Wednesday, 2009-04-15

[2009/04/15 00:04:42] @ Log started by gepetto
[2009/04/15 00:04:42] @ Quit: bda: "Lost terminal"
[2009/04/15 00:05:00] @ Quit: Spec: SendQ exceeded
[2009/04/15 00:06:24] @ monzie joined channel #puppet
[2009/04/15 00:10:34] @ andrewcshafer joined channel #puppet
[2009/04/15 00:13:06] @ quit (okay bye)
[2009/04/15 00:13:43] @ Joined channel #puppet
[2009/04/15 00:13:43] @ Topic is "Puppet 0.24.8 released! http://tinyurl.com/cv2tq2 \| Tickets, bugs and features at http://tinyurl.com/46ryk7"
[2009/04/15 00:13:43] @ Topic set by jamesturnbull on Mon Mar 23 07:50:35 -0400 2009
[2009/04/15 00:13:52] @ Mode +tnc by kornbluth.freenode.net
[2009/04/15 00:13:52] @ Quit: axisys: "Lost terminal"
[2009/04/15 00:19:53] @ kingitchy_ joined channel #puppet
[2009/04/15 00:24:11] @ Quit: nDuff: Read error: 110 (Connection timed out)
[2009/04/15 00:24:16] @ nDuff joined channel #puppet
[2009/04/15 00:26:00] @ grim_radical joined channel #puppet
[2009/04/15 00:32:56] @ Quit: teratoma: "leaving"
[2009/04/15 00:37:06] @ WALoeIII joined channel #puppet
[2009/04/15 00:37:48] @ Quit: kingitchy: Read error: 110 (Connection timed out)
[2009/04/15 00:42:23] @ PaulWay joined channel #puppet
[2009/04/15 00:43:06] @ Shazburg_ joined channel #puppet
[2009/04/15 00:43:32] @ Quit: Shazburg_: Client Quit
[2009/04/15 00:48:06] @ Quit: WALoeIII: "Bai."
[2009/04/15 00:50:02] @ Quit: Shazburg: Read error: 110 (Connection timed out)
[2009/04/15 00:52:08] <hMz> hrm
[2009/04/15 00:52:29] <hMz> anyway to change the default port for reporting?
[2009/04/15 00:55:57] <PaulWay> I'd like to get puppet reporting first... :-)
[2009/04/15 00:56:53] @ WALoeIII joined channel #puppet
[2009/04/15 00:59:58] @ Quit: WALoeIII: Client Quit
[2009/04/15 01:00:09] @ WALoeIII joined channel #puppet
[2009/04/15 01:00:10] @ Quit: thijso: Read error: 110 (Connection timed out)
[2009/04/15 01:00:37] <bobbyz> Are there any known parsing/caching problems with 0.24.8? I can't quite put my finger on it, but it seems like my configs aren't always evaluated in entirety
[2009/04/15 01:01:05] <bobbyz> for example, I've included a class that defined 5 yum repos all in the same class...one gets created and the other four don't :)
[2009/04/15 01:02:50] @ thijso joined channel #puppet
[2009/04/15 01:06:52] @ Quit: kingitchy_: Read error: 104 (Connection reset by peer)
[2009/04/15 01:07:29] <ohadlevy> hmz: what are you trying to do?
[2009/04/15 01:08:23] @ randybia joined channel #puppet
[2009/04/15 01:08:38] @ johnw joined channel #puppet
[2009/04/15 01:08:47] <johnw> hello, i'm having a template/variable scoping problem
[2009/04/15 01:08:50] <johnw> http://gist.github.com/95613
[2009/04/15 01:09:07] <johnw> my setting of $adagio_jndi_name in the node is being ignored by the template expanded by the class
[2009/04/15 01:09:22] <johnw> am I misunderstanding how dynamic scoping should work in Puppet?
[2009/04/15 01:10:07] @ Quit: gaveen: "Enough lurking for now"
[2009/04/15 01:10:50] <ohadlevy> johnw: if you define the same variable in the class, it overrides the node definiton
[2009/04/15 01:11:02] <johnw> should it be defined outside of the class then?
[2009/04/15 01:11:15] <ohadlevy> thats one option
[2009/04/15 01:11:26] <johnw> i would like there to be "defaults"
[2009/04/15 01:11:37] <ohadlevy> you could do something like:
[2009/04/15 01:12:34] @ randybia_ joined channel #puppet
[2009/04/15 01:12:51] <ohadlevy> $real_db = $node_db ? { "" => "DB", default => $node_db }
[2009/04/15 01:13:04] <ohadlevy> and use real_db in your template
[2009/04/15 01:13:16] <ohadlevy> and node_db in your node
[2009/04/15 01:13:19] <johnw> why is that better than simply defining the defaults outside of the class, at top-level?
[2009/04/15 01:13:27] <johnw> ah, that doesn't even work
[2009/04/15 01:14:32] <ohadlevy> good question, I cant rememeber why I did it this way, could be something with defining the same variable twice
[2009/04/15 01:14:51] <ohadlevy> I guess you could define this stuff only on the node level, you cant define it in two different classes
[2009/04/15 01:14:54] <johnw> the Pulling Strings book just defines the variable in the class and the node, saying that the node definition will override any later definition
[2009/04/15 01:15:05] <johnw> let me check that...
[2009/04/15 01:17:28] <johnw> oh, in the book he defines it outside
[2009/04/15 01:17:34] <johnw> but apparently that's not good enough for templates
[2009/04/15 01:17:40] <johnw> i may have to use your hack
[2009/04/15 01:20:18] <hMz> ohadlevy: i have puppet behind a loadbalancer and when i try to specify a single server for all my reports, i get a key mismatch
[2009/04/15 01:20:20] <ohadlevy> johnw: in my environment, I have many modules calling "sub" modules, so it was needed to define some variables that other modules need... hence the hack
[2009/04/15 01:20:34] <hMz> so i wanted to know if i could set the port, so i can have that port only goto one server as a way to work around the key issue
[2009/04/15 01:20:41] <ohadlevy> hMz: dont you have a common CA signing all of your puppetmasters?
[2009/04/15 01:20:48] <johnw> i suppose I could do this with a define too
[2009/04/15 01:20:55] <hMz> i do, but the key is for the common key
[2009/04/15 01:21:00] <hMz> not for the server key
[2009/04/15 01:21:38] <ohadlevy> hMz: but you can define the report server, as long as the certificate are trusted that should not be a problem (and in order to get trusted certificaes I use a common chained CA)
[2009/04/15 01:22:11] <hMz> i dont think i understand, then
[2009/04/15 01:22:32] <ohadlevy> I assume you have multiple puppetmasters right?
[2009/04/15 01:22:37] <hMz> yes
[2009/04/15 01:22:51] <ohadlevy> do they have the same certificate? or the certificates are handled on the balancer?
[2009/04/15 01:22:57] @ Quit: lak:
[2009/04/15 01:22:59] <hMz> they have the same cert
[2009/04/15 01:23:12] <ohadlevy> thats your problem..
[2009/04/15 01:23:37] <ohadlevy> there is an alternative
[2009/04/15 01:23:43] <hMz> where the key is on the balancer
[2009/04/15 01:23:50] <hMz> and the servers have their own key?
[2009/04/15 01:24:15] <ohadlevy> well, in your setup, what happen if you need a puppetmaster in another location?
[2009/04/15 01:24:29] <ohadlevy> would you deploy the same cert again?
[2009/04/15 01:24:53] <hMz> i wont specifically have that problem
[2009/04/15 01:25:01] <hMz> but if i did, we'd be on a wan
[2009/04/15 01:25:09] <hMz> and i'd just put more puppetmasters in the same location
[2009/04/15 01:25:10] @ nasrat joined channel #puppet
[2009/04/15 01:25:25] @ edwardam joined channel #puppet
[2009/04/15 01:25:30] <hMz> but for the sake of argument, i can see somewhat where you are going
[2009/04/15 01:25:31] @ Quit: PaulWay: Read error: 110 (Connection timed out)
[2009/04/15 01:25:42] <ohadlevy> hMz: what I've done is to use a certificate chain
[2009/04/15 01:25:47] <ohadlevy> one puppetmaster signs the other puppetmasters
[2009/04/15 01:25:50] <ohadlevy> which signs the clients
[2009/04/15 01:25:58] <ohadlevy> and they all trust each other
[2009/04/15 01:26:12] <hMz> is there a doc?
[2009/04/15 01:26:21] <ohadlevy> yeah, its in the wiki, let me look it up
[2009/04/15 01:27:55] <ohadlevy> http://reductivelabs.com/trac/puppet/wiki/PuppetScalability, under Centralised Puppet Infrastructure
[2009/04/15 01:29:31] @ Quit: randybia: Read error: 110 (Connection timed out)
[2009/04/15 01:37:02] <ohadlevy> hMz: dont you have problems with multiple env and file requests on a load balancer?
[2009/04/15 01:37:28] <ohadlevy> I heard that once a client is requesting a file, the server doesnt know which env is needed
[2009/04/15 01:37:44] <ohadlevy> (if the request goes to another server that is)
[2009/04/15 01:38:49] @ ssm_ joined channel #puppet
[2009/04/15 01:41:44] @ WALoeIII_ joined channel #puppet
[2009/04/15 01:45:38] @ Quit: fujin: Read error: 110 (Connection timed out)
[2009/04/15 01:46:21] @ kibaho1 joined channel #puppet
[2009/04/15 01:46:28] @ kibaho1 left channel #puppet ()
[2009/04/15 01:50:06] @ Quit: yure: Read error: 113 (No route to host)
[2009/04/15 01:50:38] @ Quit: arjanoosting: "leaving"
[2009/04/15 01:51:08] @ Quit: randybia_: Client Quit
[2009/04/15 01:52:45] @ Quit: nasrat:
[2009/04/15 01:55:09] @ kibaho1 joined channel #puppet
[2009/04/15 01:55:16] @ kibaho1 left channel #puppet ()
[2009/04/15 01:58:46] @ nasrat joined channel #puppet
[2009/04/15 01:59:09] @ Quit: WALoeIII: Read error: 110 (Connection timed out)
[2009/04/15 01:59:14] @ Quit: WALoeIII_: "Bai."
[2009/04/15 01:59:18] @ PaulWay joined channel #puppet
[2009/04/15 01:59:56] <PaulWay> Hi all!
[2009/04/15 02:00:11] <PaulWay> I'm having real trouble setting tags on my servers to configure them.
[2009/04/15 02:00:29] @ Quit: ezekiel-v3: Read error: 60 (Operation timed out)
[2009/04/15 02:00:41] <PaulWay> I've been using $tag = "foo", but now I want to have tags "foo" and "bar" applied to the one node - how do I do that?
[2009/04/15 02:01:00] @ d3vilb0x joined channel #puppet
[2009/04/15 02:01:47] <ohadlevy> PaulWay: doesnt it work with puppetd -tv --tags foo,bar
[2009/04/15 02:01:48] <ohadlevy> ?
[2009/04/15 02:04:20] <PaulWay> ohadlevy: no, I'm trying to set the tag in the node definition so that the classes that node pulls in get the appropriate files (based on source => [ ".../file-$tag", ...]
[2009/04/15 02:04:23] <PaulWay> )
[2009/04/15 02:04:54] <ohadlevy> PaulWay: so its not a puppet tag, its just a variable?
[2009/04/15 02:05:48] <hMz> i dont use environments
[2009/04/15 02:05:53] <hMz> its that simple :P
[2009/04/15 02:06:07] <ohadlevy> hMz: Lucky you
[2009/04/15 02:06:14] <hMz> i have separate puppet networks for that
[2009/04/15 02:06:40] <ohadlevy> hMz: so you have a seperate puppet server for each classes of hosts?
[2009/04/15 02:07:01] <hMz> no?
[2009/04/15 02:07:09] <PaulWay> ohadlevy: OK, I sort of get that now. It's a variable called $tag.
[2009/04/15 02:07:32] <hMz> i have separate puppet networks for production/test
[2009/04/15 02:07:46] <ohadlevy> hMz: what do you mean by networks?
[2009/04/15 02:07:50] <hMz> and one is really a mock up of he other
[2009/04/15 02:07:56] <hMz> load balancer, puppet masters, etc
[2009/04/15 02:08:28] <PaulWay> So is there a way of saying "these servers have this (tag\|attribute\|zongo)" in the nodes config and then "servers with this (tag\|attribute\|zongo) get this file, etc." in the class config?
[2009/04/15 02:08:29] <ohadlevy> hMz: well, I tried that in the begining, but eventually moved up to environments... but I guess its really depands on the usage cases..
[2009/04/15 02:08:49] <ohadlevy> PaulWay, sure, just use the variable name in the source of the file?
[2009/04/15 02:08:53] <hMz> yea, i work in an environment which is almost all servers
[2009/04/15 02:08:59] <hMz> they're almost all in the same phyiscal location
[2009/04/15 02:09:08] <hMz> and the only real need for test is to keep clueless admins from doing stupid stuff
[2009/04/15 02:09:49] <PaulWay> That only seems to work when the variable is one thing, not an array.
[2009/04/15 02:09:49] <hMz> so i think i have it easy compared to some
[2009/04/15 02:09:50] @ Quit: randybias: Read error: 110 (Connection timed out)
[2009/04/15 02:10:35] <PaulWay> So I can't say "this server is a production server and it's a time-master" with a variable, afaics.
[2009/04/15 02:10:56] <Djelibeybi> PaulWay: you actually need to tag your clients
[2009/04/15 02:11:01] <ohadlevy> PaulWay: but why dont you handle this in the time-master class?
[2009/04/15 02:11:06] <Djelibeybi> PaulWay: i.e. get the tags into the /etc/sysconfig/puppet files
[2009/04/15 02:11:19] <Djelibeybi> Actually, don't listen to me.
[2009/04/15 02:11:26] * Djelibeybi is not having a good day. Brain has disconnected.
[2009/04/15 02:11:31] @ fujin joined channel #puppet
[2009/04/15 02:11:56] <PaulWay> Djelibeybi: Yeah, I'd rather avoid having server-specific configuration on the server and not in the Puppet config.
[2009/04/15 02:13:21] <Djelibeybi> PaulWay: then you don't want tags.
[2009/04/15 02:13:46] <Djelibeybi> PaulWay: tags are client-specific, i.e. you set the tag(s) in the client configuration
[2009/04/15 02:13:49] <PaulWay> ohadlevy: OK, thanks - this means I've gone about things the wrong way but I'll redo it to do it the right way now.
[2009/04/15 02:14:08] <PaulWay> And the '$tag' variable has absolutely nothing to do with these 'tags' that you talk of.
[2009/04/15 02:16:45] @ pleemans joined channel #puppet
[2009/04/15 02:17:44] <PaulWay> So what I have so far is http://rafb.net/p/WMSpn863.html
[2009/04/15 02:20:12] <PaulWay> Apologies for the tabulation, it looks like I still need to iron out the spacing.
[2009/04/15 02:20:20] <PaulWay> The new one I've just womped up is http://rafb.net/p/qTfoSs74.html
[2009/04/15 02:20:23] <ohadlevy> PaulWay, and whats the problem with that code?
[2009/04/15 02:20:28] <PaulWay> Does that look sane (apart from the pagination)?
[2009/04/15 02:20:53] <PaulWay> ohadlevy: There's no convenient way to configure which nodes are time masters and which are ordinary peers.
[2009/04/15 02:21:12] @ aymerick joined channel #puppet
[2009/04/15 02:21:14] <ohadlevy> I would create a ntpd::client and a ntpd::server classes
[2009/04/15 02:21:26] <ohadlevy> by default all nodes get ntpd::client class
[2009/04/15 02:21:35] <PaulWay> Right.
[2009/04/15 02:21:36] <ohadlevy> and the time servers include ntpd::server class
[2009/04/15 02:21:42] <ohadlevy> which inherits ntpd::client
[2009/04/15 02:21:45] <ohadlevy> and override the files
[2009/04/15 02:22:02] <PaulWay> That's basically what I'm proposing to do with http://rafb.net/p/qTfoSs74.html
[2009/04/15 02:22:07] <PaulWay> Does that look reasonable?
[2009/04/15 02:23:13] <ohadlevy> PaulWay: you inherit, but you dont override
[2009/04/15 02:23:34] <ohadlevy> you would get a duplicate definition on /etc/ntp.conf
[2009/04/15 02:24:06] <ohadlevy> in your time_master class you should have:
[2009/04/15 02:24:41] <ohadlevy> File["/etc/ntp.conf"] { source => [file1,file2]}
[2009/04/15 02:24:55] <PaulWay> Ah, I see. I think.
[2009/04/15 02:26:20] <bobbyz> hmm...for some reason I can't get directory purging to work for me...I've defined the following class for yum: http://rafb.net/p/5M1kO579.html -- When I do an 'include yum' and then use my define with 'yum::addrepo {"base":}', nothing happens when I run puppet _unless_ I remove everything in /etc/yum.repos.d manually on the target client
[2009/04/15 02:26:20] <PaulWay> Something like http://rafb.net/p/Yrb8FM36.html then?
[2009/04/15 02:26:43] <bobbyz> but if I just run puppet, the files aren't purged and created in /etc/yum.repos.d
[2009/04/15 02:27:21] <ohadlevy> PaulWay: +1
[2009/04/15 02:27:29] <bobbyz> If I then 'rm /etc/yum.repos.d/*' and re-run puppet, the repos are created
[2009/04/15 02:28:26] <ohadlevy> bobbyz: do you get an error message?
[2009/04/15 02:28:36] @ Quit: MarlondB:
[2009/04/15 02:28:51] <PaulWay> ohadlevy: yay - am learning!
[2009/04/15 02:29:07] <bobbyz> ohadlevy, nope, no errors
[2009/04/15 02:29:18] <bobbyz> just expiring the cache and compiling the node
[2009/04/15 02:29:23] <ohadlevy> bobbyz: try to add the recursive option?
[2009/04/15 02:29:24] <bobbyz> I have debug output on too
[2009/04/15 02:29:35] @ Quit: alban2: Read error: 60 (Operation timed out)
[2009/04/15 02:29:39] <bobbyz> ahh, good call, I'll try that
[2009/04/15 02:29:52] <ohadlevy> sorry - Paternity Leave
[2009/04/15 02:29:53] <ohadlevy> oops
[2009/04/15 02:29:56] <ohadlevy> wrong paste :)
[2009/04/15 02:30:00] <ohadlevy> recurse => true,
[2009/04/15 02:30:02] <bobbyz> :)
[2009/04/15 02:30:51] @ kolla joined channel #puppet
[2009/04/15 02:31:03] @ madrescher joined channel #puppet
[2009/04/15 02:31:13] <bobbyz> hmm...nope, still nothing
[2009/04/15 02:33:20] <ohadlevy> bobbyz: why do you need the source?
[2009/04/15 02:33:40] <ohadlevy> bobbyz: what you want to do is to ensure no other repos are defined?
[2009/04/15 02:33:40] <bobbyz> I wasn't sure if I did or not...tried without it as well too
[2009/04/15 02:33:59] <bobbyz> the type reference said something about if you specify the source then it will remove files as well
[2009/04/15 02:34:03] <bobbyz> so added that just to try
[2009/04/15 02:34:31] <ohadlevy> purge => true
[2009/04/15 02:35:13] <bobbyz> yup, that's in there already
[2009/04/15 02:35:28] <bobbyz> what's weird is that it won't even create the new files
[2009/04/15 02:35:29] @ Quit: johnw:
[2009/04/15 02:35:34] <bobbyz> unless I rm the existing repos
[2009/04/15 02:35:48] <bobbyz> it's like it will only operate if the dir is already empty
[2009/04/15 02:36:30] <bobbyz> for example, base.repo doesn't exist yet on the machine I'm testing with. And it doesn't get created unless I remove the existing files
[2009/04/15 02:36:35] <ohadlevy> maybe you need to add require => File["yum.repos.d"] to your define?
[2009/04/15 02:36:36] <bobbyz> like CentOS-Base.repo
[2009/04/15 02:36:44] <bobbyz> k, will try that
[2009/04/15 02:38:37] <bobbyz> hmm....interesting...now it added a couple of the repos I'm trying to create, but not all of them
[2009/04/15 02:38:40] <bobbyz> hehe, so funky
[2009/04/15 02:39:17] <bobbyz> I'm using the define for 4 repos to add....it created 2 now, but the others it didn't create and the existing files weren't purged
[2009/04/15 02:39:20] <bobbyz> something funky going on
[2009/04/15 02:39:38] <ohadlevy> can the puppetmaster read the empty directory you have
[2009/04/15 02:39:46] <bobbyz> yup
[2009/04/15 02:40:29] <ohadlevy> and its a directory?
[2009/04/15 02:40:31] <bobbyz> the interesting thing is that the two files it created were ones that had the same name as existing files I had on the system before
[2009/04/15 02:40:37] <bobbyz> yup, it's an empty dir
[2009/04/15 02:40:53] <bobbyz> so it's like it refused to create files that didn't previously exist
[2009/04/15 02:41:03] <ohadlevy> i do exactly the same as you:
[2009/04/15 02:41:06] <bobbyz> and won't remove any existing files that aren't puppet-managed
[2009/04/15 02:41:08] <ohadlevy> ensure => directory, checksum => mtime,
[2009/04/15 02:41:09] <ohadlevy> recurse => true, purge => true, force => true,
[2009/04/15 02:41:09] <ohadlevy> source => "puppet://$server/munin/empty",
[2009/04/15 02:41:09] <ohadlevy> ignore => ".svn",
[2009/04/15 02:41:09] <ohadlevy> mode => 0755, owner => root, group => root,
[2009/04/15 02:41:43] <bobbyz> everything seems to work fine once I purge the directory manually
[2009/04/15 02:41:49] <bobbyz> which I suppose I can add an exec for
[2009/04/15 02:42:01] <bobbyz> but just trying to figure out why it's not working as expected ya know :)
[2009/04/15 02:42:09] @ ijcd joined channel #puppet
[2009/04/15 02:42:15] @ stijnbe joined channel #puppet
[2009/04/15 02:43:03] <ohadlevy> bobbyz: I just tried it on my setup and it works
[2009/04/15 02:43:07] <PaulWay> Ah, I
[2009/04/15 02:43:14] <PaulWay> Ah, I've finally clued in.
[2009/04/15 02:44:02] <ohadlevy> PaulWay:?
[2009/04/15 02:44:37] <bobbyz> ohadlevy, what ver puppet are you running out of curiosity? I upgraded to .24.8 just recently
[2009/04/15 02:44:49] <bobbyz> wondering if it's a new bug or something
[2009/04/15 02:45:10] <ohadlevy> 0.24-8
[2009/04/15 02:45:28] <ohadlevy> bobbyz: check the log on the puppetmaster as well
[2009/04/15 02:45:39] <bobbyz> yup, I've been tailing it
[2009/04/15 02:45:41] <ohadlevy> mayeb puppetmaster --no-daemonize --trace --debug
[2009/04/15 02:45:41] <bobbyz> no errors
[2009/04/15 02:45:56] <bobbyz> yeah, have debug enabled, but will add trace
[2009/04/15 02:46:01] <PaulWay> I've got two zones - call them north and south - and a bunch of configuration will depend on the zone that the server is in.
[2009/04/15 02:46:47] <PaulWay> So I just define a $zone variable in each node, and then have "puppet:///module/file-$zone" as one of the file sources (for example)
[2009/04/15 02:47:05] <ohadlevy> PaulWay: sure, this works
[2009/04/15 02:47:34] <PaulWay> That way I don't have classes for each zone and have to include the specific class for that machine.
[2009/04/15 02:48:08] <PaulWay> I.e. avoiding the "include ssh::north, include resolv::north, include mongthrax::north" problem.
[2009/04/15 02:48:16] <PaulWay> (problem being repetition)
[2009/04/15 02:49:38] <ohadlevy> PaulWay: yeah, I do this in many different ways
[2009/04/15 02:50:56] <PaulWay> Yeah - that example is one way of solving the problem, there are others of course :-)
[2009/04/15 02:51:50] @ Quit: madrescher: Read error: 113 (No route to host)
[2009/04/15 02:52:58] <PaulWay> Thanks very much for your help ohadlevy :-)
[2009/04/15 02:53:08] <ohadlevy> :)
[2009/04/15 02:53:19] <bobbyz> ohadlevy, yeah, something strange going on here....no errors with tracing and daemon enabled, and it shows the repo templates being rendered and there's a line: Describing /yum/yum.repos.d-empty for <fqdn of host>
[2009/04/15 02:53:46] <bobbyz> but a new test file I've touched in /etc/yum.repos.d wasn't removed
[2009/04/15 02:53:48] <bobbyz> very strange
[2009/04/15 02:56:30] <bobbyz> Oh well...will look at it tomorrow
[2009/04/15 02:56:43] <bobbyz> thanks for the help though ohadlevy
[2009/04/15 02:57:19] <ohadlevy> bobbyz: hold on, I'm just creating a simple manifest which simulates your problem
[2009/04/15 02:57:57] <bobbyz> hehe alrighty
[2009/04/15 02:58:06] <bobbyz> will stay up a tad longer then :)
[2009/04/15 02:58:10] <bobbyz> Thanks for looking into it
[2009/04/15 02:58:13] <bobbyz> I appreciate it
[2009/04/15 02:58:23] <bobbyz> can tar my module and send to you if you want
[2009/04/15 02:59:12] <ohadlevy> bobbyz: try running this file with puppet (no need for puppetd) http://pastie.org/447017
[2009/04/15 02:59:20] <ohadlevy> it works for me
[2009/04/15 02:59:38] <bobbyz> ok, will try it out
[2009/04/15 02:59:50] @ mvn071 joined channel #puppet
[2009/04/15 03:05:28] @ madrescher joined channel #puppet
[2009/04/15 03:05:38] <bobbyz> hmmm...yeah, the test scenarios with puppet alone seem to be working
[2009/04/15 03:06:01] <bobbyz> I tried creating a pre-existing dir with pre-existing files as well
[2009/04/15 03:06:07] <bobbyz> and your example purges them
[2009/04/15 03:06:23] <PaulWay> I'm sort of surprised, when watching the debug output, at seeing so many "calling fileserver.describe" and "Executing '/usr/sbin/up2date-nox --showall'"
[2009/04/15 03:06:26] <PaulWay> in the same run.
[2009/04/15 03:06:39] <bobbyz> dunno why the module won't purge correctly....guess I'll try a few more things
[2009/04/15 03:07:44] @ Quit: edwardam: Remote closed the connection
[2009/04/15 03:09:45] @ MarlondB joined channel #puppet
[2009/04/15 03:15:13] @ Quit: andrewcshafer:
[2009/04/15 03:16:16] <ohadlevy> calling fileserver.describe is normal, as it tries to fetch each file you specify as a source....if it cant find the first, it tries the second one
[2009/04/15 03:17:19] @ tim\|mb joined channel #puppet
[2009/04/15 03:17:42] <bobbyz> ohadlevy, I'm coming to the assumption that there must be something funky happening with storedconfigs and some sort of caching...because I just commented-out the only reference to yum.repos.d-empty in my config file and after re-running puppet, I noticed this in my debug output: debug: mount[yum]: Describing /yum/yum.repos.d-empty for mysql.bobbyz.homeunix.org
[2009/04/15 03:18:03] <ohadlevy> maybe you have a syntax errror?
[2009/04/15 03:18:19] <ohadlevy> the client will cache the last good config
[2009/04/15 03:20:06] <bobbyz> no syntax errors or other errors logged with debug and trace enabled...something whacky is happening for sure though
[2009/04/15 03:20:15] @ PaulWay left channel #puppet ()
[2009/04/15 03:20:50] <bobbyz> oh well...I'd better get some sleep if I'm to function at work tomorrow :) Thanks so much for helping me debug ohadlevy
[2009/04/15 03:20:57] <bobbyz> I might be pestering you again tomorrow...hehe
[2009/04/15 03:22:10] @ DerekW joined channel #puppet
[2009/04/15 03:23:10] @ bobbyz is now known as bobbyzzz
[2009/04/15 03:25:01] <JD> is there anyway to find out the node heirarchy for a particular node?
[2009/04/15 03:25:32] <JD> as I've got a client that doesn't appear to be picking up a change in a node
[2009/04/15 03:25:48] @ BobFunk joined channel #puppet
[2009/04/15 03:30:16] @ Quit: ssm_: "byebye"
[2009/04/15 03:30:55] @ MattyM joined channel #puppet
[2009/04/15 03:34:44] @ GoodStuff joined channel #puppet
[2009/04/15 03:37:03] @ Quit: d3vilb0x:
[2009/04/15 03:46:45] <ohadlevy> JD: you can look at the yaml node file on the puppetmaster
[2009/04/15 03:48:43] <JD> don't see anything there
[2009/04/15 03:49:00] @ Quit: nasrat:
[2009/04/15 03:49:02] <JD> there's "classes: []
[2009/04/15 03:49:55] <ohadlevy> ah right, it only works with external nodes :( sorry
[2009/04/15 03:50:07] @ verwilst joined channel #puppet
[2009/04/15 03:50:54] <JD> ohadlevy: :(
[2009/04/15 03:51:09] <ohadlevy> JD you could parse the cache config on the client to see exactly which config it uses
[2009/04/15 03:52:20] @ thegcat joined channel #puppet
[2009/04/15 03:54:34] <JD> ohadlevy: I could not be an idiot and inherit from the wrong thing :)
[2009/04/15 03:54:49] <ohadlevy> :)
[2009/04/15 03:56:02] <JD> developer-workstation inherited default, not workstation, which is where I made the change
[2009/04/15 03:56:12] <JD> so clearly it wasn't going to pick it up
[2009/04/15 04:00:04] @ d3vilb0x joined channel #puppet
[2009/04/15 04:03:52] @ ssm joined channel #puppet
[2009/04/15 04:04:17] @ Innocenti joined channel #puppet
[2009/04/15 04:04:38] @ mikepea joined channel #puppet
[2009/04/15 04:05:43] @ axisys joined channel #puppet
[2009/04/15 04:06:58] @ Quit: mikepea: Client Quit
[2009/04/15 04:08:54] @ tim\|macbook joined channel #puppet
[2009/04/15 04:09:18] @ Quit: madrescher: Read error: 110 (Connection timed out)
[2009/04/15 04:11:37] @ madrescher joined channel #puppet
[2009/04/15 04:22:01] @ glaw joined channel #puppet
[2009/04/15 04:25:52] @ mikepea joined channel #puppet
[2009/04/15 04:26:53] @ Quit: maxagaz: "Leaving"
[2009/04/15 04:27:04] @ Quit: tim\|mb: Read error: 110 (Connection timed out)
[2009/04/15 04:31:57] @ fujin_ joined channel #puppet
[2009/04/15 04:33:10] @ Quit: fujin: Nick collision from services.
[2009/04/15 04:33:11] @ fujin_ is now known as fujin
[2009/04/15 04:36:44] @ mattock joined channel #puppet
[2009/04/15 04:36:47] @ mattock left channel #puppet ()
[2009/04/15 04:37:47] @ alban2 joined channel #puppet
[2009/04/15 04:39:28] <nico> hey guys
[2009/04/15 04:40:21] <glaw> morning!
[2009/04/15 04:40:31] <nico> I'm starting to use subversion to store my files (Yes, I do things in the wrong order). Do some of you make some "automated" updates ?
[2009/04/15 04:40:47] <alban2> nico: yes, with capistrano
[2009/04/15 04:40:58] <Volcane> scripting editing of the files? or other type of update?
[2009/04/15 04:41:41] @ Quit: offCenter: Read error: 113 (No route to host)
[2009/04/15 04:42:05] <nico> actually, when I modify a manifest, I do it directly on the puppetmaster
[2009/04/15 04:43:20] <nico> but now, I want to modify, commit to svn and then have it used by puppet for production (with pre-commit checks done, post commit hooks)
[2009/04/15 04:43:51] <Volcane> yeah so i have a shell script that runs svn up in the manifests dir
[2009/04/15 04:43:54] <Volcane> and do that in post hook
[2009/04/15 04:44:00] <Volcane> or cron it, whatever rocks your boat
[2009/04/15 04:44:13] <nico> hum..
[2009/04/15 04:44:26] <nico> I was wondering waht was the best practice
[2009/04/15 04:44:32] <Volcane> obviously if the svn repo isnt on the same box a post commit gets harder
[2009/04/15 04:44:43] <nico> It's not on the same box :)
[2009/04/15 04:44:54] <Volcane> then you'll probably need to cron it
[2009/04/15 04:44:55] <nico> so cron looks like the right way
[2009/04/15 04:45:06] @ offCenter joined channel #puppet
[2009/04/15 04:45:47] @ maxagaz joined channel #puppet
[2009/04/15 04:46:00] <nico> I could also write a little daemon that runs the svn up on puppetmaster when triggered by the post commit hook, but that would be overbloat I think
[2009/04/15 04:46:26] <Volcane> yup
[2009/04/15 04:46:37] <nico> Let's go for cron then
[2009/04/15 04:46:40] <nico> thx Volcane
[2009/04/15 04:49:04] @ afb joined channel #puppet
[2009/04/15 04:50:35] @ Quit: maxagaz: Read error: 104 (Connection reset by peer)
[2009/04/15 04:51:05] @ maxagaz joined channel #puppet
[2009/04/15 04:52:51] @ Quit: ghenry: Read error: 110 (Connection timed out)
[2009/04/15 04:53:39] @ tim\|mb joined channel #puppet
[2009/04/15 04:53:42] @ ghenry joined channel #puppet
[2009/04/15 05:00:35] @ Quit: Djelibeybi: "Leaving"
[2009/04/15 05:09:54] @ Quit: tim\|macbook: Read error: 113 (No route to host)
[2009/04/15 05:10:36] <ohadlevy> nice: I do it in the puppetrun itself
[2009/04/15 05:10:56] <ohadlevy> nico: there is a nice puppet subversion module which does exactly that
[2009/04/15 05:11:22] @ Quit: eythian: Remote closed the connection
[2009/04/15 05:11:27] @ eythian joined channel #puppet
[2009/04/15 05:12:25] <nico> ohadlevy: ho
[2009/04/15 05:13:41] <nico> ohadlevy: my puppetmaster is not puppet-ized
[2009/04/15 05:15:09] <ohadlevy> nico: than cron :) but you really want to run puppet on your puppetmaster :)
[2009/04/15 05:15:39] @ giles joined channel #puppet
[2009/04/15 05:16:44] <nico> ohadlevy: If I do that I'm pretty sure that I'd be successfull... in firing into my own feet
[2009/04/15 05:17:07] <ohadlevy> nico: well... one leg at a time :)
[2009/04/15 05:19:21] <nico> :)
[2009/04/15 05:22:57] @ Quit: mvn071: Remote closed the connection
[2009/04/15 05:30:47] @ cirquitz joined channel #puppet
[2009/04/15 05:49:44] @ ohadlevy left channel #puppet ()
[2009/04/15 05:54:47] @ Quit: axisys: Read error: 110 (Connection timed out)
[2009/04/15 06:01:49] @ Quit: tim\|mb: Read error: 110 (Connection timed out)
[2009/04/15 06:06:19] @ Quit: ijcd: Remote closed the connection
[2009/04/15 06:08:21] @ tim\|mb joined channel #puppet
[2009/04/15 06:12:26] @ Quit: neh: Read error: 60 (Operation timed out)
[2009/04/15 06:12:51] @ bda joined channel #puppet
[2009/04/15 06:22:41] @ keithlard joined channel #puppet
[2009/04/15 06:29:11] @ andreid20 joined channel #puppet
[2009/04/15 06:29:30] @ Quit: maxagaz: Read error: 113 (No route to host)
[2009/04/15 06:30:03] @ maxagaz joined channel #puppet
[2009/04/15 06:34:08] @ asbruvik joined channel #puppet
[2009/04/15 06:35:29] @ Quit: asbruvik: Client Quit
[2009/04/15 06:38:12] @ asbruvik joined channel #puppet
[2009/04/15 06:39:05] <andreid20> I have a question on mysql ... I know this is the puppet channel but I have confidence in people using puppet so I'll go ahead and ask
[2009/04/15 06:40:20] <andreid20> can I issue myisamchk with repair on a MYI file while the server is running if I do a lock table $table read; before issuing the myisamchk
[2009/04/15 06:41:13] <andreid20> so something on the lines of: "lock table $tbl read; system myisamchk -rq $tbl; unlock tables; flush table $tbl;"
[2009/04/15 06:41:45] <Volcane> as with most dubious things, make backup, try it, restore if it didnt work
[2009/04/15 06:46:28] @ Quit: asbruvik: "leaving"
[2009/04/15 06:46:50] @ axisys joined channel #puppet
[2009/04/15 06:54:32] <andreid20> thank you
[2009/04/15 06:54:41] @ andreid20 left channel #puppet ()
[2009/04/15 07:01:36] @ Quit: raphink: Remote closed the connection
[2009/04/15 07:02:50] @ raphink joined channel #puppet
[2009/04/15 07:04:18] @ skjelmose joined channel #puppet
[2009/04/15 07:04:41] <skjelmose> greetings, anyone seen this error before: warning: Certificate validation failed; considering using the certname configuration option err: /File[/var/lib/puppet/lib]: Failed to generate additional resources during transaction: Certificates were not trusted: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
[2009/04/15 07:05:17] @ GoodStuff left channel #puppet ()
[2009/04/15 07:05:19] <skjelmose> This is after the handshake / sign
[2009/04/15 07:06:37] @ ethan_rowe joined channel #puppet
[2009/04/15 07:11:48] @ Quit: tim\|mb:
[2009/04/15 07:12:08] @ HarryCalahan joined channel #puppet
[2009/04/15 07:14:01] <HarryCalahan> i have a question about custom facts and reloading them. i have a custom fact that gets distributed/synced fine. but if i change the file those changes are only picked up on the second client run. first run will sync the file but use the old fact definition, second run will then use the new one.
[2009/04/15 07:14:37] <HarryCalahan> how can i enforce a reload/recreation of the facts so they are up to date immediate?
[2009/04/15 07:16:41] @ tim\|mb joined channel #puppet
[2009/04/15 07:20:29] @ Firebladee joined channel #puppet
[2009/04/15 07:22:25] <thegcat> is there a way to make facter output "normal" numbers, i.e. without the human-readable modifiers?
[2009/04/15 07:23:43] @ maxagaz_ joined channel #puppet
[2009/04/15 07:24:13] @ Quit: maxagaz: Read error: 113 (No route to host)
[2009/04/15 07:25:34] @ tim\|macbook joined channel #puppet
[2009/04/15 07:36:35] @ maxagaz_ is now known as maxagaz
[2009/04/15 07:36:57] @ Quit: maxagaz: "Leaving"
[2009/04/15 07:37:13] @ maxagaz joined channel #puppet
[2009/04/15 07:38:05] <thegcat> jamesturnbull: would you consider having an optional "real number" (as opposed to human-readable) output for facter? (trying to use it in my own program, but I feel it's redundant work if I convert "3,12 GB" to 3350074491...)
[2009/04/15 07:38:29] <Volcane> i think jamesturnbull is still on hols
[2009/04/15 07:38:55] <thegcat> oh, ok, I'll file a feature request then :-)
[2009/04/15 07:39:07] <Volcane> probably best to have a puppet function
[2009/04/15 07:39:16] <thegcat> not for puppet
[2009/04/15 07:39:23] <thegcat> something else entirely
[2009/04/15 07:39:25] <Volcane> to convert any number into a human readable
[2009/04/15 07:39:25] <Volcane> ah
[2009/04/15 07:39:26] <Volcane> ok
[2009/04/15 07:39:48] @ Quit: tim\|mb: Read error: 113 (No route to host)
[2009/04/15 07:40:35] @ Quit: tim\|macbook:
[2009/04/15 07:40:50] @ tim\|mb joined channel #puppet
[2009/04/15 07:41:07] <thegcat> which also sparks the next question: does "require 'facter'" make my program subject to the GPL, or is "require"ing akin to "using a library"?
[2009/04/15 07:41:26] <Volcane> akin to using it
[2009/04/15 07:42:27] <thegcat> ok, thanks
[2009/04/15 07:42:38] <SyTonnerre> dont_require_but_make_use_of 'facter'
[2009/04/15 07:42:47] <Volcane> though ofcourse get a legal person etc :P
[2009/04/15 07:43:21] <SyTonnerre> Volcane, illegal immigrant? ;)
[2009/04/15 07:43:46] <thegcat> Volcane: sure, but it's good to have at least a little insight in the matter :-)
[2009/04/15 07:44:34] <thegcat> SyTonnerre: mh?
[2009/04/15 07:45:14] <fujin> thegcat: apache projects can't require facter, due to the conflicting license
[2009/04/15 07:46:48] <SyTonnerre> thegcat, "hm" meaning what exactly? I.e. what do you question?
[2009/04/15 07:48:25] <thegcat> SyTonnerre: I've only come across require in ruby up till now, but you seem to imply that there is another way to use other ruby programs/classes/gems from within your own ruby snippet?
[2009/04/15 07:48:44] <Volcane> i suspect he was joking :P
[2009/04/15 07:48:53] <thegcat> ah, ok :-)
[2009/04/15 07:49:14] <SyTonnerre> And you're right in that, Volcane
[2009/04/15 07:49:18] @ Quit: tim\|mb: Read error: 104 (Connection reset by peer)
[2009/04/15 07:49:49] @ tim\|mb joined channel #puppet
[2009/04/15 07:50:18] * thegcat is not yet as comfortable with ruby as he'd like to be
[2009/04/15 07:50:37] <SyTonnerre> Feel free to modify it
[2009/04/15 07:52:44] <thegcat> and it seems my ruby skills aren't the only ones I need to improve ;-)
[2009/04/15 07:53:07] <SyTonnerre> Why, do you consider snowboarding?
[2009/04/15 07:54:32] <thegcat> no, by saying I was not comfortable enough with ruby, I meant I still have to learn a lot, but it seems it's not an expression you'd use in english
[2009/04/15 07:55:29] <thegcat> which made me aware that my english skill seem to have degraded over the last few years
[2009/04/15 07:56:52] <thegcat> speaking of which, that should read skills
[2009/04/15 07:59:21] @ yarihm joined channel #puppet
[2009/04/15 08:01:17] @ mvn071 joined channel #puppet
[2009/04/15 08:02:49] @ Quit: Demosthenes: "leaving"
[2009/04/15 08:12:16] @ Quit: cirquitz: Read error: 104 (Connection reset by peer)
[2009/04/15 08:12:27] @ cirquitz joined channel #puppet
[2009/04/15 08:14:29] @ Quit: maxagaz: Remote closed the connection
[2009/04/15 08:16:06] @ Quit: axisys: Read error: 110 (Connection timed out)
[2009/04/15 08:17:40] @ maxagaz joined channel #puppet
[2009/04/15 08:19:10] @ Quit: maxagaz: Remote closed the connection
[2009/04/15 08:20:09] @ maxagaz joined channel #puppet
[2009/04/15 08:22:01] @ Quit: verwilst: "Ex-Chat"
[2009/04/15 08:23:59] <chillitom> Hi All, I have lots of dual homed boxes, I make various configurations based on which network is on which network interface, e.g. adding iptables rules or binding applications to adaptors. At present I need to specify in the node configuration which adaptor to use for what. Is there a way I can write a rule that will examine ip address and netmask of an interface to decide which adaptor is on which network?
[2009/04/15 08:24:09] <chillitom> does that make any sense?
[2009/04/15 08:25:38] @ Quit: monzie:
[2009/04/15 08:32:26] @ Quit: maxagaz: "Leaving"
[2009/04/15 08:39:52] @ fluxdude joined channel #puppet
[2009/04/15 08:40:36] <keithlard> chillitom: you could use 'generate' to bring that value into the manifest: http://reductivelabs.com/trac/puppet/wiki/FunctionReference#generate
[2009/04/15 08:40:40] <keithlard> or use a custom fact
[2009/04/15 08:45:04] <chillitom> thanks, i'll look into that
[2009/04/15 08:45:26] <chillitom> can I pass a fact into generate?
[2009/04/15 08:47:28] @ kambiz_away is now known as kambiz
[2009/04/15 08:49:33] @ bajan joined channel #puppet
[2009/04/15 08:49:38] @ bajan left channel #puppet ()
[2009/04/15 08:52:48] @ Quit: yarihm: "This computer has gone to sleep"
[2009/04/15 08:59:05] @ Bass10 joined channel #puppet
[2009/04/15 08:59:29] @ erm_ joined channel #puppet
[2009/04/15 09:00:20] @ Quit: Bass10: SendQ exceeded
[2009/04/15 09:00:56] @ Bass10 joined channel #puppet
[2009/04/15 09:04:19] @ joe-mac joined channel #puppet
[2009/04/15 09:05:25] @ verwilst joined channel #puppet
[2009/04/15 09:12:53] <keithlard> i think so :)
[2009/04/15 09:19:06] <Volcane> you could use regsubst() to pull out just the network part of the ip address
[2009/04/15 09:19:12] <Volcane> and then use that in a case
[2009/04/15 09:21:01] <riddley> jamesturnbull, ping
[2009/04/15 09:21:22] @ salepunk joined channel #puppet
[2009/04/15 09:21:39] <Volcane> riddley: he's on hols
[2009/04/15 09:21:50] <riddley> what is hols?
[2009/04/15 09:21:54] <riddley> holiday?
[2009/04/15 09:21:55] <Volcane> holiday
[2009/04/15 09:21:57] <riddley> aah
[2009/04/15 09:21:59] <riddley> nm then
[2009/04/15 09:21:59] <riddley> :)
[2009/04/15 09:22:51] @ andrewcshafer joined channel #puppet
[2009/04/15 09:23:48] <Volcane> keithlard, chillitom: $network = regsubst($ipaddress_eth0, '^([0-9]+[.][0-9]+[.][0-9]+)[.][0-9]+$', '\1.0')
[2009/04/15 09:23:53] <Volcane> assuming c-class obviously
[2009/04/15 09:24:33] <chillitom> thanks Volcane.. that's half my problem though
[2009/04/15 09:24:56] <chillitom> i need to do this for eth0 and eth1 and return the one that is on a given network
[2009/04/15 09:25:25] <Volcane> you could write a little function in a template to do it, or write a parser function
[2009/04/15 09:25:33] <Volcane> or use above and lots of if/case/etc crap
[2009/04/15 09:26:20] <chillitom> Volcane, I'd thought i'd generate("ipcalc -n $ipaddress_eth0/24") for the network address
[2009/04/15 09:26:58] <chillitom> okay cool I'll look into custom functions
[2009/04/15 09:32:43] @ Quit: Bass10: "Leaving"
[2009/04/15 09:38:17] @ andrewcshafer_ joined channel #puppet
[2009/04/15 09:39:05] @ Quit: thegcat:
[2009/04/15 09:40:22] @ yarihm joined channel #puppet
[2009/04/15 09:41:21] @ unxfrek joined channel #puppet
[2009/04/15 09:42:04] @ Bass10 joined channel #puppet
[2009/04/15 09:43:11] @ Quit: Bass10: SendQ exceeded
[2009/04/15 09:43:44] @ Quit: andrewcshafer: Read error: 110 (Connection timed out)
[2009/04/15 09:43:47] @ Bass10 joined channel #puppet
[2009/04/15 09:45:57] <duritong> anybody has an idea how I could add more than one ignore pattern to a file type?
[2009/04/15 09:49:47] @ cwebber joined channel #puppet
[2009/04/15 09:49:49] <f3ew> As an array?
[2009/04/15 09:52:23] @ Quit: fujin: "Leaving..."
[2009/04/15 09:52:40] <duritong> f3ew: does it work? well i can test
[2009/04/15 09:55:02] @ Quit: salepunk: "Quitte"
[2009/04/15 09:55:26] @ salepunk joined channel #puppet
[2009/04/15 09:56:15] <joe-mac> hey guys OT sort of but does anyone here know a good ~4U rack drawer?
[2009/04/15 09:56:25] <duritong> f3ew: cool seems to work :)
[2009/04/15 09:56:31] @ Quit: salepunk: Client Quit
[2009/04/15 09:59:52] @ flakrat joined channel #puppet
[2009/04/15 10:08:13] @ axisys joined channel #puppet
[2009/04/15 10:21:22] @ Quit: d3vilb0x:
[2009/04/15 10:29:17] @ ezekiel-v3 joined channel #puppet
[2009/04/15 10:29:36] @ claymation joined channel #puppet
[2009/04/15 10:34:19] @ Quit: skjelmose: "http://www.mibbit.com ajax IRC Client"
[2009/04/15 10:35:31] <giles> lo puppetheads
[2009/04/15 10:36:15] <giles> will recurse => true for a file type work like a mkdir -p ?
[2009/04/15 10:36:21] <Volcane> yupno
[2009/04/15 10:36:23] <Volcane> no
[2009/04/15 10:36:28] <giles> bummer
[2009/04/15 10:36:54] <Volcane> file{["/some", "/some/dir"]: ensure => directory}
[2009/04/15 10:37:49] <giles> okies i might be able to get it to work
[2009/04/15 10:37:54] <giles> ta volc as always
[2009/04/15 10:38:09] <giles> Luke should be paying you heh
[2009/04/15 10:38:16] <Volcane> heh
[2009/04/15 10:38:36] <Volcane> or my puppetd's shouldnt take 15 minutes to run a single run so i have less spare time to yak on irc :(
[2009/04/15 10:38:40] <jbooth> giles: I have a recursive define that works like mkdir -p if you want it.
[2009/04/15 10:39:06] <giles> oh coolio
[2009/04/15 10:39:14] <jbooth> Lemmie dig it up
[2009/04/15 10:39:14] <giles> wack it on pastebin
[2009/04/15 10:39:16] <giles> ta
[2009/04/15 10:39:24] <giles> jeepers volc that's a long time
[2009/04/15 10:39:32] @ lak joined channel #puppet
[2009/04/15 10:39:35] <giles> we're really struggling with performance here
[2009/04/15 10:39:48] <giles> i was hoping upgrading to .24 would be a magic bullet
[2009/04/15 10:39:51] <giles> but it wasn't
[2009/04/15 10:41:10] <jbooth> http://pastie.org/447320
[2009/04/15 10:42:32] <jbooth> lak: puppet preferred style for doing a comparison when I have a string coming in from a provider's self.instances and a symbol coming in from the type's resource? Convert to symbol always? Convert to string? Handle it via .to_sym or .to_s in the if statement?
[2009/04/15 10:43:22] <lak> jbooth: i usually make sure the provider returns whatever the type expects
[2009/04/15 10:43:28] <lak> giles: what kind of performance? on the server?
[2009/04/15 10:44:20] <chillitom> hi guyshttp://pastie.org/447325
[2009/04/15 10:45:10] <chillitom> Trying to set up a loopback/alias interface.. will the configuration here (http://pastie.org/447325) produce the desired interface?
[2009/04/15 10:45:52] <Volcane> hmm
[2009/04/15 10:45:56] <Volcane> isnt the interface type gone?
[2009/04/15 10:46:38] @ d3vilb0x joined channel #puppet
[2009/04/15 10:46:53] <giles> heya lak, I don't think it's the puppetmaster side
[2009/04/15 10:47:02] <giles> at least catalog's compile <30secs
[2009/04/15 10:47:05] <giles> mostly <10secs
[2009/04/15 10:47:10] <lak> giles: what's the problem, then?
[2009/04/15 10:47:13] <lak> wow, that's pretty slow
[2009/04/15 10:47:25] <lak> giles: are you doing lots of recursive file copies?
[2009/04/15 10:47:27] @ Quit: BobFunk: Read error: 110 (Connection timed out)
[2009/04/15 10:47:33] <lak> that's the only thing client-side that is particularly slow, afaik
[2009/04/15 10:47:39] @ Quit: tim\|mb:
[2009/04/15 10:47:39] <lak> other than, of course, yum and gems
[2009/04/15 10:47:41] <lak> which i can't fix
[2009/04/15 10:47:43] <giles> we use templates mostly
[2009/04/15 10:48:00] <giles> so as much as possible is just transferred once
[2009/04/15 10:48:04] <giles> at least that was the idea
[2009/04/15 10:48:12] <Volcane> yum in 5.3 is much faster/better :P
[2009/04/15 10:48:16] <chillitom> Volcane, its listed on the type reference?
[2009/04/15 10:48:38] <Volcane> chillitom: yeah i am pretty sure its gone, docs fooked
[2009/04/15 10:48:44] <chillitom> bugger
[2009/04/15 10:49:00] <chillitom> so should I just hand configure network scripts?
[2009/04/15 10:49:19] <Volcane> easy to use templates
[2009/04/15 10:49:26] <chillitom> i was wondering why i couldn't find a provider for it to read the source
[2009/04/15 10:49:41] <Volcane> yeah defo that shouldnt be in the docs
[2009/04/15 10:52:16] <chillitom> is there a way to pass variables to the template?
[2009/04/15 10:52:27] <Volcane> all variables are available to a template
[2009/04/15 10:52:37] <chillitom> ahh yeah of course
[2009/04/15 10:52:40] <chillitom> been a while
[2009/04/15 10:53:22] <jbooth> chillitom: You could write a provider for it. :-P
[2009/04/15 10:59:34] <jbooth> lak: is there a reason that resources values aren't always symbols?
[2009/04/15 10:59:38] @ nico is now known as farvardin
[2009/04/15 10:59:53] <lak> jbooth: well, filenames can't be symbols, and...
[2009/04/15 10:59:54] @ farvardin is now known as nico
[2009/04/15 11:00:00] <jbooth> lak: hm. Okay.
[2009/04/15 11:01:13] <HarryCalahan> question about best practice: i created a module to manage apache (install apache, configure default options, ensure running). Next i would create a module for php. Would this also be a class in modules/apache or should i create a new module/php ?
[2009/04/15 11:01:55] <Volcane> php module can grow into quite a big beast
[2009/04/15 11:02:03] <Volcane> bits for different php modules etc
[2009/04/15 11:02:10] @ Quit: axisys: Read error: 110 (Connection timed out)
[2009/04/15 11:02:19] <HarryCalahan> Volcane: ok, convinced ;)
[2009/04/15 11:02:23] <Volcane> I'd seperate it and have it require apache on the packages
[2009/04/15 11:03:23] <Volcane> package{"php": require => Class["apache::config"] }
[2009/04/15 11:03:32] <Volcane> apache::config should require tings fro apache::install etc
[2009/04/15 11:04:55] <HarryCalahan> oh. hm. Class["apache::config"] would be a "class config {}" living inside which file?
[2009/04/15 11:05:23] <Volcane> if you're making modules you would have class apache::config { } living in /path/to/modules/apache/manifests/config.pp
[2009/04/15 11:05:57] <HarryCalahan> ah so :: is no namespace seperator just a convention?
[2009/04/15 11:06:14] <Volcane> you could do class apache { class config { } }
[2009/04/15 11:06:20] <Volcane> that would be the same
[2009/04/15 11:06:31] <HarryCalahan> ok. thanks a lot.
[2009/04/15 11:06:41] <Volcane> read http://reductivelabs.com/trac/puppet/wiki/ModuleOrganisation
[2009/04/15 11:10:25] @ edwardam joined channel #puppet
[2009/04/15 11:12:07] @ Quit: mvn071: "Leaving"
[2009/04/15 11:17:13] @ Quit: pleemans: Read error: 110 (Connection timed out)
[2009/04/15 11:26:11] @ Quit: edwardam: Remote closed the connection
[2009/04/15 11:37:55] @ jtimberman joined channel #puppet
[2009/04/15 11:41:46] <chillitom> Could someone take a look at this? http://pastie.org/447409 -- it configure 3 virtual IPs, how do I ensure everything is done in the correct order? sysctls should be set before interfaces are brought up.
[2009/04/15 11:42:51] <Volcane> break it into seperate classes
[2009/04/15 11:42:51] <Volcane> break it into seperate classes
[2009/04/15 11:42:51] <Volcane> break it into seperate classes
[2009/04/15 11:42:54] <Volcane> oops, wtf
[2009/04/15 11:43:16] @ Quit: unxfrek: Remote closed the connection
[2009/04/15 11:43:30] <Volcane> and then in the resources just use require => Class["sysctl"]
[2009/04/15 11:44:13] <chillitom> in the resources?
[2009/04/15 11:44:35] <Volcane> file{"/foo": require => Class["sysctl"] }
[2009/04/15 11:46:51] @ markl_ joined channel #puppet
[2009/04/15 11:48:06] <chillitom> so not like this? http://pastie.org/447409
[2009/04/15 11:48:33] <Volcane> nope
[2009/04/15 11:48:47] <Volcane> exec {}, sysctl{}, file{} those are resources
[2009/04/15 11:48:48] <chillitom> ;-)
[2009/04/15 11:48:49] <Volcane> class is not
[2009/04/15 11:49:41] <chillitom> so could I add them as part of my definition? loopback { ...., require => Class['vip_sysctl'] }
[2009/04/15 11:50:12] @ Quit: MarlondB:
[2009/04/15 11:50:35] <Volcane> yes
[2009/04/15 11:51:05] <chillitom> thanks Volcane
[2009/04/15 11:52:19] <chillitom> with the notify on the Sysctl .. how many times will it exec? is it clever enough to just do it once or will it do it once for each sysctl setting?
[2009/04/15 11:52:26] <Volcane> yes
[2009/04/15 11:54:22] <chillitom> yes clever?
[2009/04/15 11:56:17] @ Quit: tyler79:
[2009/04/15 11:56:21] @ axisys joined channel #puppet
[2009/04/15 11:56:29] @ unxfrek joined channel #puppet
[2009/04/15 12:00:00] <HarryCalahan> if i have class a { exec {"foo":}} and want to notify this exec from inside a class b. Is this possible and what is the syntax? notify => a::Exec["foo"] ?
[2009/04/15 12:01:27] @ Quit: stijnbe: "Leaving..."
[2009/04/15 12:01:35] <Volcane> its either a::Exec["foo"] or Exec["foo"], which one does not produce an error?
[2009/04/15 12:02:35] @ alfism joined channel #puppet
[2009/04/15 12:03:17] @ Quit: Innocenti: Client Quit
[2009/04/15 12:03:42] @ jmarki joined channel #puppet
[2009/04/15 12:06:59] @ mfoster joined channel #puppet
[2009/04/15 12:08:00] @ Quit: keithlard:
[2009/04/15 12:08:39] <mfoster> this is weird, the interface provider is missing on this centos5 box I'm on
[2009/04/15 12:08:41] @ edwardam joined channel #puppet
[2009/04/15 12:08:52] <Volcane> the interface provider is missing, period.
[2009/04/15 12:09:04] <Volcane> nothing centos related
[2009/04/15 12:09:16] <mfoster> I see it on ubuntu though
[2009/04/15 12:09:26] <Volcane> probably an old version on the ubuntu
[2009/04/15 12:10:53] <mfoster> ok what can I use to configure a network interface on centos, if not interface?
[2009/04/15 12:11:05] <lak> i need to regen the docs; they got generated on a host that has an old version of puppet installed
[2009/04/15 12:11:31] <Volcane> mfoster: theres nothing in puppet other than templates at present to config interfaces
[2009/04/15 12:13:35] @ Quit: chadh: "leaving"
[2009/04/15 12:14:12] @ collier_s joined channel #puppet
[2009/04/15 12:14:37] <mfoster> ok I found http://reductivelabs.com/trac/puppet/wiki/NetworkInterfacesTemplate
[2009/04/15 12:14:48] @ emartin joined channel #puppet
[2009/04/15 12:16:15] <HarryCalahan> both (a::Exec["foo"] or Exec["foo"]) provide an error
[2009/04/15 12:16:24] <emartin> I'm running puppet on gentoo and I can't get the client to run on my puppetmaster
[2009/04/15 12:16:36] <Volcane> HarryCalahan: whats the error
[2009/04/15 12:16:47] <HarryCalahan> a::Exec is a syntax error
[2009/04/15 12:17:12] <HarryCalahan> and Exec is Could not find dependent Exec
[2009/04/15 12:17:38] @ stijnbe joined channel #puppet
[2009/04/15 12:17:46] @ keithlard joined channel #puppet
[2009/04/15 12:18:18] <Volcane> HarryCalahan: are you including the class that has the exec?
[2009/04/15 12:19:37] <HarryCalahan> well the node includes them both. node "host01" { indclude a\ninclude b}
[2009/04/15 12:19:50] <Volcane> show us the code and the error on a pastie
[2009/04/15 12:24:38] @ Quit: DerekW: "Leaving"
[2009/04/15 12:25:17] <HarryCalahan> http://pastie.org/447467
[2009/04/15 12:26:35] @ Quit: MattyM: "ta ta"
[2009/04/15 12:26:57] <Volcane> ok why dont you show the actual code without all the syntax errors, missing }s and too many "s
[2009/04/15 12:27:04] <Volcane> cos that what you've shown is completely invalid
[2009/04/15 12:27:30] <HarryCalahan> because then i need to past two huge modules with a lot of other code
[2009/04/15 12:28:55] @ Quit: collier_s: "Leaving"
[2009/04/15 12:30:37] @ Quit: fluxdude: Remote closed the connection
[2009/04/15 12:32:37] @ edwardam_ joined channel #puppet
[2009/04/15 12:34:21] @ randybias joined channel #puppet
[2009/04/15 12:37:08] @ jkelly joined channel #puppet
[2009/04/15 12:37:18] @ FreakyPenguin left channel #puppet ()
[2009/04/15 12:37:34] @ kambiz is now known as kambiz_away
[2009/04/15 12:37:36] @ Quit: edwardam: Nick collision from services.
[2009/04/15 12:37:40] @ edwardam_ is now known as edwardam
[2009/04/15 12:39:04] @ kambiz_away is now known as kambiz
[2009/04/15 12:39:58] <Volcane> k well, we can only help people who help us help them
[2009/04/15 12:40:09] <Volcane> so if you want to produce pseudo code, at least produce valid looking ones
[2009/04/15 12:40:27] <mfoster> Volcane: ok i've got the template approach working, but how can I make sure the interface is UP?
[2009/04/15 12:40:46] <Volcane> mfoster: exec's are probably the only option really
[2009/04/15 12:41:27] <mfoster> ok, I can work with that
[2009/04/15 12:42:31] @ Quit: yarihm: "Leaving"
[2009/04/15 12:42:34] @ kingitchy joined channel #puppet
[2009/04/15 12:42:43] @ Peanut joined channel #puppet
[2009/04/15 12:43:05] <Volcane> HarryCalahan: and showing the actual errors also help, cos the error has more data than just the message, it also has resource names etc, which is what is important and which why giving us bogus code and expecting help is just not going to work
[2009/04/15 12:43:46] <Peanut> Hi - on Debian, I have a repository with extra packages, and I use puppet to push a new /etc/apt/sources.list - how can I make the installation of these extra packages 'Require' the updated sources.list?
[2009/04/15 12:45:39] <Volcane> Peanut: using require =>
[2009/04/15 12:46:23] <Peanut> Volcane: yes, I know how require works, but can I require the actual content of the /etc/apt/sources.list, instead of just its presence?
[2009/04/15 12:46:38] <Volcane> how do you copy it out?
[2009/04/15 12:46:45] <Volcane> using file{} ?
[2009/04/15 12:47:03] @ ezmob joined channel #puppet
[2009/04/15 12:47:10] <Peanut> I thought of using require => File{/etc/apt/sources.list}
[2009/04/15 12:47:18] <Volcane> somehow you must put the file there right?
[2009/04/15 12:47:25] @ kambiz is now known as kambiz_away
[2009/04/15 12:47:25] <Volcane> so if thats with file, then what you show will work
[2009/04/15 12:47:40] <Peanut> Yes, file {"/etc/apt/sources.list" : owner => root, source => "puppet://..." }
[2009/04/15 12:47:53] <Volcane> then just as you show iwth the require yes
[2009/04/15 12:48:32] <Volcane> except
[2009/04/15 12:48:36] <Peanut> Oh, that makes it depend on the correct version of sources.list, not just the presence of that file on the filesystem?
[2009/04/15 12:48:36] <Volcane> File["/foo"]
[2009/04/15 12:48:38] <Volcane> not {}
[2009/04/15 12:49:15] <Volcane> it makes it require the resource that you defined, if for whatever that file{} fails, then it wont get satisfied and probably produce errors
[2009/04/15 12:49:21] <Peanut> Ah, gotcha on the syntax.
[2009/04/15 12:50:09] <Peanut> Oh, drat - this package is new to the repository, and puppet doesn't apt-get update first.
[2009/04/15 12:52:23] @ Quit: alfism: "Connection reset by beer"
[2009/04/15 12:56:41] @ pnasrat joined channel #puppet
[2009/04/15 12:56:44] @ pnasrat is now known as nasrat
[2009/04/15 12:56:57] @ Quit: glaw:
[2009/04/15 12:59:08] <barn> lak: you about?
[2009/04/15 12:59:13] @ kibaho1 joined channel #puppet
[2009/04/15 12:59:17] <lak> kind of
[2009/04/15 12:59:21] <lak> barn: what's up?
[2009/04/15 12:59:31] <barn> lak: #1918 just got a follow up on it
[2009/04/15 12:59:32] <gepetto> barn: lak: #1918 is http://projects.reductivelabs.com/issues/show/1918 "Facter - Bug #1918: facter --puppet doesn't work when puppet's vardir or libdir are modified - ReductiveLabs.com"
[2009/04/15 12:59:38] <lak> ah
[2009/04/15 12:59:51] <barn> I can just stop messing with vardir, and then close it? (;
[2009/04/15 12:59:58] @ kibaho1 left channel #puppet ()
[2009/04/15 13:00:02] <lak> well, kind of
[2009/04/15 13:00:06] <lak> you're not the first to have the problem
[2009/04/15 13:00:09] <lak> so we need to deal with it
[2009/04/15 13:00:39] @ ijcd joined channel #puppet
[2009/04/15 13:01:25] <barn> maybe a light parse_config or something?
[2009/04/15 13:06:43] @ Quit: londo: Remote closed the connection
[2009/04/15 13:06:57] @ londo joined channel #puppet
[2009/04/15 13:08:38] <giles> yo
[2009/04/15 13:08:46] @ Quit: wakko666: "Ex-Chat"
[2009/04/15 13:08:56] <giles> before I write one has anyone done a htpasswd file generator define?
[2009/04/15 13:09:15] @ Quit: d3vilb0x:
[2009/04/15 13:09:30] <lak> barn: yeah, we'll just add the call to parse_config in the executable if --puppet is called
[2009/04/15 13:10:24] <barn> ah cool, I didn't know expensive that call is, but I guess if it's what needed, then that's what needed
[2009/04/15 13:10:28] @ d3vilb0x joined channel #puppet
[2009/04/15 13:11:15] <lak> it's pretty cheap
[2009/04/15 13:12:55] <Peanut> What's the best way to deal with 'apt-get update' on debian while using puppet? A crontab? An 'exec' entry?
[2009/04/15 13:13:25] <Volcane> what will work best for you? period updates in cron, or each time puppet needs it?
[2009/04/15 13:13:37] <Peanut> Volance: each time puppet needs it.
[2009/04/15 13:13:49] <Volcane> so i guess that answers it
[2009/04/15 13:13:52] <Peanut> Volcane even, sorry.
[2009/04/15 13:14:24] <Peanut> Well, partially, because that would require building hooks into the 'Package' type, wouldn't it?
[2009/04/15 13:14:26] @ Quit: stijnbe: "Leaving..."
[2009/04/15 13:14:46] @ wakko666 joined channel #puppet
[2009/04/15 13:14:46] <Volcane> why? Package { require => Exec["apt-get update]" }
[2009/04/15 13:15:08] <Peanut> Oh, I would need to add that to each package entry in my class?
[2009/04/15 13:15:28] <HarryCalahan> Peanut: big P so default value
[2009/04/15 13:15:32] <Volcane> http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial#resource-defaults
[2009/04/15 13:15:39] <Peanut> Ah, thanks, HarryCalahan
[2009/04/15 13:15:43] @ Quit: wakko666: Remote closed the connection
[2009/04/15 13:16:13] @ atlan_ joined channel #puppet
[2009/04/15 13:16:47] @ rdaugherty1 left channel #puppet ()
[2009/04/15 13:17:17] <Volcane> Peanut: so if you do that somewhere early on, like in site.pp you should see apt get running automagically before any package - just define that exec somewhere then
[2009/04/15 13:17:51] <Peanut> I had been looking for something that simple on and off for a few months now, thanks.
[2009/04/15 13:18:05] <Volcane> shocking what you'll find in the docs :P
[2009/04/15 13:19:00] <Peanut> Ah, but it's still a bit of a leap for me to go from knowing about resource-defaults to using them in this way :-)
[2009/04/15 13:19:14] <Volcane> the book shows nice examples too
[2009/04/15 13:20:18] @ Quit: mrrx: Read error: 110 (Connection timed out)
[2009/04/15 13:22:04] @ Quit: ivan: "Coyote finally caught me"
[2009/04/15 13:22:25] @ ivan joined channel #puppet
[2009/04/15 13:23:19] <HarryCalahan> Volcane: its notify => Exec["foo"]. as all Resources need to be uniquely named it will find the right one. (lots of magic in puppet...)
[2009/04/15 13:24:05] <Volcane> HarryCalahan: your pastie did have a valid notify that matched the exec name...
[2009/04/15 13:24:24] <Volcane> exec { "touch-foo": VS. notify => Exec["touch-foo"]
[2009/04/15 13:24:35] @ Quit: kolla: Read error: 104 (Connection reset by peer)
[2009/04/15 13:25:38] <HarryCalahan> Volcane: yes. not sure why it didn't work. i build an "all-inclusive-mega-module" checked that it worked and then split it out again.
[2009/04/15 13:25:58] <Volcane> it didnt work cos your pastie wasnt representitive of your code obviously...
[2009/04/15 13:26:16] <Volcane> cos in producing fake code, you fixed the bug
[2009/04/15 13:26:35] @ mrrx joined channel #puppet
[2009/04/15 13:27:06] <HarryCalahan> Volcane: correct. The question was how the call should be made and the pastie presented the complete abstract. I didn't want to paste 400lines too ask for a syntax question
[2009/04/15 13:29:20] @ randybias is now known as randybias\|away
[2009/04/15 13:30:09] @ Quit: keithlard:
[2009/04/15 13:31:29] <Volcane> no, your question was related to the valid syntax still producing an error
[2009/04/15 13:31:35] <Volcane> and the error being cannot find the resource
[2009/04/15 13:31:51] <Volcane> anyway, whatever
[2009/04/15 13:33:15] <Peanut> Now I have: Package { require => [Exec["apt-get update"], File["/etc/apt/sources.list"] ] } and exec {"apt-get update" : path => "/usr/bin:/bin", refreshonly => true }
[2009/04/15 13:33:32] <Volcane> you probably dont want the refreshonly
[2009/04/15 13:33:33] <Peanut> But the apt-get update doesn't get called
[2009/04/15 13:33:36] <HarryCalahan> jep. found it. learned about puppet today. will sleep over it and then decide which policy engine (cfengine, puppet, bcfg2) to use.
[2009/04/15 13:34:03] <Peanut> Volcane: if I leave the 'refreshonly' out, won't the apt-get update be called on -every- puppet run?
[2009/04/15 13:34:20] <Volcane> Peanut: puppet needs to confirm that the packages are latest on every run doesnt it?
[2009/04/15 13:35:00] <HarryCalahan> peanut: http://pastie.org/447527
[2009/04/15 13:35:03] <Peanut> Oh.. my thinking was that it would only ever do an apt-get update whenever it wants to do a new package. We don't upgrade packages unless we have tested them.
[2009/04/15 13:35:43] <HarryCalahan> this pastie looks like it is doing the required update before installing any package.
[2009/04/15 13:36:05] <Volcane> Peanut: yup, best u can do atm, either cron it regularly, or run it each time puppet does
[2009/04/15 13:36:36] <Volcane> Peanut: all the package providers work this way btw
[2009/04/15 13:36:46] <HarryCalahan> at least it updates /var/cache/apt/pkgcache.bin, but only when it is actually doing some package installation
[2009/04/15 13:36:50] <Volcane> Peanut: difference is yum for example age is cache and auto updates regularly
[2009/04/15 13:37:24] <mfoster> Peanut: you could also use schedule I believe
[2009/04/15 13:38:08] <Peanut> HarryCalahan: your example might actually fail because apt-get depends on bzip being in PATH as well.
[2009/04/15 13:38:24] <Peanut> http://groups.google.com/group/puppet-users/browse_thread/thread/cb7f5adad460bc26
[2009/04/15 13:39:00] <HarryCalahan> Peanut: correct. /bin:/usr/bin is my default path ;)
[2009/04/15 13:39:09] <HarryCalahan> missing in the pastie
[2009/04/15 13:39:35] <Peanut> HarryCalahan: and your example does use the 'refreshonly' as well, but aparently that's not the way to go?
[2009/04/15 13:40:44] <HarryCalahan> Peanut: i checked the age of /var/cache/apt/pkgcache.bin. Run puppetd once (on an already configured system) and it didn't change. Then i removed one package. Executed puppetd again, the cache gets updated, the package gets installed.
[2009/04/15 13:41:21] @ Quit: lak:
[2009/04/15 13:41:43] <Peanut> HarryCalahan: Ok - but when I had 'refreshonly' in there, the apt-get update didn't get triggered.. after removing it, it -did- run apt-get update.
[2009/04/15 13:41:44] <Volcane> HarryCalahan: thats pretty sweet
[2009/04/15 13:42:01] <Volcane> Peanut: so you had removed the package in question and then ran puppet?
[2009/04/15 13:42:09] <HarryCalahan> yes
[2009/04/15 13:42:20] <Peanut> Volcane: it had never been on the system yet, as I only added it to the local repository today.
[2009/04/15 13:42:28] <Volcane> k
[2009/04/15 13:43:03] * Volcane tries
[2009/04/15 13:43:42] <joe-mac> anybody care to help me figure out why all of a sudden i am getting this Could not call puppetmaster.freshness: #<RuntimeError: HTTP-Error: 502 Proxy Error>
[2009/04/15 13:45:00] * Volcane 's with peanut on this one
[2009/04/15 13:45:50] <Volcane> http://pastie.org/447542
[2009/04/15 13:45:53] <Volcane> exec doesnt run
[2009/04/15 13:47:38] <HarryCalahan> how can i tell puppetd not to colorcode its output?
[2009/04/15 13:48:22] <Volcane> puppetd --genconfig
[2009/04/15 13:48:24] <Volcane> search for color
[2009/04/15 13:48:33] @ alfism joined channel #puppet
[2009/04/15 13:48:39] <Peanut> Well, the good news is that in an hour or so the package we built today should be on all 16 machines while I enjoy dinner - how to stop hammering the Debian servers for apt-get updates is left as an exercise for tomorrow I think :-)
[2009/04/15 13:48:45] @ wakko666 joined channel #puppet
[2009/04/15 13:49:10] <Volcane> Peanut: shame, shitty debian machines cant handle 32 (asusming 30 minute frequency) apt-get updates a hour? :)
[2009/04/15 13:49:37] <joe-mac> sonofa...
[2009/04/15 13:49:39] <Peanut> Oh, I'm pretty sure, just seems a bit excessive compared to how often I'm actually going to use that infromation.
[2009/04/15 13:49:46] <Volcane> nods
[2009/04/15 13:49:52] <joe-mac> in namespaceauth * only counts for that one field, is this known?
[2009/04/15 13:50:03] <Volcane> know the feeling, but i just run it all the time cos it seemed the easy way out that works :P
[2009/04/15 13:50:07] <joe-mac> so allow .whatever.com != allow .something.whatever.com
[2009/04/15 13:52:56] <Peanut> Volcane: so I'll probably change it to a crontab once a day tomorrow once I figure out how to splay things.
[2009/04/15 13:53:11] @ Quit: edwardam: Connection timed out
[2009/04/15 13:53:42] <Volcane> i run many many machines with a exec every time, never caused problems and ensures packets go out speedily when needee
[2009/04/15 13:53:49] <joe-mac> but in the files mount point ACL, it seems like * does work
[2009/04/15 13:54:02] <Peanut> Thanks for the help so far, good evening :-)
[2009/04/15 13:54:07] <Volcane> u too
[2009/04/15 13:54:15] @ Peanut left channel #puppet ("ttfn")
[2009/04/15 13:54:38] @ Quit: giles: Read error: 110 (Connection timed out)
[2009/04/15 13:55:06] @ kambiz_away is now known as kambiz
[2009/04/15 13:55:29] @ Quit: andrewcshafer_:
[2009/04/15 13:56:14] @ andrewcshafer joined channel #puppet
[2009/04/15 14:01:24] @ Quit: HarryCalahan: "call it a day"
[2009/04/15 14:09:12] @ emartin left channel #puppet ("Leaving")
[2009/04/15 14:10:15] @ Quit: mikepea: Read error: 110 (Connection timed out)
[2009/04/15 14:10:57] @ Quit: alban2: Read error: 110 (Connection timed out)
[2009/04/15 14:11:19] <Telmo> why would certificates work on net.example.com but not in sub.net.example.com ?
[2009/04/15 14:11:40] <Volcane> servername must match exactly the cn of the server
[2009/04/15 14:12:43] <Volcane> so all your puppet clients must use the same servername or you can also tell the master to put aliases in its certs afaik
[2009/04/15 14:13:28] <Telmo> well.. all my clients are pointing to the same server, but for some reasons the one in the x network are not able to be registered
[2009/04/15 14:13:38] <Volcane> whats the error?
[2009/04/15 14:13:49] <Telmo> I added the network entry in namespaceauth.conf too but no luck
[2009/04/15 14:14:08] <Telmo> warning: Certificate validation failed; consider using the certname configuration option
[2009/04/15 14:14:08] <Telmo> err: Could not retrieve catalog: Certificates were not trusted: certificate verify failed
[2009/04/15 14:14:17] <Volcane> lovely
[2009/04/15 14:14:22] <Volcane> nothing else?
[2009/04/15 14:14:26] <Volcane> that can be many thigns :(
[2009/04/15 14:14:46] <Telmo> I know.. that's the client side.. let me run the server in debug and see if I can pick up something else
[2009/04/15 14:14:58] <Volcane> you probably wont the ssl libraries suck
[2009/04/15 14:15:03] <Volcane> check that the times are in sync
[2009/04/15 14:20:12] @ Quit: DarkFlib: "Leaving"
[2009/04/15 14:20:48] <Telmo> humm.. I am not even talking to the servers.. as in running puppetmaster --no-daemonize -d -v doesn't register that client connecting
[2009/04/15 14:21:00] <Telmo> I can see other clients connecting though
[2009/04/15 14:21:15] <Volcane> check with tcpdump, it does talk
[2009/04/15 14:24:17] @ teratoma joined channel #puppet
[2009/04/15 14:25:30] @ DarkFlib joined channel #puppet
[2009/04/15 14:26:31] <Telmo> so yeah.. it looks like the security guys decided to close the port to the ntp servers..
[2009/04/15 14:26:34] <Telmo> awesome
[2009/04/15 14:26:40] <Volcane> heh
[2009/04/15 14:26:48] <Volcane> timeskew is the usual problem yeah
[2009/04/15 14:28:06] @ Quit: DarkFlib: Remote closed the connection
[2009/04/15 14:30:48] @ Innocenti joined channel #puppet
[2009/04/15 14:31:41] @ lak joined channel #puppet
[2009/04/15 14:32:09] @ Quit: lak: Client Quit
[2009/04/15 14:32:44] @ Quit: andrewcshafer:
[2009/04/15 14:33:13] @ Quit: cirquitz: "Leaving"
[2009/04/15 14:35:12] @ randybias\|away is now known as randybias
[2009/04/15 14:35:43] @ rzm102 joined channel #puppet
[2009/04/15 14:35:59] <rzm102> Hello Puppet Masters!
[2009/04/15 14:41:40] @ mikepea joined channel #puppet
[2009/04/15 14:45:21] @ Quit: jmarki: "Leaving"
[2009/04/15 15:03:55] <jbarratt> Anyone know if you can interpolate variables in 'node' entries?
[2009/04/15 15:04:10] <jbarratt> I have a standard layout where a fragment like
[2009/04/15 15:04:28] <jbarratt> node "r01.${cluster_name}" { $primary = true }
[2009/04/15 15:04:32] <jbarratt> would be very handy
[2009/04/15 15:04:43] <jbarratt> but it seems to be barfing
[2009/04/15 15:05:13] <jbooth> You could do it through 'node default {}' and an if...?
[2009/04/15 15:05:33] <jbarratt> sweet
[2009/04/15 15:05:36] @ andrewcshafer joined channel #puppet
[2009/04/15 15:05:46] <jbooth> I've got HPC nodes that I do through that method
[2009/04/15 15:05:56] <jbarratt> if $hostname == "r01.${cluster_name}".... ?
[2009/04/15 15:06:00] <jbarratt> will go try
[2009/04/15 15:06:03] <jbooth> But you can't also define a custom node name of theirs
[2009/04/15 15:06:09] <jbooth> Or if you do the specific one will override
[2009/04/15 15:06:46] <jbooth> So cluster nodes are 'node default {}' and then my head nodes (user logins/compilers/queue submission) and service nodes (dhcp, dns, ldap, torque/moab) are all individually defined
[2009/04/15 15:07:01] <vinci> hi all
[2009/04/15 15:09:48] @ mib_mcwvxm joined channel #puppet
[2009/04/15 15:09:48] @ Quit: andrewcshafer: Read error: 104 (Connection reset by peer)
[2009/04/15 15:09:52] @ andrewcshafer joined channel #puppet
[2009/04/15 15:10:08] @ Quit: mib_mcwvxm: Client Quit
[2009/04/15 15:10:10] <jbarratt> jbooth: works great. I won't need to also do a custom node name. Thanks!
[2009/04/15 15:11:03] @ Quit: aymerick: "kit mais sage"
[2009/04/15 15:13:31] <rzm102> does anyone have a suggestion on how I should install puppet on Macs? Package or MacPorts?
[2009/04/15 15:14:26] @ emerose joined channel #puppet
[2009/04/15 15:14:41] @ edwardam joined channel #puppet
[2009/04/15 15:14:59] <emerose> is it possible to include a class from the global namespace?
[2009/04/15 15:15:10] <emerose> that is, something like "include ::modulename"?
[2009/04/15 15:15:14] @ Quit: randybias: Read error: 110 (Connection timed out)
[2009/04/15 15:15:38] <emerose> the problem is that I had a class "mystuff::modulename" -- and in it was a "require modulename"
[2009/04/15 15:15:52] <emerose> (my class basically just set up variables for the other class)
[2009/04/15 15:15:55] <jbarratt> rzm102: I'm using macports and so far so good, but I don't have good compare/contrast experience
[2009/04/15 15:16:12] <jbarratt> be prepared to heat up the room a bit with the compiles
[2009/04/15 15:16:28] <emerose> but it looks like the "require modulename" was just re-requiring "mystuff::modulename" -- and the global module was never being included
[2009/04/15 15:17:09] @ andrewcshafer_ joined channel #puppet
[2009/04/15 15:17:12] <emerose> sorry, read "include" for "require" there
[2009/04/15 15:18:28] @ josb left channel #puppet ()
[2009/04/15 15:18:49] <rzm102> jbarratt: Thanks I tried both, port for "server" packages for "client" and ran into errors
[2009/04/15 15:19:26] @ Quit: mikepea:
[2009/04/15 15:25:36] @ andrewcshafer__ joined channel #puppet
[2009/04/15 15:25:36] @ Quit: andrewcshafer_: Read error: 104 (Connection reset by peer)
[2009/04/15 15:26:44] <jbarratt> jbooth: actually, this works better for me:
[2009/04/15 15:26:44] <jbarratt> $node_role = $fqdn ? {
[2009/04/15 15:26:45] <jbarratt> "r01.${cluster_name}" => "primary",
[2009/04/15 15:26:45] <jbarratt> default => "secondary",
[2009/04/15 15:26:45] <jbarratt> }
[2009/04/15 15:27:13] <jbarratt> then I can still play with node defaults if I want, I guess
[2009/04/15 15:29:13] @ Quit: andrewcshafer: Read error: 110 (Connection timed out)
[2009/04/15 15:31:31] <jbarratt> rzm102: on leopard? Do you have MacPorts usably doing other things as well? (i.e. do you have the basic dependencies?)
[2009/04/15 15:31:43] @ mikepea joined channel #puppet
[2009/04/15 15:32:06] <rzm102> I started in a test environment, using my latest 10.5.6 image (Instadmg)
[2009/04/15 15:32:13] <rzm102> installed macports for the first time
[2009/04/15 15:32:35] <rzm102> I assumed the dependencies needed were installed with puppet
[2009/04/15 15:32:46] <jbarratt> try installing something simple from macports
[2009/04/15 15:32:53] <jbarratt> it needs things like XCode, iirc
[2009/04/15 15:33:32] <rzm102> ah yes, that was all fine, it installed without issues. It was while going through the initial setup that I got errors. Like the --mkuser
[2009/04/15 15:33:44] <jbarratt> ah, weird
[2009/04/15 15:34:16] <rzm102> yes, it said it had three errors at first, then I ran it as sudo and it just said it needed to run as root
[2009/04/15 15:34:26] <rzm102> I think that's normal, from what I can find with google
[2009/04/15 15:34:26] @ DarkFlib joined channel #puppet
[2009/04/15 15:35:45] <rzm102> I'm restarting fresh with the packages and trying again. I'll be back with error codes if I need to.
[2009/04/15 15:36:10] @ Quit: raphink: Read error: 54 (Connection reset by peer)
[2009/04/15 15:38:18] @ Quit: emerose: "..."
[2009/04/15 15:40:27] @ raphink joined channel #puppet
[2009/04/15 15:46:42] <rzm102> Can I use the bonjour hostnames for testing puppet, or do I need to use an IP/dns name?
[2009/04/15 15:52:20] @ Quit: mikepea:
[2009/04/15 15:55:30] @ mikepea joined channel #puppet
[2009/04/15 16:03:51] @ lazzurs joined channel #puppet
[2009/04/15 16:07:26] <grim_radical> anybody here running a puppetmaster on RHEL5?
[2009/04/15 16:07:36] <rzm102> Trying to setup puppetmasterd on OS X 10.5.6. Installed puppet and facter from packages. created first manifest using root account. typed in: puppetmasterd --mkusers and got the error: "Got 1 failure while initializing: Failed to retrieve current state of resource: Could no determine OS X version"
[2009/04/15 16:07:36] <grim_radical> my puppetmasters are using a ton of "system time"
[2009/04/15 16:07:49] <rzm102> What should I do? Anything?
[2009/04/15 16:07:57] @ ijcd_ joined channel #puppet
[2009/04/15 16:07:59] <grim_radical> an strace reveals that puppet is apparently doing a zillion calls to "rt_sigprocmask"
[2009/04/15 16:08:21] <grim_radical> SIG_BLOCK, in particular.
[2009/04/15 16:11:38] @ Quit: andrewcshafer__: Read error: 104 (Connection reset by peer)
[2009/04/15 16:11:50] @ andrewcshafer joined channel #puppet
[2009/04/15 16:16:10] @ Quit: unxfrek: "Leaving"
[2009/04/15 16:16:15] @ Quit: rzm102:
[2009/04/15 16:17:13] @ unxfrek joined channel #puppet
[2009/04/15 16:17:25] <grim_radical> looks like my issue is already a bug: #1781
[2009/04/15 16:17:26] <gepetto> grim_radical: #1781 is http://projects.reductivelabs.com/issues/show/1781 "Puppet - Bug #1781: Slow execution - ReductiveLabs.com"
[2009/04/15 16:17:40] <grim_radical> no solution in the ticket, though
[2009/04/15 16:19:03] @ Quit: mikepea:
[2009/04/15 16:19:31] @ Quit: raphink: Read error: 113 (No route to host)
[2009/04/15 16:23:22] @ afb left channel #puppet ()
[2009/04/15 16:24:37] @ Quit: ijcd: Read error: 110 (Connection timed out)
[2009/04/15 16:29:59] <MrHeavy> Quick question about exported resources
[2009/04/15 16:30:33] <MrHeavy> I want to create a nagios_host in /etc/nagios/objects/hosts.d/$hostname.cfg
[2009/04/15 16:31:02] <MrHeavy> I'd figure Puppet would store the resource as it existed on the exporting node rather than the Nagios server
[2009/04/15 16:31:17] <MrHeavy> But it always creates /etc/nagios/objects/hosts.d/<nagios_hostname>.cfg
[2009/04/15 16:31:39] <MrHeavy> Since it parses the $hostname in the resource on the realizing node
[2009/04/15 16:31:43] <MrHeavy> Rather than the exporting one
[2009/04/15 16:31:46] <MrHeavy> Any way around this?
[2009/04/15 16:32:15] @ Quit: andrewcshafer: Read error: 104 (Connection reset by peer)
[2009/04/15 16:33:03] @ andrewcshafer joined channel #puppet
[2009/04/15 16:33:51] <grim_radical> MrHeavy: odd, it works as expected for me using 0.24.8
[2009/04/15 16:35:12] @ Quit: d3vilb0x: Read error: 110 (Connection timed out)
[2009/04/15 16:35:29] @ briandquinn joined channel #puppet
[2009/04/15 16:36:49] @ mikepea joined channel #puppet
[2009/04/15 16:37:19] @ Quit: andrewcshafer: Client Quit
[2009/04/15 16:38:42] @ Quit: mikepea: Client Quit
[2009/04/15 16:38:42] <MrHeavy> Also running 0.24.8
[2009/04/15 16:42:13] <grim_radical> MrHeavy: can you pastie the code that's referencing $hostname?
[2009/04/15 16:44:29] <MrHeavy> It's actually working fine for one class one one of my hosts
[2009/04/15 16:44:31] <MrHeavy> Which is bizarre
[2009/04/15 16:44:40] <MrHeavy> And not for a different class on another one of my hosts
[2009/04/15 16:44:43] <MrHeavy> So let me get back to you on that
[2009/04/15 16:45:41] <grim_radical> MrHeavy: the only issue relating to this that I've run into, is that if you have a default arg for a define like $arg=$hostname (where $hostname is the default value for the arg),
[2009/04/15 16:46:05] @ Quit: briandquinn:
[2009/04/15 16:46:16] <grim_radical> MrHeavy: then puppet seemed to "evaluate" that fact on the realizing server instead of the exporting one (IIRC...or maybe it was the other way around...)
[2009/04/15 16:47:08] <grim_radical> MrHeavy: I fixed that glitch by moving the default arg value into the body of the define
[2009/04/15 16:47:38] @ raphink joined channel #puppet
[2009/04/15 16:48:32] <MrHeavy> ahahaha, wow, i'm a fucking idiot
[2009/04/15 16:48:45] <MrHeavy> the one it was adding to my nagios host -belonged- there but the other one from my other host wasn't getting exported
[2009/04/15 16:48:46] <MrHeavy> okay
[2009/04/15 16:48:47] <MrHeavy> wow
[2009/04/15 16:48:51] <MrHeavy> i love to jump to dumb conclusions :(
[2009/04/15 16:49:27] <MrHeavy> However, the "use" attribute of nagios_* seems not to support arrays (Nagios 3.x does multiple inheritance) so I guess I should file a bug about that
[2009/04/15 16:50:56] @ WALoeIII joined channel #puppet
[2009/04/15 16:58:11] @ Quit: edwardam: Remote closed the connection
[2009/04/15 17:02:16] @ edwardam joined channel #puppet
[2009/04/15 17:02:56] @ edwardam is now known as edwardam\|phn
[2009/04/15 17:09:08] @ lak joined channel #puppet
[2009/04/15 17:12:08] @ fujin joined channel #puppet
[2009/04/15 17:13:43] <nDuff> lak, hey -- additional to the spurious dependency cycles, we're hitting performance issues that look a lot like #1781 -- mostly on VMware- and KVM-based VMs, oddly enough, and not on Xen-based VMs and real hardware. Deepak is playing around with trying a newer ruby interpreter; will report on whether that helps.
[2009/04/15 17:13:43] <gepetto> nDuff: lak: #1781 is http://projects.reductivelabs.com/issues/show/1781 "Puppet - Bug #1781: Slow execution - ReductiveLabs.com"
[2009/04/15 17:14:53] <lak> nDuff: ok; on the phone for a while but i'll look at it after
[2009/04/15 17:30:46] @ Quit: erm_: "leaving"
[2009/04/15 17:30:52] @ keithlard joined channel #puppet
[2009/04/15 17:31:04] @ andrewcshafer joined channel #puppet
[2009/04/15 17:32:03] @ ijcd joined channel #puppet
[2009/04/15 17:33:19] @ Quit: bolt: "telnet irc.freenode.net 6667"
[2009/04/15 17:33:27] @ Quit: ijcd: Client Quit
[2009/04/15 17:37:25] @ Quit: unxfrek: Remote closed the connection
[2009/04/15 17:37:27] @ bolt joined channel #puppet
[2009/04/15 17:38:31] <gepetto> ::trac:: Using Stored Configuration edited by stevenjenkins @ http://reductivelabs.com/trac/puppet/wiki/UsingStoredConfiguration (by steven@endpoint.com)
[2009/04/15 17:38:34] @ Quit: ijcd_: Read error: 104 (Connection reset by peer)
[2009/04/15 17:46:01] @ Quit: madrescher: Read error: 110 (Connection timed out)
[2009/04/15 17:49:36] @ madrescher joined channel #puppet
[2009/04/15 17:57:27] @ Quit: pipes: "leaving"
[2009/04/15 17:57:54] @ elijahwright joined channel #puppet
[2009/04/15 17:58:14] <joe-mac> hey guys anybody here ever use star (schily's tar)
[2009/04/15 17:58:18] @ pipes joined channel #puppet
[2009/04/15 17:58:34] <joe-mac> it's being a royal PITA when it comes to the simplest operation EVAR in regular gnu tar, excluding directories
[2009/04/15 17:59:21] @ Quit: andrewcshafer:
[2009/04/15 17:59:48] @ Demosthenes joined channel #puppet
[2009/04/15 17:59:50] <joe-mac> in gnu tar i do --exclude= and be done with it, in star it just seems impossible. to top it off the user community seems to have brains the size of small mediterranean islands, so the one guy who actually does muster up the strength to ask about it gets told to RTFM on the mailing list... i mean, i read TFM like a hundred times today, still don't get it
[2009/04/15 18:01:20] <fujin> use gnu tar?
[2009/04/15 18:06:25] @ Quit: edwardam\|phn: Remote closed the connection
[2009/04/15 18:06:41] <bda> But star is compliant with your face.
[2009/04/15 18:08:11] <joe-mac> lol
[2009/04/15 18:08:39] <joe-mac> fujin: i am on ubuntu and (get ready for this) the tar on ubuntu 8.04 does not support acls
[2009/04/15 18:08:44] <joe-mac> sweet eh?
[2009/04/15 18:08:49] <joe-mac> --xattrs option not found it says
[2009/04/15 18:08:53] <joe-mac> --acls same thing
[2009/04/15 18:09:03] <fujin> heh
[2009/04/15 18:09:06] * fujin has never noticed
[2009/04/15 18:09:07] <joe-mac> gotta love ubuntu for being so server oriented, even in their server distro
[2009/04/15 18:09:46] <joe-mac> so today, i broke my whole infrastructure
[2009/04/15 18:09:53] @ Quit: Innocenti: Read error: 110 (Connection timed out)
[2009/04/15 18:10:11] @ edwardam joined channel #puppet
[2009/04/15 18:10:26] <joe-mac> luckily, i had a feeling something would go wrong and kept a root shell open on the puppet server to fix it, with one command moved the puppet dir back into place
[2009/04/15 18:10:37] @ unxfrek joined channel #puppet
[2009/04/15 18:11:42] @ mikepea joined channel #puppet
[2009/04/15 18:12:28] @ Quit: mikepea: Client Quit
[2009/04/15 18:12:31] <bda> You broke your entire infrastructure using tar?
[2009/04/15 18:12:37] <bda> Or are those unrelated?
[2009/04/15 18:13:45] @ mikepea joined channel #puppet
[2009/04/15 18:14:36] <fujin> sounds like doing it wrong
[2009/04/15 18:16:19] <joe-mac> sigh, yes because i serve out a lot of important files in puppet and rely on the files themselves for the permissions
[2009/04/15 18:17:02] <joe-mac> so they are all owned by root:root and 640 or 440 or for instance my ssh keys which are 640 user: and so i have an acl that lets puppet read these
[2009/04/15 18:17:26] <joe-mac> since the acl didn't get preserved during a move i was doing, all of a sudden puppet couldn't access tons of files
[2009/04/15 18:18:17] <joe-mac> fujin: slightly doin it wrong. in most cases my days are easier by relying on the files themselves to set permissions
[2009/04/15 18:18:23] <joe-mac> just not today
[2009/04/15 18:18:29] <Volcane> joe-mac: I remember clear as day tell you relying on that will burn you one day, you insisted the saving in typing is worth it :P
[2009/04/15 18:18:41] <joe-mac> lol, yes and today was that day Volcane
[2009/04/15 18:19:13] <joe-mac> when i do puppet: the sequel i will probably not rely so much on that
[2009/04/15 18:20:48] <Volcane> yeah, assumption being the mother of all f'ups, assuming someone didnt screw up your filesystem is not the way to go :)
[2009/04/15 18:21:04] <Volcane> anyway, now u know :P
[2009/04/15 18:21:07] <joe-mac> yep :-(
[2009/04/15 18:25:51] @ Djelibeybi joined channel #puppet
[2009/04/15 18:32:08] <eric0> anybody know if the puppet wiki is exportable to local files or a big pdf?
[2009/04/15 18:32:25] @ Quit: mikepea:
[2009/04/15 18:33:53] * eric0 has a 5.5 hr plane ride tomorrow and would like to get some reading in
[2009/04/15 18:34:52] <joe-mac> i usually just get wasted and listen to music until i pass out
[2009/04/15 18:34:57] <joe-mac> and wake up in a strange land
[2009/04/15 18:34:59] <bda> http://news.cnet.com/8301-13505_3-10219946-16.html
[2009/04/15 18:35:08] <bda> lak: Were you on the phone with Cisco? :)
[2009/04/15 18:35:19] <lak> heh, not a chance
[2009/04/15 18:35:27] <lak> i'm not taking their calls for the first week or so :)
[2009/04/15 18:35:37] <bda> Yeah, don't want 'em to think you're easy
[2009/04/15 18:35:46] <bda> "Not tonight Cisco, I need to refactor my code."
[2009/04/15 18:37:31] <joe-mac> wow puppet on news.cnet, pretty crazy
[2009/04/15 18:39:07] <eric0> i guess i could wget through the site
[2009/04/15 18:39:12] <Djelibeybi> lak: grr, if Cisco buy you, my dreams of Oracle buying you are for naught! :)
[2009/04/15 18:39:16] <joe-mac> recursive wget
[2009/04/15 18:39:18] <lak> heh
[2009/04/15 18:39:24] <joe-mac> i think RH should buy you
[2009/04/15 18:39:24] <lak> Djelibeybi: best get cracking :)
[2009/04/15 18:39:43] <lak> just fyi, i haven't gotten calls from any of them, so...
[2009/04/15 18:39:46] <Djelibeybi> lak: Sadly, I can only but dream. I am quite low on the totem pole. :)
[2009/04/15 18:39:47] <joe-mac> lol, sounds perverse, "buy you"
[2009/04/15 18:41:22] * joe-mac goes home
[2009/04/15 18:41:27] @ joe-mac left channel #puppet ()
[2009/04/15 18:42:29] <keithlard> is there a way to get the client to wait for longer than the default time to get a response from puppetmaster?
[2009/04/15 18:42:49] <keithlard> we've got a very overloaded puppetmaster server which is causing the clients to time out
[2009/04/15 18:44:39] <keithlard> googling for 'puppet timeout' just gives me listings for puppet shows in Time Out magazine :)
[2009/04/15 18:47:08] <jenza> are you running mongrel?
[2009/04/15 18:47:44] <keithlard> i presume not, the default's webrick, isn't it?
[2009/04/15 18:48:06] <jenza> yeah
[2009/04/15 18:48:24] <jenza> Don't use webrick
[2009/04/15 18:48:26] <jenza> it's bad++
[2009/04/15 18:48:53] <barn> it's just small, and doesn't handle lots
[2009/04/15 18:49:14] <barn> mongrel is hardly amazing ): but you can run a number of them at least, and put apache in front
[2009/04/15 18:49:16] <Djelibeybi> Oh, that reminds me.
[2009/04/15 18:49:29] <Djelibeybi> I have an updated "How to configure Mongrel + Apache Proxy Balancer" doc for the wiki
[2009/04/15 18:49:35] <keithlard> agreed, but in this case it's not the number of clients that's causing the slowdown - the box is chronically out of memory and swapping
[2009/04/15 18:50:01] <keithlard> we just need to run puppet once to bring up a VM which will take the load off the main server and... it's a long story i guess :)
[2009/04/15 18:50:19] <keithlard> i'll be very interested to look at that mongrel doc though
[2009/04/15 18:50:22] <fujin> side effect of running a puppetmaster
[2009/04/15 18:50:31] <fujin> fork(2): out of memory
[2009/04/15 18:50:32] <bda> keithlard: I run puppet client via cron now.
[2009/04/15 18:50:34] * fujin chuckles
[2009/04/15 18:50:45] @ Quit: unxfrek: Read error: 110 (Connection timed out)
[2009/04/15 18:50:57] <bda> Well, that's a lie, but it's close enough.
[2009/04/15 18:51:21] <keithlard> this is a rather unusual setup, as we're using puppet to build EC2 VMs, and it only runs once. when we're done with the vm, it gets deleted.
[2009/04/15 18:51:24] <bda> (it runs as a service, but under something we call minrun, which is configured to sleep for n seconds after a sucessful run)
[2009/04/15 18:51:29] <Djelibeybi> keithlard: it's actually pretty simple. I followed the current wiki docs without a problem. I have cleaned it up a bit.
[2009/04/15 18:52:35] <Djelibeybi> Though, I don't seem to have my docs here with me. I wrote them at the client. :( Time to email my onsite sysadmin and get him to email the doco back to me. :)
[2009/04/15 18:53:00] <keithlard> yes i run puppet out of cron on all my other sites, with a little random delay script beforehand.
[2009/04/15 18:53:32] <keithlard> there should be a competition for 'mad ways i have used puppet'
[2009/04/15 18:53:34] @ andrewcshafer joined channel #puppet
[2009/04/15 18:54:04] @ Quit: Djelibeybi: "Leaving"
[2009/04/15 18:58:37] @ Djelibeybi joined channel #puppet
[2009/04/15 19:00:41] @ Quit: mfoster: "Leaving."
[2009/04/15 19:02:28] <ch> ruby's openssl bindings are awkward :-/
[2009/04/15 19:05:23] @ andrewcshafer_ joined channel #puppet
[2009/04/15 19:05:30] @ collier_s joined channel #puppet
[2009/04/15 19:09:26] @ Innocenti joined channel #puppet
[2009/04/15 19:11:11] @ Quit: andrewcshafer: Read error: 110 (Connection timed out)
[2009/04/15 19:20:34] @ Quit: jtimberman: "dinner"
[2009/04/15 19:22:18] @ kambiz is now known as kambiz_away
[2009/04/15 19:23:15] @ Quit: markl_: "Lost terminal"
[2009/04/15 19:23:30] @ kambiz_away is now known as kambiz
[2009/04/15 19:25:35] @ neh joined channel #puppet
[2009/04/15 19:35:20] @ kambiz is now known as kambiz_away
[2009/04/15 19:37:32] @ Quit: madrescher: "Leaving."
[2009/04/15 19:40:21] @ Quit: andrewcshafer_:
[2009/04/15 19:44:33] @ Quit: cwebber:
[2009/04/15 19:45:20] @ cwebber joined channel #puppet
[2009/04/15 19:45:49] @ Quit: cwebber: Client Quit
[2009/04/15 19:48:22] @ Quit: ezmob: "Leaving..."
[2009/04/15 19:49:28] @ Quit: keithlard:
[2009/04/15 19:52:20] <gwar9999> I'm not sure how the %x{/path/to/executable} works within facter, but if the file doesn't exist, how do I prevent the "command not found" error from preventing puppetd to continue it's catalog run? I tried adding a begin/rescue/end block around the %x... but it doesn't help. My ruby skills aren't up to the challenge.
[2009/04/15 19:53:42] @ keithlard joined channel #puppet
[2009/04/15 19:54:16] <lak> gwar9999: what exception are you getting?
[2009/04/15 19:54:24] <lak> you should be able to just rescue that exception...
[2009/04/15 19:54:57] <gwar9999> /usr/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:31: /path/to/executable
[2009/04/15 19:55:55] <gwar9999> that's what I would've thought... I'll post my tiny fact
[2009/04/15 19:56:56] <gwar9999> http://pastie.org/447992
[2009/04/15 19:57:37] <gwar9999> in this case, if /tmp/script/... doesn't exist, it prevents puppet from continuing.
[2009/04/15 19:58:19] <gwar9999> normally, the file will exist, but I'm testing things when it doesn't (so in theory puppet could install it... but since it fails and stops processing then puppet doesn't get that far)
[2009/04/15 19:59:02] <lak> gwar9999: do 'rescue => detail' and figure out what exception is being thrown
[2009/04/15 19:59:07] <lak> then catch that exception specifically
[2009/04/15 20:01:55] @ Quit: alfism: "Connection reset by beer"
[2009/04/15 20:02:40] <gepetto> ::trac:: Using Mongrel OnEnterprise Linux edited by Djelibeybi @ http://reductivelabs.com/trac/puppet/wiki/UsingMongrelOnEnterpriseLinux (by avi.miller@gmail.com)
[2009/04/15 20:02:40] <gepetto> ::trac:: Using Mongrel edited by Djelibeybi @ http://reductivelabs.com/trac/puppet/wiki/UsingMongrel (by avi.miller@gmail.com)
[2009/04/15 20:03:41] <Djelibeybi> There. My Enterprise Linux how-to is on the wiki
[2009/04/15 20:05:50] <fujin> gwar9999: you can always 'rescue nil', too.
[2009/04/15 20:06:06] @ Quit: claymation:
[2009/04/15 20:07:31] <gepetto> ::trac:: Using Mongrel edited by Djelibeybi @ http://reductivelabs.com/trac/puppet/wiki/UsingMongrel (by avi.miller@gmail.com)
[2009/04/15 20:07:31] <gepetto> ::trac:: Using Mongrel edited by Djelibeybi @ http://reductivelabs.com/trac/puppet/wiki/UsingMongrel (by avi.miller@gmail.com)
[2009/04/15 20:08:39] @ Quit: Innocenti: Read error: 110 (Connection timed out)
[2009/04/15 20:09:17] @ Quit: Bass10: Connection timed out
[2009/04/15 20:09:31] @ PaulWay joined channel #puppet
[2009/04/15 20:10:10] <gwar9999> lak: weird, I put the rescue => detail there and didn't see anything diff... so I removed it and put my orig (empty) rescue line back and now it works. Not sure why it magically works now.
[2009/04/15 20:10:25] <lak> because you restarted?
[2009/04/15 20:10:30] <lak> because the sunspots are gone?
[2009/04/15 20:11:56] <PaulWay> Hi all!
[2009/04/15 20:13:51] <PaulWay> I'm still working on this NTP configuration - I've got http://pastie.org/448005 as my ntp init.pp, and http://pastie.org/448006 as an example of my nodes.pp file.
[2009/04/15 20:14:30] <PaulWay> But host1 is still getting the ordinary ntp.conf file, not the ntp-time-master.conf file.
[2009/04/15 20:15:54] <PaulWay> Any ideas what I'm doing wrong?
[2009/04/15 20:16:17] <sub> yes
[2009/04/15 20:16:24] <sub> ntpd::time-master vs ntpd::time_master
[2009/04/15 20:16:44] <sub> class ntpd::time_master inherits ntpd, etc
[2009/04/15 20:16:48] <sub> then you have include ntpd::time-master
[2009/04/15 20:17:06] <sub> :-)
[2009/04/15 20:17:09] @ ijcd joined channel #puppet
[2009/04/15 20:17:22] <PaulWay> Aahahahhhh.
[2009/04/15 20:17:27] * PaulWay slaps his forehead theatrically
[2009/04/15 20:17:28] <PaulWay> Thanks!
[2009/04/15 20:17:41] <sub> you're very welcome
[2009/04/15 20:18:08] <Djelibeybi> PaulWay: why do you even have the time_master?
[2009/04/15 20:18:19] @ bob2 joined channel #puppet
[2009/04/15 20:18:21] <Djelibeybi> It appears to have exactly the same file configuration as the standard ntp class
[2009/04/15 20:18:47] <PaulWay> Different file source.
[2009/04/15 20:19:24] <Djelibeybi> PaulWay: no, it isn't.
[2009/04/15 20:19:29] <Djelibeybi> The file sources are the same.
[2009/04/15 20:19:44] <Djelibeybi> Oh, wait.
[2009/04/15 20:19:45] <Djelibeybi> I see.
[2009/04/15 20:19:49] <Djelibeybi> Hmmm
[2009/04/15 20:20:44] <PaulWay> If there's a better way... :-)
[2009/04/15 20:21:06] <Djelibeybi> Yeah, I'm just thinking about it.
[2009/04/15 20:21:26] <Djelibeybi> I probably would just have a ntp-$hostname.conf for your time masters, as you probably dont' have that many
[2009/04/15 20:21:26] <PaulWay> I'm assuming that the ntpd::time-master file sources overwrite the ntpd file sources, rather than appending or inserting into the list.
[2009/04/15 20:21:44] <PaulWay> Well, that is true
[2009/04/15 20:21:53] <PaulWay> I'd probably do it that way in the future.
[2009/04/15 20:22:04] <Djelibeybi> Much simpler that way. Also, means that a server doesn't become a time master without aforethought. :)
[2009/04/15 20:23:02] <PaulWay> Well, it only becomes a time master by inserting that class in the nodes configuration anyway...
[2009/04/15 20:25:28] <Djelibeybi> True. Though, using the ntp-$hostname.conf means you don't have to have different configurations in the node definition.
[2009/04/15 20:25:46] <PaulWay> Yeah.
[2009/04/15 20:25:56] <Djelibeybi> Though, I suspect both methods are equally valid. It just depends on which is more suitable to your own personal comfort facter
[2009/04/15 20:25:57] <PaulWay> Ah well.
[2009/04/15 20:26:04] <PaulWay> Yeah.
[2009/04/15 20:26:06] <PaulWay> Or factor.
[2009/04/15 20:26:18] * Djelibeybi would use the ntp-$hostname.conf method, as that makes more sense to me.
[2009/04/15 20:27:49] @ Quit: lak:
[2009/04/15 20:27:57] <PaulWay> Yeah, I'd probably do that in future.
[2009/04/15 20:28:05] <PaulWay> At some point I might convert across for consistency.
[2009/04/15 20:29:06] @ Quit: raphink: Read error: 60 (Operation timed out)
[2009/04/15 20:29:30] @ raphink joined channel #puppet
[2009/04/15 20:45:41] <PaulWay> ahhh, coffee and chocolate muffin, how I savour you!
[2009/04/15 20:46:08] <bobbyzzz> mmm....chocolate muffins....
[2009/04/15 20:46:11] <bobbyzzz> oh so good
[2009/04/15 20:46:18] @ bobbyzzz is now known as bobbyz
[2009/04/15 20:53:56] @ Quit: keithlard:
[2009/04/15 21:08:27] @ Quit: kingitchy:
[2009/04/15 21:15:45] @ WALoeIII_ joined channel #puppet
[2009/04/15 21:31:19] @ maxagaz joined channel #puppet
[2009/04/15 21:31:53] @ twocs joined channel #puppet
[2009/04/15 21:33:06] @ Quit: WALoeIII_: Read error: 113 (No route to host)
[2009/04/15 21:33:21] @ Quit: WALoeIII: Read error: 113 (No route to host)
[2009/04/15 21:35:57] @ chip__ joined channel #puppet
[2009/04/15 21:37:56] @ Quit: edwardam: Remote closed the connection
[2009/04/15 21:41:36] @ WALoeIII joined channel #puppet
[2009/04/15 21:45:15] @ Quit: bobbyz: Read error: 60 (Operation timed out)
[2009/04/15 21:52:10] @ Quit: ijcd:
[2009/04/15 21:52:10] @ Quit: atlan_: Read error: 110 (Connection timed out)
[2009/04/15 21:52:14] @ atlan_ joined channel #puppet
[2009/04/15 21:53:22] @ ohadlevy joined channel #puppet
[2009/04/15 21:54:07] @ Quit: chip__: Read error: 110 (Connection timed out)
[2009/04/15 21:58:16] @ bobbyz joined channel #puppet
[2009/04/15 22:25:37] @ chip__ joined channel #puppet
[2009/04/15 22:36:45] @ Quit: bobbyz: Read error: 110 (Connection timed out)
[2009/04/15 22:37:22] @ bobbyz joined channel #puppet
[2009/04/15 22:41:26] @ Quit: atlan_: Read error: 110 (Connection timed out)
[2009/04/15 22:55:46] <justdave> so if I have an external_nodes script defined, and I also have a .pp file that defines a node in my nodes directory, do the results get merged together or does one take precidence over the other?
[2009/04/15 22:56:38] <jamesturnbull> riddley: briefly here but o holidays
[2009/04/15 22:57:03] @ fujin_ joined channel #puppet
[2009/04/15 22:57:53] <ohadlevy> justdave: Last I heard they are merged, but I would not recommend it
[2009/04/15 22:58:50] <justdave> that's the suspicion I had from the behavior I'm seeing, just wanted to make sure before I went blaming a problem on that. :)
[2009/04/15 23:00:12] <justdave> our setup was originally done exclusively with the external_nodes script, and we had a system go gung-ho on setting up a bunch of new machines in it while the guy who did the original setup was on vacation, and he did .pp files with the stuff for all his new machines in it instead of putting them where the external script was looking
[2009/04/15 23:00:40] <justdave> he apparently didn't realize we had the external_nodes script and went and read puppet docs on his own
[2009/04/15 23:01:26] @ fujin- joined channel #puppet
[2009/04/15 23:02:09] @ Quit: WALoeIII: "Bai."
[2009/04/15 23:12:46] <bda> http://rafb.net/p/viNJiJ10.html # This seems... weird.
[2009/04/15 23:13:01] <bda> facter prints all facters, but `facter $fact` for some doesn't work.
[2009/04/15 23:13:04] @ Quit: pipes: "leaving"
[2009/04/15 23:13:31] <bda> --debug prints nothing.
[2009/04/15 23:14:02] <jbk> bda: fancy seeing you here :)
[2009/04/15 23:14:08] <bda> Hoy.
[2009/04/15 23:16:04] <jbk> since you obviously have an interest in puppet as well.. I was gonna work on getting it into /pending, but was thinking about floating a project to make it more aware of opensolaris specific stuff... (to be submitted upstream).. would you be interested?
[2009/04/15 23:16:17] <bda> Sure.
[2009/04/15 23:16:37] <jbk> was about to submit the spec file to jucr for facter to start with..
[2009/04/15 23:16:43] <bda> I have a couple branches I'm working on for Solaris stuff. Not OS specific.
[2009/04/15 23:17:02] <jbk> most of it to eb put upstream would probably need to be
[2009/04/15 23:17:09] <jbk> it looks like you've added a zonename fact
[2009/04/15 23:17:16] <bda> Yeah. facts are easy. :)
[2009/04/15 23:17:57] <bda> I need to write tests before they get putback. Probably this weekend.
[2009/04/15 23:18:00] <jbk> was thinking pkg(5) support, maybe adding some sort of object for dladm (that be a bit more interesting)
[2009/04/15 23:18:27] <jbk> and it looks like the zfs/zpool attribute list might need updating
[2009/04/15 23:18:34] <bda> Yeah, facter understands configured interfaces now, but not unplumbed ones.
[2009/04/15 23:18:40] <bda> nod.
[2009/04/15 23:18:48] <bda> My contribution is import service for SMF manifests. :)
[2009/04/15 23:18:57] <jbk> nice
[2009/04/15 23:19:01] <bda> It was super easy.
[2009/04/15 23:19:22] <bda> I suck at coding of any sort. Don't really know Ruby.
[2009/04/15 23:19:37] <bda> http://github.com/bda/puppet/blob/6df93c13dd877e5752149a91ff9eb4675b7637f2/lib/puppet/provider/service/smf.rb
[2009/04/15 23:19:39] @ Quit: fujin: Read error: 110 (Connection timed out)
[2009/04/15 23:19:52] @ Quit: fujin_: Read error: 110 (Connection timed out)
[2009/04/15 23:20:01] <jbk> me either
[2009/04/15 23:20:08] <bda> Right now I'm using pkgsrc for everything as opposed to sfe or jucr.
[2009/04/15 23:20:10] <jbk> but perfect opportunity to learn
[2009/04/15 23:20:16] <bda> Don't really see any reason to change, either.
[2009/04/15 23:20:29] <bda> It would be trivial to modify one of the BSD pkg providers for pkgsrc as well.
[2009/04/15 23:20:41] <bda> But I'm all for extending Solaris support, so. :)
[2009/04/15 23:21:11] <bda> I'd like to work on the zone stuff once I get more accustomed to Ruby.
[2009/04/15 23:22:23] <jamesturnbull> bda: talk to martin or andrewshafer - they did most of the current zone stuff
[2009/04/15 23:22:55] <bda> jamesturnbull: Noted. It'll be a while before I'm ramped up, though.
[2009/04/15 23:23:11] <jamesturnbull> bda:your issue with facter and facter $fact is a known bug in the 1.5.x tree. should be fixed when we refactor facter
[2009/04/15 23:23:20] <bda> Workaround?
[2009/04/15 23:23:22] <Djelibeybi> fact fact act
[2009/04/15 23:23:31] <bda> Or patch I can pull back?
[2009/04/15 23:23:36] <jbk> yeah, i'm gonna try to get my ldap++ stuff going again, and it'd be nice to have a well integrated puppet as a companion
[2009/04/15 23:23:38] <jamesturnbull> bda: none at the moment
[2009/04/15 23:24:04] <bda> ta.
[2009/04/15 23:25:05] @ andrewcshafer joined channel #puppet
[2009/04/15 23:38:00] @ rdaugherty joined channel #puppet
[2009/04/15 23:40:37] @ cwebber joined channel #puppet
[2009/04/15 23:54:05] <bob2> is there some way to run a post-catalog-run hook on clients?
[2009/04/15 23:55:15] @ Quit: collier_s: Remote closed the connection

Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!