Sunday, 2009-05-31

« Saturday, 2009-05-30 Index Monday, 2009-06-01 »
[2009/05/31 00:02:49] @ Log started by gepetto
[2009/05/31 00:02:49] @ Quit: d3vilb0x:
[2009/05/31 00:09:17] <maek> Im getting "could not connect to puppet on port 8140" puppet is running but netstat -tlpn shows no port 8140
[2009/05/31 00:10:21] <Guest54786> did you tell it to listen with --listen or setting it to listen in you cpuppet.conf?
[2009/05/31 00:10:34] <Guest54786> typo- cpuppet.conf = puppet.conf
[2009/05/31 00:10:45] <maek> Guest54786: no, I havent had to do that before
[2009/05/31 00:10:50] <maek> this is a new puppet install though
[2009/05/31 00:11:23] <maek> let me try that, thanks
[2009/05/31 00:12:45] <Guest54786> wait are you running puppet --test and getting that on a client or using puppetrun on the master?
[2009/05/31 00:13:31] <maek> puppet --test on the client
[2009/05/31 00:14:15] <Guest54786> oooh, gotchya. erm nvm then, you wouldn't need to tell your clients to listen.
[2009/05/31 00:15:04] <maek> but do I need to tell the server to listen or is that default?
[2009/05/31 00:15:15] <maek> nothing is bound to 8140 on the server
[2009/05/31 00:15:49] <Guest54786> hmm, is puppetmasterd running on the master server?
[2009/05/31 00:16:04] <maek> thank you so much, im a dumb ass
[2009/05/31 00:16:10] <maek> Im starting puppetd on the server
[2009/05/31 00:16:12] <Guest54786> eheh =)
[2009/05/31 00:16:13] <maek> its been a long day
[2009/05/31 00:16:19] <maek> thanks
[2009/05/31 00:16:24] <Guest54786> lol i know how it goes no worries
[2009/05/31 00:16:26] <Guest54786> np =)
[2009/05/31 00:17:14] <maek> :) that was it
[2009/05/31 00:17:58] <Guest54786> rockin'
[2009/05/31 00:21:12] @ Demosthenex joined channel #puppet
[2009/05/31 00:24:37] <PhabX> where should i look to make puppet push instead of pull
[2009/05/31 00:24:46] <Guest54786> puppetrun
[2009/05/31 00:25:06] <PhabX> thanks
[2009/05/31 00:25:09] <Guest54786> np
[2009/05/31 00:27:17] <maek> is there a place with example recipes anywhere?
[2009/05/31 00:27:35] <Guest54786> yup- http://reductivelabs.com/trac/puppet/wiki/Recipes/
[2009/05/31 00:28:03] <maek> Guest54786: your random number hides your extreme helpfulness, thank you
[2009/05/31 00:28:13] <Guest54786> =)
[2009/05/31 00:29:05] @ Guest54786 is now known as capt
[2009/05/31 00:29:34] <PhabX> crunch or morgan
[2009/05/31 00:29:40] <PhabX> jk
[2009/05/31 00:29:50] @ capt is now known as CaptainCupcake
[2009/05/31 00:29:52] @ Quit: WALoeIII: "Bai."
[2009/05/31 00:30:05] <PhabX> that settles that
[2009/05/31 00:30:08] <CaptainCupcake> eheh
[2009/05/31 00:30:29] <maek> is this the proper way of adding a list of pkgs? http://gist.github.com/120759
[2009/05/31 00:31:14] <PhabX> that is one good way to group a big list of packages and then install them
[2009/05/31 00:31:37] <maek> PhabX: do you have an example of other ways
[2009/05/31 00:31:51] <maek> for some reason this method rarely installs all the pkgs on the first pass
[2009/05/31 00:32:14] <PhabX> let me show you what my coworker does
[2009/05/31 00:32:41] @ Quit: Demosthenes: Read error: 110 (Connection timed out)
[2009/05/31 00:35:04] <maek> thanks
[2009/05/31 00:36:05] <PhabX> let me know if this helps
[2009/05/31 00:36:05] <PhabX> http://pastebin.com/m6e764636
[2009/05/31 00:37:05] <maek> thats pretty much what I have right, just formated differently?
[2009/05/31 00:37:19] <PhabX> oh really
[2009/05/31 00:37:34] <PhabX> i suppose it is
[2009/05/31 00:37:42] <maek> :)
[2009/05/31 00:37:46] <PhabX> that seems to work fine for us
[2009/05/31 00:37:46] <maek> thanks though
[2009/05/31 00:37:54] <PhabX> np :D
[2009/05/31 00:37:58] <maek> hmm. let me test more
[2009/05/31 00:40:36] @ randybias is now known as randybias|away
[2009/05/31 00:45:00] @ randybias|away is now known as randybias
[2009/05/31 01:19:17] @ Quit: hessmll: "Leaving..."
[2009/05/31 01:21:40] @ Quit: lak:
[2009/05/31 01:24:14] @ shake-n-bake joined channel #puppet
[2009/05/31 01:35:09] @ Quit: shake-n-bake:
[2009/05/31 02:07:38] @ madrescher joined channel #puppet
[2009/05/31 02:40:56] @ Quit: madrescher: Read error: 110 (Connection timed out)
[2009/05/31 02:41:51] @ madrescher joined channel #puppet
[2009/05/31 02:42:22] @ joe-mac joined channel #puppet
[2009/05/31 02:56:21] @ aymerick joined channel #puppet
[2009/05/31 03:07:32] @ Quit: madrescher: Read error: 113 (No route to host)
[2009/05/31 03:08:01] <ibt> lutter: on line 347 and 348 of http://github.com/reductivelabs/puppet/blob/62534a1622c710eb52b681d96aca8687c597190c/ext/emacs/puppet-mode.el .. is there any particular reason why you used a literal tab in that string? should probably use \t
[2009/05/31 03:17:02] @ Quit: joe-mac: "Leaving."
[2009/05/31 03:26:09] @ joe-mac joined channel #puppet
[2009/05/31 03:30:05] @ veritas_aequitas joined channel #puppet
[2009/05/31 03:45:30] @ Quit: n3kl: Read error: 104 (Connection reset by peer)
[2009/05/31 04:21:43] @ bgupta is now known as bgupta|away
[2009/05/31 04:22:00] @ randybias is now known as randybias|away
[2009/05/31 04:52:28] @ Quit: f3ew: Read error: 104 (Connection reset by peer)
[2009/05/31 04:59:08] @ xyz joined channel #puppet
[2009/05/31 05:10:45] @ verwilst joined channel #puppet
[2009/05/31 05:11:24] @ f3ew joined channel #puppet
[2009/05/31 05:14:36] @ pleemans joined channel #puppet
[2009/05/31 05:20:04] @ poison joined channel #puppet
[2009/05/31 05:21:39] @ randybias|away is now known as randybias
[2009/05/31 05:22:44] @ Quit: chip__: Remote closed the connection
[2009/05/31 05:33:24] @ Quit: PhabX: "Leaving..."
[2009/05/31 05:34:46] @ fbe joined channel #puppet
[2009/05/31 05:34:52] @ atlan_ joined channel #puppet
[2009/05/31 05:38:06] @ Quit: poison: Remote closed the connection
[2009/05/31 05:42:28] @ nakano is now known as nakano_
[2009/05/31 05:55:51] @ Quit: randybias:
[2009/05/31 05:56:57] @ Quit: pleemans: "Ex-Chat"
[2009/05/31 05:59:08] @ yure joined channel #puppet
[2009/05/31 06:02:34] @ pleemans joined channel #puppet
[2009/05/31 06:06:45] @ zeroXten joined channel #puppet
[2009/05/31 06:08:33] @ nakano_ is now known as nakano
[2009/05/31 06:10:24] @ Quit: SyTonnerre: Read error: 113 (No route to host)
[2009/05/31 06:22:25] @ Quit: neh: Read error: 104 (Connection reset by peer)
[2009/05/31 06:22:38] @ Quit: oschad: Read error: 113 (No route to host)
[2009/05/31 06:22:53] @ Quit: yure: Remote closed the connection
[2009/05/31 06:26:38] @ bgupta|away is now known as bgupta
[2009/05/31 06:27:55] @ Quit: pleemans: Read error: 110 (Connection timed out)
[2009/05/31 06:29:22] @ Quit: f3ew: Read error: 104 (Connection reset by peer)
[2009/05/31 06:35:17] @ sts left channel #puppet ()
[2009/05/31 06:35:24] @ pleemans joined channel #puppet
[2009/05/31 06:36:52] @ Quit: yarihm: "Leaving"
[2009/05/31 06:42:22] @ Quit: fbe: Read error: 60 (Operation timed out)
[2009/05/31 06:48:23] @ f3ew joined channel #puppet
[2009/05/31 07:06:06] @ yure joined channel #puppet
[2009/05/31 07:11:29] @ d3vilb0x joined channel #puppet
[2009/05/31 07:13:13] @ Quit: pleemans: Read error: 110 (Connection timed out)
[2009/05/31 07:31:24] @ Quit: verwilst: Read error: 110 (Connection timed out)
[2009/05/31 07:34:03] @ gebi_ is now known as gebi
[2009/05/31 08:18:45] @ nasrat joined channel #puppet
[2009/05/31 08:19:21] @ Quit: jedi4ever:
[2009/05/31 08:35:07] @ jmarki joined channel #puppet
[2009/05/31 08:43:51] @ jedi4ever joined channel #puppet
[2009/05/31 08:51:13] @ Quit: jedi4ever:
[2009/05/31 08:56:22] @ Quit: nasrat:
[2009/05/31 08:57:21] @ poison joined channel #puppet
[2009/05/31 09:02:43] @ docelic_ joined channel #puppet
[2009/05/31 09:05:55] @ Quit: docelic: Read error: 60 (Operation timed out)
[2009/05/31 09:10:43] @ Quit: zeroXten: Read error: 60 (Operation timed out)
[2009/05/31 09:24:01] @ atlan_ left channel #puppet ("Konversation terminated!")
[2009/05/31 09:32:17] @ xyz left channel #puppet ()
[2009/05/31 09:34:49] @ Quit: jmarki: Remote closed the connection
[2009/05/31 09:36:42] @ pleemans joined channel #puppet
[2009/05/31 09:39:22] @ nasrat joined channel #puppet
[2009/05/31 09:39:31] @ Quit: nasrat: Client Quit
[2009/05/31 10:09:23] @ Quit: pleemans: Read error: 110 (Connection timed out)
[2009/05/31 10:09:39] @ Quit: docelic_: "http://www.spinlocksolutions.com/"
[2009/05/31 10:12:36] @ nakano is now known as nakano_
[2009/05/31 10:16:40] @ docelic joined channel #puppet
[2009/05/31 10:17:25] @ Quit: poison: Remote closed the connection
[2009/05/31 10:30:41] @ Welsh_Dwarf joined channel #puppet
[2009/05/31 10:31:40] @ hessmll joined channel #puppet
[2009/05/31 11:08:43] @ Quit: hessmll: "Leaving..."
[2009/05/31 11:12:15] @ pleemans joined channel #puppet
[2009/05/31 11:32:43] @ nasrat joined channel #puppet
[2009/05/31 11:33:07] @ martha1 joined channel #puppet
[2009/05/31 11:33:54] <nasrat> jamesturnbull: would it be worth having a submit_review task to tie into review board
[2009/05/31 11:34:24] <nasrat> ala http://code.google.com/p/reviewboard/source/browse/trunk/rbtools/scripts/post-review
[2009/05/31 11:36:29] @ martha1 is now known as martha
[2009/05/31 11:45:50] @ lak joined channel #puppet
[2009/05/31 12:01:07] @ bgupta is now known as bgupta|away
[2009/05/31 12:02:29] @ shake-n-bake joined channel #puppet
[2009/05/31 12:20:35] @ cwebber joined channel #puppet
[2009/05/31 12:31:13] @ neh joined channel #puppet
[2009/05/31 12:36:43] @ nasrat_ joined channel #puppet
[2009/05/31 12:38:13] <CaptainCupcake> uhhh, can nodes only inherit from a single node?
[2009/05/31 12:38:16] @ Quit: martha: Read error: 104 (Connection reset by peer)
[2009/05/31 12:41:18] @ martha joined channel #puppet
[2009/05/31 12:46:00] <ch> you probably should start using classes ;)
[2009/05/31 12:46:08] @ Quit: nasrat: Read error: 110 (Connection timed out)
[2009/05/31 12:46:57] <CaptainCupcake> oh man, that makes inheriting almost useless. ok, class soup it is
[2009/05/31 12:52:34] @ Quit: martha: Read error: 60 (Operation timed out)
[2009/05/31 12:52:41] @ bgupta|away is now known as bgupta
[2009/05/31 12:53:04] @ martha joined channel #puppet
[2009/05/31 12:57:11] @ joe-mac1 joined channel #puppet
[2009/05/31 13:00:58] @ Quit: joe-mac: Read error: 110 (Connection timed out)
[2009/05/31 13:01:26] <lutter> ibt: yeah, I think that's a mistake
[2009/05/31 13:04:16] <ibt> lutter: should it be \t or just gone entirely?
[2009/05/31 13:04:50] @ fujin joined channel #puppet
[2009/05/31 13:10:15] @ matty joined channel #puppet
[2009/05/31 13:10:29] @ jmarki joined channel #puppet
[2009/05/31 13:14:30] @ claymation joined channel #puppet
[2009/05/31 13:15:11] @ bgupta is now known as bgupta|away
[2009/05/31 13:17:26] @ Quit: fujin_: Read error: 110 (Connection timed out)
[2009/05/31 13:17:37] @ justindossey joined channel #puppet
[2009/05/31 13:33:14] @ Quit: cwebber:
[2009/05/31 13:38:38] @ bgupta|away is now known as bgupta
[2009/05/31 13:51:08] @ Quit: shake-n-bake:
[2009/05/31 14:06:29] @ Quit: nevyn: Read error: 101 (Network is unreachable)
[2009/05/31 14:13:21] @ Quit: pleemans: Read error: 110 (Connection timed out)
[2009/05/31 14:18:03] @ Quit: lak:
[2009/05/31 14:19:21] @ Quit: nasrat_:
[2009/05/31 14:27:17] <maek> if I do service { "httpd" : ensure => running } is that the same as chkconfig --level 345 httpd on ? or is it just going to start it if its stopped?
[2009/05/31 14:28:41] <jrojas> maek: it will just start it if stopped
[2009/05/31 14:28:52] <jrojas> maek: enable => true is chkconfig
[2009/05/31 14:29:11] <maek> jrojas: thank you, I was confused.
[2009/05/31 14:29:17] <jrojas> np
[2009/05/31 14:30:21] <maek> jrojas: does it actually use chkconfig and service on rhel/cent or is it just using the init scripts?
[2009/05/31 14:30:52] <jrojas> hm...let me double check
[2009/05/31 14:31:05] @ dvc1 joined channel #puppet
[2009/05/31 14:31:24] <maek> how are you double checking? whats the name of the "things" that actually create the resource types?
[2009/05/31 14:31:54] <Dominic> there's a page called "type references" or something that lists how the Service type works
[2009/05/31 14:32:04] <Dominic> (and the different things it can do on each platform)
[2009/05/31 14:32:13] <jrojas> maek: it is chkconfig on redhat
[2009/05/31 14:32:16] <maek> found that, it says redhat uses chkconfig
[2009/05/31 14:32:26] <maek> sorry, ill read more.
[2009/05/31 14:32:28] <maek> thank you both
[2009/05/31 14:32:28] <jrojas> lib/provider/service/redhat.rb
[2009/05/31 14:32:41] <maek> provider is what creates a resource type?
[2009/05/31 14:32:50] @ dvc1 left channel #puppet ()
[2009/05/31 14:32:56] @ mvn072 joined channel #puppet
[2009/05/31 14:32:56] <jrojas> in a way yes
[2009/05/31 14:33:10] <jrojas> the provider is what allows the resource type to be used
[2009/05/31 14:33:30] <jrojas> you could have a package type, with different providers, IE rpm, yum, apt
[2009/05/31 14:33:47] @ Quit: nico: Read error: 110 (Connection timed out)
[2009/05/31 14:34:07] <maek> understood, thanks
[2009/05/31 14:34:10] <jrojas> np
[2009/05/31 14:34:52] <maek> anyone here used "GOD" ?
[2009/05/31 14:34:55] <maek> for monitoring?
[2009/05/31 14:39:46] @ kopernikus joined channel #puppet
[2009/05/31 14:40:39] @ Quit: kopernikus: Client Quit
[2009/05/31 14:40:41] <maek> also, another stupid question. if I do facter kernel or facter uptime or almost facter "anything" it works but facter memoryfree and facter memorysize dont work. they do show up when I just run facter though
[2009/05/31 14:48:04] @ joe-mac1 left channel #puppet ()
[2009/05/31 15:01:40] @ nevyn joined channel #puppet
[2009/05/31 15:11:43] @ Quit: Welsh_Dwarf: Remote closed the connection
[2009/05/31 15:23:27] @ madrescher joined channel #puppet
[2009/05/31 15:25:17] @ WALoeIII joined channel #puppet
[2009/05/31 15:35:10] @ Quit: madrescher: Read error: 104 (Connection reset by peer)
[2009/05/31 15:35:19] @ nakano_ is now known as nakano
[2009/05/31 15:48:06] @ Quit: jmarki: Remote closed the connection
[2009/05/31 15:49:38] @ fbe joined channel #puppet
[2009/05/31 15:51:57] @ madrescher joined channel #puppet
[2009/05/31 15:52:48] @ Quit: WALoeIII:
[2009/05/31 16:07:41] @ joe-mac joined channel #puppet
[2009/05/31 17:07:59] @ davelj joined channel #puppet
[2009/05/31 17:08:11] @ zeroXten joined channel #puppet
[2009/05/31 17:11:55] @ Quit: fbe: Read error: 110 (Connection timed out)
[2009/05/31 17:19:27] @ zeroXten_ joined channel #puppet
[2009/05/31 17:29:55] @ Quit: zeroXten: Read error: 110 (Connection timed out)
[2009/05/31 17:29:55] @ zeroXten1 joined channel #puppet
[2009/05/31 17:30:38] @ zeroXten1 is now known as zeroXten
[2009/05/31 17:43:16] @ Quit: docelic: "http://www.spinlocksolutions.com/"
[2009/05/31 17:46:59] @ Quit: zeroXten_: Read error: 110 (Connection timed out)
[2009/05/31 17:51:05] @ fbe joined channel #puppet
[2009/05/31 17:59:36] @ Quit: matty:
[2009/05/31 18:11:53] @ Quit: zeroXten: Read error: 110 (Connection timed out)
[2009/05/31 18:14:24] @ matty joined channel #puppet
[2009/05/31 18:23:24] @ Quit: mvn072: Remote closed the connection
[2009/05/31 18:27:27] @ Quit: madrescher: "Leaving."
[2009/05/31 18:30:35] @ maek_ joined channel #puppet
[2009/05/31 18:30:56] @ nakano is now known as nakano_
[2009/05/31 18:35:02] @ nakano_ is now known as nakano
[2009/05/31 18:38:47] @ lak joined channel #puppet
[2009/05/31 18:42:17] <jamesturnbull> gepetto: seen nasrat
[2009/05/31 18:42:17] <gepetto> jamesturnbull: nasrat was last seen 5 hours, 56 minutes and 9 seconds ago, quitting IRC (Read error: 110 (Connection timed out))
[2009/05/31 18:42:27] <jamesturnbull> stupid timezones
[2009/05/31 18:43:29] <jamesturnbull> maek_: that's a bug with the 1.5.x series - it's hopefully going to be fixed in 1.6.x or 2.x.x
[2009/05/31 18:43:52] <maek_> jamesturnbull: thanks
[2009/05/31 18:44:40] <jamesturnbull> maek_: well "bug" is perhaps a little strong ... design limitation we'll call it... :)
[2009/05/31 18:44:49] @ Quit: maek: Read error: 110 (Connection timed out)
[2009/05/31 18:50:26] @ Quit: lak:
[2009/05/31 18:56:42] @ verwilst joined channel #puppet
[2009/05/31 19:03:58] @ PaulWay joined channel #puppet
[2009/05/31 19:07:19] <PaulWay> Hi all!
[2009/05/31 19:07:44] @ Quit: maek_:
[2009/05/31 19:16:06] @ Quit: verwilst: Read error: 60 (Operation timed out)
[2009/05/31 19:36:43] <PaulWay> I'm having a weird problem where two of my puppet clients are not updating, despite the puppet daemon being up on those two hosts.
[2009/05/31 19:38:06] <PaulWay> On both, running puppetd from the command line says that the "Lock file /var/lib/puppet/state/puppetdlock exists"
[2009/05/31 19:41:24] @ matty_ joined channel #puppet
[2009/05/31 19:43:25] @ Djelibeybi joined channel #puppet
[2009/05/31 19:53:30] @ Quit: Bass10: "Leaving"
[2009/05/31 19:58:06] @ Quit: fujin:
[2009/05/31 19:58:49] @ Quit: matty: Read error: 113 (No route to host)
[2009/05/31 20:06:12] @ Bass10 joined channel #puppet
[2009/05/31 20:06:57] @ shake-n-bake joined channel #puppet
[2009/05/31 20:07:13] @ maek joined channel #puppet
[2009/05/31 20:07:28] @ Quit: Bass10: SendQ exceeded
[2009/05/31 20:07:59] @ Bass10 joined channel #puppet
[2009/05/31 20:10:36] @ maek left channel #puppet ()
[2009/05/31 20:10:42] @ maek joined channel #puppet
[2009/05/31 20:14:44] @ maek left channel #puppet ()
[2009/05/31 20:14:52] @ maek joined channel #puppet
[2009/05/31 20:21:20] @ JM joined channel #puppet
[2009/05/31 20:28:43] <PaulWay> I've turned debug on on both of the daemons, but I haven't seen them start up for their half-hourly run yet.
[2009/05/31 20:34:39] <PaulWay> The odd thing about this all is that every other one of the 27-odd machines we have running puppet is working just fine.
[2009/05/31 20:34:43] @ maek left channel #puppet ()
[2009/05/31 20:34:49] @ maek joined channel #puppet
[2009/05/31 20:34:56] <PaulWay> I have no idea what has made these two machines not do their regular updates.
[2009/05/31 20:35:16] <PaulWay> Any ideas as to how to work that out would be greatly appreciated :-)
[2009/05/31 20:36:05] <ch> check in any puppetd is still doing anything, else remove the lockfile
[2009/05/31 20:38:02] @ Quit: shake-n-bake:
[2009/05/31 20:38:25] @ Quit: Bass10: Connection timed out
[2009/05/31 20:40:48] <PaulWay> ch: how do I know if puppetd is still doing anything - it's not writing anything to its logs...
[2009/05/31 20:41:37] <sdodson> It should say run completed in $x seconds or some such in the logs when it pauses.
[2009/05/31 20:41:38] <PaulWay> ch: also, if I shut down the daemon correctly the lockfile is removed correctly, and on every other machine I have the lockfile is only used while puppetd is doing its update.
[2009/05/31 20:41:56] <PaulWay> sdodson: Yeah, and I'm not seeing that.
[2009/05/31 20:42:23] <PaulWay> But I've stopped and started the service many times, and while its stopped I've run the daemon manually (puppetd -tov --debug) with no problems.
[2009/05/31 20:43:18] <PaulWay> So I can't work out what the daemon started from init.d is getting wedged on...
[2009/05/31 20:43:42] <PaulWay> I'm getting "Puppet (debug): Finishing transaction -606360786 with 0 changes" from one of the two servers in question.
[2009/05/31 20:44:26] <PaulWay> Which doesn't look like the regular "Finished catalog run in \d+\.\d+ seconds"...
[2009/05/31 20:45:22] <PaulWay> Interestingly, I just restarted the daemon on one of the two servers and it didn't actually issue a "Started catalog run" or "Finished catalog run" message at all.
[2009/05/31 20:45:26] @ ohadlevy joined channel #puppet
[2009/05/31 20:46:07] <PaulWay> Maybe there's a clue there...
[2009/05/31 20:46:43] <Djelibeybi> PaulWay: do you have splay enabled?
[2009/05/31 20:47:02] <PaulWay> I've never heard of it - I don't think I have it enabled...
[2009/05/31 20:47:48] <Djelibeybi> It's an option in puppet.conf to randomly delay the puppetd
[2009/05/31 20:48:03] <Djelibeybi> So that if you restart all your puppet clients at the same time, they don't all hit the master concurrently
[2009/05/31 20:48:21] <PaulWay> I've got nothing that mentions 'splay' in the puppet.conf file...
[2009/05/31 20:48:34] <Djelibeybi> Not that then.
[2009/05/31 20:48:38] <Djelibeybi> It was just a thought.
[2009/05/31 20:52:24] <PaulWay> Does Puppet hold the lock open while it's starting up the daemon?
[2009/05/31 20:52:55] <PaulWay> Could it be that the daemon just isn't starting up completely in daemon mode, but it is in --once mode?
[2009/05/31 20:53:30] @ webx joined channel #puppet
[2009/05/31 20:54:20] <webx> with the authorized_keys file handling of 24.8, it looks like even if none of the keys change, the file is still regenerated
[2009/05/31 20:55:09] @ garin_ joined channel #puppet
[2009/05/31 20:55:11] <webx> it's not a problem on the key usage, since all of the keys still work, but if you're doing any sort of tripwire-ish monitoring of your nodes, you're swamped with email because the file changes each time
[2009/05/31 20:55:24] @ gstratton joined channel #puppet
[2009/05/31 20:56:06] <maek> webx: OT, when you say "tripwire-ish" does that mean you have another program similar to tripwire? is it AIDE?
[2009/05/31 20:56:07] <webx> just wondering if it was by design to generate that file each run even if none of the keys have changed -- seems a bit of a waste
[2009/05/31 20:56:22] <webx> maek: yeah, AIDE -- but it could be anything that does checksum verification
[2009/05/31 20:56:34] <maek> how do you like AIDE? you been using it long?
[2009/05/31 20:56:38] <webx> since the timestamp at the top changes
[2009/05/31 20:56:45] <webx> eh, it's alright I guess.. it seems to do the basics
[2009/05/31 20:57:08] <webx> it can't tell you the differences (at least with our implementation. I didn't set it up)
[2009/05/31 20:57:25] <webx> but it does a good job of telling you what's changing, which can be key
[2009/05/31 20:57:49] <maek> thats all Im looking for, is what changed. thanks
[2009/05/31 20:58:18] <webx> yea, for that it's pretty good
[2009/05/31 20:59:00] @ Quit: JM: Read error: 110 (Connection timed out)
[2009/05/31 20:59:01] @ lludwig joined channel #puppet
[2009/05/31 21:01:35] <webx> may end up having to write a cron or something that removes the comments from authorized_keys
[2009/05/31 21:01:45] <webx> is it possible to tell pupet to not enerate the comments ?
[2009/05/31 21:04:19] <PaulWay> Djelibeybi: if I can ask for your assistance in creating that custom fact - let me go through what you said before and see where I get to.
[2009/05/31 21:04:28] <Djelibeybi> PaulWay: sure
[2009/05/31 21:04:42] <PaulWay> ll
[2009/05/31 21:04:46] <PaulWay> curse, wrong window.
[2009/05/31 21:05:11] <Djelibeybi> PaulWay: free free to pastie the output and stuff. :)
[2009/05/31 21:06:09] <PaulWay> Ooooh, I didn't know you could do that with pastie!
[2009/05/31 21:06:30] <PaulWay> Curse, pidgin's dropped the instructions from last Friday.
[2009/05/31 21:06:46] <PaulWay> Let's see - put the fact in modules/puppet/facter/, yes?
[2009/05/31 21:06:55] <Djelibeybi> No
[2009/05/31 21:07:01] <Djelibeybi> One sec
[2009/05/31 21:07:04] <PaulWay> Ah, sorry.
[2009/05/31 21:07:06] <PaulWay> IO'
[2009/05/31 21:07:12] <PaulWay> I'm having to go off memory.
[2009/05/31 21:07:21] <Djelibeybi> modules/plugins/facter
[2009/05/31 21:07:44] <PaulWay> Is that because you have a 'plugins' class in Puppet, or is the 'plugins' module special?
[2009/05/31 21:08:03] <PaulWay> Curse - afk for a minute...
[2009/05/31 21:08:04] <Djelibeybi> It's special
[2009/05/31 21:08:13] <Djelibeybi> My full path is: /etc/puppet/modules/motd/plugins/facter
[2009/05/31 21:08:38] <Djelibeybi> Oops, sorry. I got it wrong before
[2009/05/31 21:13:18] <PaulWay> so modules/$modulename/plugins/facter
[2009/05/31 21:13:25] <Djelibeybi> *nod*
[2009/05/31 21:14:14] <PaulWay> Just checking my parameters here - does this make that fact only available for the one class, or to everything?
[2009/05/31 21:15:10] <Djelibeybi> It's available for everything
[2009/05/31 21:15:13] <Djelibeybi> It just becomes another fact.
[2009/05/31 21:16:18] @ Quit: veritas_aequitas: "http://www.mibbit.com ajax IRC Client"
[2009/05/31 21:16:35] <PaulWay> Righto, good.
[2009/05/31 21:17:17] <PaulWay> OK, how do I deploy it?
[2009/05/31 21:18:03] <Djelibeybi> It auto-deploys
[2009/05/31 21:18:10] <PaulWay> !!
[2009/05/31 21:18:12] <Djelibeybi> Assuming you have those puppet.conf options enabled on the client
[2009/05/31 21:18:21] <PaulWay> What were they again?
[2009/05/31 21:18:52] <Djelibeybi> I have no idea. And I'm working from home, so I can't even check my puppet masters
[2009/05/31 21:19:01] <PaulWay> Ah. :-(
[2009/05/31 21:19:14] <Djelibeybi> It was on that wiki page though
[2009/05/31 21:19:23] <Djelibeybi> pluginsync=true
[2009/05/31 21:19:33] <Djelibeybi> and a plugindir perhaps?
[2009/05/31 21:19:37] <Djelibeybi> Something like that
[2009/05/31 21:20:42] <PaulWay> http://reductivelabs.com/trac/puppet/wiki/PluginsInModules - "pluginsync=true, factpath = plugins/facter" - would that be right?
[2009/05/31 21:20:48] <Djelibeybi> That's it!
[2009/05/31 21:20:53] <Djelibeybi> I just found it too. :)
[2009/05/31 21:21:39] <PaulWay> Ooooh, now here's a tricky one - our /etc/puppet directory on the clients is checked out of a Subversion repository.
[2009/05/31 21:21:49] <Djelibeybi> Why?
[2009/05/31 21:22:02] <Djelibeybi> On the Puppet Master, sure. On the clients? There's nothing in /etc/puppet. :)
[2009/05/31 21:22:10] <Djelibeybi> I use Augeas to update puppet.conf on the clients.
[2009/05/31 21:22:22] <Djelibeybi> So, I use Puppet to add those two settings to itself. :)
[2009/05/31 21:22:26] <PaulWay> Why? Because that's what I was used to.
[2009/05/31 21:22:37] <PaulWay> That sounds suspiciously like bootstrapping.
[2009/05/31 21:22:46] <Djelibeybi> *nod*
[2009/05/31 21:24:07] @ Quit: schwagala: Read error: 60 (Operation timed out)
[2009/05/31 21:24:42] <PaulWay> So how does your puppet client initially know which server to talk to?
[2009/05/31 21:25:05] <Djelibeybi> PaulWay: we have a "puppet" DNS alias, and custom kickstart files.
[2009/05/31 21:25:07] <PaulWay> (And given that we haven't got a 'puppet.example.com' domain name (yet)..."
[2009/05/31 21:25:22] <PaulWay> I must learn more from you oh master :-)
[2009/05/31 21:25:38] <Djelibeybi> It's more of a hack. :)
[2009/05/31 21:25:51] <Djelibeybi> The first-boot script on our physical/VM guests prompts for the name of the puppet master
[2009/05/31 21:26:06] <Djelibeybi> Though, I have Thoughts(tm) about it as well.
[2009/05/31 21:26:18] <PaulWay> So can I just go back to our current system and have puppet do an 'svn update' on its directory somehow?
[2009/05/31 21:26:35] <Djelibeybi> exec { "cd /etc/puppet; svn up": }
[2009/05/31 21:26:36] <PaulWay> I too subscribe to Thoughts(tm)
[2009/05/31 21:26:46] <PaulWay> Of course.
[2009/05/31 21:26:58] <Djelibeybi> Though, that would make it do an svn up every 30 minutes.
[2009/05/31 21:27:02] <Djelibeybi> Which may or may not be a good thing.
[2009/05/31 21:27:24] <Djelibeybi> You might want to put an unless => in there and commit a flag file.
[2009/05/31 21:27:56] <PaulWay> *shrugs* if it polls our internal svn server every half an hour that's unlikely to break anything.
[2009/05/31 21:28:04] @ lak joined channel #puppet
[2009/05/31 21:28:10] <PaulWay> sssh, it's lak!
[2009/05/31 21:28:12] <PaulWay> :-)
[2009/05/31 21:28:16] <Djelibeybi> So, your manifest is more like: http://pastie.org/496150
[2009/05/31 21:28:22] <Djelibeybi> Then, commit a flag.date file.
[2009/05/31 21:28:35] <lak> don't be talkin' 'bout me
[2009/05/31 21:28:36] <Djelibeybi> Then, when you want to svn up, you just svn rm that file, create a new one and update the manifest.
[2009/05/31 21:28:50] <PaulWay> But that makes no sense.
[2009/05/31 21:28:51] <Djelibeybi> Note: typed from memory, so E&OE.
[2009/05/31 21:29:13] <Djelibeybi> Consider the file flag.$date
[2009/05/31 21:29:21] <Djelibeybi> So, flag.20090106
[2009/05/31 21:29:35] <Djelibeybi> This is top of my head stuff.
[2009/05/31 21:29:35] <PaulWay> yeah...?
[2009/05/31 21:29:45] @ martha left channel #puppet ()
[2009/05/31 21:29:57] <ohadlevy> you can also just touch it
[2009/05/31 21:30:02] <PaulWay> But on the client, that file exists, so the test always returns true, so it never updates to check that the file now doesn't exist.
[2009/05/31 21:30:07] <PaulWay> ohadlevy: I was thinking that too...
[2009/05/31 21:30:09] <ohadlevy> and use file {.filename: checksum => mtime
[2009/05/31 21:30:15] <ohadlevy> which notify an exec
[2009/05/31 21:30:24] <Djelibeybi> Good point, well made.
[2009/05/31 21:30:24] <PaulWay> Same problem AFAICS.
[2009/05/31 21:30:30] <Djelibeybi> Highlights my requirement for MORE COFFEE.
[2009/05/31 21:32:12] @ schwagala joined channel #puppet
[2009/05/31 21:33:05] <PaulWay> I'm still not sure that avoids the crowbar-in-box problem.
[2009/05/31 21:33:27] <Djelibeybi> Oh, is that what we're trying to avoid? :)
[2009/05/31 21:33:33] <PaulWay> On the client, the file always looks like its up-to-date, so it never checks the subversion server to see if the file is no longer up-to-date.
[2009/05/31 21:34:20] <ohadlevy> you need to do it in a two execs, one does status -u
[2009/05/31 21:34:25] <Djelibeybi> Is there an svn command to check if you're up to date?
[2009/05/31 21:34:47] <ohadlevy> there is a subversion module that Luke wrote a few years back - use it :)
[2009/05/31 21:34:52] <PaulWay> I think so.
[2009/05/31 21:35:34] <PaulWay> But afaics svn update is low-cost if the client's up-to-date.
[2009/05/31 21:40:14] <PaulWay> A quick tshark says it takes more time to set up the HTTPS SSL connection than it does to actually check that the repository's up-to-date.
[2009/05/31 21:40:17] @ jmarki joined channel #puppet
[2009/05/31 21:44:22] <ohadlevy> PaulWay: you can do: onlyif => '/usr/bin/svn status -u --non-interactive | /bin/grep "\*"',
[2009/05/31 21:45:52] <PaulWay> ohadlevy: My theory here is that the cost of that is as much as the cost of doing the update anyway in both situations.
[2009/05/31 21:46:15] <PaulWay> I.e. if you didn't need to do an update, then it's cost you the check, and if you did need to do the update, it's cost you the check plus the update.
[2009/05/31 21:46:22] <ohadlevy> the only difference is that you wont get a message from puppet everytime you run it
[2009/05/31 21:46:24] <PaulWay> Which would be exactly the same cost if you just ran 'svn update'.
[2009/05/31 21:46:36] <PaulWay> Ah, true. Good point :-)
[2009/05/31 21:47:03] <PaulWay> When I finally get around to getting reports from Puppet that will be important...
[2009/05/31 21:53:29] <PaulWay> So puppet is still not updating on those two hosts - no started runs, no finished runs.
[2009/05/31 21:53:37] <PaulWay> I can't figure out what its up to.
[2009/05/31 21:53:46] <PaulWay> The log doesn't show anything suspicious to my semi-trained eyes.
[2009/05/31 21:55:26] <PaulWay> Yet it still has the lock file set.
[2009/05/31 21:55:36] <Djelibeybi> PaulWay: could it be the Facter bug that causes Puppet to stop?
[2009/05/31 21:55:49] <PaulWay> I haven't even put that fact in place on the server yet.
[2009/05/31 21:55:55] <Djelibeybi> Do you see the log that Puppet is starting, but no catalog runs?
[2009/05/31 21:55:58] <PaulWay> Is that "the Facter bug" you're talking about?
[2009/05/31 21:56:01] <Djelibeybi> Has nothing to do with custom facts.
[2009/05/31 21:56:02] <PaulWay> Djelibeybi: Yes...
[2009/05/31 21:56:05] <Djelibeybi> Ok, one sec.
[2009/05/31 21:56:10] <PaulWay> OK, learn me up :-)
[2009/05/31 21:56:12] <Djelibeybi> This was a bug in Facter 1.5.4
[2009/05/31 21:56:21] <Djelibeybi> EL4 machines per chance?
[2009/05/31 21:56:29] <PaulWay> Yes.
[2009/05/31 21:56:30] <PaulWay> Do go on!
[2009/05/31 21:56:36] <Djelibeybi> Ok, one sec
[2009/05/31 21:56:52] <Djelibeybi> I just have to find the bug. Problem either with virtual.rb or I think one of the CPU ones.
[2009/05/31 21:56:53] <Djelibeybi> Hang on
[2009/05/31 21:57:23] <Djelibeybi> http://projects.reductivelabs.com/issues/2044
[2009/05/31 21:57:41] <Djelibeybi> Fixed in the 1.5.5. RC
[2009/05/31 21:58:47] <PaulWay> Well, all packages are up-to-date on that machine but facter is at 1.5.4
[2009/05/31 21:59:02] <Djelibeybi> Also this: http://projects.reductivelabs.com/issues/2032
[2009/05/31 21:59:20] <Djelibeybi> Also fixed in the 1.5.5 RC.
[2009/05/31 21:59:25] <Djelibeybi> I patched my 1.5.4 installs
[2009/05/31 21:59:36] <PaulWay> So the main difference is to add "require 'thread'" to the virtual.rb fact?
[2009/05/31 21:59:48] <PaulWay> So why only these two hosts?
[2009/05/31 21:59:55] <PaulWay> Why not all my RHEL4 hosts?
[2009/05/31 22:00:07] <Djelibeybi> I saw it on all my EL4-XenU hosts
[2009/05/31 22:00:24] <Djelibeybi> There is a "require 'thread'"
[2009/05/31 22:00:30] <Djelibeybi> Also, a "Thread::exclusive do"
[2009/05/31 22:00:35] <Djelibeybi> And an "end"
[2009/05/31 22:00:38] <PaulWay> Ah, I see, there's also the "Thread::exclusive do".
[2009/05/31 22:00:40] <PaulWay> Right.
[2009/05/31 22:00:49] <PaulWay> I'll try patching one of them and see if that fixes things.
[2009/05/31 22:01:19] <Djelibeybi> Click the "diff" link from the git message
[2009/05/31 22:01:24] <Djelibeybi> Easy enough to see the changes.
[2009/05/31 22:04:55] <PaulWay> Right, I've applied both those patches.
[2009/05/31 22:05:00] @ gebi_ joined channel #puppet
[2009/05/31 22:05:06] <PaulWay> And it looks like the second one has done the trick.
[2009/05/31 22:05:09] <PaulWay> Yay!
[2009/05/31 22:05:23] <PaulWay> So it's a ruby problem really, yeah?
[2009/05/31 22:05:26] <Djelibeybi> Huzzah
[2009/05/31 22:06:14] <Djelibeybi> I believe so.
[2009/05/31 22:06:23] <Djelibeybi> The Ruby version in EL4 and EL5 is a bit out of date
[2009/05/31 22:07:05] <PaulWay> Yeah, it's definitely the second (uptime) patch - I applied only that to the other server and it's working now.
[2009/05/31 22:07:26] <PaulWay> I sympathise with jamesturnbull - that is an ugly hack.
[2009/05/31 22:11:58] @ nakano is now known as nakano_
[2009/05/31 22:17:30] @ Quit: gebi: Read error: 113 (No route to host)
[2009/05/31 22:17:55] <PaulWay> The odd thing is that ruby is the same version (1.8.1, yes I know) across all the machines, working and (formerly) broken.
[2009/05/31 22:23:33] <tmz> PaulWay: if you need facter-1.5.5, it's built and waiting for the next epel-testing push: http://buildsys.fedoraproject.org/build-status/job.psp?uid=2385
[2009/05/31 22:24:11] <tmz> it's already in epel-testing for EL5.
[2009/05/31 22:33:51] @ alex2 joined channel #puppet
[2009/05/31 22:43:14] @ Quit: jmarki: Remote closed the connection
[2009/05/31 22:56:04] <joe-mac> does this sound familiar: i don't see that a transaction report was sent in daemon.log when i run puppet from the init.d script, yet when i run it like puppetd -t, i see it sent a transaction report
[2009/05/31 22:57:05] <lak> joe-mac: isn't the log an 'info' log? if so it's only visible with --verbose
[2009/05/31 22:57:12] <joe-mac> ah, ok
[2009/05/31 23:02:09] <ohadlevy> lak: I'm I completly off with #2309?
[2009/05/31 23:02:10] <gepetto> ohadlevy: lak: #2309 is http://projects.reductivelabs.com/issues/show/2309 "Puppet - Bug #2309: templates are processed too early in the compliation - ReductiveLabs.com"
[2009/05/31 23:04:39] <lak> ohadlevy: i don't know, i still can't quite see the confusion
[2009/05/31 23:05:08] <ohadlevy> my point is that it looks like the template processing is done before (some part) of the graph
[2009/05/31 23:05:28] <lak> the graph doesn't really matter here on the server
[2009/05/31 23:05:40] <lak> the template is only evaluated when that file resource is evaluated
[2009/05/31 23:05:43] <lak> certainly not before
[2009/05/31 23:05:52] <lak> if it is before, then, um, something is insanely crazy
[2009/05/31 23:06:06] <ohadlevy> so the template is evaluated before all related classes
[2009/05/31 23:06:22] <ohadlevy> i've attaced a debug output, which i think shows it
[2009/05/31 23:06:50] <ohadlevy> the buttom line is that, the output with template is wrong, but using pure content => varname is correct
[2009/05/31 23:06:56] <lak> your debug just shows the order of the parameters being added
[2009/05/31 23:06:58] <lak> i get that
[2009/05/31 23:07:21] <lak> in each of your classes, add calls to 'notice'
[2009/05/31 23:07:26] <lak> e.g., notice "in class a"
[2009/05/31 23:07:39] <lak> you can add one before and after the file resource
[2009/05/31 23:07:43] <lak> that should clarify the ordering
[2009/05/31 23:08:01] <ohadlevy> it also works with notice
[2009/05/31 23:08:12] <ohadlevy> notice prefix the scope name
[2009/05/31 23:12:01] <ohadlevy> lak: the notice from the tempalte comes before the define
[2009/05/31 23:12:22] <lak> pastie?
[2009/05/31 23:12:27] <PaulWay> tmz: ta.
[2009/05/31 23:12:44] <PaulWay> Given that I'm waiting on a Satellite server to do the upgrade to RHEL5, this may take a while tho :-)
[2009/05/31 23:14:22] <ohadlevy> http://pastie.org/496196
[2009/05/31 23:17:22] @ nasrat joined channel #puppet
[2009/05/31 23:18:57] <ohadlevy> lak: does this make sense to you?
[2009/05/31 23:19:09] <lak> ohadlevy: sorry, i'm reviewing a contract, kinda distracted
[2009/05/31 23:20:54] @ bobbyz joined channel #puppet
[2009/05/31 23:42:27] @ Quit: matty_:
[2009/05/31 23:43:24] <lak> ohadlevy: ah, i see what is happening
[2009/05/31 23:43:40] @ Quit: alex2: Read error: 54 (Connection reset by peer)
[2009/05/31 23:43:48] <lak> the 'dir' resource isn't getting evaluated until all other resources in the queue have been evaluated, which in this case means the a and b class resources
[2009/05/31 23:43:58] @ alex2 joined channel #puppet
[2009/05/31 23:44:32] <ohadlevy> lak: ok, any workarounds ?:)
[2009/05/31 23:44:40] <ohadlevy> lak: or is it a bug?
[2009/05/31 23:46:25] <lak> um
[2009/05/31 23:46:30] <lak> i guess it's a bug
[2009/05/31 23:47:48] <ohadlevy> lak: well, for now, the template reads the manifests directly, so its a low prio
[2009/05/31 23:48:15] <lak> that's too late
[2009/05/31 23:48:26] <lak> my babies wake me up between 6am and 7:30
[2009/05/31 23:48:32] <lak> and i only got 5.5hrs of sleep last night
[2009/05/31 23:49:04] <ohadlevy> lak: there are days I wish for 5.5hrs:)
[2009/05/31 23:49:09] <lak> crap
[2009/05/31 23:49:11] <lak> sorry
[2009/05/31 23:49:12] <lak> ww :/
[2009/05/31 23:49:50] @ mfoster joined channel #puppet
[2009/05/31 23:49:55] <lak> i don't do that very often
« Saturday, 2009-05-30 Index Monday, 2009-06-01 »

Generated by irclog2html.py 2.6 by Marius Gedminas - find it at mg.pov.lt!