Friday, 2010-06-04

[2010/06/04 00:00:56] @ Log started by gepetto
[2010/06/04 00:00:56] <tuv> hmm.. per-user cronjobs: difficult to avoid time collisions. single cronjob: incorrect permissions.
[2010/06/04 00:01:31] <tuv> use su in the cron script?
[2010/06/04 00:02:19] @ emarshall joined channel #puppet
[2010/06/04 00:04:08] @ Quit: emarshall: Client Quit
[2010/06/04 00:04:54] @ seanos joined channel #puppet
[2010/06/04 00:05:37] @ pinoyskull joined channel #puppet
[2010/06/04 00:06:19] @ emarshall joined channel #puppet
[2010/06/04 00:06:37] @ Quit: emarshall: Client Quit
[2010/06/04 00:15:19] @ Quit: AlexLuya: Remote host closed the connection
[2010/06/04 00:15:49] @ \ask joined channel #puppet
[2010/06/04 00:28:34] * tuv decides to use a single cronjob run by the backup user
[2010/06/04 00:40:06] @ Quit: littleidea: Quit: littleidea
[2010/06/04 00:41:25] @ OpenMedia left channel #puppet ()
[2010/06/04 00:44:58] @ alienzero joined channel #puppet
[2010/06/04 00:46:53] @ Quit: ahuman: Remote host closed the connection
[2010/06/04 00:48:40] @ WALoeIII joined channel #puppet
[2010/06/04 01:01:12] @ littleidea joined channel #puppet
[2010/06/04 01:08:14] @ Quit: vzctl_: Remote host closed the connection
[2010/06/04 01:08:29] @ yuliangli joined channel #puppet
[2010/06/04 01:09:43] @ Quit: yuliangli: Read error: Connection reset by peer
[2010/06/04 01:12:11] <kjetilho> tuv: what did you mean, tim e collisions?
[2010/06/04 01:12:37] @ yuliangli joined channel #puppet
[2010/06/04 01:18:53] <tuv> kjetilho: i don't want the cron jobs to run at the same time, and don't want to explicitly manage each job's time
[2010/06/04 01:20:08] <dan__t> hi.
[2010/06/04 01:20:25] <tuv> i'm still not sure whether i should: 1) run the cronjob as root and su to each user to back up their home, or 2) run the cronjob as the backup user and allow him to ssh as each user in their authorized_keys
[2010/06/04 01:20:43] @ nexx joined channel #puppet
[2010/06/04 01:24:15] <tuv> ideally, i'd like to have each user's backup initiated by their own crontab as themselves. but that's too much hassle to setup
[2010/06/04 01:24:39] <kjetilho> tuv: use fqdn_rand with different seeds to set the time
[2010/06/04 01:24:59] <kjetilho> e.g., minute => fqdn_rand(60, "foo-job")
[2010/06/04 01:25:30] @ Quit: ohadlevy: Quit: ZNC - http://znc.sourceforge.net
[2010/06/04 01:27:46] <tuv> kjetilho: actually i'm leaning towards a dedicated new backup user, e.g. home-backup. the only complication there is to add its ssh key to each user's authorized_keys
[2010/06/04 01:28:27] @ yuliangli1 joined channel #puppet
[2010/06/04 01:28:34] @ yuliangli1 left channel #puppet ()
[2010/06/04 01:29:32] @ Quit: lak: Quit: lak
[2010/06/04 01:29:43] @ Quit: yuliangli: Ping timeout: 245 seconds
[2010/06/04 01:30:41] @ Quit: alienzero: Quit: Bye
[2010/06/04 01:31:16] <raz> hrm
[2010/06/04 01:31:22] <raz> anyone using the munin module?
[2010/06/04 01:31:41] <raz> it gives me this error on 0.25.4: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not find resource type modules_dir at /etc/puppet/modules/munin/manifests/init.pp:21
[2010/06/04 01:31:59] <raz> and this one on 0.24.5: err: Could not retrieve catalog: Unknown function gsub at /etc/puppet/modules/munin/manifests/plugin.pp:171
[2010/06/04 01:32:06] <raz> i don't like either very much ;)
[2010/06/04 01:36:16] <raz> ah ok the latter can be ignored, that was related to storedconfigs
[2010/06/04 01:36:29] @ benoit_ joined channel #puppet
[2010/06/04 01:36:32] <raz> so whats up with this:
[2010/06/04 01:36:34] <raz> Error 400 on SERVER: Unknown function gsub at /etc/puppet/modules/munin/manifests/plugin.pp:171
[2010/06/04 01:36:56] <raz> is gsub something old puppet supported but that went away? (the munin module is from 2008 it seems)
[2010/06/04 01:39:35] <raz> n/m
[2010/06/04 01:39:37] <raz> got it
[2010/06/04 01:47:08] * tuv considers using the ssh::auth recipe
[2010/06/04 01:47:22] <tuv> or pattern, rather
[2010/06/04 01:49:04] <raz> hrmbl
[2010/06/04 01:49:17] <raz> anyone know what could be wrong when puppet fails to detect the distro release flavour for debian?
[2010/06/04 01:49:28] <raz> the munin module complains: Could not find template 'munin/munin-node.conf.Debian.
[2010/06/04 01:49:46] <raz> note that after the dot there should be "lenny" .. but it seems to be unable to figure that out
[2010/06/04 01:52:32] <raz> ahh got it, lsb-release package was needed
[2010/06/04 01:59:13] <raz> hurmm...
[2010/06/04 01:59:16] <raz> anyone have an idea about this one:
[2010/06/04 01:59:17] <raz> err: //common/File[/var/lib/puppet/modules]: Failed to generate additional resources during transaction: Mounts without paths are not usable
[2010/06/04 01:59:24] <raz> it's the first in a long chain of similar ones
[2010/06/04 02:01:57] @ ohadlevy joined channel #puppet
[2010/06/04 02:12:59] @ Quit: Chiku: Quit: Quitte
[2010/06/04 02:15:03] @ ckauhaus joined channel #puppet
[2010/06/04 02:27:25] @ Quit: ckauhaus: Ping timeout: 272 seconds
[2010/06/04 02:30:24] @ allsystemsarego joined channel #puppet
[2010/06/04 02:33:29] @ ckauhaus joined channel #puppet
[2010/06/04 02:37:06] @ Quit: nevyn: Ping timeout: 260 seconds
[2010/06/04 02:38:34] @ Hollow_ is now known as Hollow
[2010/06/04 02:38:41] @ nevyn joined channel #puppet
[2010/06/04 02:42:11] @ sdog joined channel #puppet
[2010/06/04 02:42:59] @ Quit: elementai: Quit: Lost terminal
[2010/06/04 02:43:55] <\|Mike\|> morning.
[2010/06/04 02:44:39] @ emarshall joined channel #puppet
[2010/06/04 02:45:35] @ Quit: sdog: Changing host
[2010/06/04 02:45:35] @ sdog joined channel #puppet
[2010/06/04 02:48:19] @ Quit: ckauhaus: Ping timeout: 272 seconds
[2010/06/04 02:49:16] @ giskard joined channel #puppet
[2010/06/04 02:54:40] @ Quit: giskard: Ping timeout: 265 seconds
[2010/06/04 02:54:49] @ Quit: Desdic: Remote host closed the connection
[2010/06/04 02:59:15] @ Chiku joined channel #puppet
[2010/06/04 03:00:31] @ giskard joined channel #puppet
[2010/06/04 03:00:49] @ Quit: giskard: Remote host closed the connection
[2010/06/04 03:02:22] @ elementai joined channel #puppet
[2010/06/04 03:13:45] @ Ramonster joined channel #puppet
[2010/06/04 03:13:50] @ TREllis joined channel #puppet
[2010/06/04 03:13:58] @ ckauhaus joined channel #puppet
[2010/06/04 03:22:48] @ giskard joined channel #puppet
[2010/06/04 03:25:35] @ Quit: f3ew: Read error: Connection reset by peer
[2010/06/04 03:26:44] @ verwilst joined channel #puppet
[2010/06/04 03:28:20] @ Quit: \ask: Remote host closed the connection
[2010/06/04 03:33:43] @ jab_doa joined channel #puppet
[2010/06/04 03:37:07] @ shug joined channel #puppet
[2010/06/04 03:39:30] @ Quit: emarshall: Quit: emarshall
[2010/06/04 03:41:47] @ Quit: ckauhaus: Quit: Leaving.
[2010/06/04 03:44:04] @ Quit: jab_doa: Quit: Verlassend
[2010/06/04 03:44:14] @ f3ew joined channel #puppet
[2010/06/04 03:46:43] @ Quit: M-: Quit: Leaving
[2010/06/04 03:47:16] @ Quit: Cuchulain: Ping timeout: 276 seconds
[2010/06/04 03:55:19] @ Welsh_Dwarf joined channel #puppet
[2010/06/04 03:55:26] @ kenneho joined channel #puppet
[2010/06/04 04:05:29] @ MattyM joined channel #puppet
[2010/06/04 04:05:59] @ ckauhaus joined channel #puppet
[2010/06/04 04:09:16] @ Quit: freshtonic: Quit: freshtonic
[2010/06/04 04:11:29] <tuv> will the ssh_authorized_key resource access the $HOME/.ssh/authorized_keys file every time puppetd is run (every 30 minutes) ? shit
[2010/06/04 04:11:30] @ DavidS joined channel #puppet
[2010/06/04 04:11:31] @ Quit: noyb: Quit: No, it's not Winblows... I actually wanted to quit.
[2010/06/04 04:16:35] <Volcane> it accesses everything for every resources every 30 minutes
[2010/06/04 04:16:48] <Volcane> cos it captures current state, compare, fix if needed
[2010/06/04 04:18:46] <tuv> i have automounted home directories. this will render them static (always mounted) which i absolutely do not want
[2010/06/04 04:18:56] <Volcane> heh
[2010/06/04 04:19:05] <whack> you should only do that on your filer then
[2010/06/04 04:19:12] <whack> actually
[2010/06/04 04:19:22] <whack> you can also move the location of authorized_keys
[2010/06/04 04:19:35] <whack> AuthorizedKeysFile /etc/ssh/authorized-keys/%u.pub
[2010/06/04 04:19:37] <whack> that's what I use.
[2010/06/04 04:20:27] <FiXion> I was wondering - do any of you use puppet to solve the problem of debian and derivates (ubuntu) needs a hosts file with <official ip> <hostname.fqdn> <hostname> - for apache to not complain on restart
[2010/06/04 04:20:28] <tuv> whack: and deploy the /etc/ssh/authorized-keys dir. on every machine?
[2010/06/04 04:20:37] <FiXion> ie. so hostname -f works properly
[2010/06/04 04:20:49] <whack> tuv: yep, or specifically to machines that need any given ssh key
[2010/06/04 04:21:05] <whack> alternately, you could have something outside puppet that syncs ssh keys to your filer
[2010/06/04 04:21:12] <tuv> whack: can users still add new keys?
[2010/06/04 04:21:30] <FiXion> I'd like to let puppet insert/update the relevant line in hosts file - but if I use eth0 - and some host hasn't set eth0 (but eth2 f.ex.) - it would fail
[2010/06/04 04:21:30] <whack> tuv: what I do is have all pubkeys in SVN
[2010/06/04 04:21:43] <whack> if people want to change their keys, they svn commit and puppet updates them
[2010/06/04 04:22:03] <FiXion> and I'd rather do a reverse lookup on the hostname (+ relevant search domains) and use that
[2010/06/04 04:22:17] <whack> FiXion: there's probably a fact for that.
[2010/06/04 04:22:48] <whack> or if not, writign one would be pretty straight forward
[2010/06/04 04:26:12] * FiXion starts to look through facts :)
[2010/06/04 04:30:10] @ Quit: ckauhaus: Ping timeout: 276 seconds
[2010/06/04 04:41:12] @ ckauhaus joined channel #puppet
[2010/06/04 04:50:06] <fluxdud3> is it possible to have puppet not auto deploy to boxes but to trigger updates on boxen in batches across the infrastructure
[2010/06/04 04:50:08] <fluxdud3> ?
[2010/06/04 04:50:19] @ fluxdud3 is now known as fluxdude
[2010/06/04 04:50:34] @ Quit: fluxdude: Changing host
[2010/06/04 04:50:34] @ fluxdude joined channel #puppet
[2010/06/04 04:51:28] <fluxdude> one of my new colleagues deployed to our puppet master for the first time yesterday and caused an outage because he had different timestamps and different svn headers in _all_ the files
[2010/06/04 04:51:31] <fluxdude> oh dear indeed
[2010/06/04 04:51:48] <fluxdude> so we now want updates to not happen automatically but in a controlled batch by batch process
[2010/06/04 04:51:57] <fluxdude> so we trigger groups in to updating
[2010/06/04 04:52:03] <fluxdude> thinking of using puppetrun
[2010/06/04 04:52:17] <fluxdude> but this is one extra daemon running on the boxen which I have previously avoided
[2010/06/04 04:54:34] <Volcane> fluxdude: you need to use some other tool to run the scheduling then like mcollective or a script with puppetrun
[2010/06/04 04:56:46] @ thegcat joined channel #puppet
[2010/06/04 04:57:48] <fluxdude> Volcane: yeah that's what I was thinking
[2010/06/04 04:57:51] <fluxdude> sucks though
[2010/06/04 04:58:19] <Volcane> could also use something like environments to promote boxes in groups to the next production release and then run them :)
[2010/06/04 04:58:23] <fluxdude> I liked the automation that stuff just worked
[2010/06/04 04:58:47] <fluxdude> I do have environment support but the problem is that some things will still break with the auto updates
[2010/06/04 04:59:19] <fluxdude> my colleague deployed the svn tree with all the headers changed because he checked it out with a different url so the $URL$ header was different in every file, causing mass re-deployments and outage
[2010/06/04 04:59:37] <fluxdude> we've standardized the check out path now and added a safety in to our deployment script
[2010/06/04 04:59:45] <Volcane> ah, using headers like that is a terrible idea, always said that :)
[2010/06/04 04:59:46] <fluxdude> but we still don't want all boxes to auto update
[2010/06/04 05:00:00] <fluxdude> hence why we're considering stopping auto updates
[2010/06/04 05:00:07] <fluxdude> Volcane: very useful though
[2010/06/04 05:00:28] <fluxdude> otherwise how do we know where a file came from and if it's up to date and who changed it last etc?
[2010/06/04 05:00:40] <fluxdude> where in the tree it comes from is important too
[2010/06/04 05:01:26] <Volcane> parselocalconfig.rb
[2010/06/04 05:01:26] <Volcane> file{/etc/aliases: }
[2010/06/04 05:01:27] <Volcane> defined in common/modules/puppet/manifests/init.pp:83
[2010/06/04 05:02:14] <Volcane> not perfect obviously
[2010/06/04 05:03:34] @ Quit: the\|herbivore: Read error: Operation timed out
[2010/06/04 05:05:21] <fluxdude> Volcane: yeah but the actual file contents itself could be different and that only tells you what manifest was support to deploy it
[2010/06/04 05:05:27] <fluxdude> there isn't really a good answer for this
[2010/06/04 05:05:34] <fluxdude> I am keeping all the svn headers at the moment
[2010/06/04 05:05:35] @ Quit: littleidea: Quit: littleidea
[2010/06/04 05:05:40] <fluxdude> the deploy script has the safety
[2010/06/04 05:05:59] <fluxdude> to check for url difference due to using a different checkout url
[2010/06/04 05:06:23] <fluxdude> however, there is one more bug, where when you svn mv something, your copy gets the latest rev number, but all other checks keep the last modified number
[2010/06/04 05:06:34] <fluxdude> only thing to do is to rm -fr the dir and then svn up
[2010/06/04 05:06:38] <fluxdude> annoying, almost a bug in svn
[2010/06/04 05:09:48] <Volcane> why is all this information so impotant on the nodes? I've never really needed to know these things
[2010/06/04 05:10:26] <fluxdude> Volcane: I find it helpful to see who wrote this, when, where to find it etc...
[2010/06/04 05:10:42] <fluxdude> that way if you're debugging a node, you can see what it has is correct and who is responsible for the last change etc
[2010/06/04 05:11:09] <Volcane> sound like you're trying to avoid using tools like svn annotate and maybe have a badly structured puppet manifest
[2010/06/04 05:11:10] <fluxdude> Volcane: it might not matter if only I was puppeting but now the new guys wants to fiddle it's even more important
[2010/06/04 05:11:19] <Volcane> and so instead of fixing that you're introducing all this unneeded information on nodes
[2010/06/04 05:11:28] <fluxdude> Volcane: how many people fiddle with your puppet infrastructure and how do you manage this?
[2010/06/04 05:11:28] <Volcane> which is fragile and hacky
[2010/06/04 05:11:36] <Volcane> fluxdude: quite a lot
[2010/06/04 05:11:59] <fluxdude> Volcane: svn annotate only tells you in a working copy
[2010/06/04 05:12:08] <fluxdude> the config files on nodes are not working copies
[2010/06/04 05:12:23] <fluxdude> you'd have to copy the files back to a working copy on your workstation to see if they're different and then svn annotate
[2010/06/04 05:12:25] <fluxdude> locallyh
[2010/06/04 05:12:29] <Volcane> yes i am saying u probably dont need all this on a node
[2010/06/04 05:13:02] <Volcane> cos if you're doing that level of debugs on nodes that are config managed you have problems elsewhere in how the configs got on those nodes
[2010/06/04 05:13:24] * matti hails to Volcane!
[2010/06/04 05:13:31] <Volcane> its just an indicator that there's some other optimisation lacking in your process
[2010/06/04 05:13:49] <Volcane> and your patching it with bunch of commit hook logic whcih will never catch all cases
[2010/06/04 05:14:08] <fluxdude> Volcane: actually normally you'd be right and the things are just up to date and we don't really need the headers, we can just assume they are up to date
[2010/06/04 05:14:29] <fluxdude> but then if you don't auto update then we have no way of knowing if they're up to date other than triggering a puppetrun
[2010/06/04 05:14:56] <Volcane> if you're moving to not auto updating then u need to move to tagged releases
[2010/06/04 05:15:05] <Volcane> and u can make the tag your deploying clearly visible in say a motd
[2010/06/04 05:15:36] <Volcane> you cant be not auto releasing and just rolling out trunk - just not all the time, if u have more than a few boxen thats just madness
[2010/06/04 05:20:57] <fluxdude> Volcane: so you're saying we should use environments and just have everything on production and then use dev and only copy over when we are sure?
[2010/06/04 05:21:04] <fluxdude> lots of svn cp ...
[2010/06/04 05:21:17] @ cynicismic joined channel #puppet
[2010/06/04 05:21:36] <fluxdude> have been avoiding use environments cos it slows everything down and I generally don't make mistakes
[2010/06/04 05:21:47] <fluxdude> I'll have to enforce this then
[2010/06/04 05:21:59] <fluxdude> for the sake of the team
[2010/06/04 05:22:25] <fluxdude> the thing I don't like about tags is that while it takes no space in the repo, on my little laptop it chews up all the disk space
[2010/06/04 05:22:33] <fluxdude> and then my laptop runs out of space
[2010/06/04 05:22:41] <fluxdude> guess I have to get a bigger laptop
[2010/06/04 05:23:12] <Volcane> fluxdude: need a better version manager :)
[2010/06/04 05:23:43] <Volcane> fluxdude: i am saying you probably need to go to a space where what defines 'production' environment for a specific node changes over time
[2010/06/04 05:23:47] <fluxdude> yeah but you know what it's like in an agile environment, they want everything deployed yesterday
[2010/06/04 05:23:51] @ ohadlevy left channel #puppet ()
[2010/06/04 05:24:37] <Volcane> fluxdude: then thats not in line with staged/bundled/slower deploys
[2010/06/04 05:24:54] <fluxdude> Volcane: i know, what the f do I do?
[2010/06/04 05:25:03] <Volcane> heh
[2010/06/04 05:25:10] <fluxdude> people think that puppet's the holy grail and can deploy our infrastructure in 5 minutes
[2010/06/04 05:25:24] <fluxdude> dev/staging/prod just slows everything down
[2010/06/04 05:25:24] <Volcane> it solves the technology problem
[2010/06/04 05:25:38] <Volcane> technology though is about 1% of the 'deploy in 5 minutes' problem
[2010/06/04 05:25:50] <fluxdude> yeah but they say things like, ok that's ok, we'll give you a jar and you can just roll it out in 2 minutes"!
[2010/06/04 05:25:58] <fluxdude> devs...
[2010/06/04 05:26:00] * fluxdude sighs
[2010/06/04 05:26:28] <fluxdude> never mind rpm building and putting it in our repos, updating the puppet script to the new version etc
[2010/06/04 05:26:31] <Volcane> you either designed to be able to do that - probably not using puppet for app deploys but only for configs - or you didnt
[2010/06/04 05:26:35] <fluxdude> (or setting latest which I don't like)
[2010/06/04 05:26:44] <Volcane> and whichever approach you tok needs management/business/process/company buy in
[2010/06/04 05:26:49] <Volcane> thats the much harder part
[2010/06/04 05:27:23] <Volcane> to avoid bad expectations from existing 'we can deploy a jar in 5 minutes, that means we can do it 5 times an hour' you can do that, but u need to have designed MASSIVE amounts of process to back that up
[2010/06/04 05:27:39] <robinbowes> Morning all
[2010/06/04 05:27:46] <Volcane> if you dont have that, and people still thinks a deploy takes 2 minutes, then there's been a false expectation set
[2010/06/04 05:27:55] <nevyn> nothing can be done in 2 minutes.
[2010/06/04 05:28:36] <Volcane> nevyn: i can upgrade puppet to the next version on 100 machines in 60 seconds. but thats cos i designed everything to enable that
[2010/06/04 05:28:50] <Volcane> nevyn: i mean say go from puppet 0.25.4 to 0.25.5
[2010/06/04 05:28:53] <nevyn> right.
[2010/06/04 05:29:03] <nevyn> but how much effort did it take you to write the change.
[2010/06/04 05:29:09] <nevyn> get it through change management
[2010/06/04 05:29:14] <nevyn> explain it to a cab.
[2010/06/04 05:29:21] <nevyn> write the rollback plan.
[2010/06/04 05:29:31] <Volcane> nevyn: but however the whole thing doesnt take 2 minutes - there's a lot of testing in devel etc, and lots of infrastrcture in place and lots of processs and rc testing and shit leading up to that 2 minutes
[2010/06/04 05:29:45] <nevyn> right.
[2010/06/04 05:29:52] <z00dax6> rollback plans are sort of free with a managed-packaging-payload, mostly
[2010/06/04 05:30:04] <Volcane> nevyn: and people who think they can deploy every 5 minutes without also addressing the speed and quality of the rest of their entire business are idiots more or less
[2010/06/04 05:30:05] <nevyn> sortof.
[2010/06/04 05:30:51] <Volcane> z00dax6: downgrades with packages are often a terrible idea :)
[2010/06/04 05:31:08] * nevyn points at kmod-gfs ;)...
[2010/06/04 05:31:14] <z00dax6> true, its always better to make sure that the bits being deployed work
[2010/06/04 05:31:29] <Volcane> z00dax6: i mean packages that werent designed to keep downgrades in mind obviously
[2010/06/04 05:31:54] * Volcane 's gotta go
[2010/06/04 05:32:02] <nevyn> hrm
[2010/06/04 05:33:38] <robinbowes> Anyone care to remind me how to fix this:
[2010/06/04 05:33:48] <robinbowes> Exported resource Sshkey[b005] cannot override local resource on node b051.private.b.statcounter.com
[2010/06/04 05:38:49] <FiXion> fluxdude: we do releases using packages here (deb or rpm)
[2010/06/04 05:39:05] <FiXion> so there's a buildhost - where you fire a script - which builds a package from latest svn.
[2010/06/04 05:39:20] <FiXion> Then puppet just updates the package - when we update the version in puppet config
[2010/06/04 05:39:53] <FiXion> this way, we can also easily check if a package has been modified on servers - using rpm -V or debsums
[2010/06/04 05:39:59] @ mauve joined channel #puppet
[2010/06/04 05:40:04] <FiXion> and it's much easier to break horribly on production
[2010/06/04 05:40:09] <FiXion> since there's the package layer in between
[2010/06/04 05:40:18] <FiXion> and rollback is very easy :)
[2010/06/04 05:40:27] <FiXion> only works with aptitude though
[2010/06/04 05:41:09] <FiXion> s/much easier/much harder/
[2010/06/04 05:47:11] @ the\|herbivore joined channel #puppet
[2010/06/04 05:48:06] @ Quit: allsystemsarego: Ping timeout: 240 seconds
[2010/06/04 05:48:40] @ allsystemsarego joined channel #puppet
[2010/06/04 06:02:13] @ rhyno joined channel #puppet
[2010/06/04 06:05:54] @ Quit: malikai: Quit: Leaving.
[2010/06/04 06:08:02] <JD__> Anyone seen this before? err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse YAML data for node ace.catnip.org.uk: syntax error on line 10, col 25: ` physicalprocessorcount: "1"'
[2010/06/04 06:09:07] @ Quit: cynicismic: Remote host closed the connection
[2010/06/04 06:16:19] <Volcane> JD__: master and node on the same version?
[2010/06/04 06:19:38] <JD__> Volcane: it is the master :S
[2010/06/04 06:20:40] <Volcane> heh
[2010/06/04 06:21:01] <Volcane> delete the yaml files in /var/lib/puppet see if it helps
[2010/06/04 06:21:05] <Volcane> doubt it though :)
[2010/06/04 06:21:37] <JD__> I restored from a backup
[2010/06/04 06:21:42] <JD__> hopefully that has helped
[2010/06/04 06:21:47] <Volcane> those yaml files are transient
[2010/06/04 06:21:50] <Volcane> you can dju
[2010/06/04 06:21:53] <Volcane> just delete
[2010/06/04 06:22:14] <JD__> although I appear to have come across a duplicate directory definition :(
[2010/06/04 06:23:15] @ quit (seeya)
[2010/06/04 06:23:42] @ Joined channel #puppet
[2010/06/04 06:23:42] @ Topic is "Dashboard 1.0.0 released: http://bit.ly/cxZUas \| Puppet 0.25.5 released: http://bit.ly/beIuIm \| http://docs.puppetlabs.com \| Bugs & Feature Requests: http://bit.ly/ddjhPk"
[2010/06/04 06:23:42] @ Topic set by jamesturnbull!~jamesturn@pelin.lovedthanlost.net on Mon May 17 21:32:40 -0400 2010
[2010/06/04 06:23:45] @ Mode +cnt by gibson.freenode.net
[2010/06/04 06:23:48] <Volcane> nasty :)
[2010/06/04 06:25:39] <JD__> Volcane: I have an apache::vhost define that makes sure the docroot exists and another class that creates the directory for the application
[2010/06/04 06:25:54] <Volcane> apache::common makes sure the docroot parent exist
[2010/06/04 06:25:59] <Volcane> apache::vhost create parent/vhost
[2010/06/04 06:26:03] <Volcane> and include apache::common
[2010/06/04 06:26:24] <Volcane> then there's no dupes
[2010/06/04 06:26:43] <JD__> Volcane: well in this case it's reprepro debian archive software
[2010/06/04 06:27:38] <Volcane> still, its easy to avoid dupe resources
[2010/06/04 06:27:47] <Volcane> making everyting virtual is just a nasty hack
[2010/06/04 06:28:36] @ Quit: StuZZZs: Remote host closed the connection
[2010/06/04 06:29:14] <JD__> now, do I just drop it from the vhost or from the reprepro definition :(
[2010/06/04 06:30:28] <Volcane> depends on your code :)
[2010/06/04 06:36:19] @ Quit: kenneho: Ping timeout: 240 seconds
[2010/06/04 06:36:59] @ emarshall joined channel #puppet
[2010/06/04 06:40:06] @ malikai joined channel #puppet
[2010/06/04 06:41:39] @ PsychoSid joined channel #puppet
[2010/06/04 06:46:14] @ kenneho joined channel #puppet
[2010/06/04 06:49:19] @ Welsh_Dwarf_ joined channel #puppet
[2010/06/04 06:50:04] @ Quit: Welsh_Dwarf: Ping timeout: 264 seconds
[2010/06/04 06:59:06] @ Welsh_Dwarf joined channel #puppet
[2010/06/04 07:01:29] @ Quit: emarshall: Quit: emarshall
[2010/06/04 07:01:48] @ Quit: Welsh_Dwarf_: Ping timeout: 265 seconds
[2010/06/04 07:02:08] * DavidS just sent the specs for composite keys in namevars to the -dev list. I'm burning to hear what others think about that
[2010/06/04 07:04:52] @ lbt_ joined channel #puppet
[2010/06/04 07:04:53] @ Quit: lbt_: Changing host
[2010/06/04 07:04:53] @ lbt_ joined channel #puppet
[2010/06/04 07:07:34] <fluxdude> every time I try to do a puppetrun --host blah.domain.com I get the error
[2010/06/04 07:07:58] <fluxdude> err: Could not call puppetrunner.run #<RuntimeError: HTTP-Error: 5000 Internal Server Error >
[2010/06/04 07:08:05] <fluxdude> any ideas why?
[2010/06/04 07:08:17] <fluxdude> I've not used puppetrun before, am just testing now...
[2010/06/04 07:08:48] <fluxdude> maybe namespaceauth allow if wrong, let me check...
[2010/06/04 07:09:38] <raz> is there any way to make puppetd more verbose than with --debug?
[2010/06/04 07:09:40] <fluxdude> double checked namespaceauth.conf and found in logs
[2010/06/04 07:09:48] <raz> mine goes to 100% CPU now after adding a completely harmless rule :\
[2010/06/04 07:10:05] <fluxdude> puppetd[...]: Deny authenticated client puppetmaster.domain.com access to puppetrunner.run
[2010/06/04 07:10:35] <fluxdude> ok fixed it
[2010/06/04 07:10:40] <fluxdude> reverse dns was giving a different domain
[2010/06/04 07:12:15] <raz> notice: Finished catalog run in 367.60 seconds
[2010/06/04 07:12:18] <raz> what the hell?
[2010/06/04 07:12:36] <DavidS> raz: --summary and --evaltrace
[2010/06/04 07:13:05] <raz> it doesn't know --summary, but running with evaltrace now
[2010/06/04 07:13:46] <DavidS> "summarize", sorry
[2010/06/04 07:14:00] <raz> ah, i think i have an idea already
[2010/06/04 07:14:13] <raz> damn recursion ;)
[2010/06/04 07:16:24] <raz> thx for the pointers, that was really helpful
[2010/06/04 07:21:44] @ emarshall joined channel #puppet
[2010/06/04 07:24:44] @ f3ew_ joined channel #puppet
[2010/06/04 07:26:58] @ Quit: kolla: Remote host closed the connection
[2010/06/04 07:28:11] @ Quit: f3ew: Read error: Connection reset by peer
[2010/06/04 07:28:43] @ Quit: kenneho: Quit: Ex-Chat
[2010/06/04 07:29:04] @ kenneho joined channel #puppet
[2010/06/04 07:29:05] @ Quit: kenneho: Client Quit
[2010/06/04 07:29:12] @ Quit: f3ew_: Excess Flood
[2010/06/04 07:29:24] @ kenneho joined channel #puppet
[2010/06/04 07:29:35] @ f3ew_ joined channel #puppet
[2010/06/04 07:36:38] @ Quit: pinoyskull: Remote host closed the connection
[2010/06/04 07:37:00] <FiXion> raz: isn't recursion much better/faster in 0.25.x ?
[2010/06/04 07:38:09] <raz> FiXion: it was my own fault. i had puppet instructed to recursively set the ownership on a certain directory - and that subtree was growing really deep due to build files laying around there. chown -R would still do it in around 10 secs - but puppet, being ruby, obviously suffered ;)
[2010/06/04 07:41:32] <masterzen> raz: we fixed a lots of recurse performance issues in 0.25.5
[2010/06/04 07:41:58] <masterzen> I expect 0.25.5 to be approximately as fast as chown -R
[2010/06/04 07:42:19] <raz> ah good to know. i don't particularly mind it anyways, that rule wasn't a good idea in first place.
[2010/06/04 07:42:45] <raz> i've now simply chained a one-time "chown -R" to the class that intially places the stuff, much more efficient
[2010/06/04 07:42:58] <Volcane> masterzen: do you also see uneeded notifies with recursion? like recursing out /foo will make /foo/bar which on next run notice a timestamp change on /foo again?
[2010/06/04 07:43:26] <raz> btw anyone here happens to use the syslog-ng module?
[2010/06/04 07:43:35] <raz> works fine for me but outputs on every puppet run: notice: //syslog-ng/Service[syslog-ng]/enable: enable changed 'false' to 'true'
[2010/06/04 07:43:38] <Hilli> Is it possible to tell a file's source that it is either this or this file, and if they aren't found, then just ignore it?
[2010/06/04 07:44:16] <Hilli> Just remove ensure?
[2010/06/04 07:44:23] <DavidS> raz: seems like your service provider foobars
[2010/06/04 07:44:58] <raz> DavidS: heh.. my service-provider? that would be inside the module then i guess
[2010/06/04 07:45:13] <raz> i'm using this one: http://github.com/camptocamp/puppet-syslog-ng
[2010/06/04 07:45:28] <raz> as said, works fine, except for this strange message
[2010/06/04 07:46:29] @ jab_doa joined channel #puppet
[2010/06/04 07:46:40] <DavidS> raz: the message is caused by the fact that puppet tries to enable (=register service-start at boot-time) Service[syslog-ng] and the underlying provider (puppet code) either fails to do so or fails to recognize that it actually is.
[2010/06/04 07:46:55] <DavidS> what OS and puppet versions are you using?
[2010/06/04 07:47:03] <raz> debian and 0.25.4
[2010/06/04 07:47:23] <DavidS> raz: strange
[2010/06/04 07:47:32] <masterzen> Volcane: hmm, I don't yet run 0.25.5 in production, so I don't really know
[2010/06/04 07:47:41] <raz> ah, so you mean it tries to set the init-script up so that it starts at boot but fails to do so?
[2010/06/04 07:47:42] <masterzen> Volcane: do you have a testcase for this?
[2010/06/04 07:47:58] <DavidS> raz: or it fails to recoginze that this already has happened
[2010/06/04 07:48:17] <RS-232> raz: I debugged something similar last week: a service that puppet kept enabling although it already was enabled.
[2010/06/04 07:48:22] <raz> DavidS: hmm.. interesting. and indeed strange because i'm quite sure a few other modules (postfix) do about the same and don't complain.
[2010/06/04 07:48:54] <DavidS> raz: take a look at /etc/rc/syslog-ng, and what update-init.d does
[2010/06/04 07:49:08] <RS-232> raz: the problem was that the ps-output was shortened to 80 chars so puppet did not find the name of the service.
[2010/06/04 07:49:16] @ ratatat joined channel #puppet
[2010/06/04 07:49:30] <DavidS> the code is under $rubydir/lib/puppet/type/service.rb and $rubydir/lib/puppet/provider/service/*
[2010/06/04 07:49:31] <ratatat> hey hey
[2010/06/04 07:49:37] <DavidS> RS-232: enable != ensure
[2010/06/04 07:49:39] <RS-232> and that was caused because somebody put "export ROWS COLUMNS" in /etc/profile.
[2010/06/04 07:49:51] <raz> RS-232: ahh interesting
[2010/06/04 07:49:53] <DavidS> RS-232: sabotage!
[2010/06/04 07:50:07] <DavidS> raz: enable != ensure
[2010/06/04 07:50:11] <Volcane> masterzen: will come up with something - its always done this though :)
[2010/06/04 07:50:20] @ rocket joined channel #puppet
[2010/06/04 07:50:25] <ratatat> im in need of some help, I'm just trying puppet for the first time - but not having any joy
[2010/06/04 07:50:25] <raz> RS-232: hmm... no ROWS in all of my /etc though :)
[2010/06/04 07:50:26] <RS-232> DavidS: ah, you are right. enable != ensure
[2010/06/04 07:50:44] <raz> DavidS: what do you mean "take a look"? ;)
[2010/06/04 07:50:52] <ratatat> is there a way to run the client with "super" verbose?
[2010/06/04 07:50:52] <rocket> hello can anyone point me in the right direction to an example module that depends on say a firewall module ..
[2010/06/04 07:51:07] <rocket> eg I have a webserver module and it calls something out of the firewall one
[2010/06/04 07:51:14] <rocket> or is this not the right way to do this
[2010/06/04 07:51:16] <rocket> ?
[2010/06/04 07:51:33] <RS-232> raz: just dor puppetd --debug, find what ps-command puppet uses, and repeat that yourself on the shell with preferebly the same environment as puppetd.
[2010/06/04 07:51:44] <ratatat> cool thanks, will try
[2010/06/04 07:51:48] <RS-232> s/dor/do/
[2010/06/04 07:52:16] <DavidS> raz: by 'take a look', I mean 'take a look and compare the actual situation with the expected situation, looking for discrepancies to other services that work, as well as cross check the source code and try to track down the source of your problem'
[2010/06/04 07:52:26] <DavidS> raz: you might also call this process "debugging"
[2010/06/04 07:52:45] <raz> DavidS: thanks for the very specific advice ;)
[2010/06/04 07:54:14] <raz> hmm so here is the --debug
[2010/06/04 07:54:15] <raz> http://pastie.org/991784
[2010/06/04 07:54:39] <raz> it seems to first remove it and then add it again?!
[2010/06/04 07:54:43] <raz> is my puppet perhaps drunk?
[2010/06/04 07:55:39] <DavidS> raz: the provider should also execute update-rc.d to figure out the current state. I'm wondering why this isn't shown here
[2010/06/04 07:56:46] <DavidS> ah: http://github.com/reductivelabs/puppet/blob/0.25.x/lib/puppet/provider/service/debian.rb line 30-33
[2010/06/04 07:57:41] <DavidS> raz: try to manually execute that command and check the return code
[2010/06/04 07:57:47] <DavidS> (line 32)
[2010/06/04 07:57:47] <masterzen> Volcane: ah ok, it's not new, then. I think rowlf will be way better in this area
[2010/06/04 07:58:32] <raz> ourrrrgh
[2010/06/04 07:58:40] <raz> DavidS: return code 101
[2010/06/04 07:58:40] <DavidS> huh?
[2010/06/04 07:58:42] <raz> and i thik i have an idea why
[2010/06/04 07:59:13] <raz> i've created a custom /usr/bin/policy-rc.d
[2010/06/04 07:59:15] <raz> which contains: exit 101
[2010/06/04 07:59:35] <DavidS> there you go
[2010/06/04 07:59:37] <raz> because i was told that's the only way to prevent debian from starting services automatically after install (what a goddamn retarded idea that is!)
[2010/06/04 07:59:53] <raz> so... why does it bite me here :\
[2010/06/04 08:00:03] <Volcane> masterzen: kewl
[2010/06/04 08:00:12] <DavidS> raz: because update-r.d goes through the policy layer
[2010/06/04 08:00:19] * raz sighs
[2010/06/04 08:00:28] <DavidS> as does the debian service provider
[2010/06/04 08:00:34] <RS-232> 15 minutes ago from another channel: "unix gives you just enough rope to hang yourself -- and then a couple of feet more, just to be sure"
[2010/06/04 08:00:40] <DavidS> I'm curious whether any of your services would be started by puppet
[2010/06/04 08:00:44] <raz> one day i'll find and kill the person who came up with the idea of starting a service after install by default
[2010/06/04 08:01:12] <DavidS> raz: last week I upgraded mysql on a RH-based system from 5.0 to 5.1
[2010/06/04 08:01:23] <RS-232> raz: ... which should fail if set so in /etc/default/<service>
[2010/06/04 08:01:56] <DavidS> after the install, the 5.0 binary was still running and after a restart, the privilege tables were corrupted (since they were still in 5.0 format)
[2010/06/04 08:02:00] <raz> RS-232: unfortunately not all services seem to have that file. also that file is probably overwritten by pkg install? ;)
[2010/06/04 08:02:01] <DavidS> I really prefer the debian way!
[2010/06/04 08:02:26] <Volcane> DavidS: sound like you had a broken package not supplied by someone with a clue :)
[2010/06/04 08:02:31] <raz> DavidS: debian may very well STOP services on uninstall. but in gods name don't START them in a known bad state.
[2010/06/04 08:03:04] <rocket> DavidS: did you see my query earlier?
[2010/06/04 08:03:27] <raz> i mean... there's simply no reason to do that. typing /etc/init.d/foo start costs nothing. cleaning this mess up is now costing me nerves the second time :<
[2010/06/04 08:03:33] <DavidS> Volcane: probably. which leads to the question why there have to be more than one package source and why the "default" packages at that client's site suck so much
[2010/06/04 08:03:54] <raz> DavidS: you answered that earlier, you said it was RH-based :)
[2010/06/04 08:04:01] @ Quit: RS-232: Remote host closed the connection
[2010/06/04 08:04:06] <Volcane> DavidS: well 5.1 isnt in rhel, so whatever you do is going to be from one type of package to another probably not designed for each other
[2010/06/04 08:04:23] <DavidS> Volcane: sigh
[2010/06/04 08:04:58] <DavidS> rocket: http://forge.puppetlabs.com/ , but I don't understood your query, so my answer might be way off
[2010/06/04 08:05:38] <DavidS> rocket: actually, the answer should probably be: remove all the firewall stuff, if you don'T need it
[2010/06/04 08:06:02] <DavidS> rocket: and regarding your real name set in your IRC client: I do.
[2010/06/04 08:06:07] @ Quit: thegcat: Quit: Leaving.
[2010/06/04 08:07:25] <Volcane> DavidS: agree though packaging in general is rubbish, but the world really doesnt need more unconfigured or badly configured software running by default - we need to be less like microsoft not more and debians current approach fails at that
[2010/06/04 08:07:36] <rocket> heh that real name setting was way old I forgot all about it .. :p
[2010/06/04 08:08:18] @ ahasenack joined channel #puppet
[2010/06/04 08:08:18] <rocket> DavidS: the firewall stuff was more of a question of how do I design modules that depend on each other .. or dont I want that?
[2010/06/04 08:08:35] <rocket> DavidS: how do I keep them flexible/portable reusable etc
[2010/06/04 08:09:16] <Volcane> rocket: if apache wants to make nagios checks, the nagios module sould give it a utility define to call to do that
[2010/06/04 08:09:35] <Volcane> rocket: so the logic for what happens when apache creates monitoring is in the nagios module - apache just supplies the vars
[2010/06/04 08:09:52] <DavidS> rocket: at the puppetcamp in gent, this came up for discussion and one of the suggested approaches was to use an "interface module" that only dispatches to an actual implementation (or fails silently)
[2010/06/04 08:10:00] <Volcane> rocket: same with firewalls, apache needs port 80 open, iptables module need to let it register rules
[2010/06/04 08:10:16] <DavidS> Volcane: right in principle, limiting in practice though
[2010/06/04 08:10:27] <DavidS> see type/provider split
[2010/06/04 08:10:32] <Volcane> rocket: and if you have machines with iptables, ipfw etc, then you should make a firewall module that calls the right thing on the right os
[2010/06/04 08:10:45] <rocket> DavidS: hrmm interesting .. is there any samples of the syntax on this?
[2010/06/04 08:10:57] <Volcane> rocket: ie. firewall module calls iptables module on linux
[2010/06/04 08:11:12] <Volcane> DavidS: not run into any issues with this concept myself, how do you mean?
[2010/06/04 08:11:39] <DavidS> rocket: http://git.example42.com/git/?p=example42modules/.git;a=tree;f=monitor
[2010/06/04 08:12:25] <DavidS> Volcane: when re-using modules (e.g. apache) you might want to pick-and-choose what other stuff you manage (e.g. no firewall and cacti instead of munin)
[2010/06/04 08:12:31] @ Quit: abien: Remote host closed the connection
[2010/06/04 08:13:08] <Volcane> DavidS: sure, you'd still not go creating munin config files right in the apache module though surely?
[2010/06/04 08:13:30] <DavidS> I really need to take a few hours and work through alessandro's stuff to get it into an actually usable state
[2010/06/04 08:13:31] <raz> heh.. having storedconfig in sqlite is really pointless - two hosts can't run concurrently
[2010/06/04 08:14:12] <raz> is there a way to get at least a bit of concurrency or is that just the way it is with sqlite?
[2010/06/04 08:14:27] <Volcane> raz: sqlite is a toy
[2010/06/04 08:14:35] <raz> Volcane: yea i know
[2010/06/04 08:14:38] <Volcane> raz: used for development or single user access
[2010/06/04 08:14:45] <Volcane> raz: its a bit like webrick
[2010/06/04 08:14:47] <DavidS> Volcane: even using munin::plugin{} in a module would make that a very hard dependency. on the other hand, using monitor::port{...} which can be configured with few lines in site.pp to use munin, nagios, cacti, icinga, zenoss or whatever is much more decoupled
[2010/06/04 08:14:55] <raz> guess i'll throw in a postgres then
[2010/06/04 08:15:08] <Volcane> DavidS: erm, yeah I did suggest that abstraction above too :)
[2010/06/04 08:15:20] @ Quit: ckauhaus: Read error: No route to host
[2010/06/04 08:15:33] <DavidS> Volcane: too much type and no read makes davids a dull boy ;-)
[2010/06/04 08:15:44] <Volcane> DavidS: but its much better to just standardize your environment and tools :P
[2010/06/04 08:16:10] <Volcane> DavidS: i see the point wrt writing reusable/sharable modules, but if thats the goal then the effort is justified
[2010/06/04 08:16:40] <Volcane> DavidS: if just managing a single platform with single tools, its an extra layer of abstraction that i just dont tend to bother with
[2010/06/04 08:18:03] @ RS-232 joined channel #puppet
[2010/06/04 08:19:27] <DavidS> Volcane: publishing modules on the forge is beyond "standardize your environment and tools", and I think there is useful middle ground to be tread on
[2010/06/04 08:19:47] <DavidS> like having fine-grained modules for iptables, ipfw, nagios, munin, and all the other bricks
[2010/06/04 08:20:00] <Volcane> yup
[2010/06/04 08:20:07] <DavidS> having those bricks with common interfaces
[2010/06/04 08:20:20] <DavidS> and using those in the integration modules
[2010/06/04 08:20:54] <Volcane> yeah we agree, i totally see the point if sharing is your goal or if you have a massively varied platform
[2010/06/04 08:21:21] <Volcane> but when using those become a tangle of inherits and overrides
[2010/06/04 08:21:44] <DavidS> tim\|mac had a nice idea of also splitting the "application" modules into two parts: core structure (service, package, config manipulation, no deps) and "policy" where the core pieces are used together to build actual services like "a vhost" that is monitored etc.
[2010/06/04 08:21:53] <Volcane> its utility is long lost in the complexity which makes sense to experienced puppet manifest coders but mostly just causes grief for everyone else
[2010/06/04 08:22:04] @ cliff-hm joined channel #puppet
[2010/06/04 08:22:09] <Volcane> DavidS: i know, i helped him come up with that :)
[2010/06/04 08:23:07] <raz> Volcane: hmm.. just switched to postgres, now i get this: Error 400 on SERVER: NoMethodError: undefined method `fformat' for #<PGresult:0x2ab0ad6dc620>: SHOW client_min_messages
[2010/06/04 08:23:11] <raz> any idea?
[2010/06/04 08:23:40] <Volcane> raz: shrug i use the db that everyone else uses, and are likely to test against :)
[2010/06/04 08:24:03] <DavidS> raz: i'm using postgres and i don't know that error
[2010/06/04 08:25:24] <Whoop> DEPRECATION WARNING: metaclass is deprecated and will be removed from Rails 2.3 (use singleton_class instead). (called from meta_eval at /usr/lib/ruby/1.8/puppet/util/metaid.rb:4)
[2010/06/04 08:25:33] <Whoop> ^ Anyone know if thats fixed in a latest version?
[2010/06/04 08:28:02] @ gebi joined channel #puppet
[2010/06/04 08:28:53] <raz> got it, pg gem is better than postgres gem
[2010/06/04 08:29:32] * DavidS mumbles "gems are even worse than rpms"
[2010/06/04 08:29:46] @ [GuS] joined channel #puppet
[2010/06/04 08:29:50] @ Quit: [GuS]: Changing host
[2010/06/04 08:29:50] @ [GuS] joined channel #puppet
[2010/06/04 08:30:29] <raz> nahh, gems are bad, but rpms are worse
[2010/06/04 08:30:41] <lisa> how are gems bad?
[2010/06/04 08:31:13] <barn> oh lordy...
[2010/06/04 08:31:30] <barn> is that a can of worms we can afford to open?
[2010/06/04 08:32:01] <lisa> it's just a simple question
[2010/06/04 08:32:34] <barn> they can't do things like install in to sbin and bin, they're not system packageable in a sane way
[2010/06/04 08:32:35] <raz> lisa: with a very long answer ;)
[2010/06/04 08:33:30] <f3ew_> lisa you want exactly one package manager on your system
[2010/06/04 08:33:31] @ vachon joined channel #puppet
[2010/06/04 08:33:36] <sdog> barn: what about gem2rpm
[2010/06/04 08:33:39] * sdog runs and hides
[2010/06/04 08:33:44] <lisa> i'm not sure i want gems installing things to /sbin and /bin
[2010/06/04 08:33:49] <barn> sdog: you can run, but you can't hide
[2010/06/04 08:34:17] <barn> lisa: installing puppet from gem is tricky then (:
[2010/06/04 08:34:23] <lisa> f3ew_: i want as few as possible, but if the package manager is competant why not leverage it?
[2010/06/04 08:34:25] <barn> (and mental, but that's another story)
[2010/06/04 08:34:43] <barn> because you've just used the word leverage
[2010/06/04 08:34:43] <lisa> barn: i installed puppet from an RPM ;-) was quite easy
[2010/06/04 08:34:53] @ ohadlevy joined channel #puppet
[2010/06/04 08:34:57] <barn> so anything you ever say again can only be viewed as marketing speak
[2010/06/04 08:35:01] <barn> (:
[2010/06/04 08:35:04] <lisa> barn: sorry i will try to use small words
[2010/06/04 08:35:17] <lisa> (zing)
[2010/06/04 08:35:23] <sdog> barn: I was actually planning on opening a bag of popcorn and watch the drama unfold ..
[2010/06/04 08:35:53] <barn> sdog: I've found gems to be painful. I use umbongo and debian. In RPM land it may be entirely different
[2010/06/04 08:36:03] @ f3ew_ is now known as f3ew
[2010/06/04 08:36:11] <barn> debian beard law dictates they smell, but then, they have two ways of doing python modules
[2010/06/04 08:36:44] @ vachon left channel #puppet ()
[2010/06/04 08:37:17] <sdog> barn: they are painfull... nodicussion there :)
[2010/06/04 08:39:17] <barn> the only people who like gems are rails devs and/or the people who wrote them
[2010/06/04 08:39:38] <barn> I never wanted to be in a position where CPAN looked like the good and right thing to do
[2010/06/04 08:39:39] <lisa> s,rails,ruby,
[2010/06/04 08:40:02] <barn> lisa: I've not found that, but anyway
[2010/06/04 08:40:07] <barn> that's some of the surface of it
[2010/06/04 08:40:17] <barn> I'm sure people have more scars from this than me (:
[2010/06/04 08:40:54] <lisa> i haven't had any problems with gems and i have worked with them professionally all day
[2010/06/04 08:41:38] <barn> so you have no problem with them. Awesome! (:
[2010/06/04 08:42:01] <lisa> yes, hence the question of why gems are "bad"
[2010/06/04 08:42:07] @ marley joined channel #puppet
[2010/06/04 08:42:12] <DavidS> lisa: raz just installed the wrong postgres gem because gem's dependency system didn't provide a sane default.
[2010/06/04 08:42:34] <f3ew> Gems need to get to the same maturity as CPAN
[2010/06/04 08:42:44] * f3ew still converts CPAN packages to RPMs
[2010/06/04 08:42:48] <DavidS> gems are bad because most ruby devs don't care about ops. see also "Put it in vendor"
[2010/06/04 08:43:09] <lisa> DavidS: what gem had an incorrect dependency?
[2010/06/04 08:43:50] <DavidS> lisa: I'm not informed about how raz has installed puppet, but from afar his situation stinks and gems didn't help
[2010/06/04 08:44:17] * lisa shrugs
[2010/06/04 08:44:27] * DavidS agrees
[2010/06/04 08:44:29] <lisa> i'd point the finger at the author of the .gemspec file
[2010/06/04 08:44:53] <raz> gem is broken by design
[2010/06/04 08:44:55] <lisa> but it's hardly a fault of the entire gem system when gem authors don't assign an appropriate dependency tree
[2010/06/04 08:44:55] <DavidS> raz: how did you install puppet?
[2010/06/04 08:44:56] <raz> just like eggs
[2010/06/04 08:44:58] <raz> and cpan
[2010/06/04 08:45:04] <raz> DavidS: apt-get install puppet
[2010/06/04 08:45:22] <lisa> how does debian do it?
[2010/06/04 08:46:48] <DavidS> lisa: just checked. there is no dependency either
[2010/06/04 08:47:06] <lisa> DavidS: in the debian package?
[2010/06/04 08:47:13] <DavidS> yeah
[2010/06/04 08:47:24] <lisa> no dependency for postgres?
[2010/06/04 08:47:39] <DavidS> oh
[2010/06/04 08:47:52] <raz> well, its also to get in a situation like this:
[2010/06/04 08:47:56] <lisa> maybe i missed something but do i need to have a postgres database for puppet? cos, uh, if so this may be running by magic
[2010/06/04 08:47:57] <raz> gem_original_require': no such file to load -- openssl
[2010/06/04 08:48:04] <DavidS> puppetmaster -> rails -> (libsqlite3-ruby\|libmysql-ruby\|libpgsql-ruby)
[2010/06/04 08:48:14] <raz> this is what puppet tells me, despite openssl-ruby being installed
[2010/06/04 08:48:56] <lisa> did you install the libopenssl-ruby apt package ?
[2010/06/04 08:48:57] <DavidS> lisa: no pg needed
[2010/06/04 08:49:03] <DavidS> and no local database server either
[2010/06/04 08:49:16] <lisa> DavidS: didn't think so.
[2010/06/04 08:51:34] @ littleidea joined channel #puppet
[2010/06/04 08:52:25] <DavidS> finally got the windows writeup from puppetcamp finished: http://dasz.at/index.php/2010/06/porting-puppet-to-windows/
[2010/06/04 08:56:58] @ Quit: TREllis: Quit: ------------> airport ---> home \o/
[2010/06/04 08:57:33] <DavidS> !seen LordCode
[2010/06/04 08:57:34] <gepetto> DavidS: nope!
[2010/06/04 08:58:02] <Volcane> DavidS: just 'cope'
[2010/06/04 08:58:16] <gebi> lisa: puppet-common depends on libopenssl-ruby ;)
[2010/06/04 08:58:51] <lisa> odd. time to poke debian package maintaner(s)
[2010/06/04 08:59:11] <lisa> clearly they've done something quite wrong if a simple apt-get install doesn't work right.
[2010/06/04 08:59:34] <gebi> what doesn't work?
[2010/06/04 08:59:46] <gebi> sorry seems i've joined too lat
[2010/06/04 08:59:50] <gebi> +e
[2010/06/04 09:00:06] <lisa> gebi: raz noted that apt-get install puppet resulted in an incorrectly (or incomplete) installed package
[2010/06/04 09:00:20] <gebi> whats missing?
[2010/06/04 09:00:24] <raz> openssl
[2010/06/04 09:00:25] <raz> stil
[2010/06/04 09:00:27] <raz> still
[2010/06/04 09:00:29] <raz> grmbl
[2010/06/04 09:00:58] <raz> what is the openssl gem called?
[2010/06/04 09:01:01] @ Quit: rhyno: Ping timeout: 252 seconds
[2010/06/04 09:01:25] <gebi> # apt-cache show puppet \n Depends: ..., libopenssl-ruby, ...
[2010/06/04 09:01:43] <gebi> so it is either incompletly installed on your side or not missing
[2010/06/04 09:01:51] <raz> gebi: yes, libopenssl-ruby is installed, but ruby doesn't see it
[2010/06/04 09:02:03] <gebi> huch :)?
[2010/06/04 09:02:04] <raz> how can i search for gems with the retarded 'gem' command...
[2010/06/04 09:02:22] <raz> i want to see all gems that contain "ssl" so i don't have to continue guessing
[2010/06/04 09:03:03] <Volcane> dont use gem if you're also using OS packages
[2010/06/04 09:03:25] <raz> well, right now i just want to run puppet so that it will hopefully clean up the mess
[2010/06/04 09:03:36] <huggie> I think raz might be beyond that (though I'm just rubbernecking)
[2010/06/04 09:03:36] <raz> and since uninstalling/reinstalling all involved packages doesn't help
[2010/06/04 09:03:53] <Volcane> raz: puppet doesnt clean up any mess, format does :)
[2010/06/04 09:03:53] <DavidS> Volcane++
[2010/06/04 09:04:31] <Volcane> cos really it sounds like you've left the land of repairable far behind
[2010/06/04 09:04:39] <raz> erm..
[2010/06/04 09:04:45] <raz> dpkg -L libopenssl-ruby
[2010/06/04 09:04:53] <raz> returns only a bunch of files in /usr/share/doc
[2010/06/04 09:04:53] <raz> ?!
[2010/06/04 09:04:58] <gebi> oh yes, using gems not through statically created .debs is just asking for troubles
[2010/06/04 09:05:11] <gebi> raz: it is included in libruby itself
[2010/06/04 09:05:17] <Volcane> raz: you'll also have like libopenssl-ruby1.8
[2010/06/04 09:05:25] <Volcane> raz: assuming you're on that version of ruby
[2010/06/04 09:05:47] <raz> aaah
[2010/06/04 09:05:53] <zeroXten> hey Volcane, may I ask you a quick question regarding using defines in modules for "API"?
[2010/06/04 09:05:56] <raz> removing libopenssl-ruby1.8 and reinstalling then finally fixed it
[2010/06/04 09:05:58] <raz> thx volcane ;)
[2010/06/04 09:06:11] <gebi> raz: apt-cache show libruby1.8 \n Provides: ... libopenssl-ruby1.8 ...
[2010/06/04 09:06:18] <Volcane> zeroXten: sure
[2010/06/04 09:06:21] @ MPSimmons joined channel #puppet
[2010/06/04 09:06:29] <DavidS> zeroXten: never ask for permission to ask
[2010/06/04 09:06:37] <gebi> so libopenssl-ruby1.8 does not exist as a real package ;)
[2010/06/04 09:06:38] <zeroXten> yes yes, but this had context ;)
[2010/06/04 09:07:11] <Volcane> gebi: i think it varies by version of debian :)
[2010/06/04 09:07:39] <joe-mac1> haha
[2010/06/04 09:07:42] <joe-mac1> <3 debian
[2010/06/04 09:07:48] <lisa> so it was debian after all...hmmm...
[2010/06/04 09:07:52] <Volcane> i certainly have libopenssl-ruby1.8_1.8.5-4etch4_i386.deb
[2010/06/04 09:07:59] <Volcane> but etch, meh
[2010/06/04 09:08:04] <joe-mac1> i hope ubuntu 10.04 we really stay on for five years so i can not have to be subject to their mind fuck way of doing things
[2010/06/04 09:08:24] <joe-mac1> so far i've only migrated the nagios boxen
[2010/06/04 09:08:35] <joe-mac1> everything else is still 8.04 with maybe one or two 6.06 floating around
[2010/06/04 09:09:04] @ rhyno joined channel #puppet
[2010/06/04 09:10:42] <zeroXten> just wanted to clarify whether a dependant module should import/include the main module before using the define?
[2010/06/04 09:11:01] <Volcane> if you're using modules correctly you can forget the import function even exist
[2010/06/04 09:11:41] <Volcane> since it will find everything it wants automagically on its own by assuming you stuck to the documented conventions
[2010/06/04 09:12:08] <zeroXten> hmm
[2010/06/04 09:12:18] <zeroXten> did i ask about the "depends" directory yesterday?
[2010/06/04 09:12:25] @ beata joined channel #puppet
[2010/06/04 09:12:28] <Volcane> its unused
[2010/06/04 09:12:41] <zeroXten> the documentation i've read didn't seem to inform me much on the relationship between modules
[2010/06/04 09:12:53] <zeroXten> unless i missed something (probable)
[2010/06/04 09:13:10] <Volcane> you use require => Class["foo"] or require => File["foo"] just like always
[2010/06/04 09:13:12] <Volcane> nothing changes
[2010/06/04 09:13:26] <zeroXten> yup
[2010/06/04 09:13:48] <Volcane> ....add them to the depends folder (which is basically only documenting, it doesn’t change how your module works)
[2010/06/04 09:13:57] <Volcane> its just fluff, doesnt do anything
[2010/06/04 09:14:01] <zeroXten> fair enough
[2010/06/04 09:14:25] <zeroXten> so require will automagically pull in any modules?
[2010/06/04 09:14:39] <Volcane> you still need to include them
[2010/06/04 09:14:44] <Volcane> there's 3 things:
[2010/06/04 09:14:49] <zeroXten> ah ok. just include. fair enough
[2010/06/04 09:15:08] <Volcane> import - loads a file from disk into memory, cos sometimes puppet doesnt know where to find a class when you include it or a define when you use it
[2010/06/04 09:15:17] <Volcane> include - takes a previously imported class and use it
[2010/06/04 09:15:22] <joe-mac1> depends like i said is an artificial construct of some group, camptocamp maybe
[2010/06/04 09:15:53] <Volcane> require/before/etc - those reference resources or classes that was previously included
[2010/06/04 09:16:00] <zeroXten> yup
[2010/06/04 09:16:22] <Volcane> sticking to conventions for modules means the import step happens automagically
[2010/06/04 09:16:32] <zeroXten> aahh ok
[2010/06/04 09:16:38] @ Quit: marley: Ping timeout: 265 seconds
[2010/06/04 09:17:56] @ tecto joined channel #puppet
[2010/06/04 09:19:06] <zeroXten> i guess i'll put the require in the package of my dependant module
[2010/06/04 09:23:58] @ Quit: kenneho: Quit: Ex-Chat
[2010/06/04 09:24:29] @ marley joined channel #puppet
[2010/06/04 09:24:58] @ Pupeno joined channel #puppet
[2010/06/04 09:25:08] <Pupeno> I'm getting this error: err: Could not retrieve catalog: undefined method `-' for #<XMLRPC::DateTime:0x2aaab0a0a750>, any ideas?
[2010/06/04 09:29:01] <gebi> Volcane: uh etch ;)
[2010/06/04 09:29:18] @ ckauhaus joined channel #puppet
[2010/06/04 09:36:01] <raz> j #debian
[2010/06/04 09:36:22] @ saysjonathan joined channel #puppet
[2010/06/04 09:36:38] @ gaveen joined channel #puppet
[2010/06/04 09:44:20] @ tim__ joined channel #puppet
[2010/06/04 09:46:29] <zeroXten> how does file handle both content and source being specified?
[2010/06/04 09:46:50] <tim__> I'm having a bit of trouble with the regex syntax in case statements
[2010/06/04 09:47:17] <Volcane> zeroXten: put a little bit of test manifest in 'test.pp' and run it with 'puppet test.pp'
[2010/06/04 09:47:25] <tim__> http://pastebin.com/xGvjrWbw
[2010/06/04 09:47:29] <Volcane> zeroXten: easy to test these things out yourself
[2010/06/04 09:47:37] <tim__> puppet --noop init.pp Syntax error at '(?-mix:^qc[0-9]$)'; expected '}' at /etc/puppet/modules/nagios/manifests/check_customisations.pp:15 on node puppet.hq.eso.org
[2010/06/04 09:47:55] <Volcane> tim__: version?
[2010/06/04 09:48:11] <tim__> 0.25.4
[2010/06/04 09:48:20] <tim__> from the EPEL RPM
[2010/06/04 09:49:12] <ratatat> hi guys, I'm trying to setup puppet for the first time and not having any joy, is there anything wrong with this script? as its not installing the items described. http://www.pastie.org/991885
[2010/06/04 09:50:34] <fsweetser> what messages do you get from puppetd?
[2010/06/04 09:50:38] <ratatat> puppet -v site.pp doesnt return anything
[2010/06/04 09:51:00] <Volcane> tim__: well your regex line from line 15 there works for me
[2010/06/04 09:51:13] @ Quit: ckauhaus: Quit: Leaving.
[2010/06/04 09:51:40] <Volcane> tim__: its the # stuff you have in the {}s
[2010/06/04 09:52:07] <tim__> ah, I'll move the comments to the end of hte line and see
[2010/06/04 09:52:40] <ratatat> fsweetser: do i ihave to run puppetd too? I was just trying to invoke puppet from the command line
[2010/06/04 09:53:00] <fsweetser> I haven't used puppet directly before, so I'm not sure how to tell it which classes in a given manifest to run
[2010/06/04 09:53:05] @ Xombie joined channel #puppet
[2010/06/04 09:55:02] <ratatat> anyone else got some pointers for me?
[2010/06/04 09:56:11] <ratatat> fsweetser: how do you run puppet then? just start puppetd?
[2010/06/04 09:58:13] @ acrollet joined channel #puppet
[2010/06/04 09:59:22] @ shenson joined channel #puppet
[2010/06/04 09:59:24] @ Quit: rhyno: Ping timeout: 276 seconds
[2010/06/04 10:00:38] <fsweetser> yes, pointed at a puppetmaster
[2010/06/04 10:01:32] @ malikai left channel #puppet ()
[2010/06/04 10:03:16] <tim__> thanks Volcane moving the comments to end of the line worked
[2010/06/04 10:03:19] @ Quit: tim__: Remote host closed the connection
[2010/06/04 10:05:26] @ unixdaemon joined channel #puppet
[2010/06/04 10:06:19] <Volcane> unixdaemon: wtf :)
[2010/06/04 10:08:09] <Volcane> didnt know you knew how to operate irc :P
[2010/06/04 10:11:23] <unixdaemon> Volcane: As will soon become clear - I don't ;)
[2010/06/04 10:12:57] @ dragonball_ joined channel #puppet
[2010/06/04 10:14:01] @ Quit: dragonball_: Read error: Connection reset by peer
[2010/06/04 10:23:40] @ tonyskapunk joined channel #puppet
[2010/06/04 10:25:14] @ Quit: joe-mac1: Quit: Leaving.
[2010/06/04 10:25:39] @ ecapriolo joined channel #puppet
[2010/06/04 10:27:30] @ Quit: sclamage: Ping timeout: 258 seconds
[2010/06/04 10:32:13] @ sdog left channel #puppet ()
[2010/06/04 10:32:13] @ Quit: rmiller4pi81: Quit: Leaving.
[2010/06/04 10:33:09] @ Quit: Determinist: Remote host closed the connection
[2010/06/04 10:33:09] @ Quit: ratatat: Quit: leaving
[2010/06/04 11:04:21] @ joe-mac joined channel #puppet
[2010/06/04 11:05:03] @ Quit: MattyM: Remote host closed the connection
[2010/06/04 11:05:04] @ Quit: fluxdude: Ping timeout: 258 seconds
[2010/06/04 11:06:26] @ Quit: emarshall: Quit: emarshall
[2010/06/04 11:06:39] @ Quit: PsychoSid: Quit: Leaving.
[2010/06/04 11:12:20] @ steph021 joined channel #puppet
[2010/06/04 11:13:05] @ pheezy joined channel #puppet
[2010/06/04 11:13:25] <pheezy> http://pastie.org/992000 ?
[2010/06/04 11:14:09] <joe-mac> never heard of this puppet-module command
[2010/06/04 11:14:11] <joe-mac> must be new
[2010/06/04 11:15:23] <pheezy> its a CLI tool for the forge
[2010/06/04 11:15:53] <pheezy> I don't think it's included with puppet yet, if it ever will be
[2010/06/04 11:16:42] @ Quit: verwilst: Quit: Ex-Chat
[2010/06/04 11:17:16] <joe-mac> o i c
[2010/06/04 11:17:24] <joe-mac> haven;t looked much into forge yet
[2010/06/04 11:17:34] <joe-mac> it hink it's absolutely genius idea though
[2010/06/04 11:18:07] <pheezy> Yeah
[2010/06/04 11:18:32] <pheezy> It will be interesting to see how, if at all, PL will handle dupliate modules
[2010/06/04 11:20:28] <Volcane> anyone can upload any module, even ones already there. it'll be based on downloaded count or rating or whatever
[2010/06/04 11:20:34] <Volcane> and seem they'll have a list of 'blessed' modules
[2010/06/04 11:20:41] <Volcane> but nothing prevents 500 apache modules
[2010/06/04 11:21:54] <DavidS> Volcane: common sense does prevent 500 apache modules ... O:-)
[2010/06/04 11:22:19] @ ona_matt joined channel #puppet
[2010/06/04 11:22:33] <Volcane> never underestimate the crowd effect on overall intelligence :)
[2010/06/04 11:23:03] @ reyjrar joined channel #puppet
[2010/06/04 11:23:37] <DavidS> :-)
[2010/06/04 11:23:43] <matti> :)
[2010/06/04 11:23:56] * Volcane 's again impressed by sinatra
[2010/06/04 11:24:12] <matti> Sinatra <3
[2010/06/04 11:24:35] <Volcane> http://nephilim.ml.org/~rip/urltester.rb makes http://nephilim.ml.org:4567/urltest/http://slashdot.org/
[2010/06/04 11:25:36] <matti> Testing ...
[2010/06/04 11:27:13] <joe-mac> what is sinatra?
[2010/06/04 11:27:36] <Volcane> joe-mac: see the code, thats the entire webserver and all
[2010/06/04 11:27:53] <Volcane> joe-mac: sinatra is the framework to do the web routes etc
[2010/06/04 11:31:31] <ReinH> Volcane: :) sinatra is nice
[2010/06/04 11:32:11] <lisa> sinatra is a small web framework.
[2010/06/04 11:33:14] @ sebas891 joined channel #puppet
[2010/06/04 11:34:42] <DavidS> nice weekend everyone!
[2010/06/04 11:35:21] <joe-mac> that language is so ambiguous that i think i might have actually negatively learned
[2010/06/04 11:35:24] <joe-mac> meaning, i am now dumber
[2010/06/04 11:35:25] <Volcane> man, its been like a year since i logged into the active directory boxen, i cant imagine the amount of pain this is going to cause me to change expired passwords etc :(
[2010/06/04 11:35:49] <joe-mac> people think puppet ssl sucsk
[2010/06/04 11:35:53] <Volcane> joe-mac: well just look at the .rb file link, it maps a get request that matches a pattern to some ruby code, very nice :)
[2010/06/04 11:35:54] <joe-mac> try openbsd isakmpd ssl
[2010/06/04 11:36:37] <joe-mac> i keep getting this error rsa_sig_decode_hash: SIG payload length does not match public key and no one on tyhe openbsd channel seems to even know what public key this is bitching about
[2010/06/04 11:36:55] <joe-mac> about to move PSK since i can't duick around with x509 certs all day
[2010/06/04 11:37:18] @ sebas891 left channel #puppet ()
[2010/06/04 11:40:45] @ Quit: DavidS: Quit: Leaving.
[2010/06/04 11:41:30] <Volcane> meh, no email address is worth the effort of changing this password
[2010/06/04 11:42:05] @ Quit: giskard: Read error: Connection reset by peer
[2010/06/04 11:42:28] @ giskard joined channel #puppet
[2010/06/04 11:45:57] @ rmiller4pi8 joined channel #puppet
[2010/06/04 11:48:14] @ Quit: marley: Ping timeout: 248 seconds
[2010/06/04 11:58:48] @ Quit: WALoeIII: Quit: WALoeIII
[2010/06/04 12:02:27] @ Quit: shug: Quit: Leaving
[2010/06/04 12:02:32] @ Quit: Pupeno: Quit: Pupeno
[2010/06/04 12:02:49] @ themurph joined channel #puppet
[2010/06/04 12:03:00] @ themurph left channel #puppet ()
[2010/06/04 12:04:05] @ Quit: Welsh_Dwarf: Remote host closed the connection
[2010/06/04 12:05:46] @ shenson-real joined channel #puppet
[2010/06/04 12:08:55] @ cynicismic joined channel #puppet
[2010/06/04 12:09:31] @ Quit: giskard: Remote host closed the connection
[2010/06/04 12:13:30] @ alfism joined channel #puppet
[2010/06/04 12:16:44] @ bodepd joined channel #puppet
[2010/06/04 12:25:54] @ Quit: Ramonster: Quit: So long, thanx for all the fish
[2010/06/04 12:27:34] @ littleidea_ joined channel #puppet
[2010/06/04 12:28:32] @ drocamor joined channel #puppet
[2010/06/04 12:28:50] @ rhyno joined channel #puppet
[2010/06/04 12:31:25] @ Quit: littleidea: Ping timeout: 265 seconds
[2010/06/04 12:31:42] @ tep joined channel #puppet
[2010/06/04 12:31:43] @ Quit: tep: Changing host
[2010/06/04 12:31:43] @ tep joined channel #puppet
[2010/06/04 12:32:35] @ Quit: benoit_: Ping timeout: 260 seconds
[2010/06/04 12:32:43] <drocamor> if i'm working with multiple modules that may require the same package (let's say i have two modules that need to have git installed for some reason) should I be just requiring that package in each module configuration or putting that in another place?
[2010/06/04 12:33:31] <jbooth> drocamor: I made a "packages" module and stick software in there. Then I can just require the class that hosts that package.
[2010/06/04 12:33:52] <jbooth> Also handy in that I have packages::meta::rails which pulls in all the rails software bits, for example.
[2010/06/04 12:34:01] @ WALoeIII joined channel #puppet
[2010/06/04 12:34:10] @ Quit: WALoeIII: Remote host closed the connection
[2010/06/04 12:34:11] <drocamor> jbooth: ahh, so like make a packages::git module?
[2010/06/04 12:34:15] @ WALoeIII joined channel #puppet
[2010/06/04 12:34:26] @ Quit: bodepd: Quit: bodepd
[2010/06/04 12:34:28] <jbooth> drocamor: Yeah. Cause you can't multiply package{"git":}
[2010/06/04 12:34:39] <jbooth> And the if defined(Package["git"]) is gross.
[2010/06/04 12:34:53] <drocamor> jbooth: ok so then in another module i can say: include packages::git ?
[2010/06/04 12:36:32] <jbooth> Yep, or require packages::git
[2010/06/04 12:36:46] <jbooth> but beware that require has some bugs in 0.25....5 and below, I think.
[2010/06/04 12:36:52] <jbooth> Maybe it is only 0.25.4 and below
[2010/06/04 12:37:21] <jbooth> If you only ever 'require' once in a class, you're good. If you require 2 things... not so much.
[2010/06/04 12:37:41] <jbooth> Also require is a great way to get into depend loops, so probably best to just include and then require=> on resources that actually need it to preceed them.
[2010/06/04 12:37:44] @ giskard joined channel #puppet
[2010/06/04 12:37:56] <drocamor> ok
[2010/06/04 12:38:01] <drocamor> jbooth: thanks for that tip
[2010/06/04 12:38:41] @ Quit: jaredrhine: Quit: Leaving.
[2010/06/04 12:39:26] @ Quit: rhyno: Ping timeout: 248 seconds
[2010/06/04 12:41:48] @ \ask joined channel #puppet
[2010/06/04 12:42:29] @ lak joined channel #puppet
[2010/06/04 12:47:30] @ Quit: lak: Quit: lak
[2010/06/04 12:57:43] @ ahuman joined channel #puppet
[2010/06/04 12:58:18] @ bodepd joined channel #puppet
[2010/06/04 12:58:29] @ Quit: mauve: Quit: Leaving
[2010/06/04 12:59:25] @ Quit: nimrod10: Quit: Coyote finally caught me
[2010/06/04 13:00:05] @ marley joined channel #puppet
[2010/06/04 13:01:14] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 13:01:44] @ bodepd joined channel #puppet
[2010/06/04 13:02:12] @ fzzzt joined channel #puppet
[2010/06/04 13:02:15] <pheezy> Can I glob templates? ie template('module/start_template.erb','module/template_part.*.erb')
[2010/06/04 13:02:29] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 13:02:54] @ bodepd joined channel #puppet
[2010/06/04 13:03:36] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 13:04:05] @ bodepd joined channel #puppet
[2010/06/04 13:04:29] <Volcane> pheezy: no
[2010/06/04 13:04:32] <jbooth> pheezy: I don't think so, but...
[2010/06/04 13:04:45] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 13:04:47] <jbooth> pheezy: You could write ruby code in the template that implements that with ERB.
[2010/06/04 13:05:16] @ bodepd joined channel #puppet
[2010/06/04 13:05:42] <pheezy> hmm ok...
[2010/06/04 13:05:58] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 13:06:39] @ bodepd joined channel #puppet
[2010/06/04 13:07:35] @ Quit: \ask: Quit: Leaving...
[2010/06/04 13:09:36] @ alban21 joined channel #puppet
[2010/06/04 13:12:06] @ Quit: alban2: Ping timeout: 240 seconds
[2010/06/04 13:13:43] @ rhyno joined channel #puppet
[2010/06/04 13:16:39] @ Quit: chjohnst: Ping timeout: 240 seconds
[2010/06/04 13:19:54] <bodepd> pheezy: is that you phil?
[2010/06/04 13:20:00] <reyjrar> Is there an easy way to see the full output of a command being run by exec?
[2010/06/04 13:21:03] <reyjrar> oh..
[2010/06/04 13:21:05] <reyjrar> foudn it
[2010/06/04 13:21:11] <reyjrar> logoutput
[2010/06/04 13:22:34] @ Quit: WALoeIII: Quit: WALoeIII
[2010/06/04 13:31:38] @ Quit: mikepea: Quit: mikepea
[2010/06/04 13:32:45] @ jaredrhine joined channel #puppet
[2010/06/04 13:38:56] <BLZbubba> is there an easy way to have puppet keep the uid & gid the same for users that it manages?
[2010/06/04 13:39:22] <BLZbubba> i find that it will change the uid but leaves the old gid in the passwd file
[2010/06/04 13:41:22] @ drocamor left channel #puppet ()
[2010/06/04 13:51:35] @ adrian_broher joined channel #puppet
[2010/06/04 13:54:04] @ pting joined channel #puppet
[2010/06/04 13:59:26] @ Quit: p3rror: Ping timeout: 248 seconds
[2010/06/04 13:59:36] @ Quit: littleidea_: Quit: littleidea_
[2010/06/04 14:04:21] <odyi> If you don't declare a uid number in your manifest then the OS picks one for you and it shouldn't change one the user is created. But it isn't going to sync these uid numbers across each node either. Without the declaration of a uid number it will solely manage user by title/namevar.
[2010/06/04 14:12:09] <dan__t> Can I use like an if defined in a template?
[2010/06/04 14:12:31] <Volcane> for a variable?
[2010/06/04 14:12:58] <dan__t> Well I was looking to see if a class was defined, but I can just as easily set a variable in that class, and check on that variable.
[2010/06/04 14:13:19] <dan__t> Now that you mention it.
[2010/06/04 14:13:32] <Volcane> you can do it, but just like defined() it's order dependant
[2010/06/04 14:13:34] <Volcane> so limited use
[2010/06/04 14:13:47] <dan__t> hrm.... ok.
[2010/06/04 14:14:12] @ Quit: jbarratt: Ping timeout: 276 seconds
[2010/06/04 14:19:11] @ Mick27 joined channel #puppet
[2010/06/04 14:19:28] <dan__t> word.
[2010/06/04 14:20:26] <chrisg> word up
[2010/06/04 14:22:40] @ jbarratt joined channel #puppet
[2010/06/04 14:29:29] @ Quit: tecto: Quit: tecto
[2010/06/04 14:40:05] <pheezy> yeah bodepd
[2010/06/04 14:40:55] <bodepd> pheezy: did you have a look at my blog about setting a single CA with puppetca --generate?
[2010/06/04 14:41:17] <pheezy> Yeah I saw it haven't had a chance to read it yet, been busy catching up on some other projects :(
[2010/06/04 14:42:21] @ ckauhaus joined channel #puppet
[2010/06/04 14:42:30] @ avocado joined channel #puppet
[2010/06/04 14:42:41] @ slade joined channel #puppet
[2010/06/04 14:43:10] @ slade is now known as Guest42401
[2010/06/04 14:43:50] @ Quit: bodepd: Quit: bodepd
[2010/06/04 14:44:17] <avocado> does puppet ship with commands to add users and their ssh keys?
[2010/06/04 14:44:47] <ckdake> http://docs.puppetlabs.com/references/stable/type.html -> user and sshkey
[2010/06/04 14:48:15] @ sladeRCN joined channel #puppet
[2010/06/04 14:50:53] <sladeRCN> Anyone have an idea when Puppet 0.26 will be released? I need some hashes ;)
[2010/06/04 14:54:26] @ bodepd joined channel #puppet
[2010/06/04 14:54:51] @ Quit: bodepd: Client Quit
[2010/06/04 14:56:13] @ Quit: cynicismic: Quit: leaving
[2010/06/04 14:56:59] @ littleidea joined channel #puppet
[2010/06/04 15:03:06] @ bodepd joined channel #puppet
[2010/06/04 15:03:14] <beata> in 0.25 is there a way to make sure a command is done last?
[2010/06/04 15:05:47] @ Quit: littleidea: Quit: littleidea
[2010/06/04 15:06:03] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 15:06:32] @ bodepd joined channel #puppet
[2010/06/04 15:07:12] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 15:10:20] <jbooth> beata: No simple way
[2010/06/04 15:10:49] <beata> didnt think so
[2010/06/04 15:13:39] @ brodyberg joined channel #puppet
[2010/06/04 15:14:58] @ Quit: ckauhaus: Ping timeout: 276 seconds
[2010/06/04 15:20:34] @ Quit: gebi: Ping timeout: 245 seconds
[2010/06/04 15:23:23] @ Quit: saysjonathan: Quit: Lost terminal
[2010/06/04 15:45:03] <beata> :q
[2010/06/04 15:45:12] @ Quit: beata: Quit: leaving
[2010/06/04 15:51:57] @ Quit: bug: Quit: bug
[2010/06/04 15:55:54] <tuv> can i put multiple commands in the command parameter of an exec: command => ["command1", "command2"], or command => "command1; command2"
[2010/06/04 15:57:24] <chadh> tuv: I don't think so, but you can do "command1;command2"
[2010/06/04 15:57:31] <chadh> doh, sorry
[2010/06/04 15:57:47] <chadh> tuv: you can even use pipes and redirection in the command
[2010/06/04 15:58:02] <tuv> chadh: so it's executed by a shell, not directly
[2010/06/04 15:58:36] <chadh> tuv: apparently
[2010/06/04 15:58:42] <chadh> tuv: apparently
[2010/06/04 15:58:51] @ bug joined channel #puppet
[2010/06/04 15:59:49] @ lak joined channel #puppet
[2010/06/04 16:00:05] <tuv> now is it safe to break a long string over multiple lines, or do i need a \ at the end of each line?
[2010/06/04 16:00:23] <tuv> or "line1" "line2"
[2010/06/04 16:01:03] @ Quit: giskard: Ping timeout: 240 seconds
[2010/06/04 16:07:17] @ Quit: [GuS]: Remote host closed the connection
[2010/06/04 16:07:17] @ Quit: mstyne: Read error: Connection reset by peer
[2010/06/04 16:08:11] @ giskard joined channel #puppet
[2010/06/04 16:09:35] @ Quit: Hunner: Quit: leaving
[2010/06/04 16:09:57] @ bodepd joined channel #puppet
[2010/06/04 16:10:07] @ Quit: bodepd: Client Quit
[2010/06/04 16:11:00] @ Mandus left channel #puppet ()
[2010/06/04 16:12:25] <chrisg> /win 21
[2010/06/04 16:12:27] <chrisg> oops
[2010/06/04 16:13:25] @ littleidea joined channel #puppet
[2010/06/04 16:13:51] @ TREllis joined channel #puppet
[2010/06/04 16:17:31] @ Quit: blkperl: Quit: leaving
[2010/06/04 16:18:07] @ bodepd joined channel #puppet
[2010/06/04 16:18:36] @ finch_mom joined channel #puppet
[2010/06/04 16:20:23] @ finch_mom left channel #puppet ()
[2010/06/04 16:20:38] @ Quit: nexx: Quit: quit
[2010/06/04 16:21:02] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 16:21:33] @ bodepd joined channel #puppet
[2010/06/04 16:22:13] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 16:22:43] @ bodepd joined channel #puppet
[2010/06/04 16:23:24] @ Quit: bodepd: Remote host closed the connection
[2010/06/04 16:23:45] @ Quit: rcrowley: Quit: rcrowley
[2010/06/04 16:24:09] @ bodepd joined channel #puppet
[2010/06/04 16:24:25] @ Quit: bodepd: Client Quit
[2010/06/04 16:25:03] @ afletcher joined channel #puppet
[2010/06/04 16:25:59] @ Quit: afletcher: Client Quit
[2010/06/04 16:27:21] @ Quit: littleidea: Quit: littleidea
[2010/06/04 16:34:12] @ Quit: rmiller4pi8: Ping timeout: 272 seconds
[2010/06/04 16:36:48] @ alban2 joined channel #puppet
[2010/06/04 16:40:46] @ Quit: alban21: Ping timeout: 276 seconds
[2010/06/04 16:46:47] @ emarshall joined channel #puppet
[2010/06/04 16:48:23] @ ghg joined channel #puppet
[2010/06/04 16:49:21] @ Quit: ckdake: Quit: Leaving.
[2010/06/04 16:52:21] @ Quit: ahuman: Remote host closed the connection
[2010/06/04 16:53:34] @ Quit: ezekiel: Quit: reboot time
[2010/06/04 16:55:19] @ Shamgar joined channel #puppet
[2010/06/04 16:55:42] <Shamgar> Quick question - anyone here running puppet dashboard with a mysql instance running on another host?
[2010/06/04 16:57:35] @ Quit: bug: Quit: bug
[2010/06/04 16:57:46] <jbooth> Shamgar: I'd like to but I'm not sure the ssl/etc support is there right now.
[2010/06/04 16:58:04] <jbooth> I'm just using localhost-mysql right now
[2010/06/04 16:58:48] <Shamgar> it barfs on a 'host:' param in database.yml, but not 'hostname:'. But it looks like it still tries to connect to localhost anyway.
[2010/06/04 16:59:34] <jbooth> It might not support it.
[2010/06/04 16:59:39] <avocado> when you use define, how do you call it.... :\|
[2010/06/04 16:59:55] @ sladeRCN left channel #puppet ()
[2010/06/04 16:59:55] <avocado> define blah($thing,$derp){ stuff is done }
[2010/06/04 16:59:56] <jbooth> When I was looking at Foreman it looked like all the mysql stuff was seriously primitive and/or old and dinosaur like.
[2010/06/04 17:00:06] <jbooth> avocado: Like a normal type/resource.
[2010/06/04 17:00:11] @ Quit: fzzzt: Read error: Connection reset by peer
[2010/06/04 17:00:19] <jbooth> blah { "title": thing=>foo, derp=>bar; }
[2010/06/04 17:00:20] <avocado> blah { "title": thing => whatever, derp => whatever }?
[2010/06/04 17:00:23] <avocado> :\
[2010/06/04 17:00:26] <Shamgar> Seems odd....
[2010/06/04 17:00:31] <jbooth> Define is short for "defined type"
[2010/06/04 17:00:35] <Shamgar> it's not like it' sa complicated aspect of implementation...
[2010/06/04 17:00:40] <ReinH> That's ActiveRecord (dashboard is a Rails app), so dashboard only supports database configuration options supported by AR
[2010/06/04 17:01:34] <ReinH> mysql should support a different :host
[2010/06/04 17:01:41] @ Quit: reyjrar: Quit: Leaving.
[2010/06/04 17:02:06] <tuv> is there an easy way to get the ip of a hostname in a template?
[2010/06/04 17:02:19] <ReinH> Shamgar: check out the mysql configuration options here: http://api.rubyonrails.org/classes/ActiveRecord/ConnectionAdapters/MysqlAdapter.html
[2010/06/04 17:02:27] <ReinH> Shamgar: there is ssl support
[2010/06/04 17:02:35] @ Quit: ghg: Quit: ghg
[2010/06/04 17:04:05] * Shamgar scratches his head.
[2010/06/04 17:04:06] <Shamgar> Yeah
[2010/06/04 17:04:11] <ReinH> googling "rails mysql ssl" turns up a few things
[2010/06/04 17:04:25] <tuv> or, how do i resolve a hostname to an ip, in a template?
[2010/06/04 17:05:04] <Shamgar> It's odd...if I put in hostname, it tries to connect via TCP it just does it to the localhost. If I put in the host key (which is what the api docs say) then it just bails saying the line with host in it is a syntax error.
[2010/06/04 17:05:10] <Shamgar> but activerecord clearly supports it.
[2010/06/04 17:05:14] <ReinH> Shamgar: interesting.
[2010/06/04 17:06:23] @ bug joined channel #puppet
[2010/06/04 17:08:27] @ plathrop-away is now known as plathrop
[2010/06/04 17:08:30] @ Quit: marley: Ping timeout: 260 seconds
[2010/06/04 17:08:53] @ blkperl joined channel #puppet
[2010/06/04 17:09:00] <joe-mac> i don't understand why i am getting this error: err: /File[/var/puppet/lib]: Failed to generate additional resources using 'eval_generate': certificate verify failed
[2010/06/04 17:09:43] <avocado> now i get this error: err: //New_system_user[ren]/Ssh_authorized_key[ren-key]: Failed to retrieve current state of resource: user ren doesn't exist. here is my define and class: http://pastie.org/992404
[2010/06/04 17:09:59] @ Quit: shenson-real: Quit: /me taps out
[2010/06/04 17:10:46] @ greglu joined channel #puppet
[2010/06/04 17:11:06] <avocado> it seems like user doesn't get run?
[2010/06/04 17:11:23] <Shamgar> ergh
[2010/06/04 17:11:23] @ ezekiel joined channel #puppet
[2010/06/04 17:11:37] <Shamgar> found it. stray whitespace chars.
[2010/06/04 17:11:40] <Shamgar> sheesh
[2010/06/04 17:11:44] <Shamgar> thanks guys. :-(
[2010/06/04 17:11:46] @ Shamgar left channel #puppet ()
[2010/06/04 17:11:52] <avocado> i'm totally doing this wrong.. but i need to get like 10 users up and goin on like 15 machines
[2010/06/04 17:12:22] @ Quit: shenson: Quit: /me taps out
[2010/06/04 17:16:22] <eric0> tuv to do an actual name->ip resolution, you can call out to the Socket methods from your template - if you're going to do it a lot, you might want to make a little rvalue function to assign a variable
[2010/06/04 17:19:14] @ Quit: TREllis: Quit: leaving
[2010/06/04 17:19:17] @ Quit: pheezy: Quit: Leaving...
[2010/06/04 17:21:57] <avocado> nevermind, i am a tard
[2010/06/04 17:22:01] <eric0> oh .. 'resolv' is a lot easier to use than raw sockets
[2010/06/04 17:22:13] <eric0> irb(main):006:0> require 'Resolv'
[2010/06/04 17:22:14] <eric0> => true
[2010/06/04 17:22:14] <eric0> irb(main):007:0> a = Resolv.getaddress("www.apple.com")
[2010/06/04 17:22:14] <eric0> => "96.7.157.15"
[2010/06/04 17:24:19] <jbooth> There's also ipaddr, though you might have to modify it like I did. Good thing ruby classes are open...
[2010/06/04 17:27:04] @ Quit: allsystemsarego: Quit: Leaving
[2010/06/04 17:36:56] @ Quit: MPSimmons: Quit: Leaving.
[2010/06/04 17:39:46] @ Quit: adrian_broher: Quit: Verlassend
[2010/06/04 17:42:08] <joe-mac> wtf this ssl problem has my mind boggled
[2010/06/04 17:47:07] @ thegcat joined channel #puppet
[2010/06/04 17:48:59] @ plathrop is now known as plathrop-away
[2010/06/04 17:58:47] @ littleidea joined channel #puppet
[2010/06/04 18:01:27] @ Quit: ecapriolo: Quit: KVIrc Insomnia 4.0.0, revision: 4030, sources date: 20100125, built on: 2010-02-25 23:12:54 UTC http://www.kvirc.net/
[2010/06/04 18:02:27] @ tonyskap` joined channel #puppet
[2010/06/04 18:04:26] @ Quit: tonyskapunk: Ping timeout: 265 seconds
[2010/06/04 18:05:07] @ yatesy joined channel #puppet
[2010/06/04 18:06:51] @ Quit: ahasenack: Quit: Leaving
[2010/06/04 18:07:06] @ Quit: axisys: Remote host closed the connection
[2010/06/04 18:07:07] @ Quit: emarshall: Read error: Connection reset by peer
[2010/06/04 18:07:24] @ emarshall joined channel #puppet
[2010/06/04 18:08:12] @ Quit: emarshall: Client Quit
[2010/06/04 18:12:20] <Tonnerre> What would be a reason for a plugin to claim it is not functional on a platform?
[2010/06/04 18:12:27] <Tonnerre> For a package plugin to be precise
[2010/06/04 18:12:44] <Tonnerre> Message is: Provider pkgin is not functional on this platform
[2010/06/04 18:16:08] <Volcane> its looking for some binary that it cant find
[2010/06/04 18:16:18] <Volcane> or its just plainly told not to work on anything mathcing that operatingsystem
[2010/06/04 18:16:57] <Tonnerre> Hm, the latter is not the case
[2010/06/04 18:17:20] @ Quit: flakrat: Quit: Leaving
[2010/06/04 18:17:33] @ tonyskap` is now known as tonyskapunk
[2010/06/04 18:26:41] @ Quit: littleidea: Quit: littleidea
[2010/06/04 18:26:57] @ gebi joined channel #puppet
[2010/06/04 18:27:40] @ Quit: tonyskapunk: Quit: ERC Version 5.3 (IRC client for Emacs)
[2010/06/04 18:34:18] @ Quit: the\|herbivore: Ping timeout: 240 seconds
[2010/06/04 18:36:28] @ axisys joined channel #puppet
[2010/06/04 18:41:03] @ Quit: Guest42401: Quit: Page closed
[2010/06/04 18:45:53] @ Quit: gebi: Ping timeout: 264 seconds
[2010/06/04 18:52:25] @ joe-mac left channel #puppet ()
[2010/06/04 19:03:00] @ Quit: steph021: Quit: Leaving
[2010/06/04 19:06:13] @ ghg joined channel #puppet
[2010/06/04 19:07:00] @ Quit: ghg: Client Quit
[2010/06/04 19:09:58] @ Quit: bug: Quit: bug
[2010/06/04 19:20:05] @ Quit: cmoates: Quit: Leaving
[2010/06/04 19:27:28] @ rcrowley joined channel #puppet
[2010/06/04 19:28:04] @ littleidea joined channel #puppet
[2010/06/04 19:33:26] @ Quit: littleidea: Quit: littleidea
[2010/06/04 19:34:38] @ littleidea joined channel #puppet
[2010/06/04 19:39:38] @ Quit: tep: Quit: Leaving.
[2010/06/04 19:40:16] @ Quit: thegcat: Quit: Leaving.
[2010/06/04 19:42:36] @ Quit: alfism: Quit: alfism
[2010/06/04 19:45:08] @ jsnby joined channel #puppet
[2010/06/04 19:46:47] <jsnby> hello all...I'm trying to run puppet-dashboard. Whenever I click on one of the nodes, I get "report was supposed to be a Puppet::Transaction::Report, but was a String" any thoughts?
[2010/06/04 19:50:12] @ carla joined channel #puppet
[2010/06/04 19:53:28] @ Quit: jsnby: Quit: Page closed
[2010/06/04 19:54:52] @ Quit: Mick27: Quit: This computer has gone to sleep
[2010/06/04 19:57:55] @ noyb joined channel #puppet
[2010/06/04 19:58:06] @ Quit: rcrowley: Quit: rcrowley
[2010/06/04 19:59:22] @ Quit: littleidea: Ping timeout: 276 seconds
[2010/06/04 20:02:37] @ jsnby joined channel #puppet
[2010/06/04 20:05:17] @ rmiller4pi8 joined channel #puppet
[2010/06/04 20:05:23] @ Quit: _Lemon_: Ping timeout: 240 seconds
[2010/06/04 20:05:34] @ _Lemon_ joined channel #puppet
[2010/06/04 20:10:53] <ReinH> jsnby: hmm, what version of dashboard?
[2010/06/04 20:13:07] @ Quit: rmiller4pi8: Ping timeout: 240 seconds
[2010/06/04 20:14:52] @ Quit: lak: Quit: lak
[2010/06/04 20:16:07] <jsnby> I cloned the dashboard from git yesterday
[2010/06/04 20:17:00] <jsnby> more of the error: ActiveRecord::SerializationTypeMismatch in Nodes#show
[2010/06/04 20:17:07] <ReinH> hmm
[2010/06/04 20:17:10] <jsnby> Showing app/views/statuses/_run_time.html.haml where line #8 raised:
[2010/06/04 20:17:11] <gepetto> jsnby: #8 is http://projects.puppetlabs.com/issues/show/8 "Puppet - Feature #8: Add 'ignore' to :file - PuppetLabs.com"
[2010/06/04 20:17:25] <ReinH> jsnby: thanks
[2010/06/04 20:17:41] <ReinH> jsnby: how did you import your reports?
[2010/06/04 20:17:47] <ReinH> and what version of Puppet generated them?
[2010/06/04 20:18:00] <ReinH> it looks like you have a mal-formed report
[2010/06/04 20:18:03] <jsnby> puppet 25.4, import ran fine
[2010/06/04 20:18:11] <ReinH> 25.4 should be fine
[2010/06/04 20:18:43] @ cmoates joined channel #puppet
[2010/06/04 20:18:46] @ Quit: brodyberg: Quit: brodyberg
[2010/06/04 20:19:24] <jsnby> I'm also seeing a message in my syslog on the puppetmaster: Report puppet_dashboard failed: wrong Content-Length format
[2010/06/04 20:19:46] <blood> jsnby: try foreman
[2010/06/04 20:20:38] <ReinH> jsnby: yeah, I'm trying to track down the content-length bug
[2010/06/04 20:20:49] <ReinH> jsnby: can you do this query on your dashboard database: select id from reports where reports.report not like "%Puppet::Transaction::Report%";
[2010/06/04 20:21:18] <blood> ReinH: what's the difference between foreman and dashboard? do they essentially do the same things?
[2010/06/04 20:22:13] <ReinH> blood: Foreman is older, has more features, but a very different UI
[2010/06/04 20:22:18] <jsnby> ReinH: Empty set (0.04 sec)
[2010/06/04 20:22:22] <blood> ah gotcha
[2010/06/04 20:23:12] <blood> shouldn't devs of dashboard/foreman just join forces and make a better overall reporting system?
[2010/06/04 20:23:24] <ReinH> blood: ideally, yes
[2010/06/04 20:23:38] <blood> i know ohadlevy is a dev
[2010/06/04 20:23:48] <blood> u 2 should just join together=)
[2010/06/04 20:24:11] <ReinH> blood: if only that were the only consideration
[2010/06/04 20:24:40] <blood> what are the downfalls?
[2010/06/04 20:25:17] <ReinH> blood: mainly political tangles, IP and such
[2010/06/04 20:26:14] <jsnby> i also seem to be leaking mysql connections when enabling stored configs. I'm on centos. I repackaged rails (and dependencies) from F11 and installed them, but still seem to be leaking a connection each time a client checks in. I repackaged rails 2.3.2.
[2010/06/04 20:26:18] <ReinH> possibly also a difference in vision, but the former has really prevented me from having a lengthy discussion with ohad
[2010/06/04 20:26:33] <ReinH> (about the latter)
[2010/06/04 20:26:33] <blood> ReinH: gotcha
[2010/06/04 20:27:03] <blood> ReinH: i just think if you 2 came into agreement, the overall product would be alot better in the end
[2010/06/04 20:27:12] <ReinH> blood: I agree.
[2010/06/04 20:27:31] <ReinH> unfortunately our hands are sort of tied
[2010/06/04 20:27:52] <blood> ReinH: well i'll continue to check out both =)
[2010/06/04 20:27:57] <ReinH> blood: good plan
[2010/06/04 20:28:04] <ReinH> foreman does a lot of good stuff
[2010/06/04 20:28:19] <blood> currently, thinking of rolling out puppet / munki to my new job(school)
[2010/06/04 20:28:22] <ReinH> but it does most of it by talking directly to Puppet via Ruby
[2010/06/04 20:28:34] <ReinH> we'd rather make Puppet's API available as services
[2010/06/04 20:28:43] <ReinH> and use those to drive dashboard, foreman, other clients
[2010/06/04 20:28:48] <ReinH> because that's more portable
[2010/06/04 20:29:11] <ReinH> we're working on a catalog service that will enable some pretty cool stuff
[2010/06/04 20:29:14] <jsnby> another question: does the remote filebucket work in 0.25.4? Bug #3807 seems to indicate that it doesn't and i'm seeing the same thing.
[2010/06/04 20:29:14] <gepetto> jsnby: #3807 is http://projects.puppetlabs.com/issues/show/3807 "Puppet - Bug #3807: not able to use remote filebucket - PuppetLabs.com"
[2010/06/04 20:29:18] <ReinH> reflecting on catalogs for required parameters, etc
[2010/06/04 20:30:23] <ReinH> jsnby: hmm, #3807 is surprisingly quiet
[2010/06/04 20:30:23] <gepetto> ReinH: jsnby: #3807 is http://projects.puppetlabs.com/issues/show/3807 "Puppet - Bug #3807: not able to use remote filebucket - PuppetLabs.com"
[2010/06/04 20:30:35] <blood> ReinH: is there a reason why puppet chose Ruby over Python?
[2010/06/04 20:30:57] <ReinH> blood: I believe the reason was "Luke got it sort of working in Ruby first"
[2010/06/04 20:31:03] <blood> ah
[2010/06/04 20:31:10] <blood> so instead of redoing it all in Python, they just kept with it
[2010/06/04 20:32:52] <ReinH> jsnby: most of that filebucket code has been rewritten for Rowlf so it's probably fixed in master
[2010/06/04 20:33:00] @ Quit: jab_doa: Quit: Verlassend
[2010/06/04 20:33:01] <ReinH> jsnby: not sure why we've slept on the ticket
[2010/06/04 20:33:37] <jsnby> Any idea when 0.25.6 is being released that would include the changes to the filebucket code?
[2010/06/04 20:33:50] <jsnby> assuming it would be included in 0.25.6
[2010/06/04 20:33:56] <ReinH> jsnby: not sure, and yes
[2010/06/04 20:34:10] <blood> whats changed with filebucket?
[2010/06/04 20:34:12] <jsnby> cool....i can wait patiently
[2010/06/04 20:34:20] <ReinH> jsnby: we're probably talking weeks rather than months
[2010/06/04 20:34:30] <ReinH> jsnby: that's very kind of you :)
[2010/06/04 20:34:44] <ReinH> blood: um... stuff?
[2010/06/04 20:34:46] <jsnby> any thoughts on leaking mysql connections, even after upgrading to rails 2.3.2?
[2010/06/04 20:34:50] <ReinH> blood: I just build the pretty web app :p
[2010/06/04 20:34:52] <blood> =)
[2010/06/04 20:35:02] <blood> ReinH: so your the man behind dashboard=)
[2010/06/04 20:35:11] <ReinH> blood: actually I do do puppet core dev, but I haven't worked on the filebucket stuff
[2010/06/04 20:35:14] <blood> any idea when you will integrate discovery to deploy puppet to clients?
[2010/06/04 20:35:17] <ReinH> blood: guilty
[2010/06/04 20:35:19] <blood> that would be useful
[2010/06/04 20:35:30] <ReinH> blood: discovery?
[2010/06/04 20:35:39] <blood> like it discovers all clients on network
[2010/06/04 20:35:55] <ReinH> blood: ah, well... clients would already have puppet on them
[2010/06/04 20:35:55] <blood> then can tell whether or not they have puppet
[2010/06/04 20:36:01] <ReinH> how else would they be clients?
[2010/06/04 20:36:09] <ReinH> maybe I think "client" means something else
[2010/06/04 20:36:13] <blood> ok basically
[2010/06/04 20:36:16] <blood> it pings the network range
[2010/06/04 20:36:25] <ReinH> ah
[2010/06/04 20:36:29] <blood> then it can tell based on it's database or whatever it uses to figure out what clients it has seen
[2010/06/04 20:36:37] <ReinH> ah ha
[2010/06/04 20:36:38] <blood> or it can see if the client is listening on a specific port
[2010/06/04 20:36:39] <blood> based on that
[2010/06/04 20:36:43] <blood> it can deploy puppet to it
[2010/06/04 20:36:45] <blood> via ssh
[2010/06/04 20:36:47] <blood> or whatever
[2010/06/04 20:36:57] <ReinH> ok, and puppet clients have a status service that can be pinged
[2010/06/04 20:37:11] <ReinH> blood: one of the rules, though, is that dashboard doesn't write to your system
[2010/06/04 20:37:13] <ReinH> it only reads
[2010/06/04 20:37:18] <ReinH> or writes to puppetmaster
[2010/06/04 20:37:29] <ReinH> so puppetmaster would have to be able to deploy new clients first
[2010/06/04 20:37:33] <ReinH> (that's for security)
[2010/06/04 20:37:38] <jsnby> blood: seems like that should be part of your install.....have kickstart install puppet
[2010/06/04 20:37:48] <blood> well many big management apps provide it
[2010/06/04 20:37:51] <blood> at least on windows=)
[2010/06/04 20:37:58] <ReinH> blood: but we don't even do windows, so...
[2010/06/04 20:38:01] <blood> yea i know
[2010/06/04 20:38:06] <blood> was just curious=)
[2010/06/04 20:38:07] <ReinH> blood: also, windows is hell from a config management standpoint
[2010/06/04 20:38:12] <ReinH> they don't even have a sane installer :p
[2010/06/04 20:38:15] <blood> not really
[2010/06/04 20:38:18] <blood> GPO works just fine
[2010/06/04 20:38:27] <blood> i've managed windows for 10 years
[2010/06/04 20:38:28] <blood> =)
[2010/06/04 20:38:28] <ReinH> blood: feel free to contribute to our windows development :D
[2010/06/04 20:38:43] <ReinH> even if it's just "here's how you should do this"
[2010/06/04 20:38:43] <blood> sure thing
[2010/06/04 20:38:50] <blood> what you guys writing it in?
[2010/06/04 20:38:54] <blood> c++?
[2010/06/04 20:38:55] <ReinH> blood: the dev list is a good place to share your expertise
[2010/06/04 20:38:58] <ReinH> blood: still Ruby
[2010/06/04 20:39:06] <ReinH> which is... fun on windows
[2010/06/04 20:39:08] <blood> ouch
[2010/06/04 20:39:19] <blood> o yea
[2010/06/04 20:39:24] <blood> you want it to work from the same puppetmaster=)
[2010/06/04 20:39:33] <blood> so it's still universal
[2010/06/04 20:39:40] <ReinH> jsnby: is there a ticket for the storeconfigs mysql connections leak bug?
[2010/06/04 20:39:59] @ Quit: LapTop006: Ping timeout: 276 seconds
[2010/06/04 20:40:06] <ReinH> blood: we'd eventually like puppetmasterd to communicate to clients via a protocol that allows multiple implementations
[2010/06/04 20:40:09] @ LapTop006 joined channel #puppet
[2010/06/04 20:40:09] <ReinH> we aren't there yet
[2010/06/04 20:40:48] <blood> yea that would be nice
[2010/06/04 20:41:06] <jsnby> ReinH: yeah: #3238
[2010/06/04 20:41:07] <gepetto> jsnby: ReinH: #3238 is http://projects.puppetlabs.com/issues/show/3238 "Puppet - Bug #3238: puppetmaster uses to many mysql connections - PuppetLabs.com"
[2010/06/04 20:41:10] <blood> still for where its at now, it's amazing=)
[2010/06/04 20:41:26] <blood> at least for managing *nix
[2010/06/04 20:41:28] <blood> and osx=)
[2010/06/04 20:41:57] @ Quit: blkperl: Quit: leaving
[2010/06/04 20:42:00] <ReinH> blood: os x is a *nix :p
[2010/06/04 20:42:03] @ blkperl joined channel #puppet
[2010/06/04 20:43:38] <odyi> ReinH: Cody. You should always be able to find me here. Connected and in channel 24x7.
[2010/06/04 20:43:54] <blood> yea i know
[2010/06/04 20:43:56] <blood> =)
[2010/06/04 20:43:59] <blood> Darwin
[2010/06/04 20:44:06] <ReinH> ohadlevy: oh hi
[2010/06/04 20:44:58] <jsnby> ReinH: do you think it's worth me upgrading from rails 2.3.2 to 2.3.5?
[2010/06/04 20:45:19] <ReinH> jsnby: dashboard bundles rails, so you're already running its version
[2010/06/04 20:45:33] <jsnby> i was thinking for the mysql connection issue
[2010/06/04 20:45:37] <ReinH> ah
[2010/06/04 20:45:49] <ReinH> jsnby: hmmm, iirc 2.3.5 is buggy in other ways
[2010/06/04 20:45:52] <ReinH> I'd try 2.3.6
[2010/06/04 20:46:09] <jsnby> i'll check to see if it's available in the rawhide repo
[2010/06/04 20:46:13] <ReinH> jsnby: the mysql leak is almost definitely an ActiveRecord issue
[2010/06/04 20:47:10] <ReinH> odyi: so what do you want to cover next week?
[2010/06/04 20:50:08] * odyi knows this is broad but..."Convince me why I want to install it into my production environment"
[2010/06/04 20:50:16] <ReinH> beautiful
[2010/06/04 20:50:26] <ReinH> damn, don't we have salespeople for that? ;)
[2010/06/04 20:50:49] <odyi> My test instance is on my laptop which I left at work but my wife is bring it home for me.
[2010/06/04 20:51:05] <odyi> I can be more specific and be able to form some question after I get it.
[2010/06/04 20:54:54] @ ryanc_ is now known as ryan-c\|w
[2010/06/04 20:55:36] <ReinH> odyi: sweet
[2010/06/04 20:55:42] <ReinH> I might be out to dinner or whatnot but I'll be lurking
[2010/06/04 20:55:44] <raz> hrm is there a way, inside a template, to figure out all tags that the current node has?
[2010/06/04 20:56:06] <raz> i'm thinking about generating a global hosts-file that also adds aliases for each host according to the tags
[2010/06/04 20:57:17] <raz> i.e. i'd like to have the db node have the tag "database" and receive the alias name "database" in the hosts file. that way we could just use those tag-hostnames ("roles" so to say) in the app configuration and have stuff always be looked up right
[2010/06/04 20:58:01] <odyi> how many nodes?
[2010/06/04 20:58:29] <raz> for the deployment i'm testing with only a few (<10). but the idea is to find a way that scales.
[2010/06/04 20:58:45] <odyi> bind scales pretty good...
[2010/06/04 20:58:51] <raz> i'm still not quite happy with the whole situation of managing service interdependencies, starting, stopping across a cluster
[2010/06/04 20:58:55] @ Quit: jaredrhine: Ping timeout: 260 seconds
[2010/06/04 20:59:16] <raz> odyi: yea well, the template could just as well create a zone-file, tinydns data or whatever
[2010/06/04 20:59:47] <raz> i'm just not sure how to go about arrange and collect those tags in a good way
[2010/06/04 21:00:25] <blood> yea it would be nice if puppet kept some form of database of it's clients
[2010/06/04 21:00:37] <blood> alot more could be done that way
[2010/06/04 21:00:46] <jsnby> blood: isn't that what stored configs does for you?
[2010/06/04 21:00:47] <odyi> I kinda can
[2010/06/04 21:00:50] <ReinH> blood: puppet does optionally keep a database called stoed configs
[2010/06/04 21:00:54] <blood> nice
[2010/06/04 21:00:58] <ReinH> that, er, keeps client info in it
[2010/06/04 21:01:00] <blood> its stored in mysql?
[2010/06/04 21:01:02] <ReinH> yes
[2010/06/04 21:01:05] <blood> sweet
[2010/06/04 21:01:06] <ReinH> actually
[2010/06/04 21:01:10] * odyi uses postgres
[2010/06/04 21:01:15] <ReinH> it's stored in any ActiveRecord-compatible database
[2010/06/04 21:01:16] <odyi> it will work in sqlight too
[2010/06/04 21:01:29] <mackn_> woo postgres
[2010/06/04 21:01:38] <odyi> sigh...so not how you spell lite
[2010/06/04 21:01:42] @ Quit: blkperl: Quit: leaving
[2010/06/04 21:02:36] @ blkperl joined channel #puppet
[2010/06/04 21:02:47] @ Quit: blkperl: Client Quit
[2010/06/04 21:02:57] <odyi> raz: any reason you are managing a template for /etc/hosts and not just the hosts resource?
[2010/06/04 21:03:17] <raz> odyi: that might work as well, i'm just still not sure how to go for it
[2010/06/04 21:03:38] <blood> Is there a puppet gui that allows you to edit configs directly from a web interface?
[2010/06/04 21:03:45] <odyi> I was thinking that the resource had an allias param
[2010/06/04 21:04:06] <odyi> blood: foreman might and the dashboard might in future releases...i think
[2010/06/04 21:04:06] <raz> as said, the goal would be to end up with a hosts file (identical for each host) that contains all hosts, each having aliases according to their tags (only including tags matching a given pattern)
[2010/06/04 21:04:11] <blood> nice=)
[2010/06/04 21:04:38] <raz> then again, tags might not be the right source, due to the risk of duplication
[2010/06/04 21:06:11] <odyi> hmmm so how are you classes/modules set up? It feels like you have some general class you apply to a bunch of nodes and they magically become a "database" if you tag it so?
[2010/06/04 21:06:24] <odyi> Damn sometimes there is just to many ways to accomplish a single task in puppet
[2010/06/04 21:06:41] <odyi> It is murder on the brain to visualize what people are asking and why they are asking it
[2010/06/04 21:07:09] <ReinH> heh tell me about it
[2010/06/04 21:07:15] <raz> hmm yea, thinkin about it more, tags are probably not a good idea for this. generally i just want to declare something like $roles = "database, memcached" in a given node. and then have a way to generate a hosts file (for all hosts) that includes these alias names for that node.
[2010/06/04 21:07:24] <ReinH> odyi: not just a Puppet problem though, I promise you
[2010/06/04 21:08:03] <raz> i guess storeconfigs will have to be involved with this anyhow, but my puppet fu is wea
[2010/06/04 21:08:03] <raz> k
[2010/06/04 21:08:31] <odyi> storeconfigs is always the answer
[2010/06/04 21:08:35] <odyi> :)
[2010/06/04 21:09:32] <odyi> I suppose you could do like the sshkey example that can be found on the puppet site somewhere and use exported resources.
[2010/06/04 21:09:34] <raz> i just have no remote idea how to even interact with it or query it
[2010/06/04 21:09:44] <raz> my only contact with it so far was enabling it because the munin module demanded ;)
[2010/06/04 21:10:08] <raz> ah thx, gonna look that example up, perhaps that will shed some light
[2010/06/04 21:10:47] <raz> hmmm happen to have a link? 'puppet sshkey' brings a lot of google hits ;)
[2010/06/04 21:11:18] <raz> or do you mean the sshkey module itself?
[2010/06/04 21:11:28] <odyi> So if something was a tagged a database it would export a host definition that included the alias then all nodes could use the spaceship operator to then retrieve them.
[2010/06/04 21:11:42] <odyi> I shall look
[2010/06/04 21:13:12] <odyi> http://docs.puppetlabs.com/guides/exported_resources.html
[2010/06/04 21:13:16] <odyi> http://docs.puppetlabs.com/guides/types/ssh/sshkey.html
[2010/06/04 21:13:55] * raz reads
[2010/06/04 21:14:37] <raz> yay, exported resources is already looking pretty damn good
[2010/06/04 21:14:50] @ blkperl joined channel #puppet
[2010/06/04 21:15:15] @ Quit: blkperl: Client Quit
[2010/06/04 21:15:33] @ blkperl joined channel #puppet
[2010/06/04 21:15:36] <raz> hmmm to make use of it it seems i'll have to learn how to create my own type
[2010/06/04 21:17:14] <odyi> If you haven't dug into defined resource types yet I suggest you do. They can be very powerful.
[2010/06/04 21:18:20] <raz> heh well, still trying to wrap my head around virtual resources
[2010/06/04 21:18:28] <raz> this is all getting very meta ;)
[2010/06/04 21:19:21] <ReinH> raz: virtual defined resource type types
[2010/06/04 21:22:28] <raz> hmm so it seems in the end i'd need my nodes to contain something like @@roles { value => ["foo","bar"] } and then figure out how to compile a hosts file from that (which prolly contains Roles <<\| \|>> in the class definition somewhere)
[2010/06/04 21:22:31] <jsnby> is there a way to loop through a list of realized virtual resources from a template?
[2010/06/04 21:22:32] @ Quit: blkperl: Disconnected by services
[2010/06/04 21:22:58] <jsnby> for example, loop through all realized Users?
[2010/06/04 21:23:24] <raz> jsnby: from the nagios example it seems like Nagios_host <<\|\|>> does that, although i have not yet quite grasped what it really does ;)
[2010/06/04 21:23:37] <raz> err i mean how
[2010/06/04 21:24:57] @ blkperl joined channel #puppet
[2010/06/04 21:25:32] <jsnby> that would simply collect exported resources of type nagios_host to generate the config file....which is I guess the same thing....but i'm trying to do this locally on a client. For example, if I wanted to construct an htpasswd file on a host that contained only data about users that had an account realized on that particular host
[2010/06/04 21:26:39] <raz> jsman: hmyea, you're right. i'm trying to do sort of the opposite: on each host i want to construct a hosts-file that contains all "roles" that have been realized/declared(?) on any node
[2010/06/04 21:29:38] <raz> i guess it might actually be easier to query the storedconfig locally, generate the file locally, and then just push that file{} en block to all hosts
[2010/06/04 21:29:47] <raz> except that's not sexy ;)
[2010/06/04 21:30:20] <raz> where locally == on the puppetmaster, with some shell script
[2010/06/04 21:31:03] <jsnby> or you could probably write a ruby function to do it
[2010/06/04 21:31:30] <raz> yea, i'm just not familar enough with puppet to know where to even start
[2010/06/04 21:32:47] @ Quit: Xombie: Ping timeout: 248 seconds
[2010/06/04 21:41:10] <raz> or, different angle, anyone know a tool like monit or god that works across hosts?
[2010/06/04 21:45:59] @ Quit: stick: Ping timeout: 245 seconds
[2010/06/04 21:47:07] @ Quit: bdha: Quit: leaving
[2010/06/04 21:51:22] @ stick joined channel #puppet
[2010/06/04 21:53:42] @ ppickfor joined channel #puppet
[2010/06/04 21:54:32] @ bdha joined channel #puppet
[2010/06/04 21:55:14] @ Quit: acrollet: Quit: acrollet
[2010/06/04 21:55:28] @ jsnby left channel #puppet ()
[2010/06/04 22:03:12] @ Quit: tim\|mac: Remote host closed the connection
[2010/06/04 22:08:15] @ jaredrhine joined channel #puppet
[2010/06/04 22:11:51] @ Quit: gaveen: Quit: Leaving
[2010/06/04 22:25:05] @ rcrowley joined channel #puppet
[2010/06/04 22:28:59] @ Quit: jcesario_: Ping timeout: 252 seconds
[2010/06/04 22:29:21] @ MrTransformation joined channel #puppet
[2010/06/04 22:39:31] @ Quit: pting: Quit: Ex-Chat
[2010/06/04 22:42:50] @ bug joined channel #puppet
[2010/06/04 22:43:55] @ Quit: rhyno: Ping timeout: 260 seconds
[2010/06/04 22:56:35] @ Quit: rcrowley: Quit: rcrowley
[2010/06/04 22:57:49] @ Quit: carla: Quit: sleeep cya
[2010/06/04 23:12:37] @ emarshall joined channel #puppet
[2010/06/04 23:22:17] @ henderb joined channel #puppet
[2010/06/04 23:46:20] @ swa_work joined channel #puppet
[2010/06/04 23:49:02] @ Quit: emarshall: Quit: emarshall
[2010/06/04 23:55:59] @ Quit: cliff-hm: Ping timeout: 245 seconds

Generated by irclog2html.py 2.8 by Marius Gedminas - find it at mg.pov.lt!