| [2009/12/30 00:07:38] @ Log started by gepetto_ | ||
| [2009/12/30 00:07:38] @ Quit: littleidea: | ||
| [2009/12/30 00:14:36] @ littleidea joined channel #puppet | ||
| [2009/12/30 00:20:33] @ Quit: lero: Read error: 54 (Connection reset by peer) | ||
| [2009/12/30 00:20:46] @ Quit: friendly12345: "Leaving." | ||
| [2009/12/30 00:37:07] @ Quit: littleidea: | ||
| [2009/12/30 00:38:16] @ PaulWay[w] joined channel #puppet | ||
| [2009/12/30 00:44:02] @ littleidea joined channel #puppet | ||
| [2009/12/30 00:44:17] @ Quit: crdant: "Leaving." | ||
| [2009/12/30 00:50:19] @ Quit: ambroff: "Ex-Chat" | ||
| [2009/12/30 01:12:11] @ bodepd joined channel #puppet | ||
| [2009/12/30 01:15:36] @ jfreeman joined channel #puppet | ||
| [2009/12/30 01:22:17] @ Quit: Djelibeybi: "Leaving" | ||
| [2009/12/30 01:22:17] @ suchu joined channel #puppet | ||
| [2009/12/30 01:22:47] @ repodata joined channel #puppet | ||
| [2009/12/30 01:32:40] @ jusfreeman joined channel #puppet | ||
| [2009/12/30 01:38:52] @ Quit: littleidea: | ||
| [2009/12/30 01:48:15] @ Quit: jfreeman: Read error: 110 (Connection timed out) | ||
| [2009/12/30 01:56:11] @ Quit: bodepd: | ||
| [2009/12/30 01:58:06] @ bgupta joined channel #puppet | ||
| [2009/12/30 02:03:32] @ PaulWay[w] left channel #puppet ("I must go, there are too many tangrams on this channel.") | ||
| [2009/12/30 02:17:00] @ Quit: nexx|: Read error: 104 (Connection reset by peer) | ||
| [2009/12/30 02:23:06] @ nexx| joined channel #puppet | ||
| [2009/12/30 02:56:41] @ nar joined channel #puppet | ||
| [2009/12/30 02:59:42] @ bodepd joined channel #puppet | ||
| [2009/12/30 03:01:54] @ Quit: WALoeIII: | ||
| [2009/12/30 03:02:32] @ Quit: repodata: "ChatZilla 0.9.86 [Firefox 3.5.6/20091201220228]" | ||
| [2009/12/30 03:05:25] @ Djelibeybi joined channel #puppet | ||
| [2009/12/30 03:05:59] @ Quit: Djelibeybi: Remote closed the connection | ||
| [2009/12/30 03:12:36] @ Quit: _nalle: Remote closed the connection | ||
| [2009/12/30 03:14:03] @ _nalle joined channel #puppet | ||
| [2009/12/30 03:14:19] <jamesturnbull> gepetto_: seen nasrat | ||
| [2009/12/30 03:14:20] <gepetto_> jamesturnbull: nasrat was last seen 16 hours, 38 minutes and 4 seconds ago, quitting IRC ("Get Colloquy for iPhone! http://mobile.colloquy.info") | ||
| [2009/12/30 03:19:10] @ giskard joined channel #puppet | ||
| [2009/12/30 03:20:44] @ Quit: bodepd: | ||
| [2009/12/30 03:26:03] @ Quit: giskard: "Leaving..." | ||
| [2009/12/30 03:26:53] @ giskard joined channel #puppet | ||
| [2009/12/30 03:34:03] @ Quit: jusfreeman: Read error: 110 (Connection timed out) | ||
| [2009/12/30 03:39:49] @ bodepd joined channel #puppet | ||
| [2009/12/30 03:42:15] @ Quit: nar: | ||
| [2009/12/30 03:50:02] @ Quit: bodepd: | ||
| [2009/12/30 03:55:19] @ jusfreeman joined channel #puppet | ||
| [2009/12/30 04:02:18] @ CellKill joined channel #puppet | ||
| [2009/12/30 04:02:23] @ MattyM joined channel #puppet | ||
| [2009/12/30 04:05:07] @ Djelibeybi joined channel #puppet | ||
| [2009/12/30 04:07:30] @ Quit: giskard: Remote closed the connection | ||
| [2009/12/30 04:08:18] @ Quit: jusfreeman: Read error: 60 (Operation timed out) | ||
| [2009/12/30 04:08:25] @ giskard joined channel #puppet | ||
| [2009/12/30 04:11:46] @ nar joined channel #puppet | ||
| [2009/12/30 04:12:44] @ Quit: Djelibeybi: "Leaving" | ||
| [2009/12/30 04:21:14] @ Djelibeybi joined channel #puppet | ||
| [2009/12/30 04:22:34] @ Quit: nar: | ||
| [2009/12/30 04:22:58] @ Quit: rmiller4pi8: Read error: 110 (Connection timed out) | ||
| [2009/12/30 04:28:36] @ CellKill left channel #puppet () | ||
| [2009/12/30 04:36:10] @ nasrat joined channel #puppet | ||
| [2009/12/30 04:44:23] @ Quit: nasrat: "stuff" | ||
| [2009/12/30 04:44:50] @ nasrat joined channel #puppet | ||
| [2009/12/30 04:46:34] @ Quit: alfism: | ||
| [2009/12/30 05:03:48] @ jab_doa joined channel #puppet | ||
| [2009/12/30 05:04:27] @ Quit: Djelibeybi: "Leaving" | ||
| [2009/12/30 05:16:17] @ Quit: poison: Remote closed the connection | ||
| [2009/12/30 05:16:53] @ pastie joined channel #puppet | ||
| [2009/12/30 05:23:45] @ jes5 joined channel #puppet | ||
| [2009/12/30 05:26:45] @ gebi joined channel #puppet | ||
| [2009/12/30 05:32:06] @ Quit: jes5: "Leaving." | ||
| [2009/12/30 05:32:44] @ marcoecc joined channel #puppet | ||
| [2009/12/30 05:34:46] @ rickbradley|away is now known as rickbradley | ||
| [2009/12/30 05:36:40] @ poison joined channel #puppet | ||
| [2009/12/30 05:42:44] @ bodepd joined channel #puppet | ||
| [2009/12/30 05:43:07] @ bodepd left channel #puppet () | ||
| [2009/12/30 05:47:08] @ jes5 joined channel #puppet | ||
| [2009/12/30 05:48:21] @ rickbradley is now known as rickbradley|away | ||
| [2009/12/30 05:48:24] @ toi joined channel #puppet | ||
| [2009/12/30 05:50:10] @ Quit: jes5: Client Quit | ||
| [2009/12/30 05:53:45] @ danielbln joined channel #puppet | ||
| [2009/12/30 06:02:33] @ Quit: Juzzy: Read error: 54 (Connection reset by peer) | ||
| [2009/12/30 06:02:46] @ Juzzy joined channel #puppet | ||
| [2009/12/30 06:09:26] @ Quit: danielbln: "Leaving." | ||
| [2009/12/30 06:09:59] @ danielbln joined channel #puppet | ||
| [2009/12/30 06:11:38] @ Quit: danielbln: Client Quit | ||
| [2009/12/30 06:11:46] @ danielbln joined channel #puppet | ||
| [2009/12/30 06:13:18] <dsch04> Morning all | ||
| [2009/12/30 06:13:27] <dsch04> Festive greetings, and all that... | ||
| [2009/12/30 06:13:35] <dsch04> Anyone working today? | ||
| [2009/12/30 06:15:17] <Volcane> kindof | ||
| [2009/12/30 06:17:18] <danielbln> on call | ||
| [2009/12/30 06:17:51] * Volcane took time off in nov, so working | ||
| [2009/12/30 06:18:48] <barn> yeah, rocking the oncall /: | ||
| [2009/12/30 06:19:23] <Volcane> not had any calls :) | ||
| [2009/12/30 06:20:08] <danielbln> don't jinx it ;) | ||
| [2009/12/30 06:21:29] <DarkFlib> working here | ||
| [2009/12/30 06:21:33] <Volcane> my home nas box though died | ||
| [2009/12/30 06:22:01] <DarkFlib> using the slow period to get some maintenance done | ||
| [2009/12/30 06:23:12] <DarkFlib> eating scrambled eggs on toast while listening to dulcimer music... waiting for fscks oto finish | ||
| [2009/12/30 06:25:00] <DarkFlib> http://www.youtube.com/watch?v=ELWbrfZ2OL0 | ||
| [2009/12/30 06:31:21] @ Quit: toi: Read error: 60 (Operation timed out) | ||
| [2009/12/30 06:55:58] @ Quit: kolla: Remote closed the connection | ||
| [2009/12/30 06:56:56] @ overflowpt joined channel #puppet | ||
| [2009/12/30 06:57:26] <overflowpt> hi,, does anyone have an example of a manifest that manages sudoers file using augeas? | ||
| [2009/12/30 06:58:56] <overflowpt> i can't seem to find any example on the web | ||
| [2009/12/30 07:02:56] * dsch04 is working | ||
| [2009/12/30 07:03:10] <dsch04> I'm seeing problems with puppetmaster | ||
| [2009/12/30 07:03:57] <dsch04> I first noticed something was up when the script I use to query the mysql stored config DB didn't return any results | ||
| [2009/12/30 07:04:25] <dsch04> I then noticed that puppetmaster was only taking 0.01secs to compile catalogs: | ||
| [2009/12/30 07:04:35] <dsch04> Compiled catalog for b014.private.b.example.com in 0.01 seconds | ||
| [2009/12/30 07:04:54] <dsch04> I restarted puppetmaster and it started working again | ||
| [2009/12/30 07:05:08] <dsch04> Compiled catalog for b014.private.b.example.com in 6.43 seconds | ||
| [2009/12/30 07:05:42] <dsch04> I don't see any other indication of an error | ||
| [2009/12/30 07:05:50] <dsch04> Anyone else seen anything like this? | ||
| [2009/12/30 07:06:19] <dsch04> (this is v0.25.1 on CentOS 5.4) | ||
| [2009/12/30 07:06:45] <Volcane> nope but do see weirdness sometimes when it isnt dealing with syntax errors well: make error, get relvant log line, fix error, now you get all sorts of weird shit happen in unrelated (but probably related via puppet relationships) resources | ||
| [2009/12/30 07:06:54] <Volcane> might be something similar if you busted up a node config | ||
| [2009/12/30 07:07:03] <dsch04> Could be | ||
| [2009/12/30 07:07:08] <dsch04> I've seen that too | ||
| [2009/12/30 07:07:17] <dsch04> ie. changing manifests requires puppetmaster restart | ||
| [2009/12/30 07:09:09] @ stasikos joined channel #puppet | ||
| [2009/12/30 07:09:25] <stasikos> hi :) i have one little problem with puppet config | ||
| [2009/12/30 07:09:46] <stasikos> ec 30 05:58:12 SIS-CHI001 puppetd[7793]: Could not create amandabackup: user amandabackup doesn't exist | ||
| [2009/12/30 07:09:49] <stasikos> Dec 30 05:58:12 SIS-CHI001 puppetd[7793]: Configuration could not be instantiated: user amandabackup doesn't exist; using cached catalog | ||
| [2009/12/30 07:10:00] * overflowpt is away: (10 minute autoaway) [BX-MsgLog Off] | ||
| [2009/12/30 07:10:15] <stasikos> but these user should be created by package {} object, which is defined in the same class | ||
| [2009/12/30 07:10:22] <stasikos> how to solve this dependency? | ||
| [2009/12/30 07:11:00] <Volcane> just require the package | ||
| [2009/12/30 07:11:02] <dsch04> require => Package['package_name'] | ||
| [2009/12/30 07:11:44] <dsch04> object_that_requires_package{ 'some_name': require => Package['package_name'], ... } | ||
| [2009/12/30 07:12:02] * overflowpt is back from the dead. Gone 2 minutes 2 seconds | ||
| [2009/12/30 07:12:17] <stasikos> i will try it again, but i'm tried to define dependency this way | ||
| [2009/12/30 07:13:32] <Volcane> overflowpt: thanks, thats *fucking* annoying, we really appreciate it. | ||
| [2009/12/30 07:17:05] <overflowpt> sorry.. | ||
| [2009/12/30 07:17:19] @ Quit: gebi: Read error: 60 (Operation timed out) | ||
| [2009/12/30 07:17:49] @ Quit: overflowpt: "overflowpt has no reason" | ||
| [2009/12/30 07:21:42] <dsch04> mmm, scrambled eggs... | ||
| [2009/12/30 07:21:56] * dsch04 adds that to possible options for lunch | ||
| [2009/12/30 07:25:15] <stasikos> dsch04: same log message | ||
| [2009/12/30 07:25:54] <dsch04> pastebin your manifest. | ||
| [2009/12/30 07:27:30] <stasikos> dsch04: http://pastebin.com/m51d850b0 | ||
| [2009/12/30 07:30:03] <Cope> Volcane: around? | ||
| [2009/12/30 07:31:35] <dsch04> stasikos: A tip: use this to set the "require" property for all file objects: File{ require => Package['amanda-backup_client'] } | ||
| [2009/12/30 07:32:43] <stasikos> ok, i will try, but looks like it will not help | ||
| [2009/12/30 07:32:56] <dsch04> No, it won't - that's a tip for free :) | ||
| [2009/12/30 07:33:12] <dsch04> did you check on the machine that the amandabackup user exists ? | ||
| [2009/12/30 07:33:39] <stasikos> no, it is not exists. I want puppet to install package which will create it itself | ||
| [2009/12/30 07:34:09] <dsch04> So, the package installation is failing | ||
| [2009/12/30 07:34:10] <stasikos> something like installing of apache2 will add user "apache" or "www-data" | ||
| [2009/12/30 07:34:20] <dsch04> Yes, I understand what you mean | ||
| [2009/12/30 07:34:32] <stasikos> no. it doesn't want to use catalog :) | ||
| [2009/12/30 07:34:44] <dsch04> Try commenting out all the file configs, and just making sure the package installs correctly and creates that user | ||
| [2009/12/30 07:34:55] <dsch04> Or even try installing manually to make sure it works OK | ||
| [2009/12/30 07:34:56] <stasikos> ok | ||
| [2009/12/30 07:35:02] <dsch04> What platform is this? | ||
| [2009/12/30 07:35:07] <stasikos> centos | ||
| [2009/12/30 07:35:47] <dsch04> The package name on my CentOS system is amanda-client, not amanda-backup_client | ||
| [2009/12/30 07:36:01] <stasikos> dsch04: there is a package from my custom repo | ||
| [2009/12/30 07:36:12] <stasikos> it is newer than in centos repos | ||
| [2009/12/30 07:36:27] <dsch04> So do yum install amanda-backup_client and make sure it works | ||
| [2009/12/30 07:36:53] <stasikos> yes, but it will not automate configuration of nodes by puppet | ||
| [2009/12/30 07:37:11] <stasikos> yum: Installed: amanda-backup_client-2.6.1p1-1.rhel5.i386 | ||
| [2009/12/30 07:37:32] <stasikos> commented out all file {} objects and package was instaled | ||
| [2009/12/30 07:42:25] <stasikos> puppet consider whole catalog broken if user is not exists =( | ||
| [2009/12/30 07:43:59] <danielbln> I'd rather not have puppet apply an inconsistent configuration, even if it's just a missing user | ||
| [2009/12/30 07:45:24] <dsch04> So, did installing it manually create the user? | ||
| [2009/12/30 07:45:30] <stasikos> dsch04: yes | ||
| [2009/12/30 07:45:40] <dsch04> Sure? | ||
| [2009/12/30 07:45:47] <stasikos> also installing it via package {} creates this user | ||
| [2009/12/30 07:46:00] <dsch04> Try removing the package and the user | ||
| [2009/12/30 07:46:29] <dsch04> Then re-trying | ||
| [2009/12/30 07:46:32] <stasikos> but puppet can't understand situation where configuration has reference to some user and this user not exists | ||
| [2009/12/30 07:46:47] <dsch04> Yes, that's correct behaviour | ||
| [2009/12/30 07:47:01] <dsch04> Your problem is that the package is not installing correctly | ||
| [2009/12/30 07:47:03] <stasikos> but I'm sure it will be created by some object | ||
| [2009/12/30 07:47:13] <stasikos> dsch04: it installs correctly. | ||
| [2009/12/30 07:47:26] @ pjsz joined channel #puppet | ||
| [2009/12/30 07:47:54] <stasikos> dsch04: problem is in _puppet_ which _will not install_ it, because it considers catalog broken | ||
| [2009/12/30 07:48:18] @ Quit: Juzzy: Read error: 113 (No route to host) | ||
| [2009/12/30 07:48:26] @ Juzzy joined channel #puppet | ||
| [2009/12/30 07:50:08] <stasikos> i'm sure - if i will define user {} object, puppet will not read catalog if there is also file {} object with owner set to this user and it is not exists :) | ||
| [2009/12/30 07:51:07] <stasikos> so, there must be way to point puppet something like "this object will provide this user" | ||
| [2009/12/30 07:51:54] <stasikos> oh... maybe "if/else" will solve this? | ||
| [2009/12/30 07:59:39] @ gebi joined channel #puppet | ||
| [2009/12/30 08:00:09] @ Quit: jab_doa: "Verlassend" | ||
| [2009/12/30 08:04:27] @ Quit: bug: | ||
| [2009/12/30 08:13:00] <Volcane> manifest compiles fine if a user is missing | ||
| [2009/12/30 08:13:01] <Volcane> http://pastie.org/761207 | ||
| [2009/12/30 08:13:05] <Volcane> you're doing something weird | ||
| [2009/12/30 08:13:19] <Volcane> like not shwing us your code | ||
| [2009/12/30 08:13:48] <ashp> hmm, can someone resolve brie.untaken.net for me? | ||
| [2009/12/30 08:13:53] <ashp> I think works DNS is being broken :/ | ||
| [2009/12/30 08:14:47] <danielbln> 94.23.244.220 | ||
| [2009/12/30 08:14:50] <danielbln> icmp works too | ||
| [2009/12/30 08:14:55] <Volcane> host brie.untaken.net 8.8.8.8 | ||
| [2009/12/30 08:15:02] <danielbln> heh, yeah, using googles DNS here too | ||
| [2009/12/30 08:15:18] @ crdant joined channel #puppet | ||
| [2009/12/30 08:15:22] <Volcane> i didnt check it, just saying, its quicker to check it yourself than ask :) | ||
| [2009/12/30 08:16:16] <stasikos> Volcane: yes, i found "ssh_authorized_key" with { user=>"amandabackup", } causes this | ||
| [2009/12/30 08:16:35] <Volcane> stasikos: ah, try adding target => | ||
| [2009/12/30 08:19:27] <stasikos> looks like it works | ||
| [2009/12/30 08:19:29] <stasikos> :) | ||
| [2009/12/30 08:21:16] @ omry_|work joined channel #puppet | ||
| [2009/12/30 08:21:25] <Volcane> and i think that bug was fixed already, what version u on? | ||
| [2009/12/30 08:22:03] @ Quit: omry|work: Read error: 60 (Operation timed out) | ||
| [2009/12/30 08:24:04] <mark> is there a way to have the File type overwrite a file directly with new contents, without the intermediate step of a temporary file? | ||
| [2009/12/30 08:24:36] @ bug joined channel #puppet | ||
| [2009/12/30 08:24:56] <Volcane> nope :( nasty time based race conditions | ||
| [2009/12/30 08:25:07] <mark> that would be useful for things like sysctl | ||
| [2009/12/30 08:25:18] <stasikos> Volcane: it will be good if this note about user will be added to doc | ||
| [2009/12/30 08:25:28] <mark> define sysctl($value) { | ||
| [2009/12/30 08:25:29] <mark> $sysfile = regsubst($title, "\.", "/", "G") | ||
| [2009/12/30 08:25:29] <Volcane> stasikos: what version are yo on? | ||
| [2009/12/30 08:25:34] <mark> file { "/proc/sys/${sysfile}": | ||
| [2009/12/30 08:25:34] <mark> content => $value; | ||
| [2009/12/30 08:25:34] <mark> } | ||
| [2009/12/30 08:25:37] <mark> but it doesn't work ;) | ||
| [2009/12/30 08:25:40] <Volcane> mark: pls use pastie | ||
| [2009/12/30 08:26:21] <Volcane> mark: thats also the wrong way to do it - you should use sysctl.conf or you should be exec'ing echo to those files | ||
| [2009/12/30 08:26:44] <mark> what's inherently wrong about it? | ||
| [2009/12/30 08:26:59] <stasikos> Volcane: 0.24.8 | ||
| [2009/12/30 08:27:07] <stasikos> Volcane: it works with 'target' defined | ||
| [2009/12/30 08:27:14] <Volcane> stasikos: hmm, thought it was fixed before then but def fixed in 0.25 | ||
| [2009/12/30 08:27:19] <nasrat> yeah /proc is a special case, sysctl.conf, exec'ing sysctl or echo | ||
| [2009/12/30 08:27:34] <mark> I guess I'll use echo | ||
| [2009/12/30 08:27:44] <nasrat> mark: renames are atomic operations, content writes are not | ||
| [2009/12/30 08:27:53] <mark> I am aware, but that holds for echo too | ||
| [2009/12/30 08:28:05] <stasikos> somebody used exec {} to import gnupg certs? :) | ||
| [2009/12/30 08:28:07] <mark> I know why puppet does it this way by default... would just be nice if it could do it directly as well | ||
| [2009/12/30 08:39:47] @ rickbradley|away is now known as rickbradley | ||
| [2009/12/30 08:41:50] <nexx> i just changed my puppetmaster from webrick to mongrel, got 3 clean instances, restarting apache/puppetmaster results in no errors. but the syslog is still full of "could not connect to puppet on port 8140" - why? i thought i changed it to 18140/18141/18142.. | ||
| [2009/12/30 08:42:26] <Volcane> nexx: wiki:UsingMongrel your apache needs to proxy to mongrels | ||
| [2009/12/30 08:42:26] <gepetto_> Volcane: nexx: wiki:UsingMongrel is http://reductivelabs.com/trac/puppet/wiki/UsingMongrel | ||
| [2009/12/30 08:43:10] @ nakano_ is now known as nakano | ||
| [2009/12/30 08:43:25] <nexx> i did it as shown there, including the proxy-balancer and oder proxy stuff in the vhost | ||
| [2009/12/30 08:43:49] <Volcane> so then puppetd connects to your puppet master host on the usual port - which is now apache | ||
| [2009/12/30 08:43:57] <Volcane> the error suggests apache isnt running/working | ||
| [2009/12/30 08:44:19] @ mbn_18 joined channel #puppet | ||
| [2009/12/30 08:44:20] <nexx> apache2-instance is running | ||
| [2009/12/30 08:44:29] <Volcane> listening? can you connect to the port? | ||
| [2009/12/30 08:46:39] @ qwebirc18562 joined channel #puppet | ||
| [2009/12/30 08:47:47] @ Quit: qwebirc18562: Client Quit | ||
| [2009/12/30 08:47:57] <stasikos> yeah... :) now this class works perfectly :) | ||
| [2009/12/30 08:49:10] <nexx> ports.conf wasnt edited, was a fresh apache... | ||
| [2009/12/30 08:52:19] @ jsm joined channel #puppet | ||
| [2009/12/30 08:52:19] @ nar joined channel #puppet | ||
| [2009/12/30 08:52:21] @ Mick27 joined channel #puppet | ||
| [2009/12/30 08:52:47] @ joe-mac joined channel #puppet | ||
| [2009/12/30 08:52:50] <jsm> what's the best way to distribute puppet.conf files via pupet? should any special treatment be done? | ||
| [2009/12/30 08:53:03] <f3ew> like any other file | ||
| [2009/12/30 08:53:07] <Volcane> file{"/etc/puppet/puppet.conf":...} | ||
| [2009/12/30 08:53:07] <joe-mac> i just serve it out as part of a class named puppet::node | ||
| [2009/12/30 08:53:35] <jsm> ok, thanks, just making sure | ||
| [2009/12/30 08:53:53] <Volcane> dont generally need to restart puppet when the config file changes | ||
| [2009/12/30 08:53:58] <Volcane> most things get read on the fly | ||
| [2009/12/30 08:54:07] <jsm> puppet is doing magic today on our production migration :) | ||
| [2009/12/30 08:54:13] <jsm> working beautifully | ||
| [2009/12/30 08:57:12] * Volcane 's watching it roll out new mcolective | ||
| [2009/12/30 08:57:13] @ Quit: gebi: Read error: 113 (No route to host) | ||
| [2009/12/30 08:57:23] @ littleidea joined channel #puppet | ||
| [2009/12/30 08:57:25] @ ambroff joined channel #puppet | ||
| [2009/12/30 09:01:40] @ Quit: giskard: Read error: 60 (Operation timed out) | ||
| [2009/12/30 09:09:59] @ giskard joined channel #puppet | ||
| [2009/12/30 09:14:20] <ashp> hmm, you know what I really want | ||
| [2009/12/30 09:14:32] <ashp> is some kind of easy setup where I can have local directories on nodes that contain files | ||
| [2009/12/30 09:14:44] <ashp> that sync in close to real time to nfs storage for backup purposes | ||
| [2009/12/30 09:15:03] <ashp> and have it so that I can shoot a box, put a new one in place and it'll auto sync back all the files that were placed on nfs | ||
| [2009/12/30 09:15:13] <ashp> i mean i could use a mess of rsync type processes but that seems inelegant | ||
| [2009/12/30 09:15:15] @ themurph joined channel #puppet | ||
| [2009/12/30 09:15:42] <ashp> i'm still trying to solve the 'need files locally for performance, but want them backed up in real time to the netapp so that puppet can resync them to the node if it rebuilds problem' | ||
| [2009/12/30 09:16:43] @ Quit: littleidea: | ||
| [2009/12/30 09:21:00] <joe-mac> create a raid 1 mirror. one node is a local drive, the other node is an iscsi target or whatever | ||
| [2009/12/30 09:21:39] <joe-mac> if it's nfs, not an option i guess | ||
| [2009/12/30 09:22:05] <joe-mac> the device mapper might be able to do some kind of replication like that, idk | ||
| [2009/12/30 09:23:06] <mbn_18> Is there a way to replicate Server packages to an identical server? | ||
| [2009/12/30 09:24:05] <dpash> yes | ||
| [2009/12/30 09:24:10] @ littleidea joined channel #puppet | ||
| [2009/12/30 09:24:20] <dpash> er ignore that | ||
| [2009/12/30 09:24:23] <dpash> I was scrolled up | ||
| [2009/12/30 09:30:54] @ cwebber joined channel #puppet | ||
| [2009/12/30 09:32:29] <ashp> joe-mac: yeah, I can only do it over nfs :( | ||
| [2009/12/30 09:32:33] <ashp> also I just made the worst thing in puppet | ||
| [2009/12/30 09:32:41] <ashp> I'm ashamed of it because there's about 50 nicer ways to do this | ||
| [2009/12/30 09:32:57] <ashp> it ... grew.. organically | ||
| [2009/12/30 09:32:58] @ rickbradley is now known as rickbradley|away | ||
| [2009/12/30 09:33:23] <ashp> http://pastebin.com/m1985370f | ||
| [2009/12/30 09:34:47] @ erm_ joined channel #puppet | ||
| [2009/12/30 09:35:33] <joe-mac> mbn_18: on the server with the right packages run ralsh package | ||
| [2009/12/30 09:35:40] <joe-mac> and you will get output of all the packages on the system | ||
| [2009/12/30 09:37:46] <mark> hmm it would be useful if facter would have sysctl variables | ||
| [2009/12/30 09:37:50] <mark> but I guess it would also be rather inefficient | ||
| [2009/12/30 09:39:22] <joe-mac> facter does use sysctl to determine certain facts | ||
| [2009/12/30 09:39:28] <mark> indeed | ||
| [2009/12/30 09:39:50] <joe-mac> to have all sysctl vars in facter would be against the principle of os-agnostic facts | ||
| [2009/12/30 09:40:07] <mark> it can provide both | ||
| [2009/12/30 09:40:10] <joe-mac> since, for instance, bsd sysctl is totally different than linux | ||
| [2009/12/30 09:40:21] <mark> $sysctl.<sysctlvarname> | ||
| [2009/12/30 09:40:33] <mark> it's currently not all that easy to retrieve the variable of a sysctl var | ||
| [2009/12/30 09:40:40] <mark> since functions run on the puppetmaster | ||
| [2009/12/30 09:41:13] <joe-mac> for now you can write a custom fact, however, i believe in the future there will be namespaces in facter, so you could write a namespace that takes any fact name and just passed it to sysctl -n | ||
| [2009/12/30 09:41:27] <mark> yes that would be nice | ||
| [2009/12/30 09:41:51] <joe-mac> search the mailing lists, or issue tracker, i am sure it's been talked about (namespaces in facter) | ||
| [2009/12/30 09:41:59] <mark> thanks :) | ||
| [2009/12/30 09:42:03] <joe-mac> np | ||
| [2009/12/30 09:42:55] <nasrat> yeah it's on the map for facter 2.0 | ||
| [2009/12/30 09:43:11] @ stasikos left channel #puppet () | ||
| [2009/12/30 09:44:09] <mark> I just wish puppet was python ;) | ||
| [2009/12/30 09:44:14] <mark> *hides* | ||
| [2009/12/30 09:44:15] <joe-mac> barf | ||
| [2009/12/30 09:44:48] * nasrat hands mark pyparsing | ||
| [2009/12/30 09:44:59] <mark> what's that? | ||
| [2009/12/30 09:46:01] <nasrat> in theory you could write a puppet language parser in pyparsing (cf treetop it's a parsing expressing grammar IIRC) | ||
| [2009/12/30 09:46:24] <nasrat> for the most part unless you are developing puppet you shouldn't have to care | ||
| [2009/12/30 09:46:25] <mark> I'd just prefer to write custom types/facts etc in python | ||
| [2009/12/30 09:46:37] <nasrat> and soon we'll support custom facts via a cli interface | ||
| [2009/12/30 09:46:41] <nasrat> so you could write them in whatever | ||
| [2009/12/30 09:46:44] <mark> oh that would be nice | ||
| [2009/12/30 09:46:45] <nasrat> for definitions of soon | ||
| [2009/12/30 09:46:54] <mark> and pretty easy for facts indeed | ||
| [2009/12/30 09:47:08] <nasrat> yeah key value | ||
| [2009/12/30 09:47:12] <mark> indeed | ||
| [2009/12/30 09:47:43] <nasrat> it's understood that different systems ppl will have different langs of choice for that sort of stuff | ||
| [2009/12/30 09:48:19] <mark> will be harder to do for types I guess | ||
| [2009/12/30 09:55:41] @ aliver joined channel #puppet | ||
| [2009/12/30 09:57:23] @ Solver left channel #puppet () | ||
| [2009/12/30 10:01:15] <nasrat> yeah we'd really have to have a solidified internal representation of stuff and figure the api/serialisation between languages, which atm would stiffle development | ||
| [2009/12/30 10:01:41] @ bobbyz joined channel #puppet | ||
| [2009/12/30 10:03:53] <mbn_18> joe-mac: thanks | ||
| [2009/12/30 10:04:30] <joe-mac> i'm guessing you are mark? | ||
| [2009/12/30 10:12:40] @ Quit: erm_: Read error: 110 (Connection timed out) | ||
| [2009/12/30 10:14:23] @ p3rror joined channel #puppet | ||
| [2009/12/30 10:16:04] @ erm_ joined channel #puppet | ||
| [2009/12/30 10:17:13] @ gaveen joined channel #puppet | ||
| [2009/12/30 10:18:14] @ Quit: suchu: "ChatZilla 0.9.86 [Firefox 3.5.6/20091201220228]" | ||
| [2009/12/30 10:18:29] @ bobbyz_ joined channel #puppet | ||
| [2009/12/30 10:18:33] @ rmiller4pi8 joined channel #puppet | ||
| [2009/12/30 10:20:41] @ Quit: rmiller4pi8: Client Quit | ||
| [2009/12/30 10:22:34] @ rmiller4pi8 joined channel #puppet | ||
| [2009/12/30 10:26:08] <mark> besides this probably being very bad ruby code... why is this not working? http://p.defau.lt/?Vz5YPFVyhkMaIWeuK7x1YQ | ||
| [2009/12/30 10:26:13] <mark> all variables are set to 0 | ||
| [2009/12/30 10:26:23] <mark> but when I puts value, it seems correct | ||
| [2009/12/30 10:36:05] <Volcane> seems ok but for in a fact, dont define anything | ||
| [2009/12/30 10:36:07] <Volcane> just put the code in the file | ||
| [2009/12/30 10:37:49] @ bodepd joined channel #puppet | ||
| [2009/12/30 10:39:18] <mark> the last value is 0... | ||
| [2009/12/30 10:39:34] <mark> could it be that's why all values get set to 0, because of the way it is referenced? | ||
| [2009/12/30 10:39:58] @ Quit: londo_: Remote closed the connection | ||
| [2009/12/30 10:40:13] @ londo_ joined channel #puppet | ||
| [2009/12/30 10:41:57] @ gpled joined channel #puppet | ||
| [2009/12/30 10:41:58] @ DracoWork joined channel #puppet | ||
| [2009/12/30 10:42:00] <Volcane> http://pastie.org/761359 works | ||
| [2009/12/30 10:42:16] <mark> thanks :) | ||
| [2009/12/30 10:42:27] <Volcane> though check it works in facter under puppet too, i recall some weirdness with backticks etc | ||
| [2009/12/30 10:43:00] <gpled> having trouble tying 21 require to 7. http://linux-coders.pastebin.com/m307fc27a | ||
| [2009/12/30 10:43:46] <Volcane> 21 is requring Service, 7 isnt service | ||
| [2009/12/30 10:43:52] <mark> Volcane: it works indeed, thanks a lot | ||
| [2009/12/30 10:44:08] <Volcane> mark: kewl | ||
| [2009/12/30 10:47:30] @ rickbradley|away is now known as rickbradley | ||
| [2009/12/30 10:47:48] @ Quit: littleidea: | ||
| [2009/12/30 10:50:05] <joe-mac> anything special about deploying puppet-dashboard with capistrano? | ||
| [2009/12/30 10:52:45] @ Quit: cwebber: | ||
| [2009/12/30 10:54:06] <rickbradley> shouldn't be | ||
| [2009/12/30 10:54:24] <rickbradley> just check the README, all the deploy stuff should be in there | ||
| [2009/12/30 10:54:48] <mark> except that now the Request-URI is too long for all the facts | ||
| [2009/12/30 10:54:54] <mark> yay for the way that is implemented ;) | ||
| [2009/12/30 10:55:51] <Volcane> mark: yeah pretty rbbish, and the solution is to compress it which ofcourse is no solution at all | ||
| [2009/12/30 10:56:07] @ Quit: marcoecc: Remote closed the connection | ||
| [2009/12/30 10:57:11] * mark will wait for facter namespaces then | ||
| [2009/12/30 10:57:12] @ marcoecc joined channel #puppet | ||
| [2009/12/30 10:57:13] <gpled> found the trouble. was missing a group in line 7 | ||
| [2009/12/30 10:57:23] <gpled> only had user | ||
| [2009/12/30 10:58:40] <joe-mac> rickbradley: readme doesn't really mention cap | ||
| [2009/12/30 10:58:45] <joe-mac> i just capified and set my db settings | ||
| [2009/12/30 10:59:06] <joe-mac> just wrestling with cap's idea of :use_sudo right now, this option is useless afaic | ||
| [2009/12/30 10:59:21] <rickbradley> joe-mac: sorry, just meant that it should be stock unless something unusual showed up in the readme | ||
| [2009/12/30 10:59:29] <joe-mac> ah, yea | ||
| [2009/12/30 10:59:33] * rickbradley has given up on cap and vlad pretty much | ||
| [2009/12/30 10:59:36] <rickbradley> :-) | ||
| [2009/12/30 10:59:46] <joe-mac> i basically did a stock deploy.rb, with an after hook to copy the puppet-dashboard.rb into $libdir for puppet... | ||
| [2009/12/30 11:00:04] <rickbradley> that's the reporting hook? | ||
| [2009/12/30 11:00:48] <rickbradley> n/m, yeah | ||
| [2009/12/30 11:00:53] <joe-mac> i'm not sure what you're asking, but in cap the after hook is so you can execute things after tasks complete, so yes one of the uses is to report on deploys | ||
| [2009/12/30 11:01:21] <joe-mac> i use it to send out e-mails with actionmailer with other deploys i do... | ||
| [2009/12/30 11:01:28] <joe-mac> and fix perms, ec | ||
| [2009/12/30 11:01:30] <joe-mac> etc** | ||
| [2009/12/30 11:01:41] @ cwebber joined channel #puppet | ||
| [2009/12/30 11:01:53] <rickbradley> oh, just meant that puppet-dashboard.rb is the hook to latch onto Puppet Reports to bring them into the dashboard db as they're generated | ||
| [2009/12/30 11:02:15] <joe-mac> oooo yea, you need it in $libdir unless you import reports with rake as i understand it | ||
| [2009/12/30 11:02:34] @ brothers joined channel #puppet | ||
| [2009/12/30 11:02:44] <rickbradley> yeah; I wrote the original implementation, just haven't kept up with everything that's changed | ||
| [2009/12/30 11:06:17] @ ninjazjb joined channel #puppet | ||
| [2009/12/30 11:11:29] @ Quit: tim|macbook: | ||
| [2009/12/30 11:14:12] @ nar_ joined channel #puppet | ||
| [2009/12/30 11:15:54] <aliver> I've been working on getting cfengine setup/running. I've got it all setup and packaged.... then I ran across puppet. My main complaints about cfengine is that the crypto / trust relationships are a PITA to manage (shipping files around) and it's just plain overcomplicated. I already know some Ruby, should I be looking at puppet "instead" or "also" ? | ||
| [2009/12/30 11:16:22] <aliver> To be honest, I think cfengine is cool, but just way more trouble than it has to be. | ||
| [2009/12/30 11:17:08] <Volcane> puppet also have quite a heavy burdon with setup for security, ssl etc | ||
| [2009/12/30 11:17:24] <Volcane> but its more integrated in that regard so should be easier once u have the understading down | ||
| [2009/12/30 11:17:56] <aliver> Okay, but it seems like clients can basically "petition" to have their certs signed by the server and once you do that they client is authorized. Is that a fair statement? | ||
| [2009/12/30 11:17:59] <Volcane> the puppet DSL though makes it easier to build up complex configurations than cfengine allowed | ||
| [2009/12/30 11:18:10] <Volcane> thats it - you can also enable autosign | ||
| [2009/12/30 11:18:43] @ Quit: MattyM: "ta ta" | ||
| [2009/12/30 11:18:53] <aliver> That's much easier than having to ship around the damn client cert via tftp or some other kludge. | ||
| [2009/12/30 11:18:53] <Volcane> not what you'd want on lets say a bunch of VMs out at some cloud, but find for closed networks | ||
| [2009/12/30 11:19:06] <Volcane> s/find/fine | ||
| [2009/12/30 11:19:08] @ Quit: nar_: Client Quit | ||
| [2009/12/30 11:19:18] <aliver> Yep. My use is on a totally non-internet connected subnet of HPC boxes. | ||
| [2009/12/30 11:19:39] <Volcane> puppet though is written in ruby, you wont be writing the manifests (definition of what to do) in ruby, its got its own DSL | ||
| [2009/12/30 11:19:40] <aliver> Sounds like I need to take a good long look at puppet. | ||
| [2009/12/30 11:19:59] <aliver> Do you guys recommend the main site as a place to do tutorials etc.. or is there somewhere better to get learning materials for puppet? | ||
| [2009/12/30 11:20:01] <Volcane> and its a bit different from other languages in that its a declarative language | ||
| [2009/12/30 11:20:05] <Volcane> so for loops and such is out | ||
| [2009/12/30 11:20:20] <aliver> Well, that's no different from cfengine, right? | ||
| [2009/12/30 11:20:29] <Volcane> yeah coming from cfe you should be gine | ||
| [2009/12/30 11:20:31] <Volcane> fine | ||
| [2009/12/30 11:20:37] <aliver> Cool. | ||
| [2009/12/30 11:20:42] <Volcane> coming from say only ever written bash scripts or something its a bit of a learning curve | ||
| [2009/12/30 11:21:01] <Volcane> the main site is ok, there's also a decent book | ||
| [2009/12/30 11:21:19] <Volcane> and i wrote this http://www.devco.net/pubwiki/Puppet/GettingStarted which i think is a bit outdated now | ||
| [2009/12/30 11:21:37] <aliver> I'm not even sure if I can define "declarative". However, I do code in C, Ruby, Zsh, PHP, and REBOL. | ||
| [2009/12/30 11:21:56] <aliver> Cool. I'll check that out. | ||
| [2009/12/30 11:22:01] <Volcane> aliver: well basically you work with resources - files, packages, users - this kind of thing | ||
| [2009/12/30 11:22:14] <Volcane> aliver: and you define the desired state - file has owner, content, group etc | ||
| [2009/12/30 11:22:30] <aliver> Ah, a sort of "ends justify the means" approach. | ||
| [2009/12/30 11:22:36] <Volcane> aliver: and just like cfengine's promises stuff we will run through all these declared states every n minutes and make it as declared | ||
| [2009/12/30 11:22:52] <aliver> Gotcha. That's simple enough to grasp. | ||
| [2009/12/30 11:23:28] <Volcane> aliver: but this has issues, there arent hashes in th language, there arent traditional style loops - all you can do is create 1 x resource for each member in an array for example | ||
| [2009/12/30 11:24:30] <Volcane> aliver: and you can define your own 'defined types' which is a paramaterised set of resources - so apache::vhost would have files, directories, and so forth in a collection, and you'd do something like: apache::vhost{"acme.com": allowoverride => true} for example | ||
| [2009/12/30 11:24:56] <Volcane> anyway. the wiki thing i wrote and pointed you at takes you to th relevant docs on the main puppet site | ||
| [2009/12/30 11:26:09] <aliver> Hmm, I'll have to go through these examples and just learn to think a little differently about the "desired states" I want. Like you say, cfengine is the same way. | ||
| [2009/12/30 11:26:17] <aliver> I'm reading your tutorial now ;-) | ||
| [2009/12/30 11:31:41] @ Quit: nar: Read error: 110 (Connection timed out) | ||
| [2009/12/30 11:35:14] @ Quit: nexx: "leaving" | ||
| [2009/12/30 11:44:05] @ Quit: bodepd: | ||
| [2009/12/30 11:46:15] @ Quit: bug: | ||
| [2009/12/30 11:50:19] <danielbln> Volcane: what process do you currently use to ensure that all your deployed puppet clients are active? | ||
| [2009/12/30 11:50:30] <danielbln> the ole state.yaml file-age check? | ||
| [2009/12/30 11:51:27] <Volcane> nods, localconfig.yaml | ||
| [2009/12/30 11:52:03] <Volcane> till reporting is a bit better it hink its the sanest | ||
| [2009/12/30 11:52:41] @ kolla joined channel #puppet | ||
| [2009/12/30 11:53:11] @ rickbradley is now known as rickbradley|away | ||
| [2009/12/30 11:59:23] @ alfism joined channel #puppet | ||
| [2009/12/30 12:02:19] @ Quit: alfism: Client Quit | ||
| [2009/12/30 12:02:39] @ alfism joined channel #puppet | ||
| [2009/12/30 12:09:40] @ bodepd joined channel #puppet | ||
| [2009/12/30 12:12:30] <aliver> Is the opscode "chef" thingy a cfengine / puppet workalike competitor? | ||
| [2009/12/30 12:12:35] <joe-mac> yes | ||
| [2009/12/30 12:12:41] <aliver> Anyone touched it? | ||
| [2009/12/30 12:12:49] <aliver> I see it's also ruby based. | ||
| [2009/12/30 12:12:50] <joe-mac> i've looked at it, it's too low-level for me | ||
| [2009/12/30 12:12:59] <joe-mac> meaning, it's too close to actual programming | ||
| [2009/12/30 12:13:03] <aliver> Hmm. | ||
| [2009/12/30 12:13:33] <aliver> Well, I'm not afraid of that. However, my concern is it's run by a couple of dudes who will probably fail and stop development or fork it. | ||
| [2009/12/30 12:13:41] <aliver> It's a "pay us for support" model. | ||
| [2009/12/30 12:13:53] <aliver> However, I know nothing about it. | ||
| [2009/12/30 12:14:19] <aliver> My biggest concern is getting someone to un-stick me when I'm stuck on a problem. IRC and mailing lists are the best way IMHO. | ||
| [2009/12/30 12:14:32] <aliver> So, I'm thinking Puppet is bigger/better in that way. | ||
| [2009/12/30 12:14:43] <Volcane> aliver: it has similar goals as puppet, but its a pure ruby solution, so u can loop and talk to mysql and go mad really | ||
| [2009/12/30 12:15:42] <Volcane> aliver: its more a programmers tool than puppet and it addresses a lot of the gripes iwth puppets minimal DSL - ppl think, usually programmers, they are too restricted with puppet's limited DSL. while othrs think a minimal DSL helps you keep tings simple | ||
| [2009/12/30 12:15:56] @ littleidea_ joined channel #puppet | ||
| [2009/12/30 12:16:00] @ bug joined channel #puppet | ||
| [2009/12/30 12:16:09] <aliver> Hmm. That's kind of weird, though. It's like managing scripts all over the place again from the sound of it. | ||
| [2009/12/30 12:16:40] <Volcane> in a way, but thye have a whole methodology o how to build up the cookbooks and such so you end up with an equally idempotent build | ||
| [2009/12/30 12:16:45] <aliver> Yeah, I'm looking for more a sysadmin level thing. I'm a programmer, but many of the folks I'd want to use the CM tool aren't. | ||
| [2009/12/30 12:16:59] @ Quit: pjsz: | ||
| [2009/12/30 12:17:16] <Volcane> big difference with it is order matters, it runs through stuff top to bottom, where puppet it doesnt matter at all and usually cant be predicted, u can influence it only with require/before/notify statements | ||
| [2009/12/30 12:17:17] @ Quit: giskard: Read error: 54 (Connection reset by peer) | ||
| [2009/12/30 12:17:46] @ Quit: aliver: Remote closed the connection | ||
| [2009/12/30 12:18:06] @ aliver joined channel #puppet | ||
| [2009/12/30 12:18:17] <aliver> You must have a math background. | ||
| [2009/12/30 12:18:40] <aliver> Not to many folks describe something as idempotent. | ||
| [2009/12/30 12:18:52] <Volcane> heh, its quite the buzz word around here | ||
| [2009/12/30 12:19:06] <flyingparchment> aliver: it's not an uncommon term in IT, even outside of programming | ||
| [2009/12/30 12:19:12] <Volcane> since puppet and chef will run through allyour code or manifest every 30 minutes or so | ||
| [2009/12/30 12:19:24] <Volcane> it needs to be idempotent | ||
| [2009/12/30 12:19:39] <aliver> Oh? I guess orthogonal fell out of fashion ;-) | ||
| [2009/12/30 12:19:49] * Volcane 's never heard the term prior to puppet | ||
| [2009/12/30 12:20:01] <aliver> That was another one that was an IRC favorite for quite a while. | ||
| [2009/12/30 12:20:17] <flyingparchment> i still use orthogonal ;) | ||
| [2009/12/30 12:20:31] <kjetilho> I first saw idempotent in cfengine docs, I think. way back in the nineties | ||
| [2009/12/30 12:20:59] <aliver> Volcane, well, I think I'm sold on puppet after doing the quick tutorial. It's MUCH more sane than the 4-daemons-and-a-million-keys-to-manage I was wrangling with cfe | ||
| [2009/12/30 12:21:46] <Volcane> aliver: sweet, check out my blog's puppet tag there's a lot of tutorialy/background stuff there | ||
| [2009/12/30 12:22:05] <aliver> ... and I know a couple guys from the opscode project. I worked with them at IBM. I doubt any finished product from those guys. | ||
| [2009/12/30 12:22:19] <aliver> Volcane, will do. | ||
| [2009/12/30 12:23:10] <Volcane> aliver: well we try not to slag off other companies too much, but i am happy with reductive labs approach to doing business so far | ||
| [2009/12/30 12:23:39] <Volcane> aliver: they do sell training and support etc, but we have a totally wiced comunity full of consultants, other ppl who will do training and so forth too | ||
| [2009/12/30 12:24:03] <aliver> Yeah, seems they have a lot of diversity in the "community" realm. | ||
| [2009/12/30 12:24:09] <aliver> cfe seems to kind of be dying. | ||
| [2009/12/30 12:24:15] <aliver> just my first impressions. | ||
| [2009/12/30 12:24:23] <aliver> At least you guys are alive on IRC ;-) | ||
| [2009/12/30 12:24:25] <Volcane> its actually more lifely than before :P | ||
| [2009/12/30 12:24:29] <Volcane> lively | ||
| [2009/12/30 12:25:16] <aliver> Lots of huge datacenters need managing. From what I've seen, nobody really has their act together with huge distributed config management, yet. | ||
| [2009/12/30 12:25:28] <Volcane> yeah its not easy | ||
| [2009/12/30 12:25:30] <aliver> I mean, in the actual sense that they've implemented and have experts who run things expertly. | ||
| [2009/12/30 12:25:41] <aliver> Not easy at all. | ||
| [2009/12/30 12:26:12] <Volcane> I'm dabling in some orchastration stuff with a project of my own, but its a big unknown what really is needed | ||
| [2009/12/30 12:26:20] <nasrat> yeah | ||
| [2009/12/30 12:27:07] <nasrat> it's likely to be a case where you start with lots of small tools glued together for orchestration | ||
| [2009/12/30 12:27:18] <Volcane> yeah | ||
| [2009/12/30 12:27:30] <Volcane> why i am rather building a framework to build this kind of thing ontop | ||
| [2009/12/30 12:27:35] <nasrat> indeed | ||
| [2009/12/30 12:32:05] <Volcane> very happy with my new framework i think, made things much much easier | ||
| [2009/12/30 12:32:42] <Volcane> and were able to impliment it as a pure abstraction ontop of the core client libraries - didnt need to change anything to facilitate it which is great | ||
| [2009/12/30 12:32:54] <Volcane> confirms the core is a sane design | ||
| [2009/12/30 12:33:13] <nasrat> I want my team to start thinking more about abstractions | ||
| [2009/12/30 12:33:29] @ scylla joined channel #puppet | ||
| [2009/12/30 12:33:35] <Volcane> yeah | ||
| [2009/12/30 12:35:45] @ Quit: poison: Remote closed the connection | ||
| [2009/12/30 12:35:53] <dsch04> My doctor told me I'm idempotent | ||
| [2009/12/30 12:37:21] <Volcane> lol | ||
| [2009/12/30 12:37:39] <nasrat> can repeat with no side effects? | ||
| [2009/12/30 12:37:51] <dsch04> I am after the op ;) | ||
| [2009/12/30 12:38:02] <dsch04> Or rather, I can since the op ;) | ||
| [2009/12/30 12:38:12] @ Quit: DracoWork: Client Quit | ||
| [2009/12/30 12:39:41] @ Quit: Qwizie: Read error: 104 (Connection reset by peer) | ||
| [2009/12/30 12:40:02] @ djh4u joined channel #puppet | ||
| [2009/12/30 12:42:01] @ Quit: xerxas: "Leaving." | ||
| [2009/12/30 12:43:20] @ Quit: bodepd: | ||
| [2009/12/30 12:52:26] @ hy is now known as _silver | ||
| [2009/12/30 12:53:13] @ _silver is now known as hy | ||
| [2009/12/30 12:57:04] <danielbln> the one thing Puppet is missing imo is a good roll-back mechanism | ||
| [2009/12/30 12:57:26] <danielbln> "roll-back to configuration 293849 and revert all changes" | ||
| [2009/12/30 12:57:38] <kjetilho> indeed | ||
| [2009/12/30 12:57:51] <danielbln> I mean, you could implement it into classes, but that's a lot of clutte | ||
| [2009/12/30 12:57:56] <danielbln> *clutter | ||
| [2009/12/30 12:58:07] <kjetilho> setting ensure => absent won't do it for all cases | ||
| [2009/12/30 12:58:13] <danielbln> right | ||
| [2009/12/30 12:58:15] <kjetilho> and it's a major hassle to do temporarily | ||
| [2009/12/30 12:58:38] <jsm> if i have a service that subscribes to a directory with a mtime checksum, how do i get that service to restart when that directory is modified within the same puppet run? | ||
| [2009/12/30 12:59:10] <danielbln> kjetilho: virtualization made that easier for us though, major rollbacks usually mean "deploy new vm, fetch catalog, done" | ||
| [2009/12/30 12:59:23] <kjetilho> a bit of a cop-out | ||
| [2009/12/30 12:59:24] <Volcane> first package managers need rollback | ||
| [2009/12/30 12:59:38] <Volcane> and puppet coldnt possibility roll back execs ever | ||
| [2009/12/30 12:59:39] <kjetilho> Volcane: OpenSolaris? :) | ||
| [2009/12/30 12:59:51] <danielbln> yeah, execs would be tricky | ||
| [2009/12/30 12:59:53] <kjetilho> Volcane: it could roll back *some* execs | ||
| [2009/12/30 13:00:08] <kjetilho> e.g. you could tell Puppet which files an exec will touch | ||
| [2009/12/30 13:00:27] <danielbln> read: clutter | ||
| [2009/12/30 13:00:32] <Volcane> heh | ||
| [2009/12/30 13:00:40] <kjetilho> or you could do ptrace tricks ;) | ||
| [2009/12/30 13:01:06] <kjetilho> (or LD_PRELOAD) | ||
| [2009/12/30 13:06:07] @ hy is now known as _silver | ||
| [2009/12/30 13:07:05] @ Quit: crdant: "Leaving." | ||
| [2009/12/30 13:07:25] @ _silver is now known as hy | ||
| [2009/12/30 13:08:21] <flyingparchment> what does the 'sun' package provider do to upgrade a package? uninstall+reinstall, or overwrite? | ||
| [2009/12/30 13:08:52] <joe-mac> what user are peopple running the dashboard as? | ||
| [2009/12/30 13:09:14] @ jcape joined channel #puppet | ||
| [2009/12/30 13:13:04] <danielbln> puppet | ||
| [2009/12/30 13:13:12] <danielbln> KISS and all that.. | ||
| [2009/12/30 13:14:45] @ toi joined channel #puppet | ||
| [2009/12/30 13:18:59] @ gpled left channel #puppet ("Ex-Chat") | ||
| [2009/12/30 13:27:46] @ crdant joined channel #puppet | ||
| [2009/12/30 13:28:48] @ Quit: littleidea_: | ||
| [2009/12/30 13:29:23] @ Quit: cwebber: | ||
| [2009/12/30 13:32:30] @ daharon joined channel #puppet | ||
| [2009/12/30 13:33:15] <daharon> Hey guys, I'm evaluating puppet and setting up a mysql module. I was wondering if I can subscribe to an Exec. Is that possible? | ||
| [2009/12/30 13:33:54] <joe-mac> this is possible | ||
| [2009/12/30 13:34:01] <joe-mac> subscribe is a metaparameter, meaning all resources can do it | ||
| [2009/12/30 13:34:47] @ Quit: crdant: "Leaving." | ||
| [2009/12/30 13:35:02] <daharon> joe-mac, OK, so my next question is whether I can give an exec a name, like I can in file. | ||
| [2009/12/30 13:35:21] @ jes5 joined channel #puppet | ||
| [2009/12/30 13:35:43] <Volcane> exec{"foo": command=> "/do/soething"} | ||
| [2009/12/30 13:36:03] @ poison joined channel #puppet | ||
| [2009/12/30 13:36:10] <flyingparchment> hm.. using ruby 1.8 with puppet on solaris, the puppetd process is hanging quite often, and never records until i kill and restart it | ||
| [2009/12/30 13:37:28] @ bodepd joined channel #puppet | ||
| [2009/12/30 13:37:43] <daharon> Volcane, yeah, I was using the "foo" part to basically describe what the exec was doing. I just wanted to give it a shorter alias because I have an exec that subscribes to another exec, and it would be better to not have to write subscribe => Exec["Change MySQL admin password"] | ||
| [2009/12/30 13:38:44] @ crdant joined channel #puppet | ||
| [2009/12/30 13:42:01] @ Quit: poison: Remote closed the connection | ||
| [2009/12/30 13:43:21] @ mvn071 joined channel #puppet | ||
| [2009/12/30 13:48:10] @ gpled joined channel #puppet | ||
| [2009/12/30 13:48:25] <Volcane> yup, thats good so foo is what u want | ||
| [2009/12/30 13:48:33] <gpled> can anyone spot the error here? http://linux-coders.pastebin.com/da96fbf4 | ||
| [2009/12/30 13:50:10] <zirpu> what os? | ||
| [2009/12/30 13:50:30] <gpled> zirpu: centos | ||
| [2009/12/30 13:50:36] <zirpu> probably -G is expecting a group id instead of a group name. | ||
| [2009/12/30 13:50:57] <gpled> cool, gives me something to check. thanks | ||
| [2009/12/30 13:50:59] <zirpu> -g should be gid, and -G should be a list. not sure why it's not working for you. | ||
| [2009/12/30 13:51:07] <zirpu> useradd --help may help. :-) | ||
| [2009/12/30 13:53:26] <gpled> hmmm | ||
| [2009/12/30 13:53:49] <danielbln> Volcane: is $title case sensitive? | ||
| [2009/12/30 13:58:15] @ mqr joined channel #puppet | ||
| [2009/12/30 14:00:14] @ giskard joined channel #puppet | ||
| [2009/12/30 14:04:09] <gpled> seems that your can not use groups, unless the group exists | ||
| [2009/12/30 14:04:25] <flyingparchment> is there a way to inform logged in users via 'wall' about which packages puppet is about to upgrade? (i'd rather have one notice for all packages, not one per package) | ||
| [2009/12/30 14:05:18] <gpled> flyingparchment: how much notice time do they need? | ||
| [2009/12/30 14:05:33] <flyingparchment> gpled: notice immediately before installation is fine | ||
| [2009/12/30 14:05:53] <gpled> thinking Exec wall should do it | ||
| [2009/12/30 14:06:01] <flyingparchment> hm, but where do i put that? | ||
| [2009/12/30 14:06:02] <bodepd> you could wrap package in a resource definition | ||
| [2009/12/30 14:06:19] <bodepd> and have package require the Exec | ||
| [2009/12/30 14:06:20] <nasrat> flyingparchment: what distro? | ||
| [2009/12/30 14:06:25] <flyingparchment> nasrat: Solaris | ||
| [2009/12/30 14:06:47] <nasrat> ah ok, for yum I'd have just suggested a yum plugin | ||
| [2009/12/30 14:07:11] <flyingparchment> bodepd: is there a way for the exec to know which particular packages are going to be upgraded? | ||
| [2009/12/30 14:07:38] <bodepd> yes in a resource definition | ||
| [2009/12/30 14:09:10] <nasrat> flyingparchment: you want a transaction summary by the sounds of it | ||
| [2009/12/30 14:10:10] <bodepd> its easier if it can be output after the package is updated | ||
| [2009/12/30 14:10:42] <nasrat> can I ask why you are trying to notify users | ||
| [2009/12/30 14:12:23] <nasrat> the other option would to be do a noop run and capture/filter the output and report before actual run | ||
| [2009/12/30 14:14:09] <bodepd> I was thinking something like this http://pastie.org/761617 | ||
| [2009/12/30 14:14:44] <bodepd> its potentially full of typos, but should demonstrate what I am thinking. | ||
| [2009/12/30 14:14:51] <nasrat> ah yeah | ||
| [2009/12/30 14:15:33] <nasrat> although it depends if flyingparchment requires the ability to postpone/cancel a run | ||
| [2009/12/30 14:15:37] <bodepd> but it only works if the notification can occur after the packages are updated | ||
| [2009/12/30 14:15:39] <nasrat> interactivity is hard | ||
| [2009/12/30 14:16:02] <bodepd> otherwise the wall command woudl run on every puppet run. | ||
| [2009/12/30 14:16:18] <flyingparchment> nasrat: because users might wonder why packages suddenly changed or stopped working | ||
| [2009/12/30 14:16:28] <flyingparchment> (the solaris package provider uninstalls the package before upgrading it) | ||
| [2009/12/30 14:17:08] <bodepd> you could set an exection window with schedule for package operations | ||
| [2009/12/30 14:17:26] <bodepd> and just do updates at night | ||
| [2009/12/30 14:17:30] <flyingparchment> i'll do that anyway, but we have users logged in from all timezones, so there's not really an off-peak period | ||
| [2009/12/30 14:18:28] <flyingparchment> i suppose after the update is good enough, the user should get the notice before they get around to filing a support request about their program not working ;) | ||
| [2009/12/30 14:20:02] <nasrat> plus if it's running and unlinked it should still work | ||
| [2009/12/30 14:20:12] <nasrat> other than maybe dlopen/plugin stuff | ||
| [2009/12/30 14:21:40] @ Quit: vzctl_: Read error: 110 (Connection timed out) | ||
| [2009/12/30 14:22:34] <flyingparchment> bodepd: any idea about how to produce a single notification for all packages that were changed? | ||
| [2009/12/30 14:22:44] <flyingparchment> if i upgrade mysql, for example, there's about 5 packages. could get spammy | ||
| [2009/12/30 14:23:24] <bodepd> you could set it as a default resource param | ||
| [2009/12/30 14:23:29] <bodepd> this starts to get ugly though | ||
| [2009/12/30 14:24:01] @ Quit: bug: | ||
| [2009/12/30 14:24:02] @ jab_doa joined channel #puppet | ||
| [2009/12/30 14:24:30] <bodepd> I am not sure what you want then. Just a message that says "some packages were updates" | ||
| [2009/12/30 14:24:43] <bodepd> or a messages outlining the updating packages. | ||
| [2009/12/30 14:25:04] <flyingparchment> well, something like: "The following packages have just been updated: ruby18, coreutils, mysql, libmysqlclient16" | ||
| [2009/12/30 14:25:15] <flyingparchment> ... hm, but perhaps i can make a 'mysql' resource, with all the packages in, and put the exec there | ||
| [2009/12/30 14:25:26] <Volcane> its not too hard though is it? | ||
| [2009/12/30 14:25:32] <Volcane> use a define to install package | ||
| [2009/12/30 14:25:40] <Volcane> have the define put down a little txt file | ||
| [2009/12/30 14:25:44] <Volcane> notify an exec | ||
| [2009/12/30 14:25:57] <Volcane> exec finds files modified withing n minute, and walls them | ||
| [2009/12/30 14:26:07] <bodepd> what he said :) | ||
| [2009/12/30 14:26:08] <Volcane> but what a hack | ||
| [2009/12/30 14:26:29] <Volcane> or even just the exec notifies, parse the log file that your package manager makes | ||
| [2009/12/30 14:26:29] <bodepd> hackalicious | ||
| [2009/12/30 14:26:38] <Volcane> and anounce the ones done in the last while | ||
| [2009/12/30 14:30:19] <Volcane> but geting announces before updates just wont happen without epic hacks like pre-runs and such | ||
| [2009/12/30 14:33:20] @ BarnacleBob joined channel #puppet | ||
| [2009/12/30 14:39:59] @ Quit: crdant: Remote closed the connection | ||
| [2009/12/30 14:40:54] @ crdant joined channel #puppet | ||
| [2009/12/30 14:46:49] @ hy is now known as _silver | ||
| [2009/12/30 14:49:57] @ Quit: daharon: | ||
| [2009/12/30 14:50:29] @ vzctl_ joined channel #puppet | ||
| [2009/12/30 14:55:01] @ bug_ joined channel #puppet | ||
| [2009/12/30 14:55:38] @ cwebber joined channel #puppet | ||
| [2009/12/30 14:59:47] @ bodepd_ joined channel #puppet | ||
| [2009/12/30 15:00:43] @ Quit: jaredrhine: Read error: 110 (Connection timed out) | ||
| [2009/12/30 15:02:13] @ jaredrhine joined channel #puppet | ||
| [2009/12/30 15:05:54] @ qwebirc26074 joined channel #puppet | ||
| [2009/12/30 15:07:28] <flyingparchment> where do i find a list of 'facts', like $operatingsystem? | ||
| [2009/12/30 15:08:52] <BarnacleBob> just type facter on a machine | ||
| [2009/12/30 15:08:54] <BarnacleBob> its a binary | ||
| [2009/12/30 15:09:11] <flyingparchment> ah, thanks | ||
| [2009/12/30 15:09:13] <BarnacleBob> it won't include the custom facts you may have added by default | ||
| [2009/12/30 15:09:42] @ _silver is now known as hy | ||
| [2009/12/30 15:11:53] @ Djelibeybi joined channel #puppet | ||
| [2009/12/30 15:12:30] @ notbrien joined channel #puppet | ||
| [2009/12/30 15:18:44] @ Quit: cwebber: | ||
| [2009/12/30 15:19:31] @ Quit: qwebirc26074: Ping timeout: 180 seconds | ||
| [2009/12/30 15:22:19] @ Quit: bodepd: Read error: 110 (Connection timed out) | ||
| [2009/12/30 15:22:20] @ bodepd_ is now known as bodepd | ||
| [2009/12/30 15:22:38] @ nar joined channel #puppet | ||
| [2009/12/30 15:23:53] @ Quit: nar: Client Quit | ||
| [2009/12/30 15:29:53] @ pting joined channel #puppet | ||
| [2009/12/30 15:31:09] <aliver> Volcane, Hey there. I was following your wiki tutorial earlier and I hit a small snag. I get an error when I setup the site.pp to include manifests/nodes and manifests/classes, but if I just put declarative statements in site.pp everything works. | ||
| [2009/12/30 15:31:18] <aliver> The error I get on the client side is : err: Could not retrieve catalog: Could not find default node or by name with | ||
| [2009/12/30 15:31:34] <aliver> and then it lists off a bunch of node-names it tried - all of which are valid. | ||
| [2009/12/30 15:31:47] @ Quit: notbrien: Read error: 110 (Connection timed out) | ||
| [2009/12/30 15:32:26] <Volcane> do u have blocks node your.fqdn.com { .... } | ||
| [2009/12/30 15:32:32] <aliver> Is it possible I that it's not searching the relative path in site.pp ? | ||
| [2009/12/30 15:32:34] <Volcane> matching the hosts u need? | ||
| [2009/12/30 15:32:58] <Volcane> put your site.pp with the import statements on pastie.org also with some info on what u have at which paths | ||
| [2009/12/30 15:33:25] <aliver> Yeah, i created a file name called myclient1.pp as you describe and put it in etc/puppet/manifests/nodes/ | ||
| [2009/12/30 15:34:25] <aliver> In the file I used your example as a base and just changed the node name. | ||
| [2009/12/30 15:34:26] @ hy is now known as _silver | ||
| [2009/12/30 15:34:44] <aliver> Volcane, okay sec. | ||
| [2009/12/30 15:35:08] <Volcane> as a short circuit test, just put those node blocks in site.pp lets see if that solves it | ||
| [2009/12/30 15:35:55] <aliver> http://pastie.org/761711 | ||
| [2009/12/30 15:36:06] <aliver> Yep, that does work. and it works even without the node statement. | ||
| [2009/12/30 15:36:26] <aliver> What I pasted in there works, but if I comment out the "file" section and uncomment the includes it fails. | ||
| [2009/12/30 15:36:43] <aliver> the /usr/pkg/etc path is standard for pkgsrc. | ||
| [2009/12/30 15:36:44] @ _silver is now known as hy | ||
| [2009/12/30 15:37:04] <Volcane> try: import "/usr/pkg/etc/puppet/manifests/nodes/*.pp" | ||
| [2009/12/30 15:37:52] <aliver> ahhhh. | ||
| [2009/12/30 15:38:17] <aliver> I got it. I freakin' mistyped the node name _inside_ the nodename.pp file, but I spelled the file name right. | ||
| [2009/12/30 15:38:23] <Volcane> lol | ||
| [2009/12/30 15:38:35] * aliver slaps himself with a wet trout. | ||
| [2009/12/30 15:38:52] @ cwebber joined channel #puppet | ||
| [2009/12/30 15:39:02] <Volcane> heh | ||
| [2009/12/30 15:39:14] <aliver> I thought I saw in the docs somewhere I could create a "default" node file with stuff that gets applied everywhere. | ||
| [2009/12/30 15:39:16] <aliver> Is that right? | ||
| [2009/12/30 15:39:32] <Volcane> gets applied to nodes that dont have a specific node block | ||
| [2009/12/30 15:39:58] <Volcane> there's inheritance, like node foo inherits base { } and then node base { } would go everywhere, but thats full of pain | ||
| [2009/12/30 15:40:04] <Volcane> easiest is to make a class common | ||
| [2009/12/30 15:40:08] <Volcane> and just include that everywhere | ||
| [2009/12/30 15:40:23] <aliver> Hmm. | ||
| [2009/12/30 15:40:26] <aliver> A class common? | ||
| [2009/12/30 15:40:35] <Volcane> class common { do common tings } | ||
| [2009/12/30 15:40:47] <Volcane> node foo { include common } | ||
| [2009/12/30 15:40:50] <aliver> Ah, and include that from, say site.pp ? | ||
| [2009/12/30 15:40:53] <explody> hm, so notice() generates a log message on the puppetmaster, but is there a way to trigger log messages on the puppetd side? | ||
| [2009/12/30 15:41:18] <Volcane> aliver: should ideally not put any resources, includes etc in site.pp its a bit weird, everything should be in node blocks or class blocks | ||
| [2009/12/30 15:41:27] <Volcane> explody: notify{"foo": } | ||
| [2009/12/30 15:42:53] <aliver> Hmm, okay. However, consider this use case. If I have a VMware guest Linux box that is a "template" and it gets cloned 100 times with different names each time. I want those new clones to go register with the puppetmaster and pull down a basic 3-4 things (suders, ntp.conf, etc..). Is that possible to do without having to manually add a "node" file / section to my server? | ||
| [2009/12/30 15:42:57] <explody> ah ok found it in the type reference, thank you | ||
| [2009/12/30 15:43:14] <Volcane> aliver: wiki:ExternalNodes | ||
| [2009/12/30 15:43:14] <gepetto_> Volcane: aliver: wiki:ExternalNodes is http://reductivelabs.com/trac/puppet/wiki/ExternalNodes | ||
| [2009/12/30 15:43:29] <Volcane> aliver: and www.theforeman.org and http://reductivelabs.com/2009/12/14/a-tour-of-puppet-dashboard-0-1-0/ | ||
| [2009/12/30 15:43:43] @ littleidea joined channel #puppet | ||
| [2009/12/30 15:43:50] <aliver> ah cool. I'll check all those now. | ||
| [2009/12/30 15:43:52] <aliver> thanks. | ||
| [2009/12/30 15:44:01] <Volcane> you can also store nodes in ldap etc | ||
| [2009/12/30 15:44:24] * aliver makes the sign of the cross and backs away hissing "LDAP!!" | ||
| [2009/12/30 15:44:27] <himanshu> I was trying to use puppet with ldap to retrieve node configurations but everytime I gets error | ||
| [2009/12/30 15:44:29] <Volcane> hehe | ||
| [2009/12/30 15:44:40] * Volcane 's never tried it, i feel like aliver abt it | ||
| [2009/12/30 15:45:07] @ Quit: themurph: Read error: 104 (Connection reset by peer) | ||
| [2009/12/30 15:45:12] <himanshu> ??? | ||
| [2009/12/30 15:45:15] @ themurph joined channel #puppet | ||
| [2009/12/30 15:45:22] <Volcane> not tried ldap nodes | ||
| [2009/12/30 15:45:28] @ Quit: Djelibeybi: "Leaving" | ||
| [2009/12/30 15:46:03] <himanshu> volcane: have you tried using ldap to store node configs? | ||
| [2009/12/30 15:46:09] <Volcane> not tried ldap nodes | ||
| [2009/12/30 15:46:38] <himanshu> can anyone help me out with this | ||
| [2009/12/30 15:51:20] <aliver> I hates me some LDAP. | ||
| [2009/12/30 15:51:29] <himanshu> what? | ||
| [2009/12/30 15:51:38] <aliver> I says I sure do hates me some LDAP. | ||
| [2009/12/30 15:51:49] <aliver> That's hick for "I hate LDAP" | ||
| [2009/12/30 15:52:01] <aliver> I never use it unless forced. | ||
| [2009/12/30 15:52:12] <himanshu> so what is the best alternative for ldap | ||
| [2009/12/30 15:52:21] <explody> rdbms? | ||
| [2009/12/30 15:52:37] <himanshu> I want to use something to store node configs but finding ldap very annoying | ||
| [2009/12/30 15:52:44] <explody> http://reductivelabs.com/trac/puppet/wiki/UsingStoredConfiguration | ||
| [2009/12/30 15:52:54] <aliver> anything. Text, sqlite, db4, NIS + KRB5, a sharp stick in the eye. Anything is better than freaking LDAP | ||
| [2009/12/30 15:53:21] <flyingparchment> can a node inherit multiple other nodes? | ||
| [2009/12/30 15:53:24] <explody> ldap is much faster at read-intensive operations | ||
| [2009/12/30 15:53:50] <explody> than rdbms anyway | ||
| [2009/12/30 15:53:53] <himanshu> explody: have you used ldap to store node configs? | ||
| [2009/12/30 15:54:04] <aliver> sqlite3 will smoke almost any LDAP back-end and certainly will once you go through all the mounds of abstraction involved with most LDAP servers. | ||
| [2009/12/30 15:54:10] @ Quit: cwebber: | ||
| [2009/12/30 15:54:23] <explody> himanshu: no, I haven't had the need, but we're heavy users otherwise | ||
| [2009/12/30 15:54:24] <aliver> Many LDAP servers use RDBMS as their back-end anyhow. | ||
| [2009/12/30 15:54:42] @ bug_ is now known as bug | ||
| [2009/12/30 15:54:44] <himanshu> so how do you manage node configs? | ||
| [2009/12/30 15:54:52] <explody> flat files right now | ||
| [2009/12/30 15:55:22] <aliver> Sysadmin rule #1 - never use crap (XML, Java, LDAP, etc..) where text will do just fine. | ||
| [2009/12/30 15:55:23] <gepetto_> aliver: #1 is http://projects.reductivelabs.com/issues/show/1 "Puppet - Feature #1: Differentiate classes from definitions - ReductiveLabs.com" | ||
| [2009/12/30 15:55:32] <Volcane> heh | ||
| [2009/12/30 15:55:44] @ Quit: giskard: Read error: 60 (Operation timed out) | ||
| [2009/12/30 15:55:44] <himanshu> say I want to store node configs for 3 enviroments: development, staging and production with 100's of nodes running in each. what is the best possible solution to avoid maintaining nodes.pp | ||
| [2009/12/30 15:56:25] @ giskard joined channel #puppet | ||
| [2009/12/30 15:57:01] <explody> I couldn't say... I'm handling several hundred machines, but I have them all broken up into just a few relatively simple groups in nodes.pp, just using classes and node inheritance | ||
| [2009/12/30 15:57:06] <explody> mine's pretty simple | ||
| [2009/12/30 15:58:17] @ hy is now known as _silver | ||
| [2009/12/30 15:58:22] <himanshu> I agree with you explody but still you have to update nodes.pp everytime if you want to add/remove any node? | ||
| [2009/12/30 15:58:41] <explody> yep | ||
| [2009/12/30 15:58:46] @ _silver is now known as hy | ||
| [2009/12/30 15:59:01] <explody> in my case, it's mostly a one or two-line change though, and it doesn't change much | ||
| [2009/12/30 15:59:06] <himanshu> anyone used foreman? | ||
| [2009/12/30 15:59:15] <explody> so it hasn't been an impediment yet | ||
| [2009/12/30 15:59:24] <himanshu> I heard its pretty cool to manage several 100 of nodes | ||
| [2009/12/30 15:59:47] <explody> foreman does look cool | ||
| [2009/12/30 16:00:03] <explody> it's next on the list once we get the whole puppet rollout stabilized | ||
| [2009/12/30 16:00:06] <aliver> Yeah, that thing looks cool. | ||
| [2009/12/30 16:00:12] <aliver> Gotta try that. | ||
| [2009/12/30 16:00:30] <aliver> Nice GUI to show the non-CLI people, too. | ||
| [2009/12/30 16:00:42] <explody> we'll probably go from nodes.pp to LDAP (aliver: nyah nyah ;) ) or pgsql at that point | ||
| [2009/12/30 16:00:58] <aliver> :-) | ||
| [2009/12/30 16:01:07] <aliver> pgsql rocks. | ||
| [2009/12/30 16:01:07] <himanshu> is it the alternative to stupid ldap? | ||
| [2009/12/30 16:01:27] <explody> heheh I don't think LDAP is stupid really, but yeah it's my preferred database | ||
| [2009/12/30 16:02:21] <explody> if you don't have a preexisting LDAP setup that's easy to manage and/or deeply integrated, I'd say an sql backend would be far easier to deal with | ||
| [2009/12/30 16:02:25] <himanshu> may be my ignorance on LDAP knowledge is the reason, but I need some quick way to store node configs somewhere and avoid using nodes.pp | ||
| [2009/12/30 16:02:42] <Volcane> himanshu: u can even script it with bash | ||
| [2009/12/30 16:02:48] <himanshu> and LDAP is giving me hard time | ||
| [2009/12/30 16:03:05] <himanshu> what you mean script with bash? | ||
| [2009/12/30 16:03:18] <Volcane> himanshu: wiki:ExternalNodes | ||
| [2009/12/30 16:03:18] <gepetto_> Volcane: himanshu: wiki:ExternalNodes is http://reductivelabs.com/trac/puppet/wiki/ExternalNodes | ||
| [2009/12/30 16:03:39] <aliver> Couldn't you just have hostname.pp in your manifest/nodes dir for the hosts that you didn't want covered in your big-ass nodes.pp ? | ||
| [2009/12/30 16:04:02] <aliver> I don't know much about the whole, rig, but I'd do just about anything to avoid burying useful info in LDAP or SQL without need. | ||
| [2009/12/30 16:04:05] @ notbrien joined channel #puppet | ||
| [2009/12/30 16:05:11] <aliver> I'll be facing the same choice soon. So, I'm interested in the "best practices for a zillion nodes" discussion. | ||
| [2009/12/30 16:05:30] <Volcane> aliver: the foreman author manages many thousands | ||
| [2009/12/30 16:06:05] <himanshu> I agree with you guys but my prime reason to use ldap is usage of this ldap info from other applications also., so I want to maintain some centralized repository to retrive update node info | ||
| [2009/12/30 16:07:50] <aliver> When do the "externalNodes" scripts shown in the docs there get called? I mean, what is the action that triggers the script and what consumes the output? | ||
| [2009/12/30 16:08:02] @ Quit: stuart: "Leaving" | ||
| [2009/12/30 16:08:26] <Volcane> aliver: when the node 'checks in' puppetmaster either finds a node{} block or instead it calls your script | ||
| [2009/12/30 16:08:40] <Volcane> aliver: your script can be any language etc, as long as it outputs YAML to outs stdout | ||
| [2009/12/30 16:08:46] <explody> well, like I said, if you're comfortable with LDAP, it's a good option. If you aren't however, you're going to spend a lot of time learning it and trying to manage the data. SQL or ExternalNodes are simpler | ||
| [2009/12/30 16:09:16] @ Quit: jcape: Read error: 104 (Connection reset by peer) | ||
| [2009/12/30 16:09:33] @ jcape joined channel #puppet | ||
| [2009/12/30 16:10:25] <aliver> Volcane, okay, that makes sense, but I'm trying to get the whole rationale behind why it calls a script rather than just having some kind of "catch all" section for nodes that aren't defined. After all, isn't that what "node default" is for? | ||
| [2009/12/30 16:11:09] <Volcane> aliver: yes, but lets say you have a CMDB or something where u define (we call it classify) what each node is what it does and vars about it | ||
| [2009/12/30 16:11:41] <aliver> Does the script get passed some arguments or env vars? | ||
| [2009/12/30 16:11:45] <Volcane> aliver: or say you have some convention where all webservers are called /web\d+/ and db is /db\d+/ etc you can easily code it up to auto provision based o hostname | ||
| [2009/12/30 16:11:54] <Volcane> fqdn gets passed as an arg i think | ||
| [2009/12/30 16:12:02] <aliver> Gotcha. That makes good sense then. | ||
| [2009/12/30 16:12:11] <aliver> That also kicks ass. | ||
| [2009/12/30 16:12:26] <aliver> I can use that bigtime. | ||
| [2009/12/30 16:12:47] <Volcane> yeah very handy | ||
| [2009/12/30 16:14:05] * Volcane 's going for food | ||
| [2009/12/30 16:14:10] <aliver> How is key-exchange handled for a "external node" ? Same as with any node, just sign the cert and rock on? | ||
| [2009/12/30 16:14:26] <Volcane> yes | ||
| [2009/12/30 16:14:27] <Volcane> everythings the same | ||
| [2009/12/30 16:14:29] <flyingparchment> is there a version of 'file' that creates directories? | ||
| [2009/12/30 16:14:36] <Volcane> instead of reading node blocks it asks your script, thats the only diff | ||
| [2009/12/30 16:14:46] <aliver> Nice. Thanks for the info. | ||
| [2009/12/30 16:14:55] <Volcane> flyingparchment: file{"foo": ensure => directory} | ||
| [2009/12/30 16:15:03] <flyingparchment> Volcane: ah, missed that. thanks | ||
| [2009/12/30 16:15:47] @ Quit: crdant: Remote closed the connection | ||
| [2009/12/30 16:15:58] @ crdant joined channel #puppet | ||
| [2009/12/30 16:18:16] @ Quit: crdant: Read error: 113 (No route to host) | ||
| [2009/12/30 16:18:49] @ crdant joined channel #puppet | ||
| [2009/12/30 16:24:21] @ Quit: rmiller4pi8: Read error: 60 (Operation timed out) | ||
| [2009/12/30 16:31:48] @ Quit: ambroff: Read error: 110 (Connection timed out) | ||
| [2009/12/30 16:31:57] <flyingparchment> hm.. no /etc/project support yet ;( | ||
| [2009/12/30 16:32:02] <explody> is there anything similar to fail() that would stop a particular module from excuting, but wouldn't stop the entire catalog? | ||
| [2009/12/30 16:32:22] @ WALoeIII joined channel #puppet | ||
| [2009/12/30 16:33:06] <explody> so I could do something like if $thing_isnt_set { stop() } else { do_stuff(); set_thing(); } | ||
| [2009/12/30 16:34:20] @ Quit: p3rror: Read error: 113 (No route to host) | ||
| [2009/12/30 16:37:38] @ cwebber joined channel #puppet | ||
| [2009/12/30 16:41:52] @ Quit: giskard: Read error: 60 (Operation timed out) | ||
| [2009/12/30 16:42:44] @ giskard joined channel #puppet | ||
| [2009/12/30 16:43:28] <Volcane> explody: was just thinking yesterday that wold be a good feature request :) | ||
| [2009/12/30 16:45:27] <explody> agreed | ||
| [2009/12/30 16:46:00] @ poison joined channel #puppet | ||
| [2009/12/30 16:46:21] @ Quit: crdant: Read error: 104 (Connection reset by peer) | ||
| [2009/12/30 16:46:28] @ crdant joined channel #puppet | ||
| [2009/12/30 16:49:23] @ Quit: toi: Read error: 113 (No route to host) | ||
| [2009/12/30 16:51:30] @ cm1_ is now known as cm1 | ||
| [2009/12/30 16:52:26] @ ambroff joined channel #puppet | ||
| [2009/12/30 16:56:02] @ hy is now known as _silver | ||
| [2009/12/30 16:58:15] @ crdant1 joined channel #puppet | ||
| [2009/12/30 16:58:46] @ Quit: bug: | ||
| [2009/12/30 16:59:39] @ Quit: crdant: Read error: 113 (No route to host) | ||
| [2009/12/30 17:07:23] @ RomainK left channel #puppet () | ||
| [2009/12/30 17:11:06] @ Quit: crdant1: Read error: 113 (No route to host) | ||
| [2009/12/30 17:12:07] @ Robbie_ joined channel #puppet | ||
| [2009/12/30 17:22:28] @ Quit: giskard: Read error: 110 (Connection timed out) | ||
| [2009/12/30 17:22:38] @ Quit: mbn_18: "Leaving." | ||
| [2009/12/30 17:23:47] @ Quit: erm_: Read error: 60 (Operation timed out) | ||
| [2009/12/30 17:24:10] <sdodson> 3 | ||
| [2009/12/30 17:24:41] @ giskard joined channel #puppet | ||
| [2009/12/30 17:26:55] @ _silver is now known as hy | ||
| [2009/12/30 17:29:25] <explody> 4 | ||
| [2009/12/30 17:32:00] @ hy is now known as _silver | ||
| [2009/12/30 17:32:14] @ _silver is now known as hy | ||
| [2009/12/30 17:34:23] @ Quit: giskard: Remote closed the connection | ||
| [2009/12/30 17:35:24] @ Quit: themurph: Read error: 110 (Connection timed out) | ||
| [2009/12/30 17:35:59] @ friendly12345 joined channel #puppet | ||
| [2009/12/30 17:43:51] @ Quit: cwebber: | ||
| [2009/12/30 17:45:33] <heydrick1> hmm, $type appears to be an internal variable | ||
| [2009/12/30 17:45:57] <heydrick1> using it in a template prints "Puppet::Parser::TemplateWrapper" | ||
| [2009/12/30 17:50:58] <explody> rargh, solaris' stupid ldap_cachemgr keeps rewriting /var/ldap/ldap_client_file every time it restarts (exactly the same content, but with the lines re-ordered), leading to puppet re-writing it and restarting the daemon every time it runs | ||
| [2009/12/30 17:55:18] <danielbln> chattr +i the file, create an exec resource which does chattr -i then it's notified of change | ||
| [2009/12/30 17:55:23] @ Djelibeybi joined channel #puppet | ||
| [2009/12/30 17:55:39] <flyingparchment> or just reorder the lines to match what ldap_cachemgr wants | ||
| [2009/12/30 17:55:51] <danielbln> maybe it's a new order every time | ||
| [2009/12/30 17:56:01] <flyingparchment> i haven't noticed that here | ||
| [2009/12/30 17:56:10] <danielbln> would be stupid, too | ||
| [2009/12/30 17:56:27] <flyingparchment> actually i didn't realise it did that at all, but that's probably because i copied the template files from a running system | ||
| [2009/12/30 17:56:58] @ joe-mac left channel #puppet () | ||
| [2009/12/30 18:03:55] <flyingparchment> is there a way to force a client run from the master server? | ||
| [2009/12/30 18:04:43] @ Quit: ambroff: Read error: 60 (Operation timed out) | ||
| [2009/12/30 18:05:01] <BarnacleBob> nope | ||
| [2009/12/30 18:06:04] @ Quit: notbrien: | ||
| [2009/12/30 18:08:15] <Djelibeybi> flyingparchment: yes, look into puppetrun | ||
| [2009/12/30 18:08:39] @ Quit: bodepd: | ||
| [2009/12/30 18:08:48] <Djelibeybi> You can trigger a remote run if your network/firewalls allow communications from the server to the clients and you're running puppet in listening mode on the clients | ||
| [2009/12/30 18:08:59] <flyingparchment> thanks | ||
| [2009/12/30 18:08:59] <BarnacleBob> oh | ||
| [2009/12/30 18:09:08] <Djelibeybi> Port 8139, IIRC. | ||
| [2009/12/30 18:12:03] @ cwebber joined channel #puppet | ||
| [2009/12/30 18:17:31] @ Quit: mvn071: "Leaving" | ||
| [2009/12/30 18:18:49] @ daharon joined channel #puppet | ||
| [2009/12/30 18:26:17] @ Quit: bobbyz: Read error: 110 (Connection timed out) | ||
| [2009/12/30 18:26:29] @ Quit: bobbyz_: Read error: 110 (Connection timed out) | ||
| [2009/12/30 18:29:09] @ Quit: gpled: "Ex-Chat" | ||
| [2009/12/30 18:30:05] @ Quit: poison: Remote closed the connection | ||
| [2009/12/30 18:30:49] @ bug joined channel #puppet | ||
| [2009/12/30 18:34:35] @ Quit: jab_doa: "Verlassend" | ||
| [2009/12/30 18:37:59] <danielbln> I use this to trigger all available hosts without using LDAP: http://pastie.org/761944 | ||
| [2009/12/30 18:38:07] <danielbln> hacky, but it works | ||
| [2009/12/30 18:50:19] <daharon> hey guys, if I ensure a package is latest, and that a service is running, will puppet automatically restart the service when a package gets updated? | ||
| [2009/12/30 18:50:24] @ rhulsker joined channel #puppet | ||
| [2009/12/30 18:52:39] @ Quit: Arvind: Remote closed the connection | ||
| [2009/12/30 18:54:18] @ Quit: rhulsker: Remote closed the connection | ||
| [2009/12/30 18:55:48] <Volcane> daharon: u need to notify the service | ||
| [2009/12/30 18:56:58] @ poison joined channel #puppet | ||
| [2009/12/30 18:57:02] @ laomao joined channel #puppet | ||
| [2009/12/30 18:57:09] <laomao> hello | ||
| [2009/12/30 18:57:10] @ rhulsker joined channel #puppet | ||
| [2009/12/30 18:57:29] <daharon> Volcane, so the service has to subscribe to the package? | ||
| [2009/12/30 18:58:27] @ PaulWay[w] joined channel #puppet | ||
| [2009/12/30 18:59:27] <laomao> I want to bootstrap a system from scratch - ie set up an svn repo to contain puppet manifests, and an rpm repo for custom packages; I'm thinking of just using puppet on its own (ie not in client-server mode) and writing some manifests to bootstrap | ||
| [2009/12/30 19:00:19] <laomao> however, is there a way to use nodes and classes this way? it seems artificial to have to go and modify the bootstrap puppet manifests for svn and rpm repos once i've got a puppet server running | ||
| [2009/12/30 19:02:03] @ rmiller4pi8 joined channel #puppet | ||
| [2009/12/30 19:07:42] @ Quit: Chiku: "Quitte" | ||
| [2009/12/30 19:09:44] @ erm_ joined channel #puppet | ||
| [2009/12/30 19:11:39] @ ambroff joined channel #puppet | ||
| [2009/12/30 19:13:58] @ crdant joined channel #puppet | ||
| [2009/12/30 19:18:15] @ Quit: littleidea: | ||
| [2009/12/30 19:19:34] @ bobbyz joined channel #puppet | ||
| [2009/12/30 19:29:42] @ Quit: idimmu: Read error: 104 (Connection reset by peer) | ||
| [2009/12/30 19:34:08] @ Quit: Robbie_: Remote closed the connection | ||
| [2009/12/30 19:38:19] @ arnoldito joined channel #puppet | ||
| [2009/12/30 19:47:09] @ Quit: rmiller4pi8: Read error: 54 (Connection reset by peer) | ||
| [2009/12/30 19:47:45] @ Quit: laomao: Remote closed the connection | ||
| [2009/12/30 19:48:30] @ lagerithm joined channel #puppet | ||
| [2009/12/30 19:48:35] @ Quit: alfism: "http://opensolaris.com/" | ||
| [2009/12/30 19:50:33] @ Quit: whaley: Nick collision from services. | ||
| [2009/12/30 19:50:36] @ lagerithm is now known as whaley | ||
| [2009/12/30 19:51:27] @ Quit: whaley: Remote closed the connection | ||
| [2009/12/30 19:56:14] <flyingparchment> so i have a class 'foo', which disables the service 'foo', then foo::enable and foo::disable, that override 'ensure' to enable/disable it. i put 'include foo::disable' in the base node, and 'include foo::enable' in a node that inherits base. that doesn't work; i get an error that i can't override the value in foo::enable because it's already set in foo::disable. what's the right way to do this? | ||
| [2009/12/30 19:56:58] @ Quit: arnoldito: Connection timed out | ||
| [2009/12/30 19:58:26] @ Quit: brothers: Read error: 104 (Connection reset by peer) | ||
| [2009/12/30 19:58:29] @ Quit: rhulsker: "Leaving" | ||
| [2009/12/30 19:58:33] @ brothers joined channel #puppet | ||
| [2009/12/30 20:01:45] <flyingparchment> ah, having foo::enable inherit foo::disable works | ||
| [2009/12/30 20:02:40] <heydrick1> what about including just 'foo' | ||
| [2009/12/30 20:02:44] @ nar joined channel #puppet | ||
| [2009/12/30 20:02:48] <heydrick1> in the base node | ||
| [2009/12/30 20:03:17] <heydrick1> and then include foo::enable where you want it enabled | ||
| [2009/12/30 20:03:21] <flyingparchment> hm, that would work too, but 'include <service>' kind of suggests the service will be enabled. i was trying to be explitic about it | ||
| [2009/12/30 20:03:25] <flyingparchment> explicit | ||
| [2009/12/30 20:03:27] <heydrick1> ah | ||
| [2009/12/30 20:05:49] @ Quit: bug: | ||
| [2009/12/30 20:11:15] @ Quit: cwebber: | ||
| [2009/12/30 20:14:04] @ bug joined channel #puppet | ||
| [2009/12/30 20:15:57] @ Quit: Djelibeybi: "Leaving" | ||
| [2009/12/30 20:16:02] @ Quit: jason^: Read error: 54 (Connection reset by peer) | ||
| [2009/12/30 20:17:34] @ Quit: daharon: | ||
| [2009/12/30 20:18:37] @ Quit: jaredrhine: Read error: 110 (Connection timed out) | ||
| [2009/12/30 20:20:29] @ Quit: BarnacleBob: "This computer has gone to sleep" | ||
| [2009/12/30 20:21:51] @ Quit: jsm: | ||
| [2009/12/30 20:23:42] @ jason^ joined channel #puppet | ||
| [2009/12/30 20:23:50] @ Quit: bug: | ||
| [2009/12/30 20:27:05] @ whaley joined channel #puppet | ||
| [2009/12/30 20:27:31] @ Quit: poison: Remote closed the connection | ||
| [2009/12/30 20:32:29] @ Quit: gaveen: "Leaving" | ||
| [2009/12/30 20:37:23] @ Quit: bobbyz: Read error: 60 (Operation timed out) | ||
| [2009/12/30 20:39:06] @ Quit: nar: | ||
| [2009/12/30 20:42:18] <flyingparchment> hm, how do i make puppet upgrade itself on solaris? if i define it as a normal package, SMF tries to stop puppetd when it's in the middle of removing the package, which doesn't work so well | ||
| [2009/12/30 20:42:22] @ Quit: WALoeIII: "Bai." | ||
| [2009/12/30 20:43:59] @ Quit: jcape: Read error: 110 (Connection timed out) | ||
| [2009/12/30 21:04:46] @ Quit: scylla: "Connection timed out" | ||
| [2009/12/30 21:04:55] @ Quit: brothers: Read error: 110 (Connection timed out) | ||
| [2009/12/30 21:08:12] @ Djelibeybi joined channel #puppet | ||
| [2009/12/30 21:13:56] @ jcape joined channel #puppet | ||
| [2009/12/30 21:22:48] @ Quit: jes5: "Leaving." | ||
| [2009/12/30 21:23:25] @ Quit: ambroff: Read error: 110 (Connection timed out) | ||
| [2009/12/30 21:39:43] @ littleidea joined channel #puppet | ||
| [2009/12/30 21:44:10] @ bug joined channel #puppet | ||
| [2009/12/30 21:50:20] @ rickbradley|away is now known as rickbradley | ||
| [2009/12/30 21:53:12] @ Quit: Mick27: "This computer has gone to sleep" | ||
| [2009/12/30 22:10:09] @ ambroff joined channel #puppet | ||
| [2009/12/30 22:15:34] @ Quit: littleidea: | ||
| [2009/12/30 22:19:20] @ Quit: Djelibeybi: "Leaving" | ||
| [2009/12/30 22:30:12] @ Quit: danielbln: "Leaving." | ||
| [2009/12/30 22:43:04] @ Quit: jcape: Read error: 104 (Connection reset by peer) | ||
| [2009/12/30 22:43:07] @ jcape1 joined channel #puppet | ||
| [2009/12/30 22:43:18] @ Quit: tuf: Read error: 54 (Connection reset by peer) | ||
| [2009/12/30 22:52:37] @ jes5 joined channel #puppet | ||
| [2009/12/30 22:53:03] @ tuf joined channel #puppet | ||
| [2009/12/30 22:58:07] @ Quit: whaley: "Leaving..." | ||
| [2009/12/30 22:59:18] @ whaley joined channel #puppet | ||
| [2009/12/30 23:02:59] @ Quit: vzctl_: Read error: 110 (Connection timed out) | ||
| [2009/12/30 23:04:05] @ brothers joined channel #puppet | ||
| [2009/12/30 23:26:44] <flyingparchment> if i define something, does 'require' work automatically? | ||
| [2009/12/30 23:28:04] @ yan_ joined channel #puppet | ||
| [2009/12/30 23:28:16] @ delewis joined channel #puppet | ||
| [2009/12/30 23:31:21] @ Cyis joined channel #puppet | ||
| [2009/12/30 23:33:10] @ msf joined channel #puppet | ||
| [2009/12/30 23:44:19] @ Quit: jes5: "Leaving." | ||
| [2009/12/30 23:51:02] @ jsm joined channel #puppet | ||
| [2009/12/30 23:52:38] @ Quit: jsm: Client Quit | ||
| [2009/12/30 23:52:47] @ cwebber joined channel #puppet | ||
| [2009/12/30 23:53:16] @ Quit: brothers: | ||
| [2009/12/30 23:53:40] @ jaredrhine joined channel #puppet | ||
| [2009/12/30 23:54:14] @ brothers joined channel #puppet | ||
| [2009/12/30 23:54:35] @ Quit: brothers: Client Quit | ||
| [2009/12/30 23:57:29] @ jusfreeman joined channel #puppet |
Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!