Thursday, 2010-02-04

[2010/02/04 00:05:18] @ Log started by gepetto
[2010/02/04 00:05:18] @ Quit: lutter: Ping timeout: 256 seconds
[2010/02/04 00:05:18] @ Quit: Ju: Ping timeout: 256 seconds
[2010/02/04 00:05:21] @ Ju joined channel #puppet
[2010/02/04 00:05:54] @ lutter joined channel #puppet
[2010/02/04 00:16:19] @ Quit: themurph: Quit: themurph
[2010/02/04 00:41:27] @ Quit: Bass10: Ping timeout: 245 seconds
[2010/02/04 00:42:00] @ Quit: hooliowobbits: Quit: Lost terminal
[2010/02/04 00:44:39] @ m1nish joined channel #puppet
[2010/02/04 00:46:52] @ disterics joined channel #puppet
[2010/02/04 00:48:26] @ Quit: baughj: Read error: Operation timed out
[2010/02/04 00:51:06] @ Caomai joined channel #puppet
[2010/02/04 00:54:29] @ Quit: pinoyskull: Read error: Connection reset by peer
[2010/02/04 01:00:04] @ pinoyskull joined channel #puppet
[2010/02/04 01:00:29] @ Quit: pinoyskull: Client Quit
[2010/02/04 01:00:38] @ pinoyskull joined channel #puppet
[2010/02/04 01:02:27] @ Quit: HeyYall: Read error: Connection reset by peer
[2010/02/04 01:03:00] @ baughj joined channel #puppet
[2010/02/04 01:03:00] @ Quit: baughj: Changing host
[2010/02/04 01:03:00] @ baughj joined channel #puppet
[2010/02/04 01:03:52] @ Quit: OpenMedia: Quit: Leaving.
[2010/02/04 01:08:30] @ HeyYall joined channel #puppet
[2010/02/04 01:25:04] @ bodepd left channel #puppet ()
[2010/02/04 01:34:18] @ Quit: bug: Quit: bug
[2010/02/04 01:43:14] @ Quit: WALoeIII: Quit: Bai.
[2010/02/04 01:43:56] @ Quit: nevyn: Ping timeout: 245 seconds
[2010/02/04 01:45:58] @ nevyn joined channel #puppet
[2010/02/04 01:46:12] @ Quit: sjefen6: Ping timeout: 276 seconds
[2010/02/04 01:47:20] @ qwebirc63120 joined channel #puppet
[2010/02/04 01:47:24] <slash^> lads, i seem to have many puppetmasterd process's...
[2010/02/04 01:47:51] <slash^> with start times of when my clients start their connection..
[2010/02/04 01:47:56] <qwebirc63120> is it possible to have a substring comparison inside a manifest ?
[2010/02/04 01:50:42] @ Quit: nevyn: Ping timeout: 256 seconds
[2010/02/04 01:52:29] @ bug joined channel #puppet
[2010/02/04 01:53:16] @ lak joined channel #puppet
[2010/02/04 01:57:25] @ nevyn joined channel #puppet
[2010/02/04 02:02:38] @ suchu joined channel #puppet
[2010/02/04 02:04:52] @ Quit: kolla: Remote host closed the connection
[2010/02/04 02:06:49] @ lucky__ joined channel #puppet
[2010/02/04 02:07:35] @ lucky__ is now known as lbytnar
[2010/02/04 02:16:00] @ clen left channel #puppet ()
[2010/02/04 02:22:54] @ hexplody joined channel #puppet
[2010/02/04 02:23:24] <hexplody> ok what's the trick to find an error when puppetd tells me: Could not convert from pson: Could not find relationship target "Package[]"
[2010/02/04 02:23:37] <hexplody> but it doesn't reference a module, class or line number
[2010/02/04 02:25:13] @ tim\|imac joined channel #puppet
[2010/02/04 02:28:21] @ Quit: jfreeman: Remote host closed the connection
[2010/02/04 02:31:18] @ neh joined channel #puppet
[2010/02/04 02:31:19] @ Quit: neh: Changing host
[2010/02/04 02:31:19] @ neh joined channel #puppet
[2010/02/04 02:32:53] @ kolla joined channel #puppet
[2010/02/04 02:34:41] @ Quit: lak: Quit: lak
[2010/02/04 02:35:06] @ Quit: bug: Quit: bug
[2010/02/04 02:35:17] @ Quit: poison: Remote host closed the connection
[2010/02/04 02:37:55] @ qweqweqwe joined channel #puppet
[2010/02/04 02:38:06] <qweqweqwe> hello puppetmasters :-)
[2010/02/04 02:38:34] <qweqweqwe> I would like to log things in a certain way on my pupetmaster server - how can I issue commands to be run on it - and not on the clients?
[2010/02/04 02:39:20] <qweqweqwe> (for exampler exec {$logger : returns => 0} where $logger is the command I want to run (defined elsewhere)
[2010/02/04 02:39:39] <qweqweqwe> but not on the client, on the server
[2010/02/04 02:41:35] @ Quit: tim\|imac: Quit: tim\|imac
[2010/02/04 02:41:52] <qwebirc63120> qweqweqwe: as the puppetmaster also has puppet client you could define the exec type for the puppetmaster node itself
[2010/02/04 02:42:34] @ PsychoSid joined channel #puppet
[2010/02/04 02:43:06] @ qwebirc63120 left channel #puppet ()
[2010/02/04 02:44:16] @ tim\|imac joined channel #puppet
[2010/02/04 02:45:06] <ohadlevy> qweqweqwe: you can also use the generate command
[2010/02/04 02:46:30] <qweqweqwe> ah, so -- generate {/usr/bin/logger test : returns =>0} or something?
[2010/02/04 02:47:34] @ giskard joined channel #puppet
[2010/02/04 02:48:44] @ qwebirc98329 joined channel #puppet
[2010/02/04 02:50:59] <qweqweqwe> hehe
[2010/02/04 02:51:14] <qweqweqwe> or I could use one of the many logger command build in that I hadn't noticed yet
[2010/02/04 02:51:18] * qweqweqwe slaps self
[2010/02/04 02:51:26] <qweqweqwe> "alert" works perfectly
[2010/02/04 02:55:43] <qwebirc98329> is there a way to do substring comparison inside a manifest? Even thought puppet 0.25 supports regex match if ( $repoList =~ /CentOS-Base/) does not to work
[2010/02/04 02:58:11] @ Quit: giskard: Remote host closed the connection
[2010/02/04 03:02:15] @ Djelibeybi joined channel #puppet
[2010/02/04 03:03:58] <duritong> qwebirc98329: this should work
[2010/02/04 03:06:25] <duritong> qwebirc98329: http://pastie.org/809022
[2010/02/04 03:10:03] @ tim\|macbook joined channel #puppet
[2010/02/04 03:11:19] <qwebirc98329> duritong: I tried it, http://pastie.org/809025
[2010/02/04 03:11:47] <qwebirc98329> but for strange reason it doesnt seem to work. My client and master are both using version 0.25.3
[2010/02/04 03:13:19] @ nexx joined channel #puppet
[2010/02/04 03:15:14] <asenchi> qwebirc98329: try putting ( ) around your iff statement
[2010/02/04 03:15:15] <asenchi> *if
[2010/02/04 03:16:01] <qwebirc98329> asenchi: tried that too
[2010/02/04 03:17:28] <qwebirc98329> will try writing the if block again
[2010/02/04 03:18:25] <asenchi> works for me on 0.25.1
[2010/02/04 03:18:46] <qwebirc98329> looks like it was a puppetmaster caching issue
[2010/02/04 03:18:53] <qwebirc98329> restarted puppetmaster and it seems to work now
[2010/02/04 03:19:34] @ gebi joined channel #puppet
[2010/02/04 03:20:14] @ hy is now known as _hy
[2010/02/04 03:20:29] @ poison joined channel #puppet
[2010/02/04 03:27:37] @ skiold joined channel #puppet
[2010/02/04 03:29:43] @ Djeli joined channel #puppet
[2010/02/04 03:29:54] @ Quit: Djelibeybi: Disconnected by services
[2010/02/04 03:29:56] @ Djeli is now known as Djelibeybi
[2010/02/04 03:30:44] @ PsychoSid1 joined channel #puppet
[2010/02/04 03:34:02] @ Quit: PsychoSid: Ping timeout: 272 seconds
[2010/02/04 03:36:41] @ giskard joined channel #puppet
[2010/02/04 03:38:06] @ Quit: tim\|macbook: Ping timeout: 245 seconds
[2010/02/04 03:45:25] @ Quit: Djelibeybi: Quit: Leaving
[2010/02/04 03:46:44] @ Quit: _nalle: Read error: Operation timed out
[2010/02/04 03:47:21] @ _nalle joined channel #puppet
[2010/02/04 03:49:07] @ Quit: qwebirc98329: Quit: Page closed
[2010/02/04 03:54:56] @ cynicismic joined channel #puppet
[2010/02/04 04:04:55] @ Robbie_ joined channel #puppet
[2010/02/04 04:05:54] @ tim\|macbook joined channel #puppet
[2010/02/04 04:10:53] @ TREllis joined channel #puppet
[2010/02/04 04:13:56] @ danielbln joined channel #puppet
[2010/02/04 04:14:09] @ PsychoSid1 left channel #puppet ()
[2010/02/04 04:17:06] @ Quit: gebi: Ping timeout: 272 seconds
[2010/02/04 04:22:39] @ Quit: tuf: Quit: tuf
[2010/02/04 04:22:39] @ tuf_ is now known as tuf
[2010/02/04 04:23:46] @ Quit: bitmonk: Read error: Connection reset by peer
[2010/02/04 04:26:16] @ Ramonster joined channel #puppet
[2010/02/04 04:33:15] <fluxdude> I have the following error when running a puppet client, "Parent classes must have dissimilar names" for a manifest which does companyprogram::etc::security inherits etc::security
[2010/02/04 04:33:29] <fluxdude> surely that is some arbitrarily lame rule?
[2010/02/04 04:33:38] <fluxdude> why does it complain/why is this not allowed?
[2010/02/04 04:35:04] <masterzen> fluxdude: maybe; inherits ::test::security ?
[2010/02/04 04:35:54] <fluxdude> masterzen: oh yes that works, thanks for that
[2010/02/04 04:36:04] <fluxdude> it must be defaulting to prefixing the current module
[2010/02/04 04:36:24] <fluxdude> I asked in the right place :-)
[2010/02/04 04:36:30] <fluxdude> thanks again
[2010/02/04 04:37:31] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=178
[2010/02/04 04:40:18] @ jab_doa joined channel #puppet
[2010/02/04 04:41:54] <duritong> fluxdude: it's all about namespaces
[2010/02/04 04:43:00] @ bitmonk joined channel #puppet
[2010/02/04 04:43:19] <fluxdude> yeah I just expected the namespace for etc::security to be global since that is another module, oversight on my part... defaulting to local namespace is probably even more logical, I just didn't think of it and have no seen :: prefix used before
[2010/02/04 04:51:17] @ _hy is now known as hy
[2010/02/04 04:53:24] @ Quit: rmiller4pi8: Ping timeout: 258 seconds
[2010/02/04 04:54:28] @ Quit: zipkid: Remote host closed the connection
[2010/02/04 04:58:21] @ Quit: pinoyskull: Quit: Leaving
[2010/02/04 05:04:48] @ bkohler joined channel #puppet
[2010/02/04 05:05:25] @ Quit: disterics: Quit: disterics
[2010/02/04 05:07:37] @ Quit: unomi: Ping timeout: 264 seconds
[2010/02/04 05:08:41] @ gebi joined channel #puppet
[2010/02/04 05:09:43] @ unomi joined channel #puppet
[2010/02/04 05:12:20] @ jfreeman joined channel #puppet
[2010/02/04 05:16:53] @ zipkid joined channel #puppet
[2010/02/04 05:46:38] <gepetto> feed trac had 5 updates, showing the latest 3
[2010/02/04 05:46:38] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=181
[2010/02/04 05:46:38] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=182
[2010/02/04 05:46:38] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=183
[2010/02/04 05:47:02] <duritong> everybody wants a shirt
[2010/02/04 05:49:05] <SyTonnerre> Interestingly enough, reductivelabs doesn't appear to use Puppet :>
[2010/02/04 05:49:07] @ mvn071 joined channel #puppet
[2010/02/04 05:51:07] <duritong> haha
[2010/02/04 05:51:37] <barn> SyTonnerre: they use Chef
[2010/02/04 05:52:00] <duritong> :D
[2010/02/04 05:54:39] @ Quit: xerxas: Quit: Leaving.
[2010/02/04 05:56:46] @ Quit: skiold: Quit: skiold
[2010/02/04 06:06:42] @ Quit: gebi: Ping timeout: 248 seconds
[2010/02/04 06:08:29] @ gebi joined channel #puppet
[2010/02/04 06:11:54] <fluxdude> is there any way to have puppet do a notify if something fails?
[2010/02/04 06:12:21] <fluxdude> instead of if it succeeds?
[2010/02/04 06:12:25] <duritong> have a look at tagmail
[2010/02/04 06:12:29] @ mikepea joined channel #puppet
[2010/02/04 06:12:47] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=184
[2010/02/04 06:13:39] <fluxdude> duritong: sorry I wasn't clear, I don't want it to actually send me an alert or anything, I meant a puppet notify to another resource
[2010/02/04 06:14:17] @ suchu_ joined channel #puppet
[2010/02/04 06:14:28] <fluxdude> at the moment, I think notifies only trigger another resource if the resource the notify is declared in is successful... for things like refreshonly resources
[2010/02/04 06:14:49] @ Quit: alexine_dsouza: Read error: Connection reset by peer
[2010/02/04 06:15:09] <fluxdude> what I want to do is the opposite in one case, I want to have this resource run, and if it fails to run, I want it to re-trigger another resource via something like a notify =>
[2010/02/04 06:15:20] <fluxdude> if it's not possible I'll raise a ticket
[2010/02/04 06:16:02] <duritong> aha
[2010/02/04 06:16:22] <duritong> no it's not possible but the question is why you like to do it
[2010/02/04 06:17:35] @ Quit: suchu: Ping timeout: 240 seconds
[2010/02/04 06:18:13] @ Quit: suchu_: Client Quit
[2010/02/04 06:21:00] <fluxdude> explained here: http://projects.reductivelabs.com/issues/3149
[2010/02/04 06:22:14] @ Quit: docelic: Ping timeout: 265 seconds
[2010/02/04 06:22:21] <duritong> any reason you don't use ntp
[2010/02/04 06:22:25] <duritong> ?
[2010/02/04 06:22:30] <duritong> ntpd
[2010/02/04 06:22:44] <fluxdude> I do, but occasionally ntp fails to keep the time correct and it goes out of sync
[2010/02/04 06:24:23] @ Quit: mvn071: Quit: Leaving
[2010/02/04 06:24:24] <duritong> well this definately shouldn't happen. but the advantage of ntpd is that it will adjust over time, so that you don't get any immediate switchings, which can break certain services and which imho should generally be avoided on productive systems
[2010/02/04 06:27:03] @ xerxas joined channel #puppet
[2010/02/04 06:28:42] @ Quit: jfreeman: Ping timeout: 240 seconds
[2010/02/04 06:28:47] <fluxdude> duritong: that is a good point
[2010/02/04 06:29:03] <fluxdude> it's disabled for now as my workaround generates noise in the logs...
[2010/02/04 06:29:08] <fluxdude> I'll see how it goes...
[2010/02/04 06:31:12] @ Quit: bkohler: Ping timeout: 256 seconds
[2010/02/04 06:43:21] <fluxdude> I want to copy over a file, the unpack it in an exec using a creates to make sure it's only done once to initialize a system... however, if someone were to delete it later on because of space or something, puppet would redownload the file, but at that point I actually wouldn't want puppet to redownload it
[2010/02/04 06:43:44] <fluxdude> I am thinking of using a file with refreshonly => and then an exec with creates => and a require on the file with refreshonly, would that work?
[2010/02/04 06:43:52] <Volcane> and so you discover why packages are so awesome and why you should just not do that :)
[2010/02/04 06:44:07] <fluxdude> Volcane: you mean rpm?
[2010/02/04 06:44:08] @ bkohler joined channel #puppet
[2010/02/04 06:44:11] <Volcane> file doenst have refreshonly
[2010/02/04 06:44:14] <Volcane> yes, like rpm
[2010/02/04 06:44:21] <fluxdude> hmmm... I know you're right...
[2010/02/04 06:44:36] <fluxdude> I just wanted to make this work quickly without having to build rpms...
[2010/02/04 06:44:53] <fluxdude> I may go this route but for now I'd like to know if I can just do this
[2010/02/04 06:45:10] <Volcane> if untarring it in future is problem, then dont do it
[2010/02/04 06:45:12] <duritong> ducktape fixing is never I good idea, but I know your situation...
[2010/02/04 06:45:29] <duritong> ductape
[2010/02/04 06:45:37] <Volcane> any kind of file base semaphore to prevent distructive things from happening is terrible
[2010/02/04 06:46:04] <fluxdude> that's basically what creates => was invented for though
[2010/02/04 06:46:08] <fluxdude> in execs
[2010/02/04 06:47:52] @ ahasenack joined channel #puppet
[2010/02/04 06:48:57] @ skiold joined channel #puppet
[2010/02/04 06:49:43] @ docelic joined channel #puppet
[2010/02/04 07:05:46] @ Quit: gebi: Ping timeout: 256 seconds
[2010/02/04 07:11:52] @ sjefen6_ joined channel #puppet
[2010/02/04 07:12:44] @ fzzzt joined channel #puppet
[2010/02/04 07:18:26] @ Quit: sjefen6_: Quit: http://quassel-irc.org - Chat komfortabelt. Hvor som helst.
[2010/02/04 07:18:49] @ sjefen6 joined channel #puppet
[2010/02/04 07:20:01] @ Quit: maxagaz: Quit: Ex-Chat
[2010/02/04 07:39:38] @ GioGio joined channel #puppet
[2010/02/04 07:39:41] <GioGio> hi all
[2010/02/04 07:43:06] @ Quit: m1nish: Ping timeout: 245 seconds
[2010/02/04 07:45:05] @ m1nish joined channel #puppet
[2010/02/04 07:50:39] @ hexasoft joined channel #puppet
[2010/02/04 07:50:50] @ hexasoft left channel #puppet ()
[2010/02/04 07:52:10] @ Quit: unomi: Quit: WeeChat 0.2.6
[2010/02/04 07:55:15] <GioGio> i have a question about puppetca, is it used each times a node contact the master ? or after we sign the certificates he is not used ?
[2010/02/04 08:03:21] @ Cope joined channel #puppet
[2010/02/04 08:04:19] <Cope> Hi... I'm trying to do some ruby inside a template:
[2010/02/04 08:04:21] <Cope> option routers <%= ipaddress[/\d+$/]='1' %>;
[2010/02/04 08:04:32] <Cope> this is obviously wrong
[2010/02/04 08:05:21] <Cope> In irb I can do router = '192.168.20.12'[/\d+$] = '1'
[2010/02/04 08:05:39] <Cope> not sure how to get that into the template
[2010/02/04 08:10:24] <fluxdude> what is the point of the puppet binary? I've never really used it, even for applying manifests now and testing them I've always just used puppetd --test --tags something
[2010/02/04 08:11:13] <Cope> fluxdude: you can run and test and execute puppet manifests locally
[2010/02/04 08:11:28] <Cope> which is useful for testing
[2010/02/04 08:11:56] <Cope> and also can be combined with some other infrastructure to create a distributed puppet model that isn't dependent upon a puppetmaster
[2010/02/04 08:12:07] <Cope> http://bitfieldconsulting.com/scaling-puppet-with-distributed-version-control
[2010/02/04 08:12:14] <fluxdude> that's what I thought, thanks
[2010/02/04 08:12:27] <fluxdude> it was going to be my next question about using manifests locally to bootstrap a puppetmaster for example...
[2010/02/04 08:12:41] <Cope> that's exctly how i use it
[2010/02/04 08:13:02] <Cope> btw i was being a twat - my erb is working fine
[2010/02/04 08:14:57] <illsci> b00m!
[2010/02/04 08:14:59] <illsci> morning
[2010/02/04 08:17:08] <fluxdude> I'm trying to pull a large file in a puppet manifest... (which I know I shouldn't do for scalability and don't intend to do) but I am getting a connection timeout on file retrieval (because it's taking so long to transfer over the network)
[2010/02/04 08:17:19] <fluxdude> is there any way to just increase the timeout temporarily/allow this for testing?
[2010/02/04 08:17:31] <fluxdude> I know that doesn't sound like a good idea but I have my reasons...
[2010/02/04 08:17:42] <Volcane> (by now you could have made a package :P)
[2010/02/04 08:20:05] <fluxdude> yeah I am about to
[2010/02/04 08:20:08] <fluxdude> gotta set up a repo first
[2010/02/04 08:20:13] <fluxdude> doing the puppet for that
[2010/02/04 08:20:14] <fluxdude> first
[2010/02/04 08:20:26] <fluxdude> (i am really replacing the infrastructure from scratch here)
[2010/02/04 08:22:08] <fluxdude> thanks for the reminder though
[2010/02/04 08:22:15] <Ramonster> Hi is anyone aware if it's possible to write custom puppet functions that use named parameters / args ?
[2010/02/04 08:22:34] <Ramonster> We would like to create a custom function that takes between 1-3 arguments
[2010/02/04 08:22:46] <Ramonster> And not be dependant on the order of arguments to determine what is what
[2010/02/04 08:23:47] <Ramonster> for example: get_host_by_criteria(blurp, blarp, blorp)
[2010/02/04 08:24:09] <Ramonster> Can we access the parameter names / call the function with paramters names ?
[2010/02/04 08:28:02] @ jcape joined channel #puppet
[2010/02/04 08:28:28] <fluxdude> my puppetmaster is called X but I have puppet as a CNAME to X and when I try to run puppetd --test on the puppetmaster itself, I get "err: Could not request certificate: Certificated does not match private key. Try 'puppetca --clean X.domain.com' on the server'
[2010/02/04 08:28:35] <fluxdude> I have run --clean before but it doesn't help
[2010/02/04 08:28:52] <fluxdude> I think this has to do with some kind of name clash but am not too sure, any know?
[2010/02/04 08:30:40] @ pheezy joined channel #puppet
[2010/02/04 08:30:56] @ stahnma joined channel #puppet
[2010/02/04 08:30:56] @ Quit: stahnma: Changing host
[2010/02/04 08:30:57] @ stahnma joined channel #puppet
[2010/02/04 08:34:18] <Cope> what's going to be the best way to get the DNS server value? Write a custom fact? Or just do some parsing of resolv.conf inside the template?
[2010/02/04 08:34:44] <duritong> Cope: facts
[2010/02/04 08:35:06] <Volcane> Cope: surely you should be telling machines their dns server and not the other way round?
[2010/02/04 08:35:08] <duritong> Cope: you can't parse resolv.conf on the client in a template as the template is evaluated on the master
[2010/02/04 08:35:16] <duritong> Volcane: besides that ywah
[2010/02/04 08:35:31] @ lucky__ joined channel #puppet
[2010/02/04 08:35:47] <Cope> Volcane: I want to insert the dns server in the dhcpd config
[2010/02/04 08:36:10] <Cope> Volcane: But this is run on several different networks
[2010/02/04 08:36:29] <Cope> If it were one network, i could easily just specify the dns server
[2010/02/04 08:36:37] <Volcane> this is why extlookup exists :)
[2010/02/04 08:36:37] <Cope> but on 4 different networks, the dns server will be differnet
[2010/02/04 08:37:24] @ Quit: lbytnar: Ping timeout: 272 seconds
[2010/02/04 08:37:43] @ Quit: lucky__: Remote host closed the connection
[2010/02/04 08:38:28] @ lucky__ joined channel #puppet
[2010/02/04 08:39:44] * Cope looks at the code of extlookup.rb
[2010/02/04 08:40:14] <Volcane> still though, if you want to update dhcp config in some node with resolvers found on other nodes, how will you do that? or am i not following what you're trying?
[2010/02/04 08:41:01] @ Quit: jcape: Ping timeout: 245 seconds
[2010/02/04 08:41:43] <Cope> So I'm assuming that the DNS server that the dhcp server itself uses will be the dhcp server it should give to clients
[2010/02/04 08:41:53] <Volcane> ah i see
[2010/02/04 08:42:20] <Cope> but yeah, extlookup("dns_server") would be perfect
[2010/02/04 08:42:26] <Volcane> sounds fragile, I'd define a location fact/variable for every machine and use that to set ntp/smtp/dns/etc/etc
[2010/02/04 08:43:11] <Cope> how would you create a location fact? on what basis?
[2010/02/04 08:43:25] <Cope> so I have 4 networks - based on 4 different hosting centres
[2010/02/04 08:43:37] <Cope> but one shared puppet tree
[2010/02/04 08:43:40] <Volcane> ipaddress/network or eth0 for example
[2010/02/04 08:43:45] <Volcane> s/or/of
[2010/02/04 08:44:16] <Cope> so you could say if network is 10.2.5.0 it's 'rackspace'
[2010/02/04 08:44:30] <Volcane> yeah
[2010/02/04 08:44:49] * Cope nods... now to remember how to do custom facts - haven't done this for while!
[2010/02/04 08:45:45] <Cope> is the reductive labs documentation on custom facts ok, or am i better looking for some examples and working it out from thr src?
[2010/02/04 08:46:33] <Volcane> http://nephilim.ml.org/~rip/puppet/hwaddr.rb there's a sample
[2010/02/04 08:46:50] <Volcane> to get hold of a fact just do lookupvar("factname")
[2010/02/04 08:47:47] <Cope> right - and then iirc one has to enable factsync?
[2010/02/04 08:48:10] <Volcane> deprecated now, see wiki:PluginsInModules
[2010/02/04 08:48:11] <gepetto> Volcane: wiki:PluginsInModules is http://reductivelabs.com/trac/puppet/wiki/PluginsInModules
[2010/02/04 08:48:46] <nasrat> see also recent thread [Puppet Users] Distributing Facts to client
[2010/02/04 08:49:13] <Cope> cool
[2010/02/04 08:49:17] @ jcape joined channel #puppet
[2010/02/04 08:56:01] @ Quit: omry_\|work: Ping timeout: 245 seconds
[2010/02/04 08:58:13] @ Quit: kolla: Remote host closed the connection
[2010/02/04 09:00:22] @ scyld_ joined channel #puppet
[2010/02/04 09:00:38] @ Quit: erm_: Ping timeout: 246 seconds
[2010/02/04 09:01:22] @ Quit: skiold: Ping timeout: 256 seconds
[2010/02/04 09:02:16] @ Quit: HeyYall:
[2010/02/04 09:04:25] @ skiold joined channel #puppet
[2010/02/04 09:04:40] @ Quit: scyld_: Read error: Connection reset by peer
[2010/02/04 09:07:26] @ suchu joined channel #puppet
[2010/02/04 09:09:33] @ themurph joined channel #puppet
[2010/02/04 09:11:15] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=185
[2010/02/04 09:11:15] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=186
[2010/02/04 09:11:37] @ omry_\|work joined channel #puppet
[2010/02/04 09:15:40] @ TREllis_ joined channel #puppet
[2010/02/04 09:16:18] @ Quit: TREllis: Read error: Operation timed out
[2010/02/04 09:17:01] @ TREllis_ is now known as TREllis
[2010/02/04 09:18:08] @ lak joined channel #puppet
[2010/02/04 09:18:37] <Cope> So... what's the best place to stick a fact that has nothing to do with a module?
[2010/02/04 09:18:44] <Cope> create a module called facts?
[2010/02/04 09:19:06] <Cope> i mean 'location' that applies to everything
[2010/02/04 09:19:11] <Volcane> i have a common module for that kind of thing, with utility defines, facts etc
[2010/02/04 09:19:26] <Cope> sounds cool
[2010/02/04 09:19:30] * Cope will do that
[2010/02/04 09:21:46] @ bug joined channel #puppet
[2010/02/04 09:25:21] @ rmiller4pi8 joined channel #puppet
[2010/02/04 09:27:08] @ joe-mac joined channel #puppet
[2010/02/04 09:28:23] @ scyld_ joined channel #puppet
[2010/02/04 09:29:01] @ Quit: skiold: Read error: Connection reset by peer
[2010/02/04 09:35:14] @ Quit: themurph: Quit: themurph
[2010/02/04 09:36:40] @ mpdehaan joined channel #puppet
[2010/02/04 09:37:38] @ cliff-hm-zzz joined channel #puppet
[2010/02/04 09:38:47] @ cliff-hm-zzz is now known as cliff-hm
[2010/02/04 09:38:51] @ Quit: lak: Quit: lak
[2010/02/04 09:42:28] <mikepea> Cope: we have a common module for other peoples common facts/defines, and a sempub module for our own (that one day we'll publish), then a semantico_soe and semantico_tools module for internal-only facts and defines, virtual resources, etc.
[2010/02/04 09:43:04] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=187
[2010/02/04 09:43:04] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=188
[2010/02/04 09:45:59] <Cope> erm - in my different hosting centres the domain is always different
[2010/02/04 09:46:25] <Cope> so a rackspace machine will be marmite.rackspace.wibblewobble.org
[2010/02/04 09:46:38] <Cope> a peer1 machine will be:
[2010/02/04 09:46:49] <Cope> turkey.peer1.wibblewobble.org
[2010/02/04 09:47:03] <Volcane> easy to make a location fact then
[2010/02/04 09:47:09] @ themurph joined channel #puppet
[2010/02/04 09:47:32] <Cope> how do i get access to facts in a fact?
[2010/02/04 09:47:42] <Volcane> lookupvar("domain")
[2010/02/04 09:47:50] <Cope> inside my_new_fact.rb?
[2010/02/04 09:47:54] <Volcane> yeah
[2010/02/04 09:48:05] @ skiold joined channel #puppet
[2010/02/04 09:48:06] <Cope> great
[2010/02/04 09:48:15] <Cope> no need to require anything?
[2010/02/04 09:48:22] <Cope> it 'Just Works (TM)'
[2010/02/04 09:48:23] <Volcane> catactually you can also just do
[2010/02/04 09:48:23] @ Quit: scyld_: Read error: Connection reset by peer
[2010/02/04 09:48:27] <Volcane> foo = Facter.foo
[2010/02/04 09:48:30] <Cope> right
[2010/02/04 09:50:06] <Cope> Facter.domain.split('.').first ought to cover it ;)
[2010/02/04 09:50:42] @ Quit: rmiller4pi8: Quit: Leaving.
[2010/02/04 09:52:07] @ bobbyz joined channel #puppet
[2010/02/04 09:53:16] @ Quit: robinbowes: Quit: Leaving
[2010/02/04 09:54:36] <Cope> Right - so what's the score with the [plugins] mount? Someone said it isn't needed, but jamesturnbull said it is...
[2010/02/04 09:54:55] <Volcane> its there to do ACL
[2010/02/04 09:55:04] <Cope> right - and i'm not using that
[2010/02/04 09:55:09] <Cope> so not needed
[2010/02/04 09:55:13] <Volcane> maybe :)
[2010/02/04 09:55:14] <Volcane> try it
[2010/02/04 09:55:32] <Volcane> not sure if its pluginsync=true of the mount that does the magic to enable it
[2010/02/04 09:55:50] <Cope> but i do need pluginsync=true in [main] of puppet.conf
[2010/02/04 09:56:01] <Cope> ok i try
[2010/02/04 09:56:02] <Volcane> yes - on the master too
[2010/02/04 09:56:10] <Cope> on all? or just the master?
[2010/02/04 09:56:14] <Volcane> all
[2010/02/04 09:56:23] * Cope rolls eyes
[2010/02/04 09:56:34] <Volcane> they basically recursively copy puppet:///plugins into your libdir
[2010/02/04 09:56:36] <Volcane> thats all
[2010/02/04 09:56:52] @ Bass10 joined channel #puppet
[2010/02/04 09:57:12] <Volcane> on the master it searches though all modules to find a lib/ dir and magically makes them all part of that url
[2010/02/04 09:57:33] @ Quit: themurph: Quit: themurph
[2010/02/04 09:58:12] @ Quit: elementai: Quit: Lost terminal
[2010/02/04 10:02:13] <Cope> How can I test the fact?
[2010/02/04 10:02:22] <Volcane> export FACTERLIB=.
[2010/02/04 10:02:23] <Volcane> facter
[2010/02/04 10:03:49] <Cope> no dice
[2010/02/04 10:04:07] <Volcane> pastie it
[2010/02/04 10:05:53] <Cope> http://fpaste.org/LCDN/
[2010/02/04 10:06:26] <Volcane> facter\|grep location
[2010/02/04 10:06:33] <Volcane> oh wait
[2010/02/04 10:06:38] @ notbrien joined channel #puppet
[2010/02/04 10:06:43] <nasrat> facter -p
[2010/02/04 10:06:44] <Volcane> lke if you set FACTERLIB=.
[2010/02/04 10:06:52] @ uphillian joined channel #puppet
[2010/02/04 10:06:53] <Volcane> then go into a directory where the rb is
[2010/02/04 10:06:55] <Volcane> and run it
[2010/02/04 10:06:57] <nasrat> yeah
[2010/02/04 10:07:05] @ Quit: lucky__: Remote host closed the connection
[2010/02/04 10:07:07] <Volcane> but run facter\|grep location
[2010/02/04 10:07:14] <Volcane> cos someone's not merged my patch yet :P
[2010/02/04 10:08:00] <Cope> # ruby location.rb
[2010/02/04 10:08:01] <Cope> location.rb:1: uninitialized constant Facter (NameError)
[2010/02/04 10:08:06] <Cope> do I need to require facter?
[2010/02/04 10:08:13] <Volcane> nope
[2010/02/04 10:08:54] <Cope> ok - well facter \| grep location still gives nothing
[2010/02/04 10:09:17] @ joe-mac left channel #puppet ()
[2010/02/04 10:09:39] <fluxdude> when doing a puppet disable, how long does it stay disabled for?
[2010/02/04 10:09:56] <fluxdude> is there any way to detect if puppet is disabled or just in a run?
[2010/02/04 10:10:01] <tim\|macbook> hm... I want to write my own wrapper around package{}, is there an easy way to allow all variables that package{} allows without naming them all in my defined type?
[2010/02/04 10:10:18] <tim\|macbook> and if I need to name them all, what should I set their default to, to make sure it works like package itself...?
[2010/02/04 10:10:24] <tim\|macbook> false or undef?
[2010/02/04 10:11:21] @ rmiller4pi8 joined channel #puppet
[2010/02/04 10:11:37] @ Quit: rmiller4pi8: Client Quit
[2010/02/04 10:11:38] * Cope doesn't understand what's not working
[2010/02/04 10:12:14] @ themurph joined channel #puppet
[2010/02/04 10:12:15] <Volcane> http://www.pastie.org/809415
[2010/02/04 10:12:25] @ rmiller4pi8 joined channel #puppet
[2010/02/04 10:12:39] @ tyll joined channel #puppet
[2010/02/04 10:14:32] <Cope> Volcane: works... what was wrong with mine?
[2010/02/04 10:14:47] <Volcane> not sure why you got the Facter error, but you missed the {}s after setcode
[2010/02/04 10:15:34] * Cope nods
[2010/02/04 10:15:38] @ cwebber joined channel #puppet
[2010/02/04 10:15:54] @ labrown joined channel #puppet
[2010/02/04 10:17:01] <Volcane> Cope: i find you also need factpath = $vardir/lib/facter on clients
[2010/02/04 10:17:04] <Volcane> in [main]
[2010/02/04 10:17:07] <Volcane> something wrong with the defaults
[2010/02/04 10:18:20] <Cope> yeah i set that
[2010/02/04 10:18:27] * Cope tries in real life
[2010/02/04 10:19:47] @ Quit: labrown: Client Quit
[2010/02/04 10:21:19] @ labrown joined channel #puppet
[2010/02/04 10:22:11] @ joe-mac joined channel #puppet
[2010/02/04 10:22:41] @ gebi joined channel #puppet
[2010/02/04 10:39:55] @ Quit: poison: Read error: No route to host
[2010/02/04 10:39:55] @ poison_ joined channel #puppet
[2010/02/04 10:44:05] @ malraid joined channel #puppet
[2010/02/04 10:48:46] @ kaptk2 joined channel #puppet
[2010/02/04 10:50:11] <ashp> i really wish i hadn't come to work today
[2010/02/04 10:50:24] <ashp> i came in to a mailing list problem that's really our outsourced mail providers fault
[2010/02/04 10:51:35] <joe-mac> hey masterzen i gotta say high five on th is puppetdoc stuff, the latest seems to work pretty dam well, except one area it lacks seemingly is definitions
[2010/02/04 10:51:51] <joe-mac> it doesn't seem to show the full code associated with definitions
[2010/02/04 10:52:34] <joe-mac> one thing i am trying to figure out is if I can add a README to manifestdir for a README for the whole site?
[2010/02/04 10:52:44] <joe-mac> i need to do that... like you do for modules, but for the whole site
[2010/02/04 10:53:42] <Volcane> joe-mac: do you have many environments? does it work for you in that case?
[2010/02/04 10:53:48] * Volcane 's never had luck with puppetdoc
[2010/02/04 10:53:51] <Volcane> no idea wtf
[2010/02/04 10:53:55] <joe-mac> Volcane: you have to run it once per environment
[2010/02/04 10:53:57] <joe-mac> like this
[2010/02/04 10:54:34] <joe-mac> http://www.pastie.org/809468
[2010/02/04 10:54:41] <joe-mac> so that creates docs for my prod environment
[2010/02/04 10:54:48] <joe-mac> you can do that per environment and have poer environment docs
[2010/02/04 10:54:57] @ poison joined channel #puppet
[2010/02/04 10:55:01] <joe-mac> though i find prod is the only env that i have permanently
[2010/02/04 10:55:15] <joe-mac> i do temporary branches for alternate environments named after each person in my team's username
[2010/02/04 10:55:22] @ Quit: poison_: Read error: No route to host
[2010/02/04 10:55:26] <joe-mac> and those don't really need docs since they're just temp dev environments
[2010/02/04 10:55:40] <Volcane> unrecognized option `--force-update'
[2010/02/04 10:55:42] <Volcane> all i get
[2010/02/04 10:55:45] <Volcane> maybe its something to do with old rubys
[2010/02/04 10:56:10] <joe-mac> the --force-update never worked for me
[2010/02/04 10:56:14] <joe-mac> that's why i remove the directory first
[2010/02/04 10:56:18] <joe-mac> then just do it new
[2010/02/04 10:56:21] <joe-mac> do it evert night at midnight
[2010/02/04 10:56:27] <joe-mac> so docs are usually pretty up to date
[2010/02/04 10:56:32] <Volcane> i am not even passing any option like that
[2010/02/04 10:56:33] <joe-mac> i could do a post-commit, but i'd rather not
[2010/02/04 10:57:09] <joe-mac> then where do you get the --force-updatye error? thought that was a puppetdoc option?
[2010/02/04 10:57:15] <Volcane> yup, fuck knows
[2010/02/04 10:57:24] <Volcane> using your command line option, thats what i get
[2010/02/04 10:57:42] <joe-mac> yea, what version you on dude? cause i had a lot of problems even with .24.8
[2010/02/04 10:57:53] <joe-mac> brice made tons of improvements
[2010/02/04 10:57:54] <Volcane> 0.25.4
[2010/02/04 10:57:58] <joe-mac> really???
[2010/02/04 10:58:02] <joe-mac> that's messed up man
[2010/02/04 10:58:23] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=189
[2010/02/04 10:58:36] <joe-mac> i wanna add to who's using puppet but idk if m y boss will go for it
[2010/02/04 10:58:50] <joe-mac> security company, tends to not wanna divulge stuff
[2010/02/04 10:58:59] <joe-mac> everyone who knows me knows where i work thuogh, so whatever
[2010/02/04 10:59:03] <joe-mac> i'm gonna ask him this moernign
[2010/02/04 10:59:37] <joe-mac> besides it speaks volumes and shows our IT dept is up with the times and advanced
[2010/02/04 10:59:52] <Volcane> i think puppetdoc just needs a new ruby is all
[2010/02/04 11:00:02] <Volcane> cos that error is from rdoc
[2010/02/04 11:00:37] <joe-mac> yea, you're probably right. i actually went through a whole day of backporting ruby shit for ubuntu 8.04 to get .25.4 package
[2010/02/04 11:00:45] <joe-mac> well, .25.3, then .4
[2010/02/04 11:01:34] @ eshamow joined channel #puppet
[2010/02/04 11:01:34] * ohadlevy probably need to upgrade RHE3 and RHEL4 ruby to get 0.25.x working
[2010/02/04 11:01:46] * Volcane 's got it on rhel4
[2010/02/04 11:01:51] <Volcane> it just worked
[2010/02/04 11:02:00] <joe-mac> nice
[2010/02/04 11:02:03] <joe-mac> now you should have shiny docs
[2010/02/04 11:02:11] <joe-mac> if you leave good comments in your code the docs look even more professional
[2010/02/04 11:02:14] <Volcane> no, i mean rhel4 + puppet 0.25 just worked :P
[2010/02/04 11:02:18] <Volcane> not puppetdoc
[2010/02/04 11:02:19] <joe-mac> OOOOOO i c
[2010/02/04 11:02:38] <joe-mac> yea, ubuntu did a lot of shit including changing rubygems package name from libgems-ruby1.8 to rubygems
[2010/02/04 11:02:47] <joe-mac> therefore causing a huge piece of shit headache across all my nodes
[2010/02/04 11:03:08] <Volcane> all debian and debian derived junk distro really fucked up ruby builds badly
[2010/02/04 11:03:20] <joe-mac> yep
[2010/02/04 11:03:25] <ohadlevy> volcane: until one day that you'll change something in your manifest
[2010/02/04 11:03:41] <joe-mac> i haven't touched an RH box since I left RH, actually i went back for a store and clustering class, and it was refreshing
[2010/02/04 11:03:42] <Volcane> ohadlevy: yeah these machines has gotta go anyway just 2 of them
[2010/02/04 11:03:53] <ohadlevy> i guess something in my catalog triggers it
[2010/02/04 11:03:58] <joe-mac> s/store/storage
[2010/02/04 11:06:03] <masterzen> joe-mac: what is missing about definitions?
[2010/02/04 11:06:04] @ Quit: xcrracer: Read error: Connection reset by peer
[2010/02/04 11:06:20] @ kaptk2 left channel #puppet ()
[2010/02/04 11:08:09] <joe-mac> masterzen:
[2010/02/04 11:08:14] <joe-mac> let me show you an example
[2010/02/04 11:08:49] @ Quit: jcape: Ping timeout: 264 seconds
[2010/02/04 11:08:58] <masterzen> joe-mac: I have a meeting in 10 minutes, will check with you later tonight or tomorrow :-( (sorry)
[2010/02/04 11:09:11] @ xcrracer joined channel #puppet
[2010/02/04 11:09:47] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=190
[2010/02/04 11:09:47] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=191
[2010/02/04 11:13:52] <ahasenack> guys, I'm a bit confused with how to reference a define which is in another file in my module/manifests directory, or if it's even possible
[2010/02/04 11:14:04] <ahasenack> let's say it's mymodule/manifests
[2010/02/04 11:14:11] <ahasenack> it has mymodule/manifests/init.pp
[2010/02/04 11:14:22] <ahasenack> and mymodule/manifests/mydefine.pp where I have the define
[2010/02/04 11:14:46] <ahasenack> how do I reference it, and declare it? I have seen some examples in the puppet book using define modulename::definition
[2010/02/04 11:14:57] <Volcane> define mymodule::mydefine() ...
[2010/02/04 11:14:57] <ahasenack> but I'm missing some include somewhere, puppet just doesn't find it
[2010/02/04 11:15:04] <Volcane> mymodule::mydefine{"foo": ... }
[2010/02/04 11:15:11] <ahasenack> that in init.pp?
[2010/02/04 11:15:15] <Volcane> require => Mymodule::Mydefine["foo"]
[2010/02/04 11:15:22] <ahasenack> hmm
[2010/02/04 11:15:32] <Volcane> its just like any other resources
[2010/02/04 11:15:51] <ahasenack> so I always use the mymodule:: prefix
[2010/02/04 11:16:05] <ahasenack> both in the definition in that separate file, and in the "usage" in the init.pp file
[2010/02/04 11:16:16] <ahasenack> no extra includes necessary in init.pp?
[2010/02/04 11:16:26] @ Quit: m1nish: Ping timeout: 245 seconds
[2010/02/04 11:16:39] <Volcane> it goes in mydefine.pp in mymodule/manifests
[2010/02/04 11:16:42] <Volcane> and u can use it anywhere
[2010/02/04 11:16:44] <Volcane> even in other modules
[2010/02/04 11:16:55] <ahasenack> so the filename matches the definition name
[2010/02/04 11:17:13] <ahasenack> mymodule/manifests/mydefine.pp will have define mymodule::mydefine()
[2010/02/04 11:17:25] <Volcane> yes
[2010/02/04 11:17:38] <ahasenack> and in init.pp I juse use mymodule::mydefine() to "call" it
[2010/02/04 11:17:44] <Volcane> no
[2010/02/04 11:17:51] <Volcane> just like file{"name": .... }
[2010/02/04 11:17:51] <ahasenack> and when I require it, I capitalize the initials
[2010/02/04 11:18:06] <ahasenack> so in init.pp I would have mydefine { "name": ...}
[2010/02/04 11:18:09] <Volcane> so too mymodule::mydefine{"name": param => value}
[2010/02/04 11:18:31] <ahasenack> with the prefix
[2010/02/04 11:18:31] <ahasenack> ok
[2010/02/04 11:18:34] <ahasenack> let's try
[2010/02/04 11:19:17] <joe-mac> might be able to get our name on the list, just emailed the higher ups
[2010/02/04 11:19:50] @ Quit: gebi: Read error: Operation timed out
[2010/02/04 11:20:09] @ ambroff joined channel #puppet
[2010/02/04 11:20:36] @ Quit: omry_\|work: Ping timeout: 258 seconds
[2010/02/04 11:21:07] @ Quit: mqr: Quit: mqr
[2010/02/04 11:23:48] @ poison_ joined channel #puppet
[2010/02/04 11:24:19] @ Quit: poison: Read error: Connection reset by peer
[2010/02/04 11:24:35] <ahasenack> hmm, I keep getting Could not find resource type mymodule::mydefine at someline from init.pp :(
[2010/02/04 11:24:44] @ jbartus joined channel #puppet
[2010/02/04 11:24:54] <ahasenack> I'll paste what I have, maybe it's something obvious (I have been known for typos)
[2010/02/04 11:24:56] @ kaptk2 joined channel #puppet
[2010/02/04 11:27:30] <joe-mac> ahasenack: yea we need to see code, i recall a bug in .24 or .25 beta of randomly not being able to find classes
[2010/02/04 11:27:36] <joe-mac> but it could just be yuor code
[2010/02/04 11:28:50] <ahasenack> I think this is all: http://pastebin.ubuntu.com/368952/
[2010/02/04 11:28:56] <fzzzt> If I have to move my Puppet from one machine to another, what should I copy? Just ssl/ca/*?
[2010/02/04 11:29:05] <ahasenack> I removed bits I don't think have anything to do with it to keep it short, but I can re-add them
[2010/02/04 11:29:07] <joe-mac> i have ssl in svn fzzzt
[2010/02/04 11:29:09] <joe-mac> jsut in case
[2010/02/04 11:29:16] <fzzzt> that's what I'm thinking
[2010/02/04 11:29:20] <fzzzt> so all of ssl
[2010/02/04 11:29:23] <fzzzt> hmm
[2010/02/04 11:29:27] <ohadlevy> joe-mac: really you store the priv key in the repo?
[2010/02/04 11:29:29] <joe-mac> yea i actually poin ssldir at /etc/puppet/ssl
[2010/02/04 11:29:35] <joe-mac> and have all of /etc/puppet in svn
[2010/02/04 11:29:37] <ahasenack> the error I get is Feb 4 11:24:11 puppet-master puppetmasterd[4703]: Could not find resource type landscape-client::landscape_config at /etc/puppet/modules/landscape-client/manifests/init.pp:64 on node puppet-client.local
[2010/02/04 11:29:50] <ohadlevy> for the master or clients?
[2010/02/04 11:29:51] <joe-mac> yep... but svn is protected by massive PKI through SSH to only about 3 different people
[2010/02/04 11:29:58] <z00dax> mpdehaan: i now know what you are doing in #puppet.
[2010/02/04 11:30:13] <ahasenack> regarding versions, it's 0.24.4-3, so indeed a bit old
[2010/02/04 11:30:15] <joe-mac> ohadlevy: for my puppet repo
[2010/02/04 11:30:35] <ahasenack> from ubuntu hardy. I'm trying to avoid upgrading if I can
[2010/02/04 11:30:48] <Volcane> ahasenack: well you shouldnt use "-" in a class names, though i doubt this is hte problem, double check the file is really on the master, restart the master and check the daemon.log for syntax error notices
[2010/02/04 11:31:14] <ahasenack> -rw-r--r-- 1 root root 675 2010-02-04 11:20 landscape_config.pp
[2010/02/04 11:31:17] <ahasenack> root@puppet-master:/etc/puppet/modules/landscape-client/manifests#
[2010/02/04 11:31:20] <ahasenack> so path is ok
[2010/02/04 11:31:28] <ahasenack> I can retry without the -
[2010/02/04 11:31:32] <ahasenack> let's see daemon.log
[2010/02/04 11:32:17] <ahasenack> nope, same thing, that error is in both syslog and daemon.log
[2010/02/04 11:32:21] <ahasenack> so let's try without the -
[2010/02/04 11:32:49] <Volcane> ahasenack: old versions might not have loaded defines from definename.pp, put it into init.pp
[2010/02/04 11:33:01] <uphillian> i think "-" isn't legal in a class name, should get errors on startup
[2010/02/04 11:33:27] <ahasenack> Volcane: just "include landscapeclient::landscapeconfig"? (now without the dashes)
[2010/02/04 11:33:27] <fzzzt> joe-mac: Do you specify ssl-dir as a start parameter?
[2010/02/04 11:33:35] <Volcane> no, put hte code in init.pp
[2010/02/04 11:33:52] <ahasenack> Volcane: ah, well, then it works
[2010/02/04 11:34:01] <ahasenack> Volcane: if the define is in init.pp
[2010/02/04 11:34:09] <Volcane> oh, then its just old version weirdness
[2010/02/04 11:34:16] <ahasenack> even with the "-"
[2010/02/04 11:34:38] <ahasenack> Volcane: ok, so in newer versions it's expected that the file with the define will be loaded automatically?
[2010/02/04 11:34:49] <Volcane> yeah, works for me
[2010/02/04 11:34:50] <ahasenack> I remember reading that starting with some version the modules were loaded automatically
[2010/02/04 11:35:00] <ahasenack> but the doc said that about the init.pp file only
[2010/02/04 11:35:39] <ahasenack> Volcane: ok, thanks for the help!
[2010/02/04 11:35:52] <joe-mac> fzzzt: i have it in puppet.conf yea
[2010/02/04 11:36:09] <joe-mac> ahasenack: fyi, you can easily build at least .24.8 with barely any mods to ubuntu hardy
[2010/02/04 11:36:17] <joe-mac> just go to ftp.ubuntu.com and get the path to the dsc
[2010/02/04 11:36:24] <joe-mac> or even just grab the .deb
[2010/02/04 11:36:29] <joe-mac> along with facter like 1.5.6
[2010/02/04 11:36:36] <ahasenack> yeah, facter is also odd
[2010/02/04 11:36:37] <ahasenack> old
[2010/02/04 11:36:49] <ahasenack> I get spurious errors with lsbdistcodename not being defined
[2010/02/04 11:36:49] <joe-mac> building .25 is a little cumbersome, but it took me about a morning and things are fine
[2010/02/04 11:36:54] <joe-mac> .24.8 is easy as shit
[2010/02/04 11:36:58] <ahasenack> then I just signal the client with USR1 and in the next run it is defined
[2010/02/04 11:37:24] <ahasenack> so I just added a fail() in the recipe for when it's empty, since it recovers
[2010/02/04 11:37:26] <joe-mac> might want to try upgrading like i said mabn, the .24.8 puppet and slightly new facter work fine
[2010/02/04 11:37:41] <joe-mac> the stock ubuntu is like what, .24.4?
[2010/02/04 11:37:46] <ahasenack> I prefer to stick to packages, I will try to build it in a ppa or something
[2010/02/04 11:37:49] <joe-mac> way too old, and it has that ugly ass color scheme
[2010/02/04 11:37:54] <joe-mac> they are packages ahasenack
[2010/02/04 11:38:00] <joe-mac> this is how you backport packages
[2010/02/04 11:38:08] <ahasenack> facter 1.3.8-1 and puppet 0.24.4-3 in hardy
[2010/02/04 11:38:15] <joe-mac> you can either grab the .dsc, or ftp.ubuntu.com has the .deb too
[2010/02/04 11:38:26] <joe-mac> the dsc lets you build it yourself, the deb lets you just consume it
[2010/02/04 11:38:28] <ahasenack> joe-mac: but the deb is built for hardy?
[2010/02/04 11:38:29] <uphillian> hmmm, in 25.4, "-" is fine actually, my mistake
[2010/02/04 11:38:29] <uphillian> Feb 4 11:37:18 soms002 puppetd[30592]: (//this-shouldnt-work/Package[clusterssh]/ensure) ensure changed '3.26-2.fc12' to 'true'
[2010/02/04 11:38:35] <ahasenack> joe-mac: the newer version?
[2010/02/04 11:39:18] <joe-mac> generally, no, which is why you run dget pathto.dscfile && dpkg-source -x dscfile && cd file && dpkg-buildpackage -rfakeroot -kyourkey@whatever.com
[2010/02/04 11:39:27] @ Quit: suchu: Quit: ChatZilla 0.9.86 [Firefox 3.5.7/20091221164558]
[2010/02/04 11:39:41] <joe-mac> the deb might install idk i just need to sign stuff i pull in as part of policy
[2010/02/04 11:39:43] <joe-mac> so i always do the dsc
[2010/02/04 11:39:53] <ahasenack> ok, I'll rebuild and see how it goes
[2010/02/04 11:40:02] <joe-mac> yea, you have your own custom repo in house ahasenack?
[2010/02/04 11:40:03] <ahasenack> that's from lucid probably
[2010/02/04 11:40:06] <joe-mac> if not i recommend making one
[2010/02/04 11:40:16] <joe-mac> so you can do stuff like this and just add it with reprepro
[2010/02/04 11:40:20] @ Quit: tim\|macbook: Quit: tim\|macbook
[2010/02/04 11:40:20] <ahasenack> joe-mac: I would use my ppa in launchpad for it if it builds correctly
[2010/02/04 11:40:27] <joe-mac> there ya go that works too
[2010/02/04 11:40:32] <ahasenack> joe-mac: I will first try locally
[2010/02/04 11:40:35] <joe-mac> it should build fine man the build dependencies are nearly nothing
[2010/02/04 11:40:43] <ahasenack> if I can get the .deb built, then I put it on lp
[2010/02/04 11:40:47] <joe-mac> .25+ are the ones that are a bitch to build ion ubuntu 8.04
[2010/02/04 11:40:53] <ahasenack> and use it from now on
[2010/02/04 11:41:07] <uphillian> @joe-mac: what's hard about .25? the ruby deps?
[2010/02/04 11:41:18] <joe-mac> yea uphillian took me a whole morning to fix all the ruby deps
[2010/02/04 11:41:25] <uphillian> gotcha
[2010/02/04 11:41:37] <joe-mac> it's sort like dependency hell
[2010/02/04 11:41:42] <joe-mac> cause you're pulling in all this new shit
[2010/02/04 11:41:47] <joe-mac> but in the end it's worth it
[2010/02/04 11:42:11] <joe-mac> you can just use puppet to point your nodes at your custom repo and when you have your own updtaes push tehm to that repo then apt lets you know there's an update badda bing badda boom
[2010/02/04 11:42:25] <ahasenack> yep
[2010/02/04 11:42:39] <ahasenack> thanks for all the tips guys
[2010/02/04 11:42:42] <joe-mac> np
[2010/02/04 11:43:29] @ Quit: Ramonster: Quit: Get MacIrssi - http://www.sysctl.co.uk/projects/macirssi/
[2010/02/04 11:47:02] @ warreng joined channel #puppet
[2010/02/04 11:48:35] @ unxfrek joined channel #puppet
[2010/02/04 11:50:21] @ Mike joined channel #puppet
[2010/02/04 11:50:49] @ Mike is now known as Guest51697
[2010/02/04 11:51:41] @ Guest51697 is now known as jmnewton
[2010/02/04 11:57:27] @ ohadlevy left channel #puppet ("Leaving.")
[2010/02/04 11:57:46] <ahasenack> someone here from reductivelabs? There is no signature for the facter tarball download
[2010/02/04 11:57:56] <ahasenack> http://reductivelabs.com/downloads/facter/facter-1.5.7.tar.gz and no corresponding http://reductivelabs.com/downloads/facter/facter-1.5.7.tar.gz.sign link
[2010/02/04 12:01:01] <duritong> this haven't had been setup at this time
[2010/02/04 12:01:54] <ahasenack> ok
[2010/02/04 12:02:31] @ ohadlevy joined channel #puppet
[2010/02/04 12:03:25] @ Quit: unxfrek: Ping timeout: 264 seconds
[2010/02/04 12:04:11] @ Quit: danielbln: Quit: Leaving.
[2010/02/04 12:04:48] @ Quit: jmnewton: Quit: jmnewton
[2010/02/04 12:05:43] <nasrat> yeah future releases will be signed
[2010/02/04 12:06:08] @ Quit: docelic: Read error: Operation timed out
[2010/02/04 12:06:20] <nasrat> 21db7b613fe14a54e72ef062f3d5e190 facter-1.5.7.tar.gz
[2010/02/04 12:09:35] @ mapa3m joined channel #puppet
[2010/02/04 12:09:41] <mgarfias> how do I get exported resources into a template? is it even possible?
[2010/02/04 12:09:42] <mapa3m> Fellow puppetmasters
[2010/02/04 12:09:59] <mapa3m> I'm getting this error "err: Connection timeout calling fileserver.retrieve: execution expired"
[2010/02/04 12:10:15] <mapa3m> While trying to transfer a large file using puppet
[2010/02/04 12:10:27] <mapa3m> is there a way to set timeouts to something significantly longer?
[2010/02/04 12:11:29] <Volcane> puppet isnt great for xfer'ing large files
[2010/02/04 12:11:42] <Volcane> will use LOTS of memory and just in general suck
[2010/02/04 12:12:50] <mapa3m> Oh
[2010/02/04 12:12:56] <mapa3m> unfortunate :(
[2010/02/04 12:13:06] <fsweetser> this blog post has a really clever workaround for large files
[2010/02/04 12:13:18] <fsweetser> http://www.masterzen.fr/2010/01/28/puppet-memory-usage-not-a-fatality/
[2010/02/04 12:13:35] <masterzen> fsweetser: only for the master unfortunately.
[2010/02/04 12:13:39] <fsweetser> true
[2010/02/04 12:13:50] * masterzen is working to stream files on the client side so to not store the whole content in ram
[2010/02/04 12:13:56] <fsweetser> still a clever trick, though =)
[2010/02/04 12:14:01] <masterzen> :-)
[2010/02/04 12:14:12] <fluxdude> I have a define in my cron module which isn't in a class and this is called in my class in another module
[2010/02/04 12:14:17] <fluxdude> in the same module I then have a sub-class which inherits from the main class and try to override the File definition that the define set in the parent class yet I get an error
[2010/02/04 12:14:24] <fluxdude> Only subclasses can override parameters at....
[2010/02/04 12:14:26] <mikepea> masterzen: are you doing that in the file type?
[2010/02/04 12:14:32] <fluxdude> but this is a subclass of the class where the define was called to create the file resource
[2010/02/04 12:14:42] <fluxdude> I have no idea why I am still getting this error
[2010/02/04 12:15:24] <masterzen> mikepea: yes and no. The file type will be able to stream the http response body (ie the content) to the disk, but the inner working is more in the rest client and formats.
[2010/02/04 12:15:53] <masterzen> mikepea: I'm currently not focusing yet on file source, but more on catalog json parsing through streaming response.
[2010/02/04 12:16:18] <masterzen> and it doesn't work yet (but I spent only 30min on this topic, I wish I had more time).
[2010/02/04 12:16:28] <mikepea> masterzen: fair play. I'm hoping that a http:// file source will one day be on the cards for file{} :)
[2010/02/04 12:17:15] <mikepea> ... though in the meantime i'll have a go at a curl custom type i think.
[2010/02/04 12:17:28] <masterzen> mikepea: I'm not sure it will happen, because puppet needs some metadata which http:// will be unable to provide... and BTW puppet:// is HTTP :-)
[2010/02/04 12:17:54] <masterzen> (at least for the file content part, see my blog post mentioned earlier)
[2010/02/04 12:19:31] @ Quit: xerxas: Quit: Leaving.
[2010/02/04 12:19:40] <fluxdude> Am I right in that when calling a define, the resources it's defined are local to the current class?
[2010/02/04 12:20:02] <fluxdude> so that if I subclass the class where I called the define I should be able to override any resources the define has placed there?
[2010/02/04 12:20:06] @ nigelk joined channel #puppet
[2010/02/04 12:20:14] <mikepea> masterzen: not sure i understand correctly, what metadata does the file type need over checksum comparison to establish that it has an updated file?
[2010/02/04 12:21:31] @ Quit: Robbie_: Remote host closed the connection
[2010/02/04 12:22:32] @ Quit: ahasenack: Ping timeout: 256 seconds
[2010/02/04 12:22:37] <masterzen> mikepea: beside the checksum: owner, group, mode, type (and certainly some other that I'm forgetting)
[2010/02/04 12:24:08] @ Quit: ricky: Ping timeout: 272 seconds
[2010/02/04 12:24:15] <mikepea> masterzen: ah, ok, so puppet is getting default mode/owner/group/etc from the file source on the fileserver?
[2010/02/04 12:24:38] <mikepea> (where fileserver == puppet:// source)
[2010/02/04 12:25:10] @ murkk joined channel #puppet
[2010/02/04 12:25:52] * mikepea has lots of large files to pull from various http repositories - nexus in particular.
[2010/02/04 12:26:14] * Volcane 's make a little define that you specify a md5 hash and a url
[2010/02/04 12:26:32] * mikepea would like this define.
[2010/02/04 12:26:34] <Volcane> downloads the file with an exec and subsequent runs has a check of the md5 from the manifest
[2010/02/04 12:26:56] <Volcane> checksum doesnt match, download again, so you can handle timeouts on the exec and stuff
[2010/02/04 12:26:59] <Volcane> its pretty grim
[2010/02/04 12:27:05] <Volcane> packages still best :)
[2010/02/04 12:27:15] <mikepea> good point.
[2010/02/04 12:27:16] @ docelic joined channel #puppet
[2010/02/04 12:27:31] <Volcane> even just ones made with alien - which is about as hard as tarring something
[2010/02/04 12:27:38] @ allsystemsarego joined channel #puppet
[2010/02/04 12:28:22] @ Quit: bug: Quit: bug
[2010/02/04 12:29:16] * mikepea needs to look at maven in a bit more detail to see whether it can create rpm/debs and store in nexus
[2010/02/04 12:30:27] @ ricky joined channel #puppet
[2010/02/04 12:30:30] <Volcane> most tarlike rpms - no pre/post installs etc - are so easy to just template drive and perfect for something like maven
[2010/02/04 12:37:29] <murkk> i am setting a variable = to an array of packages and then using the package resource to install but I get an error
[2010/02/04 12:37:39] <murkk> http://pastie.org/809634
[2010/02/04 12:37:43] <fluxdude> I've stopped using a define where I was having trouble overriding, and now instead I have just defined the file resource in a class, inherited that class and done File["filename"] { ensure => absent }
[2010/02/04 12:37:48] <murkk> using 0.24,
[2010/02/04 12:37:53] @ Quit: themurph: Quit: themurph
[2010/02/04 12:38:08] <fluxdude> but when I include the subclass and run puppetd --test it doesn't remove "filename" as expected
[2010/02/04 12:38:11] <fluxdude> any ideas why?
[2010/02/04 12:38:26] @ themurph joined channel #puppet
[2010/02/04 12:38:29] <Volcane> murkk: dont quote the array
[2010/02/04 12:38:50] <Volcane> murkk: you're telling it to represent the array as a single string when you quote it
[2010/02/04 12:39:01] @ Quit: poison_: Remote host closed the connection
[2010/02/04 12:39:15] <Volcane> so just package{$packages: ... }
[2010/02/04 12:39:16] @ Quit: themurph: Client Quit
[2010/02/04 12:39:36] <murkk> Volcane: ok I see, thanks
[2010/02/04 12:41:05] <fluxdude> this is driving me nuts... I can't see why it wouldn't remove the file...
[2010/02/04 12:41:17] @ Quit: jaredrhine: Ping timeout: 260 seconds
[2010/02/04 12:41:49] <fluxdude> I wonder if this is a bug...
[2010/02/04 12:41:55] <fluxdude> using 0.24.8
[2010/02/04 12:43:16] <murkk> oops i meant I was using 25.4
[2010/02/04 12:43:20] <fluxdude> at least if I delete it manually it doesn't put it back...
[2010/02/04 12:43:28] <fluxdude> but weird how it doesn't remove it...
[2010/02/04 12:45:01] @ lucky__ joined channel #puppet
[2010/02/04 12:45:42] <fluxdude> ok figured it out, was using --test and --tags class::subclass but this doesn't run --tags class
[2010/02/04 12:45:46] <fluxdude> as one might implicitly suspect
[2010/02/04 12:46:02] <fluxdude> annoying, I've hit this problem at least twice before and every time forgotten about the fix
[2010/02/04 12:46:21] @ lilmatt joined channel #puppet
[2010/02/04 12:46:28] @ Quit: baughj: Quit: Lost terminal
[2010/02/04 12:47:49] @ Quit: tyll: Quit: leaving
[2010/02/04 12:59:30] @ mikerowehl joined channel #puppet
[2010/02/04 13:00:04] @ tonyskapunk joined channel #puppet
[2010/02/04 13:00:12] @ incommon_ike joined channel #puppet
[2010/02/04 13:00:14] @ Quit: madduck: Ping timeout: 272 seconds
[2010/02/04 13:00:28] @ Quit: `properzel: Ping timeout: 260 seconds
[2010/02/04 13:00:30] @ Quit: Caomai: Read error: Connection reset by peer
[2010/02/04 13:00:34] <incommon_ike> anyone running puppet-dashboard with a postgres backend
[2010/02/04 13:03:25] @ Quit: TREllis: Quit: leaving
[2010/02/04 13:04:22] @ jcape joined channel #puppet
[2010/02/04 13:05:23] @ Quit: lucky__: Quit: Leaving...
[2010/02/04 13:05:25] <nigelk> Volcane: are you distributing plugins in modules with environments?
[2010/02/04 13:05:30] @ Caomai joined channel #puppet
[2010/02/04 13:06:48] @ `properzel joined channel #puppet
[2010/02/04 13:13:51] @ mqr joined channel #puppet
[2010/02/04 13:14:46] @ Blondii0 joined channel #puppet
[2010/02/04 13:15:03] @ Blondii0 left channel #puppet ()
[2010/02/04 13:15:31] @ Pupeno joined channel #puppet
[2010/02/04 13:16:53] @ Quit: hexplody: Remote host closed the connection
[2010/02/04 13:20:33] <Pupeno> I've just followed http://reductivelabs.com/trac/puppet/wiki/SimplestPuppetInstallRecipe but my sudoers files doesn't get fixed. I have both puppetd and puppetmaster running on the same machine. I'm not sure where to start looking for issues. The logs show webric starting, the certificate data and that's it.
[2010/02/04 13:20:53] @ bug joined channel #puppet
[2010/02/04 13:22:47] <Pupeno> Any ideas what I am doing wrong?
[2010/02/04 13:23:41] @ mverwijs joined channel #puppet
[2010/02/04 13:24:47] <incommon_ike> pupeno: I like to run puppetd --no-daemonize --verbose --debug in one window and puppetmasterd --no-daemonize --verbose --debug in another. Doing so may give more info such as permission denied errors going on.
[2010/02/04 13:25:14] <Pupeno> incommon_ike: good idea.
[2010/02/04 13:25:49] <incommon_ike> pupeno: you'll have to stop the daemon processes, of course
[2010/02/04 13:25:56] <Pupeno> incommon_ike: yes.
[2010/02/04 13:27:16] @ themurph joined channel #puppet
[2010/02/04 13:28:15] @ ahasenack joined channel #puppet
[2010/02/04 13:28:34] <Pupeno> Well... err: /File[/var/lib/puppet/lib]: Failed to generate additional resources during transaction: Could not find server puppet
[2010/02/04 13:28:40] <Pupeno> That doesn't look right.
[2010/02/04 13:28:55] @ vad3R joined channel #puppet
[2010/02/04 13:28:58] <ahasenack> Volcane, joe-mac: after upgrading to puppet 0.25.4 that define we talked about earlier was imported automatically and worked just fine in its own separate file
[2010/02/04 13:29:37] <ahasenack> Pupeno: you need to add a server=<someservername> to puppet.conf, or use --server command line. By default, it looks for a server called "puppet" (dns)
[2010/02/04 13:29:50] @ jaredrhine joined channel #puppet
[2010/02/04 13:30:33] @ Quit: mqr: Ping timeout: 252 seconds
[2010/02/04 13:31:36] @ robinbowes joined channel #puppet
[2010/02/04 13:31:36] <Pupeno> Now that server=localhost, the certificates are not matching: err: /File[/var/lib/puppet/lib]: Failed to generate additional resources during transaction: Certificates were not trusted: hostname was not match with the server certificate
[2010/02/04 13:32:22] <ahasenack> Pupeno: see what "hostname -f" returns
[2010/02/04 13:33:10] @ Quit: joe-mac1: Ping timeout: 272 seconds
[2010/02/04 13:33:22] @ WALoeIII joined channel #puppet
[2010/02/04 13:33:34] <Pupeno> ahasenack: ok, thanks. How do you normally manage these certificates? puppet seems to autogenerate them.
[2010/02/04 13:33:55] <ahasenack> Pupeno: I keep sane hostnames
[2010/02/04 13:34:03] <ahasenack> Pupeno: or just use ips
[2010/02/04 13:34:14] <ahasenack> but I'm testing, that's why I'm getting away with jus tips
[2010/02/04 13:34:25] <ahasenack> certname=192.168.122.211 in the puppet.conf from the master, for example
[2010/02/04 13:34:32] <ahasenack> helps when using vms to test
[2010/02/04 13:34:40] <ahasenack> but a sane DNS is the proper solution
[2010/02/04 13:35:27] <Pupeno> ahasenack: if your IP changes you throw away the box and re-start from scratch? Or does puppet have a way to re-generate the certs?
[2010/02/04 13:35:51] <ahasenack> Pupeno: it's just a pair of vms that I use to learn puppet, very disposable
[2010/02/04 13:36:23] <ahasenack> Pupeno: you can probably regenerate the certs, clean old ones, etc with puppetca, but you should really have a sane dns for a real puppet deployment
[2010/02/04 13:37:38] <Pupeno> ahasenack: I will have DNS once I'm not working on a virtual machine in my laptop, but what do I configure first, DNS server or puppet?
[2010/02/04 13:38:25] <ahasenack> Pupeno: set /etc/hostname to a sane value, puppet will use that by default iirc
[2010/02/04 13:38:32] <ahasenack> or just override it with certname=<somefqdn>
[2010/02/04 13:38:38] <ahasenack> which has to be the same your client will use
[2010/02/04 13:38:44] <ahasenack> in server=<somefqdn>
[2010/02/04 13:39:16] <Pupeno> I've got it how to do it right the first time... I just want to know how to fix it afterwards.
[2010/02/04 13:40:56] <ahasenack> a proper dns then. All machines with fqdns and reverse records set up, hostname -f properly working on all machines and giving unique results, etc
[2010/02/04 13:41:19] <Pupeno> ahasenack: ok, whatever. Thanks, it's now working.
[2010/02/04 13:47:39] @ mqr joined channel #puppet
[2010/02/04 13:49:23] @ incommon_ike left channel #puppet ()
[2010/02/04 13:56:26] @ Quit: cliff-hm: Ping timeout: 245 seconds
[2010/02/04 13:57:11] @ cliff-hm joined channel #puppet
[2010/02/04 13:57:57] @ jbooth joined channel #puppet
[2010/02/04 13:58:40] @ Quit: vad3R: Quit: vad3R
[2010/02/04 14:02:29] @ Quit: giskard: Remote host closed the connection
[2010/02/04 14:04:53] @ Quit: mqr: Ping timeout: 240 seconds
[2010/02/04 14:10:04] <nigelk> ahasenack: Pupeno note that certname doesn't have to be any kind of hostname
[2010/02/04 14:10:08] <nigelk> it can be a completely opaque string
[2010/02/04 14:10:13] <nigelk> we use UUIDs for them
[2010/02/04 14:10:44] @ Chiku joined channel #puppet
[2010/02/04 14:12:30] @ elijahwright joined channel #puppet
[2010/02/04 14:13:19] @ shenson joined channel #puppet
[2010/02/04 14:13:44] <shenson> is there a way to hook into the puppet signing process so that we can do something when a certificate gets signed? I'm looking for a hook of sorts
[2010/02/04 14:19:07] <mapa3m> have something waching the "signed" directory?
[2010/02/04 14:19:29] <elasticdog> phusion passenger is pretty slick...never had set it up before
[2010/02/04 14:19:33] @ mqr joined channel #puppet
[2010/02/04 14:19:46] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=192
[2010/02/04 14:19:46] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=193
[2010/02/04 14:20:40] @ gpled joined channel #puppet
[2010/02/04 14:20:51] @ jes5 joined channel #puppet
[2010/02/04 14:21:06] <gpled> can anyone see my error here? http://linux-coders.pastebin.com/d4094613b
[2010/02/04 14:21:14] <gpled> not sure why it cant get that file
[2010/02/04 14:21:43] @ Quit: skiold: Quit: skiold
[2010/02/04 14:22:22] @ ccaum joined channel #puppet
[2010/02/04 14:23:49] <jrojas> gpled: how big is the file?
[2010/02/04 14:24:30] <gpled> jrojas: 26M
[2010/02/04 14:24:38] <jrojas> hm odd
[2010/02/04 14:25:06] <gpled> i have a gut feeling that this is something else, and the code is correct
[2010/02/04 14:25:14] <gpled> selinux or something
[2010/02/04 14:26:26] <gpled> other files from the same recipe copy down fine
[2010/02/04 14:27:50] <Volcane> god invented package managers for a reason
[2010/02/04 14:28:01] <Volcane> every time you copy/untar/make with puppet unicorns get their horns cut off
[2010/02/04 14:28:41] <ezekiel> and babies squeal in pain
[2010/02/04 14:28:41] <jrojas> do they stop farting rainbows ?
[2010/02/04 14:28:50] <ezekiel> yes
[2010/02/04 14:28:55] <jrojas> does robocop cry?
[2010/02/04 14:29:14] <ezekiel> robocop never cries, but yes.
[2010/02/04 14:29:18] <jrojas> whoa
[2010/02/04 14:29:26] <jrojas> my mind is now blown
[2010/02/04 14:29:45] @ giskard joined channel #puppet
[2010/02/04 14:30:04] <jrojas> Volcane: in all fairness, there are few package managers that actually are worth a damn,
[2010/02/04 14:30:26] <Volcane> even gems are better than copying files iwth puppet, and realy that says a lot :)
[2010/02/04 14:30:31] <jrojas> yeah
[2010/02/04 14:30:44] <ccaum> Hello all. I'm having a problem with ralsh on Mac OS X 10.6. I seem to be hitting bug #2415, but with ralsh instead of facter. Basic info: http://pastie.org/809810
[2010/02/04 14:30:45] <gepetto> ccaum: #2415 is http://projects.reductivelabs.com/issues/show/2415 "Facter - Bug #2415: patch for first-rev Mac OS X versions - ReductiveLabs.com"
[2010/02/04 14:32:18] @ Quit: bobbyz: Ping timeout: 256 seconds
[2010/02/04 14:34:42] @ Quit: choc: Quit: changing servers
[2010/02/04 14:34:54] @ Quit: alfism: Quit: http://opensolaris.com/
[2010/02/04 14:35:15] @ alfism joined channel #puppet
[2010/02/04 14:36:06] <eric0> hey thats my bug
[2010/02/04 14:36:06] <ccaum> I just tested it with 0.25.4 and it works. I can't upgrade everything to 0.25.4 just yet, though I plan to soon
[2010/02/04 14:36:48] <eric0> how about upgrade to 10.6.2 :)
[2010/02/04 14:37:09] <ccaum> Yeah, I need to do that too ;)
[2010/02/04 14:38:36] @ Quit: f3ew: Ping timeout: 265 seconds
[2010/02/04 14:41:35] <ccaum> Gah, I never approved the 10.6.2 update on the update server. No wonder it's no up to date
[2010/02/04 14:45:27] @ choc joined channel #puppet
[2010/02/04 14:45:41] <mpdehaan> Volcane, can you elaborate on your file copying problems? I'm curious.
[2010/02/04 14:45:48] <mpdehaan> I know there's some work going on to make that faster-er.
[2010/02/04 14:47:00] <Volcane> file copying sux in puppet, a LOT in 0.24 a bit less in 0.25 but still sucky
[2010/02/04 14:47:44] @ ezmobius joined channel #puppet
[2010/02/04 14:47:58] <gpled> so is this what is going on with my copy issue?
[2010/02/04 14:48:07] <jbooth> File copying was weak enough in puppet I switched a HPC cluster to use the shared NFS and plain old location-to-location file copies. I was only copying a 10 meg boot image around.
[2010/02/04 14:48:07] <Volcane> yup
[2010/02/04 14:48:16] <Volcane> puppet is a config management tool, not a make file replacement
[2010/02/04 14:48:34] <joe-mac> yep
[2010/02/04 14:48:48] <jbooth> That said NFS copies work great! ;-)
[2010/02/04 14:48:59] <Volcane> 10 meg file in 0.24 would have used about 40ish meg or ram continuesly in the daemons
[2010/02/04 14:49:39] <gpled> funny thing. make under puppet works great. seems like that would be hard. file copy fails???
[2010/02/04 14:50:50] @ incommon_ike joined channel #puppet
[2010/02/04 14:50:51] <mpdehaan> Volcane, so yeah, performance
[2010/02/04 14:51:28] <mpdehaan> so still unhappy with the resty file copies?
[2010/02/04 14:51:40] <mpdehaan> XMLRPC file transfer I definitely gather would be slowness
[2010/02/04 14:51:48] <Volcane> yup, you dont want to copy large files with puppet for sure
[2010/02/04 14:52:22] <mpdehaan> So it's not streaming them, basically
[2010/02/04 14:52:30] @ benlovell joined channel #puppet
[2010/02/04 14:52:41] @ Quit: bkohler: Ping timeout: 245 seconds
[2010/02/04 14:53:24] * mpdehaan ponders if it could just set up NFS for you in some cases ... though file sec should be considered
[2010/02/04 14:53:31] <Volcane> still, the basic pattern of download tgz, untar, compile etc
[2010/02/04 14:53:36] <Volcane> that fails, its not deterministic
[2010/02/04 14:53:43] <Volcane> and doesnt give u the same result on a cluster of machines
[2010/02/04 14:53:49] <Volcane> means u need compilers everywhere etc
[2010/02/04 14:54:12] <Volcane> and turns puppet from rn over/over/over again pattern into something with lots of little semaphore files with creates/unless etc
[2010/02/04 14:54:18] <eric0> IMO support for file: {myfile: source => "http://webserver/path/to/file" } would go a long way
[2010/02/04 14:54:22] <Volcane> all waiting to end up in lost+found and fuck your day up
[2010/02/04 14:54:42] <Volcane> eric0: so how do you determine in that case that the download completed, didnt get corrupted etc?
[2010/02/04 14:54:44] <eric0> you could even use http cache semantics to avoid unnecessary transfers.
[2010/02/04 14:54:52] <mpdehaan> so yeah like wget/curl? NFS seems obvious too.
[2010/02/04 14:55:15] <eric0> Volcane: same way browsers do it..content-length
[2010/02/04 14:55:17] <mpdehaan> eric0, mind filing a RFE for that?
[2010/02/04 14:55:30] <eric0> mpdehaan: think theres one or more in already, sec
[2010/02/04 14:55:50] <WALoeIII> what is the puppet syntax to get puppetmaster to spit something to the log when compiling the catalog
[2010/02/04 14:55:53] <WALoeIII> report?
[2010/02/04 14:55:59] <eric0> http transport >nfs because its so much more ubiquitous/platform neutral/firewall friendly
[2010/02/04 14:56:23] <mpdehaan> I've had some severe "fun" with NFS, for sure
[2010/02/04 14:56:33] <mpdehaan> was setting up a lab and it was taking /days/ to transfer these disk images
[2010/02/04 14:56:35] @ f3ew joined channel #puppet
[2010/02/04 14:56:38] <mpdehaan> switch to http... zoom zoom
[2010/02/04 14:56:54] <fsweetser> eric0: don't forget easier to setup, HA friendly, more stable, and way less insecure =)
[2010/02/04 14:56:55] <mpdehaan> though that's mostly a tuning issue
[2010/02/04 14:57:03] <mpdehaan> HA for free is a big plus
[2010/02/04 14:57:15] @ tecto joined channel #puppet
[2010/02/04 14:57:16] @ Quit: tecto: Changing host
[2010/02/04 14:57:16] @ tecto joined channel #puppet
[2010/02/04 14:57:18] <mpdehaan> security would be a bit interesting
[2010/02/04 14:57:39] <mpdehaan> yeah eric0 pass along that ticket and I'll add some comments to it, else I can dig if needed
[2010/02/04 14:57:43] <Volcane> masterzen's setup already takes care of most of that thogh
[2010/02/04 14:58:49] <eric0> mpdehaan: #1946 is related , not for source attributes but file() function sources.
[2010/02/04 14:58:50] <gepetto> eric0: mpdehaan: #1946 is http://projects.reductivelabs.com/issues/show/1946 "Puppet - Feature #1946: let file() obtain file contents from fileserver and/or module space - ReductiveLabs.com"
[2010/02/04 15:00:11] <mpdehaan> that doesn't quite say the same thing :)
[2010/02/04 15:00:26] <mpdehaan> adding comments
[2010/02/04 15:01:15] @ Robbie_ joined channel #puppet
[2010/02/04 15:02:02] @ bobbyz joined channel #puppet
[2010/02/04 15:07:16] @ incommon_ike left channel #puppet ()
[2010/02/04 15:08:04] @ Quit: themurph: Quit: themurph
[2010/02/04 15:08:30] @ jfreeman joined channel #puppet
[2010/02/04 15:09:10] @ gpled left channel #puppet ("Ex-Chat")
[2010/02/04 15:10:24] @ madduck joined channel #puppet
[2010/02/04 15:11:50] @ fzzzt left channel #puppet ()
[2010/02/04 15:11:51] @ madduck_ joined channel #puppet
[2010/02/04 15:11:52] @ Quit: madduck_: Changing host
[2010/02/04 15:11:52] @ madduck_ joined channel #puppet
[2010/02/04 15:17:26] <elasticdog> I noticed that the puppetmasterd --genconfig doesn't accurately reflect what it does by default (like default port 8139)
[2010/02/04 15:18:06] @ Quit: madduck_: Quit: leaving
[2010/02/04 15:18:17] @ Quit: madduck: Quit: leaving
[2010/02/04 15:18:41] @ madduck joined channel #puppet
[2010/02/04 15:18:41] @ Quit: madduck: Changing host
[2010/02/04 15:18:42] @ madduck joined channel #puppet
[2010/02/04 15:18:54] <mpdehaan> elasticdog, what does it put in there?
[2010/02/04 15:19:52] <elasticdog> looks like some paths may differ, but the port was the first thing that jumped out at me...it says default port is 8139 instead of 8140
[2010/02/04 15:19:57] @ Quit: madduck: Client Quit
[2010/02/04 15:20:21] <mpdehaan> are you sure you're not looking at the puppetd section?
[2010/02/04 15:20:26] <mpdehaan> think it generates for both...
[2010/02/04 15:20:36] <mpdehaan> (which IMHO, should prob be two config files, but hey...)
[2010/02/04 15:20:55] <mpdehaan> if you think it's still wrong, def file a bug so we can fix it...
[2010/02/04 15:21:03] @ madduck joined channel #puppet
[2010/02/04 15:21:13] <elasticdog> ahhh, it's under the [puppetmasterd] section, but that's for the puppetport (so puppetd)
[2010/02/04 15:21:45] <elasticdog> mpdehaan: thanks for the clarification...I'll double check what I thought was off
[2010/02/04 15:22:08] <mpdehaan> yeah what port to try to reach on the nodes
[2010/02/04 15:22:36] @ themurph joined channel #puppet
[2010/02/04 15:23:50] @ vad3R joined channel #puppet
[2010/02/04 15:31:04] @ poison joined channel #puppet
[2010/02/04 15:31:32] @ madduck_ joined channel #puppet
[2010/02/04 15:31:33] @ Quit: madduck_: Changing host
[2010/02/04 15:31:33] @ madduck_ joined channel #puppet
[2010/02/04 15:31:40] @ madduck_ is now known as madduck\|afk
[2010/02/04 15:36:15] @ Quit: madduck: Quit: leaving
[2010/02/04 15:36:18] @ RageLink joined channel #puppet
[2010/02/04 15:36:50] @ danielbln joined channel #puppet
[2010/02/04 15:37:52] @ skiold joined channel #puppet
[2010/02/04 15:44:09] @ Mode +v mpdehaan by ChanServ
[2010/02/04 15:44:28] @ Mode +o mpdehaan by ChanServ
[2010/02/04 15:46:01] @ Quit: benlovell: Quit: benlovell
[2010/02/04 15:47:39] @ Quit: Pupeno: Quit: Pupeno
[2010/02/04 15:48:32] @ Quit: jfreeman: Read error: Operation timed out
[2010/02/04 15:52:02] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=194
[2010/02/04 15:52:08] @ Quit: themurph: Quit: themurph
[2010/02/04 15:53:47] @ gwar9999 joined channel #puppet
[2010/02/04 15:54:06] @ themurph joined channel #puppet
[2010/02/04 15:55:10] @ wfrancis joined channel #puppet
[2010/02/04 15:55:57] @ _elmata_ joined channel #puppet
[2010/02/04 15:56:53] <gwar9999> hello all... Is it possible to have an exec resource where puppet doesn't wait for a return? I'd like to have the ability to instruct puppet to restart itself based on external node data. In this situation I want to make sure the current puppet run completes, so wait 10 minutes to issue the restart. Perhaps there is a better way for puppet to restart itself w/o interrupting the current puppet run.
[2010/02/04 15:59:03] @ Quit: RageLink: Ping timeout: 252 seconds
[2010/02/04 15:59:05] @ elementai joined channel #puppet
[2010/02/04 16:00:10] <mpdehaan> gwar9999, don't see it in the type reference, restarting puppet why now?
[2010/02/04 16:00:59] <mpdehaan> want to understand the use case more
[2010/02/04 16:02:53] <gwar9999> Occasionally we have some ldap changes that confuse puppet. Restarting puppet fixes this issue, but we have to do it tons of puppet clients which is tedious. Since the node data is in the db, we could set a flag "restart_puppet = true" such that the next time the client checks in it will exec a "sleep 600 & /etc/init.d/puppet restart"
[2010/02/04 16:03:38] <mpdehaan> yeah so it seems the underlying problem is what we need to figure out
[2010/02/04 16:03:41] <mpdehaan> what sort of LDAP changes?
[2010/02/04 16:04:38] <Volcane> you used to be able to ask puppet to restart itself - like if it got TERM mid run it would restart at end of run, but that broke yonks ago
[2010/02/04 16:04:56] <mpdehaan> hmm, file a bug? Still want to understand why it is confused
[2010/02/04 16:05:01] <gwar9999> Most recently, the ldap conf was updated on some hosts and there was some weird issue with group ids. We were seeing errors like, "can't change group 1000 to 1000".
[2010/02/04 16:05:10] @ madduck joined channel #puppet
[2010/02/04 16:05:11] @ Quit: madduck: Changing host
[2010/02/04 16:05:11] @ madduck joined channel #puppet
[2010/02/04 16:05:17] <mpdehaan> "weird issue" seems to be the bug that needs to be filed
[2010/02/04 16:05:53] <gwar9999> I don't understand the ldap backend stuff to file a detailed bug. We did see it a few weeks ago too.
[2010/02/04 16:06:10] <mpdehaan> not trying to redirect you.... but yeah, we want to fix the problem not introduce a workflow where puppetd needs to be restarted
[2010/02/04 16:06:21] <mpdehaan> because that seems to be a sign of other oddness
[2010/02/04 16:06:26] <mpdehaan> sort of make sense?
[2010/02/04 16:06:28] <gwar9999> But I imagine there may be other cases when we want to restart puppet so even if the ldap bug is fixed it would be useful.
[2010/02/04 16:06:41] <mpdehaan> probably yeah
[2010/02/04 16:06:51] <mpdehaan> that would be more of a service task thing I think than an exec thing
[2010/02/04 16:06:55] <mpdehaan> wouldn't it?
[2010/02/04 16:07:08] <mpdehaan> but it would have to know it was itself
[2010/02/04 16:07:12] <mpdehaan> so, before we go there
[2010/02/04 16:07:16] <Volcane> puppetd needs to handle TERM signals like it used to
[2010/02/04 16:07:18] <mpdehaan> I really want to understand why we need that :)
[2010/02/04 16:07:27] <mpdehaan> yeah, make sure there's a bug on that I guess
[2010/02/04 16:07:56] <gwar9999> possibly, but if puppet tries to restart itself as a service I believe it issues a stop then start... but since the stop kills it, it can't run the followup start cmd.
[2010/02/04 16:08:03] <mpdehaan> but knowing /why/ it would need to restart itself is still what I am getting at
[2010/02/04 16:08:17] <mpdehaan> gwar9999, I know, yes, restart is not universal
[2010/02/04 16:08:40] <Volcane> gwar9999: in the past if it got TERM (like if you notify Service["pupetd"]) it would restart at the end of the run not immediately
[2010/02/04 16:09:16] <mpdehaan> Volcane, tell me why you need that though :)
[2010/02/04 16:09:24] <mpdehaan> not saying you don't, want to understand
[2010/02/04 16:09:37] @ Quit: skiold: Quit: skiold
[2010/02/04 16:09:40] <Volcane> mpdehaan: so you can restart puppet if u need to
[2010/02/04 16:09:43] <mpdehaan> why
[2010/02/04 16:09:46] <Volcane> mpdehaan: like if u want to set listen=true
[2010/02/04 16:09:47] <mpdehaan> that's what I want to know
[2010/02/04 16:09:53] <gwar9999> I'm not sure what other cases a restart would be useful, but certainly when we have some weird issue that we can't immediately figure out the first thing we try is a restart to see if it fixes it. Puppet errors aren't always useful and obvious.
[2010/02/04 16:09:54] <mpdehaan> ok there that makes sense, thanks :)
[2010/02/04 16:09:59] <mpdehaan> changing the config...
[2010/02/04 16:10:01] <Volcane> mpdehaan: which is a config option that doesnt take effect when it reparses config
[2010/02/04 16:10:03] <mpdehaan> gwar
[2010/02/04 16:10:14] <mpdehaan> gwar9999's case though... I think that is something else
[2010/02/04 16:10:58] <Volcane> mpdehaan: or just to combat memory leaks in a shedule :)
[2010/02/04 16:11:58] <mpdehaan> :)
[2010/02/04 16:12:03] <gwar9999> I was thinking of scheduling an "at" job to accomplish my "sleep + restart" but we disable atd on most systems :(
[2010/02/04 16:12:12] * Volcane just run from cron
[2010/02/04 16:12:35] <gwar9999> cron might be another hack on top of this hack :)
[2010/02/04 16:12:50] <Volcane> running from cron is much nicer
[2010/02/04 16:12:55] <Volcane> esp on older rubys
[2010/02/04 16:12:58] <mpdehaan> nod
[2010/02/04 16:13:10] <mpdehaan> on phone atm, will read scrollback
[2010/02/04 16:13:17] * nico is gonna switch to cron run for puppet too
[2010/02/04 16:13:27] <gwar9999> probably true since I never really use "at" but it popped into my mind.
[2010/02/04 16:13:50] <mpdehaan> will look into making that easier, look for thread later
[2010/02/04 16:14:28] <gwar9999> mpdehaan: are you now a puppet developer?
[2010/02/04 16:14:43] <eric0> gah i truly thought these boxes were jumpstarted and just needed post-js config from puppet. turns out they've got no image on them at all and have been sitting at the lom prompt for a week
[2010/02/04 16:14:52] <mpdehaan> product/community guy actually :)
[2010/02/04 16:14:58] <Volcane> gwar9999: he's the product manager, thats why he's happy to say he'll fix any/everything :P
[2010/02/04 16:15:13] <gwar9999> Volcane: too funny
[2010/02/04 16:15:33] @ Quit: cliff-hm: Ping timeout: 252 seconds
[2010/02/04 16:16:03] <jrojas> mpdehaan: so puppet will cure my rash?
[2010/02/04 16:16:27] <wfrancis> hello, I'm trying to figure out a way to have certain nodes run an immediate catalog run on demand, rather than having to ssh into them and run puppetd -t. Is this possible via the REST interface or some other api-like method?
[2010/02/04 16:16:43] <jrojas> wfrancis: check puppetrun
[2010/02/04 16:16:51] <mpdehaan> part of my job is getting you guys what you want fixed :)
[2010/02/04 16:16:56] @ Quit: madduck: Quit: leaving
[2010/02/04 16:16:59] <warreng> puppet vs. chef... which is better?
[2010/02/04 16:16:59] <mpdehaan> and seeing what comes up here a lot.
[2010/02/04 16:17:00] <mpdehaan> so yeah
[2010/02/04 16:17:09] <mpdehaan> warreng, batman
[2010/02/04 16:17:13] @ madduck joined channel #puppet
[2010/02/04 16:17:14] @ Quit: madduck: Changing host
[2010/02/04 16:17:14] @ madduck joined channel #puppet
[2010/02/04 16:17:17] <jrojas> warreng: robocop
[2010/02/04 16:17:44] <warreng> batman vs. robocop... who is better?
[2010/02/04 16:17:57] <jrojas> is robocop riding a unicorn?
[2010/02/04 16:18:04] @ Quit: madduck\|afk: Quit: leaving
[2010/02/04 16:18:13] <warreng> yes, but not one of the endangered ones
[2010/02/04 16:18:33] <jrojas> obviously robocop then. move along.
[2010/02/04 16:18:47] <warreng> okay, back to chef vs. puppet.... serious questions actually
[2010/02/04 16:19:02] <jrojas> it depends on your situation
[2010/02/04 16:19:04] <jrojas> try both.
[2010/02/04 16:19:22] <warreng> i'm setting up 6-8 servers to run a rails stack
[2010/02/04 16:19:36] <mpdehaan> no no don't try both, we are more awesome :)
[2010/02/04 16:19:36] <warreng> inclination is to go chef cause it's pure ruby
[2010/02/04 16:19:45] <mpdehaan> I will turn you into a newt
[2010/02/04 16:19:49] @ ppickfor joined channel #puppet
[2010/02/04 16:19:49] <mpdehaan> I have ops even
[2010/02/04 16:19:53] <mpdehaan> more seriously
[2010/02/04 16:19:57] <mpdehaan> much larger community here
[2010/02/04 16:20:12] <mpdehaan> more sysadmin oriented, rather than being just a class library that will devolve...
[2010/02/04 16:20:27] <warreng> what about out of the box support for..... nginx, haproxy, mysql, rabbitmq, monit, etc...
[2010/02/04 16:20:46] <warreng> alerts and monitoring are also something i need to figure out... monit vs. god?
[2010/02/04 16:20:48] <mpdehaan> those things are all driven by services and config files
[2010/02/04 16:21:00] <jrojas> mpdehaan: dont forget packages.
[2010/02/04 16:21:03] <jrojas> :)
[2010/02/04 16:21:05] <mpdehaan> and a lot of that is very very site specific
[2010/02/04 16:21:18] <nico> mpdehaan: Is there a "recipe" public repo github style planned ?
[2010/02/04 16:21:25] <mpdehaan> yes, I am working on it
[2010/02/04 16:21:31] <mpdehaan> see list over the last 2 days
[2010/02/04 16:21:31] <nico> cool
[2010/02/04 16:21:53] <jrojas> mpdehaan: you should have let puppet build it for you...
[2010/02/04 16:22:05] <mpdehaan> that is pretty much priority #1 for me... unify those 6 or 7 repos and make something we all can contribute to, all 1600+ of us here on the lists/IRC etc
[2010/02/04 16:22:05] <gepetto> mpdehaan: #1 is http://projects.reductivelabs.com/issues/show/1 "Puppet - Feature #1: Differentiate classes from definitions - ReductiveLabs.com"
[2010/02/04 16:22:14] * mpdehaan smacks gepetto
[2010/02/04 16:22:28] <mpdehaan> we don't serve droids here
[2010/02/04 16:22:46] @ Quit: poison: Remote host closed the connection
[2010/02/04 16:23:12] <warreng> mpdehaan: let's say i have 8 new servers and an optimal "stack" in mind... if i were to hire a chef/puppet expert contractor to setup the system from scratch, would one direction be better than the other? short term/long term/etc
[2010/02/04 16:23:30] <nico> mpdehaan: these are not these droids you are looking for
[2010/02/04 16:23:50] @ madduck__ joined channel #puppet
[2010/02/04 16:23:50] <mpdehaan> warreng, teyo is /quite/ awesome with regard to best practices and such. You should talk with him.
[2010/02/04 16:24:12] <mpdehaan> if you're looking to get some advice on that subject
[2010/02/04 16:24:23] <warreng> very much so...
[2010/02/04 16:24:27] <warreng> what is "reductive labs" ?
[2010/02/04 16:24:53] <mpdehaan> trying to be difficult or really don't know? Reductive writes Puppet.
[2010/02/04 16:25:04] <mpdehaan> we support Puppet. we also provide training/consulting services.
[2010/02/04 16:25:15] <nico> mpdehaan: btw, what's the thread ?
[2010/02/04 16:25:24] <wfrancis> jrojas: exactly what I was looking for, many thanks
[2010/02/04 16:25:29] <mpdehaan> nico, hold on, I'll get back with you in 15-20
[2010/02/04 16:25:34] @ brothers joined channel #puppet
[2010/02/04 16:25:50] <warreng> really don't know
[2010/02/04 16:25:50] <warreng> do they do consulting?
[2010/02/04 16:25:50] <warreng> or just puppet?
[2010/02/04 16:25:51] <warreng> sorry, strange way to ask question...
[2010/02/04 16:26:08] <mpdehaan> We are the company behind Puppet
[2010/02/04 16:26:19] <warreng> so you're part of reductive... is "teyo" as well?
[2010/02/04 16:26:21] <jbeez> dan been around irc lately?
[2010/02/04 16:26:24] <mpdehaan> yes, consulting around puppet + training + support. That is how we make money to pay for Puppet development.
[2010/02/04 16:26:37] <mpdehaan> Yes. He's our lead training/consulting person. Extremely sharp and can help you with all of that.
[2010/02/04 16:26:45] <mpdehaan> Fill out the form on the website and we can get back with you.
[2010/02/04 16:26:47] <jbeez> my company recently had puppet training w/ dan, also good
[2010/02/04 16:27:01] <mpdehaan> Indeed.
[2010/02/04 16:27:33] * nico couldn't be to the recent belgian training
[2010/02/04 16:27:43] <jrojas> hmm belgian training
[2010/02/04 16:27:47] <jrojas> that sounds fantastic
[2010/02/04 16:28:14] <pheezy> hey congrats mpdehaan!
[2010/02/04 16:34:37] <pheezy> on you joining puppet i mean, we're big users of cobbler + puppet here
[2010/02/04 16:34:55] <mpdehaan> good deal :)
[2010/02/04 16:36:49] @ poison joined channel #puppet
[2010/02/04 16:37:03] @ Quit: madduck__: Quit: leaving
[2010/02/04 16:39:26] <Insyte> Puzzling problem: Module "apache" contains "apache" class and "apache::module" define. The apache class installs apache and includes an apache2 service.
[2010/02/04 16:39:52] <Insyte> Another class includes "require apache" and later makes use of the "apache::module" definition.
[2010/02/04 16:40:18] <Insyte> Puppet throws this error:
[2010/02/04 16:40:19] <Insyte> Could not find dependent Service[apache2] for Exec[a2enmod_authnz_ldap] at /etc/puppet/dev/modules/apache/manifests/module.pp:8
[2010/02/04 16:40:56] @ madduck\|afk joined channel #puppet
[2010/02/04 16:41:27] <WALoeIII> anyone using puppetmaster behind passenger and having most of the static files served via Apache/nginx
[2010/02/04 16:41:47] <WALoeIII> I'm interested in your rewrite rules
[2010/02/04 16:42:33] <Volcane> WALoeIII: you're not including the class that has service{"apache2": ... }
[2010/02/04 16:42:44] <WALoeIII> wait what?
[2010/02/04 16:43:04] <Insyte> Volcane: Actually, the class that includes 'service{apache ...}' is being "require"d...
[2010/02/04 16:43:07] <WALoeIII> I ton't think that was directed at me
[2010/02/04 16:43:17] <Insyte> WALoeIII: Directed to me. Finger slip, I presume.
[2010/02/04 16:43:25] <Volcane> yeah sorry
[2010/02/04 16:43:32] @ Quit: madduck: Remote host closed the connection
[2010/02/04 16:43:33] <Volcane> Insyte: what version puppet?
[2010/02/04 16:43:36] <Insyte> 25.3
[2010/02/04 16:44:54] <Volcane> hmm, works for me, pastie your code
[2010/02/04 16:44:58] <Insyte> Wilco.
[2010/02/04 16:45:21] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=195
[2010/02/04 16:45:21] <gepetto> ::trac:: Whos Using Puppet edited @ http://reductivelabs.com/trac/puppet/wiki/WhosUsingPuppet?version=196
[2010/02/04 16:46:05] @ bitmonk is now known as batmonk
[2010/02/04 16:48:46] @ Quit: allsystemsarego: Quit: Leaving
[2010/02/04 16:49:11] @ madduck joined channel #puppet
[2010/02/04 16:50:30] <Insyte> Volcane: Pulled together from multiple modules, extraneous stuff stripped: http://paste2.org/p/649787
[2010/02/04 16:50:35] @ davidX- left channel #puppet ()
[2010/02/04 16:51:28] @ Quit: mverwijs: Quit: leaving
[2010/02/04 16:51:58] <Volcane> pls add errors
[2010/02/04 16:52:07] <gwar9999> mpdehaan: I echo the congrats... we use puppet & cobbler here too (I use func at home, fwiw)
[2010/02/04 16:52:07] <Insyte> ah, yes
[2010/02/04 16:52:39] @ yarihm joined channel #puppet
[2010/02/04 16:52:47] <Insyte> http://paste2.org/p/649789
[2010/02/04 16:53:14] @ Quit: danielbln: Quit: Leaving.
[2010/02/04 16:54:01] <mpdehaan> nico, sorry I'm back now
[2010/02/04 16:54:13] @ Djelibeybi joined channel #puppet
[2010/02/04 16:54:23] <mpdehaan> we were talking about common repos right?
[2010/02/04 16:54:24] <mpdehaan> http://groups.google.com/group/puppet-users/browse_thread/thread/35250746c9d4d407
[2010/02/04 16:55:22] @ Quit: tim\|imac: Quit: tim\|imac
[2010/02/04 16:55:28] <Volcane> Insyte: it's because you have foo::apache that require's apache, it gets confused
[2010/02/04 16:55:36] <Volcane> Insyte: if foo::bar require'd apache it would work
[2010/02/04 16:55:41] <Insyte> Ah.
[2010/02/04 16:55:44] <Insyte> D'oh
[2010/02/04 16:56:06] <Volcane> yeah able to reproduce
[2010/02/04 16:56:28] <Insyte> Easy fix. Thanks!
[2010/02/04 16:57:05] <cwebber> is there a way to have an optional parameter in a defined type?
[2010/02/04 16:57:10] <Volcane> instead of require apache, do include ::apache
[2010/02/04 16:57:28] <Volcane> and file a bug against require being lame and not supporting the ::apache syntax if u wanted
[2010/02/04 16:57:45] <Insyte> I was not aware of the ::apache syntax.
[2010/02/04 16:57:57] <Volcane> yeah its not great
[2010/02/04 16:58:16] <Insyte> Is it documented anywhere?
[2010/02/04 16:58:36] <Volcane> doubt it, there were some mailling list talk about it
[2010/02/04 16:58:43] <Insyte> ok
[2010/02/04 16:58:59] <Insyte> For now I'm going to rename my classes.
[2010/02/04 16:59:04] <Volcane> I'll make a bug about require
[2010/02/04 16:59:10] <Insyte> Cool, thanks.
[2010/02/04 17:03:58] <Volcane> #3150
[2010/02/04 17:03:59] <gepetto> Volcane: #3150 is http://projects.reductivelabs.com/issues/show/3150 "Puppet - Bug #3150: require does not support ::class syntax - ReductiveLabs.com"
[2010/02/04 17:08:55] @ Quit: themurph: Quit: themurph
[2010/02/04 17:10:30] @ jfreeman joined channel #puppet
[2010/02/04 17:10:37] @ Quit: jfreeman: Remote host closed the connection
[2010/02/04 17:11:06] @ themurph joined channel #puppet
[2010/02/04 17:11:50] <jbooth> Ugh. Fedora! Not only did they remove the RH-INPUT-1-Firewall chain thing (fine, it was probably a bad plan to start with), but iptables also now silently adds default options! What extra fun that is to support.
[2010/02/04 17:12:45] <Djelibeybi> jbooth: they're in /etc/sysconfig/iptables, IIRC.
[2010/02/04 17:12:51] <shenson> jbooth, /etc/sysconfig/iptables, there are some macros in there
[2010/02/04 17:12:55] @ jfreeman joined channel #puppet
[2010/02/04 17:13:13] <jbooth> No, no, that's not the problem.
[2010/02/04 17:14:05] <jbooth> My problem is when I send a particular iptables command string in, then iptables-save and look in the save it conviently added "--reject-with icmp-port-unreachable" to the string I had.
[2010/02/04 17:14:24] @ Quit: bug: Quit: bug
[2010/02/04 17:14:33] <jbooth> So now if I'm trying to detect if my rule got added... I have to special case for that --reject-with it adds.
[2010/02/04 17:14:42] <Djelibeybi> Ah
[2010/02/04 17:18:01] <WALoeIII> ssl_client_header = SSL_CLIENT_S_DN; ssl_client_verify_header = SSL_CLIENT_VERIFY
[2010/02/04 17:18:07] <WALoeIII> so having to put that in puppet.conf for puppetmasterd
[2010/02/04 17:18:14] <WALoeIII> is really poorly documented in /ext/rack/readme
[2010/02/04 17:18:16] <WALoeIII> hard to find!
[2010/02/04 17:21:15] <elasticdog> do you guys put /etc/puppet/ssl under version control, or ignore it?
[2010/02/04 17:21:50] @ Quit: uphillian: Quit: Leaving.
[2010/02/04 17:24:29] @ Quit: nanoz: Quit: leaving
[2010/02/04 17:25:20] <ezekiel> elasticdog: that might sortof depend on your architecture. Are you frequently spinning up "cloud" instances (like EC2/rackspace cloud), or is the architecture more static?
[2010/02/04 17:25:41] <Insyte> Good grief. I'm in dependency cycle hell.
[2010/02/04 17:26:07] @ Quit: lilmatt: Quit: lilmatt
[2010/02/04 17:26:28] <ezekiel> more: do you use re-purposable host names? or, are the machines named according to their purpose? this would affect the re-useability of the SSL certificates.
[2010/02/04 17:26:30] <elasticdog> ezekiel: it will be static
[2010/02/04 17:27:37] <elasticdog> ezekiel: clients would also have permanent hostnames, nothing short-lived
[2010/02/04 17:27:59] <elasticdog> so...in that case I'm guessing it would be best to keep ssl/ in version control?
[2010/02/04 17:28:08] <Volcane> just recreating them if/when you reinstall is probably much less hassle and quicker than trying to preserve them and arrange for them to be put on the machine before puppet runs
[2010/02/04 17:28:10] <ezekiel> then I, personally, would put them in version control or at least backup the public/private keys in a safe place
[2010/02/04 17:28:26] @ Quit: shenson: Quit: /me taps out
[2010/02/04 17:29:15] <Volcane> they dont service much purpose that you'd loose by just recreating them later if needed
[2010/02/04 17:29:33] @ twisla_ joined channel #puppet
[2010/02/04 17:29:42] <elasticdog> Volcane: if I had a server barf, then I'd have to re-sign each client when they tried to connect again, right?
[2010/02/04 17:30:18] <Volcane> yeah, but if they were in svn or whatever and u want to avoid resigning you'd need to first copy the keys back onto the box before unning puppet first time
[2010/02/04 17:30:26] @ themurph-work joined channel #puppet
[2010/02/04 17:30:31] @ Quit: twisla: Read error: Connection reset by peer
[2010/02/04 17:30:40] <ezekiel> I think he means if the puppetmaster dies, but none of the clients do
[2010/02/04 17:30:46] <eric0> i dont version control /etc/puppet/ssl , but i have the CA and master keys checked in under another path
[2010/02/04 17:31:00] <Volcane> ezekiel: ah right
[2010/02/04 17:31:06] @ Quit: ppickfor: Read error: No route to host
[2010/02/04 17:31:08] <elasticdog> eric0: what does keeping the master's keys do for you?
[2010/02/04 17:31:12] <Volcane> ezekiel: i just have the ca - not the machine certs
[2010/02/04 17:31:47] @ Quit: themurph: Quit: themurph
[2010/02/04 17:33:27] @ ppickfor joined channel #puppet
[2010/02/04 17:33:49] @ tyll joined channel #puppet
[2010/02/04 17:33:59] <ezekiel> elasticdog: it's a good point that as far as clients being re-installed, the re-use of certificates doesn't save much time given the simple nature of "puppetca"
[2010/02/04 17:34:06] <elasticdog> if you're re-signing anyway, what's the point of making sure you keep the master's certs?
[2010/02/04 17:34:26] <Volcane> elasticdog: if you loose the master and have the CA you dont need to redo all the clients
[2010/02/04 17:34:43] <ezekiel> if the puppetmaster's disks crash, I would like to restore backups and just keep running, but that's a different scenario than re-installing client systems
[2010/02/04 17:34:44] <elasticdog> Volcane: AHHHH, because they're already signed...that makes sense
[2010/02/04 17:35:18] <Volcane> yeah, it doesnt actually validate that certs match with ones on the master disk
[2010/02/04 17:35:22] <Volcane> it just checks its signed by the ca
[2010/02/04 17:35:39] <Volcane> so keep the ca (or share the ca by many masters) and it all just work
[2010/02/04 17:36:15] <ezekiel> and you can continue to sign new clients, too. Yeap, nice.
[2010/02/04 17:36:44] <elasticdog> so that would be everything under /etc/puppet/ssl/ca/ and the rest of the /etc/puppet/ssl/ stuff we can ignore?
[2010/02/04 17:37:01] <Volcane> yeah ssl/ca is all i copy to new masters
[2010/02/04 17:37:37] @ Quit: jcape: Ping timeout: 260 seconds
[2010/02/04 17:37:41] <elasticdog> aweseom...thanks for the advice all
[2010/02/04 17:37:43] <Volcane> but worth testing, havnt built new 0.25 masters things might have changed :)
[2010/02/04 17:37:50] <elasticdog> /aweseom/awesome/
[2010/02/04 17:43:20] @ Quit: madduck\|afk: Quit: Reconnecting
[2010/02/04 17:44:24] @ madduck_ joined channel #puppet
[2010/02/04 17:44:24] @ Quit: madduck_: Changing host
[2010/02/04 17:44:24] @ madduck_ joined channel #puppet
[2010/02/04 17:46:20] @ themurph joined channel #puppet
[2010/02/04 17:47:21] @ Quit: vad3R: Quit: vad3R
[2010/02/04 17:48:13] @ tonyskapunk left channel #puppet ()
[2010/02/04 17:49:38] @ Quit: pheezy: Remote host closed the connection
[2010/02/04 17:53:14] @ tonyskapunk joined channel #puppet
[2010/02/04 17:55:27] @ Pupeno joined channel #puppet
[2010/02/04 17:56:22] <Pupeno> If I want to be able to say "server1" is a webserver and a databaseserver; I must define webserver and databaserver as classes and include them, right? Because if I define them as nodes I can't inherit from both at the same time. Am I correct?
[2010/02/04 17:58:03] <fsweetser> right
[2010/02/04 17:58:20] <fsweetser> in general, inheritence is something you want to use sparingly anyway
[2010/02/04 17:58:31] @ xcrracer__ joined channel #puppet
[2010/02/04 17:59:08] @ Quit: xcrracer: Ping timeout: 256 seconds
[2010/02/04 17:59:11] <Pupeno> I'm thinking of creating a class like webserver, which then includes classes like apache, php, etc. Does that sound like a good strategy?
[2010/02/04 17:59:19] <fsweetser> yep
[2010/02/04 17:59:45] <Pupeno> Cool :)
[2010/02/04 17:59:46] <fsweetser> it's a good idea to design your classes to be self-sufficient, in that they make sure they pull in any dependencies on their own
[2010/02/04 18:00:06] @ Quit: dan__t: Ping timeout: 260 seconds
[2010/02/04 18:26:08] @ Quit: kaptk2: Quit: Leaving.
[2010/02/04 18:27:59] <Pupeno> Do you use puppet to create users ever?
[2010/02/04 18:28:26] @ lilmatt joined channel #puppet
[2010/02/04 18:36:45] @ Quit: Djelibeybi: Read error: Connection reset by peer
[2010/02/04 18:40:50] @ Quit: bobbyz: Ping timeout: 248 seconds
[2010/02/04 18:44:32] @ Quit: Robbie_: Quit: Leaving...
[2010/02/04 18:47:29] @ Djelibeybi joined channel #puppet
[2010/02/04 18:48:33] <murkk> if I am testing from the command how do I specify two directory paths for modules?
[2010/02/04 18:49:03] <murkk> --modulepath=/path/to/1,/path/to/2 does not seem to work
[2010/02/04 18:49:42] <Insyte> Shouldn't they be colon-separated?
[2010/02/04 18:50:11] <Insyte> --modulepath='/path/to/1:/path/to/2'
[2010/02/04 18:50:14] @ Quit: ccaum: Quit: ccaum
[2010/02/04 18:51:05] @ webx joined channel #puppet
[2010/02/04 18:53:01] <webx> I'm curious if anyone has developed an s3 provider which would allow use of AWS id/passkey and transfer files from s3 without them being open to the world
[2010/02/04 18:53:32] <webx> anyone know of anything like this?
[2010/02/04 18:54:34] <jrojas> webx: http://reductivelabs.com/trac/puppet/wiki/Recipes/AmazonWebService
[2010/02/04 18:55:00] <webx> mmm, nice
[2010/02/04 18:55:03] <webx> thanks much
[2010/02/04 18:55:11] <jrojas> google is your friend.
[2010/02/04 18:55:15] <webx> lol
[2010/02/04 18:55:20] <webx> I was in the process of that
[2010/02/04 18:55:28] <webx> sometimes it's easier to just ask
[2010/02/04 18:57:02] @ LinuxCode joined channel #puppet
[2010/02/04 18:57:06] @ Quit: malraid: Quit: malraid
[2010/02/04 18:57:16] @ bevege joined channel #puppet
[2010/02/04 18:59:03] @ Quit: notbrien: Quit: notbrien
[2010/02/04 19:03:15] @ Quit: GioGio: Ping timeout: 248 seconds
[2010/02/04 19:03:29] @ Quit: mqr: Quit: mqr
[2010/02/04 19:03:34] @ Quit: jab_doa: Quit: Verlassend
[2010/02/04 19:04:19] @ Quit: poison: Remote host closed the connection
[2010/02/04 19:05:33] @ Quit: ezmobius: Remote host closed the connection
[2010/02/04 19:08:33] @ Quit: yarihm: Quit: This computer has gone to sleep
[2010/02/04 19:15:10] @ Stuttergart_ joined channel #puppet
[2010/02/04 19:15:25] @ yarihm joined channel #puppet
[2010/02/04 19:15:54] <jamesturnbull> webx: no no it isn't easier - google knows all, google loves us all, google is the mother and the father... oh wait... stops drinking Kool Aid
[2010/02/04 19:16:18] <jrojas> jamesturnbull: have some more cake.
[2010/02/04 19:16:25] <jrojas> jamesturnbull: google baked it.
[2010/02/04 19:16:37] <Stuttergart_> Will someone please help me understand the difference between an "import" and and "include"?
[2010/02/04 19:17:06] <jrojas> import refers to files.
[2010/02/04 19:17:21] <jamesturnbull> Stuttergart_: and include refers to classes
[2010/02/04 19:17:28] <jrojas> cake.
[2010/02/04 19:17:34] <jamesturnbull> Google cake.
[2010/02/04 19:17:39] <jrojas> mmmm
[2010/02/04 19:18:04] <jamesturnbull> jrojas: you a Googler? you're European right?
[2010/02/04 19:18:19] <jamesturnbull> Stuttergart_: that make sense?
[2010/02/04 19:18:27] <Stuttergart_> sort of...
[2010/02/04 19:18:37] <Stuttergart_> so I'd probably only ever want to import in site.pp?
[2010/02/04 19:18:53] <Stuttergart_> for most everything else, I should just include
[2010/02/04 19:18:53] <jrojas> jamesturnbull: No, i already went. (im a californian, with roots from germany and england)
[2010/02/04 19:19:04] <Stuttergart_> otherwise...jeez, the namespace just gets all messy
[2010/02/04 19:19:08] @ Quit: tyll: Quit: leaving
[2010/02/04 19:19:46] <jamesturnbull> Stuttergart_: that's correct
[2010/02/04 19:19:52] <Stuttergart_> cool
[2010/02/04 19:19:55] <Stuttergart_> thx, guys!
[2010/02/04 19:20:09] <jamesturnbull> Stuttergart_: think about modules too
[2010/02/04 19:20:40] <LinuxCode> Stuttergart_, although puppet auto-imports modules now, when you include something from them
[2010/02/04 19:21:49] <Stuttergart_> hmm
[2010/02/04 19:22:46] @ bug joined channel #puppet
[2010/02/04 19:22:58] <jamesturnbull> Stuttergart_: so if you have external nodes and use modules you probably wouldn't use "import" at all
[2010/02/04 19:23:07] <jamesturnbull> Stuttergart_: I generally only import nodes.pp
[2010/02/04 19:23:16] <Stuttergart_> so I have a manifests/classes/users.pp where I'm trying to do some simple user management....
[2010/02/04 19:23:19] <Stuttergart_> http://pastebin.com/d45cf09d9
[2010/02/04 19:23:34] <Stuttergart_> Puppet is purging users with id < 500
[2010/02/04 19:23:39] <Stuttergart_> but not removing homedirs
[2010/02/04 19:24:03] <jamesturnbull> Stuttergart_: does the platform support maanging home dirs?
[2010/02/04 19:24:03] <Stuttergart_> I thought that setting the User type default for "managehome" would take care of that but....
[2010/02/04 19:24:30] <Stuttergart_> the manifest for this host includes the users class
[2010/02/04 19:25:12] <Stuttergart_> I have a single-node Puppet cluster at the moment
[2010/02/04 19:25:22] <Stuttergart_> I'm using Puppet to configure the puppetmaster
[2010/02/04 19:25:29] <Stuttergart_> it is a Linux virtual machine
[2010/02/04 19:25:33] <Stuttergart_> specifically, Ubuntu
[2010/02/04 19:26:41] <Stuttergart_> here's the manifests/nodes/<hostname>.pp
[2010/02/04 19:26:52] @ gwar9999 left channel #puppet ()
[2010/02/04 19:26:53] <murkk> Insyte: thanks
[2010/02/04 19:27:06] <Stuttergart_> http://pastebin.com/m1d801509
[2010/02/04 19:27:29] <Stuttergart_> I think the important part there is the "import users"
[2010/02/04 19:27:34] <Stuttergart_> oops
[2010/02/04 19:27:36] <Stuttergart_> "include users"
[2010/02/04 19:33:17] @ jcape joined channel #puppet
[2010/02/04 19:33:26] @ Quit: yarihm: Quit: This computer has gone to sleep
[2010/02/04 19:34:00] @ Quit: cynicismic: Quit: leaving
[2010/02/04 19:41:47] @ Quit: Stuttergart_: Quit: Leaving
[2010/02/04 19:42:57] @ madduck_ is now known as madduck\|afk
[2010/02/04 19:48:02] @ Quit: cwebber: Quit: cwebber
[2010/02/04 19:55:06] @ Quit: murkk: Ping timeout: 240 seconds
[2010/02/04 20:00:33] @ Quit: zipkid: Remote host closed the connection
[2010/02/04 20:05:37] @ rmiller4pi81 joined channel #puppet
[2010/02/04 20:05:49] @ Quit: rmiller4pi81: Client Quit
[2010/02/04 20:08:20] @ Quit: artista_frustrad: Ping timeout: 256 seconds
[2010/02/04 20:09:30] @ Quit: ahasenack: Quit: Leaving
[2010/02/04 20:09:42] @ Quit: rmiller4pi8: Ping timeout: 265 seconds
[2010/02/04 20:11:33] @ lak joined channel #puppet
[2010/02/04 20:11:39] @ Quit: lak: Client Quit
[2010/02/04 20:12:22] @ tonyskapunk left channel #puppet ()
[2010/02/04 20:16:24] @ Quit: wfrancis: Quit: wfrancis
[2010/02/04 20:16:26] @ Quit: giskard: Quit: Leaving...
[2010/02/04 20:20:13] @ artista_frustrad joined channel #puppet
[2010/02/04 20:21:16] @ sebas891 joined channel #puppet
[2010/02/04 20:24:46] @ Quit: artista_frustrad: Ping timeout: 256 seconds
[2010/02/04 20:25:46] @ Quit: tecto: Quit: tecto
[2010/02/04 20:26:24] @ boomshankerx joined channel #puppet
[2010/02/04 20:26:33] <ohadlevy> morning
[2010/02/04 20:26:49] @ Quit: boomshankerx: Client Quit
[2010/02/04 20:34:36] @ wfrancis joined channel #puppet
[2010/02/04 20:36:52] @ Quit: wfrancis: Client Quit
[2010/02/04 20:37:32] @ artista_frustrad joined channel #puppet
[2010/02/04 20:39:14] @ Quit: mpdehaan: Ping timeout: 246 seconds
[2010/02/04 20:39:32] @ Quit: lilmatt: Quit: lilmatt
[2010/02/04 20:41:29] @ Quit: jaredrhine: Ping timeout: 260 seconds
[2010/02/04 20:42:18] @ Quit: artista_frustrad: Ping timeout: 252 seconds
[2010/02/04 20:52:14] @ Quit: alfism: Quit: http://opensolaris.com/
[2010/02/04 20:54:17] @ artista_frustrad joined channel #puppet
[2010/02/04 20:58:36] @ tecto joined channel #puppet
[2010/02/04 20:58:37] @ Quit: tecto: Changing host
[2010/02/04 20:58:37] @ tecto joined channel #puppet
[2010/02/04 20:58:48] @ Quit: artista_frustrad: Ping timeout: 252 seconds
[2010/02/04 20:59:52] @ grelli left channel #puppet ()
[2010/02/04 21:04:26] @ cliff-hm joined channel #puppet
[2010/02/04 21:05:08] @ Quit: nigelk: Remote host closed the connection
[2010/02/04 21:05:15] @ nigelk joined channel #puppet
[2010/02/04 21:08:00] @ crashdummymch joined channel #puppet
[2010/02/04 21:12:20] @ Quit: WALoeIII: Ping timeout: 272 seconds
[2010/02/04 21:13:13] <ohadlevy> nigelk: I also have an issue that puppetmaster functions are synced to the clients
[2010/02/04 21:13:28] <ohadlevy> the more i think about it, I think I will not use plugin sync on the masters
[2010/02/04 21:13:33] <ohadlevy> just on the clients
[2010/02/04 21:13:39] <nigelk> why are functions synced to the clients?
[2010/02/04 21:13:56] <ohadlevy> if they are in the modules, they'll be synced
[2010/02/04 21:14:03] <nigelk> oh that. :)
[2010/02/04 21:14:34] <nigelk> I've just had to go through and switch all my 0.24.x clients to a new pluginsource puppet://$server/legacy_plugins
[2010/02/04 21:14:51] <nigelk> so that my 0.25.x servers will be able to work with 0.24 and 0.25 clients for pluginsync
[2010/02/04 21:15:13] <nigelk> (I was doing that hack of modules/plugins/files/... for plugins in environments syncing)
[2010/02/04 21:15:15] <ohadlevy> which is a normal fileserver? or did you create puppet:///legacy/$envir/plugin?
[2010/02/04 21:15:26] <nigelk> no, just a normal fileserver
[2010/02/04 21:15:47] @ Quit: themurph: Quit: themurph
[2010/02/04 21:15:47] <nigelk> turns out that hack of the module "plugins" breaks the automagic plugins mount for 0.25.x
[2010/02/04 21:15:53] <ohadlevy> the problem I see with sharing pluginsync between clients and servers is that in theory someon cran break my pm
[2010/02/04 21:16:26] <nigelk> why don't you have an extra module with your functions in it that only the puppetmasters have applied?
[2010/02/04 21:16:34] <ohadlevy> and the fact that many of my functions collect external data
[2010/02/04 21:16:40] <ohadlevy> thats more or less what I did
[2010/02/04 21:16:40] <nigelk> oh hang on... don't tell me it syncs lib/.. for every module, whether or not you include it?
[2010/02/04 21:16:53] <ohadlevy> i have a puppetmaster module
[2010/02/04 21:17:20] <ohadlevy> but, in some cases I do want to give the "module owners" the ability to create their own libs
[2010/02/04 21:17:25] <ohadlevy> which need to run on the pm
[2010/02/04 21:17:43] <nigelk> yeah. messy.
[2010/02/04 21:17:44] <ohadlevy> not in my setup, puppet autogen the env per host type, so it has only the right modules
[2010/02/04 21:18:10] <nigelk> I should test that. It's going to be a bit annoying if non-included modules lib dirs sync
[2010/02/04 21:18:25] <ohadlevy> is there any reason why have the functions on the clients?
[2010/02/04 21:18:31] @ themurph joined channel #puppet
[2010/02/04 21:18:45] <ohadlevy> beside if you use them with pure puppet
[2010/02/04 21:18:51] <nigelk> not in my world
[2010/02/04 21:19:00] <ohadlevy> which then the whole pluginsync is useless anyway
[2010/02/04 21:19:13] <nigelk> well that's a bit harsh
[2010/02/04 21:19:13] <ohadlevy> i think i should raise a new feature request
[2010/02/04 21:19:27] <nigelk> the pluginsync model is so much better for fact distribution
[2010/02/04 21:19:33] <ohadlevy> true
[2010/02/04 21:19:34] <nigelk> simply because it's inside the environment
[2010/02/04 21:19:52] <ohadlevy> but i think it needs another layer
[2010/02/04 21:20:03] <ohadlevy> e.g. constrain what should go to the server and what should go to the client
[2010/02/04 21:21:06] @ cwebber joined channel #puppet
[2010/02/04 21:21:35] @ Quit: crashdummymch: Ping timeout: 246 seconds
[2010/02/04 21:21:45] <nigelk> ohadlevy: it does sound like pluginsync is not how you should deliver these functions for your puppetmasters
[2010/02/04 21:21:52] <nigelk> why not put them in one of the other locations?
[2010/02/04 21:22:03] <nigelk> like in the puppetmaster $libdir via some other mechanism?
[2010/02/04 21:22:43] <nigelk> or package them as debs/rpms :)
[2010/02/04 21:23:06] <ohadlevy> (thats what I currently do) but what I like about modules, is that I can give full control to someone else to do what ever he thinks is needed for a certain topic, I don't want to give him access to the puppetmaster module
[2010/02/04 21:44:44] @ sebas891 left channel #puppet ()
[2010/02/04 21:51:05] @ jaredrhine joined channel #puppet
[2010/02/04 21:51:23] @ bodepd joined channel #puppet
[2010/02/04 21:55:46] @ WALoeIII joined channel #puppet
[2010/02/04 21:56:21] @ jcesario joined channel #puppet
[2010/02/04 22:07:42] @ Quit: noyb: Quit: noyb
[2010/02/04 22:08:47] @ noyb joined channel #puppet
[2010/02/04 22:10:08] @ Quit: WALoeIII: Quit: Bai.
[2010/02/04 22:10:58] @ Quit: noyb: Client Quit
[2010/02/04 22:13:23] @ Quit: jcape: Ping timeout: 246 seconds
[2010/02/04 22:15:15] @ Quit: StuZZZs: Ping timeout: 252 seconds
[2010/02/04 22:18:21] @ xcrracer joined channel #puppet
[2010/02/04 22:18:50] @ Quit: xcrracer_: Ping timeout: 272 seconds
[2010/02/04 22:19:11] @ StuZZZs joined channel #puppet
[2010/02/04 22:19:35] <ohadlevy> does anyone knows if its possible to change timezone in solaris without rebooting it?
[2010/02/04 22:20:48] @ artista_frustrad joined channel #puppet
[2010/02/04 22:21:49] @ Quit: nigelk: Ping timeout: 260 seconds
[2010/02/04 22:26:02] @ Quit: artista_frustrad: Ping timeout: 256 seconds
[2010/02/04 22:32:41] @ Quit: tecto: Ping timeout: 245 seconds
[2010/02/04 22:34:28] @ Quit: LinuxCode: Quit: Connection Closed
[2010/02/04 22:37:41] @ tecto joined channel #puppet
[2010/02/04 22:37:42] @ Quit: tecto: Changing host
[2010/02/04 22:37:42] @ tecto joined channel #puppet
[2010/02/04 22:38:03] @ artista_frustrad joined channel #puppet
[2010/02/04 22:40:31] @ Quit: jes5: Quit: Leaving.
[2010/02/04 22:43:02] @ Quit: artista_frustrad: Ping timeout: 256 seconds
[2010/02/04 22:46:55] @ mqr joined channel #puppet
[2010/02/04 22:49:59] @ Quit: batmonk: Quit: Leaving.
[2010/02/04 22:59:17] @ Quit: cwebber: Quit: cwebber
[2010/02/04 23:01:04] @ Quit: jaredrhine: Read error: Connection reset by peer
[2010/02/04 23:02:20] @ jaredrhine joined channel #puppet
[2010/02/04 23:11:56] @ Quit: thijso: Ping timeout: 256 seconds
[2010/02/04 23:12:33] @ Quit: bug: Quit: bug
[2010/02/04 23:13:57] @ thijso joined channel #puppet
[2010/02/04 23:14:56] @ cwebber joined channel #puppet
[2010/02/04 23:16:46] @ Quit: brothers: Remote host closed the connection
[2010/02/04 23:16:54] @ brothers joined channel #puppet
[2010/02/04 23:17:22] @ incommon_ike joined channel #puppet
[2010/02/04 23:18:13] @ Quit: jb: Read error: No route to host
[2010/02/04 23:18:35] <incommon_ike> Has puppet-dashboard been setup to run with postgres? I'm have issues with role 'root' with rake install and postgres
[2010/02/04 23:18:46] @ jb joined channel #puppet
[2010/02/04 23:19:20] <ohadlevy> incommon_ike: it runs only on mysql AFAIK
[2010/02/04 23:19:27] <ohadlevy> foreman runs on postgres ;)
[2010/02/04 23:19:36] @ Quit: themurph-work: Ping timeout: 252 seconds
[2010/02/04 23:19:49] @ jmslagle joined channel #puppet
[2010/02/04 23:20:21] @ bug joined channel #puppet
[2010/02/04 23:20:36] <incommon_ike> foreman was next on my list. I won't use the provisioning aspects as we're doing satellite/cobbler, but the reports are what I need
[2010/02/04 23:21:27] <ohadlevy> http://theforeman.org/wiki/foreman/FAQ#I-dont-want-to-use-Foreman-for-unattended-installations-can-I-disable-it
[2010/02/04 23:22:36] @ themurph-work joined channel #puppet
[2010/02/04 23:22:52] <ohadlevy> incommon_ike: if you run it on postgres, i think you better take the latest version (e.g. github master or daily snapshot) as there was a bug fixed with it
[2010/02/04 23:23:09] <incommon_ike> ohadlevy: thanks We're also going to do external nodes in ldap but this is what I need. Now I'll have something to do tomorrow in the great blizzard of DC.
[2010/02/04 23:23:25] <ohadlevy> incommon_ike: why ldap?
[2010/02/04 23:23:53] @ Quit: Djelibeybi: Ping timeout: 260 seconds
[2010/02/04 23:24:11] <incommon_ike> ties into our identity mgmt solution and gives us a multiple-master replication approach
[2010/02/04 23:24:52] <ohadlevy> incommon_ike: I aimed in that path in the begining, but later on I realized its easier (for me) on a sql kind of db,
[2010/02/04 23:24:58] <ohadlevy> ended up caching the yaml output on the masters
[2010/02/04 23:25:06] <ohadlevy> so if the db goes down, no biggie
[2010/02/04 23:25:47] <incommon_ike> hmmm....that's something to think about. at least with foreman and cobbler, I'll have options. grin.
[2010/02/04 23:25:55] <ohadlevy> yep
[2010/02/04 23:26:20] <ohadlevy> foreman has better integration with external nodes (IMHO) as it allows you to create variable grouping
[2010/02/04 23:26:26] <ohadlevy> similar to extlookup
[2010/02/04 23:27:27] <ohadlevy> and host groups
[2010/02/04 23:27:42] <incommon_ike> yeah. I've been setting up my puppet classes to use groups/roles and have that be added to the node. (i.e. WebServer role and Public zone)
[2010/02/04 23:28:12] <ohadlevy> yeah, that also works, ah, yeah, you can also define vars on your host groups
[2010/02/04 23:28:36] <ohadlevy> lets say you have an acl var
[2010/02/04 23:28:54] <ohadlevy> by default its no access
[2010/02/04 23:28:59] <ohadlevy> on one damain it has another value
[2010/02/04 23:29:02] <incommon_ike> that I need. as we like to configure networks and storage access that way
[2010/02/04 23:29:05] <ohadlevy> on another host group it could have another
[2010/02/04 23:29:15] <ohadlevy> and maybe for specific hosts it has something else
[2010/02/04 23:29:23] <incommon_ike> with cobbler we were using kickstart variables
[2010/02/04 23:29:53] <ohadlevy> http://theforeman.org/wiki/foreman/External_Nodes#Define-classes-and-variables-per-host
[2010/02/04 23:30:50] @ Djelibeybi joined channel #puppet
[2010/02/04 23:31:42] <ohadlevy> afk
[2010/02/04 23:31:55] <incommon_ike> i'm guessing that there's no RPM package for foreman? I know about the puppet recipe, but an rpm fits into our custom satellite channel.
[2010/02/04 23:32:04] @ Quit: Djelibeybi: Client Quit
[2010/02/04 23:34:04] @ Djelibeybi joined channel #puppet
[2010/02/04 23:35:11] @ incommon_ike left channel #puppet ()
[2010/02/04 23:49:09] @ jcape joined channel #puppet
[2010/02/04 23:52:22] @ Quit: Caomai: Quit: leaving

Generated by irclog2html.py 2.8 by Marius Gedminas - find it at mg.pov.lt!