Thursday, 2010-06-03

[2010/06/03 00:00:13] @ Log started by gepetto
[2010/06/03 00:00:13] @ pheezy joined channel #puppet
[2010/06/03 00:02:38] @ bodepd left channel #puppet ()
[2010/06/03 00:08:35] @ jhelwig joined channel #puppet
[2010/06/03 00:08:42] @ Quit: pheezy: Remote host closed the connection
[2010/06/03 00:09:10] @ Quit: carla: Quit: cyall
[2010/06/03 00:12:37] @ rcrowley joined channel #puppet
[2010/06/03 00:14:24] @ Quit: pinoyskull: Ping timeout: 264 seconds
[2010/06/03 00:15:25] @ pinoyskull joined channel #puppet
[2010/06/03 00:15:51] @ Quit: jason^: Ping timeout: 252 seconds
[2010/06/03 00:18:23] @ Quit: sebas891: Ping timeout: 265 seconds
[2010/06/03 00:19:21] * odyi wonders what Adam Jacobs will bring to Open Source Bridge tomorrow.
[2010/06/03 00:20:20] <odyi> I already know what PuppetLabs will probably be presenting. Will likely listen to the presentation anyway.
[2010/06/03 00:28:13] @ jason^ joined channel #puppet
[2010/06/03 00:28:13] @ Quit: jason^: Changing host
[2010/06/03 00:28:13] @ jason^ joined channel #puppet
[2010/06/03 00:34:46] @ Quit: ahuman: Remote host closed the connection
[2010/06/03 00:34:52] @ bodepd joined channel #puppet
[2010/06/03 00:34:59] @ Quit: bodepd: Client Quit
[2010/06/03 00:35:47] @ M- joined channel #puppet
[2010/06/03 00:48:35] @ Quit: jbooth: Ping timeout: 240 seconds
[2010/06/03 00:49:25] @ jbooth joined channel #puppet
[2010/06/03 00:52:44] @ OpenMedia left channel #puppet ()
[2010/06/03 00:53:16] @ giskard joined channel #puppet
[2010/06/03 00:57:52] @ Quit: Roksteady: Read error: Operation timed out
[2010/06/03 00:58:27] @ Roksteady joined channel #puppet
[2010/06/03 01:15:00] @ mrproper_ joined channel #puppet
[2010/06/03 01:15:04] <mrproper_> howdy all
[2010/06/03 01:16:06] <mrproper_> does anyone know of a nice way to do tag precedence? (ie i use a bunch of tags in a template file in one class, those tags come from other classes...but they usually only get picked up if i delcare the tags in the node itself)
[2010/06/03 01:24:07] @ andrew3 left channel #puppet ()
[2010/06/03 01:25:34] @ Chiku joined channel #puppet
[2010/06/03 01:31:28] <mrproper_> nvm found out if you need to use out of scope tags in a template, you can use <% if all_tags.include?("tagname") %> instead of tags.include
[2010/06/03 01:38:47] <mrproper_> actually that still has precedence problems. ie depending where a class is included changes if a tag is available to another class....is there anyway around that?
[2010/06/03 01:40:30] @ fredden left channel #puppet ("Leaving")
[2010/06/03 01:59:15] @ Quit: giskard: Remote host closed the connection
[2010/06/03 02:10:43] @ kolla joined channel #puppet
[2010/06/03 02:12:08] @ Welsh_Dwarf joined channel #puppet
[2010/06/03 02:22:01] @ Quit: jason^: Quit: leaving
[2010/06/03 02:29:41] @ PsychoSid joined channel #puppet
[2010/06/03 02:32:48] @ Quit: herdingcat: Read error: Connection reset by peer
[2010/06/03 02:38:05] @ Quit: RageLink: Quit: up up and away
[2010/06/03 02:38:44] @ RageLink joined channel #puppet
[2010/06/03 02:43:46] @ sdog joined channel #puppet
[2010/06/03 02:43:51] @ Quit: kolla: Remote host closed the connection
[2010/06/03 02:46:12] @ thdem joined channel #puppet
[2010/06/03 02:48:08] @ tuvyz is now known as tuv
[2010/06/03 02:48:24] @ Quit: thdem: Client Quit
[2010/06/03 02:49:23] @ Quit: sdog: Changing host
[2010/06/03 02:49:23] @ sdog joined channel #puppet
[2010/06/03 02:59:45] @ Quit: enoch2038: Ping timeout: 252 seconds
[2010/06/03 03:00:02] @ emarshall joined channel #puppet
[2010/06/03 03:10:49] @ kolla joined channel #puppet
[2010/06/03 03:12:36] @ giskard joined channel #puppet
[2010/06/03 03:21:03] @ Quit: morphic: Ping timeout: 260 seconds
[2010/06/03 03:21:43] @ bronto joined channel #puppet
[2010/06/03 03:29:33] @ gaveen joined channel #puppet
[2010/06/03 03:31:42] <ohadlevy> any deb packaging experts around?
[2010/06/03 03:32:26] @ Quit: kolla: Remote host closed the connection
[2010/06/03 03:32:35] @ adsadad joined channel #puppet
[2010/06/03 03:35:50] @ littleidea joined channel #puppet
[2010/06/03 03:40:07] @ jab_doa joined channel #puppet
[2010/06/03 03:43:24] @ TREllis joined channel #puppet
[2010/06/03 03:44:50] @ erlingre joined channel #puppet
[2010/06/03 03:51:07] <hMz> anyone know whats up with 'No format match the given format name or mime-type (text/html)' ?
[2010/06/03 03:55:36] @ allsystemsarego joined channel #puppet
[2010/06/03 03:55:53] @ Quit: adsadad: Ping timeout: 265 seconds
[2010/06/03 03:56:57] @ Quit: Maliuta: Ping timeout: 252 seconds
[2010/06/03 03:57:31] @ Maliuta joined channel #puppet
[2010/06/03 04:05:29] @ mauve joined channel #puppet
[2010/06/03 04:12:40] @ benoit_ joined channel #puppet
[2010/06/03 04:14:08] @ Quit: jfreeman: Read error: Connection reset by peer
[2010/06/03 04:20:32] <masterzen> ohadlevy: I'm no expert, but I already packaged some debs.
[2010/06/03 04:27:46] <matti> Hi masterzen
[2010/06/03 04:27:53] <masterzen> matti: hi
[2010/06/03 04:30:06] <jamesturnbull> matti: hey - feeling better?
[2010/06/03 04:30:13] <matti> Hi jamesturnbull :)
[2010/06/03 04:30:26] <matti> jamesturnbull: Yes. Thank you for asking :)
[2010/06/03 04:30:58] <jamesturnbull> matti: good to hear
[2010/06/03 04:31:13] <matti> :-)
[2010/06/03 04:32:11] <zipkid> Is there a known problem/bug with ssh_authorized_key not respecting require => User["x"] ? i consistently get the error it can not be created because the user does not exist yet, despit teh require
[2010/06/03 04:32:56] <zipkid> my users and ssh_authorized_keys are virtual resources that i realise in on call to realize()
[2010/06/03 04:33:26] <jamesturnbull> zipkid: that would be an unusual bug
[2010/06/03 04:33:38] <zipkid> jamesturnbull: but i have it.....
[2010/06/03 04:33:59] <jamesturnbull> zipkid: some kidn of ordering issue? is the user realised before the ssh resource?
[2010/06/03 04:34:50] @ Quit: emarshall: Quit: emarshall
[2010/06/03 04:34:51] <zipkid> as i say realise( User['x'], Ssh_authorized_key['key_for_x'] )
[2010/06/03 04:35:00] <zipkid> is that wrong?
[2010/06/03 04:35:35] <zipkid> actually 8 users with their keys...
[2010/06/03 04:35:56] <zipkid> it consistently tries to creat the last key in the list first.....
[2010/06/03 04:36:09] <jamesturnbull> zipkid: hmmm and if you require in the ssh resource it should create the user first unless it wants you to realise the user first and then the resource
[2010/06/03 04:36:36] * jamesturnbull is trying to visualise how the realise code works
[2010/06/03 04:36:57] @ Quit: zeroXten: Quit: leaving
[2010/06/03 04:37:38] @ zeroXten joined channel #puppet
[2010/06/03 04:39:42] * Volcane avoids virtual resources, ordering is just all over the place wrt them
[2010/06/03 04:39:47] <jamesturnbull> zipkid: I'd try an realise the user first and see what happens - maybe it is an order issue
[2010/06/03 04:40:24] @ Quit: littleidea: Quit: littleidea
[2010/06/03 04:41:47] <zipkid> how can i guarantee the user realize will happen before the sshkey realize if they are in the same class?
[2010/06/03 04:42:03] <masterzen> zipkid: this sounds like an issue in 0.24.8. What version of puppet are you running?
[2010/06/03 04:42:22] <zipkid> 0.25.4 on the server
[2010/06/03 04:43:03] <zipkid> this client is 0.24.8 but i think i hae the same probs on 0.25.4 clients
[2010/06/03 04:43:39] <masterzen> zipkid: I'm sure this was a 0.24.8 issue
[2010/06/03 04:44:15] <zipkid> masterzen: even if the server is 0.25?
[2010/06/03 04:45:20] <masterzen> zipkid: remember that's puppetd that applies the manifests and use the type. IMHO that's the 0.24.8 client that is at fault.
[2010/06/03 04:46:55] <zipkid> masterzen: ok, i'll have to see if i have this problem elsewhere....
[2010/06/03 04:47:20] <jamesturnbull> masterzen: #2084?
[2010/06/03 04:47:21] <gepetto> jamesturnbull: masterzen: #2084 is http://projects.puppetlabs.com/issues/show/2084 "Puppet - Feature #2084: Realize a resource automatically when required by something else - PuppetLabs.com"
[2010/06/03 04:47:56] <masterzen> jamesturnbull: I'm sure we have a specific ssh_authorized_keys issue entered, but I can't find it :(
[2010/06/03 04:48:19] <masterzen> jamesturnbull: zipkid: #2487
[2010/06/03 04:48:19] <gepetto> masterzen: jamesturnbull: #2487 is http://projects.puppetlabs.com/issues/show/2487 "Puppet - Bug #2487: ssh_authorized_key ignores metaparameter require - PuppetLabs.com"
[2010/06/03 04:49:55] <zipkid> ok, thanks masterzen & jamesturnbull . I must be wrong about .25 clients having it.... i'll check again.
[2010/06/03 04:50:05] <jamesturnbull> oh that
[2010/06/03 04:50:06] <jamesturnbull> hmmm
[2010/06/03 04:56:35] <Volcane> meh. really need some actual devs who know git to teach me :P
[2010/06/03 04:56:52] <tim\|mac> Volcane: I got the same problem
[2010/06/03 04:57:35] * zipkid is learning git by doing it.... :-)
[2010/06/03 04:58:04] <Volcane> like i get it and all, but its niggly bits like how to properly merge in contributed code - i like squashing htem but then they arent proper merges in graph outputs etc
[2010/06/03 04:59:12] <jamesturnbull> Volcane: Pro Git book
[2010/06/03 04:59:18] <tim\|mac> i always have problems with conflicts and the like
[2010/06/03 04:59:18] <jamesturnbull> Volcane: it's free and good
[2010/06/03 04:59:24] <Volcane> yeah going throgh that - have pdf and paper
[2010/06/03 04:59:36] <jamesturnbull> ebase is your friend
[2010/06/03 04:59:39] <jamesturnbull> rebase even
[2010/06/03 05:00:20] <Volcane> i love the branching and speed and all, and that your working dir can move between branches easily so say configs to make it work in my test env stays put
[2010/06/03 05:00:30] <Volcane> but still some way to go with proper merging techniques
[2010/06/03 05:01:49] <jamesturnbull> Volcane: the way we do it with puppet works well - we stole that from the linux kernel guys
[2010/06/03 05:01:53] <bronto> is there a way to tell in a conditional if it is evaluated in a certain class or not?
[2010/06/03 05:01:55] <jamesturnbull> Volcane: also git stash is awesome
[2010/06/03 05:02:35] <Volcane> jamesturnbull: how do you do it? is there a workflow doc up somewhere?
[2010/06/03 05:02:38] <bronto> like class => 'xyz' { do this }, default => { do that }
[2010/06/03 05:04:06] <Volcane> bronto: if defined(Class["foo"]) however its order dependant so not of much use
[2010/06/03 05:04:33] <bronto> Volcane: hmmmmmmm... so bad...
[2010/06/03 05:04:57] <ohadlevy> jamesturnbull: i dont like stash, i keep on stashing and never remember to fetch it back
[2010/06/03 05:05:36] * ohadlevy like rebase -i
[2010/06/03 05:06:16] <Volcane> now that I've used git a week or so I think the git book will also make a lot more sense, so will give it a go soon as this damn release is out
[2010/06/03 05:06:26] <tim\|mac> bronto: that should be fixed in 2.6 though
[2010/06/03 05:06:59] <Volcane> tim\|mac: nope :(
[2010/06/03 05:07:05] <bronto> tim\|mac: ? you mean 0.26?
[2010/06/03 05:07:15] <Volcane> tim\|mac: the fix didnt make it
[2010/06/03 05:07:25] <tim\|mac> Volcane: oh? shit :(
[2010/06/03 05:07:28] <Volcane> yeah
[2010/06/03 05:07:38] <tim\|mac> bronto: there's a renumbering planned, next version is 0.2.6
[2010/06/03 05:07:41] @ Quit: freshtonic: Quit: freshtonic
[2010/06/03 05:08:02] <tim\|mac> or 2.6 without the 0?
[2010/06/03 05:08:05] <tim\|mac> i forgot
[2010/06/03 05:08:22] <tim\|mac> rowlf, anyway
[2010/06/03 05:08:25] <bronto> tim\|mac: ah, OK
[2010/06/03 05:08:41] <ohadlevy> masterzen: in a deb package, can i use some of the files from the original tar (e.g. config files) or they must be in the debian dir?
[2010/06/03 05:09:19] <zipkid> tim\|mac: 2.6 see http://www.flickr.com/photos/zipkid/4662815633/in/set-72157624064215965/
[2010/06/03 05:09:52] <tim\|mac> bronto: there's your proof that I'm not screwing you around about it ;-)
[2010/06/03 05:11:45] @ tools_ left channel #puppet ()
[2010/06/03 05:12:19] <masterzen> ohadlevy: if your debian/rules copies them to the debian root (usually debian/tmp or debian/packagename) and they are referenced into dirs or files, then they'll be kept.
[2010/06/03 05:12:48] <masterzen> ohadlevy: if they are handled by the upstream makefile (called usually from debian/rules), that also works
[2010/06/03 05:12:58] <sdog> tim\|mac: hey luke's talk was on thursday .. you have no excueses not to remember that :)
[2010/06/03 05:13:01] <ohadlevy> masterzen: thanks, need to improve my debian foo
[2010/06/03 05:13:21] <masterzen> ohadlevy: the debian new maintainer guide is quite nice
[2010/06/03 05:14:04] * masterzen likes rebase -i, add -i, add -p, rerere
[2010/06/03 05:14:12] <bronto> tim\|mac: eheh :)
[2010/06/03 05:14:35] <tim\|mac> sdog: I was late, remember? :P
[2010/06/03 05:15:11] <zipkid> wtf... enabling storeconfigs and getting this many times DEPRECATION WARNING: metaclass is deprecated and will be removed from Rails 2.3 (use singleton_class instead). (called from meta_eval at /usr/lib64/ruby/site_ruby/1.8/puppet/util/metaid.rb:4)
[2010/06/03 05:16:21] <zipkid> http://pastie.org/990239
[2010/06/03 05:16:29] <kjetilho> zipkid: known bug
[2010/06/03 05:16:29] <sdog> tim\|mac: no I don't remember :) but I understand .. you come from a developing country :)
[2010/06/03 05:16:58] <Volcane> lol
[2010/06/03 05:16:59] <sdog> zipkid: lap .. you been taking pictures of mee again dude :)
[2010/06/03 05:17:00] <tim\|mac> sdog: no, your belgian roads are way too congested :P it took us an hour to get around Brussels
[2010/06/03 05:17:19] <zipkid> sdog: sadly....
[2010/06/03 05:17:35] <zipkid> tim\|mac: as if .nl is better.....
[2010/06/03 05:17:39] <sdog> tim\|mac: wtf were you doing in BXL ? :)
[2010/06/03 05:18:37] <tim\|mac> sdog: we started out near Maastricht and our GPS told us to drive via Brussels... don't ask me why... I wanted to go via Antwerp, but the GPS won the discussion
[2010/06/03 05:18:46] <tim\|mac> blame the TomTom guys :P
[2010/06/03 05:18:58] <tim\|mac> zipkid: I didn't say it was better here :P
[2010/06/03 05:20:58] <zipkid> hey.... i just installed rails 2.3 and get http://pastie.org/990239 each time i start puppetmaster or puppetd ...
[2010/06/03 05:21:21] <sdog> zipkid: btw.. what about you tweet about your #puppetcamp pics ;)
[2010/06/03 05:21:36] <zipkid> sdog: what about it?
[2010/06/03 05:21:37] @ cynicismic joined channel #puppet
[2010/06/03 05:25:06] @ LinuxCode joined channel #puppet
[2010/06/03 05:37:50] @ Quit: ryanc_: Ping timeout: 258 seconds
[2010/06/03 05:38:20] @ ryanc_ joined channel #puppet
[2010/06/03 05:38:55] <zipkid> anyone an idea about my rails warning?
[2010/06/03 05:40:54] @ vachon joined channel #puppet
[2010/06/03 05:46:57] @ vachon left channel #puppet ()
[2010/06/03 05:47:54] @ thdem joined channel #puppet
[2010/06/03 05:58:25] @ nexx joined channel #puppet
[2010/06/03 06:05:17] @ Quit: erlingre: Ping timeout: 248 seconds
[2010/06/03 06:10:51] @ thegcat joined channel #puppet
[2010/06/03 06:14:03] @ Quit: jab_doa: Quit: Verlassend
[2010/06/03 06:22:33] @ gebi joined channel #puppet
[2010/06/03 06:22:33] @ omry\|work joined channel #puppet
[2010/06/03 06:22:40] @ thuglife joined channel #puppet
[2010/06/03 06:22:46] <thuglife> hi
[2010/06/03 06:24:59] <thuglife> http://pastebin.ca/1876533
[2010/06/03 06:25:20] <thuglife> is there any way to do what i would like that code to do? append 3 to the variable before doing the notice
[2010/06/03 06:26:50] <zipkid> thuglife: use class a inherits class b { ... }
[2010/06/03 06:27:00] <zipkid> oops
[2010/06/03 06:27:40] <zipkid> class b inherits class a { } loose the require b and only include b in default
[2010/06/03 06:27:58] <zipkid> ah...
[2010/06/03 06:28:16] <zipkid> wait... you cannot re-assig vars in puppet at all....
[2010/06/03 06:28:26] <zipkid> so you can not do this....
[2010/06/03 06:29:00] <zipkid> if txt were an option of a virtual resource you could...
[2010/06/03 06:29:03] <thuglife> http://pastebin.ca/1876535
[2010/06/03 06:29:05] <thuglife> this works
[2010/06/03 06:30:08] <zipkid> yea, but that is a different var...
[2010/06/03 06:30:11] <thuglife> yeah
[2010/06/03 06:44:28] @ Quit: fluxdud3: Changing host
[2010/06/03 06:44:28] @ fluxdud3 joined channel #puppet
[2010/06/03 06:44:32] @ fluxdud3 is now known as fluxdude
[2010/06/03 06:58:56] @ Quit: julez: Ping timeout: 276 seconds
[2010/06/03 07:00:30] @ Quit: omry\|work: Remote host closed the connection
[2010/06/03 07:02:29] @ Ramonster joined channel #puppet
[2010/06/03 07:08:13] @ Quit: gaveen: Quit: Leaving
[2010/06/03 07:09:02] @ malikai joined channel #puppet
[2010/06/03 07:11:48] @ julez joined channel #puppet
[2010/06/03 07:16:48] @ Quit: narq: Ping timeout: 276 seconds
[2010/06/03 07:30:42] @ gaveen joined channel #puppet
[2010/06/03 07:36:36] @ Quit: alexine_dsouza: Read error: Connection reset by peer
[2010/06/03 07:41:58] <zipkid> with exported resources, how could i create a file on one host with all the fqdn's of all he other hosts?
[2010/06/03 07:42:13] <Volcane> with great difficulty
[2010/06/03 07:42:22] <zipkid> Volcane: i'm excited!
[2010/06/03 07:42:37] <Volcane> unfortunatly exported resources doent enable the most obvious use case sigh
[2010/06/03 07:42:44] <zipkid> i guess making a file for each fqdn is easy...
[2010/06/03 07:42:56] <Volcane> you would essentially need to make file per fqdn and concat them - exporting the snippets from the nodes
[2010/06/03 07:42:58] <zipkid> Volcane: you mean , no looping ?
[2010/06/03 07:43:30] <Volcane> zipkid: yeah basicaly just what you said - make array of hosts with such and such resource
[2010/06/03 07:43:39] <zipkid> indeed....
[2010/06/03 07:46:50] @ Quit: f3ew: Read error: Connection reset by peer
[2010/06/03 07:46:53] @ f3ew_ joined channel #puppet
[2010/06/03 07:48:17] @ Quit: benoit_: Ping timeout: 272 seconds
[2010/06/03 07:52:34] <ohadlevy> zipkid, why not simply using foreman query interface?
[2010/06/03 07:52:54] <zipkid> ohadlevy: because we use Puppet-Dashboard.....
[2010/06/03 07:54:50] <ohadlevy> zipkid: sorry, i thought you were using foreman..
[2010/06/03 07:55:09] <zipkid> ohadlevy: i tested it on my private servers.
[2010/06/03 08:01:46] @ thuglife left channel #puppet ()
[2010/06/03 08:07:52] <malikai> how does one go about importing their nodes/classes configuration into dashboard?
[2010/06/03 08:08:34] <malikai> i got a fresh dashboard install here and i'm at a loss for how to bring my stuff in..
[2010/06/03 08:11:45] <ohadlevy> malikai: i think you can import the old reports
[2010/06/03 08:11:55] @ Quit: f3ew_: Remote host closed the connection
[2010/06/03 08:12:27] <malikai> i've never had dashboard on this box before.. i'm just trying it out now.. would i even have reports?
[2010/06/03 08:12:46] @ f3ew joined channel #puppet
[2010/06/03 08:13:31] <ohadlevy> malikai, the reports are from your master (if they were enabled)
[2010/06/03 08:14:26] <malikai> oh, so i need to tell dashboard where all that stuff is
[2010/06/03 08:14:50] <masterzen> zipkid: regarding your use-case of storedconfigs, I'm usually exporting fragments which are concatenated on the collecting hosts (using sth like Volcane concat or DavidS concatenate_file makes this easy).
[2010/06/03 08:14:52] <ohadlevy> malikai: I'm not 100% sure (as I don't use it)
[2010/06/03 08:15:32] @ Quit: axisys: Remote host closed the connection
[2010/06/03 08:16:10] <malikai> ohadlevy, that's ok.. thanks for the info anyhow.. at least i have a place to look now.. :)
[2010/06/03 08:17:21] @ axisys joined channel #puppet
[2010/06/03 08:23:03] @ Quit: pinoyskull: Ping timeout: 264 seconds
[2010/06/03 08:24:54] @ sideshow joined channel #puppet
[2010/06/03 08:25:05] <zipkid> thx masterzen
[2010/06/03 08:26:49] @ sdog left channel #puppet ()
[2010/06/03 08:28:38] <sideshow> hi, i would like to update CentOS 5 with Puppet and i've got an error message, can help ? this is a like : http://paste.debian.net/75980/
[2010/06/03 08:29:23] <bhearsum> sideshow: try running the command by hand, see what it returns and if there's an error message
[2010/06/03 08:29:34] <sideshow> by hand i ok
[2010/06/03 08:29:38] <sideshow> no error messae
[2010/06/03 08:29:54] <bhearsum> oh, weird
[2010/06/03 08:30:03] <bhearsum> try running with --debug --evaltrace on the client
[2010/06/03 08:30:25] <sideshow> ok i'll try it
[2010/06/03 08:32:24] <sideshow> maybe the path is wrong ???
[2010/06/03 08:32:43] <bhearsum> maybe
[2010/06/03 08:33:19] <sideshow> does puppet force when yum demand "Is this ok [y/N]"?
[2010/06/03 08:33:51] <bhearsum> not when run through exec
[2010/06/03 08:34:13] <sideshow> ok
[2010/06/03 08:34:14] <bhearsum> i think you need -y
[2010/06/03 08:34:25] <sideshow> what is this option ?
[2010/06/03 08:34:36] <bhearsum> have a look at the yum manpage
[2010/06/03 08:34:44] <sideshow> yep
[2010/06/03 08:34:51] <sideshow> thank for your help
[2010/06/03 08:35:14] <bhearsum> np
[2010/06/03 08:36:07] @ benoit_ joined channel #puppet
[2010/06/03 08:36:33] <sideshow> bhearsum:it's works, thanx
[2010/06/03 08:36:54] <bhearsum> hooray
[2010/06/03 08:37:56] <sideshow> don't joke with me ;-)
[2010/06/03 08:38:13] @ Quit: M-: Quit: Leaving
[2010/06/03 08:42:18] @ morphic joined channel #puppet
[2010/06/03 08:42:33] @ Quit: morphic: Read error: Connection reset by peer
[2010/06/03 08:43:03] @ Quit: sideshow: Quit: Page closed
[2010/06/03 08:44:57] @ reyjrar joined channel #puppet
[2010/06/03 08:45:51] @ [GuS] joined channel #puppet
[2010/06/03 08:49:52] @ joe-mac1 left channel #puppet ()
[2010/06/03 08:53:21] @ joe-mac1 joined channel #puppet
[2010/06/03 08:55:00] @ shenson joined channel #puppet
[2010/06/03 08:59:29] @ itguru joined channel #puppet
[2010/06/03 08:59:30] @ Quit: benoit_: Ping timeout: 276 seconds
[2010/06/03 09:01:04] @ cliff-hm joined channel #puppet
[2010/06/03 09:13:43] @ benoit_ joined channel #puppet
[2010/06/03 09:15:57] @ Quit: sclamage: Ping timeout: 258 seconds
[2010/06/03 09:18:58] @ Quit: gebi: Remote host closed the connection
[2010/06/03 09:19:59] @ carla joined channel #puppet
[2010/06/03 09:20:41] @ Quit: joe-mac1: Ping timeout: 265 seconds
[2010/06/03 09:22:23] @ emarshall joined channel #puppet
[2010/06/03 09:22:48] @ Quit: shenson: Quit: /me taps out
[2010/06/03 09:28:09] @ joe-mac1 joined channel #puppet
[2010/06/03 09:38:12] @ Quit: Determinist: Remote host closed the connection
[2010/06/03 09:41:32] <zeroXten> i have a PAM module, i have an sshd module... where in which module do i put the /etc/pam.d/sshd file?
[2010/06/03 09:42:34] <Volcane> the pam module has a define used to put new files down in the pam directory - and do any notifies it needs to do when new ones arrive
[2010/06/03 09:42:42] <Volcane> the ssh module use the define to pass data into the pam modules 'domain' so to speak
[2010/06/03 09:42:59] <tim\|mac> one layer higher
[2010/06/03 09:43:00] @ shenson joined channel #puppet
[2010/06/03 09:43:06] @ shenson left channel #puppet ()
[2010/06/03 09:43:15] @ shenson joined channel #puppet
[2010/06/03 09:43:22] <Volcane> tim\|mac: yeah?
[2010/06/03 09:43:22] <tim\|mac> we use generic modules for generic stuff and then a "glue" module to glue the pieces together
[2010/06/03 09:43:33] <tim\|mac> that way the generic stuff can stay... generic
[2010/06/03 09:43:37] <zeroXten> hmm
[2010/06/03 09:43:45] <zeroXten> any examples online?
[2010/06/03 09:43:57] <Volcane> tim\|mac: yeah I'd probably make a class for the ssh bit, and then include the class in appropriate role classes, client classes etc
[2010/06/03 09:44:09] <tim\|mac> I talked about that with Alessandro and DavidS at puppetcamp, but they thought it was too complicated... so I might be wrong :)
[2010/06/03 09:44:29] <Volcane> tim\|mac: but the main point i want ppl to get is that one module anages pam, and should make utility defines available for interacting with it
[2010/06/03 09:44:48] <tim\|mac> zeroXten: not yet, but I'm finishing off some modules as we spreak... so I'll probably publish a bunch of stuff including a blog post about my concept next week
[2010/06/03 09:45:06] <zeroXten> tim\|mac: cool, whats your blog?
[2010/06/03 09:45:21] <tim\|mac> Volcane: true that, but I'd recommend a glue module to actually decide which utility defines to use
[2010/06/03 09:45:28] <tim\|mac> zeroXten: blog.kumina.nl, company blog though
[2010/06/03 09:45:49] <zeroXten> oh cool, where in NL are you?
[2010/06/03 09:45:58] @ Quit: z00dax: Quit: leaving
[2010/06/03 09:46:01] @ Quit: bronto: Quit: Leaving.
[2010/06/03 09:46:05] <tim\|mac> Eindhoven, currently :) but I live in Zuid Limburg, near Sittard
[2010/06/03 09:46:25] <Volcane> tim\|mac: sure like we designed recently if you had say multiple ways to talk to pam - replace pam with some other pam, in this case probably not.
[2010/06/03 09:46:31] * zeroXten tries to remember if he ever went to Eindhoven
[2010/06/03 09:47:06] * zipkid went to Best a bunch of times ...
[2010/06/03 09:48:03] <zeroXten> Volcane: how do you mean multiple ways to talk to pam?
[2010/06/03 09:48:05] <tim\|mac> Volcane: yeah, pam is probably an exception in this case... but would still be good to keep the same way of working in mind, though... i like general stuff... makes things logical when you're working with it
[2010/06/03 09:48:30] <Volcane> tim\|mac: you have too much time :P i just avoid all that by keeping to one software stack hah
[2010/06/03 09:48:47] @ kaptk2 joined channel #puppet
[2010/06/03 09:49:27] <tim\|mac> heh yeah, we have multiple customers that have specific needs :) I still think you shouldn't keep religiously to one stack... other stacks might have some important advantages in some cases... (although we're religiously about only doing Debian, but that has other reasons too)
[2010/06/03 09:50:08] <Volcane> tim\|mac: yeah i stick to centos, and centos just doesnt give you options for which webserver you run :)
[2010/06/03 09:50:17] <tim\|mac> that's a good reason, though :)
[2010/06/03 09:50:25] <Volcane> tim\|mac: though i do have some lighttpd but certainly not for vhosts etc, those are just static origin servers
[2010/06/03 09:50:50] <tim\|mac> I mean, bottomline, if it works, it works, customer will pay and be happy. We're a company, not a religion ;-)
[2010/06/03 09:51:50] @ quit (okay bye)
[2010/06/03 09:52:19] @ Joined channel #puppet
[2010/06/03 09:52:19] @ Topic is "Dashboard 1.0.0 released: http://bit.ly/cxZUas \| Puppet 0.25.5 released: http://bit.ly/beIuIm \| http://docs.puppetlabs.com \| Bugs & Feature Requests: http://bit.ly/ddjhPk"
[2010/06/03 09:52:19] @ Topic set by jamesturnbull!~jamesturn@pelin.lovedthanlost.net on Mon May 17 21:32:23 -0400 2010
[2010/06/03 09:52:22] @ Mode +cnt by barjavel.freenode.net
[2010/06/03 09:52:41] <Volcane> ppl who want varied I tend to build a new copy of the platform tailored to them - so i have 100s of debian machines etc - but never do they share a master with my centos machines
[2010/06/03 09:52:56] @ notbrien joined channel #puppet
[2010/06/03 09:53:44] @ Quit: telmich: Changing host
[2010/06/03 09:53:44] @ telmich joined channel #puppet
[2010/06/03 09:54:05] <tim\|mac> yeah, that's a nice way to work if you have enough customers.. we're still small and need to pay employees and stuff... also, I like being able to solve many problems by sometimes choosing non-default software
[2010/06/03 09:54:29] <tim\|mac> and if it gets us more customers in the end, well, then it's worth my time :D
[2010/06/03 09:54:48] <Volcane> nods, hosting rails you have little point, but I always treat those nondefaults as 1st rate citizens, so I'd rpm things properly etc etc
[2010/06/03 09:54:51] <tim\|mac> (another reason which I'm not voicing too much here is that I simply enjoy working on our puppet stack...)
[2010/06/03 09:55:06] <Volcane> s/point/choice
[2010/06/03 09:55:58] <Volcane> anyway
[2010/06/03 09:56:06] <Volcane> i have a 180 file commit to make to my puppet tree
[2010/06/03 09:56:10] <Volcane> scary time, chat later :)
[2010/06/03 09:56:34] <tim\|mac> hehehe have fun ;-)
[2010/06/03 09:56:53] * zeroXten is completely lost :p
[2010/06/03 09:59:05] @ pheezy joined channel #puppet
[2010/06/03 09:59:08] <Volcane> zeroXten: if you have a module pam, make a define pam::policy that manages /etc/pam.d/ssh
[2010/06/03 09:59:19] <Volcane> zeroXten: and in your ssh module use that define to create the file in question
[2010/06/03 09:59:37] <zeroXten> ahh
[2010/06/03 10:00:03] <Volcane> zeroXten: that way the logic is contained in the pam module and it exposes a clear way for interacting with it
[2010/06/03 10:00:04] <zeroXten> that is starting to make sense
[2010/06/03 10:00:23] <Volcane> zeroXten: and later if you wished to change how that interaction works, you just change the interface not every instance
[2010/06/03 10:00:29] <zeroXten> yup
[2010/06/03 10:00:47] <Volcane> and you can be sure that if say you have to restart a service, that it always happen the way you decide
[2010/06/03 10:00:56] <zeroXten> ya
[2010/06/03 10:01:07] <Volcane> and other people who might not be pam gurus, can just not be bothered with the details, they have a fill-in-the-blanks interface that hides it
[2010/06/03 10:01:20] @ sclamage joined channel #puppet
[2010/06/03 10:02:05] @ PsychoSid1 joined channel #puppet
[2010/06/03 10:02:16] <zeroXten> yup yup
[2010/06/03 10:02:32] @ Quit: rmiller4pi81: Quit: Leaving.
[2010/06/03 10:02:34] @ Quit: DmosEmp_: Read error: Connection reset by peer
[2010/06/03 10:02:44] <Volcane> this wrapping of company policy/process in defines is for me one of the biggest wins about puppet
[2010/06/03 10:02:52] <Volcane> my devs roll out vhosts on the webservers
[2010/06/03 10:03:13] <Volcane> and i know its all fine and backed up, cos i set the policy, they just supply the specifics of that vhost
[2010/06/03 10:03:17] <tim\|mac> zeroXten: I think one of the powers of puppet is it's ability to provide a consistent API-like interface for all kinds of apps... that's my premise when designing our modules, at least
[2010/06/03 10:03:32] <zeroXten> yeah, makes sense
[2010/06/03 10:04:08] <zeroXten> i've been doing the whole class pam, class pam::install, class pam::config etc.. but i still have many things to tweak/tighten
[2010/06/03 10:04:10] @ Quit: PsychoSid: Ping timeout: 265 seconds
[2010/06/03 10:04:58] <tim\|mac> zeroXten: it's hard to do it exactly complete the first round you're designing and building, I think
[2010/06/03 10:05:04] <zeroXten> yeah
[2010/06/03 10:05:12] <tim\|mac> we've been doing puppet for about 4 years and only now are designing it this way
[2010/06/03 10:05:15] <zeroXten> just hoping that i'm heading in the right direction
[2010/06/03 10:05:24] <zeroXten> tim\|mac: :)
[2010/06/03 10:05:36] * Volcane cant imagine life without his nagios service scripts anymore.
[2010/06/03 10:05:37] <tim\|mac> I've spoken to a lot of people at puppetcamp who thought that using an agile approach would be much better
[2010/06/03 10:05:49] <tim\|mac> so only build the stuff you need when you need it, more or less
[2010/06/03 10:05:50] <Volcane> tim\|mac: good luck to them!
[2010/06/03 10:06:00] <Volcane> tim\|mac: ah, no i agree on that :)
[2010/06/03 10:06:11] <tim\|mac> Volcane: well, when you start with puppet, that's a good way to do it, i think... it just doesn't hold up in the long run, imho
[2010/06/03 10:06:14] <Volcane> tim\|mac: premature optimisation doesnt always win much
[2010/06/03 10:06:21] <Volcane> tim\|mac: yeah
[2010/06/03 10:06:37] <tim\|mac> no, but a good design once you know your requirements and possibilities does help a lot
[2010/06/03 10:06:56] <Volcane> yup, i always split modules into install, monitor, service etc, doesnt always win much for say ntp
[2010/06/03 10:07:05] <Volcane> but having it as a std helps so much in structuring things
[2010/06/03 10:08:36] * joe-mac1 stabs ssl
[2010/06/03 10:09:07] @ Quit: RageLink: Remote host closed the connection
[2010/06/03 10:09:18] * zeroXten ducks as ssl shoots back at joe-mac1
[2010/06/03 10:09:41] <joe-mac1> lol
[2010/06/03 10:10:20] <Volcane> ssl will always win
[2010/06/03 10:10:43] <Volcane> till someone does that patch that actually disables it :P
[2010/06/03 10:10:44] <tim\|mac> unless you're running an old version of debian etch...
[2010/06/03 10:10:55] <joe-mac1> i just nmean ssl in gheneral
[2010/06/03 10:11:01] <joe-mac1> not even working on puppet right now, isakmpd actually
[2010/06/03 10:12:12] <Tonnerre> Volcane, the Netgear ReadyNAS comes with Debian Sarge, so...
[2010/06/03 10:13:46] <Volcane> you run puppet on your nas?
[2010/06/03 10:13:57] <ohadlevy> Volcane: i do
[2010/06/03 10:13:57] <Tonnerre> Volcane, now that I replaced the OS with NetBSD, I do
[2010/06/03 10:14:01] <Volcane> heh
[2010/06/03 10:14:02] <\|Mike\|> Volcane: weren't you going to send a patch in for it ? :P
[2010/06/03 10:14:08] <tim\|mac> we do... but we call the machines "NFS server" :)
[2010/06/03 10:14:17] <Volcane> \|Mike\|: I'm happy with the SSL :)
[2010/06/03 10:14:30] * masterzen <3 SSL
[2010/06/03 10:14:31] @ rgsteele joined channel #puppet
[2010/06/03 10:14:39] @ jason^ joined channel #puppet
[2010/06/03 10:14:40] @ Quit: jason^: Changing host
[2010/06/03 10:14:40] @ jason^ joined channel #puppet
[2010/06/03 10:14:45] <Tonnerre> SSL is nice as long as it's not done by GNUTLS
[2010/06/03 10:14:49] <Volcane> \|Mike\|: my machines are all over the internet
[2010/06/03 10:15:00] <Volcane> masterzen: SSL in mcollective now wooh :)
[2010/06/03 10:15:24] @ tonyskapunk joined channel #puppet
[2010/06/03 10:15:26] <masterzen> Volcane: congrats! How did you implement it?
[2010/06/03 10:16:09] <Volcane> masterzen: each user has a keypair and all the hosts share the same keypair. so a 0wned host cant actually make new requests, only clients who's public keys have specifically been distributed can make requests
[2010/06/03 10:16:33] <tim\|mac> Volcane: can mcollective stuff be 'proxied'? like, we have a lot of servers in protected networks somewhere inside other organisations...
[2010/06/03 10:16:34] <Volcane> masterzen: and each client has a unique secure id now - based on the cert pair - and i have fine grained authorization based on that
[2010/06/03 10:16:59] <Volcane> tim\|mac: you can put activemq's locally yes - then just the activemq's need to be able to talk
[2010/06/03 10:17:17] <masterzen> Volcane: nice, I need to test that, if only I had some sysadmin time nowadays :-(
[2010/06/03 10:17:22] <tim\|mac> hm ok
[2010/06/03 10:17:52] <Volcane> masterzen: so i can say the client with certname rip can call service agent, only the status action and only on machines with a certain fact or certain class and any combo of those
[2010/06/03 10:18:44] <Volcane> tim\|mac: you can do <noc pcs>-<activemq> \| noc firewall \| => \| dc firewall \| <dc activemq>-<nodes>
[2010/06/03 10:18:56] <Volcane> tim\|mac: shitty ascii map, but noc pcs only need to talk to their own activemq
[2010/06/03 10:19:33] <Volcane> never a packet has to go from noc pc to any server direct
[2010/06/03 10:20:02] <tim\|mac> hm ok
[2010/06/03 10:20:06] <joe-mac1> mcollective is the future of administration/operations. the fact that you can delegate massively parallel administrative tasks to certain groups is key
[2010/06/03 10:20:23] <tim\|mac> joe-mac1: if only installing activemq on debian wasn't such a drag :(
[2010/06/03 10:20:28] <Volcane> joe-mac1: and now if you dont care for the response - you dont need to wait :)
[2010/06/03 10:20:40] <Volcane> joe-mac1: fire and forget immediate back to shell - while the work happens you can go on :)
[2010/06/03 10:20:46] <joe-mac1> tim\|mac: right, i wonder if 10.04 ubuntu has a package for it yet
[2010/06/03 10:20:59] <Volcane> joe-mac1: % mc-rpc --no-results package yum_clean
[2010/06/03 10:21:01] <Volcane> joe-mac1: Request sent with id: 3b751f60b3b2ce85f42b8a0e87ed0a63
[2010/06/03 10:21:26] <Volcane> joe-mac1: and that is back to shell immediately
[2010/06/03 10:21:42] <tim\|mac> joe-mac1: doesn't look like it: http://packages.ubuntu.com/search?keywords=activemq
[2010/06/03 10:21:51] <joe-mac1> and then you can do check-status 3b751f60b3b2ce85f42b8a0e87ed0a63 or something i assume
[2010/06/03 10:22:00] <Volcane> joe-mac1: not yet, soon yes
[2010/06/03 10:22:09] <Volcane> joe-mac1: but when that comes you can also say yum_clean at 4am
[2010/06/03 10:22:44] <Volcane> joe-mac1: for now its literally 'fire and forget' you send the request and whatever happens with it happens
[2010/06/03 10:23:45] <ohadlevy> Volcane: I guess the next step is reporting infrastructure :)
[2010/06/03 10:23:54] <Volcane> ohadlevy: oh that exists :)
[2010/06/03 10:24:01] <Volcane> ohadlevy: centralized audit trail
[2010/06/03 10:24:25] <masterzen> tim\|mac: there are some debs packages around
[2010/06/03 10:24:37] <ohadlevy> Volcane: does it include failures ? (e.g. machine that were unreachable for that time?), will it retry etc?
[2010/06/03 10:24:54] <Volcane> ohadlevy: nope
[2010/06/03 10:25:04] <tim\|mac> masterzen: any idea where?
[2010/06/03 10:25:11] <Volcane> i cant imagine any sane approach to retrying stuff for nodes thats offline
[2010/06/03 10:25:13] <masterzen> tim\|mac: I'm looking
[2010/06/03 10:25:21] <Volcane> the results just would never be deterministic
[2010/06/03 10:25:25] <masterzen> tim\|mac: http://github.com/melexis/activemq-debian
[2010/06/03 10:25:53] <tim\|mac> masterzen: hm... last commit from dec 2009 though...
[2010/06/03 10:25:54] <ohadlevy> Volcane: true, thats what i had in mind in terms of reporting, i see sinartra + memcache as a great way to keep track :)
[2010/06/03 10:26:07] <ohadlevy> tim\|mac: it just means it super stable
[2010/06/03 10:26:08] <Volcane> ohadlevy: i do audit logs like this: http://www.pastie.org/990536
[2010/06/03 10:27:05] <Volcane> reload that pastie - added the audit from the mc-rpc i pasted above
[2010/06/03 10:27:08] <masterzen> tim\|mac: get the source from apache, then use their debian folder to repackage.
[2010/06/03 10:27:22] <Volcane> i get that on one node - i imagine that going into some db and being display along side node info on foreman
[2010/06/03 10:27:37] <ohadlevy> Volcane: should be dead simple :)
[2010/06/03 10:27:40] <tim\|mac> yeah, true
[2010/06/03 10:28:02] <Volcane> ohadlevy: yup :)
[2010/06/03 10:28:20] <Volcane> ohadlevy: my audit log though shows > 100k rpc requests a day * amount of nodes
[2010/06/03 10:28:45] <ohadlevy> Volcane: thats why I was thinking about memcache, and once every few hours dump to a db
[2010/06/03 10:28:48] <ohadlevy> or a few minutes
[2010/06/03 10:28:58] <Volcane> yup
[2010/06/03 10:29:05] @ iptables joined channel #puppet
[2010/06/03 10:29:14] <Volcane> i should also now dead easily be able to build things like auth against ldap for client certs etc :)
[2010/06/03 10:29:22] @ Quit: iptables: Client Quit
[2010/06/03 10:29:41] <ohadlevy> Volcane: why? what did you change?:)
[2010/06/03 10:30:07] <Volcane> ohadlevy: the security plugins are much nicer now - have to be to support symetric crypto methods
[2010/06/03 10:30:22] <ohadlevy> Volcane: reusing puppet certificates?
[2010/06/03 10:30:28] <Volcane> doesnt make sense
[2010/06/03 10:30:30] @ _Lemon_ joined channel #puppet
[2010/06/03 10:30:36] <Volcane> since the certs are per client
[2010/06/03 10:30:39] <Volcane> ie. per person
[2010/06/03 10:30:46] <Volcane> or per automation subsystem
[2010/06/03 10:30:52] <ohadlevy> Volcane: ah, ok, that makes more sense
[2010/06/03 10:30:56] <Volcane> like my puppetcommander has a set of certs
[2010/06/03 10:31:18] <Volcane> and the authorization system only let those certs to talk to the puppet agent and only to the status and runonce actions
[2010/06/03 10:34:42] @ Quit: emarshall: Ping timeout: 245 seconds
[2010/06/03 10:34:48] <Volcane> so not far now from giving customers custom UI's to mcollective to restart their own services etc
[2010/06/03 10:34:57] <Volcane> without needing logins to boxen etc
[2010/06/03 10:35:05] @ rmiller4pi8 joined channel #puppet
[2010/06/03 10:35:11] <ohadlevy> sinatra?
[2010/06/03 10:35:22] <Volcane> or dialog or something
[2010/06/03 10:35:31] <Volcane> sinatra is amazing though :)
[2010/06/03 10:35:37] <ohadlevy> yeah, its really nice
[2010/06/03 10:35:51] <ohadlevy> but i miss some of the rails helpers
[2010/06/03 10:36:16] <Volcane> once this release is out I'll be spending time building a few web apps since its bringing some features that made it too hard int he past to write web stuff
[2010/06/03 10:37:12] @ Quit: rmiller4pi8: Client Quit
[2010/06/03 10:37:55] @ rmiller4pi8 joined channel #puppet
[2010/06/03 10:40:50] <joe-mac1> masterzen: activemq comes with a tool for packaging activemq?
[2010/06/03 10:41:36] <Volcane> there's some debian control files for activemq on github I've not looked at them though
[2010/06/03 10:41:42] <masterzen> joe-mac1: I don't think so
[2010/06/03 10:42:09] <Volcane> http://github.com/melexis/activemq-debian
[2010/06/03 10:44:12] <Omahn_> Does anyone know how the puppetmaster handles changes in the configuration in /etc/puppet (or wherever) that happen half way through the compilation of a catalog?
[2010/06/03 10:45:11] <bhearsum> Omahn_: they don't get applied, to my knowledge
[2010/06/03 10:45:23] <bhearsum> the catalog gets compiled at the start of the connection, and isn't updated mid-way through
[2010/06/03 10:45:48] @ fluxdud3 joined channel #puppet
[2010/06/03 10:46:24] <Omahn_> I mean the actual files on the puppetmaster itself. For example, we're using a post-commit hook to update /etc/puppet/ (as it's a working copy). What happens if the puppetmaster is half way through generating a catalog at the exact time the post-commit hook is running? Pot luck?
[2010/06/03 10:47:31] <bhearsum> not sure about that one.....unless it open()s all of the files right away it may get some new ones and some old ones
[2010/06/03 10:47:55] <bhearsum> that's just a SWAG though
[2010/06/03 10:48:20] @ Quit: fluxdude: Ping timeout: 258 seconds
[2010/06/03 10:49:17] <Hilli> OK, that did it... Where do I start if I want to extend puppet with a function by making some ruby code myself?
[2010/06/03 10:49:43] <Volcane> Hilli: http://projects.puppetlabs.com/projects/puppet/wiki/Writing_Your_Own_Functions
[2010/06/03 10:50:07] <pixie79> i have a ruby error, i am trying to make a y/n continue question but it seems to quit either way, any ideas? http://pastie.org/990580 p.s i know this is not a puppet question but i think your guys are much more helpful :)
[2010/06/03 10:50:30] @ gantec joined channel #puppet
[2010/06/03 10:50:55] <Hilli> Volcane: Thank you!
[2010/06/03 10:51:28] <gantec> hi, I still have the same problem with port 8139. I can not run puppetrun
[2010/06/03 10:51:36] <Omahn_> bhearsum: Ok, that's what we suspected, I'll send a post to the mailing list.
[2010/06/03 10:51:37] <gantec> http://paste.debian.net/75999/
[2010/06/03 10:52:22] <Volcane> gantec: and can you telnet to that host and port?
[2010/06/03 10:52:31] <gantec> nop
[2010/06/03 10:52:35] <gantec> connection refused
[2010/06/03 10:52:42] <chadh> gantec: you need to add --no-client to the puppetd commandline
[2010/06/03 10:52:46] <Volcane> are you running the puppetd with --listen?
[2010/06/03 10:52:49] <chadh> gantec: it's a bug.
[2010/06/03 10:52:54] <Volcane> ah
[2010/06/03 10:52:54] @ Quit: carla: Quit: Saindo
[2010/06/03 10:52:55] <gantec> yes with listen=true
[2010/06/03 10:53:25] <gantec> chadh:can we go strait the bug ?
[2010/06/03 10:53:39] <gantec> does exists a trick ?
[2010/06/03 10:54:17] @ emarshall joined channel #puppet
[2010/06/03 10:54:22] <chadh> #3313
[2010/06/03 10:54:22] <gepetto> chadh: #3313 is http://projects.puppetlabs.com/issues/show/3313 "Puppet - Bug #3313: puppet.conf option client=true/false doesn't seem to work - PuppetLabs.com"
[2010/06/03 10:54:52] <chadh> gantec: yeah, listen=true in the puppet.conf and then --no-client on the puppetd invocation will fix it
[2010/06/03 10:55:25] <gantec> i've just to run the command with --no-client ?
[2010/06/03 10:55:32] <chadh> gantec: yep
[2010/06/03 10:55:38] <gantec> ok
[2010/06/03 10:55:40] <gantec> i'll try it
[2010/06/03 10:55:41] @ piir joined channel #puppet
[2010/06/03 10:57:56] <gantec> doesn't work
[2010/06/03 10:58:04] <piir> hello
[2010/06/03 10:58:07] <piir> ohadlevy, answering to your mail, I'm using version 0.25.4 on both server and client
[2010/06/03 10:59:03] <ohadlevy> piir: hey, when you did your verifications, did you verify also the CRL?
[2010/06/03 11:00:45] <piir> ohadlevy, no I didn't check the CRL
[2010/06/03 11:01:12] <ohadlevy> piir: puppet does, in 0.25.5 you can disable the crl verification
[2010/06/03 11:02:08] <gantec> chadh:any other idea ? i'll check with iptables, telnet
[2010/06/03 11:02:14] @ ad4m joined channel #puppet
[2010/06/03 11:02:21] <gantec> chadh:and doesn't work
[2010/06/03 11:02:29] <gantec> the same error message
[2010/06/03 11:02:42] <piir> ohadlevy, Puppet isn't checking crl validity during the launch?
[2010/06/03 11:02:58] <ohadlevy> piir: i think it does
[2010/06/03 11:03:05] <chadh> gantec: so you have 'listen=true' under the 'puppetd' section of puppet.conf, and then you launched puppetd with --no-client ?
[2010/06/03 11:03:41] @ Quit: PsychoSid1: Quit: Leaving.
[2010/06/03 11:03:45] <gantec> yep like you write
[2010/06/03 11:04:04] <chadh> what happens if you run 'puppetd --listen --no-client --no-daemonize --debug' ?
[2010/06/03 11:04:04] <ohadlevy> gantec: i have a config example if you want
[2010/06/03 11:04:10] <piir> ohadlevy, because for now, the neither the client nor the server failed at launch time, only on a connection
[2010/06/03 11:04:32] <gantec> ohadlevy: yep i think it can help
[2010/06/03 11:04:49] <chadh> gantec: I use lsof on the client to see if puppetd is listening on 8139
[2010/06/03 11:04:55] <ohadlevy> gantec: http://theforeman.org/projects/foreman/wiki/Puppetrun
[2010/06/03 11:05:14] <gantec> ohadlevy:thanks
[2010/06/03 11:05:19] <ohadlevy> piir: the verification is done when the client tries to connect to the server
[2010/06/03 11:05:27] <chadh> ohadlevy: did you see the bug I mentioned above?
[2010/06/03 11:05:46] <ohadlevy> chadh: no :)
[2010/06/03 11:06:04] <gantec> chadh: there is no 8139
[2010/06/03 11:06:11] <gantec> chadh:with lsof
[2010/06/03 11:06:27] <Volcane> gantec: is puppet.conf the only .conf file you have in /etc/puppet on the clients?
[2010/06/03 11:06:38] <gantec> yes
[2010/06/03 11:07:07] <Volcane> put the config on pastie.org and also the output from the debug command chadh asked above
[2010/06/03 11:07:41] <gantec> ok before i'll try the tuto of ohadlevy
[2010/06/03 11:10:34] @ saysjonathan joined channel #puppet
[2010/06/03 11:11:00] <gantec> the problem is the 8139 port
[2010/06/03 11:11:11] <gantec> i don't understand why !
[2010/06/03 11:11:52] <Volcane> gantec: really, saying that isnt helping. if you want help show the info we asked
[2010/06/03 11:12:24] <gantec> Volcane:sorry, is ok on debian paste zone ?
[2010/06/03 11:12:34] <Volcane> as long as its not in the channel
[2010/06/03 11:12:39] <gantec> ok
[2010/06/03 11:13:05] <gantec> at first, i have this error message : http://paste.debian.net/75999/
[2010/06/03 11:14:24] <gantec> and the config of my client is :http://paste.debian.net/76005/
[2010/06/03 11:15:23] <gantec> Volcane : is that you wanted ?
[2010/06/03 11:15:39] <Volcane> also output from the command above
[2010/06/03 11:17:33] <gantec> Volcane:after wich command ?
[2010/06/03 11:17:51] <Volcane> puppetd --listen --no-client --no-daemonize --debug
[2010/06/03 11:17:56] <gantec> ok sorry
[2010/06/03 11:19:03] <gantec> http://paste.debian.net/76006/
[2010/06/03 11:19:52] <gantec> i'm trying to create the file namespaceauth.conf
[2010/06/03 11:20:24] @ Quit: cynicismic: Quit: "kernel upgrade"
[2010/06/03 11:21:14] @ steph021 joined channel #puppet
[2010/06/03 11:22:04] <zeroXten> should a puppet --parseonly be able to load in site.pp and all of it's imports etc?
[2010/06/03 11:22:26] <gantec> Volcane: it's ok, namespaceauth.conf was the error i did
[2010/06/03 11:23:05] <gantec> Volcane: thanks for your patience
[2010/06/03 11:23:56] <Volcane> np
[2010/06/03 11:24:13] @ zohaib joined channel #puppet
[2010/06/03 11:29:16] @ Quit: emarshall: Quit: emarshall
[2010/06/03 11:29:23] <ad4m> i've got an issue with a client cert not showing up. i had a client named A, and i signed that cert using puppetca, then i had another client also named A connect and send its cert for signing, so I stopped puppet on both, did a puppetca --clean A and then renamed the the first client named A to B and started puppet on both client hosts. the B client shows up as needing to be signed, but the A client won't show up as needing to be signed.
[2010/06/03 11:29:49] <ad4m> all certs for A were completely removed, so it doesn't show up in the list of signed certs either
[2010/06/03 11:30:45] <ad4m> i've uninstalled puppet and deleted all the related files on the A client and then reinstalled, but i still do not see a new cert on puppetmaster host for A
[2010/06/03 11:31:05] <ad4m> i've also grepped through everything on the puppetmaster host looking for any references to the name A and couldn't find anything
[2010/06/03 11:31:32] <ad4m> anyone have any ideas on why i can't get this client A registered?
[2010/06/03 11:32:02] @ Quit: zohaib: Ping timeout: 258 seconds
[2010/06/03 11:33:08] @ cynicismic joined channel #puppet
[2010/06/03 11:35:05] @ lak joined channel #puppet
[2010/06/03 11:35:32] @ Quit: verwilst: Quit: Ex-Chat
[2010/06/03 11:36:09] <gantec> ad4m:did you define the node ? s
[2010/06/03 11:37:20] @ Quit: Ramonster: Quit: So long, thanx for all the fish
[2010/06/03 11:45:52] <piir> ohadlevy, Ok i've upgrade to 0.25.5, i've set ca_crl = false on server and ca_crl and hostcrl =false on client
[2010/06/03 11:46:07] <piir> now I have err: Cached certificate_revocation_list for ca failed: No file or directory setting provided; terminus file cannot function
[2010/06/03 11:46:23] <ohadlevy> piir: can you provide a --trace?
[2010/06/03 11:46:33] @ Quit: explody: Ping timeout: 276 seconds
[2010/06/03 11:46:34] <piir> client ?
[2010/06/03 11:47:04] @ Quit: gantec: Quit: Page closed
[2010/06/03 11:47:09] <ohadlevy> piir: where ever you get the error from:)
[2010/06/03 11:47:31] <ohadlevy> hmm.. I'm not sure if thats the right option name, let me look it up
[2010/06/03 11:47:45] @ Quit: benoit_: Ping timeout: 258 seconds
[2010/06/03 11:47:45] <piir> ok http://pastebin.com/AcjFBaLx
[2010/06/03 11:48:17] <ohadlevy> piir: I think the option name is certificate_revocation = false
[2010/06/03 11:48:23] <ohadlevy> no ca_crl
[2010/06/03 11:48:28] <ohadlevy> s/no/not
[2010/06/03 11:50:41] @ explody joined channel #puppet
[2010/06/03 11:51:06] <piir> ohadlevy, it works ! wouhou it works!
[2010/06/03 11:51:15] <ohadlevy> piir: :)
[2010/06/03 11:51:49] <ohadlevy> piir: did you spend much time on it?
[2010/06/03 11:52:07] @ tecto joined channel #puppet
[2010/06/03 11:52:33] @ Determinist joined channel #puppet
[2010/06/03 11:52:38] <piir> ohadlevy, thx a lot, yes, more or less than 2 weeks not at full time
[2010/06/03 11:55:25] @ littleidea joined channel #puppet
[2010/06/03 11:55:37] <piir> ohadlevy, Is puppet strict with certificate , Can i connect from a client with a certificate that don't have TLS Web client authentication ?
[2010/06/03 11:56:20] <ohadlevy> piir: connect using puppet, or using the certificate?
[2010/06/03 11:56:35] @ emarshall joined channel #puppet
[2010/06/03 11:57:22] @ RageLink joined channel #puppet
[2010/06/03 11:59:03] @ Quit: thdem: Quit: Page closed
[2010/06/03 11:59:07] @ notbrien_ joined channel #puppet
[2010/06/03 11:59:14] @ Quit: notbrien_: Read error: Connection reset by peer
[2010/06/03 11:59:57] @ notbrien_ joined channel #puppet
[2010/06/03 12:00:26] @ Quit: notbrien_: Remote host closed the connection
[2010/06/03 12:00:54] @ Quit: \ask: Remote host closed the connection
[2010/06/03 12:01:06] @ notbrien_ joined channel #puppet
[2010/06/03 12:01:08] @ Quit: notbrien: Ping timeout: 265 seconds
[2010/06/03 12:01:09] @ notbrien_ is now known as notbrien
[2010/06/03 12:01:14] @ z00dax joined channel #puppet
[2010/06/03 12:03:10] @ benoit_ joined channel #puppet
[2010/06/03 12:07:53] @ Quit: Welsh_Dwarf: Read error: Connection reset by peer
[2010/06/03 12:08:25] @ Quit: giskard: Remote host closed the connection
[2010/06/03 12:10:36] @ DmosEmp_ joined channel #puppet
[2010/06/03 12:11:24] @ Mick27 joined channel #puppet
[2010/06/03 12:11:36] @ Quit: lak: Quit: lak
[2010/06/03 12:12:33] <zahna> has anyone here used puppet with SSL wildcard certs from verisign or thawte or whereever?
[2010/06/03 12:12:38] <piir> ohadlevy, cna i launch a client with a certificate that don't have the "TLS Web client authentication"
[2010/06/03 12:13:03] <ad4m> does anyone have any idea on how to clean out certs for clients or why this one client's cert signing request won't show up?
[2010/06/03 12:13:11] <ohadlevy> piir: I would guess so
[2010/06/03 12:13:12] <zahna> i haven't seen it come up, but someone here asked about it
[2010/06/03 12:13:18] <zahna> (here == my work)
[2010/06/03 12:13:19] <nahamu> ad4m, puppetca --clean [hostname]
[2010/06/03 12:13:32] <nahamu> before that, try puppetca --list --all
[2010/06/03 12:13:59] <ohadlevy> piir: try it :) in any case, I'm off for the day
[2010/06/03 12:14:17] <ad4m> nahamu: yeah, i did that, however the client with the hostname that i cleaned still can't re-register
[2010/06/03 12:14:35] <ad4m> nahamu: and the hostname for the client in question, doesn't show up in a --list --all
[2010/06/03 12:15:05] <zahna> ad4m: clean it off puppetmaster, and also remove all cert related files from /var/lib/puppet on the client
[2010/06/03 12:15:14] <zahna> ad4m: then re-register
[2010/06/03 12:15:57] @ Quit: alban2: Ping timeout: 245 seconds
[2010/06/03 12:17:04] @ gmcquillan joined channel #puppet
[2010/06/03 12:17:41] <ad4m> zahna: did that too, did not work. i did the --clean on the master, then uninstalled the client on the effected host, deleted /var/lib/puppet on the host, then reinstalled the client on the host
[2010/06/03 12:18:03] @ z00dax left channel #puppet ()
[2010/06/03 12:18:08] <ad4m> the client still does not show up on the master as waiting to be signed
[2010/06/03 12:18:14] @ z00dax6 joined channel #puppet
[2010/06/03 12:18:52] <nahamu> ad4m, does running "puppetd --test" spit out a usefull error?
[2010/06/03 12:19:20] <nahamu> (on the client)
[2010/06/03 12:19:25] <ad4m> i didn't see a useful error, let me take a look at it again
[2010/06/03 12:21:30] @ michal_k joined channel #puppet
[2010/06/03 12:21:52] @ Quit: jaredrhine: Quit: Leaving.
[2010/06/03 12:22:08] <michal_k> hello, can i push a class to a node from my puppetmaster
[2010/06/03 12:22:26] <ad4m> nahamu: i get...
[2010/06/03 12:22:26] <ad4m> warning: peer certificate won't be verified in this SSL session
[2010/06/03 12:22:26] <ad4m> Exiting; no certificate found and waitforcert is disabled
[2010/06/03 12:22:30] @ Quit: michal_k: Client Quit
[2010/06/03 12:22:45] <ad4m> that's with a completely fresh install on the client
[2010/06/03 12:22:59] <ad4m> and puppetca --list on the master now does not list the client's hostname
[2010/06/03 12:23:00] @ project2501b joined channel #puppet
[2010/06/03 12:23:30] @ alfism joined channel #puppet
[2010/06/03 12:23:55] @ tep joined channel #puppet
[2010/06/03 12:23:55] @ Quit: tep: Changing host
[2010/06/03 12:23:55] @ tep joined channel #puppet
[2010/06/03 12:25:15] @ littleidea_ joined channel #puppet
[2010/06/03 12:26:35] <ad4m> i've got to run, but i'll check back when i return. if anyone has any other ideas, i'd be very grateful!
[2010/06/03 12:26:39] <zahna> ad4m: is the client even communicating with the puppetmaster? tcpdump can help with that.
[2010/06/03 12:27:55] @ Quit: littleidea: Ping timeout: 252 seconds
[2010/06/03 12:29:51] @ \ask joined channel #puppet
[2010/06/03 12:31:53] <sclamage> if I'm using an external node script, it seems that the only things I can return are classes & variables, right?
[2010/06/03 12:32:01] <Volcane> yes
[2010/06/03 12:32:03] <sclamage> i.e. I can't use definitions?
[2010/06/03 12:32:23] <sclamage> I saw this issue, which seemed to make it pretty clear, but just wanted to make sure I wasn't missing anything: http://projects.reductivelabs.com/issues/2408
[2010/06/03 12:33:48] <sclamage> any suggestions of how I can work around this, other than waiting for that feature to be implemented?
[2010/06/03 12:34:26] @ giskard joined channel #puppet
[2010/06/03 12:35:37] @ Quit: gaveen: Ping timeout: 252 seconds
[2010/06/03 12:36:59] @ chjohnst joined channel #puppet
[2010/06/03 12:37:19] <Volcane> what are you doing with defines in node blocks/ its not usually the done thing
[2010/06/03 12:39:27] <chjohnst> dadadalsd
[2010/06/03 12:39:31] <chjohnst> oops sorry
[2010/06/03 12:39:36] <sclamage> yeah, well I admit my requirements are a little unusual
[2010/06/03 12:40:25] <sclamage> for each node, I need to configure multiple services of different types, and each service needs a unique name.. which I was hoping to provide in my external node script.
[2010/06/03 12:40:58] <sclamage> so e.g. node1 has s01, s02, s03, node2 has s04, s05, s06
[2010/06/03 12:41:37] <sclamage> (and each service might also have extra, unique options... I'm simplifying here)
[2010/06/03 12:41:43] <Volcane> ah
[2010/06/03 12:41:49] <Volcane> yeah thats pretty hard
[2010/06/03 12:42:20] <joe-mac1> custom fact with ability to look at some extrernal data source to determine what node has waht services i guess
[2010/06/03 12:42:27] <joe-mac1> or extlookup
[2010/06/03 12:43:50] <sclamage> (reading about extlookup now - I hadn't seen that before...)
[2010/06/03 12:44:00] @ ahuman joined channel #puppet
[2010/06/03 12:44:11] <barn> modest hostname (:
[2010/06/03 12:44:42] <Volcane> barn: guess we can stop answering questions now! :)
[2010/06/03 12:44:50] <barn> yeah, we're done here
[2010/06/03 12:44:55] <barn> everyone out...
[2010/06/03 12:46:24] @ Quit: mauve: Quit: Leaving
[2010/06/03 12:47:42] <zahna> heh, so, has anyone used wildcard certs for puppet?
[2010/06/03 12:49:04] <zeroXten> any docs on specifying dependencies between modules? I know to use require etc in the manifest, but not quite sure how the "depends" directory fits into it
[2010/06/03 12:49:26] <joe-mac1> i thiunk 'depends' is an artificial construct
[2010/06/03 12:49:29] <joe-mac1> i don't use it in my modules
[2010/06/03 12:49:44] <Volcane> zahna: you mean giving every host the same cert - the wildcard one?
[2010/06/03 12:49:48] <zeroXten> so i just use my require and hope that someone imports somewhere else
[2010/06/03 12:50:08] <zahna> Volcane: yeah... it's not my idea, but i thought i'd ask about it
[2010/06/03 12:50:10] <zeroXten> or should i import in my base module clase
[2010/06/03 12:50:15] <zeroXten> class*
[2010/06/03 12:50:34] <Volcane> zahna: you'll just have to try and let us know :)
[2010/06/03 12:51:13] <zahna> Volcane: heh, so no one does that, eh?
[2010/06/03 12:51:34] <Volcane> not heard of someone, cant be impossible though - you just cant sign certs obviously but you should be able to get it going
[2010/06/03 12:52:11] <zahna> right, well, the thinking was that thawte or verisign or someone would sign the cert
[2010/06/03 12:52:26] <Volcane> yes, i mean you wont be able to sign more without going via them again
[2010/06/03 12:52:35] <Volcane> hence the wildcard since it wll be valid for all your hosts
[2010/06/03 12:52:41] <Volcane> and so no signing needed
[2010/06/03 12:52:49] <zahna> ok, yes :)
[2010/06/03 12:52:50] <Volcane> it should work
[2010/06/03 12:53:59] <sclamage> joe-mac1/volcane: thanks for the extlookup pointer - I think that will do the trick
[2010/06/03 12:54:07] <sclamage> need to go putter around with that for a bit & see how it fits in.
[2010/06/03 12:54:41] @ acrollet joined channel #puppet
[2010/06/03 13:03:15] @ Quit: RageLink: Quit: up up and away
[2010/06/03 13:03:24] @ RageLink joined channel #puppet
[2010/06/03 13:05:05] @ Quit: TREllis: Ping timeout: 240 seconds
[2010/06/03 13:06:02] <hMz> anyone know how to fix the 'No format match the given format name or mime-type (text/html)' problem?
[2010/06/03 13:07:57] @ plathrop-away is now known as plathrop
[2010/06/03 13:09:20] @ lak joined channel #puppet
[2010/06/03 13:14:31] <hMz> theres a couple of threads about it on the web but no results or corresponding tickets
[2010/06/03 13:15:34] @ Quit: lak: Ping timeout: 265 seconds
[2010/06/03 13:18:09] @ TREllis joined channel #puppet
[2010/06/03 13:21:37] @ lak joined channel #puppet
[2010/06/03 13:24:13] @ Quit: thatch: Quit: Page closed
[2010/06/03 13:25:23] @ jaredrhine joined channel #puppet
[2010/06/03 13:26:41] @ blood joined channel #puppet
[2010/06/03 13:29:07] @ shug joined channel #puppet
[2010/06/03 13:29:35] @ Quit: TREllis: Quit: leaving
[2010/06/03 13:30:45] <chadh> Is there a tolower puppet function?
[2010/06/03 13:31:51] <joe-mac1> chadh: there is inline_template() which you can do to do ruby templating in manifests
[2010/06/03 13:32:23] <chadh> joe-mac1: yeah, I just thought I remembered someone mentioning it. maybe it was homegrown. kind of trivial, I guess
[2010/06/03 13:42:30] <ad4m> zahna: yeah the client is communicating with the master, i ran the master in debug mode and i see the client connect and send/recv stuff
[2010/06/03 13:56:21] <alxm_> chadh: .downcase?
[2010/06/03 13:57:02] @ gaveen joined channel #puppet
[2010/06/03 13:57:19] @ Quit: RageLink: Ping timeout: 258 seconds
[2010/06/03 14:07:10] @ Quit: lak: Quit: lak
[2010/06/03 14:07:20] @ pting joined channel #puppet
[2010/06/03 14:08:45] @ lak joined channel #puppet
[2010/06/03 14:13:41] @ ayanich_ is now known as ayanich
[2010/06/03 14:16:35] @ bodepd joined channel #puppet
[2010/06/03 14:16:47] @ Quit: \ask: Remote host closed the connection
[2010/06/03 14:17:16] @ neon\|out joined channel #puppet
[2010/06/03 14:17:26] @ \ask joined channel #puppet
[2010/06/03 14:18:02] @ Quit: [GuS]: .net .split
[2010/06/03 14:18:02] @ Quit: vollmer: .net .split
[2010/06/03 14:18:03] @ Quit: emag: .net .split
[2010/06/03 14:18:03] @ Quit: miah: .net .split
[2010/06/03 14:18:03] @ Quit: Phibs: .net .split
[2010/06/03 14:18:03] @ Quit: HouseAway: .net .split
[2010/06/03 14:18:03] @ Quit: filler: .net .split
[2010/06/03 14:18:03] @ Quit: neonDragon: .net .split
[2010/06/03 14:18:03] @ Quit: bje: .net .split
[2010/06/03 14:18:03] @ Quit: huggie: .net .split
[2010/06/03 14:18:04] @ Quit: evilrob: .net .split
[2010/06/03 14:18:04] @ Quit: bzrk: .net .split
[2010/06/03 14:18:04] @ Quit: skayser: .net .split
[2010/06/03 14:18:37] @ bje joined channel #puppet
[2010/06/03 14:19:13] @ [GuS] joined channel #puppet
[2010/06/03 14:19:15] @ vollmer joined channel #puppet
[2010/06/03 14:19:16] @ evilrob joined channel #puppet
[2010/06/03 14:19:17] @ emag joined channel #puppet
[2010/06/03 14:19:43] @ Phibs joined channel #puppet
[2010/06/03 14:19:46] @ huggie joined channel #puppet
[2010/06/03 14:20:15] @ HouseAway joined channel #puppet
[2010/06/03 14:20:25] @ Quit: lak: Quit: lak
[2010/06/03 14:20:34] @ bzrk joined channel #puppet
[2010/06/03 14:20:39] @ filler joined channel #puppet
[2010/06/03 14:20:57] @ lak joined channel #puppet
[2010/06/03 14:21:14] @ miah joined channel #puppet
[2010/06/03 14:21:32] @ skayser joined channel #puppet
[2010/06/03 14:22:14] @ Quit: benoit_: Ping timeout: 276 seconds
[2010/06/03 14:25:00] @ billynadeau joined channel #puppet
[2010/06/03 14:25:53] <billynadeau> hello
[2010/06/03 14:26:04] <billynadeau> someone have a minute to help me figure something out?
[2010/06/03 14:26:36] <plathrop> billynadeau: possibly. Post your question and see who bites? :-D
[2010/06/03 14:26:55] <billynadeau> I get uninitialized constant Puppet::Parser::TemplateWrapper::APACHE2_PHP_UPLOADS on my prod setup but not on my simple dev one... using a global var and a class one for some override
[2010/06/03 14:27:37] <billynadeau> i'm using 0.24.5 in dev and 0.24.8 in prod
[2010/06/03 14:29:06] <billynadeau> so... why do I have a namespace issue there, and how do i fix it?
[2010/06/03 14:30:16] <jbooth> Are you really using an older puppet in dev?
[2010/06/03 14:30:29] <billynadeau> yes, a little older... 0.24.5
[2010/06/03 14:30:38] <Volcane> i am sure you just have a mistake in a template somewhere
[2010/06/03 14:30:43] <Volcane> find the one that mentions that and show it to us
[2010/06/03 14:31:08] <billynadeau> file_uploads = <%= APACHE2_PHP_UPLOADS %>
[2010/06/03 14:31:12] <billynadeau> that's from the template
[2010/06/03 14:31:18] <Volcane> and you dont have a variable $APACHE2_PHP_UPLOADS
[2010/06/03 14:31:23] <billynadeau> $APACHE2_PHP_UPLOADS = "Off"
[2010/06/03 14:31:25] <Volcane> since you shouldnt be making them uppercase etc
[2010/06/03 14:31:29] <billynadeau> that's from the manifest
[2010/06/03 14:32:06] <billynadeau> outside of any class
[2010/06/03 14:32:18] <Volcane> you souldnt put things outside of any class either
[2010/06/03 14:32:30] <billynadeau> how should i use a default value?
[2010/06/03 14:32:47] <billynadeau> so they all have "Off" except one or two servers?
[2010/06/03 14:33:54] <billynadeau> ok... my test setup used a lowercase var name...
[2010/06/03 14:34:08] <billynadeau> they're treated differently if they're uppercase?
[2010/06/03 14:34:28] <Volcane> uppercase in ruby means something else yes - since templates are ruby that matter
[2010/06/03 14:34:38] <billynadeau> oh... thanks :)
[2010/06/03 14:34:39] <hMz> any help on the ' No format match the given format name or mime-type (text/html)' issue?
[2010/06/03 14:34:57] <Volcane> hMz: i'd guess your webserver is returning something unexpected to puppet
[2010/06/03 14:35:48] @ Quit: gaveen: Ping timeout: 265 seconds
[2010/06/03 14:37:47] @ bodepd left channel #puppet ()
[2010/06/03 14:39:14] <hMz> i'm using apache+mongrel
[2010/06/03 14:39:30] <hMz> just upgraded to 0.25 from 0.24 and using my old setup
[2010/06/03 14:45:15] <billynadeau> using lowercase fixed the bug, but i now have another one :(
[2010/06/03 14:45:22] <billynadeau> Could not find value for 'apache2_php_uploads'
[2010/06/03 14:45:34] @ Quit: lak: Quit: lak
[2010/06/03 14:46:00] <billynadeau> it's defined in two places, one globally just before the php class and one inside the host's class
[2010/06/03 14:46:39] @ bodepd joined channel #puppet
[2010/06/03 14:46:51] @ mao_ joined channel #puppet
[2010/06/03 14:48:17] <mao_> qq: what's the correct syntax to reference the first element of an array if that array is a variable defined in a class?
[2010/06/03 14:48:39] <mao_> notice("$foo[0]") didn't work
[2010/06/03 14:50:19] @ eidolon joined channel #puppet
[2010/06/03 14:50:34] @ Quit: ckdake: Ping timeout: 260 seconds
[2010/06/03 14:50:59] <eidolon> hey folks, i'm trying to re-cert a client machine. I did a 'cert revocation' to see if i could 'cut off' a server from a puppet server a few weeks ago. Now I want to bring that server back into the fold - but I keep getting Jun 3 14:41:52 bos-rep-etl01 puppetd[23095]: Could not retrieve catalog from remote server: sslv3 alert certificate revoked
[2010/06/03 14:51:09] @ Quit: bodepd: Ping timeout: 260 seconds
[2010/06/03 14:51:12] <eidolon> I've tried a 'puppetca --clean bos-rep-etl01' on the puppetmaster, but no dice.
[2010/06/03 14:51:50] @ ckdake joined channel #puppet
[2010/06/03 14:51:51] @ Quit: ckdake: Changing host
[2010/06/03 14:51:51] @ ckdake joined channel #puppet
[2010/06/03 14:52:49] @ giskard_ joined channel #puppet
[2010/06/03 14:54:37] <pheezy> argh, refactoring
[2010/06/03 14:55:09] @ Quit: giskard: Ping timeout: 272 seconds
[2010/06/03 14:55:12] @ JEG2 joined channel #puppet
[2010/06/03 14:55:23] <eidolon> anyone? on the puppetca question?
[2010/06/03 14:56:05] @ JEG2 left channel #puppet ("Leaving...")
[2010/06/03 14:56:07] <hMz> its probably still in the revoked cert list
[2010/06/03 14:56:13] <hMz> but i've never played with revocation
[2010/06/03 14:57:28] @ Quit: saysjonathan: Quit: Lost terminal
[2010/06/03 14:59:59] <nahamu> eidolon, you probably need to get the client to generate a new cert
[2010/06/03 15:00:33] <nahamu> look in /var/lib/puppet on the client for the certificate to blow away
[2010/06/03 15:01:10] <nahamu> if you hadn't cleaned out the certificate, you might have been able to manually modify the CRL and remove the revocation of that client's cert.
[2010/06/03 15:01:20] <nahamu> good luck!
[2010/06/03 15:05:11] <hMz> ah ha.
[2010/06/03 15:05:29] <hMz> bad setup of mod balancer
[2010/06/03 15:12:30] <eidolon> nahamu: okay, thanks :)
[2010/06/03 15:13:07] @ RageLink joined channel #puppet
[2010/06/03 15:17:34] @ Quit: giskard_: Read error: Operation timed out
[2010/06/03 15:21:00] @ Quit: emarshall: Quit: emarshall
[2010/06/03 15:23:05] @ emarshall joined channel #puppet
[2010/06/03 15:23:51] <eidolon> nahamu: should i just purge /var/lib/puppet/ssl/ ?
[2010/06/03 15:23:53] <eidolon> on the client?
[2010/06/03 15:24:05] <eidolon> [root@bos-rep-etl01 ssl]# ls
[2010/06/03 15:24:05] <eidolon> certificate_requests certs crl.pem private private_keys public_keys
[2010/06/03 15:25:07] * eidolon assumes yes, gives it a whirl.
[2010/06/03 15:26:11] @ Quit: bug: Quit: bug
[2010/06/03 15:26:57] @ giskard joined channel #puppet
[2010/06/03 15:27:19] <billynadeau> thanks Volcane, all fixed now... have a good day
[2010/06/03 15:27:22] @ billynadeau left channel #puppet ()
[2010/06/03 15:40:13] @ jab_doa joined channel #puppet
[2010/06/03 15:42:53] @ Quit: p3rror: Ping timeout: 248 seconds
[2010/06/03 15:43:02] @ lak joined channel #puppet
[2010/06/03 15:55:16] @ Quit: [GuS]: Read error: Connection reset by peer
[2010/06/03 15:55:40] @ p3rror joined channel #puppet
[2010/06/03 15:56:29] @ paxos joined channel #puppet
[2010/06/03 16:03:49] @ benoit_ joined channel #puppet
[2010/06/03 16:06:39] @ Quit: cynicismic: Quit: "dinnertime"
[2010/06/03 16:11:52] @ Quit: ad4m: Quit: ad4m
[2010/06/03 16:12:14] @ Quit: benoit_: Ping timeout: 260 seconds
[2010/06/03 16:12:52] @ shug left channel #puppet ("Leaving")
[2010/06/03 16:15:28] @ Quit: p3rror: Remote host closed the connection
[2010/06/03 16:17:02] @ giskard_ joined channel #puppet
[2010/06/03 16:18:17] @ giskard__ joined channel #puppet
[2010/06/03 16:18:41] @ Quit: nexx: Quit: quit
[2010/06/03 16:18:55] @ Quit: giskard: Ping timeout: 252 seconds
[2010/06/03 16:21:47] @ Quit: mao_: Quit: Page closed
[2010/06/03 16:21:48] @ Quit: giskard_: Ping timeout: 245 seconds
[2010/06/03 16:24:39] @ Quit: emarshall: Quit: emarshall
[2010/06/03 16:28:47] @ giskard joined channel #puppet
[2010/06/03 16:28:48] @ Quit: beelzebob: Read error: Operation timed out
[2010/06/03 16:28:53] @ Quit: giskard__: Ping timeout: 245 seconds
[2010/06/03 16:30:40] @ Quit: eidolon: Quit: Leaving.
[2010/06/03 16:31:29] @ giskard_ joined channel #puppet
[2010/06/03 16:31:35] @ Bass10 joined channel #puppet
[2010/06/03 16:33:05] @ Quit: Bass10: Max SendQ exceeded
[2010/06/03 16:33:47] @ Bass10 joined channel #puppet
[2010/06/03 16:33:53] @ Quit: giskard: Ping timeout: 245 seconds
[2010/06/03 16:36:29] @ Quit: giskard_: Ping timeout: 265 seconds
[2010/06/03 16:38:00] @ Quit: cliff-hm: Ping timeout: 258 seconds
[2010/06/03 16:39:25] @ Quit: MattM: Read error: Connection reset by peer
[2010/06/03 16:41:01] @ giskard joined channel #puppet
[2010/06/03 16:47:37] @ bodepd joined channel #puppet
[2010/06/03 16:48:06] @ giskard_ joined channel #puppet
[2010/06/03 16:48:20] @ Quit: bodepd: Client Quit
[2010/06/03 16:48:23] @ emarshall joined channel #puppet
[2010/06/03 16:50:10] @ Quit: giskard: Ping timeout: 265 seconds
[2010/06/03 16:50:49] @ giskard joined channel #puppet
[2010/06/03 16:53:33] @ Quit: giskard_: Ping timeout: 265 seconds
[2010/06/03 16:55:35] @ Quit: rgsteele: Read error: Connection reset by peer
[2010/06/03 16:56:05] @ Quit: giskard: Ping timeout: 260 seconds
[2010/06/03 17:02:04] @ giskard joined channel #puppet
[2010/06/03 17:08:29] @ Quit: reyjrar: Quit: Leaving.
[2010/06/03 17:17:07] @ gmcquillan_ joined channel #puppet
[2010/06/03 17:19:05] @ Quit: gmcquillan: Ping timeout: 240 seconds
[2010/06/03 17:19:06] @ gmcquillan_ is now known as gmcquillan
[2010/06/03 17:19:10] <xHans> recurse on a directory does up or down? recurse => inf for /opt/some/wierd/path would get everything under path or everything between / and path?
[2010/06/03 17:19:45] <xHans> I would think the former, but some bug reports seemed to indicate the latter was happening and I didn't understand if that was intended or if that was the bug
[2010/06/03 17:21:51] <xHans> also, will it follow soft links?
[2010/06/03 17:23:42] @ Quit: giskard: Ping timeout: 240 seconds
[2010/06/03 17:30:41] @ giskard joined channel #puppet
[2010/06/03 17:32:07] <wakko666> xHans: recurse goes down and gets everything under the path specified.
[2010/06/03 17:32:29] <wakko666> this is very memory intensive and should not be used for large directory structures with lots of files.
[2010/06/03 17:33:00] <xHans> ok
[2010/06/03 17:33:12] <wakko666> if you're pushing more than a dozen or two files, you should be using a package manager, then having puppet just ensure the package is installed.
[2010/06/03 17:33:46] @ overflowpt joined channel #puppet
[2010/06/03 17:34:33] <xHans> do you mean package as in rpm/deb or do you mean some puppet tool?
[2010/06/03 17:36:45] @ Quit: overflowpt: Client Quit
[2010/06/03 17:37:45] @ giskard_ joined channel #puppet
[2010/06/03 17:39:28] @ Quit: giskard: Ping timeout: 265 seconds
[2010/06/03 17:39:39] <Whoop> as in rpm/deb
[2010/06/03 17:39:50] <Whoop> its built for that, no need to reinvent the wheel :)
[2010/06/03 17:40:08] <Whoop> or instead use an exec + rsync
[2010/06/03 17:40:14] <Whoop> transfering files via puppet is icky
[2010/06/03 17:40:33] @ Quit: shenson: Quit: /me taps out
[2010/06/03 17:41:51] @ bug joined channel #puppet
[2010/06/03 17:45:05] @ andrew3 joined channel #puppet
[2010/06/03 17:52:22] @ Quit: notbrien: Quit: notbrien
[2010/06/03 17:53:59] @ \ask_ joined channel #puppet
[2010/06/03 17:54:25] @ Quit: \ask_: Remote host closed the connection
[2010/06/03 17:54:39] @ Transformer joined channel #puppet
[2010/06/03 17:54:40] @ andrew3 left channel #puppet ()
[2010/06/03 17:55:02] @ Quit: giskard_: Ping timeout: 240 seconds
[2010/06/03 17:56:00] @ bodepd joined channel #puppet
[2010/06/03 17:56:12] @ Quit: f3ew: Read error: Connection reset by peer
[2010/06/03 17:56:42] @ f3ew joined channel #puppet
[2010/06/03 17:57:17] @ Quit: \ask: Ping timeout: 248 seconds
[2010/06/03 17:57:27] @ Quit: Transformer: Excess Flood
[2010/06/03 17:57:51] @ Quit: bodepd: Client Quit
[2010/06/03 18:02:27] @ giskard joined channel #puppet
[2010/06/03 18:02:50] <xHans> I'm thinking I'll just make sure whatever recursed the first time doesn't do it again and do some recursive chown, chmod action to fix it
[2010/06/03 18:03:56] <Volcane> fail
[2010/06/03 18:04:10] * xHans takes a bow
[2010/06/03 18:04:19] <xHans> or are you talking about something else?
[2010/06/03 18:05:07] @ Quit: thegcat: Quit: Leaving.
[2010/06/03 18:08:22] @ Quit: emarshall: Quit: emarshall
[2010/06/03 18:08:45] @ bob_ joined channel #puppet
[2010/06/03 18:09:07] @ bob_ is now known as beelzebob
[2010/06/03 18:09:38] @ MarkN joined channel #puppet
[2010/06/03 18:09:57] <Whoop> Think he was talking about your idea? :P
[2010/06/03 18:10:01] <Whoop> Why not just do it right? :)
[2010/06/03 18:10:18] <Whoop> Its not too hard nor time consuming to roll a debian package once you know how, can't speak for rpm but I presume its the same
[2010/06/03 18:13:18] @ MarkN left channel #puppet ()
[2010/06/03 18:15:00] @ giskard_ joined channel #puppet
[2010/06/03 18:15:08] @ Quit: giskard: Ping timeout: 245 seconds
[2010/06/03 18:15:22] @ Quit: bug: Quit: bug
[2010/06/03 18:16:13] @ bodepd joined channel #puppet
[2010/06/03 18:16:41] @ Quit: pheezy: Ping timeout: 265 seconds
[2010/06/03 18:16:43] @ Quit: bodepd: Client Quit
[2010/06/03 18:17:44] @ giskard joined channel #puppet
[2010/06/03 18:19:11] @ Quit: f3ew: Read error: Connection reset by peer
[2010/06/03 18:20:13] @ Quit: giskard_: Ping timeout: 248 seconds
[2010/06/03 18:20:40] <dan__t> So Volcane told me yesterday about using require() inside of classes. I've been using include instead for a very long time. Why not just require() all the way around?
[2010/06/03 18:21:06] @ Quit: allsystemsarego: Quit: Leaving
[2010/06/03 18:21:11] <Volcane> did you read the documentation?
[2010/06/03 18:21:38] @ MarkN joined channel #puppet
[2010/06/03 18:21:43] @ Quit: kaptk2: Quit: Leaving.
[2010/06/03 18:22:07] <dan__t> Of course I did. Is there more to it than the function reference?
[2010/06/03 18:22:48] @ OpenMedia joined channel #puppet
[2010/06/03 18:23:10] @ giskard_ joined channel #puppet
[2010/06/03 18:24:11] @ Quit: giskard: Ping timeout: 258 seconds
[2010/06/03 18:24:32] <dan__t> You expressed a warning against using it, and I haven't been able to qualify that.
[2010/06/03 18:25:19] <Volcane> ah, they removed the big warning text that was in the docs
[2010/06/03 18:25:25] @ Quit: giskard_: Read error: Operation timed out
[2010/06/03 18:25:37] <Volcane> this is the old docs: http://nephilim.ml.org/~rip/puppet/historical/0.25.0/function.html#require
[2010/06/03 18:26:56] <dan__t> hmmm
[2010/06/03 18:27:33] @ MarkN left channel #puppet ()
[2010/06/03 18:27:57] <dan__t> "...because notify imposes a before between.."
[2010/06/03 18:28:00] <dan__t> imposes a... what?
[2010/06/03 18:28:06] <Volcane> relationship
[2010/06/03 18:28:12] <Volcane> require also adds a relationship
[2010/06/03 18:28:18] <Volcane> so you end up with a cycle
[2010/06/03 18:28:23] <Volcane> a depends on b, b depends on a
[2010/06/03 18:29:36] <kjetilho> dan__t: "before" is an alternative way to specify relationship
[2010/06/03 18:29:50] <Volcane> hmm, the warning is still in the code
[2010/06/03 18:29:56] <Volcane> i guess the new doc site just doesnt render it
[2010/06/03 18:31:16] @ Quit: littleidea_: Quit: littleidea_
[2010/06/03 18:31:27] <dan__t> So using a require() effectively adds a require => foo, in any/all resources under the required class/resource?
[2010/06/03 18:31:34] <Volcane> yup
[2010/06/03 18:32:09] @ giskard_ joined channel #puppet
[2010/06/03 18:33:03] <dan__t> I can live witht hat.
[2010/06/03 18:33:08] <dan__t> I guess that's just common sense?
[2010/06/03 18:33:32] @ Quit: steph021: Quit: Leaving
[2010/06/03 18:33:44] @ NDBrendan joined channel #puppet
[2010/06/03 18:33:44] <Volcane> yeah, so just using it instead of include will just cause troubles
[2010/06/03 18:34:56] <dan__t> I discovered recently that a lot of my classes just happened to work, and when they did, it was only maybe 80% of the time.
[2010/06/03 18:35:01] @ Quit: lak: Quit: lak
[2010/06/03 18:35:13] <dan__t> I was using include as a way to set some classes as being requirements for subsequent classes.
[2010/06/03 18:35:25] <Volcane> ah
[2010/06/03 18:35:34] <Volcane> must use require on resources
[2010/06/03 18:35:43] <Volcane> sanest way is just to do
[2010/06/03 18:35:50] <Volcane> require => Class["whatever"]
[2010/06/03 18:35:59] <Volcane> and splitting your modules up into sub classes
[2010/06/03 18:36:04] @ bug joined channel #puppet
[2010/06/03 18:36:31] <dan__t> Right... I think what ultimately messed me up was default resources specifications not being obeyed
[2010/06/03 18:36:40] <dan__t> i.e. FIle { require => Class["someclass"] }
[2010/06/03 18:36:47] <dan__t> Depending on what I was doing, that didn't always work.
[2010/06/03 18:36:58] <Volcane> that works fine but it also has scope just like everything else
[2010/06/03 18:37:13] <dan__t> yea.
[2010/06/03 18:37:28] <dan__t> Ok, well, I'll just require=> the shit out of everything.
[2010/06/03 18:37:45] @ f3ew joined channel #puppet
[2010/06/03 18:38:03] <Volcane> only put it where needed :)
[2010/06/03 18:38:22] <Volcane> no reason to say need to have user joe blogs before some other arbitrary bit of software thats unrelated
[2010/06/03 18:38:45] <dan__t> I can make like cascading requirements and expect that to work, right? classc requires classb, classb requires classa, its reasonable to expect that classa would be an indirect requirement of classc and be satisfied?
[2010/06/03 18:38:47] <Volcane> which sounds insane but happens easily if you go mad with requires
[2010/06/03 18:38:57] <dan__t> Yes.
[2010/06/03 18:39:04] @ Quit: LinuxCode: Quit: Connection Closed
[2010/06/03 18:39:47] <dan__t> There's no reason what I explained shouldn't work.
[2010/06/03 18:40:22] @ Quit: rmiller4pi8: Ping timeout: 265 seconds
[2010/06/03 18:41:42] <Volcane> dan__t: yeah i usually have like ntp::install, ::config and ::service
[2010/06/03 18:41:54] <Volcane> dan__t: stuff in ::service require => Class["ntp::config"]
[2010/06/03 18:41:59] <dan__t> Yeah, that's what I do precisely.
[2010/06/03 18:42:01] <Volcane> ::config requires ::install etc
[2010/06/03 18:42:07] <Volcane> and that sorts itself out fine
[2010/06/03 18:42:36] <dan__t> ok.
[2010/06/03 18:42:55] <dan__t> How do you require? A default for each resource type?
[2010/06/03 18:43:19] <Volcane> if i have mnay of the same, then yes
[2010/06/03 18:43:34] <dan__t> Otherwise, a standard require=> in a resource type?
[2010/06/03 18:43:38] <Volcane> yes
[2010/06/03 18:43:42] <dan__t> Got it.
[2010/06/03 18:43:49] <dan__t> I'm going to refactor this class and see if I can unfsck it.
[2010/06/03 18:43:51] <dan__t> Its real nasty.
[2010/06/03 18:44:02] <dan__t> I wrote it a long time ago, before I really had a clue.
[2010/06/03 18:44:05] <Volcane> you can's say do File{ require ...} \n include foo
[2010/06/03 18:44:09] <dan__t> Well, some would argue that I still don't... heh.
[2010/06/03 18:44:13] <Volcane> and expect file resources in foo to also have the require
[2010/06/03 18:44:15] <dan__t> Yeah.
[2010/06/03 18:44:17] <dan__t> Yes.
[2010/06/03 18:45:00] @ Quit: nb: Quit: ZNC - http://znc.sourceforge.net
[2010/06/03 18:46:20] @ nb joined channel #puppet
[2010/06/03 18:50:02] @ Quit: giskard_: Ping timeout: 276 seconds
[2010/06/03 18:52:32] @ Quit: Determinist: Remote host closed the connection
[2010/06/03 18:53:43] <dan__t> Can I use require=> with your concat::setup and concat::fragment?
[2010/06/03 18:56:13] @ Quit: Filbert: Ping timeout: 252 seconds
[2010/06/03 18:56:59] @ Quit: tecto: Quit: tecto
[2010/06/03 19:01:12] @ bodepd joined channel #puppet
[2010/06/03 19:01:30] <xHans> Whoop: well, I think creating a package just to fix permissions borked by a puppet config isn't the correct option
[2010/06/03 19:01:36] @ freshtonic joined channel #puppet
[2010/06/03 19:02:30] <xHans> I'm going to fix the puppet config, fix the dirs and then worry about some audit scripts when I get some downtime :)
[2010/06/03 19:02:43] @ avocado joined channel #puppet
[2010/06/03 19:04:11] @ Quit: bodepd: Remote host closed the connection
[2010/06/03 19:04:15] @ bodepd joined channel #puppet
[2010/06/03 19:04:40] <Volcane> dan__t: works with any resource
[2010/06/03 19:04:41] @ Determinist joined channel #puppet
[2010/06/03 19:05:19] @ Quit: bodepd: Remote host closed the connection
[2010/06/03 19:05:52] @ bodepd joined channel #puppet
[2010/06/03 19:05:57] <dan__t> hm ok.
[2010/06/03 19:06:30] @ Quit: bodepd: Remote host closed the connection
[2010/06/03 19:07:02] @ bodepd joined channel #puppet
[2010/06/03 19:07:35] @ Quit: Mick27: Quit: This computer has gone to sleep
[2010/06/03 19:07:42] @ Quit: bodepd: Remote host closed the connection
[2010/06/03 19:08:12] @ bodepd joined channel #puppet
[2010/06/03 19:08:52] @ Quit: bodepd: Remote host closed the connection
[2010/06/03 19:09:23] @ bodepd joined channel #puppet
[2010/06/03 19:09:41] <xHans> dan__t: wanna give us a puppet presentation sometime? :)
[2010/06/03 19:10:01] <dan__t> Yep.
[2010/06/03 19:10:03] @ Quit: bodepd: Remote host closed the connection
[2010/06/03 19:10:16] <xHans> east side or west side?
[2010/06/03 19:10:36] @ bodepd joined channel #puppet
[2010/06/03 19:10:44] @ Quit: bodepd: Client Quit
[2010/06/03 19:11:00] <dan__t> you know the answer to that.
[2010/06/03 19:12:07] <xHans> I presume
[2010/06/03 19:13:17] @ alban2 joined channel #puppet
[2010/06/03 19:13:38] @ Quit: RageLink: Ping timeout: 258 seconds
[2010/06/03 19:14:06] @ Quit: Volcane: Ping timeout: 276 seconds
[2010/06/03 19:14:20] @ Volcane joined channel #puppet
[2010/06/03 19:15:37] @ Quit: Roksteady: Ping timeout: 264 seconds
[2010/06/03 19:16:22] <xHans> anytime after this month
[2010/06/03 19:16:40] <xHans> I won't be there in July, but my presence is not required
[2010/06/03 19:16:48] <xHans> I will be back in time for Stammtisch :)
[2010/06/03 19:17:31] <dan__t> Where ya headed?
[2010/06/03 19:17:45] <xHans> UT-US
[2010/06/03 19:18:03] <dan__t> Whyfer?
[2010/06/03 19:18:20] <xHans> clan gathering of sorts :)
[2010/06/03 19:19:44] @ carla joined channel #puppet
[2010/06/03 19:22:55] @ Quit: alfism: Quit: alfism
[2010/06/03 19:23:13] <mrproper_> is there anyway to get around tag ordering (precedence)?, eg using automatic class tagging in other classes reliably
[2010/06/03 19:30:10] @ lak joined channel #puppet
[2010/06/03 19:36:14] @ Quit: paxos: Quit: paxos
[2010/06/03 19:40:06] @ lilmatt joined channel #puppet
[2010/06/03 19:42:23] @ Quit: bug: Quit: bug
[2010/06/03 19:46:38] @ littleidea joined channel #puppet
[2010/06/03 19:51:54] @ Quit: carla: Quit: reboot
[2010/06/03 19:52:10] <dan__t> Volcane, does order of precedence for includes matter?
[2010/06/03 19:52:39] <acrollet> hi folks, relative puppet n00b here - I've got puppet managing nagios fairly nicely, except a host that i no longer have (name changed, actually) is still having nagios checks generated for it.
[2010/06/03 19:52:52] <acrollet> I purged the host record from the db, and there's no mention of the host name anywhere in the confs
[2010/06/03 19:52:55] @ jph98 left channel #puppet ()
[2010/06/03 19:54:24] <acrollet> in case it matters, the host in question is the old name of my puppetmaster, and i can't get puppetd to run on the puppetmaster: getting a connection refused error
[2010/06/03 19:56:01] @ Quit: tonyskapunk: Quit: ERC Version 5.3 (IRC client for Emacs)
[2010/06/03 20:01:08] @ mqr joined channel #puppet
[2010/06/03 20:02:04] @ Quit: StuZZZs: Ping timeout: 264 seconds
[2010/06/03 20:03:03] @ Quit: jab_doa: Quit: Verlassend
[2010/06/03 20:03:28] @ Quit: mqr: Client Quit
[2010/06/03 20:05:08] @ StuZZZs joined channel #puppet
[2010/06/03 20:05:42] @ mqr joined channel #puppet
[2010/06/03 20:06:22] @ Quit: mqr: Client Quit
[2010/06/03 20:06:24] @ Quit: littleidea: Quit: littleidea
[2010/06/03 20:06:44] @ Quit: ona_matt: Ping timeout: 260 seconds
[2010/06/03 20:07:08] @ p3rror joined channel #puppet
[2010/06/03 20:08:30] @ M- joined channel #puppet
[2010/06/03 20:14:30] @ plathrop is now known as plathrop-away
[2010/06/03 20:19:48] @ Quit: tep: Quit: Leaving.
[2010/06/03 20:21:53] @ kolla joined channel #puppet
[2010/06/03 20:30:46] <agaffney> acrollet: sounds like a firewall issue
[2010/06/03 20:33:43] @ cliff-hm joined channel #puppet
[2010/06/03 20:38:02] @ Quit: avocado: Remote host closed the connection
[2010/06/03 20:40:55] @ mqr joined channel #puppet
[2010/06/03 20:42:45] @ Quit: mqr: Client Quit
[2010/06/03 20:50:04] @ Quit: wakko666: Read error: Connection reset by peer
[2010/06/03 20:51:16] @ wakko666 joined channel #puppet
[2010/06/03 20:52:51] <explody> acrollet: check DNS, check your /etc/hosts files, make sure your hostnames everywhere are resolving to the proper IPs
[2010/06/03 20:54:21] <eric0> anyone seen puppetmaster log 'Not authorized to call find on /file_metadata/async/users/user1/directory' even though auth.conf,fileserver.conf, and filesystem permissions seem OK? can't tell if that is an internal error that the server encountered or if its denying a client because of some configuration
[2010/06/03 20:56:23] <explody> http://projects.puppetlabs.com/issues/2803 ?
[2010/06/03 21:00:32] @ Quit: lak: Ping timeout: 265 seconds
[2010/06/03 21:01:09] <eric0> that suggests that the root cause is the file's not found. hmm
[2010/06/03 21:01:47] <explody> it goes a ways deeper than that I think, there's a chain of dup tickets
[2010/06/03 21:02:01] <explody> I didn't read them all though, you may be right
[2010/06/03 21:02:04] <eric0> well the environment one doesn't apply to me
[2010/06/03 21:02:30] <eric0> #3030 is the one i'm looking at
[2010/06/03 21:02:30] <gepetto> eric0: #3030 is http://projects.puppetlabs.com/issues/show/3030 "Puppet - Bug #3030: Insufficiently specific error message when a fileserver module doesn't exist - PuppetLabs.com"
[2010/06/03 21:02:50] @ lak joined channel #puppet
[2010/06/03 21:09:49] <mrproper_> is there anyway to get around tag ordering (precedence)?, eg using automatic class tagging in other classes reliably
[2010/06/03 21:09:50] <acrollet> hosts, DNS are both correct, no firewall involved...
[2010/06/03 21:10:48] <dan__t> Anyone mind taking a peek at this: http://pastebin.com/tpm1JftD
[2010/06/03 21:11:33] @ m6d4 joined channel #puppet
[2010/06/03 21:11:58] <dan__t> line 20 corresponds to line 11 in the pastebin
[2010/06/03 21:12:22] <mrproper_> dan__t, where is helios::primary ?
[2010/06/03 21:13:04] <dan__t> Its specified in that node definition.
[2010/06/03 21:13:52] <mrproper_> dan__t, from the error message it looks like its complaining about line 7 in the pastie
[2010/06/03 21:13:56] <eric0> mrproper_: your name makes me think of 'make mrproper' when a linux kernel compile goes bad...is it intentional?
[2010/06/03 21:14:09] <mrproper_> eric0, correct =)
[2010/06/03 21:14:17] <mrproper_> eric0, zzaaap
[2010/06/03 21:14:22] <dan__t> Correct - I'm sorry - line 20 in the error corresponds to line 7 in pastie, i'm sorry!
[2010/06/03 21:14:30] <dan__t> Yeah I was thnking the same thing haha
[2010/06/03 21:14:49] <mrproper_> dan__t, ok so where is class zabbix defined?, looks like its not in puppet
[2010/06/03 21:15:31] <dan__t> Yeah that's exactly what it looks like. Its in there, its included in another class that is included in the node definition.
[2010/06/03 21:15:35] <dan__t> That's why I'm kind of confused :)
[2010/06/03 21:15:47] <dan__t> godamnit.
[2010/06/03 21:15:52] <dan__t> $)(!@&%$(*)%#
[2010/06/03 21:16:10] <marut> include != import ?
[2010/06/03 21:16:25] <dan__t> zabbix != zabbix-agent
[2010/06/03 21:16:28] <marut> heh
[2010/06/03 21:16:28] <eric0> marut: include > import
[2010/06/03 21:16:41] <dan__t> I'm sorry for wasting your time.
[2010/06/03 21:16:51] <dan__t> And bingo. Perfection.
[2010/06/03 21:16:51] <mrproper_> dan__t, =)
[2010/06/03 21:17:19] <mrproper_> does external nodes solve tag precedence/ordering?
[2010/06/03 21:19:19] <dan__t> That I do not know. External nodes is something I've yet to dive in to, in great detail.
[2010/06/03 21:19:34] <dan__t> A few weeks ago however I was working on LDAP nodes from AD
[2010/06/03 21:19:38] <dan__t> That was kind of neat.
[2010/06/03 21:21:59] @ Quit: f3ew: Ping timeout: 260 seconds
[2010/06/03 21:25:04] <raz> hmmm
[2010/06/03 21:25:23] <dan__t> Ok. Got things working exactly how I want them now.
[2010/06/03 21:25:26] <raz> node 'A' inherits some_class { $foobar = 'batz' }
[2010/06/03 21:25:43] <raz> is there any way to access $foobar inside some_class (more precisely: in a template() that's created inside that class)
[2010/06/03 21:26:00] <dan__t> This big turd of a project... I hate it. Refactored from ~500 lines to about 80, and the class is faster, better able to handle errors, and just works properly.
[2010/06/03 21:26:28] <tuv> 'Note that all cron values can be specified as an array of values' -> does this apply to the user parameter too? user => ["user1","user2","user3"]
[2010/06/03 21:29:02] @ rhyno joined channel #puppet
[2010/06/03 21:31:34] <dan__t> Ok, I'm calling it quits. Have a good night. Thanks again for the help.
[2010/06/03 21:34:04] <tuv> home directory backup cronjob: per-user cronjob vs. one cronjob
[2010/06/03 21:35:23] <tuv> given a list of usernames, how can i deploy one cronjob for each user?
[2010/06/03 21:35:45] @ f3ew joined channel #puppet
[2010/06/03 21:36:02] <eric0> tuv: breezy read through the code , user cannot be an array
[2010/06/03 21:36:50] <tuv> eric0: thank you for the info. i guess a per-user cronjob deployment won't be trivial then
[2010/06/03 21:37:09] <eric0> tuv: for 'macro'-izing stuff in puppet, use 'define'
[2010/06/03 21:37:44] <eric0> i.e...let me make a quick one for you
[2010/06/03 21:37:45] <tuv> hmm.. call the define from within a loop iterating on the list?
[2010/06/03 21:38:12] <eric0> not really a for loop, its not procedural programming
[2010/06/03 21:38:23] <tuv> list.each
[2010/06/03 21:39:13] * tuv waits for eric0's define silently
[2010/06/03 21:39:41] @ Quit: jaredrhine: Ping timeout: 258 seconds
[2010/06/03 21:42:04] @ Quit: lilmatt: Quit: lilmatt
[2010/06/03 21:42:53] <eric0> http://pastie.org/991414
[2010/06/03 21:43:20] <mrproper_> raz, yes <%= foobar %>
[2010/06/03 21:43:34] <raz> mrproper_: hmm last time i tried that didn't work
[2010/06/03 21:43:52] <eric0> then any hosts that need it 'include cron::jobs' in their node definition
[2010/06/03 21:44:07] <mrproper_> raz, example?
[2010/06/03 21:44:10] <raz> mrproper_: sec pastebinning
[2010/06/03 21:45:59] <raz> mrproper_: http://pastie.org/991416
[2010/06/03 21:46:13] <raz> quick and untested, should it work that way? (i.e. should $motdblah be accessible inside the motd template?)
[2010/06/03 21:46:23] <raz> ah sorry, it's meant to say template instead of source
[2010/06/03 21:46:46] @ bug joined channel #puppet
[2010/06/03 21:46:48] <tuv> eric0: so there is no way to avoid calling the define for every user explicitly?
[2010/06/03 21:46:52] <raz> i think last time i tried that didn't work and i was forced to include all my classes after declaring the variables
[2010/06/03 21:49:23] <raz> hmm ya i re-tested
[2010/06/03 21:49:32] <raz> here are non-working vs working side-by-side: http://pastie.org/991422
[2010/06/03 21:50:00] <raz> i'd prefer to somehow stick all those includes in the basenode so i don't have to repeat them in all the nodes
[2010/06/03 21:50:01] <eric0> tuv: dinnae think so. you can use arrays for namevars pretty globally so things like file { ["/foo","/bar","/baz"]: ensure => directory } work , but 'user' isn't namevar for the cron type, it's just a random attribute
[2010/06/03 21:50:06] <tuv> there are conditionals in puppet, but no loops?
[2010/06/03 21:51:32] @ Quit: gmcquillan: Quit: gmcquillan
[2010/06/03 21:52:47] <eric0> essentially true--think of it this way, the whole point of your config structure is to instruct the server how to build up a big list of resources and their attributes (the catalog) custom for each client. once compiled, it sends the catalog down and the client compares its local state to what the catalog says its state ought to be, and makes changes so they are congruent
[2010/06/03 21:53:01] <mrproper_> raz, it should work
[2010/06/03 21:53:29] <raz> mrproper_: hrmm.. strange.. i'll investigate :)
[2010/06/03 21:54:00] <ohadlevy> jamesturnbull: good luck!
[2010/06/03 21:54:03] <eric0> whups, sushi time! bbl
[2010/06/03 21:54:56] <mrproper_> raz, heres an apparent working example from the puppet book: http://pastie.org/991425
[2010/06/03 21:55:29] <raz> mrproper_: ahh, perhaps i have to declare the variable (for a default) in the class to be inherited, i'll try that
[2010/06/03 22:01:08] <raz> mrproper_: hrmm seems to be a template() specific problem
[2010/06/03 22:01:11] @ RageLink joined channel #puppet
[2010/06/03 22:01:15] <raz> content => "$myvar" works
[2010/06/03 22:01:24] <raz> content => template("foo") and then accessing the var in there, does not
[2010/06/03 22:01:29] @ emarshall joined channel #puppet
[2010/06/03 22:01:57] <mrproper_> raz, how are you referencing it in the template
[2010/06/03 22:02:04] <raz> i just put <%= foo %>
[2010/06/03 22:02:23] <raz> i guess i need scope.lookupvar here?
[2010/06/03 22:03:01] <mrproper_> raz, i think thats probably going to be it
[2010/06/03 22:03:22] @ Quit: beelzebob: Ping timeout: 240 seconds
[2010/06/03 22:03:38] <raz> hmmm
[2010/06/03 22:03:45] <raz> but what scope do i use?
[2010/06/03 22:05:14] <mrproper_> raz, <%= scope.lookupvar('basenode::motd') %> pherpas
[2010/06/03 22:05:18] <mrproper_> perhaps even
[2010/06/03 22:06:19] <raz> doesnt work
[2010/06/03 22:06:31] <raz> not even when i use nodename::motd (where nodename is the node where i declare it)
[2010/06/03 22:07:44] <raz> hum... this can't be such an esoteric use case, can it? ;)
[2010/06/03 22:08:18] @ Quit: rhyno: Ping timeout: 276 seconds
[2010/06/03 22:09:25] <raz> ideally i'd want to have only a few $foo=bar lines in my nodes, no includes and such (those should all go to the basenode)
[2010/06/03 22:10:43] <ohadlevy> raz: it might be #2309
[2010/06/03 22:10:44] <gepetto> ohadlevy: raz: #2309 is http://projects.puppetlabs.com/issues/show/2309 "Puppet - Bug #2309: Defined resources are not evaluated immediately which can cause ordering problems - PuppetLabs.com"
[2010/06/03 22:11:32] @ Quit: p3rror: Ping timeout: 272 seconds
[2010/06/03 22:11:37] <raz> hmmm
[2010/06/03 22:16:46] <raz> so here's the whole snippet again: http://pastie.org/991437
[2010/06/03 22:16:51] <raz> can anyone think of a way to make it work?
[2010/06/03 22:17:06] <raz> i tried all sorts of variants to set the variable but to no avail
[2010/06/03 22:17:13] <ohadlevy> raz: use contact
[2010/06/03 22:17:28] <raz> contact?
[2010/06/03 22:17:57] <ohadlevy> raz: http://www.devco.net/archives/2010/02/19/building_files_from_fragments_with_puppet.php
[2010/06/03 22:18:03] @ p3rror joined channel #puppet
[2010/06/03 22:18:21] <tuv> eric0: looks like this can have the effect of a loop: second message http://groups.google.com/group/puppet-users/browse_thread/thread/37c14950687695c8
[2010/06/03 22:18:59] <raz> ohadlevy: ugh, that looks like quite a lot of work. i would have thought putting a var in a template is about the most basic thing?
[2010/06/03 22:19:18] <tuv> i guess then user => $name
[2010/06/03 22:19:27] <ohadlevy> raz: or use extlookup / puppet-lookup
[2010/06/03 22:19:31] <ohadlevy> raz: variable scoping is hell
[2010/06/03 22:19:37] <raz> yea heard about them.. but again.. wtf? ;)
[2010/06/03 22:19:39] <ohadlevy> raz: dont even try
[2010/06/03 22:19:57] <raz> that's sad :<
[2010/06/03 22:20:10] <raz> so i have to write these vars to a file separate of the manifest?
[2010/06/03 22:20:33] <ohadlevy> raz: when you think of it, it actually make sense, data and manifest should not be in the same file
[2010/06/03 22:20:52] <ohadlevy> if you can extract the data out, then your manifest becomes generic
[2010/06/03 22:21:11] <raz> ah c'mon, nodes.pp is full of "data" specific to the deployment. ip addresses, names etc.
[2010/06/03 22:21:25] <ohadlevy> raz: I'm not using a single node statement :)
[2010/06/03 22:22:13] * acrollet is curious how that works
[2010/06/03 22:22:21] <raz> hrm yea
[2010/06/03 22:22:27] <raz> at a glance i can't see how extlookup or puppet-lookup could do that
[2010/06/03 22:22:33] <ohadlevy> read this: http://www.devco.net/archives/2009/08/31/complex_data_and_puppet.php
[2010/06/03 22:22:36] <raz> they merely seem to provide an extlookup() function for puppet?
[2010/06/03 22:23:01] <ohadlevy> raz: i use external nodes in this case
[2010/06/03 22:23:08] <ohadlevy> hence no nodes statements ;)
[2010/06/03 22:23:26] <raz> oh gee... all this only to put a short string into a template? ;)
[2010/06/03 22:23:28] * raz is a bit baffled
[2010/06/03 22:23:57] <ohadlevy> raz: what I'm saying is that inheritance doesnt work well with variables
[2010/06/03 22:24:03] <ohadlevy> raz: so you should avoid it,
[2010/06/03 22:24:09] <acrollet> ohadlevy: neat, thanks
[2010/06/03 22:24:54] <ohadlevy> raz: i personally use foreman to do this kind of work, then the variables are defined per node (so you dont need to override it at all)
[2010/06/03 22:25:34] @ Quit: seanos: Ping timeout: 260 seconds
[2010/06/03 22:25:34] <raz> erm, you generate your manifest files?
[2010/06/03 22:25:57] <ohadlevy> e.g. if in foreman you have a group of hosts called role whatever, it also have a variable called role, and then that gets polled in the motd template
[2010/06/03 22:26:03] <tuv> would this work? http://pastie.org/991445
[2010/06/03 22:26:04] <ohadlevy> raz: no - why?
[2010/06/03 22:26:18] <raz> sorry, i'm just royally confused by now ;)
[2010/06/03 22:27:09] <raz> i.e. what i don't want is to have a separate csv file with hostname;role ... well, that would work, but i kinda like to have it all in one place
[2010/06/03 22:27:29] <ohadlevy> raz: what external nodes / extlookup provide, is to get the right value of the variable for that node
[2010/06/03 22:27:42] <ohadlevy> so you dont need to inherit it at all (hence avoiding the problem)
[2010/06/03 22:28:01] <ohadlevy> i am pretty sure that you can group hosts with extlookup, and for sure you can do it with foreman
[2010/06/03 22:28:06] <ohadlevy> so you define it per group of hosts
[2010/06/03 22:28:13] <ohadlevy> tuv: did you try ? :)
[2010/06/03 22:28:23] <raz> ohadlevy: yea, as i understand it i would put something like <%= extlookup("role") %> in the template. but i'd then have the values for that stored separate from the manifest in a csv no?
[2010/06/03 22:28:47] <ohadlevy> raz: correct, this means you dont need to override the motd at all
[2010/06/03 22:29:05] <ohadlevy> raz: and its quite useful when you think of it, as later on, you might have another role, and you dont need to change your manfiests
[2010/06/03 22:29:14] <ohadlevy> (atleas for motd)
[2010/06/03 22:29:19] <raz> well, the role is just a string...
[2010/06/03 22:29:20] @ Quit: emarshall: Quit: emarshall
[2010/06/03 22:29:37] <raz> so having just $role = "foo" in the node{} seems like the most obvious thing to do
[2010/06/03 22:29:54] @ Quit: p3rror: Ping timeout: 272 seconds
[2010/06/03 22:30:05] <raz> i'd like $motd::role even better, but puppet doesn't like that one at all
[2010/06/03 22:30:20] <raz> i wonder how all those plugins do it that need per-node data
[2010/06/03 22:30:20] <ohadlevy> raz: thats more or less what you get if you use something like foreman
[2010/06/03 22:30:30] <raz> do they really require me to include the plugin in each individual node?
[2010/06/03 22:30:38] <ohadlevy> the problem is that you dont evaluate the variable in the same place you define it
[2010/06/03 22:30:48] <ohadlevy> raz: what do you mean?
[2010/06/03 22:31:49] @ p3rror joined channel #puppet
[2010/06/03 22:31:51] <tuv> ohadlevy: no. it's a lot of work for me to try
[2010/06/03 22:31:59] <raz> ohadlevy: hmm looking at e.g. http://github.com/camptocamp/puppet-postfix
[2010/06/03 22:32:01] <ohadlevy> tuv: it looks ok
[2010/06/03 22:32:11] <raz> it seems the plugins commonly use custom functions to achieve the effect i'm looking for?
[2010/06/03 22:32:29] <ohadlevy> raz: why?
[2010/06/03 22:32:41] <tuv> ohadlevy: i do need '$user = $name
[2010/06/03 22:32:46] <tuv> don't i?
[2010/06/03 22:32:58] <ohadlevy> tuv: if thats what you want :)
[2010/06/03 22:33:19] <raz> well, again, foreman looks like quite a huge beast. i have no idea what fancy things it does, but i'm baffled it takes all this only to be able to inherit a variable to a template? i mean, the same variable works when i say content => "$var" in the exact same place
[2010/06/03 22:33:32] <tuv> ohadlevy: i mean, won't $name get overwritten inside the cron resource by the cron $name?
[2010/06/03 22:33:45] <ohadlevy> tuv: no, i think it should work
[2010/06/03 22:34:03] <ohadlevy> raz: sure :)
[2010/06/03 22:34:22] <ohadlevy> raz: all I'm saying, is that imho, data and manifests should be seperate
[2010/06/03 22:34:47] <tuv> ohadlevy: so i don't need $user = $name, and 'user => $name' inside the cron resource will get the user from the list?
[2010/06/03 22:35:13] <ohadlevy> tuv: the define will be called for each user, $name will represent each user at a time
[2010/06/03 22:35:19] <raz> ohadlevy: that's probably right. but in gods name isn't there a simpler way? ;)
[2010/06/03 22:35:40] <ohadlevy> raz: extlookup / puppet-lookup are really simple, just put a file somewhere, and create some data files :)
[2010/06/03 22:35:50] <ohadlevy> raz: there is a long thread of joining them into puppet core
[2010/06/03 22:35:52] <raz> yea well.. guess i'll have to go that route :(
[2010/06/03 22:35:55] <tuv> ohadlevy: i understand that. but then there is cron {} inside the define, with its own $name. won't cron's $name hide the define's $name?
[2010/06/03 22:36:06] <raz> talk about overkill for writing a one-liner to a file!
[2010/06/03 22:36:22] <Phibs> ohadlevy: yo
[2010/06/03 22:36:23] <Phibs> config/settings.yaml: needs update
[2010/06/03 22:36:23] <Phibs> error: Entry 'config/settings.yaml' not uptodate. Cannot merge.
[2010/06/03 22:36:24] <Phibs> halp :)
[2010/06/03 22:36:29] <ohadlevy> raz:no
[2010/06/03 22:36:59] <ohadlevy> Phibs: http://theforeman.org/projects/foreman/wiki/Troubleshooting
[2010/06/03 22:37:06] <ohadlevy> Phibs: even http://theforeman.org/projects/foreman/wiki/Troubleshooting#error-Entry-some-file-not-uptodate-Cannot-merge
[2010/06/03 22:37:27] <Phibs> thx
[2010/06/03 22:39:19] <ohadlevy> Phibs: just take a note of what you added in the file (e.g. do a git diff config/settings.yaml)
[2010/06/03 22:39:32] <Phibs> duh ;0
[2010/06/03 22:39:34] <Phibs> thx
[2010/06/03 22:39:48] <Phibs> I'm a git newb
[2010/06/03 22:39:52] <Phibs> not retarded though ;0
[2010/06/03 22:40:07] <Phibs> interesting stuff with selecting classes
[2010/06/03 22:40:13] <Phibs> the 'animation' is a bit laggy though
[2010/06/03 22:40:32] <ohadlevy> Phibs: it depends on your browser, as its done on client side (so if your browser is slow...)
[2010/06/03 22:40:40] <Phibs> ah
[2010/06/03 22:40:43] <Phibs> its better in chrome for sure
[2010/06/03 22:40:50] <Phibs> not bad though
[2010/06/03 22:40:54] <Phibs> keep up the good work sir!
[2010/06/03 22:40:58] <ohadlevy> Phibs: hopefully better :)
[2010/06/03 22:41:02] <Phibs> hehe
[2010/06/03 22:41:03] <ohadlevy> did you try the search options?
[2010/06/03 22:42:36] <Phibs> hmm
[2010/06/03 22:43:15] <Phibs> oh nice
[2010/06/03 22:43:15] <Phibs> !
[2010/06/03 22:43:17] <Phibs> love it
[2010/06/03 22:43:23] <ohadlevy> :)
[2010/06/03 22:43:27] <raz> ohadlevy: urgh. this seems like the dirty secret of puppet. looking at the postfix plugin it seems this is really how people are doing it - they include those plugins in every single node! http://github.com/camptocamp/puppet-postfix/blob/master/manifests/definitions/config.pp
[2010/06/03 22:43:30] <ohadlevy> and the mulitple selections?
[2010/06/03 22:44:03] <Phibs> eh?
[2010/06/03 22:44:04] <Phibs> tabs nice too
[2010/06/03 22:44:52] <tuv> ohadlevy: there is cron {} inside the define, with its own $name. won't cron's $name hide the define's $name?
[2010/06/03 22:45:03] <ohadlevy> tuv: I think not - try it :)
[2010/06/03 22:45:07] <ohadlevy> Phibs: which tabs?
[2010/06/03 22:45:24] <Phibs> ohadlevy: 'save as tab' for search
[2010/06/03 22:45:29] <ohadlevy> ah yeah
[2010/06/03 22:45:39] <Phibs> yeahou wrote it ;0
[2010/06/03 22:45:42] <Phibs> er you wrote it ;0
[2010/06/03 22:45:56] <ohadlevy> Phibs: really need to get the new release out, too many changes :)
[2010/06/03 22:47:59] <Phibs> Im using dev I dun care about relase ;0
[2010/06/03 22:48:31] <ohadlevy> Phibs: did you try editing multiple hosts?
[2010/06/03 22:48:43] <Phibs> hmm
[2010/06/03 22:48:43] <Phibs> no
[2010/06/03 22:48:56] <Phibs> nice.
[2010/06/03 22:48:58] <Phibs> just tried it
[2010/06/03 22:49:30] <ohadlevy> can probably add support for many other actions (e.g. puppet run etc)
[2010/06/03 22:49:56] @ rmiller4pi8 joined channel #puppet
[2010/06/03 22:50:21] <ohadlevy> Phibs: got any nice screenshots to share? the screenshot needs to be updated
[2010/06/03 22:50:33] <Phibs> not really
[2010/06/03 22:50:41] <Phibs> we have < 100 hosts
[2010/06/03 22:50:42] <Phibs> not that impressive:(
[2010/06/03 22:50:47] <Phibs> although, what do you want ?
[2010/06/03 22:51:10] <ohadlevy> have a look on the current screenshots, if you think you have a better one... :)
[2010/06/03 22:51:13] <Phibs> ok
[2010/06/03 22:51:38] <Phibs> hmm those arent bad
[2010/06/03 22:52:30] <Phibs> some of my hostnames give away cust names :(
[2010/06/03 22:58:37] @ rmiller4pi81 joined channel #puppet
[2010/06/03 22:58:37] @ Quit: rmiller4pi8: Read error: Connection reset by peer
[2010/06/03 22:59:34] <ohadlevy> Phibs: if you have time, can you give http://github.com/ohadlevy/dish a try?
[2010/06/03 23:01:17] <ohadlevy> Phibs: I'm considering of adding it into foreman
[2010/06/03 23:04:48] @ Quit: ahuman: Remote host closed the connection
[2010/06/03 23:06:23] @ ahuman joined channel #puppet
[2010/06/03 23:07:11] <raz> ohadlevy: stupid question, how do i install extlookup.rb? (where do i put it?)
[2010/06/03 23:07:26] <ohadlevy> raz: you use 0.25 or 0.24.x?
[2010/06/03 23:07:50] <raz> 0.25.4
[2010/06/03 23:08:02] <ohadlevy> look inside the file
[2010/06/03 23:08:04] <ohadlevy> there are instructions
[2010/06/03 23:08:41] <raz> hmm it doesn't tell me where to put the rb file
[2010/06/03 23:08:43] <raz> unless i'm blind
[2010/06/03 23:08:52] <ohadlevy> raz: you use modules right?
[2010/06/03 23:09:15] <raz> not yet, but i'm not against them in any way ;)
[2010/06/03 23:09:24] <ohadlevy> so put it in $libdir/puppet/parser/functions
[2010/06/03 23:09:39] <ohadlevy> (where libdir is defined in puppet.conf)
[2010/06/03 23:10:01] <raz> not defined there, yet
[2010/06/03 23:10:07] <raz> do i just point that to /etc/puppet/lib?
[2010/06/03 23:10:29] <ohadlevy> its usually ~puppet/lib
[2010/06/03 23:12:04] <raz> how do i use extlookup from inside a template?
[2010/06/03 23:12:12] <raz> <%= extlookup("foo") %> doesnt work
[2010/06/03 23:12:48] <ohadlevy> either use in your manifest: $var = extlookup("foo")
[2010/06/03 23:12:56] @ jaredrhine joined channel #puppet
[2010/06/03 23:13:02] <ohadlevy> or i think you can do scope.function('extlookup...)
[2010/06/03 23:13:12] <ohadlevy> probably the first approach is better
[2010/06/03 23:13:28] <ohadlevy> as it makes it more readable that some data is fetched externally
[2010/06/03 23:13:41] <raz> well.. if i do that in my manifest then i have the exact same scoping problem as before ;)
[2010/06/03 23:14:00] <ohadlevy> raz: nop
[2010/06/03 23:14:10] @ Quit: pting: Quit: Ex-Chat
[2010/06/03 23:14:14] <ohadlevy> raz: because you define it next to the file resource, not in another class
[2010/06/03 23:14:43] <raz> hmm makes sense
[2010/06/03 23:15:57] <raz> ugh
[2010/06/03 23:16:02] <raz> it didn't find the func hmm
[2010/06/03 23:16:15] <ohadlevy> did you restart your master?
[2010/06/03 23:16:23] <ohadlevy> (when adding functions you need to)
[2010/06/03 23:16:32] <ohadlevy> and double check its in the right place
[2010/06/03 23:16:50] <ohadlevy> e.g. ~puppet/lib/puppet/parser/functions/
[2010/06/03 23:16:57] <raz> [puppetmasterd]
[2010/06/03 23:16:58] <raz> libdir=/etc/puppet/lib
[2010/06/03 23:17:08] <raz> ls /etc/puppet/lib/parser/functions/extlookup.rb
[2010/06/03 23:17:23] <raz> aah lib/puppet
[2010/06/03 23:17:24] @ Quit: p3rror: Ping timeout: 272 seconds
[2010/06/03 23:17:36] <ohadlevy> raz: it should be /etc/puppet/lib/puppet/parser/functions
[2010/06/03 23:18:06] @ varworld joined channel #puppet
[2010/06/03 23:18:27] <raz> okay func found
[2010/06/03 23:18:32] <raz> now i need to make it find the data ;)
[2010/06/03 23:19:12] <ohadlevy> raz: gee all for a simple motd file ;)
[2010/06/03 23:19:26] <raz> indeed hehe
[2010/06/03 23:20:14] <raz> hum
[2010/06/03 23:20:14] <raz> so now it's thinking really long and hard
[2010/06/03 23:20:47] @ p3rror joined channel #puppet
[2010/06/03 23:21:09] <raz> now it hangs at
[2010/06/03 23:21:10] <raz> info: Retrieving plugins
[2010/06/03 23:22:05] <raz> with --debug ..
[2010/06/03 23:22:09] <raz> debug: Retrieving catalog
[2010/06/03 23:22:09] <raz> debug: Calling puppetmaster.getconfig
[2010/06/03 23:22:14] <raz> there it hangs forever
[2010/06/03 23:22:23] <ohadlevy> anything on the master log?
[2010/06/03 23:22:32] <raz> ah
[2010/06/03 23:22:45] <raz> puppetmasterd[13359]: Failed to parse template
[2010/06/03 23:22:53] <raz> wow, that makes it hang? :P
[2010/06/03 23:23:35] <raz> omg
[2010/06/03 23:23:38] <raz> after fixing the template IT WORKS!
[2010/06/03 23:23:43] <raz> thank you! ;)
[2010/06/03 23:24:10] @ Quit: acrollet: Quit: acrollet
[2010/06/03 23:24:32] <ohadlevy> :)
[2010/06/03 23:31:43] @ AlexLuya joined channel #puppet
[2010/06/03 23:32:28] @ pinoyskull joined channel #puppet
[2010/06/03 23:34:26] <mrproper_> can you look up another nodes variables in a template?
[2010/06/03 23:35:00] <mrproper_> nvm that question...silly
[2010/06/03 23:35:43] <raz> hrm
[2010/06/03 23:35:52] <raz> how do i put a literal , into those CSVs ;)
[2010/06/03 23:36:00] <raz> \, didn't work
[2010/06/03 23:36:12] <raz> n/m
[2010/06/03 23:36:13] <mrproper_> is there anyway to get around tag ordering (precedence)?, eg using automatic class tagging in other classes reliably
[2010/06/03 23:36:14] <raz> ""
[2010/06/03 23:40:38] <raz> hum stupid 5am erb question
[2010/06/03 23:40:49] <raz> how do i get at a variable again when i have only the name in a string?
[2010/06/03 23:40:57] <raz> i.e. i have foo = "bar"
[2010/06/03 23:41:01] <raz> and i need <%= bar %>
[2010/06/03 23:41:22] <ohadlevy> is bar another variable?
[2010/06/03 23:41:30] <raz> no, i need to resolve foo
[2010/06/03 23:41:36] <raz> <%= $foo %> so to say
[2010/06/03 23:41:44] <ohadlevy> <%= foo %>
[2010/06/03 23:41:47] <raz> or erm, yes, bar is another variable
[2010/06/03 23:41:57] <ohadlevy> <%= eval foo %>
[2010/06/03 23:41:58] <mrproper_> raz, dont see your point
[2010/06/03 23:42:20] <raz> eval did the trick, thx
[2010/06/03 23:47:40] @ Quit: bug: Quit: bug
[2010/06/03 23:48:41] @ bug joined channel #puppet
[2010/06/03 23:49:43] @ Quit: Bass10: Quit: Leaving
[2010/06/03 23:50:26] @ Quit: m6d4: Quit: Leaving.
[2010/06/03 23:50:36] @ littleidea joined channel #puppet
[2010/06/03 23:53:18] @ Quit: pinoyskull: Ping timeout: 260 seconds
[2010/06/03 23:54:16] @ Quit: varworld: Quit: varworld
[2010/06/03 23:54:16] @ mqr joined channel #puppet

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!