] <Gh0sty> that does ~ apt-get update
[2008/08/21 12:26:01] <Gh0sty> and portupgrade packagename
[2008/08/21 12:26:10] <ashp> portsnap is definitely helpful
[2008/08/21 12:26:13] <Gh0sty> is somewhat like apt-get update packagename
[2008/08/21 12:26:24] <ashp> but the biggest problem is if you use ports is passing in options to them to manage via puppet
[2008/08/21 12:26:30] <ashp> like, you can't use the binary so you need to compile a port
[2008/08/21 12:26:35] <ashp> but you want puppet to handle that, it's ugly
[2008/08/21 12:26:54] <Gh0sty> what do you mean?
[2008/08/21 12:27:01] <ashp> say i wanted to build.. i don't know
[2008/08/21 12:27:05] <ashp> apache?
[2008/08/21 12:27:07] <Gh0sty> why is compiling the port a problem?
[2008/08/21 12:27:14] <Gh0sty> puppet will timeout? :p
[2008/08/21 12:27:18] <ashp> say I wanted to enable 6 features and disable the rest
[2008/08/21 12:27:26] <ashp> how do you handle that with puppet?
[2008/08/21 12:27:32] <Gh0sty> thats possible
[2008/08/21 12:27:33] <ashp> I'd have to manually build it and put up a package repo
[2008/08/21 12:27:40] <Gh0sty> you can feed your port a prebuilt config file
[2008/08/21 12:27:48] <Gh0sty> what parameters it should compile apache with
[2008/08/21 12:28:21] <ashp> yeah, but then you have to maintain a load of different option files
[2008/08/21 12:28:34] <ashp> it's better than most other alternatives, i just don't like it so much
[2008/08/21 12:28:35] <Gh0sty> yes that's true
[2008/08/21 12:28:39] <ashp> and heaven forbid it's a slow port to build :)
[2008/08/21 12:28:47] <ashp> or you're on a little vm
[2008/08/21 12:28:47] <Gh0sty> but i use puppet mainly for maintaining files anyway :p
[2008/08/21 12:28:53] <Gh0sty> so thats still doable for now :)
[2008/08/21 12:29:23] <Gh0sty> but i'm gonna try it ;p
[2008/08/21 12:29:31] * Gh0sty puts on the scriptkiddie cap
[2008/08/21 12:29:45] @ dedebkgrn joined channel #puppet
[2008/08/21 12:30:19] @ lnchntdsl joined channel #puppet
[2008/08/21 12:31:32] <muerr> If you need to custom compile packages for your environment, you need to create a local repository to store them.
[2008/08/21 12:31:47] <muerr> Compile once, distribute and install, not compile on every host.
[2008/08/21 12:32:22] <muerr> If you have to config packages with compile-time flags differently on every server, its time to rethink how you're building your infrastructure.
[2008/08/21 12:32:27] <muerr> :)
[2008/08/21 12:32:57] <ashp> I still find package handling a pain
[2008/08/21 12:33:03] <ashp> like I can't just throw in a yum -y upgrade on all the boxes
[2008/08/21 12:33:10] <ashp> in case they upgrade something critical and it busts something else
[2008/08/21 12:33:16] <ashp> but at the same time I don't want to manually update machines anymore
[2008/08/21 12:33:35] <ashp> I wonder if you can 'hold back' rpms or with yum like you can with debian
[2008/08/21 12:33:40] <Jaded> ashp....
[2008/08/21 12:33:41] @ Quit: bajan: "Leaving."
[2008/08/21 12:33:43] <ashp> then i could, per node in puppet, define packages to hold back
[2008/08/21 12:33:50] <ashp> jaded!
[2008/08/21 12:33:57] <Jaded> hehe where you been hiding?
[2008/08/21 12:34:00] <ashp> my god, what the hell man
[2008/08/21 12:34:04] <ashp> where you been? :D
[2008/08/21 12:34:05] @ Quit: nasrat_:
[2008/08/21 12:34:09] <ashp> i moved to boston, i'm hiding here :O
[2008/08/21 12:34:12] <Jaded> other countries, buming around... the usual
[2008/08/21 12:34:18] <Jaded> ah right, I was out in germany
[2008/08/21 12:34:44] <benp-> ashp: you can with yum
[2008/08/21 12:34:52] <ashp> jaded: you still live in london?
[2008/08/21 12:34:57] <ashp> Jaded: I got married and had a baby, busy times for me :O
[2008/08/21 12:35:19] <Jaded> ashp: well I'm back in London for now... gratz on the kid
[2008/08/21 12:35:28] <Jaded> ashp: debating moving to SF or even Canada lol
[2008/08/21 12:35:34] <Jaded> but sitting tight for a bit here
[2008/08/21 12:35:41] <Gh0sty> http://pastie.org/257337
[2008/08/21 12:35:46] <Gh0sty> this makes sense? :p
[2008/08/21 12:35:57] <ashp> canada's nice
[2008/08/21 12:36:32] <Jaded> yeah I'll be there next summer
[2008/08/21 12:36:54] <ashp> this photosynth.net site is awesome
[2008/08/21 12:36:55] <Gh0sty> ashp: yes you can hold back rpm packages
[2008/08/21 12:36:56] <ashp> this is a lot of fun :)
[2008/08/21 12:37:06] <Gh0sty> but you need to install apt on your red hat machines :)
[2008/08/21 12:37:07] <ashp> Gh0sty: Maybe I'll start doing that, hold them back per node and let it upgrade the rest
[2008/08/21 12:37:27] <Gh0sty> hm i dont do auto upgrade
[2008/08/21 12:37:32] <Gh0sty> damages too much
[2008/08/21 12:37:35] <Gh0sty> my idea
[2008/08/21 12:37:44] <ashp> i'd like to, as the hosts grow it's more and more of a pain to manually update
[2008/08/21 12:38:10] <muerr> autoupgrading sucks when say, you have a CentOS 5 box and then it finds it needs to update to 5.2 and hell breaks loose. :-x
[2008/08/21 12:38:55] <ashp> yeah, that's something I'd have to watch
[2008/08/21 12:39:01] <ashp> no upgrading between releases automatically
[2008/08/21 12:39:02] <Volcane> yeah no auto upgrades
[2008/08/21 12:39:13] <Volcane> send yum check-update to a central location and make a report, then apply brain to decide
[2008/08/21 12:39:31] <ashp> well rhn. does that for me
[2008/08/21 12:39:57] <ashp> maybe they need to tag packages better so I can say
[2008/08/21 12:40:01] <benp-> theres a yum plugin that lets you hold back packages
[2008/08/21 12:40:02] @ Quit: jj_: Read error: 113 (No route to host)
[2008/08/21 12:40:03] <ashp> 'do all minor updates, avoid mediums and criticals'
[2008/08/21 12:40:12] <ashp> because when i see an update to fileutils i reallllly don't care
[2008/08/21 12:41:10] <kjetilho> hmm, a plugin for yum which would hold packages with enabled init scripts would go same way towards that
[2008/08/21 12:41:27] @ Quit: DerekW: "Leaving"
[2008/08/21 12:41:53] @ BarnacleBob joined channel #puppet
[2008/08/21 12:44:53] <Gh0sty> Configuration could not be instantiated: Parameter unless failed: 'pkg_info \| grep ruby-1.8.6.287,1\|wc -l' is both unqualifed and specified no search path at /etc/puppet/manifests/classes/rubyupdateclass.pp:4
[2008/08/21 12:44:58] @ Quit: kenvandine: "Ex-Chat"
[2008/08/21 12:44:59] <Gh0sty> so far for my great ideas ;p
[2008/08/21 12:47:20] <Volcane> Gh0sty: you need to give it a path =>
[2008/08/21 12:48:06] <Gh0sty> path for what?
[2008/08/21 12:48:18] <Gh0sty> ah yes it does not have any environment? :p
[2008/08/21 12:49:58] <Volcane> Gh0sty: thats an exec{} causing the error right?
[2008/08/21 12:50:06] <Gh0sty> yes
[2008/08/21 12:50:14] <Volcane> and i said you need to add to it the path => option
[2008/08/21 12:50:40] <Volcane> soooo, read the doc, see what path does, use it
[2008/08/21 12:54:07] <Gh0sty> http://pastie.org/257355
[2008/08/21 12:54:10] <Gh0sty> like this rather?
[2008/08/21 12:54:24] @ muerr left channel #puppet ("Leaving.")
[2008/08/21 12:54:33] <Volcane> Gh0sty: does it work?
[2008/08/21 12:54:51] <Gh0sty> seems not :(
[2008/08/21 12:54:56] <Gh0sty> no errors this time ... :x
[2008/08/21 12:56:14] <Gh0sty> or should path be declared in the class scope in stead of the exec scope? :/
[2008/08/21 12:56:30] <Volcane> if you do:
[2008/08/21 12:56:38] <Volcane> pkg_info \| grep ruby-1.8.6.287,1\|wc -l;echo $?
[2008/08/21 12:56:40] <Volcane> what happens
[2008/08/21 12:56:58] <Volcane> just tell me the number at the end
[2008/08/21 12:57:00] <nevele> has anyone managed to get puppet running with mongrel according to this howto: http://reductivelabs.com/trac/puppet/wiki/UsingMongrel ?
[2008/08/21 12:57:15] <nevele> it seems to just hang while starting the first mongrel
[2008/08/21 12:57:27] <nevele> thinking it may be something with the ssl certs
[2008/08/21 12:57:32] @ ski98033 joined channel #puppet
[2008/08/21 12:57:52] <BarnacleBob> Volcane will always be 0 unless there was an error in wc-l
[2008/08/21 12:57:55] <BarnacleBob> what you want is just
[2008/08/21 12:58:02] @ pjw joined channel #puppet
[2008/08/21 12:58:14] <BarnacleBob> pkg_info \| grep ruby-1.8.6.287,1 ; echo $?
[2008/08/21 12:58:21] <nevele> just hangs at Starting puppetmaster-8150:
[2008/08/21 12:58:26] <BarnacleBob> will return true(0) if grep found lines or falls (1) if it did not
[2008/08/21 12:58:28] <Volcane> BarnacleBob: i know, i was trying to gradually help Gh0sty to read english
[2008/08/21 12:58:32] <BarnacleBob> oh
[2008/08/21 12:58:33] <BarnacleBob> sorry
[2008/08/21 12:58:42] <Gh0sty> Aug 21 18:58:31 nixapps puppetd[61780]: Starting catalog run
[2008/08/21 12:58:43] <Gh0sty> Aug 21 18:58:31 nixapps puppetd[61780]: Finished catalog run in 0.08 seconds
[2008/08/21 12:58:47] <BarnacleBob> didn't read any context :)
[2008/08/21 12:58:53] <Volcane> BarnacleBob: so that he can figure out what the doc means with "then this exec will run unless the command returns 0"
[2008/08/21 12:59:32] <Gh0sty> oh no running in in the commandline you mean :p
[2008/08/21 12:59:34] <Gh0sty> lol
[2008/08/21 12:59:49] <Gh0sty> well i know its not the right version so it should return 0
[2008/08/21 13:00:04] <Volcane> Gh0sty: "then this exec will run unless the command returns 0"
[2008/08/21 13:00:15] <Volcane> Gh0sty: wc -l return 0, command wont run
[2008/08/21 13:01:31] <Gh0sty> ah ok it should return 1 to work?
[2008/08/21 13:01:52] <Volcane> anything but 0
[2008/08/21 13:02:59] <Gh0sty> woow
[2008/08/21 13:03:05] <Gh0sty> now you lost me :\
[2008/08/21 13:03:37] <Volcane> if the comand in "unless => ...." returns 0
[2008/08/21 13:03:39] <Gh0sty> ok in english: what i was trying: if the package ruby-1.8.6.287,1 is not there then exec portupgrade ruby
[2008/08/21 13:03:39] <Volcane> the exec wont run
[2008/08/21 13:03:56] <Volcane> when it says return it means he unix return code
[2008/08/21 13:03:58] <Volcane> ie
[2008/08/21 13:04:09] <Volcane> run comand on the command line, type 'echo $?'
[2008/08/21 13:04:17] <Volcane> if that says 0, exec wont run
[2008/08/21 13:04:31] @ ijcd joined channel #puppet
[2008/08/21 13:04:43] @ Quit: BarnacleBob: "This computer has gone to sleep"
[2008/08/21 13:05:05] <Gh0sty> so in the unless statement i should get something that returns 1 ?
[2008/08/21 13:05:21] @ hessml\|away joined channel #puppet
[2008/08/21 13:05:48] <Volcane> or 2 or 3 or anything that isnt 0
[2008/08/21 13:05:52] <Gh0sty> ah no shit
[2008/08/21 13:06:03] <Gh0sty> it uses return codes?
[2008/08/21 13:06:11] <Gh0sty> not the output
[2008/08/21 13:06:17] <Volcane> yes! :)
[2008/08/21 13:06:19] <Gh0sty> oh my i should stop working
[2008/08/21 13:06:20] <Gh0sty> damn
[2008/08/21 13:06:29] <Gh0sty> that was a hard labor :p
[2008/08/21 13:06:33] <Volcane> haha
[2008/08/21 13:06:37] <Gh0sty> ok i am with you! :p
[2008/08/21 13:06:44] <Volcane> kewl kewl :)
[2008/08/21 13:06:47] <Volcane> right now i can go home hehe
[2008/08/21 13:06:48] <Volcane> bye
[2008/08/21 13:06:54] <Gh0sty> now to find something that does what i want :p
[2008/08/21 13:06:59] <Gh0sty> ok thx!
[2008/08/21 13:07:10] <Volcane> grep does sensible things ith return codes and matches
[2008/08/21 13:07:16] <Volcane> not sure if you can use grep in your case though
[2008/08/21 13:07:23] @ graynor joined channel #puppet
[2008/08/21 13:09:22] <gepetto> ::puppet:: Recipes/sysctl edited by chalex @ http://reductivelabs.com/trac/puppet/wiki/Recipes/sysctl (by chekh@pcbi.upenn.edu)
[2008/08/21 13:09:43] @ plathrop joined channel #puppet
[2008/08/21 13:12:57] <holoway> jamesturnbull: how's your bot coming?
[2008/08/21 13:15:01] <gepetto> ::puppet:: Recipes/sysctl edited by chalex @ http://reductivelabs.com/trac/puppet/wiki/Recipes/sysctl (by chekh@pcbi.upenn.edu)
[2008/08/21 13:18:08] @ Quit: teratoma: "leaving"
[2008/08/21 13:22:47] @ Quit: ijcd: Read error: 110 (Connection timed out)
[2008/08/21 13:27:16] @ Quit: sazma: "Leaving"
[2008/08/21 13:30:13] @ Quit: keithlard:
[2008/08/21 13:30:35] @ rmiller joined channel #puppet
[2008/08/21 13:30:47] <rmiller> hey, question: How do I remove two packages that are dependent on each other?
[2008/08/21 13:31:01] <rmiller> @#$@ing yum
[2008/08/21 13:31:53] <tim\|imac> circular dependencies are bugs, right?
[2008/08/21 13:32:09] <rmiller> these packages are dependent on each other in rpm
[2008/08/21 13:32:15] <rmiller> you can't remove one without removing the other
[2008/08/21 13:32:19] <rmiller> ypbind and yp-tools
[2008/08/21 13:32:52] <ashp> you'd have to do
[2008/08/21 13:32:59] <ashp> exec { "rpm -e --nodeps x y" }
[2008/08/21 13:36:04] <rmiller> hmm.. that's lame
[2008/08/21 13:36:04] <rmiller> heh
[2008/08/21 13:38:45] <nigelk> lak: if you happen to be around... any idea why class foo::bar:sub can't be found at modules/foo/manifests/bar/sub.pp in 0.24.1 but it can in 0.24.5 ? (hunting through tickets/commits now)
[2008/08/21 13:39:04] <lak> no?
[2008/08/21 13:39:57] <gepetto> ::puppet:: Type Reference edited by trac @ http://reductivelabs.com/trac/puppet/wiki/TypeReference
[2008/08/21 13:40:22] <nigelk> I get this http://pastie.org/257391 on puppetmasterd 0.24.1 but not 0.24.5
[2008/08/21 13:40:35] <nigelk> when including base::mac::settings
[2008/08/21 13:40:44] <lak> oh yeah
[2008/08/21 13:41:06] <lak> that happens, i think, if a dir exists at foo/manifests/bar
[2008/08/21 13:41:11] <lak> or rather
[2008/08/21 13:41:14] <lak> if bar.pp exists
[2008/08/21 13:41:18] <lak> and bar/sub.pp exists
[2008/08/21 13:41:23] <lak> i think that's the issue
[2008/08/21 13:41:27] <lak> fixed in 0.24.something
[2008/08/21 13:41:43] <nigelk> yeah, I'm trying to include base::mac::settings then base::mac
[2008/08/21 13:42:29] <nigelk> any clues for terms to hunt for to find a commit I can cherry pick to patch our 0.24.1 before the planned 0.24.5 upgrade in 2 weeks :)
[2008/08/21 13:44:08] <csmith_not_here> back
[2008/08/21 13:44:41] <nigelk> ah: http://reductivelabs.com/redmine/issues/show/1173
[2008/08/21 13:46:22] <nevele> has anyone managed to get puppet and mongrel playing nicely as described here: http://reductivelabs.com/trac/puppet/wiki/UsingMongrel ? it seems to be hanging on trying to start the first mongrel.. thinking its an issue with the ssl certs, but not totally sure
[2008/08/21 13:47:36] @ Quit: pjw:
[2008/08/21 13:54:07] <nigelk> lak: http://github.com/shadoi/puppet/commit/3718b64 fixes it perfectly. thanks
[2008/08/21 13:54:13] <holoway> nevele: yeah, we use mongrel essentially just like that
[2008/08/21 13:55:50] <nevele> holoway: did you have to do anything special with your ssl certs? my init script seems to be hanging trying to start the first mongrel
[2008/08/21 13:56:18] <nevele> holoway: not sure if maybe i have a bad httpd.conf file
[2008/08/21 13:56:38] <nevele> holoway: or if the issue is in that init script
[2008/08/21 13:56:55] <nevele> holoway: both are basically what is posted on the wiki
[2008/08/21 13:58:18] <ashp> 18:56 < LOLandra> someone tried to abduct an 8 yo boy two blocks from here
[2008/08/21 13:58:21] <ashp> whoops, wrong window
[2008/08/21 13:58:51] <ashp> i'm bad at cut and paste (that's my wife so that's 2 blocks from my house :/ )
[2008/08/21 14:00:03] <holoway> nevele: so, the mongrels have nothing to do with your http config
[2008/08/21 14:01:30] <ashp> holoway: what the hell is ruby enterprise edition?
[2008/08/21 14:02:00] <ashp> oh wow, it's a proper branch of ruby
[2008/08/21 14:02:01] <nevele> holoway: yea, thats true.. i mean they need to proxy through apache for the ssl stuff, but i guess that wouldnt cause the mongrel to hang
[2008/08/21 14:02:10] <holoway> ashp: yeah, crazy name, but totally true
[2008/08/21 14:02:14] <holoway> nevele: right
[2008/08/21 14:02:14] <ashp> how come none of this stuff is being implemented in ruby itself?
[2008/08/21 14:02:21] <holoway> try just running the mongrel by hand
[2008/08/21 14:02:59] <ashp> oh this is pretty awesome, they are working on merging it upstream so they run themselves out of a business, but profit in the meantime
[2008/08/21 14:03:22] <holoway> ashp: yeah, I'm pretty sure it'll be in Matz's ruby at some point
[2008/08/21 14:06:07] <nevele> holoway: are you using the puppetmaster mongrel init script from the wiki?
[2008/08/21 14:08:10] <ashp> god, i hate professors
[2008/08/21 14:08:16] <nevele> holoway: and it looks like the start() function of that init script is passing httpd args from httpd.conf while starting the mongrel
[2008/08/21 14:08:19] <ashp> this guy here got $50k of new gear this year, he has EIGHT monitors in his office
[2008/08/21 14:08:22] <ashp> i have one, and it sucks
[2008/08/21 14:10:16] <ashp> awww
[2008/08/21 14:10:24] <ashp> he has a dogcam, all is forgiven
[2008/08/21 14:10:54] <benp-> dogcam?
[2008/08/21 14:11:16] <ashp> he needs all this monitors so he can watch the webcam at home that points at his dog
[2008/08/21 14:11:23] <ashp> it all makes sense, why else would you need eight monitors
[2008/08/21 14:12:01] <nevele> ashp: cause it gets the chicks?
[2008/08/21 14:12:15] <ashp> I should have become a professor, grumble
[2008/08/21 14:12:57] @ hessml\|away is now known as hessml\|away\|away
[2008/08/21 14:14:37] @ shenson is now known as shenson_not_here
[2008/08/21 14:16:49] @ pleemans joined channel #puppet
[2008/08/21 14:19:06] @ shenson_not_here is now known as shenson
[2008/08/21 14:22:19] @ Quit: rmiller: "leaving"
[2008/08/21 14:23:11] @ dragonball_ joined channel #puppet
[2008/08/21 14:31:14] @ Quit: hessml\|away\|away: "Leaving..."
[2008/08/21 14:38:56] @ Quit: randybias: Read error: 113 (No route to host)
[2008/08/21 14:46:53] @ muerr joined channel #puppet
[2008/08/21 14:46:57] @ Quit: muerr: Client Quit
[2008/08/21 14:49:22] @ Quit: madduck: "Changing server"
[2008/08/21 14:53:12] @ hessml\|away joined channel #puppet
[2008/08/21 14:54:00] @ randybias joined channel #puppet
[2008/08/21 15:05:31] <gepetto> ::puppet:: Recipes/sysctl edited by chalex @ http://reductivelabs.com/trac/puppet/wiki/Recipes/sysctl (by chekh@pcbi.upenn.edu)
[2008/08/21 15:05:34] @ madduck joined channel #puppet
[2008/08/21 15:10:20] @ dietmar joined channel #puppet
[2008/08/21 15:11:53] @ dietmar is now known as ramteid
[2008/08/21 15:14:13] @ Quit: lak:
[2008/08/21 15:18:49] @ Quit: madduck: Remote closed the connection
[2008/08/21 15:18:51] @ madduck joined channel #puppet
[2008/08/21 15:20:38] <bgupta> Quick question, what protocol does puppet use to transfer binaries?
[2008/08/21 15:21:07] <bgupta> I seem to remember something about them being DIME encapsulated.
[2008/08/21 15:23:05] <ptman> isn't it HTTP? this is just my gut feeling though
[2008/08/21 15:27:20] @ Quit: lnchntdsl: K-lined
[2008/08/21 15:27:21] @ Quit: dedebkgrn: K-lined
[2008/08/21 15:28:36] @ lak joined channel #puppet
[2008/08/21 15:29:45] @ Quit: lak: Client Quit
[2008/08/21 15:34:21] <bgupta> It is getting encoded somehow: contents = CGI.unescape(contents) unless sourceobj.server.local
[2008/08/21 15:34:25] @ dietmar joined channel #puppet
[2008/08/21 15:34:48] <bgupta> I ask because we have a 50MB file we are trying to transfer and it keeps timing out.
[2008/08/21 15:36:34] <ptman> I don't know, but maybe puppet wasn't quite designed to move about big files
[2008/08/21 15:37:34] <bgupta> Grr... yeah I don't think it was.. but once you get used to using it for distribution of files, it becomes "the hammer", if you know what I mean.
[2008/08/21 15:37:53] <benp-> puppet isn't very good at moving large files or lots of files
[2008/08/21 15:38:02] <benp-> if you're using mongrel instead of webrick it helps
[2008/08/21 15:38:20] <bgupta> Ok..
[2008/08/21 15:38:49] <bgupta> Mongrel time. WHich means, I should take this opportunity to puppetize my puppetmaster.
[2008/08/21 15:39:19] <bgupta> I guess that means nginx time also (for SSL)
[2008/08/21 15:39:52] <benp-> or pound, apache
[2008/08/21 15:41:22] <bgupta> (Well for us we are already supposting nginx in our environment (for rails)
[2008/08/21 15:41:50] <ashp> i gotta make a nginx module myselfl ater :/
[2008/08/21 15:41:56] <ashp> it's on my list of things to do tomorrow
[2008/08/21 15:42:28] <bgupta> WOndering if there is something I can do in the mean time.. you know, I kinda thing this is a puppet bug.. Even with webbrick it should be able to transfer a 50mb file.
[2008/08/21 15:42:44] <bgupta> ashp: You are making a module to manage nginx?
[2008/08/21 15:42:51] <ashp> slap it on a webserver and do an exec { wget }?
[2008/08/21 15:42:52] <bgupta> or an nginx module?
[2008/08/21 15:42:59] <ashp> bgupta: a module to install and manage nginx
[2008/08/21 15:43:03] <ashp> however, my needs are absolutely tiny
[2008/08/21 15:43:06] <ashp> so it's not going to be very fancy
[2008/08/21 15:43:26] <ashp> we're talking a package, service, some templated stuff and maybe a define or two to build new configuration files
[2008/08/21 15:44:52] <bgupta> I think we might have an ERB template worked up.. for sitenames
[2008/08/21 15:48:02] @ Quit: dietmar:
[2008/08/21 15:48:12] @ Quit: meandtheshell: "Leaving."
[2008/08/21 15:48:46] @ ramteid_ joined channel #puppet
[2008/08/21 15:50:24] @ ijcd joined channel #puppet
[2008/08/21 15:50:36] @ Quit: ramteid_: Client Quit
[2008/08/21 15:51:20] @ ramteid_ joined channel #puppet
[2008/08/21 15:53:29] @ lak joined channel #puppet
[2008/08/21 15:53:49] @ Quit: edwardam: Read error: 110 (Connection timed out)
[2008/08/21 15:54:41] @ Quit: ramteid_: Client Quit
[2008/08/21 15:55:03] @ ramteid_ joined channel #puppet
[2008/08/21 15:56:07] @ Quit: ramteid_: Client Quit
[2008/08/21 16:00:25] @ marek_ is now known as marek
[2008/08/21 16:02:55] @ Quit: ramteid: Read error: 110 (Connection timed out)
[2008/08/21 16:03:32] <gepetto> ::puppet:: Recipes/sysctl edited by chalex @ http://reductivelabs.com/trac/puppet/wiki/Recipes/sysctl (by chekh@pcbi.upenn.edu)
[2008/08/21 16:04:49] @ Quit: lak:
[2008/08/21 16:07:11] @ edwardam joined channel #puppet
[2008/08/21 16:08:19] @ graynor left channel #puppet ()
[2008/08/21 16:10:50] @ Quit: plathrop: "ERC Version 5.2 (IRC client for Emacs)"
[2008/08/21 16:16:25] @ lak joined channel #puppet
[2008/08/21 16:20:09] @ Quit: pleemans: "Ex-Chat"
[2008/08/21 16:24:09] <ashp> 11:48 am - When Woz goes into an Apple store to buy something they give discounts to employees. When the clerk says what's your employee number he get's to say "one". The way he told the story was better and funnier ... sorry.
[2008/08/21 16:24:13] <ashp> I think i love steve woz the most
[2008/08/21 16:24:36] @ yure joined channel #puppet
[2008/08/21 16:37:57] @ sazma joined channel #puppet
[2008/08/21 16:40:52] <sazma> for a ruby variable to cross a file boundary, does it have to be global?
[2008/08/21 16:42:17] <benp-> does that mean jobs is employee 0?
[2008/08/21 16:42:56] <ashp> he left apple for a while, maybe he lost his id number
[2008/08/21 16:44:42] @ Quit: n5red-0: Remote closed the connection
[2008/08/21 16:49:55] @ Quit: sazma: "Leaving"
[2008/08/21 16:50:04] <sigmonsays> OT: what happens when jobbs dies?
[2008/08/21 16:50:15] <sigmonsays> does apple die too?
[2008/08/21 16:50:28] <sigmonsays> s/jobbs/jobs/
[2008/08/21 16:50:40] <ashp> probably, to be honest
[2008/08/21 16:50:54] <sigmonsays> that's gonna suck ass
[2008/08/21 16:51:20] @ Quit: randybias: Read error: 110 (Connection timed out)
[2008/08/21 16:51:29] <sigmonsays> I have thought the same
[2008/08/21 16:52:37] <ashp> he seems to drive the company in a way nobody else does
[2008/08/21 16:52:41] <ashp> when he left before they lost their way instantly
[2008/08/21 16:53:30] <sigmonsays> jobs is a great visionary. hopefully another guy like him comes along
[2008/08/21 16:54:15] @ jfluhmann joined channel #puppet
[2008/08/21 16:57:20] @ Quit: jfluhmann: Client Quit
[2008/08/21 17:01:23] @ Quit: nigelk:
[2008/08/21 17:04:22] @ Quit: yure: Remote closed the connection
[2008/08/21 17:09:49] @ plathrop joined channel #puppet
[2008/08/21 17:12:41] @ randybias joined channel #puppet
[2008/08/21 17:22:45] <jamesturnbull> madduck: it needs javascript
[2008/08/21 17:23:41] <jamesturnbull> holoway: the bot's fine - works perfectly - buildbot's git processing on the other hand is crap
[2008/08/21 17:24:05] <jamesturnbull> holoway: assumes the git repo is local and needs GIT_DIR set
[2008/08/21 17:25:48] <holoway> gack
[2008/08/21 17:26:37] @ hessml\|away is now known as hessml\|away\|away
[2008/08/21 17:27:03] <jamesturnbull> holoway: yeah so the json parse works fine, I get the data I want but when I try to pass it to the buildbot script (which is python and meaningles to me) it chokes
[2008/08/21 17:28:01] <jamesturnbull> lak: happy for me to try the "moderate new posters" option on the google mailing list?
[2008/08/21 17:28:17] <holoway> jamesturnbull: I think I have admin privs, and would be happy to help approve stuff
[2008/08/21 17:33:34] @ shenson is now known as shenson_not_here
[2008/08/21 17:34:02] @ Quit: MrHeavy: "Leaving"
[2008/08/21 17:39:54] @ Quit: plathrop: Remote closed the connection
[2008/08/21 17:40:10] @ plathrop joined channel #puppet
[2008/08/21 17:42:25] @ Quit: edwardam: Read error: 110 (Connection timed out)
[2008/08/21 17:42:55] @ Quit: hessml\|away\|away: "Leaving..."
[2008/08/21 17:45:15] @ Quit: plathrop: Remote closed the connection
[2008/08/21 17:50:55] <madduck> jamesturnbull: bad design. if something needs javascript, i really wonder why one should use it.
[2008/08/21 17:50:59] <madduck> is there a mail interface?
[2008/08/21 17:51:25] <jamesturnbull> madduck: better design than Trac
[2008/08/21 17:51:39] <jamesturnbull> madduck: yes but I haven't implemented it yet
[2008/08/21 17:51:40] @ verwilst joined channel #puppet
[2008/08/21 17:51:47] <madduck> trac sucks, I know.
[2008/08/21 17:52:02] <madduck> jamesturnbull: well, as long as you're on it, I am happy. :)
[2008/08/21 17:52:19] @ edwardam joined channel #puppet
[2008/08/21 17:53:11] @ jbrothers left channel #puppet ()
[2008/08/21 17:53:53] <lak> jamesturnbull: yeah, that sounds like a good idea
[2008/08/21 17:54:09] <jamesturnbull> lak: okay done then
[2008/08/21 17:54:16] <lak> didn't know that existed, good idea
[2008/08/21 17:56:54] <lak> http://www.linkedin.com/groups?gid=696467&goback=.gdr_1219355778213_1.anb_696467_*2
[2008/08/21 17:57:02] <lak> marcin created a puppet user's group on linkedin
[2008/08/21 17:57:05] @ Quit: verwilst: "Ex-Chat"
[2008/08/21 17:57:51] <madduck> good night folks
[2008/08/21 17:57:52] <madduck> jamesturnbull: thanks
[2008/08/21 18:06:53] @ hessml\|away joined channel #puppet
[2008/08/21 18:09:39] @ Quit: flakrat: "Leaving"
[2008/08/21 18:15:22] @ Quit: densone:
[2008/08/21 18:15:47] @ Quit: teyo: Remote closed the connection
[2008/08/21 18:15:51] @ Quit: randybias:
[2008/08/21 18:16:03] @ randybias joined channel #puppet
[2008/08/21 18:16:19] @ teyo joined channel #puppet
[2008/08/21 18:17:02] <G> package {.... notify => Service[foo] } will cause the service to restart on upgrade right?
[2008/08/21 18:17:44] <benp-> yeah
[2008/08/21 18:18:57] <G> thanks, all I needed to know :)
[2008/08/21 18:19:37] <G> well, not all, but I doubt I can get the answer to the meaning of life from here :)
[2008/08/21 18:20:19] <holoway> G: http://en.wikipedia.org/wiki/Logotherapy
[2008/08/21 18:22:00] @ hessml\|away is now known as hessml\|away\|away
[2008/08/21 18:23:00] @ Quit: hessml\|away\|away: "Leaving..."
[2008/08/21 18:27:05] <ijcd> I don't think this is possible, but is there anyway to have puppet calculate and apply the "inverse" of a class definition? I I have classes that just add package and files. It'd be nice (for when you remove them) to say things like "uninclude company_dev" and have it uninstall and remove those classes. There could be simple understandable rules around how it behaved... it could be kept simple. My understanding right now is that you have to do "uninstall
[2008/08/21 18:27:29] <ijcd> Our approach before was to just build virtual images from scratch each time, deleting the old image, but that's not always possible.
[2008/08/21 18:27:39] <ijcd> i.e. your environment isn't virtualized
[2008/08/21 18:31:01] <benp-> puppet can't automagically uninstall or undo configuration. some people make manifests that undo changes. i think most puppet users will tell you the easiest way to repurpose machines is to just reinstall and let puppet rebuild them
[2008/08/21 18:31:12] <holoway> ijcd: even if it isn't virtualized, in my experience, it's probably still easier to just re-purpose machines from pxe boot images
[2008/08/21 18:31:19] <benp-> heh
[2008/08/21 18:31:25] <holoway> benp-: ;)
[2008/08/21 18:31:42] <holoway> and if you can't do that, then what benp said is right on
[2008/08/21 18:31:50] <holoway> have an uninstall class, that wraps what needs to et cleaned up
[2008/08/21 18:32:21] <ijcd> thx, that's what I thought... was looking for a way to automate the easy parts of that.
[2008/08/21 18:32:25] <ijcd> seems doable/addable
[2008/08/21 18:32:30] <ijcd> but I understand the current state of things
[2008/08/21 18:32:51] <holoway> ijcd: I'm not sure there is a good way to patch puppet to make that any more reasonable
[2008/08/21 18:33:03] <holoway> mostly because it requires a level of state transition that is awkward to achieve
[2008/08/21 18:33:06] <holoway> it's kind of like rollbakcs
[2008/08/21 18:33:57] <ijcd> I was thinking the new class would apply inverse operations to the resources it mapped to... ie if it had package {"foo":ensure installed}, it would change that to package ["foo": ensure uninstalled"}
[2008/08/21 18:34:04] <ijcd> ensure present --> ensure absent
[2008/08/21 18:34:07] <ijcd> stuff like that
[2008/08/21 18:34:12] <ijcd> nothing too fancy
[2008/08/21 18:34:12] <holoway> yeah, but what about exec statlements?
[2008/08/21 18:34:19] <holoway> defined types?
[2008/08/21 18:34:20] <ijcd> and yes, it wouldn't support everything
[2008/08/21 18:34:41] <holoway> well, you can always put it in to redmine as a feature request