Friday, 2009-05-29

[2009/05/29 00:06:22] @ Log started by gepetto
[2009/05/29 00:06:22] @ Quit: incommon_ike: "Leaving"
[2009/05/29 00:12:20] @ Quit: bgupta: Read error: 113 (No route to host)
[2009/05/29 00:14:11] @ bgupta joined channel #puppet
[2009/05/29 00:25:11] @ Quit: andrewcshafer_:
[2009/05/29 00:25:40] @ Quit: MrHeavy: verne.freenode.net irc.freenode.net
[2009/05/29 00:25:40] @ Quit: GeckoPie: verne.freenode.net irc.freenode.net
[2009/05/29 00:25:40] @ Quit: bartc: verne.freenode.net irc.freenode.net
[2009/05/29 00:25:41] @ Quit: Mandus: verne.freenode.net irc.freenode.net
[2009/05/29 00:25:41] @ Quit: zipkid: verne.freenode.net irc.freenode.net
[2009/05/29 00:25:41] @ Quit: tyler79: verne.freenode.net irc.freenode.net
[2009/05/29 00:27:41] @ bartc joined channel #puppet
[2009/05/29 00:27:42] @ GeckoPie joined channel #puppet
[2009/05/29 00:28:18] @ zipkid joined channel #puppet
[2009/05/29 00:28:20] @ Mandus joined channel #puppet
[2009/05/29 00:31:54] @ tyler79 joined channel #puppet
[2009/05/29 00:38:59] @ Quit: int: Read error: 111 (Connection refused)
[2009/05/29 00:40:00] @ MrHeavy joined channel #puppet
[2009/05/29 00:41:14] @ bgupta left channel #puppet ()
[2009/05/29 00:42:29] @ Guest54786 joined channel #puppet
[2009/05/29 00:46:13] <Guest54786> is anyone able to run puppetrun (ver 0.24.5) on debian lenny? When I use the --host option (i'm not using ldap) it just says Finished without doing anything >_<
[2009/05/29 00:53:01] @ bgupta joined channel #puppet
[2009/05/29 01:00:18] <ohadlevy> anyone uses scope.lookupvar in a template?
[2009/05/29 01:06:53] @ Quit: WALoeIII:
[2009/05/29 01:08:00] <jamesturnbull> PaulWay: did you work out how to distribute a fact?
[2009/05/29 01:09:40] <PaulWay> jamesturnbull: no, sorry, another problem has come up.
[2009/05/29 01:10:55] <Djelibeybi> PaulWay: I have facts being delivered ok. What problem are you having?
[2009/05/29 01:11:35] <PaulWay> Djelibeybi: understanding how to do it ;-)
[2009/05/29 01:12:00] <Djelibeybi> PaulWay: It seemed fairly simple to me. One sec.
[2009/05/29 01:12:39] <PaulWay> This is from http://reductivelabs.com/trac/puppet/wiki/PluginsInModules
[2009/05/29 01:12:57] <Djelibeybi> puppet.conf gets factpath=$vardir/lib/facter and pluginsync=true
[2009/05/29 01:13:24] <Djelibeybi> Then, just add a plugins/facter directory to a module
[2009/05/29 01:13:42] <Djelibeybi> Add some .rb files into that directory and shazaam.
[2009/05/29 01:15:06] <PaulWay> Djelibeybi: Hmmm.
[2009/05/29 01:15:07] <Djelibeybi> I'm assuming you're using 0.24.8 for server and all clients
[2009/05/29 01:15:28] <PaulWay> I was under the impression that jamesturnbull considered that the "bad" way to do things.
[2009/05/29 01:15:35] <Djelibeybi> jamesturnbull: speaking of which, did you get a chance to look at my dodgy facts?
[2009/05/29 01:15:36] <jamesturnbull> PaulWay: no
[2009/05/29 01:15:51] <jamesturnbull> PaulWay: that's plugins in modules - I use a common module to do that
[2009/05/29 01:16:01] <jamesturnbull> PaulWay: but you can add specific facts to specific modules if you like
[2009/05/29 01:16:20] <Djelibeybi> Yeah, currently have my two custom facts in my motd module, as they're used to build the motd file for a server.
[2009/05/29 01:16:20] <PaulWay> Ah, I see.
[2009/05/29 01:16:24] <PaulWay> Sorry.
[2009/05/29 01:16:33] <Djelibeybi> But, I can see the use in having all custom facts in a single module as well.
[2009/05/29 01:19:10] * jamesturnbull likes options
[2009/05/29 01:20:32] <Djelibeybi> No, options are bad!
[2009/05/29 01:25:10] <Guest54786> has anyone had any issues with puppetrun ver 0.24.5 when using --host and not ldap (i'm using debian lenny)? It just says 'Finished' without do anything. I had asked earlier but got no response =)
[2009/05/29 01:25:45] * Djelibeybi doesn't use puppetrun. Sorry.
[2009/05/29 01:26:50] <jamesturnbull> Guest54786: hmmm that rings a bell
[2009/05/29 01:27:10] <jamesturnbull> Guest54786: I think it was a bug and its fixed in a later release - let me see if I can find it
[2009/05/29 01:27:35] <Guest54786> jamesturnbull: oh cool thankyou for checking!! =)
[2009/05/29 01:28:13] <Guest54786> what are my other options? pssh with passwordless sudo and run puppetd --test?
[2009/05/29 01:28:14] <jamesturnbull> Guest54786: can you run with --verbose --debug --trace and tell me if there is any output or errors ?
[2009/05/29 01:28:24] <Guest54786> yes, one sec
[2009/05/29 01:29:06] <jamesturnbull> Guest54786: hang on - #1500 I think
[2009/05/29 01:29:06] <gepetto> jamesturnbull: Guest54786: #1500 is http://projects.reductivelabs.com/issues/show/1500 "Puppet - Bug #1500: puppetrun 0.24.5 does not work and no error - ReductiveLabs.com"
[2009/05/29 01:29:41] <Guest54786> ahh, yeah, that bes it. doh!
[2009/05/29 01:29:42] <jamesturnbull> Guest54786: simple one line fix if you don't want to upgrade
[2009/05/29 01:29:55] <jamesturnbull> Guest54786: http://projects.reductivelabs.com/projects/puppet/repository/revisions/11b0848b8c6eaaded608f4a485990ddb5bbd5e80/diff
[2009/05/29 01:30:06] <Guest54786> checking, thanks so much =)
[2009/05/29 01:30:43] @ andrewcshafer joined channel #puppet
[2009/05/29 01:33:08] @ yarihm joined channel #puppet
[2009/05/29 01:36:03] @ WALoeIII joined channel #puppet
[2009/05/29 01:36:27] @ ssm joined channel #puppet
[2009/05/29 01:44:32] @ ceren joined channel #puppet
[2009/05/29 01:45:30] @ allesmueller2 joined channel #puppet
[2009/05/29 01:45:44] @ Quit: WALoeIII:
[2009/05/29 01:46:52] <ohadlevy> can anyone tell me what am I doing wrong - http://pastie.org/493637
[2009/05/29 01:47:40] <ohadlevy> its a variable scoping problem
[2009/05/29 01:47:56] <ohadlevy> but i cant find the right way :(
[2009/05/29 01:49:00] <Guest54786> i'd help ohadlevy but i dunno enough yet. just started learning today
[2009/05/29 01:49:19] <Djelibeybi> ohadlevy: would help to know what the output/outcome is
[2009/05/29 01:49:45] <Guest54786> to make pupped listen for puppetrun I just need to set listen = true on the puppetclient right?
[2009/05/29 01:50:18] <ohadlevy> in this example, I'm trying to add a directory name into an array, and then using a template create a list of all the dirs that are define
[2009/05/29 01:50:37] <ohadlevy> e.g. if puppet created dir a,b and c, the template should generate the name of the dirs
[2009/05/29 01:50:53] <Djelibeybi> ohadlevy: ok, I get the intention. What's actually happening?
[2009/05/29 01:51:01] <ohadlevy> only the dummy is written
[2009/05/29 01:51:34] <ohadlevy> (the directories are created ofcourse)
[2009/05/29 01:52:01] <Djelibeybi> ohadlevy: no idea, unfortunately. Interesting use case, though.
[2009/05/29 01:52:22] <ohadlevy> brrrrrr
[2009/05/29 01:54:02] <Guest54786> to make puppetrun work I need to set listen=true on the under [puppetd] on puppetclient right?
[2009/05/29 01:55:58] <ohadlevy> Guest54786:yes
[2009/05/29 01:56:05] <ohadlevy> you also need namespaceauth file
[2009/05/29 01:58:53] <Guest54786> ok yeah, i have both. but setting listen=true causes causes the puppetd on the client to not stay alive
[2009/05/29 01:59:22] <ohadlevy> how do you run puppetd?
[2009/05/29 01:59:23] <Guest54786> i tried invoking from init.d and using --listen from the cmdline. any ideas?
[2009/05/29 02:00:38] @ Quit: allesmue1ler2: Read error: 110 (Connection timed out)
[2009/05/29 02:02:18] <Guest54786> ok wait, does namespaceauth.conf go on the client or the pupetserver?
[2009/05/29 02:03:43] <PaulWay> Right, now I can concentrate on important things after wasting half a day on a bizarre profiterole accident.
[2009/05/29 02:03:58] <PaulWay> Djelibeybi: so the shortname.rb facter file has to go to in the module's facter/ directory - not the files/ directory?
[2009/05/29 02:04:13] <Djelibeybi> PaulWay: yuppo
[2009/05/29 02:04:26] @ Quit: rektide: Read error: 60 (Operation timed out)
[2009/05/29 02:06:37] <Guest54786> ok got it working. woot!
[2009/05/29 02:09:34] @ Dominic joined channel #puppet
[2009/05/29 02:10:06] <Guest54786> is there some way to suppress all ldap warnings from the various commands?
[2009/05/29 02:12:30] @ Quit: CoolCold: Read error: 110 (Connection timed out)
[2009/05/29 02:15:01] @ mattock joined channel #puppet
[2009/05/29 02:18:06] @ Quit: astinus: Read error: 104 (Connection reset by peer)
[2009/05/29 02:20:44] @ astinus joined channel #puppet
[2009/05/29 02:23:03] <PaulWay> This is really weird - two of the machines running puppet are doing their catalog runs but not updating the /var/lib/puppet/localconfig.yaml and /var/lib/puppet/state/state.yaml files.
[2009/05/29 02:23:15] <PaulWay> And when I run puppetd -tov it says there's another puppet daemon already running.
[2009/05/29 02:23:31] <Guest54786> ps just shows one?
[2009/05/29 02:23:39] <PaulWay> Guest54786: yep.
[2009/05/29 02:24:25] <Guest54786> hmm weird. both servers are doing this?
[2009/05/29 02:24:26] @ Quit: notbrien:
[2009/05/29 02:24:50] <Guest54786> and you tried restarting the daemon?
[2009/05/29 02:25:48] <PaulWay> Yep - multiple times.
[2009/05/29 02:25:58] <PaulWay> Guest54786: And none of the other 25 servers running puppet are doing this.
[2009/05/29 02:26:07] <PaulWay> and I have no idea why...
[2009/05/29 02:26:32] <PaulWay> The one thing I haven't tried is pushing a config change and seeing if they're taking it up.
[2009/05/29 02:27:09] <Guest54786> hmm not sure what'd be up with that
[2009/05/29 02:32:50] <PaulWay> Odd - one of the machines is definitely saying it's checking every half an hour or so, but the other only last started a check at 11:48 this morning.
[2009/05/29 02:35:38] <PaulWay> Now that's freaking weird - the puppet daemon definitely installed a new package, but the localconfig.yaml file is still dated yesterday.
[2009/05/29 02:37:29] <PaulWay> Right, hang it, I'm off to the pub.
[2009/05/29 02:37:30] @ PaulWay left channel #puppet ()
[2009/05/29 02:39:39] @ Quit: allesmueller2: Remote closed the connection
[2009/05/29 02:44:33] @ Welsh_Dwarf joined channel #puppet
[2009/05/29 02:47:26] @ DavidS joined channel #puppet
[2009/05/29 02:51:19] @ DavidS1 joined channel #puppet
[2009/05/29 02:53:38] @ Innocenti joined channel #puppet
[2009/05/29 02:58:52] @ Quit: alban3: Read error: 113 (No route to host)
[2009/05/29 02:59:51] @ madrescher joined channel #puppet
[2009/05/29 03:01:53] @ Quit: Djelibeybi: "Leaving"
[2009/05/29 03:03:26] @ aymerick joined channel #puppet
[2009/05/29 03:04:50] @ pleemans joined channel #puppet
[2009/05/29 03:05:50] @ getha is now known as thijso
[2009/05/29 03:07:24] @ Quit: fujin:
[2009/05/29 03:09:42] @ Quit: DavidS: Read error: 110 (Connection timed out)
[2009/05/29 03:10:57] @ tim\|macbook joined channel #puppet
[2009/05/29 03:11:32] @ fujin joined channel #puppet
[2009/05/29 03:14:28] @ nasrat joined channel #puppet
[2009/05/29 03:16:23] <Guest54786> after getting puppetd setup and working on the client is it normal to add things under /etc/puppet/ into a manifest to control all the client side bits of puppet?
[2009/05/29 03:18:13] <Guest54786> anyone?
[2009/05/29 03:21:02] @ Quit: andrewcshafer:
[2009/05/29 03:23:56] @ Quit: poison: Remote closed the connection
[2009/05/29 03:32:28] @ Quit: cedric_b: "Ex-Chat"
[2009/05/29 03:35:56] @ MattyM joined channel #puppet
[2009/05/29 03:36:58] <Volcane> Guest54786:yah
[2009/05/29 03:37:37] <Guest54786> Volcane: sweeeet thanks.. i'm really new to this. puppet is a really fun tool
[2009/05/29 03:38:28] @ Quit: \|roald\|: Remote closed the connection
[2009/05/29 03:48:16] @ francois joined channel #puppet
[2009/05/29 03:49:09] @ Robbie joined channel #puppet
[2009/05/29 03:50:07] @ Quit: nasrat:
[2009/05/29 03:55:42] @ Quit: tim\|macbook: Read error: 104 (Connection reset by peer)
[2009/05/29 03:57:08] @ poison joined channel #puppet
[2009/05/29 03:57:43] @ Quit: MattyM: Remote closed the connection
[2009/05/29 03:59:20] @ nasrat joined channel #puppet
[2009/05/29 03:59:33] @ Quit: nasrat: Client Quit
[2009/05/29 03:59:33] @ MattyM joined channel #puppet
[2009/05/29 04:04:22] @ tim\|macbook joined channel #puppet
[2009/05/29 04:05:49] @ Quit: yarihm: "This computer has gone to sleep"
[2009/05/29 04:18:49] <verwilst> i want to create a new report script
[2009/05/29 04:18:52] <verwilst> where do i place it?
[2009/05/29 04:18:56] @ alexs____ joined channel #puppet
[2009/05/29 04:19:13] @ alexs____ left channel #puppet ()
[2009/05/29 04:19:21] <verwilst> in /var/lib/puppet/reports/? That's what the docs hinted at, but that's the place where the actual reports get stored
[2009/05/29 04:19:41] <Volcane> what distro?
[2009/05/29 04:19:56] <verwilst> Volcane: debian
[2009/05/29 04:20:24] <Volcane> dpkg -L puppet\|grep report
[2009/05/29 04:20:58] <verwilst> damned!
[2009/05/29 04:21:05] <verwilst> i did the same for puppetmaster
[2009/05/29 04:21:17] <verwilst> since that seemed like the obvious place to put those files
[2009/05/29 04:21:23] <Volcane> yeah also thought it would be there at first :(
[2009/05/29 04:21:31] <verwilst> stupid of me not to try puppet as well :)
[2009/05/29 04:21:41] <verwilst> Volcane: thanks for the tip :)
[2009/05/29 04:21:45] <Volcane> :)
[2009/05/29 04:25:23] <Guest54786> question- i want to setup my puppetclients to refresh puppetd if i a change is made to puppet.conf ..should I just do it with an exec or is it better to create a puppet service?
[2009/05/29 04:26:10] <Volcane> puppetd will reread its config on its own
[2009/05/29 04:26:20] <Volcane> most settings will take effect immediately
[2009/05/29 04:27:29] @ zeroXten joined channel #puppet
[2009/05/29 04:29:06] @ Quit: skaar: SendQ exceeded
[2009/05/29 04:31:07] <Guest54786> Volcane: rockin' thanks!
[2009/05/29 04:32:38] @ briandquinn joined channel #puppet
[2009/05/29 04:33:07] @ Quit: penthief: "Leaving"
[2009/05/29 04:38:14] @ mattock left channel #puppet ()
[2009/05/29 04:38:52] <Guest54786> question- puppetrun doesn't report errors my puppetclients encounter. for instance, if I put jibberish into site.pp and run puppetd --test on the clients I get an error. if I run puppetrun it says the client finished with exit code 0. is this by design, a bug, or am I possibly not doing something right?
[2009/05/29 04:39:30] <Volcane> not sure, havnt used puppetrun much
[2009/05/29 04:40:26] @ nakano_ is now known as nakano
[2009/05/29 04:42:18] @ Quit: teratoma: "leaving"
[2009/05/29 04:48:36] @ mvn071 joined channel #puppet
[2009/05/29 04:50:24] <Guest54786> is anyone else familiar with puppetrun and know? I'm not sure how to easily tell if my changes propagate successfully or not =/
[2009/05/29 04:50:49] * Volcane just leaves it for the scheduled runs :P
[2009/05/29 04:54:25] <Guest54786> ok nvm it seems to be by design http://projects.reductivelabs.com/issues/show/2163
[2009/05/29 04:56:17] @ kibaho1 joined channel #puppet
[2009/05/29 04:59:11] @ mfournier joined channel #puppet
[2009/05/29 04:59:27] @ mattock joined channel #puppet
[2009/05/29 05:00:31] @ kolla joined channel #puppet
[2009/05/29 05:02:36] <ohadlevy> Guest54786: you can use the alternative puppetrun which is on the ext directory of puppet
[2009/05/29 05:04:16] <Guest54786> ohadlevy: oh sweet, there's an alternative? Where's the ext directory you're talking about?
[2009/05/29 05:05:07] <ohadlevy> http://github.com/ohadlevy/puppet/tree/266e9108c268daf0b2e319bc202d51101b6f594f/ext
[2009/05/29 05:05:28] <ohadlevy> under the puppetlisten directory
[2009/05/29 05:05:45] @ int joined channel #puppet
[2009/05/29 05:07:08] <Guest54786> oh sweet, checking it out now
[2009/05/29 05:12:09] @ madrescher1 joined channel #puppet
[2009/05/29 05:13:44] @ saurabhverma joined channel #puppet
[2009/05/29 05:13:47] @ kibaho1 left channel #puppet ()
[2009/05/29 05:15:21] @ Quit: ohadlevy: Remote closed the connection
[2009/05/29 05:19:45] <Guest54786> is puppetd supposed to be logging things to /var/log/puppet ? I have logdir=/var/log/puppet defined in puppet.conf on the puppetclient but the dir is empty
[2009/05/29 05:22:43] <Guest54786> anyone?
[2009/05/29 05:27:43] @ Quit: mvn071: Remote closed the connection
[2009/05/29 05:36:04] @ Quit: madrescher1: Read error: 110 (Connection timed out)
[2009/05/29 05:36:04] @ Quit: madrescher: Read error: 110 (Connection timed out)
[2009/05/29 05:43:16] <francois> Hi there, I'm looking for a publicly available puppet module for Varnish
[2009/05/29 05:43:51] @ madrescher joined channel #puppet
[2009/05/29 06:04:22] @ alban2 joined channel #puppet
[2009/05/29 06:04:45] <saurabhverma> Guest54786: I'm not sure whats needs to done there , but adding --logdest /var/log/puppet/puppet.log while running puppetd works for me
[2009/05/29 06:05:23] <saurabhverma> or you can add PUPPET_LOG=/var/log/puppet/puppet.log is /etc/sysconfig/puppet for the default
[2009/05/29 06:05:27] @ Quit: garin_: "Tiarra 0.1+svn-31673M: SIGINT received; exit"
[2009/05/29 06:06:53] <verwilst> can i create reports in anything else than ruby?
[2009/05/29 06:09:41] @ saurabhverma1 joined channel #puppet
[2009/05/29 06:10:18] @ Quit: saurabhverma: Read error: 113 (No route to host)
[2009/05/29 06:13:23] @ Quit: saurabhverma1: Read error: 104 (Connection reset by peer)
[2009/05/29 06:13:25] @ saurabhverma joined channel #puppet
[2009/05/29 06:16:32] @ pugnacity1 joined channel #puppet
[2009/05/29 06:17:39] @ Quit: pugnacity1: Client Quit
[2009/05/29 06:27:42] @ kibaho2 joined channel #puppet
[2009/05/29 06:36:15] @ Quit: ceren:
[2009/05/29 06:52:37] @ HarryCalahan joined channel #puppet
[2009/05/29 06:55:19] <Volcane> verwilst: you could probably write a report writer in ruby that then pass it to something else, but mostly i guess the answer is no
[2009/05/29 07:01:30] <saurabhverma> am getting error while running puppet client
[2009/05/29 07:01:33] <saurabhverma> debug: Prefetching naginator resources for nagios_service
[2009/05/29 07:01:33] <saurabhverma> line 5: syntax error at '
[2009/05/29 07:01:33] <saurabhverma> '
[2009/05/29 07:02:21] <saurabhverma> and puppet client is dieing out after it , I am not seeing any error on puppetmaster
[2009/05/29 07:03:19] @ ceren joined channel #puppet
[2009/05/29 07:04:23] @ d3vilb0x joined channel #puppet
[2009/05/29 07:04:37] <saurabhverma> http://pastie.org/493806 <-- puppet client log
[2009/05/29 07:07:03] <Volcane> sounds like naginator has issues understanding your nagios configs
[2009/05/29 07:08:37] <saurabhverma> Volcane: looks like , but its was working , suddenly it started giving problem , how can i debug naginator issue here , i'll paste my nagios class here
[2009/05/29 07:08:46] <Volcane> nah dont know
[2009/05/29 07:08:49] <Volcane> and dont paste her
[2009/05/29 07:08:49] <Volcane> e
[2009/05/29 07:08:57] * Volcane 's not a fan of the puppet nagios stuff at all
[2009/05/29 07:09:06] <Volcane> if you need to paste, paste on pastie.org
[2009/05/29 07:09:16] <flashn> new features, do they have to be written in ruby?
[2009/05/29 07:09:22] <Volcane> flashn: yes
[2009/05/29 07:09:26] <saurabhverma> yeah by paste here , i meant on pastie :)
[2009/05/29 07:09:41] <Volcane> flashn: depends though what exactly u mean by new features i guess
[2009/05/29 07:10:33] <flashn> Volcane, okay, stuff that alot of people using puppet would benifit from for example
[2009/05/29 07:10:38] @ sts joined channel #puppet
[2009/05/29 07:10:41] <flashn> it has to be written in ruby to be committed to the project
[2009/05/29 07:10:48] <Volcane> like what kind of feature?
[2009/05/29 07:11:03] <flashn> just in general
[2009/05/29 07:11:21] <Volcane> a whole load of useful things can be done using define but some requires either a type and provider, others a fact and others a parser function
[2009/05/29 07:11:36] <Volcane> all but defines are ruby
[2009/05/29 07:12:19] <flashn> okay, I have an example
[2009/05/29 07:12:37] <sts> hello folks. i'm a bit frustrated about not beeing able to depend on a resource in a module that is defined in a node's manifest. is there a way to handle that? eg. i created a nfs module, with subscribe => File['/etc/exports'], and now i want to be able to use the module and define the exports later on...
[2009/05/29 07:12:40] <flashn> I need instant-commit, technicians cant wait 30 minutes for updates in all cases
[2009/05/29 07:12:57] <flashn> and Im writing a tool that does a client-side update for regarding nodes
[2009/05/29 07:13:04] <flashn> when you need to push that change instantly
[2009/05/29 07:13:09] <Volcane> flashn: puppetrun is no good?
[2009/05/29 07:13:15] <Volcane> sts: need example
[2009/05/29 07:13:17] <flashn> aaah
[2009/05/29 07:13:44] <flashn> Volcane, I was checking around for that stuff, Im gonna see if it covers my needs
[2009/05/29 07:13:56] <Volcane> flashn: careful though dont want to kick off too many hosts at once you might overwhelm your master
[2009/05/29 07:15:21] <flashn> yeah
[2009/05/29 07:16:07] <Volcane> what kind of thing do you do that needs to happen immediately?
[2009/05/29 07:16:12] <saurabhverma> http://pastie.org/493814 # this is my nagios classes to deploy nagios_host and nagios_service on nagios server
[2009/05/29 07:16:18] <saurabhverma> i can't see any problem in that
[2009/05/29 07:16:47] <Volcane> saurabhverma: do you have any non puppet generated stuff in your nagios directories?
[2009/05/29 07:16:49] <flashn> Volcane, everything basically
[2009/05/29 07:17:03] @ kibaho2 left channel #puppet ()
[2009/05/29 07:17:11] <flashn> I work alot with incidents and stuff
[2009/05/29 07:17:27] <flashn> so all possible changes has to have an option to be forcefully implemented
[2009/05/29 07:17:31] <Volcane> ah
[2009/05/29 07:17:39] <saurabhverma> yeah i have .. i have created host definations out of it .. i'll give you the link
[2009/05/29 07:18:02] <Volcane> saurabhverma: cos puppet will try to parse those when it starts, and i suspect the problem is its not understanding one of hte ones you added
[2009/05/29 07:19:14] <saurabhverma> Volcane: ahh , could be as it appends to the resource , should try removing them and then checking again .
[2009/05/29 07:19:23] <Volcane> yes try that
[2009/05/29 07:23:20] <saurabhverma> Volcane: works great thanks :)
[2009/05/29 07:24:41] <sts> when i defined my own resource type like define configfile, and i want to depend on that in my module, do i have to do a require => configfile...?
[2009/05/29 07:24:54] <Volcane> Configfile[..]
[2009/05/29 07:25:07] <sts> that might be the issue.. :)
[2009/05/29 07:46:34] <ch> are there old versions of the LanguageTutorial somewhere?
[2009/05/29 07:46:40] <ch> like for puppet 0.24.4?
[2009/05/29 07:47:22] <GeckoPie> Whats the best/recommended way to have a test machine and then all other machines the live machines?
[2009/05/29 07:47:43] <Volcane> not language tutorial :( i have old type and function references though
[2009/05/29 07:48:05] <ch> yeah, type + func refs can be recreated by puppetdoc, but langtut would be nice too :/
[2009/05/29 07:49:52] <Volcane> yeah, its most annoying
[2009/05/29 07:54:24] @ mvn071 joined channel #puppet
[2009/05/29 07:55:03] <duritong> (join #camping
[2009/05/29 07:55:06] <duritong> bleh
[2009/05/29 07:59:39] @ Quit: ceren:
[2009/05/29 08:00:44] * Volcane hates puppet user management just a bit more
[2009/05/29 08:02:00] <Volcane> cant seem to use +> syntax on the groups property of virtual users?
[2009/05/29 08:12:57] <Volcane> ah, you can use it, but not more than once
[2009/05/29 08:13:01] <Volcane> gotta be a bug
[2009/05/29 08:22:05] @ bajan joined channel #puppet
[2009/05/29 08:23:33] @ thegcat joined channel #puppet
[2009/05/29 08:24:14] @ Quit: kolla: Remote closed the connection
[2009/05/29 08:24:22] @ MaGicKanGaRoo joined channel #puppet
[2009/05/29 08:24:40] @ [1]drmikecrowe joined channel #puppet
[2009/05/29 08:27:25] <DavidS1> GeckoPie: use environments
[2009/05/29 08:27:29] @ DavidS1 is now known as DavidS
[2009/05/29 08:28:52] <GeckoPie> Thanks DavidS
[2009/05/29 08:30:12] @ Quit: DavidS: "Leaving."
[2009/05/29 08:30:58] @ DavidS joined channel #puppet
[2009/05/29 08:35:42] @ Quit: drmikecrowe_: Read error: 110 (Connection timed out)
[2009/05/29 08:39:26] @ poison_ joined channel #puppet
[2009/05/29 08:39:26] @ Quit: poison: Read error: 104 (Connection reset by peer)
[2009/05/29 08:40:56] @ docelic joined channel #puppet
[2009/05/29 08:42:59] @ mccune joined channel #puppet
[2009/05/29 08:43:06] @ mccune left channel #puppet ()
[2009/05/29 08:48:10] @ bajan left channel #puppet ()
[2009/05/29 08:55:16] @ Quit: GeckoPie: "leaving"
[2009/05/29 08:56:18] @ Whoop joined channel #puppet
[2009/05/29 08:57:06] @ Quit: d3vilb0x:
[2009/05/29 09:00:35] @ yure joined channel #puppet
[2009/05/29 09:02:08] @ docelic_ joined channel #puppet
[2009/05/29 09:12:06] @ kngus joined channel #puppet
[2009/05/29 09:12:17] @ kngus left channel #puppet ("Leaving.")
[2009/05/29 09:14:59] @ Quit: docelic_: "http://www.spinlocksolutions.com/"
[2009/05/29 09:17:43] <duritong> Volcane: yeah I think +> should a bit rethinked, I also have problems with it sometimes. Maybe start a thread on the list, to brainstorm?
[2009/05/29 09:18:06] @ MarlondB joined channel #puppet
[2009/05/29 09:19:03] @ Quit: docelic: Read error: 110 (Connection timed out)
[2009/05/29 09:19:36] <tim\|macbook> what's the policy about job postings on the puppet user mailinglist? just wondering
[2009/05/29 09:20:08] <HarryCalahan> 10k in advance, home office, sub 10hours of work a week
[2009/05/29 09:20:26] <f3ew> heh
[2009/05/29 09:20:49] @ Quit: mattock: "Leaving."
[2009/05/29 09:20:51] <tim\|macbook> :P
[2009/05/29 09:22:41] <duritong> tim\|macbook: I think it's fair to ask the list maintainers about it
[2009/05/29 09:23:09] <tim\|macbook> duritong: yeah, that's why i asked in here ;-)
[2009/05/29 09:23:25] <duritong> jamesturnbull: your turn ;)
[2009/05/29 09:24:54] @ joe-mac joined channel #puppet
[2009/05/29 09:31:42] @ Quit: MattyM: "ta ta"
[2009/05/29 09:33:46] <DavidS> tim\|macbook: I'm currently doing trainings right'n' left. do you need one? G
[2009/05/29 09:34:14] <tim\|macbook> heh not at the moment :P but I'll keep it in mind
[2009/05/29 09:34:28] @ Quit: nigelk:
[2009/05/29 09:34:32] <tim\|macbook> we're more or less looking for someone who is interested in the work we do
[2009/05/29 09:34:40] <tim\|macbook> and would consider joining
[2009/05/29 09:34:45] @ MattyM joined channel #puppet
[2009/05/29 09:34:59] <tim\|macbook> we don't need anyone soon... like, august probably soonest, december probably latest
[2009/05/29 09:35:11] <tim\|macbook> but if you know anyone near eindhoven, do let me know :P
[2009/05/29 09:37:18] <saurabhverma> what does _naginator_name means at http://reductivelabs.com/trac/puppet/wiki/TypeReference#id367
[2009/05/29 09:41:20] <saurabhverma> ignore please last ques
[2009/05/29 09:41:43] @ allesmueller2 joined channel #puppet
[2009/05/29 09:46:42] @ joe-mac1 joined channel #puppet
[2009/05/29 09:46:56] <joe-mac1> tim\|macbook: what are you looking for people to join?
[2009/05/29 09:47:03] @ erm_ joined channel #puppet
[2009/05/29 09:47:24] <joe-mac1> that was an awful sentence... but i think you catch my drift heh
[2009/05/29 09:47:31] <tim\|macbook> yeah :P
[2009/05/29 09:48:37] <tim\|macbook> i don't have a lot of demands, really... principally we need people who are precise, willing to do research, responsible and able to have normal, decent conversations about technical stuff with people who might not always understand everything fully ;-)
[2009/05/29 09:48:50] <tim\|macbook> the rest is more a matter of "does the person fit us or not"
[2009/05/29 09:48:54] @ allesmue1ler2 joined channel #puppet
[2009/05/29 09:49:06] <tim\|macbook> if you fit the demands but are a jerk, i'm not hiring you :P
[2009/05/29 09:49:08] @ bobbyz joined channel #puppet
[2009/05/29 09:49:33] <joe-mac1> o i c, yea i'm a jerk and loving my job... well not really loving it, but will love it once i am done implementing infrastructure 2.0
[2009/05/29 09:50:20] <tim\|macbook> my "you" was more in general, not specifically meant for you, of course :P
[2009/05/29 09:51:14] <joe-mac1> yea
[2009/05/29 09:51:51] @ Telmo joined channel #puppet
[2009/05/29 09:52:00] <Telmo> From a best practices point of view, when does it merit for something to have its own module? I mean, for example the sudoers file distribution is pretty trivial, I am not sure it merits its own module.
[2009/05/29 09:52:02] <joe-mac1> i used to do that kind of thing, that job description. the interaction with non-technical people was waht killed it for me... byut some people like that
[2009/05/29 09:52:11] <joe-mac1> Telmo: pretty much always
[2009/05/29 09:52:16] @ Quit: walrus: Read error: 60 (Operation timed out)
[2009/05/29 09:52:19] <joe-mac1> my sudoers is in my security module
[2009/05/29 09:52:23] @ Quit: _nono_: Connection timed out
[2009/05/29 09:52:24] <Telmo> I was afraid you were going to say that :P
[2009/05/29 09:52:35] <joe-mac1> for months i didn't use modules, but i realized my config was starting to become unmanageable
[2009/05/29 09:52:38] <tim\|macbook> joe-mac1: I'm not saying non-technical people... we usually have IT departments as our customers... but they're not always... um... let's say, like-minded people...
[2009/05/29 09:52:52] @ _nono_ joined channel #puppet
[2009/05/29 09:52:54] <joe-mac1> spent all day yesterday and probably will spend all day toda transforming my config
[2009/05/29 09:53:37] <tim\|macbook> Telmo: we're moving to "everything's a module" too, since we learned it's the most flexible
[2009/05/29 09:53:54] <joe-mac1> tim\|macbook: yea, i've dealt with the sorts before at one of my first IT jobs... i think they were leftovers from the dotboom who never really liked tech or knerw much about it ni the first place but managed to hold on to their jobs
[2009/05/29 09:54:11] <Telmo> yes, I am also doing the same, I just wasn't sure if I was going to leave some simple things in a plain manifest
[2009/05/29 09:54:20] @ Quit: ssm: Read error: 60 (Operation timed out)
[2009/05/29 09:54:34] <joe-mac1> i wouldn't bother... little astragllers that i am not sure about are in my common module
[2009/05/29 09:54:36] @ nmalik joined channel #puppet
[2009/05/29 09:54:53] <joe-mac1> i have a common::ubuntu class and a common::openbsd class, since those are the only two OSs we really use
[2009/05/29 09:55:09] @ walrus joined channel #puppet
[2009/05/29 09:55:15] @ ssm joined channel #puppet
[2009/05/29 09:55:31] <tim\|macbook> joe-mac1: yeah, some of those, but also php developers and mcsa's... not per definition on another level, but most are just looking at systems in another way than we do
[2009/05/29 09:55:43] <tim\|macbook> like, php developers tend to solve permission problems with "chmod 777"
[2009/05/29 09:55:49] <Telmo> I wrote this and you guys may find it useful if you are moving to modules, its a Rakefile http://pastie.org/private/up9tysy8othqqrisqc7a
[2009/05/29 09:55:54] <joe-mac1> LMAIO was about to say that tim\|macbook
[2009/05/29 09:56:01] <tim\|macbook> not all do that, but way more than i feel comfortable with
[2009/05/29 09:56:08] <Telmo> it will create the module structure with an empty init.pp and a README.txt file
[2009/05/29 09:56:42] @ Quit: joe-mac: Read error: 110 (Connection timed out)
[2009/05/29 09:57:02] <tim\|macbook> your twin left, joe
[2009/05/29 09:57:09] @ joe-mac1 is now known as joe-mac
[2009/05/29 09:57:13] <joe-mac> the connection at home sucks
[2009/05/29 09:57:19] <joe-mac> i am wfh and i am finding it might not be possible
[2009/05/29 09:57:29] <joe-mac> it could be the wifi driver for this chipset though, fairly new
[2009/05/29 09:58:29] <allesmue1ler2> guys, how would one replace sendmail with postfix, which both provide a sendmail binary on which other packages depend?
[2009/05/29 09:58:45] <saurabhverma> how do i use negate or not or ! with If/Else ?
[2009/05/29 09:59:02] <joe-mac> allesmue1ler2: ahh well, apt-get purge sendmail && apt-get install postfix will do it. depends on your definition of 'replace'
[2009/05/29 09:59:09] <saurabhverma> if ! $event_handler or if not $event_handler
[2009/05/29 09:59:30] <joe-mac> in my mta::node class this is what i do, but i have a preseed that i feed to postfix to set up all my nodes as satellites to my main mail server
[2009/05/29 10:00:37] <joe-mac> this of course is ubuntu, so if your on a rh based system, it'll be a little different
[2009/05/29 10:00:41] <allesmue1ler2> joe-mac: it's rhel4, manually you have to install postfix first and then remove sendmail to work around that dependency, but how could I achieve this with puppet?
[2009/05/29 10:01:06] <joe-mac> yikes i haven't used RHEL4 in ages... i'm sure someone else on here has though
[2009/05/29 10:01:11] <DavidS> tim\|macbook: "What do permissions have to do with planes (777)?!?" -- a php developer ;-)
[2009/05/29 10:01:21] <HarryCalahan> allesmue1ler2: also on redhat replacing sendmail with postfix was done automaticly when using yum.
[2009/05/29 10:01:27] <tim\|macbook> DavidS: lol
[2009/05/29 10:01:37] <joe-mac> HarryCalahan: on rhel4?
[2009/05/29 10:01:43] <Telmo> should be easy if you have 2 packages definitions, in one you make sure sendmail is not present and in the other make sure postfix is present?
[2009/05/29 10:01:45] <joe-mac> interesting...
[2009/05/29 10:01:53] <HarryCalahan> joe-mac: i'm pretty sure. but i used apt4rpm to do this
[2009/05/29 10:01:53] <Telmo> or am I off the track there?
[2009/05/29 10:02:10] <joe-mac> well Telmo you can install postfix with a package def, then notify an exec that uses rpm to rwemove sendmail
[2009/05/29 10:02:15] <HarryCalahan> memories are getting fuzzy. the old times...
[2009/05/29 10:02:23] <joe-mac> keep in mind i haven't used rhel4 in roughly two years
[2009/05/29 10:02:37] <allesmue1ler2> joe-mac: that sounds useful
[2009/05/29 10:02:42] * HarryCalahan shakes hands with joe-mac
[2009/05/29 10:02:46] <joe-mac> lol
[2009/05/29 10:02:49] <allesmue1ler2> :)
[2009/05/29 10:03:01] <fsweetser> you could also create a package definition with 'ensure => absent'
[2009/05/29 10:03:03] <joe-mac> make sure your exec is refreshonly => "true", so it doesn't always get executed
[2009/05/29 10:03:34] <joe-mac> fsweetser: yea then require that postfix package is installed first
[2009/05/29 10:03:38] <SyTonnerre> DavidS, reminds me of that customer who kept chmodding his insecure old phpnuke installation to 777
[2009/05/29 10:03:41] <Telmo> if I have 2 packages definitons Package[ :sendmail, ensure => absent] and then a Package[:postfix, ensure => present] (meta programming there) it should do the reick
[2009/05/29 10:03:54] <SyTonnerre> We kept setting it to 000 and telling him to get the data out of it and nuke it
[2009/05/29 10:04:06] <fsweetser> the require option can make sure things go in and out in the right order
[2009/05/29 10:04:10] <joe-mac> Telmo: order is not guaranteed in puppet, so if the claim that one needs to come before the other is true, you need to use require or before
[2009/05/29 10:04:13] @ Quit: allesmueller2: Read error: 110 (Connection timed out)
[2009/05/29 10:04:42] <DavidS> SyTonnerre: mpm itk helps a lot :)
[2009/05/29 10:05:15] @ rgsteele\|\|work joined channel #puppet
[2009/05/29 10:05:23] <allesmue1ler2> Telmo: joe-mac: I see many ideas floating - thanks for inspirations
[2009/05/29 10:05:24] <joe-mac> SyTonnerre: i find that the inexperienced devs that love php never listen to IT about how much it sucks. this MVC one group used to build a webapp the other day ate up an impressive 16 GB of RAM, while being used by maybe 2 people
[2009/05/29 10:05:39] <joe-mac> i shouldn't the language sucks, but for some reason it encourages suck
[2009/05/29 10:05:46] <joe-mac> shoudln't say**
[2009/05/29 10:05:58] <Telmo> Package[ :sendmail, ensure => absent] Package[:postfix, ensure => present, require => Package(sendmail)]
[2009/05/29 10:06:01] <Telmo> !!
[2009/05/29 10:06:19] @ lak joined channel #puppet
[2009/05/29 10:06:21] <joe-mac> Telmo: i thought you said the order was install postfix, then remove sendmail?
[2009/05/29 10:06:22] <SyTonnerre> joe-mac, well, the langauge itself is a rather bad example of a programming language as well
[2009/05/29 10:06:30] <joe-mac> if so, the require needs to go into the sendmail
[2009/05/29 10:06:33] <Telmo> no, 2 package definition
[2009/05/29 10:06:34] <tim\|macbook> joe-mac: don't agree with you there... php is not really that much worse than a lot of other stuff... it's just that most tutorials and help forums and stuff tend to promote bad authorship/development
[2009/05/29 10:06:37] <DavidS> joe-mac: it's the whole atmosphere of "everyone can do everything without any experience or knowledge"
[2009/05/29 10:07:09] <tim\|macbook> joe-mac: oh you said that in your next line :)
[2009/05/29 10:07:21] <SyTonnerre> DavidS, why pay programmers if monkeys can do the job
[2009/05/29 10:07:30] <joe-mac> lol, yea, i always make the mistake of saying php sucks what i really mean is php devs suck (for the most part)
[2009/05/29 10:07:31] <Telmo> the require makes it a dependency joe-mac, so before installing postfix it would remove sendmail
[2009/05/29 10:07:33] <fsweetser> I completely swore off any and all PHP the day (years ago) that I saw that all user-supplied CGI form parameters got automatically instantiated as variables in the global namespace
[2009/05/29 10:07:37] <tim\|macbook> SyTonnerre: usually less excrement in the board room
[2009/05/29 10:07:37] <Telmo> as least that is how I understand it
[2009/05/29 10:07:41] <joe-mac> ah, i c Telmo
[2009/05/29 10:08:01] <SyTonnerre> tim\|macbook, thanks to the facility management one tends not to notice that though
[2009/05/29 10:08:05] <Volcane> fsweetser: much has changed since
[2009/05/29 10:08:07] <fsweetser> other features, such as the include functionality taking a URL with zero validation, were just icing on the cake
[2009/05/29 10:08:11] <joe-mac> fsweetser: ROFL no way it does that anymore
[2009/05/29 10:08:13] <HarryCalahan> php has a very low entry level to start doing something with it. The moment a project gets more complex it requires extremely strict programming style to not totaly fuck it up
[2009/05/29 10:08:29] <tim\|macbook> SyTonnerre: i'd like the number of your facility management service provider then, please
[2009/05/29 10:08:38] <HarryCalahan> most php projects start with crap and keep this foundation.
[2009/05/29 10:09:31] <SyTonnerre> Either way I'd rather not debate such an unpleasant topic, especially not on a Puppet channel ;)
[2009/05/29 10:09:40] <joe-mac> Volcane: i know you've build your puppet web app reporting thing, just how slow is YAML parsing? like, unbearable or what?
[2009/05/29 10:09:44] <HarryCalahan> lets talk about perl then...
[2009/05/29 10:09:48] <SyTonnerre> package { "php": ensure => purged }
[2009/05/29 10:10:04] <tim\|macbook> actually, we have a nice wordpress module :)
[2009/05/29 10:10:14] * fsweetser still has his old perl 4 camel book =)
[2009/05/29 10:10:19] <Volcane> joe-mac: its not awesome, the php class is a load of regex and nasty stuff, if you really need to do something proper I'd parse them into a database using a custom report module for the master
[2009/05/29 10:10:30] @ glaw joined channel #puppet
[2009/05/29 10:10:36] <SyTonnerre> Oh yeah, perl4. Tina Mueller keeps telling me I'm way too much into it still...
[2009/05/29 10:10:56] <Volcane> perl's OO is unbearable
[2009/05/29 10:11:09] <tim\|macbook> perl has OO?
[2009/05/29 10:11:10] <joe-mac> yea Volcane i kinda need reporting badly, we're about to hit 40 nodes, looking at probably 100 by end of year
[2009/05/29 10:11:32] <SyTonnerre> tim\|macbook, since version 5 yes
[2009/05/29 10:11:43] <joe-mac> i thought 4 had 'oo' too
[2009/05/29 10:11:44] <DavidS> tim\|macbook: yeah, like C does: you choose how to implement it ;-)
[2009/05/29 10:11:47] <joe-mac> notice the quotes
[2009/05/29 10:11:57] @ flakrat joined channel #puppet
[2009/05/29 10:12:03] <tim\|macbook> heh
[2009/05/29 10:12:04] <SyTonnerre> And 5.10 has even better OO
[2009/05/29 10:12:06] <joe-mac> yea, C has OO too. you put pointers to functions in structs and stuff like that. look, oo
[2009/05/29 10:12:33] <DavidS> joe-mac: exactly.
[2009/05/29 10:12:43] <jbk> has anyone here use the zone type (on solaris obviously)? I think I might have found a bug, but i'd like some independent verification
[2009/05/29 10:12:44] <SyTonnerre> No, not exactly
[2009/05/29 10:13:21] <SyTonnerre> There's a difference between object orientation and object basedness
[2009/05/29 10:13:22] <DavidS> SyTonnerre: yeah, actuall "OO" is how you think, not what syntax you use
[2009/05/29 10:13:42] <SyTonnerre> C with structs etc is object based (and just fine) but not object oriented
[2009/05/29 10:19:48] <Volcane> ok back to puppet.
[2009/05/29 10:19:59] <HarryCalahan> so we now bash ruby around?
[2009/05/29 10:19:59] <Volcane> is it wrong or unreasonable to expect to be able to do +> more than once on a resource?
[2009/05/29 10:20:00] <Volcane> http://pastie.org/493957
[2009/05/29 10:20:14] <DavidS> Volcane: no
[2009/05/29 10:20:21] <Volcane> stupid non sense example, but why on earth is it not working
[2009/05/29 10:21:19] @ yarihm joined channel #puppet
[2009/05/29 10:21:43] <Volcane> what i really want is a @user{"foo":} with multiple classes adding to its groups but this isnt not working - same as my example
[2009/05/29 10:22:24] <joe-mac> Volcane: there's no point in having that functionality if you can';t use it in the way you're trying IMO
[2009/05/29 10:22:34] <Volcane> my thoughts exactly
[2009/05/29 10:22:35] @ Quit: yarihm: Client Quit
[2009/05/29 10:22:52] <Volcane> i can do it once, ie. if i didnt include "two" it would work
[2009/05/29 10:23:03] <Volcane> and would append and all would be fine, but the moment i do it twice, it fooks out
[2009/05/29 10:23:18] @ cwebber joined channel #puppet
[2009/05/29 10:23:22] @ nigelk joined channel #puppet
[2009/05/29 10:26:17] @ incommon_ike joined channel #puppet
[2009/05/29 10:26:45] @ incommon_ike is now known as Guest41074
[2009/05/29 10:27:18] @ Guest41074 is now known as incommon_isaac
[2009/05/29 10:28:33] @ incommon_isaac left channel #puppet ()
[2009/05/29 10:31:24] @ bgupta is now known as bgupta\|away
[2009/05/29 10:32:29] @ incommon_isaac joined channel #puppet
[2009/05/29 10:35:15] @ Quit: incommon_isaac: "http://www.mibbit.com ajax IRC Client"
[2009/05/29 10:35:27] <Whoop> I'm trying to copy a file to /etc/ within a directory. If the directory doesn't exist, how can I make puppet automatically create it?
[2009/05/29 10:35:39] <Volcane> u cant
[2009/05/29 10:35:43] <HarryCalahan> Whoop: u can't
[2009/05/29 10:36:00] <Whoop> Really :-\|
[2009/05/29 10:36:04] <Whoop> That sucks :\|
[2009/05/29 10:36:06] <HarryCalahan> Whoop: create a File resource that creates the directory and depend on it
[2009/05/29 10:36:15] <Volcane> u dont need to depend on it
[2009/05/29 10:36:54] <Whoop> file {
[2009/05/29 10:36:55] <Whoop> "/etc/nagios/nrpe.cfg":
[2009/05/29 10:36:55] <Whoop> owner => root,
[2009/05/29 10:36:55] <Whoop> group => root,
[2009/05/29 10:36:55] <Whoop> mode => 644,
[2009/05/29 10:36:57] <Whoop> source => "puppet://puppet/files/etc/nagios/nrpe.cfg"
[2009/05/29 10:36:59] <Whoop> }
[2009/05/29 10:37:02] <Whoop> I just want to be able to do that
[2009/05/29 10:37:03] <Volcane> dont paste here, use pastie.org pls
[2009/05/29 10:37:05] <HarryCalahan> pastie.org
[2009/05/29 10:37:15] <Whoop> Tis only 8 lines :(
[2009/05/29 10:37:16] <Volcane> Whoop: u cant, just make the directory
[2009/05/29 10:37:25] <Whoop> Sorry, how? I'm totally new to puppet
[2009/05/29 10:37:34] <Volcane> Whoop: file{"/etc/nagios": ensure => directory}
[2009/05/29 10:37:36] <HarryCalahan> damn need to train reflexes and typing skill to beat Volcane
[2009/05/29 10:37:39] <Whoop> Thanks
[2009/05/29 10:39:12] <Whoop> Can I put multiple instructions for different files within one file {} block?
[2009/05/29 10:39:15] <Whoop> Or do I have to close them?
[2009/05/29 10:39:24] <Whoop> e.g. "/etc/nagios":
[2009/05/29 10:39:24] <Whoop> ensure => directory
[2009/05/29 10:39:24] <Whoop> "/etc/nagios/nrpe.cfg":
[2009/05/29 10:39:27] <Whoop> Is that not possible?
[2009/05/29 10:39:31] <joe-mac> holy crap Whoop
[2009/05/29 10:39:35] <Volcane> Whoop: we wont help you if you dont stop pasting
[2009/05/29 10:39:37] <joe-mac> you're flooding
[2009/05/29 10:39:43] <Whoop> It's 3 lines :-\|
[2009/05/29 10:39:43] <Volcane> Whoop: either stop, use pastie or go away, ok?
[2009/05/29 10:39:46] <Whoop> Ok sorry, won't do it again
[2009/05/29 10:40:34] <Whoop> Is that not possible then?
[2009/05/29 10:40:35] <Volcane> Whoop: have a read of wiki:LanguageTutorial it has several examples
[2009/05/29 10:40:42] <gepetto> Volcane: Whoop: wiki:LanguageTutorial is http://reductivelabs.com/trac/puppet/wiki/LanguageTutorial
[2009/05/29 10:40:43] <joe-mac> /etc/nagios is probably created by your nagios packagfe, better off reqwuiring that
[2009/05/29 10:40:56] <Whoop> ty
[2009/05/29 10:41:23] <Whoop> bah, so it appears I can't
[2009/05/29 10:41:24] <Whoop> damn
[2009/05/29 10:41:33] <Whoop> oh wait, I can
[2009/05/29 10:41:34] <Volcane> it apears u cant read, to be honest.
[2009/05/29 10:41:41] <Whoop> :\|
[2009/05/29 10:41:45] <Whoop> No need to be so harash
[2009/05/29 10:41:49] <Whoop> I just didn't read the entire page
[2009/05/29 10:42:03] @ Quit: DavidS: "Leaving."
[2009/05/29 10:42:15] <Whoop> The first example I saw had two file blocks for two different files
[2009/05/29 10:46:09] <Whoop> Is it possible to copy and entire directory?
[2009/05/29 10:46:12] <joe-mac> Whoop: SCM can get pretty advanced. also, programming in a descriptive way is an idiom not many people are familiar with. it's best to read the whole tutorial and try some examples. most of your basic questions will be answered.
[2009/05/29 10:46:12] <Whoop> and all its contents?
[2009/05/29 10:46:15] <Whoop> (if it exists)
[2009/05/29 10:46:20] <MrHeavy> Does Puppet support OpenSolaris's image packaging system (/usr/bin/pkg) yet?
[2009/05/29 10:46:30] <Volcane> Whoop: wiki:TypeReference
[2009/05/29 10:46:55] <gepetto> Volcane: Whoop: wiki:TypeReference is http://reductivelabs.com/trac/puppet/wiki/TypeReference
[2009/05/29 10:46:55] <Whoop> Thanks
[2009/05/29 10:46:55] @ andrewcshafer joined channel #puppet
[2009/05/29 10:50:41] <Whoop> What does puppet define as a service? An actual running process, a file in /etc/init.d or something else?
[2009/05/29 10:51:05] <nigelk> Whoop: depends on the platform and service provider
[2009/05/29 10:51:33] <Whoop> Hmm ok, any idea what it is in Ubuntu/Debian?
[2009/05/29 10:51:41] <joe-mac> files in /etc/init.d
[2009/05/29 10:51:47] <Whoop> sweet
[2009/05/29 10:51:48] <Whoop> merci
[2009/05/29 10:51:51] <nigelk> http://reductivelabs.com/trac/puppet/wiki/TypeReference#service
[2009/05/29 10:52:03] <nigelk> Whoop: the thing to look out for is whether you set hasstatus
[2009/05/29 10:52:12] <nigelk> most ubuntu/debian inits seem to have a status
[2009/05/29 10:52:26] <nigelk> and may not map to the process table, so you want to read that part of the type reference
[2009/05/29 10:52:39] <Volcane> most debian stuff doesnt have status in my experience
[2009/05/29 10:52:49] <nigelk> weird
[2009/05/29 10:52:51] <nigelk> most of our stuff does
[2009/05/29 10:53:00] <nigelk> including upstream stuff
[2009/05/29 10:53:03] <Volcane> maybe ubuntu improved things, debian though sux for it
[2009/05/29 10:53:04] <nigelk> shrug
[2009/05/29 10:53:11] <Volcane> though not looked much at debian 5
[2009/05/29 10:53:45] <Whoop> bah, nagios-nrpe-server doesn't have status :(
[2009/05/29 10:54:08] <Whoop> notice: //nagios_client/Service[nagios-nrpe-server]/ensure: ensure changed 'stopped' to 'running'
[2009/05/29 10:54:15] <Whoop> I get that everytime I run puppetd --test
[2009/05/29 10:54:56] <MrHeavy> hasstatus => 'true'
[2009/05/29 10:54:59] <MrHeavy> oops
[2009/05/29 10:55:07] <MrHeavy> wow, i cannot read this morning
[2009/05/29 10:55:36] <MrHeavy> pattern => 'nrpe'
[2009/05/29 10:55:56] <Volcane> without a status command and without hasstatus puppet will grep the ps list for the name of the service
[2009/05/29 10:56:01] <Volcane> to figure out if its running
[2009/05/29 10:56:08] <Volcane> so in that case u need to tell it what to look for using the patten
[2009/05/29 10:56:43] <Whoop> awesome, that works, thanks
[2009/05/29 10:59:36] @ alex2 joined channel #puppet
[2009/05/29 11:00:05] <joe-mac> all my ubuntu 8.04 stuff has no status except for a couple of init scripts i wrote, like for nsca
[2009/05/29 11:00:22] @ hessmll joined channel #puppet
[2009/05/29 11:00:42] <HarryCalahan> joe-mac: welcome to the dark side
[2009/05/29 11:00:42] @ Quit: pleemans: Read error: 60 (Operation timed out)
[2009/05/29 11:00:48] <Volcane> yeah, debian's LSB compliance is a bit farcical
[2009/05/29 11:00:48] <joe-mac> lol, so true
[2009/05/29 11:01:07] <joe-mac> they act like they do. i don't really mind if they're not, just don't say you are
[2009/05/29 11:01:16] <joe-mac> for instace, apache's default dir is still /var/www
[2009/05/29 11:01:23] <joe-mac> yea, it's convention, it's also non-lsb
[2009/05/29 11:01:40] <SyTonnerre> .oO(/usr/share/httpd/htdocs)
[2009/05/29 11:03:20] <joe-mac> what is that SyTonnerre? i'm not familiar with this directory. my apache boxes don't seem to have it eiteher
[2009/05/29 11:03:58] <joe-mac> i thought lsb says to put www under /srv now
[2009/05/29 11:04:30] <SyTonnerre> joe-mac, that was what some stuff used for some time
[2009/05/29 11:04:38] <SyTonnerre> /srv is so grmbl
[2009/05/29 11:05:02] <joe-mac> grmbl?
[2009/05/29 11:05:35] @ alfism joined channel #puppet
[2009/05/29 11:06:14] @ n3kl joined channel #puppet
[2009/05/29 11:06:17] <n3kl> Hello
[2009/05/29 11:06:25] <joe-mac> hello
[2009/05/29 11:07:21] <n3kl> I have a distro of linux that did not auto generate the certificates to connect the the server. How can I manually create those to work with my system?
[2009/05/29 11:08:09] <Volcane> puppet makes them when it starts, should be distro independant
[2009/05/29 11:09:13] <n3kl> That didn't seem to be the case, but I will test. How can I completely wipe out my puppet ca files and start from scratch?
[2009/05/29 11:09:27] <n3kl> puppetca --clean did not seem to do the trick.
[2009/05/29 11:09:28] <Volcane> in your libdir/ssl usually /var/lib/puppet/ssl
[2009/05/29 11:09:38] <n3kl> Just remove everything in there?
[2009/05/29 11:09:49] <Volcane> are you talking about the client or th emaster?
[2009/05/29 11:09:53] <n3kl> Both
[2009/05/29 11:10:04] <Volcane> eitherway, that will totally blow away all ssl as if it never existed and any clients previously signed will stop working etc
[2009/05/29 11:10:08] <n3kl> I have don't enought puppetca -g and such
[2009/05/29 11:10:23] <n3kl> Volcane: but I will be able to re sign then, right?
[2009/05/29 11:10:27] <Volcane> yes
[2009/05/29 11:10:35] @ Quit: MattyM: "ta ta"
[2009/05/29 11:11:19] <n3kl> so once I remove them, just restart puppetmaster and they will be regenerated?
[2009/05/29 11:11:39] <Volcane> are you using the master with normal default settings? not under mongrel or anything?
[2009/05/29 11:11:58] <n3kl> don't know what mongrel is, so I think correctl
[2009/05/29 11:11:59] <n3kl> y
[2009/05/29 11:12:17] <Volcane> then it should recreate yes
[2009/05/29 11:12:44] <Volcane> # puppetmasterd --genconfig\|grep ssldir
[2009/05/29 11:12:52] <Volcane> shuld show you where the master wants to put its ssl stuff
[2009/05/29 11:14:24] <n3kl> should I be saving that to a file or something?
[2009/05/29 11:14:41] <Volcane> no, its just showing you where to look for the files and what to delete, if not /var/lib/puppet/ssl
[2009/05/29 11:14:48] <n3kl> Cool
[2009/05/29 11:15:02] @ Quit: rschu68: Remote closed the connection
[2009/05/29 11:16:09] <n3kl> Thanks for the help. I am looking to get off the ground with puppet soon, I figure ssl is the first piece of that
[2009/05/29 11:16:20] <Volcane> yup, its a pain in the arse
[2009/05/29 11:16:38] <n3kl> ssl? or puppet in general?
[2009/05/29 11:17:01] <Volcane> getting the ssl for puppet right, esp if you want to change the servername to something other than default
[2009/05/29 11:17:02] <Whoop> puppet is nice, seems to beat my wealth of shell scripts I previously used to manage machines :P
[2009/05/29 11:17:21] <Whoop> I'm just using a CNAME puppet to the actual hostname
[2009/05/29 11:17:27] <Whoop> No need to have a machine called puppet
[2009/05/29 11:17:37] <Volcane> yip
[2009/05/29 11:17:42] <Volcane> thats the best
[2009/05/29 11:17:54] <n3kl> Yeah, I was using a combination of cron and subversion in a way-too-complex setup, then I discovered cfengine. used that for a couple months, now I am here
[2009/05/29 11:18:13] <joe-mac> i'd choose cron and svn over cfengine anyday lol
[2009/05/29 11:18:30] <n3kl> I am hoping that puppet will be better than cfengine
[2009/05/29 11:18:43] <n3kl> otherwise, I may be going back to cron + svn
[2009/05/29 11:19:00] <Volcane> much easier with puppet to manage a lot of different types of machine using one server and much easier to extend for funky things
[2009/05/29 11:19:04] @ Quit: bobbyz: Read error: 104 (Connection reset by peer)
[2009/05/29 11:19:21] <n3kl> all in all just better, it sounds
[2009/05/29 11:23:01] <MrHeavy> I want to develop a pkg (OpenSolaris IPS) provider for the Package type. Is it safe to do it against 0.24.8, or should I be doing it against a 0.25 beta?
[2009/05/29 11:26:54] <saurabhverma> guys need help , ## --PUPPET_NAME-- (called '_naginator_name' in the manifest) , this is getting added in my nagios_service resource
[2009/05/29 11:27:21] <Whoop> Will package ensure=>latest install it if it doesn't exist? or does that require ensure=>enabled also?
[2009/05/29 11:27:37] <Volcane> Whoop: will install and keep to the latest
[2009/05/29 11:27:44] <agaffney> enabled for for services, not packages
[2009/05/29 11:27:59] <agaffney> ensure=>latest should install in addition to upgrading
[2009/05/29 11:28:08] <Whoop> Thanks Volcane, is it possible to only update to latest if its already existing (not install if its not existing)?
[2009/05/29 11:28:17] <Volcane> nope
[2009/05/29 11:28:22] <Whoop> Okie, thanks
[2009/05/29 11:28:24] @ Quit: MarlondB:
[2009/05/29 11:28:35] <agaffney> Whoop: well, yes, but not with the normal package type
[2009/05/29 11:28:45] <agaffney> it'd have to be a custom bit using exec or something
[2009/05/29 11:29:46] <agaffney> exec { "yum update foo": onlyif => "rpm -ql foo &>/dev/null" }
[2009/05/29 11:30:02] <agaffney> assuming yum/rpm
[2009/05/29 11:30:27] <Whoop> yeh fairdo, thanks
[2009/05/29 11:31:46] <Whoop> err: /File[/var/lib/puppet/lib]/source: Could not describe /plugins: can't convert nil into String - I get this constantly, any idea whats causing it? I'm just using the default config
[2009/05/29 11:31:56] <joe-mac> hmm OT sort of, but the manpage doesnt' show this, is there a way to force certain doamins to be looked up through a specific server in resolv.conf?
[2009/05/29 11:32:14] <agaffney> joe-mac: not that I'm aware of
[2009/05/29 11:32:17] <joe-mac> Whoop: make sure pluginsync is set to false if you're not using it. also, i used to get that on .24.4 for no good reason
[2009/05/29 11:33:29] <Whoop> I've no idea what I can do with plugins yet, so I'm certainly not usign them :P I'll disable it, thanks
[2009/05/29 11:33:35] <joe-mac> np
[2009/05/29 11:33:41] <Whoop> Likewise with this error: warning: /File[/var/lib/puppet/lib]/ensure: No specified sources exist
[2009/05/29 11:33:44] <Whoop> *warning
[2009/05/29 11:33:52] <Whoop> Any idea what could cause that?
[2009/05/29 11:34:02] <joe-mac> also make sure you don't have a plugins section in your fileserver.conf, maybe default on your distro for some reason
[2009/05/29 11:34:12] <Whoop> Ahh, I do
[2009/05/29 11:34:14] <Whoop> I'll get rid of that
[2009/05/29 11:34:19] <joe-mac> no i used to get that too, are you on ubuntu 8.04 LTS ?
[2009/05/29 11:34:46] <Whoop> I've tried it on two machines, an ubuntu jaunty and a debian lenny...both had that error
[2009/05/29 11:35:24] @ jedi4ever joined channel #puppet
[2009/05/29 11:35:32] <joe-mac> yea my infrastructure is mostly 8.04 LTS, and i get that error. i'm not sure what causes it but it doesn't seem to cause any problems
[2009/05/29 11:36:22] <Whoop> Hmm, that error hasn't gone even when I've disabled plugin autosyncing
[2009/05/29 11:36:24] <TREllis> I've seen that error before when using pluginsync
[2009/05/29 11:36:31] <nigelk> hang on. joe-mac you do want a plugins section if you're distributing plugins....
[2009/05/29 11:36:41] <joe-mac> yea, but he's not
[2009/05/29 11:36:42] <Whoop> and removed the from fileserver.conf
[2009/05/29 11:36:44] * HarryCalahan long weekend here i come
[2009/05/29 11:36:46] <TREllis> odd then
[2009/05/29 11:36:48] @ Quit: HarryCalahan: "."
[2009/05/29 11:37:01] <nigelk> so running puppetd -t --no-pluginsync still complains?
[2009/05/29 11:37:14] <joe-mac> but nigelk makes a good point, Whoop if you do start using plugins, be sure to re add that mount to your fileserver.conf
[2009/05/29 11:37:24] @ Quit: MaGicKanGaRoo: Remote closed the connection
[2009/05/29 11:37:32] <nigelk> if you're using environments too... you can fake out plugins being part of your environments
[2009/05/29 11:37:45] <nigelk> by making a module 'plugins' per-environment, and storing plugins in modules/plugins/files/
[2009/05/29 11:37:50] <joe-mac> btw nigelk thanks for that googlegroups post about creating an updated package for deb/ubuntu. didn't know it was so easy now i am using .24.8
[2009/05/29 11:37:50] <Whoop> shall do
[2009/05/29 11:37:53] <Whoop> I'm not atm though
[2009/05/29 11:37:57] <nigelk> as the client simply requests puppet:///plugins/
[2009/05/29 11:38:13] <Whoop> But I've removed the plugin stuff and yet still get that error
[2009/05/29 11:38:18] <nigelk> which gets evaluated per-environment, but only after the server has cached environment information for that client
[2009/05/29 11:38:21] <TREllis> ah it was: http://projects.reductivelabs.com/issues/994 that I've hit before with pluginsync
[2009/05/29 11:38:41] @ Quit: alex2: Read error: 104 (Connection reset by peer)
[2009/05/29 11:38:55] @ Quit: alban2: Read error: 110 (Connection timed out)
[2009/05/29 11:38:57] <nigelk> joe-mac: cool. Caesar and I have been really flat out at work, but in the next few weeks we'll be giving the debian packages more love.
[2009/05/29 11:39:04] <nigelk> and after that we'll start the hardy-backports process
[2009/05/29 11:39:10] <joe-mac> oh you're the maintainer?
[2009/05/29 11:39:19] <nigelk> we are now :)
[2009/05/29 11:39:43] @ mgk joined channel #puppet
[2009/05/29 11:39:49] <nigelk> more help/involvement by anyone else is always welcome
[2009/05/29 11:39:51] @ Quit: erm_: "Lost terminal"
[2009/05/29 11:39:52] @ Quit: mgk: Remote closed the connection
[2009/05/29 11:41:10] <joe-mac> i'd help if i knew more about the whole proces, but i am noobish at rolling my own
[2009/05/29 11:41:18] @ MaGicKanGaRoo joined channel #puppet
[2009/05/29 11:41:20] <joe-mac> i have to roll my own for this installshield program too soon
[2009/05/29 11:41:31] <joe-mac> getting sick of downloading it and running through the install by hand, it's annoying
[2009/05/29 11:41:39] <Whoop> Don't suppose theres a puppet for Windows :-))
[2009/05/29 11:41:58] <joe-mac> yea, group policy lol
[2009/05/29 11:42:15] <Whoop> group policy sucks
[2009/05/29 11:42:18] <Whoop> and its no where near as easy
[2009/05/29 11:42:35] <joe-mac> i think group policy is awesome, but the part about it being difficult is totally true
[2009/05/29 11:43:58] <Whoop> If a host matches multiple nodes, will it run both?
[2009/05/29 11:44:47] <joe-mac> ... how would that be possible?
[2009/05/29 11:45:01] <Whoop> Because you can use wildcards in node names?
[2009/05/29 11:45:12] <Whoop> if I have a node p* and one pi*, will it run both?
[2009/05/29 11:45:17] <agaffney> you can use wildcards?
[2009/05/29 11:45:24] <joe-mac> didn't know that
[2009/05/29 11:45:25] <Whoop> I thought you could :O
[2009/05/29 11:45:28] <Volcane> you cant
[2009/05/29 11:45:41] <joe-mac> you can in the ACLs for fileserver.conf, not for nodes.pp too
[2009/05/29 11:45:43] <joe-mac> though**
[2009/05/29 11:46:00] <Whoop> Oh, damn :(
[2009/05/29 11:46:06] <joe-mac> i'm guessing the lazy match would win if it could, cause this is sys admin software lol
[2009/05/29 11:46:35] <joe-mac> (if this functionality was present i mean)
[2009/05/29 11:46:46] <Whoop> Whats the best way to have a class that does things on every machines and another that does things on machines beginning with cislave*?
[2009/05/29 11:46:46] <agaffney> heh
[2009/05/29 11:46:58] <Whoop> I don't really want to have to list every single hostname :(
[2009/05/29 11:47:22] <agaffney> meh, just do: node 'foo1', 'foo2', 'foo3', 'foo4' { include some_class }
[2009/05/29 11:47:28] <agaffney> that's what I do for my 6 DNS servers
[2009/05/29 11:47:50] <Whoop> 6 DNS servers is a tad different to 60+ and increasing servers :)
[2009/05/29 11:48:01] @ ceren joined channel #puppet
[2009/05/29 11:48:03] <Whoop> Sucks that you can use wildcards :(
[2009/05/29 11:48:18] <Volcane> Whoop: wiki:ExternalNodes
[2009/05/29 11:48:18] <gepetto> Volcane: Whoop: wiki:ExternalNodes is http://reductivelabs.com/trac/puppet/wiki/ExternalNodes
[2009/05/29 11:48:46] @ allesmue1ler2 left channel #puppet ()
[2009/05/29 11:50:18] <Whoop> Hmm, I have to write a script to get the node name? (I haven't an LDAP server)
[2009/05/29 11:50:36] <Volcane> its one option
[2009/05/29 11:50:46] @ Quit: thegcat:
[2009/05/29 11:50:53] @ d3vilb0x joined channel #puppet
[2009/05/29 11:51:06] <Whoop> Whats the other option :)
[2009/05/29 11:51:12] <Whoop> Theres no in built functiality?
[2009/05/29 11:51:21] <Whoop> seems silly to write an external script just to obtian a regex facility
[2009/05/29 11:51:24] <Whoop> or a wildcard
[2009/05/29 11:51:37] <Volcane> wiki:FunctionReference
[2009/05/29 11:51:39] <gepetto> Volcane: wiki: wiki:FunctionReference is http://reductivelabs.com/trac/puppet/wiki/FunctionReference
[2009/05/29 11:52:44] <Whoop> Hmm, you can use regsubst as a node name?
[2009/05/29 11:52:55] <Volcane> and if all else fails, puppet is easily extendable with a bit of ruby wiki:WritingYourOwnFunctions
[2009/05/29 11:52:56] <gepetto> Volcane: wiki:WritingYourOwnFunctions is http://reductivelabs.com/trac/puppet/wiki/WritingYourOwnFunctions
[2009/05/29 11:53:05] <claymation> what's a node_terminus?
[2009/05/29 11:53:14] <joe-mac> sounds dirty...
[2009/05/29 11:53:46] <Volcane> Whoop: use a default node, pull out the first bunch of chars of the host name with regex and feed it to a case statement which then does like include role::fooserver
[2009/05/29 11:53:51] <Volcane> but thats rather dodgy
[2009/05/29 11:54:27] <Volcane> claymation: it just tells puppet what method to use to figure out the node {} stuff
[2009/05/29 11:55:32] @ Quit: verwilst: "Ex-Chat"
[2009/05/29 11:55:39] <claymation> Volcane: ahh. any work being done for looking up nodes from web services?
[2009/05/29 11:55:48] <claymation> say, a cmdb?
[2009/05/29 11:56:07] <Whoop> Hmm, dodgy in what way?
[2009/05/29 11:56:08] <Volcane> claymation: see the external nodes wiki i wrote, all you need to do is supply your own client code for your flavour of cmdb
[2009/05/29 11:56:26] @ erm_ joined channel #puppet
[2009/05/29 11:56:27] <claymation> but fork/exec isn't so efficient
[2009/05/29 11:56:44] <claymation> I guess it's not called that often :)
[2009/05/29 11:57:08] <Volcane> yeah its not like clients check in every minute each
[2009/05/29 11:58:07] @ poison joined channel #puppet
[2009/05/29 11:58:07] @ Quit: poison_: Read error: 104 (Connection reset by peer)
[2009/05/29 11:59:10] @ poison_ joined channel #puppet
[2009/05/29 11:59:10] <sigmonsays> just outta curiosity, what's the max number of nodes someone usually gets to a puppet master?
[2009/05/29 11:59:21] @ Quit: briandquinn:
[2009/05/29 11:59:26] <Volcane> depends a lot on your complexity
[2009/05/29 11:59:27] <sigmonsays> puppetized nodes per master
[2009/05/29 11:59:29] <sigmonsays> right
[2009/05/29 11:59:38] <Volcane> think i have one thats around 700 nodes
[2009/05/29 11:59:52] <sigmonsays> i'm running 400 on a single server, it just has 8 mongrels on it
[2009/05/29 12:00:31] @ Quit: poison_: Remote closed the connection
[2009/05/29 12:00:31] @ Quit: poison: Read error: 113 (No route to host)
[2009/05/29 12:00:45] <sigmonsays> but likely 800 would need another master :)
[2009/05/29 12:00:47] @ poison joined channel #puppet
[2009/05/29 12:01:02] <Volcane> yeah once we went over like 650 it got a bit of a mess
[2009/05/29 12:01:47] <sigmonsays> you just put a load balancer in front of puppet masters then?
[2009/05/29 12:02:14] <Volcane> you can do many things, like move fileserver off to another, move the ca to another, or just LB them quite a few option
[2009/05/29 12:02:43] <sigmonsays> yah, fileserver seems like it should be it's own entity
[2009/05/29 12:03:07] <Volcane> on a smaller site but iwth nodes all over the show i have 2 masters
[2009/05/29 12:03:13] <Volcane> with geo dns to point clients to nearby masters
[2009/05/29 12:03:29] <Volcane> with one of them being the reportsmaster so clients speak to a nearby master but at the end just send their reports to a single one
[2009/05/29 12:03:31] @ jedi4ever left channel #puppet ()
[2009/05/29 12:03:41] <Volcane> obviously they all share the same ssl ca files
[2009/05/29 12:04:41] <Whoop> I'm having puppet update ntp.cfg, how can I make it restart the ntp service if it changes something?
[2009/05/29 12:04:58] <Volcane> use service{"ntp":....} to manage the service
[2009/05/29 12:05:03] <agaffney> notify => Service[ntp]
[2009/05/29 12:05:11] <Volcane> then in the file{} for the config do notify => Service[ntp]
[2009/05/29 12:05:20] <agaffney> or subscribe=>File["ntp.conf"] in service { "ntp": }
[2009/05/29 12:05:32] <Whoop> cool, I'll do the latter...sounds easier
[2009/05/29 12:05:34] <Whoop> Thanks
[2009/05/29 12:05:40] @ mib_hecdlt joined channel #puppet
[2009/05/29 12:05:44] <agaffney> they're both just as easy
[2009/05/29 12:05:52] <agaffney> you still need a file and a service entry
[2009/05/29 12:06:06] <Whoop> Which I was going to have anyhow :)
[2009/05/29 12:06:08] <agaffney> and then it's just a matter of whether you use notify in the File or subscribe in the Service
[2009/05/29 12:06:19] @ Quit: mib_hecdlt: Client Quit
[2009/05/29 12:06:55] @ tajid joined channel #puppet
[2009/05/29 12:07:14] @ tajid left channel #puppet ()
[2009/05/29 12:10:37] <Whoop> Hmm, does a machine HAVE to have a node? Can it not just go by the default stuff?
[2009/05/29 12:11:02] <agaffney> it can
[2009/05/29 12:11:16] <Whoop> Oh wait, I see...sorry, dw
[2009/05/29 12:11:22] <Whoop> What do I call the default node?
[2009/05/29 12:11:24] <Whoop> Just "default"?
[2009/05/29 12:11:29] <sigmonsays> aye
[2009/05/29 12:11:36] <Whoop> I was putting the stuff in site.pp rather than within a node
[2009/05/29 12:11:39] <sigmonsays> node default { }
[2009/05/29 12:11:40] <Whoop> Didn't realise you could define a default node :)
[2009/05/29 12:11:42] <Whoop> Thanks
[2009/05/29 12:12:31] <Whoop> Will everything run the default node? or is just a fall back for those that haven't other nodes?
[2009/05/29 12:12:32] @ Quit: lak:
[2009/05/29 12:13:02] <agaffney> Whoop: only those that don't have a matching node entry
[2009/05/29 12:13:19] @ thegcat joined channel #puppet
[2009/05/29 12:13:47] @ Quit: Innocenti: Client Quit
[2009/05/29 12:18:18] <Whoop> Ah, damn
[2009/05/29 12:18:30] @ shake-n-bake joined channel #puppet
[2009/05/29 12:18:32] <Whoop> So I only actually want an empty default node for this particular host
[2009/05/29 12:18:41] <Whoop> and then put all the default classes in site.pp
[2009/05/29 12:23:09] <Volcane> site.pp is like a global thing, site.pp shouldnt just have resources and whatever in it
[2009/05/29 12:23:23] <joe-mac> my site.pp is nearly empty
[2009/05/29 12:23:29] <Volcane> yeah 3 lines
[2009/05/29 12:23:29] <agaffney> as is mine
[2009/05/29 12:23:49] <agaffney> import "classes/*"
[2009/05/29 12:23:49] <agaffney> Exec { path => "/bin:/sbin:/usr/bin:/usr/sbin" }
[2009/05/29 12:23:49] <agaffney> import "nodes"
[2009/05/29 12:23:51] <agaffney> that's mine :P
[2009/05/29 12:24:16] <agaffney> it would be only 2 lines if I moved my nodes.pp under classes/
[2009/05/29 12:24:37] <Volcane> i have no classes, include nodes/*.pp and sets up my extlookup thing
[2009/05/29 12:25:26] <Whoop> Hmm, I don't know how else I could do it, in my site.pp I have import classes/.pp, include various classes for all machines and import nodes/.pp
[2009/05/29 12:25:31] <Whoop> Where should the various classes go?
[2009/05/29 12:25:54] @ mverwijs joined channel #puppet
[2009/05/29 12:25:57] <Volcane> Whoop: once you understand the basics well, you'd probably move away from just tons of classes and start using modules
[2009/05/29 12:26:07] <Whoop> modules, awww man
[2009/05/29 12:26:08] <agaffney> I use a mix of modules and classes
[2009/05/29 12:26:12] <Volcane> Whoop: they're like logical units that contains files, manifests and templates all in one dir
[2009/05/29 12:26:12] <Whoop> thats something totally different -_-
[2009/05/29 12:26:15] <joe-mac> i'm almost done my move to modules Volcane
[2009/05/29 12:26:17] <Whoop> bah
[2009/05/29 12:26:23] <joe-mac> just working thruogh some syntax errors, then testing
[2009/05/29 12:26:27] <agaffney> Whoop: modules are just a different way to organize classes and files
[2009/05/29 12:26:31] <nigelk> hmmm. I wonder how you'd patch ext/puppet-test to support different client ids on each run....
[2009/05/29 12:26:32] <joe-mac> my pre-commit seems to be not working again
[2009/05/29 12:26:34] <Whoop> I'll keep it as it is atm
[2009/05/29 12:26:39] <Whoop> The tutorial I read didnt mention modules
[2009/05/29 12:26:48] <joe-mac> yea, it's a little advanced...
[2009/05/29 12:26:49] <Whoop> I'm just using an empty default node and putting all the default stuff in sites.pp
[2009/05/29 12:26:56] <agaffney> Whoop: just get it working, and then you can rearrange later
[2009/05/29 12:27:04] <Volcane> Whoop: yeah just get the basics done and understood, you'll probably redo it all in like a month or 2 as you've learned more :)
[2009/05/29 12:27:04] <Whoop> My thinking exactly
[2009/05/29 12:27:05] <agaffney> Whoop: yeah, don't do that
[2009/05/29 12:27:25] <Whoop> Don't do what? You just told me to get it working :P
[2009/05/29 12:27:30] <Whoop> It is working, thus I'm not moving stuff around :)
[2009/05/29 12:27:31] <agaffney> I have a class called default_node and then do node default { include default_node }
[2009/05/29 12:27:33] <Volcane> dont just dump stuff in site.pp
[2009/05/29 12:27:46] <Whoop> Where should it go then ^^
[2009/05/29 12:27:53] <Whoop> The bits to be run on all hosts
[2009/05/29 12:27:55] <Whoop> without modules
[2009/05/29 12:27:55] <Volcane> nodes should include just what they need
[2009/05/29 12:28:13] <Whoop> Yes but I dont want to repeat the include various in every single node
[2009/05/29 12:28:16] <Whoop> Thats just silly
[2009/05/29 12:28:20] <Volcane> if you need something everywhere, then have a class called "common" or something and put it all there
[2009/05/29 12:28:27] <Volcane> its not.
[2009/05/29 12:28:34] <agaffney> Whoop: it's "proper"
[2009/05/29 12:28:36] <Whoop> I have 3 classes I need everywhere...possibly more in future
[2009/05/29 12:28:47] <Whoop> its not proper in programming, duplicating stuff is never proper
[2009/05/29 12:28:50] <Volcane> Whoop: class common { include stuff }
[2009/05/29 12:29:24] <Volcane> Whoop: classes can include other classes, so you just need to arrange that all your nodes include common
[2009/05/29 12:31:09] <joe-mac> i inherit from a basenode_tmpl, saves lines in the code, or from a webserver_tmpl etc.
[2009/05/29 12:31:13] <joe-mac> proper enough for me
[2009/05/29 12:31:17] <Volcane> node inheritance is a bug
[2009/05/29 12:31:23] <Volcane> should be taken out and shot
[2009/05/29 12:31:26] <joe-mac> lol... why do you say that?
[2009/05/29 12:31:30] <joe-mac> i just do it for readability
[2009/05/29 12:31:33] <Volcane> its the general concensus :)
[2009/05/29 12:31:35] <joe-mac> i don't do it to override anything
[2009/05/29 12:31:36] <riddley> hey man, my mother is node inheritance!
[2009/05/29 12:31:43] <riddley> so back off!
[2009/05/29 12:31:54] <joe-mac> lol
[2009/05/29 12:31:58] <sigmonsays> what does the data dir look like for a extlookup() ?
[2009/05/29 12:32:14] <Volcane> seriously though, it doesnt work sanely and it is useless once you go the external/ldap node route
[2009/05/29 12:32:21] <Volcane> sigmonsays: you configure it, see the comments
[2009/05/29 12:32:51] @ Quit: poison: Remote closed the connection
[2009/05/29 12:33:00] <joe-mac> sigmonsays: http://www.pastie.org/494118
[2009/05/29 12:33:13] <joe-mac> that's what mine loks like, of course i've changed the location names because paranoia runs my life
[2009/05/29 12:33:29] <Whoop> err: Could not retrieve catalog: Could not find class common at /etc/puppet/manifests/nodes/default.pp:3 - Hmm, any idea why I get that?
[2009/05/29 12:33:35] <Whoop> the class common is there
[2009/05/29 12:33:44] <Whoop> Oh wait, stupid me
[2009/05/29 12:33:47] <Whoop> facepalm
[2009/05/29 12:33:49] <Whoop> Don't worry >_<
[2009/05/29 12:34:06] <Whoop> I put the file there but forgot to define it as a class
[2009/05/29 12:34:47] @ jmarki joined channel #puppet
[2009/05/29 12:35:13] @ Quit: niczar1: Remote closed the connection
[2009/05/29 12:37:25] <joe-mac> is this error http://www.pastie.org/494122 becayuse in that init.pp i am importing *, which imports itself?
[2009/05/29 12:38:04] <sigmonsays> must not be if it doesn't recurse into ibfinity :)
[2009/05/29 12:38:30] <Volcane> well putting site.pp or whatever u use in the same dir and just doing import '*' isnt great
[2009/05/29 12:38:56] <sigmonsays> Yah i'm not using modules and therefore am loading all the classes for every run
[2009/05/29 12:39:02] <sigmonsays> kinda lame
[2009/05/29 12:39:03] <Volcane> still.
[2009/05/29 12:39:13] <Volcane> manifests/site.pp manifests/classes/*.pp
[2009/05/29 12:39:16] <sigmonsays> oh right
[2009/05/29 12:39:19] <Volcane> include 'classes/*.pp'
[2009/05/29 12:39:28] @ Quit: tim\|macbook:
[2009/05/29 12:39:34] <Volcane> i mean import obviously
[2009/05/29 12:39:34] <Volcane> :)
[2009/05/29 12:39:38] <joe-mac> ah shit
[2009/05/29 12:39:46] <joe-mac> facepalm
[2009/05/29 12:39:51] * joe-mac does more re structuring
[2009/05/29 12:40:03] <Volcane> better still using environments
[2009/05/29 12:40:10] <Volcane> manifests/production/site.pp
[2009/05/29 12:40:11] <joe-mac> how dfo you mean Volcane?
[2009/05/29 12:40:18] <Volcane> manifests/development/site.pp
[2009/05/29 12:40:18] <Volcane> etc
[2009/05/29 12:40:38] @ Quit: glaw: ""Between two evils, I always pick the one I never tried before" Mae West"
[2009/05/29 12:40:44] <Volcane> joe-mac: wiki:UsingMultipleEnvironments
[2009/05/29 12:40:45] <gepetto> Volcane: joe-mac: wiki:UsingMultipleEnvironments is http://reductivelabs.com/trac/puppet/wiki/UsingMultipleEnvironments
[2009/05/29 12:41:07] <joe-mac> i know about environments, i just have to make a case to get a nice beefy box for virt that i can use for testing puppet
[2009/05/29 12:41:22] <joe-mac> the overlords don't yet understand that a mistake now has the potential to fux0r the infrastructure
[2009/05/29 12:41:23] <Volcane> most desktops are overspec'd :P
[2009/05/29 12:41:27] @ Quit: Robbie: Remote closed the connection
[2009/05/29 12:41:33] <joe-mac> currently i test it on a master that only controls a few nodes
[2009/05/29 12:41:40] <joe-mac> it's clunky, but with the resources i am given, it's all i can do
[2009/05/29 12:42:47] <joe-mac> so Volcane, if i were to start getting ready to use environments in modules, would it be like modules/modulename/manifests/production, or production/modules?
[2009/05/29 12:42:58] <Volcane> hold
[2009/05/29 12:43:02] <joe-mac> k
[2009/05/29 12:43:15] <joe-mac> ah i c
[2009/05/29 12:43:20] <joe-mac> nm dude i'm asking you shit that is clearly in the doc
[2009/05/29 12:43:42] <Volcane> heh
[2009/05/29 12:44:38] <Volcane> http://pastie.org/494126
[2009/05/29 12:44:39] @ Quit: MaGicKanGaRoo: Remote closed the connection
[2009/05/29 12:45:10] <Volcane> actually reload the pastie
[2009/05/29 12:46:47] <joe-mac> so you actually put your modules in a directory called manifests first? interesting
[2009/05/29 12:47:09] <Volcane> most of my modules are in manifests/common/modules/modulename
[2009/05/29 12:47:21] <Volcane> if i want to work on a module and not affect everything
[2009/05/29 12:47:30] <Volcane> svn copy common/apache development/apache
[2009/05/29 12:47:39] @ mfoster joined channel #puppet
[2009/05/29 12:47:51] <Volcane> this creates a branch from the usual apache module, into development branch and if i work there it goes out only to machines in development
[2009/05/29 12:48:13] <sigmonsays> yah. i have gone as far as branching development for some stuff
[2009/05/29 12:48:14] <Volcane> once i am done and happy for it to go out i can merge back to the common or maybe move it to a staging environment etc
[2009/05/29 12:49:01] <joe-mac> hmm, ok, this is interesting. i'd better do this all now, don't want to spend another two days re-factoring in the future
[2009/05/29 12:49:17] @ ezmob joined channel #puppet
[2009/05/29 12:49:23] <sigmonsays> i havn't made the leap to modules yet
[2009/05/29 12:49:25] <sigmonsays> affraid
[2009/05/29 12:49:29] <joe-mac> one more question volcane, under your module/modulename/manifests, you don't put classes in there? you make another subdir for it?
[2009/05/29 12:49:56] <joe-mac> it's so sexy sigmonsays, my file server tree was a mess before. although it was all in one place i had no idea what files went with what classes
[2009/05/29 12:50:02] <Volcane> joe-mac: modulesname/manifests/init.pp for class modulename and manifests/foo.pp for modulename::foo
[2009/05/29 12:50:37] @ pleemans joined channel #puppet
[2009/05/29 12:50:58] <sigmonsays> I know. but i lead the puppet endeavor here and training everybody yet again on where to find files is gonna be a nightmare :)
[2009/05/29 12:51:44] <Volcane> prior to modules i tended to ahve things like files/my.box.com/etc/foo and maybe files/common/etc/foo
[2009/05/29 12:51:50] <Volcane> and if i wanted to know if foo is special on this box
[2009/05/29 12:51:55] <joe-mac> Volcane: then what was tghat bit up top about my init.pp being wrong cause i imported .* and had the defines getting re imported?
[2009/05/29 12:51:55] <Volcane> or find out all machines with special foo's
[2009/05/29 12:51:59] @ Quit: fujin:
[2009/05/29 12:52:03] <Volcane> it was all a big find -name foo mission, loads of b/s
[2009/05/29 12:52:04] <joe-mac> shouldn't import * in an init.pp not trry to re import itself?
[2009/05/29 12:52:15] <sigmonsays> Volcane, right. that's what I've got now
[2009/05/29 12:52:17] <Volcane> with modules, i make files/foo.my.box.com which makes it much more obvious
[2009/05/29 12:52:24] <Volcane> ls files, boom, clear as day
[2009/05/29 12:52:28] <joe-mac> Volcane: yea i was doing the same thing... seemed great at thet ime but now that i see modules it looks stupid
[2009/05/29 12:52:30] <sigmonsays> it would be awfully nice to have files closer to manifest
[2009/05/29 12:52:51] <sigmonsays> they are two seperate directory structures in my environment
[2009/05/29 12:53:36] <Volcane> yeah that caused me lots of grief
[2009/05/29 12:53:43] <joe-mac> i guess i can't do definitions outside the scope of a class
[2009/05/29 12:53:43] <Volcane> forgetting that a file has overrides somewhere etc
[2009/05/29 12:54:07] <Volcane> joe-mac: i just pop them modulename/manifests/init.pp as define modulename::foo ()
[2009/05/29 12:54:22] <Volcane> joe-mac: i think though modules now have some load magic for them too, not sure
[2009/05/29 12:56:42] <gepetto> ::trac:: Recipes/Authorized_keys edited by seph @ http://reductivelabs.com/trac/puppet/wiki/Recipes/Authorized_keys (by seph@directionless.org)
[2009/05/29 12:58:28] <nigelk> sigmonsays: you really want to go to modules
[2009/05/29 12:58:46] <nigelk> Volcane: you don't have to do that
[2009/05/29 12:58:55] <nigelk> class "foo::bar"
[2009/05/29 12:59:02] <nigelk> is looked for in modules/foo/manifests/bar.pp
[2009/05/29 12:59:07] <nigelk> automagically
[2009/05/29 12:59:10] <Volcane> thats what i said?
[2009/05/29 12:59:13] <nigelk> oh.
[2009/05/29 12:59:18] <nigelk> i must have misread you :)
[2009/05/29 12:59:19] <Volcane> definitions though, are they?
[2009/05/29 12:59:30] <Volcane> like define foo::bar would that be in bar.pp?
[2009/05/29 12:59:33] <Volcane> last i tried that failed
[2009/05/29 12:59:51] @ Quit: saurabhverma: Client Quit
[2009/05/29 13:00:15] <nigelk> yeah. I think you're right, we only have our 'base' module use definitions
[2009/05/29 13:00:26] <nigelk> and they're in modules/base/manifests/definitions/
[2009/05/29 13:00:36] <nigelk> and we explicitly import them in modules/base/manifests/init.pp
[2009/05/29 13:00:40] <Volcane> and you just import them? yeah
[2009/05/29 13:00:45] <Volcane> do the same when i have many defines for amodule
[2009/05/29 13:00:52] <Volcane> lke in bacula where i have many many defines
[2009/05/29 13:01:10] <nigelk> Jeff McCune did a full native type for bacula I think
[2009/05/29 13:01:14] <nigelk> in Ruby
[2009/05/29 13:01:27] <Volcane> neat, not seen it before
[2009/05/29 13:01:29] <nigelk> He was going to post that somewhere, but I think he's swamped
[2009/05/29 13:01:55] <Volcane> i do loads iwth snippets and templates, works ok, ofcourse the file server is the achiles heel there
[2009/05/29 13:02:29] @ Quit: jfoote: Read error: 113 (No route to host)
[2009/05/29 13:03:42] <joe-mac> ok now i put these defines inside a class
[2009/05/29 13:04:12] @ artista_frustrad joined channel #puppet
[2009/05/29 13:05:11] <Guest54786> puppetlisten is denying my puppetrun connections. is there a setting I missed to enable on the client?
[2009/05/29 13:05:27] <Volcane> did you make a namespaces.auth?
[2009/05/29 13:05:37] <Guest54786> yeah
[2009/05/29 13:05:38] <Guest54786> my namespaceauth.conf has [puppetrunner] allow *
[2009/05/29 13:06:00] <joe-mac> and i still get the error that the define can't be defined twice
[2009/05/29 13:06:36] <Guest54786> any ideas?
[2009/05/29 13:06:49] <Volcane> Guest54786: not sure, not used puppetrun much
[2009/05/29 13:06:59] <Guest54786> ok thanks anyways =)
[2009/05/29 13:07:05] <Volcane> joe-mac: hmm, show the error again and make some info on whats where?
[2009/05/29 13:07:07] @ Quit: jmeeuwen: Read error: 60 (Operation timed out)
[2009/05/29 13:07:20] <Telmo> Guest54786: I assume you are running puppet as puppet --listen ?
[2009/05/29 13:07:34] <Telmo> on the clients?
[2009/05/29 13:07:43] @ Quit: Welsh_Dwarf: Remote closed the connection
[2009/05/29 13:07:51] <joe-mac> err: Could not parse for environment production: common::append_if_no_such_line is already defined at /home/jmcdonagh/working/puppet/modules/common/manifests/init.pp:14; cannot redefine; expected '%s' at /home/jmcdonagh/working/puppet/./modules/common/manifests/init.pp:14
[2009/05/29 13:07:55] @ jmeeuwen joined channel #puppet
[2009/05/29 13:08:14] <Guest54786> Telmo- sorta. I'm using the puppetlisten script for that so puppetrun will give me correct exit codes
[2009/05/29 13:08:44] <Volcane> joe-mac: you've still got weird imports then, see the funky dirname on the 2nd bit of that error
[2009/05/29 13:08:54] <Telmo> We use puppetrun but we have our clients running the --listen, if not you will not be able to correct
[2009/05/29 13:08:56] <Telmo> connect
[2009/05/29 13:09:00] <joe-mac> http://www.pastie.org/494162
[2009/05/29 13:09:16] <Volcane> Guest54786: probably if you use puppetlisten you might need different namespace auth
[2009/05/29 13:09:17] <Guest54786> telmo- how do you tell if there was an error on one of the nodes?
[2009/05/29 13:09:27] <joe-mac> Volcane: thats cause i am runnign a find -exec {} with puppet --parseonly
[2009/05/29 13:09:28] <joe-mac> hold on
[2009/05/29 13:09:50] <Volcane> joe-mac: you're still importing '*' though, that'll reimport itself
[2009/05/29 13:09:56] <Telmo> We have monitoring on the puppet logs
[2009/05/29 13:10:00] <joe-mac> oh it works then
[2009/05/29 13:10:09] <joe-mac> Volcane: if i go into that dir and run puppet --parseonly, it works
[2009/05/29 13:10:36] <joe-mac> instead of running find ./ -type f -name '*.pp' -exec puppet --parseonly {} \;
[2009/05/29 13:10:51] * Volcane imports full paths and not * but *.pp or whatever is appropriate, too easy to get screwups otherwise
[2009/05/29 13:11:01] <Volcane> people leaving backups files around etc
[2009/05/29 13:11:07] <Volcane> foo.pp~
[2009/05/29 13:11:14] <Volcane> want to kill people for that stuff :)
[2009/05/29 13:11:29] <joe-mac> lol, i hate that
[2009/05/29 13:12:27] <Guest54786> ok it seems that puppet listen is not obeying [puppetrunner] allow * if I specify the host then it connects.. but dies because of a broken pipe. i think it's not compatible with my puppetrun version
[2009/05/29 13:13:05] <Guest54786> Telmo- how do you have monitoring on the puppet logs setup? --sorry, i'm new to puppet and still learning
[2009/05/29 13:13:22] <Guest54786> do you have to enable puppet to do logging? my /var/log/puppet dir is empty on the clients
[2009/05/29 13:13:34] <Volcane> Guest54786: it logs to syslog
[2009/05/29 13:14:12] <Telmo> We have a commercial tool that watches our log files, we just added the watch for puppet messages in syslog
[2009/05/29 13:14:19] <Guest54786> oh nice!
[2009/05/29 13:14:37] <Telmo> but there are plenty of Open Source solutions to do the same
[2009/05/29 13:14:52] <Volcane> Guest54786: and if you enable reporting it will send a report with all logs etc down to the master after a run that gets saves in a yaml file on the master
[2009/05/29 13:14:54] <Guest54786> which one would you recommend?
[2009/05/29 13:15:00] <Telmo> there is a nagio module that does that if I remember correctly, although setting nagios up just for the log files may be too cumbersome
[2009/05/29 13:15:17] @ justindossey joined channel #puppet
[2009/05/29 13:15:41] @ Quit: alfism: "Connection reset by beer"
[2009/05/29 13:16:14] <Guest54786> cool thanks guys. very interesting, let me get up to seed on the reporting docs before i continue asking questions.
[2009/05/29 13:16:18] <Telmo> I recommend you go to www.freshmeat.net and search for "logfile" or "syslog" and find a solution that meets your needs, I can't recommend anything on the top of my head, maybe someone else can here
[2009/05/29 13:16:21] @ ezmob is now known as ezmob\|away
[2009/05/29 13:16:32] <Guest54786> cool will scan freshmeat
[2009/05/29 13:16:34] * joe-mac wants splunk
[2009/05/29 13:17:42] @ taylorj joined channel #puppet
[2009/05/29 13:18:00] * Volcane wonders what dimwit at redhat thought 1024 FDs would be enough for squid in production
[2009/05/29 13:18:14] @ matty joined channel #puppet
[2009/05/29 13:19:40] @ nakano is now known as nakano_
[2009/05/29 13:19:47] <joe-mac> lol
[2009/05/29 13:20:10] <joe-mac> the one who wants people to take RH300 so they remember those gotchas
[2009/05/29 13:20:28] <Volcane> and ofcourse updating limits so that it works during bootup time is almost impossible
[2009/05/29 13:20:40] <joe-mac> /etc/security/limits.conf?
[2009/05/29 13:20:45] <Volcane> you'd think
[2009/05/29 13:21:00] <joe-mac> why doesn't that work?
[2009/05/29 13:21:11] @ poison_ joined channel #puppet
[2009/05/29 13:21:39] <Volcane> not entirely sure whats up, but the init scripts that runs when the box boots seems to not invoke the pam module that sets it from limits.conf
[2009/05/29 13:21:53] <Volcane> only if i log in as say root and restart the service will it work - cos then the pam module gets loaded
[2009/05/29 13:21:57] <Volcane> still investigating
[2009/05/29 13:22:22] <Volcane> the debian rc scripts seems to load a setting from defaults/squid and then fiddle ulimit based on that which seems a lot saner
[2009/05/29 13:22:51] <joe-mac> fail
[2009/05/29 13:22:58] <Volcane> quite
[2009/05/29 13:23:15] <Volcane> only reliable way to do this at boot up using the init scripts is to fiddle the init script, major fail
[2009/05/29 13:23:21] <joe-mac> if you figure out how to get around that and it doesn't seem right, i would file a bug on that
[2009/05/29 13:23:43] <joe-mac> i don't use squid, so i haven't ran into that
[2009/05/29 13:23:56] <Volcane> i remember same issue yonks ago with sybase
[2009/05/29 13:24:15] <Volcane> but then we got in to the situation where the DBAs screwed up things so bad that sybase would only start by hand anyway once the box is booted
[2009/05/29 13:24:19] <Volcane> so that didnt cause hassles heh
[2009/05/29 13:24:35] <Volcane> cos it would just use their limits then
[2009/05/29 13:24:49] @ notbrien joined channel #puppet
[2009/05/29 13:24:55] <f3ew> Volcane the 1024 fds limit is true across all distributions, I believe
[2009/05/29 13:25:00] <Volcane> also rc scripts that loads up the daemon in question via su would work fine, its all pretty crap
[2009/05/29 13:25:03] <f3ew> It's hardcoded in the kernel headers
[2009/05/29 13:25:11] <Volcane> but today, 1024 is just an inadequate default
[2009/05/29 13:27:05] <Volcane> f3ew: yeah but redhat tunes tons of defaults, and they're quite keen on their thing about supporting big boxes and high workload out the box though, just seems they'd have tweaked this limit
[2009/05/29 13:27:50] @ ezmob\|away is now known as ezmob
[2009/05/29 13:36:03] <Guest54786> do i need to enable reports on the master or are they by default?
[2009/05/29 13:36:04] <joe-mac> Volcane: hey this ios sort of noobish, i have nioly a cursory knowledge of svn. i'm trying to move to environments like you're using while moving to modules, when production is stable and working and i want to fork development, so i just do svn cp, or do i have to like svn branch, then later svn merge?
[2009/05/29 13:36:16] @ Quit: zeroXten: Remote closed the connection
[2009/05/29 13:36:18] <Guest54786> and were do the yaml files end up?
[2009/05/29 13:37:16] <joe-mac> you nee to enable them, they end up in /var/lib/puppet/reports i think
[2009/05/29 13:37:26] <joe-mac> there is a wiki page probably called PuppetReporting
[2009/05/29 13:37:39] <joe-mac> my bookmarks at home aren't sync'd to the ones at work...
[2009/05/29 13:37:42] <Volcane> joe-mac: to create a branch you just svn copy, to merge later you can either just do the low tech thing and copy files back to common, or figure out how merge work, its not hard its just like doing diffs really
[2009/05/29 13:37:59] <Volcane> joe-mac: google bookmarks + firefox gmarks :P
[2009/05/29 13:38:30] @ omry joined channel #puppet
[2009/05/29 13:39:20] <Volcane> joe-mac: though I'd recoment 'Pragmatic Version Control Using Subversion'
[2009/05/29 13:39:24] <Volcane> recommend...
[2009/05/29 13:39:56] <nigelk> bookmarks are so last century :)
[2009/05/29 13:40:13] <Volcane> yeah ust remember the search terms to find it heh
[2009/05/29 13:40:19] <Volcane> just
[2009/05/29 13:40:48] <joe-mac> nigelk: what do you use? some new fangled tag stuff or something?
[2009/05/29 13:40:48] <nigelk> http://lmgtfy.com/?q=salty+chocolate+balls
[2009/05/29 13:41:05] <joe-mac> rofl
[2009/05/29 13:41:09] <nigelk> joe-mac: I actually have this huge bookmarks setup I've been dragging around with me for years
[2009/05/29 13:41:11] @ francois left channel #puppet ()
[2009/05/29 13:41:12] <joe-mac> www.justfuckinggoogleit.com
[2009/05/29 13:41:15] <nigelk> but I realized recently I never use them
[2009/05/29 13:41:43] <nigelk> I have 8 on my toolbar for all my google accounts gmail/calendar pages, but that's it
[2009/05/29 13:41:45] <Volcane> the gmarks thing in firefox is really nice, very quick to use hotkey based popup search for your browser bookmarks and syncing across many browsers
[2009/05/29 13:41:47] <Volcane> very handy
[2009/05/29 13:41:47] <joe-mac> nigelk: yea i don't use all of them but every now and then i will remember i looked up something and bookmarked it
[2009/05/29 13:41:51] <nigelk> oh and one for http://cricinfo.com
[2009/05/29 13:42:09] <joe-mac> oh you're a brit
[2009/05/29 13:42:34] <Volcane> brits arent the only cricket fans :)
[2009/05/29 13:42:50] <joe-mac> lol, i was gonna say "ask me how i knew"
[2009/05/29 13:44:03] <Volcane> actually i dont hear many people here go on about cricket, only people who are really into it are foreigners
[2009/05/29 13:45:23] <Telmo> man.. I though golf was boring to watch until they showed cricket on TV
[2009/05/29 13:45:41] <Volcane> yeah its dreadful, esp 5 day matches
[2009/05/29 13:45:59] <Volcane> you watch one match and you immediately realize why all cricket fans are heavy drinkers
[2009/05/29 13:45:59] <joe-mac> i am just not big into any sports, except pool
[2009/05/29 13:46:02] <Telmo> take baseball... expand the match to last 5 days...
[2009/05/29 13:46:08] <joe-mac> i love pool, though ih aven't played in forever, and i suck
[2009/05/29 13:46:23] <Telmo> pool is considered a sport?
[2009/05/29 13:46:41] <joe-mac> shit yea
[2009/05/29 13:46:48] <Telmo> wait.. why am I surprised? they show poker tournaments in ESPN
[2009/05/29 13:46:56] @ jmarki is now known as jmarki\|sleep
[2009/05/29 13:47:03] <joe-mac> except pool is more about skill
[2009/05/29 13:47:09] <joe-mac> there's a lot of luck in poker
[2009/05/29 13:47:09] <Telmo> true
[2009/05/29 13:47:19] <joe-mac> i know there is skill too, but there's always teh element of chance
[2009/05/29 13:47:30] <joe-mac> a really good pool player doesn't sink shots OR miss them by accident or chance
[2009/05/29 13:47:33] <Telmo> I am just happy a team form my country won the Champions League :D
[2009/05/29 13:47:34] @ plathrop-away is now known as plathrop
[2009/05/29 13:47:41] <joe-mac> heh, where you from
[2009/05/29 13:47:45] <Telmo> Spain
[2009/05/29 13:47:51] <joe-mac> ah
[2009/05/29 13:48:34] <Telmo> I think there was another team in the field, but I didn't see them much
[2009/05/29 13:48:44] * Telmo waits for the British on-slaught
[2009/05/29 13:48:48] <Telmo> :)
[2009/05/29 13:48:59] <Volcane> the suns out, all the british people are drunk already
[2009/05/29 13:49:04] <Telmo> lol
[2009/05/29 13:49:10] <joe-mac> LMAO
[2009/05/29 13:50:32] <Telmo> Volcane: still in England or back home alreadt?
[2009/05/29 13:50:42] <Volcane> "home" is london
[2009/05/29 13:50:50] <Telmo> oh
[2009/05/29 13:50:57] <Volcane> couldnt care less for place of origin :P
[2009/05/29 13:51:04] <Telmo> I though you were jsut working there for a period of tim
[2009/05/29 13:51:07] <Telmo> time
[2009/05/29 13:51:07] <joe-mac> and that would be?
[2009/05/29 13:51:17] <Volcane> nah, i came from south africa in 2002
[2009/05/29 13:51:23] <joe-mac> o i c
[2009/05/29 13:51:28] <Telmo> ok.. a loooong period of time :D
[2009/05/29 13:51:36] <Volcane> well "came" as in got sick and couldnt fly for a year so just didnt go back
[2009/05/29 13:51:44] <Telmo> haha
[2009/05/29 13:51:45] <joe-mac> south africa is the weirdest englsih accent besides this one island in virgina, usa
[2009/05/29 13:51:59] <joe-mac> virginia**
[2009/05/29 13:52:31] <Telmo> South African accent is a akin to someone from Austria speaking English
[2009/05/29 13:52:36] <Telmo> it is quite interesting
[2009/05/29 13:52:39] <Volcane> actually i got sick in dublin, but what a hole, so i took trains/ferries etc to london and settled here
[2009/05/29 13:52:59] <Volcane> Telmo: its because its very dutchlike with french influence
[2009/05/29 13:53:20] <Telmo> then again, I myself have a pretty thick accent even after 11 years here in the usa
[2009/05/29 13:53:43] @ Quit: erm_: "Lost terminal"
[2009/05/29 13:54:50] @ teratoma joined channel #puppet
[2009/05/29 13:57:31] @ mvn072 joined channel #puppet
[2009/05/29 13:59:45] <Telmo> humm.. would it make more sense to create subclasses for the OS or just use case statements? oracle::common::solaris or an OS stament in oracle::common?
[2009/05/29 14:00:09] <Volcane> whatever annoys you less :P
[2009/05/29 14:00:29] <Telmo> so it comes down to preference.. ok
[2009/05/29 14:00:32] <Telmo> I can deal with that :P
[2009/05/29 14:00:55] <Telmo> and for the record.. I hate oracle
[2009/05/29 14:01:04] <Volcane> and oracle hates you :P
[2009/05/29 14:01:26] <Guest54786> I'm still not sure of the approach I should take when pushing updates to puppetclients and easily determining if an error occurred.. are these my only options- 1. examing yaml files on the master or 2. setting up a watch on syslogd for puppetd errors
[2009/05/29 14:01:37] <Telmo> I have "puppetized" the oracle server installation, but it fails for oracle 10g2 because it runs out of memory, however it works perfectly fine for 11g
[2009/05/29 14:02:17] <Telmo> Giest54786: well.. puppet used a poll method natively, not a push, that may be part of your issue
[2009/05/29 14:03:22] <Telmo> another way you could approach it is by enabling StoredConfigs and then checking the last_compiled field in the hosts table
[2009/05/29 14:03:34] <Telmo> but that involves lots of setup :D
[2009/05/29 14:04:02] <Volcane> Guest54786: with reports you could use something like this http://www.devco.net/pubwiki/Puppet/PuppetView
[2009/05/29 14:04:08] <Telmo> I've also hear there there is Puppetview
[2009/05/29 14:04:21] <Guest54786> ooooh checking, one sec =)
[2009/05/29 14:05:21] @ jedi4ever joined channel #puppet
[2009/05/29 14:09:54] @ Quit: pleemans: Read error: 60 (Operation timed out)
[2009/05/29 14:10:31] @ Quit: cwebber:
[2009/05/29 14:10:48] <Telmo> Volcane: I am looking at your pastie http://pastie.org/494126 you have a common environment? so then you make all your hosts part of 2 environments?
[2009/05/29 14:10:59] <Volcane> telmo: no, look at hte module dir
[2009/05/29 14:11:08] @ pleemans joined channel #puppet
[2009/05/29 14:11:21] <Volcane> Telmo: the setting in puppet.conf
[2009/05/29 14:11:27] <Volcane> err, modulepath even
[2009/05/29 14:11:36] <Telmo> oh, I see.. you include both paths in the moduledir
[2009/05/29 14:11:50] <Volcane> yeah so if development doesnt have a module, it will fetch it from common
[2009/05/29 14:11:59] <Telmo> that's smart
[2009/05/29 14:12:00] <Volcane> mostly i try not to have any difference between dev/production/etc
[2009/05/29 14:12:07] @ alban2 joined channel #puppet
[2009/05/29 14:12:18] <Volcane> but this gives me the ability to make a diff and work in dev etc, when done i put it all back so its in common
[2009/05/29 14:12:37] <Telmo> don't you run into issues where you can define something twice though?
[2009/05/29 14:12:55] <Volcane> no, cos the first module it finds in the search path will be The One for that environment
[2009/05/29 14:12:58] <Volcane> its just like PATH
[2009/05/29 14:13:04] <Telmo> lets say you have a module sudoers in common, but you are working on an improved version in development
[2009/05/29 14:13:12] <Volcane> so if i have development/modules/apache and common/modules/apache
[2009/05/29 14:13:13] <Telmo> cool thanks
[2009/05/29 14:13:22] <Volcane> machines in development environment will get development/modules/apache
[2009/05/29 14:16:26] @ Quit: bgupta\|away: Read error: 54 (Connection reset by peer)
[2009/05/29 14:16:36] @ alfism joined channel #puppet
[2009/05/29 14:18:01] @ cwebber joined channel #puppet
[2009/05/29 14:20:14] @ cwebber_ joined channel #puppet
[2009/05/29 14:20:15] @ Quit: cwebber: Read error: 104 (Connection reset by peer)
[2009/05/29 14:20:17] @ Quit: Maliuta: Read error: 104 (Connection reset by peer)
[2009/05/29 14:22:20] @ Maliuta joined channel #puppet
[2009/05/29 14:29:20] @ lak joined channel #puppet
[2009/05/29 14:30:41] <Volcane> lak: before i log a bug i wanted someone to look over something http://pastie.org/494268 - am i right in thinking I should be able to +> mor ethan once to a given resources?
[2009/05/29 14:31:00] <Volcane> lak: if i take out line 29 it all works but with that, i get the error :(
[2009/05/29 14:31:59] <lak> Volcane: you've got two classes modifying the same attribute, which is actually against the override rules
[2009/05/29 14:32:11] <Volcane> lak: but so whats the point of +> then?
[2009/05/29 14:32:36] <lak> modification rather than replacement
[2009/05/29 14:32:36] <Volcane> lak: say i have a user - nagios - and i want if i install squid, make nagios groups +> squid, and if i install exim i want nagios +> exim
[2009/05/29 14:32:44] <Volcane> and if i install both? then what? it goes titsup
[2009/05/29 14:32:55] <lak> Volcane: sorry, phone call; i can try to help after
[2009/05/29 14:32:57] <Volcane> ok
[2009/05/29 14:33:15] <Volcane> no worries, its just you like the first person who here today who is likely to know definitive answers hehe
[2009/05/29 14:34:20] @ ckrough joined channel #puppet
[2009/05/29 14:37:34] @ mib_m5v8g7 joined channel #puppet
[2009/05/29 14:37:50] @ Quit: mib_m5v8g7: Client Quit
[2009/05/29 14:38:20] @ Quit: nmalik: "leaving"
[2009/05/29 14:38:34] @ nmalik joined channel #puppet
[2009/05/29 14:40:23] @ edwardam is now known as edwardam\|phn
[2009/05/29 14:40:47] @ mib_2ne365 joined channel #puppet
[2009/05/29 14:40:48] @ Quit: cwebber_: Read error: 104 (Connection reset by peer)
[2009/05/29 14:41:06] @ cwebber joined channel #puppet
[2009/05/29 14:41:33] @ mib_2ne365 is now known as incommon_ike
[2009/05/29 14:43:54] @ Quit: dsch04: Read error: 110 (Connection timed out)
[2009/05/29 14:46:01] <joe-mac> how do you realize a virtual resource whose definition is inside a class?
[2009/05/29 14:46:09] <incommon_ike> I'm a big fan of using a queues to dispatch asynchronous requests. I noticed the puppet now speaks to stomp but only for stored configs. What does this buy me?
[2009/05/29 14:46:30] <Volcane> perforance improvment with stored configs enabled
[2009/05/29 14:47:23] <ckrough> what is stomp
[2009/05/29 14:47:42] <Volcane> its a simple textish protocol to message queue daemons like activemq
[2009/05/29 14:47:43] <joe-mac> do definitions need to be in global scope if you plan on using them for virtual resources?
[2009/05/29 14:47:53] <incommon_ike> So I guess i'm havign trouble understanding stored configs
[2009/05/29 14:48:03] <Volcane> joe-mac: Somemodule::Somedefine works
[2009/05/29 14:48:11] <joe-mac> AHH capitalize the second namet oo
[2009/05/29 14:48:14] <joe-mac> thanks Volcane
[2009/05/29 14:48:24] <incommon_ike> it seems like nothing more than an inventory
[2009/05/29 14:48:40] @ Quit: ceren:
[2009/05/29 14:49:15] <Volcane> incommon_ike: they enable wiki:ExportedResources
[2009/05/29 14:49:16] <gepetto> Volcane: incommon_ike: wiki:ExportedResources is http://reductivelabs.com/trac/puppet/wiki/ExportedResources
[2009/05/29 14:50:55] <joe-mac> exported resources is such an awesome idea
[2009/05/29 14:51:05] <joe-mac> well, collections i mean
[2009/05/29 14:51:22] <Volcane> wish there were some auto expiration of nodes though
[2009/05/29 14:51:36] <Volcane> like if a node has not been heard of for x days, remove it from the db automagically, configurable period
[2009/05/29 14:52:04] <joe-mac> when you make a function call in a puppet manifest, and you need to split it to multiple lines cause there are a loto f arguments (in this case realizing a bunch opf users), you can just split them or do you need to escape the newline?
[2009/05/29 14:52:14] <joe-mac> that wouldb e cool Volcane
[2009/05/29 14:52:19] <joe-mac> i am a fan of that idea
[2009/05/29 14:52:25] @ edwardam\|phn is now known as edwardam
[2009/05/29 14:52:50] <Volcane> joe-mac: i think you can just slap in a new line no need for \ etc
[2009/05/29 14:53:15] <joe-mac> k cool
[2009/05/29 14:54:44] * ckrough thinks he is mis-using defines and classes
[2009/05/29 14:54:48] <incommon_ike> so would it be possible for the puppetmaster to query the stored configs and then execute a puppetrun script based on a nodes configuration?
[2009/05/29 14:55:08] @ Quit: cwebber:
[2009/05/29 14:55:47] @ Quit: alban2: Read error: 60 (Operation timed out)
[2009/05/29 14:55:50] <Volcane> incommon_ike: you'd probably write a little cli app to query the db and loop it
[2009/05/29 14:55:56] <Volcane> would be trivial
[2009/05/29 14:56:29] <Telmo> so if I have envinments sets the modulepath is deferred down to the environment section right? what's the effect of leaving it in the [puppetmaster] definition?
[2009/05/29 14:57:05] <Volcane> Telmo: you need it in the main section for pluginsync (unless you do nigels little trick) cos that uses the default one only
[2009/05/29 14:57:24] <Volcane> Telmo: and say you make a new environment without a [] section for it, it would use default
[2009/05/29 14:58:20] <Telmo> I see
[2009/05/29 14:58:23] <incommon_ike> here's my scenario. I'm using shared storage (GFS) to host all of my apache vhosts. While all of the apache nodes can see these directories, not all of them are active.
[2009/05/29 14:58:37] <incommon_ike> i need to be able to determine the active nodes and then execute a reload
[2009/05/29 14:58:42] @ digitaladdiction joined channel #puppet
[2009/05/29 14:58:59] <Volcane> how do you do this determination without puppet? like what makes it decide?
[2009/05/29 14:59:40] <Telmo> Volcane: out of curiosity.. what's the Nigel's trick? lol is it on the wiki?
[2009/05/29 14:59:46] <incommon_ike> business rule largely driven by load and IP pools
[2009/05/29 15:00:11] <Volcane> Telmo: he makes a module in each environment called 'plugins' and put the plugins in the files section, since the client just recursively download puppet://puppet/plugins
[2009/05/29 15:00:40] <Telmo> incommon_ike: if it can be scripted puppet can do it, if it comes down a a manager telling you what needs to be turned on then its a little bit more complicated
[2009/05/29 15:00:42] <Volcane> incommon_ike: ok, well somehow a machine needs to know if it will be the active node, so you need a datasource that says node10 = webserver for foo.com, where do you have this data?
[2009/05/29 15:01:35] @ edwardam is now known as edwardam\|BBIAF
[2009/05/29 15:02:32] <Volcane> incommon_ike: like for example, i have a thing to query csv files - could be databases, webservices, whatever - and i say vhosts = extlookup("virtual_hosts")
[2009/05/29 15:02:52] <Volcane> incommon_ike: then i have a array of vhosts active on this node, and i can just create resources using the array
[2009/05/29 15:03:56] <incommon_ike> Volcane: ideally, I want to do this in LDAP. Mostly because of the dynamic nature of it. right now, red hat cluster suite is doing some of this mgmt.
[2009/05/29 15:04:10] <Volcane> incommon_ike: then look on the wiki for ldap nodes
[2009/05/29 15:04:14] <Telmo> anyone has a good doc explaining virtual resources? the wiki is kind of difficult to follow
[2009/05/29 15:06:42] <Volcane> wiki:LDAPNodes
[2009/05/29 15:06:43] <gepetto> Volcane: wiki: wiki:LDAPNodes is http://reductivelabs.com/trac/puppet/wiki/LDAPNodes
[2009/05/29 15:07:03] <incommon_ike> thanks, Volcane. LDAP is on my to do list, so I guess I have to move it up on the list.
[2009/05/29 15:09:00] <Telmo> according to the doc, in the current version of puppet, everything in the modules directory get imported, so I don't have to import modules individually right? or its better be safe than sorry in this case?
[2009/05/29 15:09:11] <Volcane> automagically
[2009/05/29 15:09:42] <Volcane> mostly works, i find it gets a bit confused when you do like modulename::foo::bar which would be modulename/manifests/foo/bar.pp
[2009/05/29 15:10:09] <Volcane> bu ti think you can assume it just works now
[2009/05/29 15:11:06] <Telmo> awesome
[2009/05/29 15:11:59] <Volcane> personally i want to have foo::bar and foo::bar::baz i would want foo/manifests/bar/init.pp for foo::bar and manifests/bar/baz.pp for foo::bar::baz
[2009/05/29 15:12:03] <Volcane> but puppet doesnt do that
[2009/05/29 15:12:46] <Volcane> what it wants is foo/manifests/bar.pp and foo/manifests/bar/baz.pp which seems odd, i want foo::bar and all things related to it in the bar subdir
[2009/05/29 15:13:06] <Telmo> so anything besides init.pp is considered a subclass of whatever is defined in init.pp
[2009/05/29 15:13:26] <Volcane> you still need to call them correctly class foo::bar { } in bar.pp
[2009/05/29 15:13:33] <Telmo> ok
[2009/05/29 15:16:10] * Volcane goes home
[2009/05/29 15:16:20] * Telmo too
[2009/05/29 15:16:25] * ckrough doesnt
[2009/05/29 15:17:08] <ckrough> is it accurate to say that Classes are roles and Definitions are configurations for those roles?
[2009/05/29 15:18:21] @ Quit: lak:
[2009/05/29 15:18:31] @ Quit: jedi4ever:
[2009/05/29 15:20:18] @ jedi4ever joined channel #puppet
[2009/05/29 15:20:59] <joe-mac> hmm i would call definitions "a poor man's type"
[2009/05/29 15:21:31] <ckrough> I am running into conflicts between classes
[2009/05/29 15:21:39] <joe-mac> ckrough: details
[2009/05/29 15:21:52] <ckrough> for example, I have two different classes that need to verify that the "/root/.ssh" folder exists
[2009/05/29 15:22:08] <ckrough> one is part of an authentication configuration and the other is part of a backup client configuration
[2009/05/29 15:22:58] <ckrough> so there are two classes, but I cannot define File["/root/.ssh"] in both classes, even though some servers will be assigned to both classes
[2009/05/29 15:23:29] <joe-mac> you could put that in a common class
[2009/05/29 15:23:50] <ckrough> I could
[2009/05/29 15:23:59] <ckrough> is that "the way"?
[2009/05/29 15:24:02] <joe-mac> how do they veruify that root/.ssh exists? like, if it's an exec resource, you could do onlyif
[2009/05/29 15:24:18] <joe-mac> not really 'the way' there may be several ways depending on the exact scenario
[2009/05/29 15:24:53] <ckrough> file {"/root/.ssh": ensure => directory,
[2009/05/29 15:25:25] <joe-mac> imo that should be done in a common class anyways
[2009/05/29 15:25:30] <joe-mac> that's how i make sure my users get a .ssh folder
[2009/05/29 15:25:32] * ckrough trying to think of a concise example
[2009/05/29 15:25:48] <joe-mac> i also put one in /etc/skel, so new users get it automagically
[2009/05/29 15:26:40] <ckrough> inheritance in puppet just clicked for me, and that may help. Ill chew on this for a bit and see if I can clean things up
[2009/05/29 15:27:23] <joe-mac> watch out with inheritance it's not very flexible or anything
[2009/05/29 15:27:31] <ckrough> :)
[2009/05/29 15:27:39] <ckrough> that's the part that just clicked for me.
[2009/05/29 15:28:00] <ckrough> I was trying to define classes as if they were OO
[2009/05/29 15:28:23] <joe-mac> yea, it's not like OO, i did the same at first too
[2009/05/29 15:28:38] <joe-mac> it's sort of oo, but not in the sense you're using java or something
[2009/05/29 15:29:40] <andrewcshafer> ckrough: part of the philosophy is a certain file should only be managed in one unambiguous way.
[2009/05/29 15:30:10] <ckrough> makes sense
[2009/05/29 15:30:25] <andrewcshafer> of course once that gets to execs, that can't be enforced
[2009/05/29 15:31:16] @ incommon_ike left channel #puppet ()
[2009/05/29 15:32:07] <ckrough> so if multiple classes have a common dependency, that dependency should be broken out to its own class and required in the dependent classes?
[2009/05/29 15:33:51] @ Quit: thijso: Read error: 60 (Operation timed out)
[2009/05/29 15:35:04] @ thijso joined channel #puppet
[2009/05/29 15:35:44] <andrewcshafer> ckrough: essentially yes
[2009/05/29 15:35:52] <ckrough> thanks
[2009/05/29 15:36:00] <andrewcshafer> ckrough: there is also some things you can do with 'virtual' resources
[2009/05/29 15:36:32] <ckrough> yeah, trying to resist until I grok definitions, execs, and classes
[2009/05/29 15:36:57] <ckrough> puppet gives you plenty of room to punish yourself on a large scale
[2009/05/29 15:37:31] <andrewcshafer> a more efficient way to bring down your network
[2009/05/29 15:38:06] <ckrough> but man, when I want to fix one minor annoyance on 200 machines puppet makes my day :)
[2009/05/29 15:38:50] @ ezmob is now known as ezmob\|away
[2009/05/29 15:39:02] <andrewcshafer> it's like moving from stone axes to mechanized logging
[2009/05/29 15:44:26] @ kolla joined channel #puppet
[2009/05/29 15:47:25] @ edwardam\|BBIAF is now known as edwardam
[2009/05/29 15:47:34] @ francois joined channel #puppet
[2009/05/29 15:47:34] @ dsch04 joined channel #puppet
[2009/05/29 15:50:35] @ cwebber joined channel #puppet
[2009/05/29 15:52:16] @ Quit: mvn072: Remote closed the connection
[2009/05/29 15:55:19] @ lak joined channel #puppet
[2009/05/29 16:06:55] <ckrough> ok, hit another instance of my inheritance and override disability
[2009/05/29 16:07:13] <ckrough> I have a base class, lets call it base, that should include a class called syslog:client
[2009/05/29 16:08:39] <ckrough> all my classes should inherit this base class. I also have a node definition for some syslog relays, they need to include syslog::relay. syslog::relay is going to need to ensure different config files (syslog-ng.conf) of the same name, but since we are inheriting the base across the board I get a conflict
[2009/05/29 16:09:12] @ Quit: Maliuta: "Leaving"
[2009/05/29 16:09:24] @ Maliuta joined channel #puppet
[2009/05/29 16:09:31] <ckrough> so in pseudo, "all machines should have syslog::client by default, some machines should replace/override that with syslog::relay"
[2009/05/29 16:10:30] <ckrough> sorry, all nodes should inherit the base node
[2009/05/29 16:13:37] @ incommon_ike joined channel #puppet
[2009/05/29 16:15:46] <MrHeavy> I'm interesting in writing a new package provider for OpenSolaris IPS, but I'm confused about how to test it. Can anyone give me a hand?
[2009/05/29 16:18:05] <joe-mac> ugh, can someone help me trying to realize virtual resources that are in modules?
[2009/05/29 16:20:32] * ckrough got inheritance working. /celebrate
[2009/05/29 16:21:17] @ Quit: francois: "Leaving."
[2009/05/29 16:21:22] @ francois joined channel #puppet
[2009/05/29 16:21:56] @ alban2 joined channel #puppet
[2009/05/29 16:22:28] @ Quit: digitaladdiction: "http://www.mibbit.com ajax IRC Client"
[2009/05/29 16:24:24] @ Quit: shake-n-bake:
[2009/05/29 16:28:20] <joe-mac> a failure to realize doesn't offer much in the way of debugging info eh
[2009/05/29 16:29:08] @ ezmob\|away is now known as ezmob
[2009/05/29 16:29:31] @ Quit: thegcat:
[2009/05/29 16:30:14] <joe-mac> err: Could not retrieve catalog: Failed to realize virtual resources Accounts::Admin[accounts::users::me] on node
[2009/05/29 16:30:21] <joe-mac> that's all i get from puppetd -t --debug --trace
[2009/05/29 16:30:35] <joe-mac> i get other stuff about it starting up byut wrt that i get nothing more
[2009/05/29 16:35:30] @ joe-mac1 joined channel #puppet
[2009/05/29 16:36:00] <Volcane> joe-mac: show your acounts::users::me class?
[2009/05/29 16:37:35] @ ceren joined channel #puppet
[2009/05/29 16:40:00] @ joe-mac2 joined channel #puppet
[2009/05/29 16:41:05] <Volcane> joe-mac: show the code
[2009/05/29 16:41:18] @ Quit: rgsteele\|\|work: Read error: 113 (No route to host)
[2009/05/29 16:41:50] <joe-mac2> Volcane: it's working now, accoutns::users::me wasn't a class, it was a resource of type accounts::admin
[2009/05/29 16:42:05] <joe-mac2> idk why its namespace would be global, but it is working so i am not very concerned
[2009/05/29 16:42:34] <Guest54786> having a hard time getting tagmail to work. I created tagmail.conf in /etc/puppet/ on the puppet master but I get no e-mails when clients update. anyone have any ideas?
[2009/05/29 16:42:55] <Guest54786> or does tagmail.conf need to be on the clients
[2009/05/29 16:43:14] <zirpu> anyone know how to setup a puppetmaster w/ a different cert? i.e. I have a host1.example.com, and an alias IP that is puppet.example.com. I want to setup puppetmaster to listen on puppet.example.com.
[2009/05/29 16:43:41] <zirpu> but it generates host1.example.com ssl certs and I'm not seeing any options for generating the puppet.example.com certs.
[2009/05/29 16:44:37] <pietro> zirpu: add certname = puppet.example.com on your puppet.conf
[2009/05/29 16:44:53] <zirpu> ah
[2009/05/29 16:45:07] <Guest54786> anyone familiar with tagmail?
[2009/05/29 16:46:27] <Volcane> did you enable reporting on your clients?
[2009/05/29 16:47:06] <Guest54786> yes, i set report=true in puppet.conf on the clients
[2009/05/29 16:48:32] <Volcane> and when you run them with --test do you see them sending a report?
[2009/05/29 16:49:11] <joe-mac2> i wish i could mr. verizon and the members of his board, i'd punch them
[2009/05/29 16:49:28] <joe-mac2> my connections drops out every few minutes, thank god for gnu screen
[2009/05/29 16:49:34] <Guest54786> yes, i think this means it's ssend the reports right? - info: Sent transaction report in 0.10 seconds
[2009/05/29 16:49:51] <Volcane> ok, and did you set up the bits in puppet.conf on your master?
[2009/05/29 16:50:46] <Guest54786> no, but I did create tagmail.conf with all: my e-mail
[2009/05/29 16:51:01] <Guest54786> did I miss something that I'm supposed to dump in puppet.conf on the master?
[2009/05/29 16:51:07] <Volcane> yup
[2009/05/29 16:51:10] <Guest54786> doh!
[2009/05/29 16:52:26] @ Quit: ckrough: "leaving"
[2009/05/29 16:53:08] @ ezmob is now known as ezmob\|away
[2009/05/29 16:54:11] <Guest54786> ok what did I miss. just rescanned the docs. did I miss setting reports on the puppetmaster? eg- reports=tagmail,store,log
[2009/05/29 16:54:32] <Volcane> thats how it knows what modules to pass the reports to yes
[2009/05/29 16:55:09] @ kngus joined channel #puppet
[2009/05/29 16:55:12] @ kngus left channel #puppet ("Leaving.")
[2009/05/29 16:56:14] @ Quit: joe-mac: Read error: 110 (Connection timed out)
[2009/05/29 16:56:15] @ Quit: aymerick: "kit mais sage"
[2009/05/29 16:57:24] <Guest54786> hmmm. ok, I set that and restarted the puppetmaster. still don't seem to be getting e-mails
[2009/05/29 16:57:25] @ Quit: joe-mac1: Read error: 110 (Connection timed out)
[2009/05/29 16:59:43] <MrHeavy> Might as well ask with some new people in the room again
[2009/05/29 16:59:55] <MrHeavy> I wrote a basic OpenSolaris IPS package provider for Puppet
[2009/05/29 17:00:11] <MrHeavy> How do I test it? It's yelling at me that provider "ips" is not functional on this platform :(
[2009/05/29 17:01:32] @ Quit: nmalik: "leaving"
[2009/05/29 17:03:13] @ Quit: hessmll:
[2009/05/29 17:04:46] @ ferd joined channel #puppet
[2009/05/29 17:05:22] @ Quit: pleemans: Read error: 110 (Connection timed out)
[2009/05/29 17:07:23] <MrHeavy> D'oh, one of my :commands was typoed
[2009/05/29 17:07:32] <lak> http://serverfault.com/questions/465/automating-server-deployment
[2009/05/29 17:08:44] <Volcane> nice
[2009/05/29 17:08:44] @ ezmob\|away is now known as ezmob
[2009/05/29 17:11:47] <Volcane> lak: any ideas about that +> thing?
[2009/05/29 17:11:55] <lak> oh, right
[2009/05/29 17:12:15] @ Quit: ibt: Read error: 54 (Connection reset by peer)
[2009/05/29 17:12:28] <lak> the rules for overriding are that you can only override a parameter set by a parent class
[2009/05/29 17:12:41] <lak> in your example, you had two different classes modifying the same parameter
[2009/05/29 17:12:53] @ Quit: d3vilb0x:
[2009/05/29 17:12:58] <Volcane> ok, so how do you achieve the use case with users?
[2009/05/29 17:13:10] <lak> what's the use case, again?
[2009/05/29 17:13:24] <Volcane> nagios user
[2009/05/29 17:13:30] <Volcane> needs to belong to some groups
[2009/05/29 17:13:37] <Volcane> so if i install exim module, it needs exim group
[2009/05/29 17:13:49] <Volcane> if a node gets squid it needs to belong to squid group
[2009/05/29 17:13:58] <Volcane> but also need exim and squid on the same box at times?
[2009/05/29 17:14:21] <Volcane> being able to +> groups for the nagios user in exim and squid modules wold do it easily, but this isnt possible
[2009/05/29 17:17:20] <Volcane> other people i asked here seems to think +> would only ever make sense if that was possible and i tend to agree
[2009/05/29 17:17:46] <Guest54786> if I had an error in a manifest file that went out to clients, that wouldn't get reported by the puppet reports right?
[2009/05/29 17:18:39] <Volcane> Guest54786: nope, and the file state.yaml would also not get updated so you could monitor for that situation
[2009/05/29 17:19:40] <Guest54786> hmm, interesting. how exactly should I monitor state.yaml for that case?
[2009/05/29 17:19:47] <lak> Volcane: well, i'm not even the one who added the +> functionality, i think, so clearly someone had a use that it met
[2009/05/29 17:19:49] <Volcane> with your monitoring software
[2009/05/29 17:20:00] <MrHeavy> Woohoo, it works!
[2009/05/29 17:20:07] <MrHeavy> Expect a crappy patch Monday. :)
[2009/05/29 17:20:14] <lak> but i can see that it's not as useful as you'd like
[2009/05/29 17:20:24] <Guest54786> erm, maybe that's my problem. lol.. what monitoring software do you recommend?
[2009/05/29 17:20:27] <Guest54786> munin?
[2009/05/29 17:20:29] <joe-mac2> state.yaml won't get updted if nothing changes though right?
[2009/05/29 17:20:33] <joe-mac2> nagios ftw
[2009/05/29 17:20:34] <Volcane> lak: bah :( just still trying to make some sane use of puppets user management but it just seems to be a round peg square hole situation :(
[2009/05/29 17:20:41] <Volcane> Guest54786: nagios
[2009/05/29 17:20:50] <Volcane> joe-mac2: it would
[2009/05/29 17:20:56] <lak> yeah, user mgmt is kind of its own different problem
[2009/05/29 17:21:11] <joe-mac2> interesting, thanks for that tidbit since i'm going to be making active and passive checks for puppet this week
[2009/05/29 17:21:16] <lak> puppet works for the simple stuff, but the more complex stuff almost has to be shunted to a special-purpose tool like ldap
[2009/05/29 17:21:25] <grim_radical> I make use of +>
[2009/05/29 17:21:32] <MrHeavy> Trying to get Puppet to manage system accounts is kind of bizarre, because each distro has its own conventions for how system UIDs should be generated
[2009/05/29 17:21:33] <grim_radical> not much use, mind you, but in one or two places
[2009/05/29 17:21:42] <Volcane> nods :( ldap being insanely hard for me with one or two machines in a dc spread over 3 countries and many dcs :(
[2009/05/29 17:22:05] <Volcane> joe-mac2: and localconfig.yaml never updates if compiling fails
[2009/05/29 17:22:28] <Volcane> command[check_puppetfreshness]=/usr/lib/nagios/plugins/check_file_age -f /var/lib/puppet/state/state.yaml -w 5400 -c 7200
[2009/05/29 17:22:30] <Guest54786> ok. interesting. sooo I can somehow tell nagios to tell me when state.yaml doesn't change and it should? This this a specific feature of nagios and if so what's it call so that I may educate myself =)
[2009/05/29 17:22:52] <Volcane> anything goes wrong on a box, the nrpe check fails cos that file doesnt get touched
[2009/05/29 17:23:42] <MrHeavy> This is my first serious foray into the Puppet codebase
[2009/05/29 17:23:43] <MrHeavy> And I must say
[2009/05/29 17:23:45] <MrHeavy> Holy crap
[2009/05/29 17:23:48] <joe-mac2> holy crap, there is a check_file_age in nagios-plugins???
[2009/05/29 17:23:50] <MrHeavy> This is probably the cleanest codebase I've ever worked in
[2009/05/29 17:24:07] <joe-mac2> i wriote like a five line rubty script to do that
[2009/05/29 17:24:08] <joe-mac2> lol
[2009/05/29 17:24:17] <Volcane> joe-mac2: tsk tsk :)
[2009/05/29 17:24:42] <Volcane> i wrote a check_file that combines age and size checks
[2009/05/29 17:24:54] <Volcane> so i can say the file should be newer than a day and bigger than a gig
[2009/05/29 17:26:21] <joe-mac2> meh, i like using ruby lol
[2009/05/29 17:27:15] * joe-mac2 hates the capslock key
[2009/05/29 17:27:37] <MrHeavy> Someone should just write a Nagios plugin that chains checks together and returns the highest status
[2009/05/29 17:27:51] <joe-mac2> i switched out my das keyboard for my HHKB at home, so i could type faster while wfh today, and i never maps caps lock t control in the software since the hardware does it on the HHKB, so annoying, most useless key evar
[2009/05/29 17:28:04] <joe-mac2> MrHeavy: what do you mean?
[2009/05/29 17:28:14] <MrHeavy> Some plugin that does something like
[2009/05/29 17:28:17] <joe-mac2> there is check_cluster for something like that
[2009/05/29 17:28:26] <joe-mac2> i use it to make sure my machines have up to date packages
[2009/05/29 17:28:43] <Volcane> MrHeavy: yeah did think of just doing that too instead of writing a new one
[2009/05/29 17:28:44] <MrHeavy> /usr/lib/nagios/plugins/check_chain /usr/lib/nagios/plugins/check_file_age [args] -- /usr/lib/nagios/plugins/check_file_size [args]
[2009/05/29 17:28:55] <joe-mac2> that's what check_cluster does MrHeavy
[2009/05/29 17:29:06] @ Quit: lak:
[2009/05/29 17:29:09] <MrHeavy> Nuh uh
[2009/05/29 17:29:16] <MrHeavy> check_cluster checks cached host and service states by ID
[2009/05/29 17:29:31] <joe-mac2> how's that different? i mihgt be misundestanding you
[2009/05/29 17:29:39] <Guest54786> Volcane: so how do you setup a nrpe check on the yaml file if it doesn't update? do you just check its date and if it's too old then you know an error at sometime in the past?
[2009/05/29 17:29:44] <MrHeavy> I mean, I guess you could have different service checks for age and size
[2009/05/29 17:29:48] <MrHeavy> And aggregate them into a third check
[2009/05/29 17:29:53] <Volcane> Guest54786: i showed you exactly how.
[2009/05/29 17:29:55] <MrHeavy> But why have three checks when you're really interested in one thing
[2009/05/29 17:30:22] <Guest54786> oh lol, i think im behind in the chat. one sec =)
[2009/05/29 17:30:22] <MrHeavy> Anyway, my IPS provider works, it's 5:30, I'm going home for the day :)
[2009/05/29 17:30:36] <MrHeavy> Adieu
[2009/05/29 17:30:43] @ Quit: MrHeavy: "Ex-Chat"
[2009/05/29 17:31:06] <Volcane> MrHeavy: but i want to check 2 things, like is my mysql dumps both new and bigger than 1 meg
[2009/05/29 17:31:14] <Volcane> bah
[2009/05/29 17:32:27] @ Quit: incommon_ike: "Leaving"
[2009/05/29 17:35:17] <Guest54786> Volcane: what does the -w and -c options on check_file_age mean? I'm having a hard time finding a check_file_age online. I'm just staring to look into nagios
[2009/05/29 17:36:33] @ Quit: justindossey: Read error: 104 (Connection reset by peer)
[2009/05/29 17:38:03] <Volcane> brb...
[2009/05/29 17:38:05] @ justindossey joined channel #puppet
[2009/05/29 17:45:11] <Volcane> Guest54786: http://pastie.org/494503
[2009/05/29 17:45:34] <Volcane> Guest54786: its part of the std nagios plugins as per nagiosplugins.org
[2009/05/29 17:45:40] @ nakano_ is now known as nakano
[2009/05/29 17:46:09] <Guest54786> Volcane: oh hot, thanks again for pointing me in the right direction =)
[2009/05/29 17:48:43] @ Bradipo joined channel #puppet
[2009/05/29 17:59:12] <joe-mac2> does an exec always notify => something even if it fails the unless/onlyif?
[2009/05/29 18:02:18] @ Quit: kolla: verne.freenode.net irc.freenode.net
[2009/05/29 18:02:18] @ Quit: jmslagle: verne.freenode.net irc.freenode.net
[2009/05/29 18:02:19] @ Quit: buggs: verne.freenode.net irc.freenode.net
[2009/05/29 18:02:19] @ Quit: machpo: verne.freenode.net irc.freenode.net
[2009/05/29 18:02:20] @ Quit: jamesturnbull: verne.freenode.net irc.freenode.net
[2009/05/29 18:02:20] @ Quit: ralfgro_: verne.freenode.net irc.freenode.net
[2009/05/29 18:02:20] @ Quit: mrrx: verne.freenode.net irc.freenode.net
[2009/05/29 18:02:21] @ Quit: cmoates: verne.freenode.net irc.freenode.net
[2009/05/29 18:03:29] @ kolla joined channel #puppet
[2009/05/29 18:03:29] @ jmslagle joined channel #puppet
[2009/05/29 18:03:29] @ machpo joined channel #puppet
[2009/05/29 18:03:29] @ cmoates joined channel #puppet
[2009/05/29 18:03:29] @ jamesturnbull joined channel #puppet
[2009/05/29 18:03:29] @ buggs joined channel #puppet
[2009/05/29 18:03:29] @ ralfgro_ joined channel #puppet
[2009/05/29 18:03:29] @ mrrx joined channel #puppet
[2009/05/29 18:28:07] @ plathrop is now known as plathrop-away
[2009/05/29 18:30:48] <mfournier> I noticed that the vim syntax highlight file defines "site" as a keyword together with "class", "define" and "node". An idea what language feature this might be ? I can't find anything relevant in the wiki...
[2009/05/29 18:31:20] @ Quit: joe-mac2: Read error: 110 (Connection timed out)
[2009/05/29 18:35:56] @ Quit: flakrat: "Leaving"
[2009/05/29 18:42:00] @ drmikecrowe_ joined channel #puppet
[2009/05/29 18:49:51] <Volcane> no bells
[2009/05/29 18:51:16] @ Quit: ceren:
[2009/05/29 18:54:26] @ Quit: [1]drmikecrowe: Read error: 110 (Connection timed out)
[2009/05/29 18:54:48] @ Quit: wakko666: "Ex-Chat"
[2009/05/29 19:01:23] <tmz> mfournier: no idea, but it was removed by jamesturnbull in commit 7d72186.
[2009/05/29 19:01:37] @ Quit: mfoster: "Leaving."
[2009/05/29 19:10:01] <mfournier> tmz: thanks ! He apparently missed out the one on the following line (syn keyword puppetDefType ...), which is what confused me.
[2009/05/29 19:11:28] @ wakko666 joined channel #puppet
[2009/05/29 19:11:47] @ Quit: Tuf8:
[2009/05/29 19:12:17] @ plathrop-away is now known as plathrop
[2009/05/29 19:14:32] @ ceren joined channel #puppet
[2009/05/29 19:17:11] @ gwar9999 joined channel #puppet
[2009/05/29 19:21:06] <gwar9999> When ensuring a package is present within puppet, can the repo of the package be specified? Yum supports the --enablerepo option which allows you to specify a specific repo which in some cases is not listed in /etc/yum.repos.d
[2009/05/29 19:30:26] @ d3vilb0x joined channel #puppet
[2009/05/29 19:31:35] @ Quit: mfournier: Read error: 113 (No route to host)
[2009/05/29 19:33:44] @ Quit: ceren: Read error: 110 (Connection timed out)
[2009/05/29 19:36:20] @ Quit: mverwijs: "leaving"
[2009/05/29 19:37:39] <tmz> gwar9999: this has come up on either the dev or user list recently. I don't believe it's possible. and I don't think the general consensus is that it should be.
[2009/05/29 19:38:31] <tmz> IMHO, if you need to enable and disable repos like that, it's usually more useful to create your own repo that contains only what you want.
[2009/05/29 19:39:09] <Volcane> there are a few bugs open for this
[2009/05/29 19:44:24] @ Quit: cwebber:
[2009/05/29 19:47:39] @ WALoeIII joined channel #puppet
[2009/05/29 19:49:46] @ francois left channel #puppet ()
[2009/05/29 19:50:15] <gwar9999> tmz: hmmm... package resource does allow you to specify source which allows you to use a url-- however I can't seem to get that to work. Our repos are available from a url. FWIW we maintain our own mirrors of several repos but we keep them separate for the most part. Each server specifies only the one repo it needs... when packages are required outside of that repo we use --enablerepo to fetch it-- not elegant but I didn't create the repo infrastruct
[2009/05/29 19:54:10] @ bgupta joined channel #puppet
[2009/05/29 19:55:59] @ Quit: taylorj:
[2009/05/29 19:57:29] <Volcane> gwar9999: doesnt work that way
[2009/05/29 19:57:35] @ Quit: alfism: "http://opensolaris.com/"
[2009/05/29 19:57:47] <gwar9999> Volcane: then what's source for?
[2009/05/29 19:58:09] <Volcane> gwar9999: for example using 'rpm' provider
[2009/05/29 19:58:24] <Volcane> gwar9999: which would be rpm -i http://somebox.com/foo.rpm
[2009/05/29 19:58:42] <Volcane> when using yum provider, using a url doesnt make sense
[2009/05/29 19:59:20] <gwar9999> Volcane: for a yum provider, source could be interpreted as the enablerepo arg, no?
[2009/05/29 19:59:33] <Volcane> gwar9999: ok if you say so
[2009/05/29 20:00:56] <gwar9999> Volcane: since url source doesn't make sense for yum provider source, then it's conceivable that source could be the repo. However, I doubt puppet does anything with source w/ yum provider.
[2009/05/29 20:02:47] <Volcane> so you're suggesting it adds a repo if you use a url as source, install the pacakge off this url and then remote the yumrepo again to then avoid future uses of package accidentally using this repo?
[2009/05/29 20:03:00] <Volcane> each time doing a full repo meta data update etc
[2009/05/29 20:03:22] <Volcane> and just make up some sensible guessed data to fill in all the other info needed for a yumrepo
[2009/05/29 20:06:01] <gwar9999> Volcane: hmmm, maybe it's more complex in puppet-land then when someone needs to upgrade an rpm on occasion. Typically, we only enablerepo when we know there is a pkg we want installed.
[2009/05/29 20:06:56] <Volcane> yeah, i enable them when i yumdownloader them into my local repo mirror
[2009/05/29 20:07:23] <Volcane> also just have epel, rpmforge etc on the machine that manages the repo, but i just yumdownload them and then all other machines get them from my mirror
[2009/05/29 20:08:44] <gwar9999> Volcane: our yum mirrors do essentially the same, but there are different levels (or stages) of them based on the type of machine. So it's a probably a bit more complicated in our environment.
[2009/05/29 20:09:42] <Volcane> mostly i just got burned by how unreliable rpmforge/epel/centos-mirros etc are
[2009/05/29 20:09:52] <Volcane> need a machine built and u cant get hold of some key rpm
[2009/05/29 20:10:02] <Volcane> or they're ungodly slow and puppet crawls to a halt
[2009/05/29 20:10:04] <Volcane> etc
[2009/05/29 20:10:54] <gwar9999> Volcane: I'm sure that's why we handle our own mirrors-- the local mirrors are pretty quick, no lag and so far no missing rpm issues (but it's still at the mercy of the source mirror, of course).
[2009/05/29 20:11:45] <Volcane> hmm, so you have it all locally? why then not just enable it all?
[2009/05/29 20:12:50] <Volcane> or in your module for say mysql (assuming here mysql needs some funky repo) just yumrepo that repo into place on the amchines with your mysql on them
[2009/05/29 20:13:09] <gwar9999> Volcane: security and sanity reasons, some machines can't be updated until approved which is why we maintain different levels of rpm revisions in diff repos. I'm not entirely sure about rpm mirrors since I just use them.
[2009/05/29 20:14:27] <Volcane> so you have like dev/staging/prod repositories and as a package are done being tested it moves up from dev to staging then prod so only available in the environments repos when its approved?
[2009/05/29 20:15:25] @ Quit: nigelk:
[2009/05/29 20:16:49] <gwar9999> Volcane: pretty much, although we have a couple more intermediate ones, but you get the idea.
[2009/05/29 20:24:58] @ plathrop is now known as plathrop-away
[2009/05/29 20:25:21] <sigmonsays> Hrm. i'm confused
[2009/05/29 20:25:34] <sigmonsays> i put my yum repo's in "basenode" which common inherits
[2009/05/29 20:25:46] <sigmonsays> but things still end up missing...
[2009/05/29 20:25:58] <sigmonsays> Hrm. Might be a yum clean all is all I need.
[2009/05/29 20:28:13] @ ezmob is now known as ezmob\|away
[2009/05/29 20:35:02] @ bgupta is now known as bgupta\|away
[2009/05/29 20:46:46] @ Quit: claymation:
[2009/05/29 20:52:27] <justindossey> hey, when I define a service, is it okay to say ensure => running instead of ensure => "running" ?
[2009/05/29 20:52:59] <justindossey> looks like ensure => running is correct
[2009/05/29 20:53:05] <sigmonsays> yes
[2009/05/29 20:53:10] @ bgupta\|away is now known as bgupta
[2009/05/29 20:53:14] <justindossey> thanks
[2009/05/29 20:53:42] <sigmonsays> np
[2009/05/29 20:54:03] <sigmonsays> Anyone know if B inherits A, does A get applied before any of B resources do?
[2009/05/29 20:54:14] <sigmonsays> I am having a hard time figuring this one out...
[2009/05/29 20:57:29] @ ezmob\|away is now known as ezmob
[2009/05/29 20:57:33] <jamesturnbull> tmz: I can't remember what "site" was - but its been redundent for so long it may have been nothing
[2009/05/29 20:58:00] <justindossey> I have just added my first custom fact to puppet, and I see it working correctly by looking at the yaml on the server. I don't see the output of my custom fact on the client I'm testing with though
[2009/05/29 20:58:05] @ Quit: ezmob: "Bye!"
[2009/05/29 20:58:15] <justindossey> is there something I have to do in order to get the client to run the fact when I run facter at the command line?
[2009/05/29 20:59:22] <sigmonsays> you need to "use" the fact
[2009/05/29 20:59:26] <sigmonsays> in your manifest
[2009/05/29 20:59:59] <sigmonsays> notice "#{$myfact} " I think ---
[2009/05/29 21:00:18] <justindossey> does facter load any manifests?
[2009/05/29 21:00:32] <sigmonsays> you use facts in manifest
[2009/05/29 21:00:34] <sigmonsays> puppet loads facts
[2009/05/29 21:00:38] <justindossey> Right, I know that
[2009/05/29 21:00:41] <jrojas> justindossey: FACTERLIB=/var/lib/puppet/facts facter -p
[2009/05/29 21:01:32] <jrojas> sigmonsays: inheritence of classes dont make ordering. you still have to use require => "whatevr"
[2009/05/29 21:01:40] <sigmonsays> doh
[2009/05/29 21:01:50] <sigmonsays> what if I include blah and dont' inherit?
[2009/05/29 21:02:02] <jamesturnbull> tim\|imac: I have no issues with a job post on the mailing list
[2009/05/29 21:02:28] @ Quit: mattw: Read error: 60 (Operation timed out)
[2009/05/29 21:02:33] <sigmonsays> i'm not gonna add require => Class["base"] to every package in every manifest.
[2009/05/29 21:02:40] <sigmonsays> i'm trying to fix the errors in my boot strap environment
[2009/05/29 21:03:05] <jrojas> well, the better question is why dont the packages install?
[2009/05/29 21:03:13] <jrojas> do they depend on ldap or some other config file?
[2009/05/29 21:03:28] <sigmonsays> i am using file { } to setup yum repo's which contain the files
[2009/05/29 21:03:35] <sigmonsays> err.. contain the packages
[2009/05/29 21:03:39] <jrojas> why not use the Yumrepo provider?
[2009/05/29 21:03:53] <sigmonsays> does it make a difference?
[2009/05/29 21:03:53] <jrojas> oh, you are creating the repo itself?
[2009/05/29 21:03:56] <sigmonsays> yes
[2009/05/29 21:03:58] <justindossey> jrojas: FACTERLIB=/var/lib/puppet/lib/facter facter did the trick
[2009/05/29 21:04:03] <jrojas> :)
[2009/05/29 21:04:07] <justindossey> thanks
[2009/05/29 21:04:13] <sigmonsays> jrojas, i'm creating /etc/yum.repo.d/blah.repo
[2009/05/29 21:04:20] @ Quit: justindossey: "Leaving."
[2009/05/29 21:04:42] <jrojas> sigmonsays: do Package { requires => File["/etc/yum.repos.d/blah.repo"]} in the site.pp or whatever
[2009/05/29 21:04:50] <jrojas> that will make all packages require that file.
[2009/05/29 21:05:07] <jrojas> which in turn will only let the packages run if that file is present.
[2009/05/29 21:05:13] <sigmonsays> right
[2009/05/29 21:05:23] <sigmonsays> what about other packages that do their own require ?
[2009/05/29 21:05:29] <sigmonsays> is it additive?
[2009/05/29 21:05:34] <jrojas> i believe so
[2009/05/29 21:05:40] * sigmonsays needs to test :)
[2009/05/29 21:05:59] <jamesturnbull> jrojas: it should just work with the -p now - shouldn't need the FACTERLIB - that was fixed in 1.5.4 or 1.5.5 I think - 1.5.5
[2009/05/29 21:06:10] <jrojas> 1.5.5
[2009/05/29 21:06:14] <jrojas> im still using 1.5.4 :P
[2009/05/29 21:06:23] <sigmonsays> ha, i'm still 1.5.3 :)
[2009/05/29 21:06:24] @ Quit: charlieS: Read error: 104 (Connection reset by peer)
[2009/05/29 21:06:25] <jamesturnbull> jrojas: cool - just thought I'd mention :)
[2009/05/29 21:06:47] <jrojas> np
[2009/05/29 21:07:42] <jrojas> man flight prices to AU are cheap from CA right now.....im tempted to take a vacation..
[2009/05/29 21:08:57] <sigmonsays> hehe
[2009/05/29 21:10:42] <jrojas> sigmonsays: so you are managing a static file for /etc/yum.repos.d/blah.repo ?
[2009/05/29 21:11:13] <sigmonsays> Yah
[2009/05/29 21:11:28] <sigmonsays> maybe yumrepo is the way to go but I like files on disk
[2009/05/29 21:11:37] <sigmonsays> they get svn diffs, revision history, etc
[2009/05/29 21:12:16] <jamesturnbull> jrojas: I am going the other way - AUD$1000 to San Fran
[2009/05/29 21:12:29] <jamesturnbull> jrojas: return - it's ... incredibly cheap
[2009/05/29 21:13:22] <jrojas> jamesturnbull: very nice, any word on when the puppet camp thing is going on? I'll be in SF on the 26th (hopefully)
[2009/05/29 21:13:55] <sigmonsays> they need a mailing list on that. I'd love to go
[2009/05/29 21:13:56] <jrojas> jamesturnbull: 1,000.00 AUD
[2009/05/29 21:13:56] <jrojas> =
[2009/05/29 21:14:03] <jrojas> 809?
[2009/05/29 21:14:05] <jrojas> USD?
[2009/05/29 21:14:52] <jamesturnbull> jrojas: about that
[2009/05/29 21:15:08] <jamesturnbull> jrojas: I am still waiting to hear dates
[2009/05/29 21:15:13] <jamesturnbull> andrewcshafer: ^^^^^
[2009/05/29 21:15:18] <jrojas> hehhee
[2009/05/29 21:15:46] <jamesturnbull> jrojas: I am coming over for OpenSourceBridge in Portland in mid June but will spend a few days catching up with friends in SF
[2009/05/29 21:15:55] <jrojas> very cool
[2009/05/29 21:16:20] <jamesturnbull> would have goen to OSCON but not a big fan of San Jose
[2009/05/29 21:16:44] <jrojas> I'm not either, and i lived there for 2 years..
[2009/05/29 21:16:46] <jamesturnbull> I think the Puppet camp is loosly planned for early September
[2009/05/29 21:17:09] @ bgupta is now known as bgupta\|away
[2009/05/29 21:17:12] <jrojas> yeah that was the last email I saw..
[2009/05/29 21:17:23] <jamesturnbull> with OSCON in Portland - well its a great city - Powells, bars, microbrew, good food, hospitable people etc
[2009/05/29 21:17:55] <jrojas> portland is good
[2009/05/29 21:18:20] <jamesturnbull> I can actually have a holiday there as well which is an incentive
[2009/05/29 21:18:47] <jamesturnbull> of course most of the time will be spent with a laptop trying to migrate the Trac wiki but ... sort of a holiday :)
[2009/05/29 21:19:19] <jrojas> very cool, my friend that lives in Orange NSW is thinking about going to portlan for a vacation
[2009/05/29 21:19:31] <jrojas> migrating the wiki....rut roh. that sounds fun
[2009/05/29 21:20:29] @ bgupta\|away is now known as bgupta
[2009/05/29 21:20:55] <jamesturnbull> jrojas: it's a bit slow and stupid right now - the Trac wiki is okay but its outlived it's functional life
[2009/05/29 21:21:13] <jrojas> ive never liked trac
[2009/05/29 21:21:15] @ ibt joined channel #puppet
[2009/05/29 21:21:15] <jamesturnbull> Orange .. dog haven't been there in years .. friends own a place there
[2009/05/29 21:22:25] <jamesturnbull> nice wine around there but a big a drive from Sydney ... 300 odd kms I think
[2009/05/29 21:23:57] <jrojas> meh thats not bad
[2009/05/29 21:24:18] * jamesturnbull is off for brekkie
[2009/05/29 21:24:21] <jamesturnbull> exit
[2009/05/29 21:24:24] <jamesturnbull> doh
[2009/05/29 21:25:01] <jrojas> hehhee
[2009/05/29 21:42:57] @ bgupta is now known as bgupta\|away
[2009/05/29 21:52:38] @ Quit: WALoeIII: "Bai."
[2009/05/29 21:55:37] @ lak joined channel #puppet
[2009/05/29 22:35:22] @ Quit: lak:
[2009/05/29 22:36:49] @ atlan_ joined channel #puppet
[2009/05/29 22:40:01] @ ceren joined channel #puppet
[2009/05/29 22:43:04] @ Quit: devicenull: Read error: 104 (Connection reset by peer)
[2009/05/29 22:49:17] @ Quit: matty:
[2009/05/29 22:50:13] @ Quit: ceren: Remote closed the connection
[2009/05/29 22:53:13] @ Quit: chip__: Read error: 110 (Connection timed out)
[2009/05/29 23:00:39] @ Quit: Ned_: Connection timed out
[2009/05/29 23:01:21] @ Quit: alban2: Read error: 113 (No route to host)
[2009/05/29 23:23:52] @ lak joined channel #puppet
[2009/05/29 23:33:13] @ bgupta\|away is now known as bgupta
[2009/05/29 23:38:06] @ WALoeIII joined channel #puppet
[2009/05/29 23:43:06] @ nigelk joined channel #puppet
[2009/05/29 23:44:27] @ Quit: teratoma: "leaving"
[2009/05/29 23:45:10] @ Quit: nigelk: Client Quit
[2009/05/29 23:52:36] @ Quit: lak:
[2009/05/29 23:55:43] @ bgupta is now known as bgupta\|away

Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!