Thursday, 2010-06-17

[2010/06/17 00:04:02] @ Log started by gepetto
[2010/06/17 00:04:02] @ \ask joined channel #puppet
[2010/06/17 00:05:10] @ Quit: rmiller4pi81: Read error: Connection reset by peer
[2010/06/17 00:06:11] @ rmiller4pi8 joined channel #puppet
[2010/06/17 00:08:46] @ Quit: lohapuk: Ping timeout: 264 seconds
[2010/06/17 00:09:48] @ DavidS joined channel #puppet
[2010/06/17 00:09:56] @ Quit: poison: Remote host closed the connection
[2010/06/17 00:15:25] @ cashe left channel #puppet ()
[2010/06/17 00:20:57] @ MattyM joined channel #puppet
[2010/06/17 00:22:56] @ Ramonster joined channel #puppet
[2010/06/17 00:25:10] @ Quit: sdog: Changing host
[2010/06/17 00:25:10] @ sdog joined channel #puppet
[2010/06/17 00:41:11] @ jab_doa joined channel #puppet
[2010/06/17 00:42:01] @ lohapuk joined channel #puppet
[2010/06/17 00:46:05] @ erlingre joined channel #puppet
[2010/06/17 00:47:20] @ yure joined channel #puppet
[2010/06/17 00:47:56] @ poison joined channel #puppet
[2010/06/17 00:49:35] @ gebi joined channel #puppet
[2010/06/17 00:55:46] @ TREllis joined channel #puppet
[2010/06/17 00:55:56] @ yufei joined channel #puppet
[2010/06/17 00:57:02] @ lutter joined channel #puppet
[2010/06/17 00:58:27] @ Quit: yufei: Client Quit
[2010/06/17 01:01:33] @ Quit: gebi: Read error: Operation timed out
[2010/06/17 01:02:16] @ Quit: wilmoore_: Remote host closed the connection
[2010/06/17 01:05:45] @ Geoff1 joined channel #puppet
[2010/06/17 01:07:26] <Geoff1> Morning all (depending on tz :) ) hope this hasn't been asked a million times but is there a release date of 2.6.0? I ask as we're about to start investigating the move from 0.24 to 0.25 and may rather wait
[2010/06/17 01:09:55] @ Quit: freshtonic: Quit: freshtonic
[2010/06/17 01:13:28] <gepetto> feed redmine had 10 updates, showing the latest 3
[2010/06/17 01:13:28] <gepetto> ::redmine:: Wiki edit: Using_Mongrel_Nginx (#3) @ http://projects.reductivelabs.com/projects/1/wiki/Using_Mongrel_Nginx?version=3 (by Jim Blomo)
[2010/06/17 01:13:28] <gepetto> ::redmine:: Wiki edit: Using_Thin_Nginx (#1) @ http://projects.reductivelabs.com/projects/1/wiki/Using_Thin_Nginx?version=1 (by Jim Blomo)
[2010/06/17 01:13:28] <gepetto> ::redmine:: Wiki edit: Using_Mongrel (#7) @ http://projects.reductivelabs.com/projects/1/wiki/Using_Mongrel?version=7 (by Jim Blomo)
[2010/06/17 01:14:58] @ Quit: zipkid: Read error: Operation timed out
[2010/06/17 01:15:28] @ zipkid joined channel #puppet
[2010/06/17 01:16:56] @ Olly__ joined channel #puppet
[2010/06/17 01:17:01] @ Quit: bobinabottle: Quit: bobinabottle
[2010/06/17 01:17:36] @ lbt_ joined channel #puppet
[2010/06/17 01:17:37] @ Quit: lbt_: Changing host
[2010/06/17 01:17:37] @ lbt_ joined channel #puppet
[2010/06/17 01:23:29] <jamesturnbull> Geoff1: we're preparing the beta now
[2010/06/17 01:23:50] <jamesturnbull> Geoff1: handful of tickets being worked on and then a beta release
[2010/06/17 01:25:48] @ fluxdude joined channel #puppet
[2010/06/17 01:28:07] @ Quit: DavidS: Quit: Leaving.
[2010/06/17 01:29:02] <_^Sarge^_> Howdy all
[2010/06/17 01:29:37] <_^Sarge^_> Has anyone played around getting puppet to install custom .debs ?
[2010/06/17 01:30:22] @ Quit: mizzy: Ping timeout: 264 seconds
[2010/06/17 01:32:32] <Volcane> make your own dep repository, use package{}
[2010/06/17 01:33:19] <_^Sarge^_> Yeah I did contemplate a custom repo
[2010/06/17 01:33:24] @ mizzy joined channel #puppet
[2010/06/17 01:33:30] <_^Sarge^_> package would make it easy then
[2010/06/17 01:37:47] @ Quit: poison: Remote host closed the connection
[2010/06/17 01:37:51] @ alban2 joined channel #puppet
[2010/06/17 01:38:15] <Geoff1> thx James
[2010/06/17 01:38:26] @ DavidS joined channel #puppet
[2010/06/17 01:38:47] <DavidS> does anyone have a nice puppet-advocacy presentation at hand?
[2010/06/17 01:43:57] <Lunar_Lamp> I have the certname set in my puppet.conf on my nodes. The FQDN of these boxes is host1.foo.example.com. However, I need the certname to be host1.bar.example.com. The .bar.example.com section is identical on all nodes, with just the "host1" part being variable. Is there an easy way to set this in the puppet.conf so that puppet can control the puppet.conf files? (I'm aware that I may be solving the original problem the wrong ...
[2010/06/17 01:44:03] <Lunar_Lamp> ... way, but I will still need to solve this same problem elsewhere).
[2010/06/17 01:44:17] <hephaestus> a nice puppet-advocacy presentation, on hand, at 1:45am, on a thursday morning?
[2010/06/17 01:44:25] <hephaestus> why as a matter of fact
[2010/06/17 01:44:30] <Lunar_Lamp> It's 09:45 here hephaestus ;-)
[2010/06/17 01:44:53] <hephaestus> Lunar_Lamp: it's not my fault your clocks are all wrong
[2010/06/17 01:45:10] <Lunar_Lamp> Speak for yourself! :-p
[2010/06/17 01:45:13] <hephaestus> =]
[2010/06/17 01:48:11] @ Quit: yure: Ping timeout: 260 seconds
[2010/06/17 01:49:31] <DavidS> hephaestus: actually i was thinking more about a slideshow or something. need material for a client, who wants to do internal advocacy
[2010/06/17 01:54:37] <Lunar_Lamp> So, moving back to my question ;-) Is there a simple way of doing it? I believe it should be using facts or something?
[2010/06/17 01:54:40] @ Quit: \ask: Quit: Leaving...
[2010/06/17 01:55:56] @ themroc joined channel #puppet
[2010/06/17 02:01:59] <Volcane> Lunar_Lamp: use a template to make the puppet.conf and use $hostname variable
[2010/06/17 02:02:32] @ gebi joined channel #puppet
[2010/06/17 02:02:37] <Lunar_Lamp> Volcane: won't $hostname come out as the fqdn though?
[2010/06/17 02:02:57] <Volcane> hostnames arent fqdns
[2010/06/17 02:03:25] <Lunar_Lamp> OK, thanks - I just thought I'd seen that happen when I tested it before. Must have been doing something different.
[2010/06/17 02:04:24] <Volcane> type : facter
[2010/06/17 02:04:26] <Volcane> and see
[2010/06/17 02:05:28] <Lunar_Lamp> OK, cheers. I'll learn how to use templates now :-)
[2010/06/17 02:08:01] @ Quit: fluxdude: Quit: When two people dream the same dream, it ceases to be an illusion
[2010/06/17 02:16:26] <matti> Hi Volcane
[2010/06/17 02:16:27] <matti> :)
[2010/06/17 02:17:18] @ nn4l joined channel #puppet
[2010/06/17 02:18:31] <nn4l> Is it possible to install software based on tar file archives, instead of .deb/.rpm packages?
[2010/06/17 02:21:32] <Lunar_Lamp> http://pastebin.com/exeVkCbZ <== this tells me "Syntax error at 'content'; expected '}". I'm fully expecting to find I've made a dumb mistake, but could you point me to it? Is it as simple as not being able to use templates within a class?
[2010/06/17 02:21:35] <Volcane> nn4l: probably, you shouldnt though. people dont spend decades developing package management systems because they dont add any value to your life
[2010/06/17 02:21:59] <Volcane> Lunar_Lamp: missing , on the mode line
[2010/06/17 02:22:05] @ Quit: gebi: Ping timeout: 240 seconds
[2010/06/17 02:22:18] <Lunar_Lamp> GAH /o\
[2010/06/17 02:22:43] <Lunar_Lamp> Thanks Volcane :-) Now to find the errors in my template :-)
[2010/06/17 02:22:48] <Volcane> :)
[2010/06/17 02:25:23] @ yure joined channel #puppet
[2010/06/17 02:26:43] @ Quit: m1nish: Ping timeout: 258 seconds
[2010/06/17 02:30:03] @ Quit: robinbowes: Quit: Leaving
[2010/06/17 02:30:22] <Lunar_Lamp> http://pastebin.com/Yrp2zYqD <== I'm stuck /o\.
[2010/06/17 02:31:31] <henk> Lunar_Lamp: drop the = in =%> afair
[2010/06/17 02:31:49] <Lunar_Lamp> Yeah, i've just noticed that :-(
[2010/06/17 02:31:59] <Lunar_Lamp> I copied the syntax, checked it twice, and still missed that.
[2010/06/17 02:32:35] <Lunar_Lamp> Today could be a long day if this level of competence continues :-(
[2010/06/17 02:39:29] @ tim_ joined channel #puppet
[2010/06/17 02:40:08] @ robinbowes joined channel #puppet
[2010/06/17 02:41:01] <tim_> hi, anyone have any experience using 'yum groupinstall' in puppet?
[2010/06/17 02:41:10] <tim_> specifically I don't want to have to run '
[2010/06/17 02:41:27] <tim_> 'yum groupinstall Group' everytime puppet runs
[2010/06/17 02:41:44] <tim_> instead is there a way to have something run only once?
[2010/06/17 02:43:31] @ m1nish joined channel #puppet
[2010/06/17 02:45:06] @ Quit: artis: Ping timeout: 276 seconds
[2010/06/17 02:45:30] @ artis joined channel #puppet
[2010/06/17 02:45:35] <FiXion> tim_: you could use unless
[2010/06/17 02:45:38] <kjetilho> tim_: you could use a flag file and "creates" in your exec
[2010/06/17 02:45:56] <kjetilho> it seems difficult for me to verify that all packages in a group are installed already
[2010/06/17 02:46:18] <kjetilho> if it was easy/possible, the yum provider ought to support it, using the @group syntax
[2010/06/17 02:46:19] <DavidS> tim_: refreshonly
[2010/06/17 02:47:54] <tim_> hmm, so with refreshonly it only runs when it recieves an event
[2010/06/17 02:48:12] <tim_> but how do I create this event?
[2010/06/17 02:49:25] <DavidS> tim_: anything that publishes events via notify/subscribe: chaning files, execs, services, packages, ...
[2010/06/17 02:49:33] <DavidS> *changing even
[2010/06/17 02:49:42] <nn4l> Volcane: the vendor provides only one tar file (instead of several flavours of .deb/.rpm/whatever) packages. As this is a complete web application including Tomcat, there are no dependencies other than Java-
[2010/06/17 02:50:30] <nn4l> Volcane: so I am looking for a way to reasonably deploy this tar file.
[2010/06/17 02:51:10] <tim_> I'm having trouble thinking though what to trigger on - is there something that can easily simulate the 'only run this once on this host'?
[2010/06/17 02:51:40] <tim_> or is the only way to create a file, eg. /some/path/yumgroupinstallalreadyrun
[2010/06/17 02:51:43] <DavidS> nn4l: either repackage it trivially in a native format (quite easy) or file {... } exec { untar: subscribe=>file, creates => file}
[2010/06/17 02:51:55] <nn4l> Volcane: Also I have the case that I need several different instances (several web applications) of this application on the server, which is trivial with a tar file: just unpack them in several different directories, one for each customer.
[2010/06/17 02:52:32] <nn4l> Volcane: this is not so easy with a package though, as it typically can be installed only once.
[2010/06/17 02:52:36] <DavidS> nn4l: trivial. until the problems start
[2010/06/17 02:53:04] <DavidS> nn4l: being a "package" is usually more than tarring stuff up c.f. wordpress vs. MU wordpress
[2010/06/17 02:53:36] <DavidS> and that's also the reason why so few vendors do packages: because nobody pays them for this work
[2010/06/17 02:56:11] <nn4l> DavidS: I have written a few shell scripts to deploy several customer instances of this application to one server: unpacking the tar file in separate directories, creating a database for each customer, connecting it to customer's domainname etc.
[2010/06/17 02:57:19] <nn4l> DavidS: I am now trying to port those shell scripts to Puppet
[2010/06/17 02:57:19] <FiXion> nn4l: this is easy to package - and means you have versioning. Just package it - with the destination folder being different for each edition.
[2010/06/17 02:59:19] @ \ask joined channel #puppet
[2010/06/17 02:59:37] <nn4l> FiXion: so on the puppet master I should execute a script to package the application into a unique Debian package?
[2010/06/17 02:59:54] <FiXion> nn4l: I'd create a buildhost - and build packages there
[2010/06/17 03:00:12] <FiXion> and then put those in your own local repository
[2010/06/17 03:00:20] <FiXion> which puppet installs from, using package
[2010/06/17 03:02:20] <nn4l> FiXion: sounds good, will try this, thanks.
[2010/06/17 03:03:03] <FiXion> and ofcourse the repo should just be listed in sources.list
[2010/06/17 03:06:50] @ Quit: Olly__: Quit: This computer has gone to sleep
[2010/06/17 03:08:29] @ Quit: \ask: Read error: Connection reset by peer
[2010/06/17 03:09:01] @ \ask joined channel #puppet
[2010/06/17 03:09:19] @ Quit: \ask: Remote host closed the connection
[2010/06/17 03:09:52] @ \ask joined channel #puppet
[2010/06/17 03:12:16] @ Quit: \ask: Remote host closed the connection
[2010/06/17 03:14:23] @ \ask joined channel #puppet
[2010/06/17 03:14:57] @ Quit: \ask: Remote host closed the connection
[2010/06/17 03:17:48] @ \ask joined channel #puppet
[2010/06/17 03:18:07] @ Quit: \ask: Remote host closed the connection
[2010/06/17 03:20:43] @ gebi joined channel #puppet
[2010/06/17 03:30:39] @ Quit: p3rror: Quit: أستودعكم الله
[2010/06/17 03:32:51] @ bitfield joined channel #puppet
[2010/06/17 03:38:02] <Lunar_Lamp> Is this the correct way to be restart a service upon update of relevant config files: http://pastebin.com/WZuVaNbf ?
[2010/06/17 03:40:00] <Volcane> Lunar_Lamp: line 13 should be Service not service, and you dont need both subscribe+notify, either will do
[2010/06/17 03:40:03] <henk> Lunar_Lamp: does it work? ;)
[2010/06/17 03:40:29] <Volcane> Lunar_Lamp: and probably best to quote things like "puppet", also you really dont want to restart puppet from inside puppet :)
[2010/06/17 03:42:12] <Lunar_Lamp> Volcane: why not? I mean, obviously if I put a dodgy puppet config out, it'll scrwe things up - but is there a more subtle reason?
[2010/06/17 03:42:23] <Volcane> Lunar_Lamp: think about it
[2010/06/17 03:42:34] <Volcane> self, please kill self, then start self up again
[2010/06/17 03:42:37] <Volcane> how far will you get/
[2010/06/17 03:43:03] <sdog> fscking ntp //me waits for the --trust-my-network option ..
[2010/06/17 03:43:22] @ Geoff1 left channel #puppet ()
[2010/06/17 03:43:43] <Lunar_Lamp> Volcane: I assumed it would use something like service puppet restart, outside of the puppet instance...
[2010/06/17 03:44:11] <Volcane> Lunar_Lamp: :) puppet rereads its config without a restart, you dont generally need to restart it.
[2010/06/17 03:44:47] <Lunar_Lamp> Volcane: oh - so if I want to push out a new config option to all nodes, I don't need to restart puppet on the nodes? :-o
[2010/06/17 03:44:48] <Volcane> Lunar_Lamp: it doesnt have automagic handling to determine you're trying to service restart itself, its just the same std service behavior for everything. and cos it needs to know the statusses, it runs 'inside' puppet so to speak
[2010/06/17 03:45:10] <Volcane> so mostly you dont need a restart, there's one or two options that needs a restart though, lame
[2010/06/17 03:45:15] @ Quit: gebi: Ping timeout: 240 seconds
[2010/06/17 03:45:29] <Volcane> just say no to running the daemon
[2010/06/17 03:51:03] <Volcane> some time ago it used to be clever when it got a SIG from the service script it would keep running and restart when done
[2010/06/17 03:51:09] <Volcane> but afaik that doesnt work so hot anymore
[2010/06/17 03:51:17] <Volcane> I've long ago stopped with the daemon and much happier
[2010/06/17 03:53:02] <Lunar_Lamp> You don't run the daemon? You just run it out of cron?
[2010/06/17 03:53:31] <bitfield> +1
[2010/06/17 03:53:32] <Volcane> i schedule it with mcollective, cron works ok for most part though, just need to spread the cron times
[2010/06/17 03:55:47] @ \ask joined channel #puppet
[2010/06/17 03:55:59] @ kenneho joined channel #puppet
[2010/06/17 04:00:41] <kenneho> Hi all. I'm setting up a Puppetmaster & Passenger installation, and see that the install documentation says that the documentRoot should be set to /usr/share/puppet/rack/puppetmasterd/public/. The rest of the puppet files live in /etc/puppet. Why is the documentroot set to that directory?
[2010/06/17 04:09:32] @ Quit: Ramonster: Quit: So long, thanx for all the fish
[2010/06/17 04:10:58] @ verwilst joined channel #puppet
[2010/06/17 04:14:00] @ Quit: alexine_dsouza: Read error: Connection reset by peer
[2010/06/17 04:14:49] @ Quit: m1nish: Ping timeout: 258 seconds
[2010/06/17 04:21:41] @ m1nish joined channel #puppet
[2010/06/17 04:23:19] @ Quit: anvil14: Quit: anvil14
[2010/06/17 04:24:54] <Volcane> kenneho: thats how rack works
[2010/06/17 04:26:32] <lanky> well, perhaps. Technically the Documentroot can be anywhere you want, as long as apache/otherwebserver can see it
[2010/06/17 04:26:52] * lanky has done passenger with stuff under /etc/puppet/rack
[2010/06/17 04:29:02] @ Quit: pinoyskull: Ping timeout: 272 seconds
[2010/06/17 04:29:21] @ mattock joined channel #puppet
[2010/06/17 04:35:26] @ poison joined channel #puppet
[2010/06/17 04:38:11] @ Quit: yure: Ping timeout: 260 seconds
[2010/06/17 04:41:07] @ jcape joined channel #puppet
[2010/06/17 04:43:47] @ artista_frustrad joined channel #puppet
[2010/06/17 04:44:27] @ Quit: artista_frustrad: Remote host closed the connection
[2010/06/17 04:45:58] @ pinoyskull joined channel #puppet
[2010/06/17 04:46:21] @ Olly_ joined channel #puppet
[2010/06/17 04:50:57] @ yure joined channel #puppet
[2010/06/17 04:51:09] @ cliff-hm joined channel #puppet
[2010/06/17 04:57:58] @ Quit: crdant: Quit: Leaving.
[2010/06/17 05:01:38] @ Quit: KenjiPops: Quit: Leaving...
[2010/06/17 05:01:58] @ Quit: jcape: Ping timeout: 258 seconds
[2010/06/17 05:04:28] @ Quit: yure: Ping timeout: 276 seconds
[2010/06/17 05:05:48] @ Quit: m1nish: Ping timeout: 258 seconds
[2010/06/17 05:07:19] @ Quit: pinoyskull: Quit: Leaving
[2010/06/17 05:09:13] @ ahasenack joined channel #puppet
[2010/06/17 05:10:01] @ Quit: alban2: Quit: Leaving.
[2010/06/17 05:10:58] <kenneho> Volcane: I see. Just found it strange that it doesn't really point to any "normal" files.
[2010/06/17 05:11:00] @ alban2 joined channel #puppet
[2010/06/17 05:11:22] <kenneho> Volcane: Thanks for the reply, btw.
[2010/06/17 05:15:58] @ yure joined channel #puppet
[2010/06/17 05:17:42] @ Bass10 joined channel #puppet
[2010/06/17 05:21:12] @ itguru joined channel #puppet
[2010/06/17 05:23:44] @ Quit: yure: Ping timeout: 248 seconds
[2010/06/17 05:25:16] @ Quit: lbt_: Quit: Konversation terminated!
[2010/06/17 05:27:29] @ Quit: kenneho: Quit: Ex-Chat
[2010/06/17 05:27:44] @ Quit: \ask: Remote host closed the connection
[2010/06/17 05:30:28] @ snoop joined channel #puppet
[2010/06/17 05:31:05] @ jab_doa_ joined channel #puppet
[2010/06/17 05:32:25] @ itguru_ joined channel #puppet
[2010/06/17 05:33:07] @ Quit: itguru_: Remote host closed the connection
[2010/06/17 05:33:18] @ Quit: itguru: Quit: Leaving
[2010/06/17 05:33:53] @ anvil14 joined channel #puppet
[2010/06/17 05:34:58] @ m1nish joined channel #puppet
[2010/06/17 05:36:31] @ yure joined channel #puppet
[2010/06/17 05:39:51] @ macfly left channel #puppet ()
[2010/06/17 05:40:47] @ KenjiPops joined channel #puppet
[2010/06/17 05:40:54] @ Quit: KenjiPops: Remote host closed the connection
[2010/06/17 05:46:12] @ MPSimmons joined channel #puppet
[2010/06/17 05:47:20] @ Quit: jab_doa_: Quit: Verlassend
[2010/06/17 05:52:28] @ fluxdude joined channel #puppet
[2010/06/17 05:53:02] @ jcape joined channel #puppet
[2010/06/17 05:53:27] @ jcape left channel #puppet ()
[2010/06/17 05:53:53] @ jcape joined channel #puppet
[2010/06/17 05:56:12] @ Quit: MattyM: Ping timeout: 276 seconds
[2010/06/17 05:57:08] <anvil14> morning all, recently I've developed a problem with my puppetmaster
[2010/06/17 05:57:15] <anvil14> on the clients I get : Could not retrieve catalog from remote server: Error 400 on SERVER: Could not read YAML data for node pe2970-02: Too many open files - /var/lib/puppet/yaml/node/pe2970-02.yaml
[2010/06/17 05:58:02] <FiXion> mcollective seems cool
[2010/06/17 05:58:09] <anvil14> restarting puppetmaster seems to clear this problem, I've already set ulimits -n 4096 but still get the error within 24hrs
[2010/06/17 05:58:30] <Volcane> anvil14: best to look with lsof to see what files it has open thats so many
[2010/06/17 05:58:49] <anvil14> k
[2010/06/17 05:59:54] @ MattyM joined channel #puppet
[2010/06/17 06:04:48] @ Quit: erlingre: Ping timeout: 248 seconds
[2010/06/17 06:14:33] @ Pupeno joined channel #puppet
[2010/06/17 06:14:51] <Pupeno> When managing /etc/hosts with puppet, how can I get the fqdn to be the first entry for 127.0.0.1 ?
[2010/06/17 06:16:16] @ eventi joined channel #puppet
[2010/06/17 06:16:28] <malikai> i think you could do that with a template
[2010/06/17 06:16:42] <dballing> why do you want that behavior? I've always wondered about people/distributions that do that.... why do you want the behavior for "telnet FQDN portnum" to be different if it's done from the local host.
[2010/06/17 06:17:02] <KarlHungus> dballing: amen
[2010/06/17 06:17:11] <eventi> I keep getting the message "Certificates were not trusted" when a client is trying to connect to my server (via the daemon) - When I run from command line it's fine
[2010/06/17 06:17:13] <Pupeno> malikai: so I would have to ditch puppets host handling.
[2010/06/17 06:17:27] <eventi> the server was upgraded recently and it happened after that
[2010/06/17 06:17:32] <Pupeno> dballing: because at least Ubuntu (and Debian) uses that to figure out the FQDN of the machine.
[2010/06/17 06:17:46] <KarlHungus> if the domain is pointing to 127.0.0.1 then its not really a fqdn, is it
[2010/06/17 06:18:29] <dballing> Pupeno: my debian references /etc/hostname for that.
[2010/06/17 06:18:37] @ kaptk2 joined channel #puppet
[2010/06/17 06:18:46] <malikai> if you have 1.1.1.1 localhost hostname fqdn, ubuntu will take localhost as it's hostname at least as far as rsyslog is concerned
[2010/06/17 06:18:49] <Pupeno> dballing: if host is blah, and in /etc/hosts I have 127.0.0.1 blah.exmaple.com, then hostname => blah, hostname -f => blah.example.com, otherwise hostname -f is empty and Apache doesn't like it: Restarting web server: apache2apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[2010/06/17 06:18:50] <Pupeno> ... waiting .....apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[2010/06/17 06:18:50] <Pupeno> .
[2010/06/17 06:19:15] <malikai> s/1.1.1.1/127.0.0.1
[2010/06/17 06:19:46] <Pupeno> malikai: I don't think /etc/hostname should have the fqdn, only the hostname.
[2010/06/17 06:20:01] <Pupeno> malikai: what does your server say on hostname and hostname -f ?
[2010/06/17 06:20:11] <Pupeno> s/on/when you run/
[2010/06/17 06:20:36] <dballing> Pupeno: i can say that [a] my /etc/hostname has the FQDN, [b] my /etc/hosts does NOT have the FQDN in it, and [c] my syslog and apache work just fine
[2010/06/17 06:20:36] <gepetto> dballing: Pupeno: [a] is http://projects.puppetlabs.com/repositories/revision/puppet/a "Revision aee9c294"
[2010/06/17 06:20:37] <gepetto> dballing: Pupeno: [b] is http://projects.puppetlabs.com/repositories/revision/puppet/b "Revision b9aba7ce"
[2010/06/17 06:20:37] <gepetto> dballing: Pupeno: [c] is http://projects.puppetlabs.com/repositories/revision/puppet/c "Revision ce233aa2"
[2010/06/17 06:20:45] <Volcane> heh
[2010/06/17 06:20:56] <dballing> uhhhh, wtf?
[2010/06/17 06:21:16] <Volcane> [ and ] makes it think you want a git commit
[2010/06/17 06:21:24] <dballing> darned bots think they have any clue what us humans are talking about? :-)
[2010/06/17 06:21:33] <KarlHungus> hehe. /etc/hosts most certainly does not need the machines fqdn
[2010/06/17 06:22:05] <dballing> I've got about 400 servers deployed at work, and all they have is "127.0.0.1 localhost"
[2010/06/17 06:22:05] <KarlHungus> /etc/hostname like dballing said (damn ubuntu kids) or /etc/sysconfig/network (damn rhel kids)
[2010/06/17 06:22:50] <eventi> malikai - i get the same complaints on a machine with no reverse DNS
[2010/06/17 06:22:55] <Pupeno> I like it how today everybody agrees that the fqdn shouldn't be on /etc/hosts and when I asked a couple of days ago everybody agreed on the oposite.
[2010/06/17 06:22:59] <eventi> but it's just a complaint - ignore it
[2010/06/17 06:23:09] <Pupeno> At #debian:
[2010/06/17 06:23:14] <Pupeno> Pupeno: Should /etc/hostname contain only the hostname or the fqdn of the machine?
[2010/06/17 06:23:15] <Pupeno> jordanm: Pupeno: only the hostname in debian
[2010/06/17 06:23:23] <KarlHungus> Pupeno: youre asking in a change management channel, not a sysadmin channel maybe?
[2010/06/17 06:23:28] <eventi> domin in /etc/resolv.conf
[2010/06/17 06:23:39] <dballing> oh sweet lord that's a dumb answer.
[2010/06/17 06:24:04] <henk> just read man hostname ffs
[2010/06/17 06:24:05] <dballing> "domain" in resolv.conf is for a completely different problem-set (dns resolution of random queries, not identity of the box itself)
[2010/06/17 06:25:04] <Pupeno> dballing, KarlHungus: do man hostname and look at the FILES section, close to the end.
[2010/06/17 06:25:14] <Pupeno> eventi: I already have that, it's for other stuff.
[2010/06/17 06:25:19] <KarlHungus> dballing: hostname in /etc/hostname, search domain in /etc/resolv.conf (or use dhcp; you do use dhcp, right?), /etc/hosts is just for localhost resolution and failback resolution for critical systems (e.g. ldap)
[2010/06/17 06:25:32] <eventi> so sorry i offended you, dballing
[2010/06/17 06:25:40] <henk> KarlHungus: and for the domainname.
[2010/06/17 06:25:48] <dballing> eventi: you didn't offend me. :-)
[2010/06/17 06:26:04] <eventi> If I had known you were here, lurking to call out dumbness, i guess I would have thought twice
[2010/06/17 06:26:13] <dballing> hehe
[2010/06/17 06:26:16] @ BLZbubba_ joined channel #puppet
[2010/06/17 06:26:19] <eventi> but seriously - it's just a warning
[2010/06/17 06:26:20] @ Quit: BLZbubba_: Client Quit
[2010/06/17 06:26:28] <eventi> ServerName can be set in httpd.conf anyway
[2010/06/17 06:27:03] <dballing> KarlHungus: We use DHCP when we bootstrap our hosts but then they switch themselves to static afterwards.
[2010/06/17 06:27:04] @ Quit: m1nish: Ping timeout: 258 seconds
[2010/06/17 06:27:07] <eventi> and you're managing that in puppet, so just put ServerName $fqdn in httpd.conf.erb (or however you do it)
[2010/06/17 06:27:08] <Pupeno> eventi: the poor machine doesn't know its last name! can you imagine yourself not knowing your lastname? It's a torture! Only madona can witstand it.
[2010/06/17 06:27:28] <Pupeno> eventi: apache is not just a warning, it's a symptom, a machine should now it's fqdn.
[2010/06/17 06:27:42] <Volcane> how did it get that way in the first place, does your OS installer not set a sane hostname ?
[2010/06/17 06:27:48] @ Quit: allsystemsarego: Quit: Leaving
[2010/06/17 06:27:53] <dballing> Pupeno: right, which is why /etc/hostname (or the like) should have the FQDN :-)
[2010/06/17 06:28:04] <Pupeno> dballing: not according to Debian's documentation.
[2010/06/17 06:28:07] <eventi> file { "/etc/hostname": content => $fqdn\n"; } is in my bestpractice class
[2010/06/17 06:28:15] <KarlHungus> dballing: yes... according to the man page even
[2010/06/17 06:28:18] <dballing> Pupeno: eff the documentation.
[2010/06/17 06:28:21] <dballing> :-)
[2010/06/17 06:28:24] <eventi> yeah - seriously
[2010/06/17 06:28:33] <Pupeno> dballing: I would agree with you, but it's not what the documentation says.
[2010/06/17 06:28:35] <eventi> i mean rtf documentation first, but then f it
[2010/06/17 06:29:33] <Pupeno> So, puppet cannot control the order of entries in the hosts file?
[2010/06/17 06:29:50] <eventi> Pupeno - it's apache that doesn't know its fqdn
[2010/06/17 06:30:08] <Pupeno> eventi: no, it's the machine. hostname -f returns nothing.
[2010/06/17 06:30:18] <eventi> file { "/etc/hostname": content => $fqdn\n"; } is in my bestpractice class
[2010/06/17 06:30:24] <eventi> happy machine
[2010/06/17 06:30:36] <eventi> and submit the bug to the people who wrote the docs
[2010/06/17 06:30:40] @ joe-mac joined channel #puppet
[2010/06/17 06:30:41] <eventi> what does facter say?
[2010/06/17 06:30:54] <FiXion> hostname -f should return the fqdn of the host
[2010/06/17 06:31:05] <FiXion> if it returns nothing your machine is not setup correctly
[2010/06/17 06:31:16] <eventi> seriously, if you don't tell it - how would it know?
[2010/06/17 06:31:27] <FiXion> *debian seems to require a line in /etc/hosts to figure out the fqdn
[2010/06/17 06:31:28] <Pupeno> FiXion: yes, of course!
[2010/06/17 06:31:36] <eventi> You're reading something that you set
[2010/06/17 06:31:42] * KarlHungus facepalms
[2010/06/17 06:31:47] <eventi> set it to frank, and it'll say frank
[2010/06/17 06:31:50] <Pupeno> eventi: actually, do you have a machine set the way you say right now?
[2010/06/17 06:31:55] <dballing> Fixion: say instead perhaps: "Debian, if you configure it the way the docs say, need that, but if you do it in a sane way does not"
[2010/06/17 06:31:56] <FiXion> centos does it some other way
[2010/06/17 06:31:58] @ reyjrar joined channel #puppet
[2010/06/17 06:31:58] <KarlHungus> Pupeno: please listen to us and do NOT modify the lines for 127.0.0.01
[2010/06/17 06:32:09] <eventi> it's my best practice class - I have 58 machines set up that way
[2010/06/17 06:32:10] <dballing> Fixion: COS/RHEL uses "HOSTNAME" in /etc/sysconfig/network
[2010/06/17 06:32:15] <henk> wtf do you do that? everything would work just fine if you sticked with what the docs say, put hostname in /etc/hostname (name is _not_ a coincidence) and get a proper /etc/hosts. it _does_ work fine! on several machines i control!
[2010/06/17 06:32:18] <Pupeno> eventi: what does hostname and hostname -f return on any of those machines?
[2010/06/17 06:32:28] <FiXion> dballing: a better approach imho
[2010/06/17 06:32:32] @ iAlien joined channel #puppet
[2010/06/17 06:32:33] <eventi> WHO CARES
[2010/06/17 06:32:45] <eventi> that's like taking your tempreature when your not sick
[2010/06/17 06:32:54] <dballing> Pupeno: who are you asking that of? me?
[2010/06/17 06:33:19] <henk> ok, to everyone suggesting or recommending putting the FQDN in /etc/hostname: it's wrong. if it works for you: great. but don't advise other people to do so please.
[2010/06/17 06:33:33] @ Quit: jcape: Remote host closed the connection
[2010/06/17 06:33:35] <Pupeno> eventi: no.
[2010/06/17 06:33:41] <eventi> wrong but working is the unix way
[2010/06/17 06:33:48] <Pupeno> henk: thanks :)
[2010/06/17 06:33:52] @ jcape joined channel #puppet
[2010/06/17 06:33:58] <Volcane> eventi: no, debian way.
[2010/06/17 06:34:02] <eventi> lol
[2010/06/17 06:34:07] <barn> Volcane: exactly
[2010/06/17 06:34:07] <eventi> the New Jersey way
[2010/06/17 06:34:08] <KarlHungus> henk: are you saying he should be modifying the /etc/hosts entry for 127.0.0.1 to set a fqdn, because thats more than wrong
[2010/06/17 06:34:11] <eventi> google that
[2010/06/17 06:34:12] <barn> it's probably down to legal issues
[2010/06/17 06:34:32] <henk> KarlHungus: no definitely not. 127.0.0.1 should have 'localhost.localdomain localhost'.
[2010/06/17 06:34:41] <Pupeno> eventi: can you please tell me the output of hostname and hostname -f in those machines?
[2010/06/17 06:34:47] <eventi> walk through /etc/init.d/network and see how it sets hostname - I think it's in there - and act accordingly
[2010/06/17 06:34:48] <Pupeno> henk: how do you set the fqdn then?
[2010/06/17 06:34:54] <KarlHungus> henk: right... he was asking how to change the localhost entry line to set a fqdn and was told emphatically NOT to do that
[2010/06/17 06:35:07] <dballing> eventi: debian uses /etc/init.d/network.sh to set the hostname near as I can see
[2010/06/17 06:35:10] <KarlHungus> but keeps arguing that some clown in #debian told him thats the right way
[2010/06/17 06:35:15] @ Quit: Groenleer: Ping timeout: 240 seconds
[2010/06/17 06:35:20] @ [GuS] joined channel #puppet
[2010/06/17 06:35:30] <Pupeno> KarlHungus: the fucking man page says it.
[2010/06/17 06:35:34] <eventi> eventi@ap1:~$ hostname ap1.buddymedia.com eventi@ap1:~$ hostname -f ap1.buddymedia.com
[2010/06/17 06:35:39] <KarlHungus> Pupeno: no. it does not. please read it closer
[2010/06/17 06:35:45] <eventi> but who fing cares
[2010/06/17 06:35:54] <Volcane> eventi: if thats a debian box, you're doing it wrong
[2010/06/17 06:35:55] <Pupeno> eventi: ok, that's broken, your machines are configured wrong.
[2010/06/17 06:36:04] <eventi> Volcane - WHO CARES
[2010/06/17 06:36:12] <Volcane> people who want working servers?
[2010/06/17 06:36:13] <eventi> et Pupeno -
[2010/06/17 06:36:25] <Pupeno> eventi: I care.
[2010/06/17 06:36:25] <eventi> I make plenty of money with these, thanks
[2010/06/17 06:36:25] <Volcane> people who want to set their machines up the way the software on them got tested by the vendor?
[2010/06/17 06:36:27] <FiXion> sysadmins usually care :)
[2010/06/17 06:36:34] <eventi> lol
[2010/06/17 06:36:37] <Volcane> oh waiiiiit, its debian, what the fuck am i talk about testing for
[2010/06/17 06:36:46] <Pupeno> eventi: software expecting the host to be the host and the fqdn to be the fqdn care
[2010/06/17 06:37:01] <Pupeno> KarlHungus: "FILES /etc/hosts /etc/hostname This file should only contain domain name and not the full FQDN." what am I getting wrong?
[2010/06/17 06:37:16] <malikai> lol@this argument
[2010/06/17 06:37:16] <eventi> not me
[2010/06/17 06:37:16] <Volcane> eventi: distros are designed with a specific philospy and the software ship by the distro is ripe with assumption that the philosphy was followed
[2010/06/17 06:37:21] <eventi> not my csutomers
[2010/06/17 06:37:31] <Volcane> eventi: by moving away from that, you're exposing yourself to untested territory
[2010/06/17 06:37:35] <KarlHungus> Pupeno: you don't change the localhost entry. thats just for local resolution. set the machines shortname in /etc/hostname, then set the FQDN in /etc/hosts.
[2010/06/17 06:37:42] <eventi> anyway - i have a puppet related issue if nobody minds
[2010/06/17 06:37:44] <KarlHungus> the fqdn is NOT 127.0.0.1
[2010/06/17 06:38:00] <Pupeno> KarlHungus: ok, how do you set the FQDN in /etc/hosts?
[2010/06/17 06:38:11] <KarlHungus> Pupeno: what is the fqdn?
[2010/06/17 06:38:12] <eventi> I keep getting the message "Certificates were not trusted" when a client is trying to connect to my server (via the daemon) - When I run from command line it's fine
[2010/06/17 06:38:27] <eventi> maybe it's because my fqdn is wrong?
[2010/06/17 06:38:31] <malikai> lulz
[2010/06/17 06:38:33] * eventi ducks and runs
[2010/06/17 06:38:39] <Pupeno> KarlHungus: are you asking for an example? blah.example.com
[2010/06/17 06:38:45] <Volcane> eventi: exact same command line or did you configure the daemon using its defaults file?
[2010/06/17 06:38:52] <KarlHungus> Pupeno: no. i'm asking you to think about what FQDN means ;)
[2010/06/17 06:39:02] <eventi> no - i run puppetd --test from the cmd line
[2010/06/17 06:39:08] <KarlHungus> its not just a name. there is another vital component...
[2010/06/17 06:39:19] <eventi> which should run like the daemon, no?
[2010/06/17 06:39:25] <Pupeno> KarlHungus: I think a fully qualified domain name (FQDN), sometimes referred to as an absolute domain name,[1] is a domain name that specifies its exact location in the tree hierarchy of the Domain Name System (DNS). It specifies all domain levels, including the top-level domain, relative to the root domain. A fully qualified domain name is distinguished by this absoluteness in the name space.
[2010/06/17 06:39:41] <Volcane> eventi: we cant help you if you dont answer questions unfortunately
[2010/06/17 06:39:57] <Volcane> eventi: if you're arguing with us that we shouldnt be asking a specific question, you're not helping
[2010/06/17 06:40:01] <KarlHungus> Pupeno: fwdn (in the real world) means that ip <-> host and host <-> ip resolve correctly
[2010/06/17 06:40:11] <eventi> Volcane - sry i Which q? I said "no - i run puppetd --test from the cmd line"
[2010/06/17 06:40:15] <KarlHungus> so in /etc/hosts, set 1.2.3.4 blah blah.example.com
[2010/06/17 06:40:16] <Pupeno> KarlHungus: do you know how to put an entry in /etc/hosts so that Debian starts finding the FQDN of the machine? without touching 127.0.0.1? or not?
[2010/06/17 06:40:23] <eventi> and I didn't mean to get on yr bad side
[2010/06/17 06:40:31] <Pupeno> KarlHungus: that doesn't cause the machine to discover the FQDN.
[2010/06/17 06:40:32] <KarlHungus> where 1.2.3.4 is the actual IP that the domain resolves to
[2010/06/17 06:40:39] <Volcane> eventi: and what command line does your daemon run when its started up from rc?
[2010/06/17 06:40:45] <Pupeno> KarlHungus: hostname -f keeps returning localhost.
[2010/06/17 06:41:34] <eventi> Volcane - i wan't arguing - sorry
[2010/06/17 06:41:38] <eventi> checking
[2010/06/17 06:41:44] <Volcane> Pupeno: /etc/hosts, ip of the server not 127..., the machines fqdn
[2010/06/17 06:42:07] <eventi> it's the same puppet
[2010/06/17 06:43:06] <eventi> maybe another question - why would fileserver not be trusted after upgrading puppetmaster?
[2010/06/17 06:43:08] <Pupeno> Volcane: again, that doesn't cause the FQDN to be set on a Debian box. Only 127.0.0.1 bleh.example.com localhost localhost.localdomain causes it.
[2010/06/17 06:43:31] <Volcane> Pupeno: my 100s of debian machines disagree
[2010/06/17 06:43:32] <eventi> did those certs get split at some point (puppetmaster is the same machine)
[2010/06/17 06:43:46] <henk> Pupeno: if you have a static ip, put it in /etc/hosts. if not, use 127.0.0.2 e.g.
[2010/06/17 06:43:51] <Volcane> eventi: ah this only happen on the master?
[2010/06/17 06:43:53] <KarlHungus> Pupeno: i'm running out of ways to explain this =) hostname and fqdn are not the same thing
[2010/06/17 06:44:14] <eventi> No - The clients report the error when trying to look a file on the server
[2010/06/17 06:44:20] <Pupeno> KarlHungus: I know that very well: blah => hostname, blah.example.com => fqdn.
[2010/06/17 06:44:28] @ jab_doa_ joined channel #puppet
[2010/06/17 06:44:36] <malikai> pupeno, are you using /etc/hostname as well? is there anything which might break that?
[2010/06/17 06:44:39] <eventi> Volcane - no - i run puppetd --test from the cmd line
[2010/06/17 06:44:42] <eventi> oops
[2010/06/17 06:44:45] <Volcane> eventi: ah, do you have say source => puppet://blah/.... but you run with a server= test?
[2010/06/17 06:44:48] <Volcane> s/test/set
[2010/06/17 06:44:56] <eventi> no
[2010/06/17 06:45:07] <Volcane> eventi: pastie output from --test
[2010/06/17 06:45:11] <eventi> source => puppet:/// (3 slashes)
[2010/06/17 06:45:14] <eventi> ok
[2010/06/17 06:45:19] <Pupeno> Volcane: well, it doesn't work in my 4 debian boxes.
[2010/06/17 06:45:24] <KarlHungus> Pupeno: ok. so you know what they are, now why are they not the same? what linux facilities use them and how do they work?
[2010/06/17 06:45:38] <Pupeno> malikai: yes, /etc/hostname contains the hostname.
[2010/06/17 06:45:40] <Volcane> Pupeno: pastie your /etc/hosts file
[2010/06/17 06:45:45] <eventi> Volcane: http://www.pastie.org/1008457
[2010/06/17 06:46:24] <malikai> pupeno, so you're sure that hostname -> /etc/hostname and "127.0.0.0 localhost localhost.localdomain" -> /etc/hosts doesn't work?
[2010/06/17 06:46:31] <Volcane> eventi: i am sure i asked for the output, not for just the bits that you think matters :)
[2010/06/17 06:46:46] @ Quit: rmiller4pi8: Quit: Leaving.
[2010/06/17 06:46:51] <eventi> Volcane - That's the full report
[2010/06/17 06:47:12] <malikai> --debug --verbose
[2010/06/17 06:47:19] <Volcane> nope, its not the whole report
[2010/06/17 06:47:23] <eventi> brb - work issues
[2010/06/17 06:47:30] <Volcane> puppet runs show you things like Caching catalog
[2010/06/17 06:47:34] <Volcane> and Applying configuration
[2010/06/17 06:47:35] <eventi> thats what got mailed to me every 30 minutes
[2010/06/17 06:47:36] <Volcane> you left that out.
[2010/06/17 06:48:00] @ sebas891 joined channel #puppet
[2010/06/17 06:48:56] <Volcane> you got that from a mail? i am sure i asked for --test
[2010/06/17 06:48:58] <Volcane> meh.
[2010/06/17 06:49:43] <eventi> damn V - how did I get on your bad side
[2010/06/17 06:49:45] <Pupeno> malikai: yes.
[2010/06/17 06:49:54] <Volcane> eventi: by failing to read english :)
[2010/06/17 06:50:25] <dballing> ok, everyone, break and go back to your neutral corners. :-)
[2010/06/17 06:50:31] <eventi> well, how about you consider me sufficiently slapped by that trout
[2010/06/17 06:50:54] <eventi> and take it down a notch - and I'll try to hold down y job and read your questions more carefully
[2010/06/17 06:50:54] <malikai> trout slapping is never effective
[2010/06/17 06:51:04] <Pupeno> Volcane: http://gist.github.com/442144
[2010/06/17 06:51:12] <malikai> haddock makes all the difference
[2010/06/17 06:51:18] * dballing has a ClueStick in his office, a wonderful, ten year old "Excalibur" model cricket bat. :-)
[2010/06/17 06:51:40] <dballing> once I saw the model name, I had to have it, just for effect.
[2010/06/17 06:51:47] <eventi> lol
[2010/06/17 06:51:49] <malikai> Pupeno, you have the hostname in that hosts line
[2010/06/17 06:51:52] <eventi> the lady of the lake
[2010/06/17 06:52:03] <Pupeno> So, Debian requires the first entry after 127.0.0.1 to be the FQDN of the machine, can puppet do it or not?
[2010/06/17 06:52:15] <Pupeno> malikai: yes, I do, so?
[2010/06/17 06:52:19] <Volcane> Pupeno: so like we said, dont put u3.example.com in localhost lines
[2010/06/17 06:52:41] <Pupeno> Volcane: that doesn't help figuring out the FQDN.
[2010/06/17 06:52:44] <dballing> Pupeno: assuming you want to go down that path for the moment, no, it can't (at least not logically)
[2010/06/17 06:52:48] <eventi> oh man Volcane - this doesn't show much more: http://www.pastie.org/1008469
[2010/06/17 06:53:12] <dballing> $fqdn is derived from the OS, who can't figure it out without that file. That file can't be generated based on self-referential stuff.
[2010/06/17 06:53:22] <Volcane> eventi: and the daemon on the same machine that produce those warnings? whats its command line in ps -auxw...
[2010/06/17 06:53:25] @ Quit: benoit_: Ping timeout: 264 seconds
[2010/06/17 06:53:33] <malikai> eventi, can you do that with --debug --verbose
[2010/06/17 06:53:57] <FiXion> Pupeno: you could write a facter plugin that does a reverse lookup in dns on IP's assigned to the host
[2010/06/17 06:54:00] <eventi> malikai - he didn't ask for that, and I still feel the sting
[2010/06/17 06:54:09] @ gebi joined channel #puppet
[2010/06/17 06:54:14] <Pupeno> dballing: ok, thanks, I'll stop using the host type and just use a file then.
[2010/06/17 06:54:14] <FiXion> then you'd need some way to choose one as the "fqdn"
[2010/06/17 06:54:16] <malikai> lol
[2010/06/17 06:54:19] @ Quit: DavidS: Read error: Connection reset by peer
[2010/06/17 06:54:44] <eventi> Volcane - /usr/bin/ruby1.8 /usr/sbin/puppetd
[2010/06/17 06:55:05] <eventi> Volcane -same as `which puppetd`
[2010/06/17 06:55:18] <Volcane> nods, pretty weird
[2010/06/17 06:55:32] <Pupeno> FiXion: that's not the issue here.
[2010/06/17 06:55:34] * eventi wipes sweat from his forhead
[2010/06/17 06:55:48] <Volcane> so run the daemon in --verbose --debug but like the same way it runs in the background etc
[2010/06/17 06:55:49] <Volcane> and see in syslog
[2010/06/17 06:55:58] <FiXion> Pupeno: so that's not what you asked, when you said: can puppet do it or not?
[2010/06/17 06:56:01] <eventi> ok - thanks
[2010/06/17 06:56:14] <eventi> And I owe you a beer - sorry for pissing you off before
[2010/06/17 06:56:25] @ benoit_ joined channel #puppet
[2010/06/17 06:56:34] <Pupeno> FiXion: can puppet allow me to manually pick the first entry that appears after 127.0.0.1 in /etc/hosts, the first name after it.
[2010/06/17 06:56:39] <eventi> now the meetings begin - I'll let you know what the logs say
[2010/06/17 06:57:01] <Pupeno> FiXion: can puppet allow me to manually pick the first entry that appears on 127.0.0.1 in /etc/hosts? (that, better frasing)
[2010/06/17 06:57:43] <FiXion> the hosts file should always have: 127.0.0.1 localhost
[2010/06/17 06:57:56] <henk> FiXion: s/localhost/localhost.localdomain/
[2010/06/17 06:58:02] <FiXion> primary-ip-of-host fqdn-of-host hostname
[2010/06/17 06:58:04] <Pupeno> FiXion: yeah, whatever.
[2010/06/17 06:58:13] <Volcane> fqdn shouldnt be in 127.0.0.1. really, we cant say this any other way
[2010/06/17 06:58:19] <FiXion> henk: not default in Debian - some have localhost localhost.localdomain
[2010/06/17 06:58:22] <Volcane> so please take it to #debian or anywhere that isnt here :)
[2010/06/17 06:58:37] <henk> Volcane: localhost.localdomain is a fqdn and it's supposed to be there.
[2010/06/17 06:59:03] <Volcane> henk: sure, for 127.0.0.1 but if you have a nic on 1.1.1.1 you shouldnt have your.box.com that resolves to 1.1.1.1 in 127.0.0.1
[2010/06/17 06:59:21] <henk> Volcane: fully ack
[2010/06/17 06:59:40] <fluxdude> did anyone here use the check_puppet.rb script which requires proc/systable?
[2010/06/17 06:59:53] <fluxdude> how did you go about installing it, did you ruby gem it?
[2010/06/17 07:00:03] <Volcane> fluxdude: i have a rpm for it - unrelated reasons
[2010/06/17 07:00:15] <fluxdude> I'm running CentOS and looking for the best way to do this
[2010/06/17 07:00:21] <Pupeno> Volcane: except that I was asking a puppet question, everybody decided to answer a Debian question, but mine was only a puppet one. If I said "How can I set the order of hosts in /etc/hosts so I can have 1.2.3.4 blah blah.exmaple.com instead of 1.2.3.4 blah.example.com blah?" everybody would have answered the puppet question.
[2010/06/17 07:00:24] <fluxdude> rubygems isn't even part of the main/epel repos
[2010/06/17 07:00:28] <fluxdude> will check rpmforge
[2010/06/17 07:00:45] <Volcane> Pupeno: we'd say host{"blah": .... }
[2010/06/17 07:00:48] @ pheezy joined channel #puppet
[2010/06/17 07:00:58] <dballing> so, amusingly, the debian manpage for /etc/hosts says - essentially - only antiquated systems need to place real hostnames in /etc/hosts, or really obscure edge-case conditions.
[2010/06/17 07:01:21] <henk> dballing: it does? where?
[2010/06/17 07:01:26] <Volcane> fluxdude: but really i dont see why you would use that plugin.
[2010/06/17 07:01:42] <Volcane> fluxdude: it gains you nothing over a check on the age of the state file
[2010/06/17 07:01:45] <fluxdude> Volcane: what do you use instead?
[2010/06/17 07:01:47] <dballing> "In modern systems, even though the host table has been superseded by DNS, it is still widely used for" (and then lists three edge cases)
[2010/06/17 07:02:06] <fluxdude> Volcane: yeah I was actually planning on writing my own to get a little exposure to ruby
[2010/06/17 07:02:19] <fluxdude> since I've only written 1 or 2 minor things for puppet
[2010/06/17 07:02:29] <Volcane> fluxdude: /usr/lib/nagios/plugins/check_file_age -f /var/lib/puppet/state/state.yaml -w 5400 -c 7200
[2010/06/17 07:02:32] <fluxdude> just wondering about all this stuff
[2010/06/17 07:02:37] <fluxdude> Volcane: yeah I know that one
[2010/06/17 07:02:39] <Pupeno> Volcane: puppet doesn't respect the order of alias inside hosts.
[2010/06/17 07:02:40] <fluxdude> I use it already
[2010/06/17 07:02:42] <Volcane> fluxdude: and /usr/lib/nagios/plugins/check_procs -C puppetd -c 1:2
[2010/06/17 07:02:47] <fluxdude> but I want to write a more robust puppet check
[2010/06/17 07:02:56] <fluxdude> including detection of puppetd --disabled
[2010/06/17 07:02:57] <henk> Pupeno: there is no need to. they are just aliases.
[2010/06/17 07:03:03] <fluxdude> and I'd like to do it in ruby just for the practice
[2010/06/17 07:03:18] <fluxdude> Volcane: I already have that check running, it's the one I want to replace
[2010/06/17 07:03:23] <Volcane> Pupeno: if u want it to be first, you should use host{"<whatever you want firtst here!>":....}
[2010/06/17 07:03:29] <Pupeno> henk: I'm a neuritic crazy guy that insists on the order, so I'm asking, can it do it? no, it can't, ok, thanks, by bye.
[2010/06/17 07:03:37] <fluxdude> Volcane: the process one that is
[2010/06/17 07:03:40] <Pupeno> Volcane: oh, interesting.
[2010/06/17 07:03:52] <henk> Pupeno: it probably can't because order is irrelevant after the second field in this file...
[2010/06/17 07:03:53] @ Quit: QtPlatypus: Ping timeout: 260 seconds
[2010/06/17 07:03:57] @ QtPlatypus joined channel #puppet
[2010/06/17 07:04:01] <Volcane> Pupeno: the host resource name is the primary key, it comes first, aliases are order independant
[2010/06/17 07:04:02] @ dearka joined channel #puppet
[2010/06/17 07:04:42] <Pupeno> Volcane: that's gets me much closer, although host{$fqdn: ...} may not work.
[2010/06/17 07:04:55] <dearka> Hi... i getting this error message in my client Could not retrieve catalog from remote server: certificate verify failed, i already signed the certified at mt puppetmaster...
[2010/06/17 07:05:00] <Volcane> Pupeno: yeh, cos your machines are setup incorrectly
[2010/06/17 07:05:25] <Volcane> Pupeno: amazingly, the OS installer didnt set them up that way
[2010/06/17 07:05:29] <Pupeno> Volcane: host{$fqdn: ...} doesn't work because of my setup?
[2010/06/17 07:05:49] <Volcane> Pupeno: host{$fqdn:...} will work fine, if it can determine your fqdn correctly
[2010/06/17 07:06:06] <Pupeno> Volcane: ok, done then!
[2010/06/17 07:06:11] <Pupeno> See! it wasn't that hard :)
[2010/06/17 07:06:22] @ Quit: tim_: Remote host closed the connection
[2010/06/17 07:07:22] <Volcane> Pupeno: well didnt you say it is reporting wrong fqdn?
[2010/06/17 07:07:44] <pheezy> so...i'm running into this all the time with puppet trying to install gems: http://help.rubygems.org/discussions/problems/41-intermittent-gem-install-failure-could-not-find-gem-rubyforge-locally-or-in-a-repository ; anyone know of a way i could always run 'gem sources -c' prior to every package resource that has a provider of type gem?
[2010/06/17 07:10:10] @ Quit: yure: Remote host closed the connection
[2010/06/17 07:10:35] <Pupeno> Volcane: I'll fix it manually the first time, and after that puppet will generate the /etc/hosts that is needed for Debian to figure out the correct FQDN.
[2010/06/17 07:10:35] <Pupeno>
[2010/06/17 07:10:57] <Volcane> curious why did /etc/hosts break, the instlaler sets it up right
[2010/06/17 07:11:06] @ \|GuS\| joined channel #puppet
[2010/06/17 07:11:07] @ Quit: \|GuS\|: Read error: Connection reset by peer
[2010/06/17 07:11:48] @ rmiller4pi8 joined channel #puppet
[2010/06/17 07:12:58] @ wilmoore joined channel #puppet
[2010/06/17 07:14:28] @ \|GuS\| joined channel #puppet
[2010/06/17 07:14:28] @ Quit: \|GuS\|: Changing host
[2010/06/17 07:14:28] @ \|GuS\| joined channel #puppet
[2010/06/17 07:14:41] @ Quit: rmiller4pi8: Client Quit
[2010/06/17 07:14:53] <Pupeno> Volcane: it didn't break, or rather, it comes broken.
[2010/06/17 07:15:08] @ Quit: [GuS]: Ping timeout: 265 seconds
[2010/06/17 07:15:23] @ rmiller4pi8 joined channel #puppet
[2010/06/17 07:15:42] <Pupeno> Volcane: I think, I'm not sure, I'm setting /etc/hosts with puppet anyway.
[2010/06/17 07:15:54] <Pupeno> Volcane: I'm not sure how Debian sets /etc/hosts.
[2010/06/17 07:18:16] @ Quit: wilmoore: Remote host closed the connection
[2010/06/17 07:19:35] @ m1nish joined channel #puppet
[2010/06/17 07:28:52] @ lak joined channel #puppet
[2010/06/17 07:36:29] @ Quit: poison: Remote host closed the connection
[2010/06/17 07:36:39] <joe-mac> it does it at install based on either what you enter, preseeded values, or what it got from dhcpd
[2010/06/17 07:36:52] @ poison joined channel #puppet
[2010/06/17 07:36:54] <Volcane> yup
[2010/06/17 07:38:18] <joe-mac> anybody got the DISA scripts for checking the unix stig compliance?
[2010/06/17 07:38:34] <joe-mac> apparently the scripts are 'open-source' but you can';t get them without al ogin of some sort
[2010/06/17 07:40:02] @ tonyskapunk joined channel #puppet
[2010/06/17 07:42:09] @ Quit: lak: Quit: lak
[2010/06/17 07:42:20] <zipkid> if i include testing::test on a node and have this: http://pastie.org/1008548 should i not have all node's ip's in /etc/hosts? Or am i not getting it right?
[2010/06/17 07:44:13] @ Groenleer joined channel #puppet
[2010/06/17 07:44:13] @ Quit: Groenleer: Changing host
[2010/06/17 07:44:13] @ Groenleer joined channel #puppet
[2010/06/17 07:48:15] @ Quit: shug: Quit: Leaving
[2010/06/17 07:48:50] @ fuser joined channel #puppet
[2010/06/17 07:49:32] @ eventi left channel #puppet ()
[2010/06/17 07:50:51] @ shug joined channel #puppet
[2010/06/17 07:51:08] @ btipling joined channel #puppet
[2010/06/17 07:52:09] @ jdcasey joined channel #puppet
[2010/06/17 07:53:47] <joe-mac> zipkid: only if every node includes testing::testnodes
[2010/06/17 07:53:56] <joe-mac> and of course, you have stored configs configured and working, correct?
[2010/06/17 07:54:25] <joe-mac> the @@ bit exports it- so every node would need to export that resource for one node to get all of them
[2010/06/17 07:56:41] <zipkid> so i need to include testing::testhosts on all hosts and testing::test on the one where i want the hosts file?
[2010/06/17 07:56:52] <joe-mac> yea
[2010/06/17 07:56:55] <zipkid> Yes, i have stored configs configured and working
[2010/06/17 07:57:04] <zipkid> thx joe-mac ! :-)
[2010/06/17 07:57:07] <joe-mac> np
[2010/06/17 08:01:55] @ munkee joined channel #puppet
[2010/06/17 08:02:04] <munkee> Hello all
[2010/06/17 08:03:47] @ rcrowley joined channel #puppet
[2010/06/17 08:04:10] @ Quit: m1nish: Quit: Leaving
[2010/06/17 08:05:03] @ Quit: flooose: Ping timeout: 265 seconds
[2010/06/17 08:05:24] <munkee> For someone just starting with Puppet - do you have a good recommendation on reading from a design standpoint so the infrastructure / configs get setup correctly from the get-go
[2010/06/17 08:08:31] <mikepea> munkee: the pulling strings book is generally the way to go, but make sure you understand modules before starting trying to describe your environment.
[2010/06/17 08:09:01] <tim\|mac> munkee: during the last puppetcamp the consensus seemed to be that you should use an agile aproach
[2010/06/17 08:09:05] <tim\|mac> approach
[2010/06/17 08:09:54] <munkee> how so?
[2010/06/17 08:10:21] <tim\|mac> because when you start out, you're not entirely sure what you're going to come across
[2010/06/17 08:10:26] <tim\|mac> i don't agree, mind
[2010/06/17 08:10:45] <tim\|mac> i think designing is a better way to get the stuff done
[2010/06/17 08:10:57] <tim\|mac> but we're a bit different than most other companies that were there, i guess
[2010/06/17 08:10:59] <Volcane> first/2nd time round agile approach is good for learning
[2010/06/17 08:11:08] <Volcane> by the end of that you'll know how to design it
[2010/06/17 08:11:15] <Volcane> but then by all means design it properly
[2010/06/17 08:11:16] <joe-mac> use an agile approach? that's the worst advice i've ever seen... namely because it's so vague i don't know what it means
[2010/06/17 08:11:18] <joe-mac> :-D
[2010/06/17 08:11:32] <Volcane> joe-mac: "fuck around" :P
[2010/06/17 08:11:50] <KarlHungus> here is some advice. keep all your modules as abstract as possible, i.e. apache2, openldap. and use service modules to define how services are built. then you can change the underlying software providing a service without rewriting all of your modules
[2010/06/17 08:11:53] <munkee> ya finance sector here - generally likes things a bit more layed out
[2010/06/17 08:11:58] <joe-mac> yea, seems to be what agile means. fuck around with one of your buddies, maybe smoke some wacky tobaccy first so you can bounce ridiculous ideas off each other while coding
[2010/06/17 08:12:10] @ btipling left channel #puppet ("Closed channel window.")
[2010/06/17 08:12:19] <Volcane> munkee: well you still need to first learn the tool, the way to do that is to impliment a few boxes with a few things and learn by experience
[2010/06/17 08:12:50] <munkee> i agree, i'm all for screwing around in a virtual enviroment
[2010/06/17 08:13:04] <munkee> however seeing documentation on how someone else has structured things helps
[2010/06/17 08:13:06] <KarlHungus> services might be directory_server. which might use openldap, or it might use fedora-ds, but the node needs to only include disctory_server and not be aware of how that service is configured
[2010/06/17 08:13:33] <KarlHungus> s/configured$/implemented/
[2010/06/17 08:13:54] <Volcane> munkee: i wrote several blog posts about organisation, layouts, data and enviroments http://www.devco.net/archives/tag/puppet go to the early articles
[2010/06/17 08:14:41] <munkee> Volcane - bookmarked , thanks will review more indepth
[2010/06/17 08:15:06] @ Quit: jdcasey:
[2010/06/17 08:15:09] <Olly_> anyone got any smart ideas how i can make sure that `apt-get update` is run at the start of every puppet run? without having to add it as a require to every package definition?
[2010/06/17 08:15:09] <Volcane> munkee: also especially see the post on tips and tircks for debugging which you'd almost certainly need :)
[2010/06/17 08:15:24] <munkee> lol without a doubt
[2010/06/17 08:16:42] <tim\|mac> which reminds me
[2010/06/17 08:16:56] <tim\|mac> wrote something today about an alternative "if x in array": http://blog.kumina.nl/2010/06/puppet-tipstricks-checking-if-a-value-is-present-in-an-array/
[2010/06/17 08:16:59] <tim\|mac> for those interested
[2010/06/17 08:17:04] @ Quit: blahdeblah: Remote host closed the connection
[2010/06/17 08:17:08] <tim\|mac> it's a hack, especially since "in" will work in 2.6
[2010/06/17 08:17:17] <tim\|mac> but still, might be useful for someone
[2010/06/17 08:22:09] <zipkid> Olly_: you can set defaults for packages.
[2010/06/17 08:22:36] <tim\|mac> Package { require => Exec["apt-get update"] }
[2010/06/17 08:26:39] <Olly_> ok so that works. am i right in thinking that if a package specifies its own require that the apt-get gets overidden?
[2010/06/17 08:30:28] <nn4l> I need to unpack a tar.gz file several times and provide different parameters for different users. I have now successfully refactored my install shell script into a Puppet module, and I can now call $mydata = “someval” include mymodule in site.pp, which will install the software once for one user.
[2010/06/17 08:30:30] <pheezy> for factpath should i be using $vardir/facts or $vardir/lib/facter in puppet.conf ?
[2010/06/17 08:30:38] <nn4l> However I need to run it several times (depending on the system), for example $mydata = “anotherval” include mymodule $mydata = “yetanotherval” include mymodule and so on. This does not work because a variable may not be reassigned and also the include is executed only once. How should I do this?
[2010/06/17 08:31:26] @ Quit: verwilst: Quit: Ex-Chat
[2010/06/17 08:32:31] @ yannL joined channel #puppet
[2010/06/17 08:33:27] <ohadlevy> nn4l: extlookup or external nodes tool like foreman
[2010/06/17 08:35:23] <mikepea> nn4l: you need to create a define, eg define user_setup ( $mydata ) { do stuff }
[2010/06/17 08:35:37] <mikepea> and instanciate the define several times.
[2010/06/17 08:36:45] <ohadlevy> hmm maybe my answer was a bit off, thats what happen when you watch the world cup and do irc at the same time :)
[2010/06/17 08:38:05] @ Quit: sdog: Quit: Leaving.
[2010/06/17 08:43:13] @ Quit: yannL: Read error: Connection reset by peer
[2010/06/17 08:52:26] <mikepea> ohadlevy: hehe.. i was wondering what you were on about ;)
[2010/06/17 08:56:16] <aliver> Any seen an error 502 when trying to use puppetmasterd + nginx as a reverse proxy? It's weird. I get the same error no matter if puppetmasterd is started or not. However, when I do start puppetmasterd I can telnet to the ports that are listed as back end servers in my ngnix.conf.
[2010/06/17 08:56:21] <aliver> Any ideas where to look?
[2010/06/17 08:56:28] <aliver> I've googled myself silly
[2010/06/17 08:56:42] @ Quit: pheezy: Read error: Operation timed out
[2010/06/17 08:56:58] @ Quit: jeffmccune: Quit: jeffmccune
[2010/06/17 08:57:38] @ Quit: poison: Remote host closed the connection
[2010/06/17 08:58:14] @ Quit: jab_doa_: Remote host closed the connection
[2010/06/17 08:58:25] @ Quit: TREllis: Quit: leaving
[2010/06/17 09:05:50] @ Quit: nn4l: Ping timeout: 252 seconds
[2010/06/17 09:07:11] @ mfournier joined channel #puppet
[2010/06/17 09:07:17] @ Quit: mfournier: Client Quit
[2010/06/17 09:07:46] @ mfournier joined channel #puppet
[2010/06/17 09:10:14] @ Quit: lohapuk: Remote host closed the connection
[2010/06/17 09:10:28] @ labrown joined channel #puppet
[2010/06/17 09:10:59] @ Quit: Pupeno: Quit: http://pupeno.com
[2010/06/17 09:11:11] @ Quit: alban2: Quit: Leaving.
[2010/06/17 09:11:41] @ Quit: themroc: Remote host closed the connection
[2010/06/17 09:11:44] @ Quit: jcape: Remote host closed the connection
[2010/06/17 09:12:02] @ jcape joined channel #puppet
[2010/06/17 09:20:20] @ alban2 joined channel #puppet
[2010/06/17 09:21:04] <reyjrar> I have two identical CentOS 5.5 x86_64 boxes
[2010/06/17 09:21:10] <reyjrar> when I run puppet on one
[2010/06/17 09:21:18] <reyjrar> it manages the yumrepos
[2010/06/17 09:21:28] <reyjrar> on the other it skips that step
[2010/06/17 09:21:42] <reyjrar> err
[2010/06/17 09:21:50] <reyjrar> identical except one difference..
[2010/06/17 09:22:01] <reyjrar> working: 0.25.5, not working 0.25.4
[2010/06/17 09:22:01] @ flooose joined channel #puppet
[2010/06/17 09:23:18] <joe-mac> what version of puppet is on the amster
[2010/06/17 09:23:20] <joe-mac> master
[2010/06/17 09:25:37] <Tonnerre> I thought you meant hamster
[2010/06/17 09:26:01] <reyjrar> 0.25.5
[2010/06/17 09:26:32] <joe-mac> and are you certain their catalogs are 'identical'?
[2010/06/17 09:27:25] <reyjrar> this part of the catalogue atleast..
[2010/06/17 09:27:41] <reyjrar> there are some differences in other areas..
[2010/06/17 09:27:54] <joe-mac> are you sure that the class is getting included that sets up the yumrepo? do you see the resource in the yaml files on the node?
[2010/06/17 09:28:13] @ toi joined channel #puppet
[2010/06/17 09:28:35] <reyjrar> it should be.. facter is reporting the operatingsystem properly and the yum repos are by operatingsystem
[2010/06/17 09:28:44] @ Quit: shug: Quit: Leaving
[2010/06/17 09:28:47] <reyjrar> and this class is being included
[2010/06/17 09:31:20] <Volcane> reyjrar: use http://www.devco.net/archives/2010/02/26/what_does_puppet_manage_on_a_node-2.php to figure out if it really does
[2010/06/17 09:31:25] @ ghg joined channel #puppet
[2010/06/17 09:31:27] <reyjrar> had to manually copy over the yum.repos.d and update to 0.25.5.. now I'm seeing the Yumrepo[] stanzas in the debug output
[2010/06/17 09:32:27] @ Quit: alban2: Quit: Leaving.
[2010/06/17 09:32:48] <reyjrar> 0.25.4 -> 0.25.5 master was not generating Yumrepo stanzas in the debug output..
[2010/06/17 09:39:15] @ anvil14_ joined channel #puppet
[2010/06/17 09:39:15] @ Quit: anvil14: Read error: Connection reset by peer
[2010/06/17 09:39:15] @ anvil14_ is now known as anvil14
[2010/06/17 09:39:44] @ Quit: jaredrhine: Ping timeout: 248 seconds
[2010/06/17 09:43:40] @ Quit: aliver: Remote host closed the connection
[2010/06/17 09:43:58] @ aliver joined channel #puppet
[2010/06/17 09:44:36] @ Quit: Olly_: Quit: This computer has gone to sleep
[2010/06/17 09:52:35] @ Quit: fuser: Quit: ugg
[2010/06/17 09:52:43] @ fuser joined channel #puppet
[2010/06/17 09:57:02] @ Quit: giskard: Read error: Connection timed out
[2010/06/17 09:59:28] @ giskard joined channel #puppet
[2010/06/17 10:17:06] @ Quit: munkee: Quit: Page closed
[2010/06/17 10:17:18] @ plathrop-away is now known as plathrop
[2010/06/17 10:18:05] @ ajbourg joined channel #puppet
[2010/06/17 10:19:36] <ajbourg> what's the easiest way to figure out the architecture (i386 or amd64) of a node?
[2010/06/17 10:19:46] <Volcane> $architecture
[2010/06/17 10:19:53] <ajbourg> awesome
[2010/06/17 10:19:55] <mstyne> heh
[2010/06/17 10:19:58] <Volcane> type 'facter'
[2010/06/17 10:20:17] <ajbourg> all of these are available as variables? nice
[2010/06/17 10:20:21] <Volcane> yup
[2010/06/17 10:20:30] <ajbourg> thx
[2010/06/17 10:21:18] <bdha> You can also write custom facts.
[2010/06/17 10:24:22] @ Quit: malikai: Ping timeout: 264 seconds
[2010/06/17 10:27:22] @ yannL joined channel #puppet
[2010/06/17 10:28:50] @ Quit: nareshov: Read error: Connection reset by peer
[2010/06/17 10:29:10] @ nareshov joined channel #puppet
[2010/06/17 10:31:55] @ Edgan joined channel #puppet
[2010/06/17 10:34:04] <dearka> Hi, in my puppet client i am getting this error: err: Could not retrieve catalog from remote server: certificate verify failed
[2010/06/17 10:34:16] @ Quit: giskard: Ping timeout: 265 seconds
[2010/06/17 10:34:51] <dearka> in my puppetmaster dont show nothing in the log...
[2010/06/17 10:35:03] @ Quit: Cuchulain: Ping timeout: 276 seconds
[2010/06/17 10:35:25] @ jaredrhine joined channel #puppet
[2010/06/17 10:36:20] <dearka> anyone?
[2010/06/17 10:38:57] @ Quit: bgupta: Quit: bgupta
[2010/06/17 10:39:38] @ bgupta joined channel #puppet
[2010/06/17 10:39:42] <dan__t> erm i can put an 'if' in the middle of a resource definition can't I?
[2010/06/17 10:39:51] <Volcane> dan__t: use selectors
[2010/06/17 10:39:58] <dan__t> bah
[2010/06/17 10:40:25] <dan__t> I don't have enough options to justify a selector, I was if'ing on the presence of a defined variable.
[2010/06/17 10:40:58] @ giskard joined channel #puppet
[2010/06/17 10:41:47] @ lyric joined channel #puppet
[2010/06/17 10:42:03] <dan__t> http://pastebin.com/VjUKUmtD
[2010/06/17 10:42:42] <dan__t> Later on I have a class called, e.g. postfix::client, it has a $postfix_client = "1" in it. That class then includes postfix::config, which is what this excerpt comes from.
[2010/06/17 10:43:14] <Volcane> why dont postfix::client not just do $maincf = template("whatever")
[2010/06/17 10:43:18] @ Cuchulain joined channel #puppet
[2010/06/17 10:43:25] <Volcane> and in your file you just do content => $maincf
[2010/06/17 10:43:30] <Volcane> no if's required
[2010/06/17 10:43:33] <dan__t> eh i guess I could, sure.
[2010/06/17 10:43:41] <dan__t> oooh
[2010/06/17 10:43:52] <dan__t> uh define that where my boolean would be
[2010/06/17 10:44:18] <dan__t> hah.
[2010/06/17 10:44:38] @ Quit: bgupta: Remote host closed the connection
[2010/06/17 10:44:44] @ bgupta joined channel #puppet
[2010/06/17 10:45:19] <dan__t> awesome, thank you for the tip
[2010/06/17 10:45:54] <Volcane> :)
[2010/06/17 10:46:30] <dan__t> See, not really a good programmer by trade
[2010/06/17 10:46:34] <dan__t> I don't think outside of the box ya know?
[2010/06/17 10:46:36] <Volcane> hehe
[2010/06/17 10:46:41] <plathrop> anybody running puppetmasters on ec2 behind apache or whatever want to share how they handle getting the certs generated for the puppetmaster?
[2010/06/17 10:46:45] <dan__t> Which is why I think Puppet is a great resource for even learning a lot.
[2010/06/17 10:46:59] <Volcane> plathrop: I'll absolutely be doing it like in my video :P
[2010/06/17 10:47:16] @ PhabX joined channel #puppet
[2010/06/17 10:47:24] <plathrop> Volcane: I missed where the puppetmaster certs were taken care of in that video
[2010/06/17 10:47:33] <Volcane> oh the master certs?
[2010/06/17 10:47:36] <plathrop> It yeah
[2010/06/17 10:47:38] @ Quit: jcape: Remote host closed the connection
[2010/06/17 10:47:45] <plathrop> s/It//
[2010/06/17 10:47:57] @ jcape joined channel #puppet
[2010/06/17 10:48:20] <Volcane> would you want to generate them each time you build a new master?
[2010/06/17 10:48:51] <Volcane> how will you even build them? standalone puppet?
[2010/06/17 10:49:08] <plathrop> Well, I kinda have to, right? I'm doing the scheme of 1 master per region, and naming them puppetmaster-<region>.simplegeo.com
[2010/06/17 10:49:17] <Volcane> ah
[2010/06/17 10:49:24] @ Quit: MattyM: Remote host closed the connection
[2010/06/17 10:49:26] <Volcane> and reports? no centralized report?
[2010/06/17 10:49:28] <plathrop> I'm passing a bootstrap script (currently bash) to an alestic ubuntu image as userdata
[2010/06/17 10:49:59] <Volcane> i have regional masters - non ec2 - and i just share the ca between them all
[2010/06/17 10:50:04] <Volcane> that way if one goes tits up
[2010/06/17 10:50:06] <dearka> my problem is solved, was the date/time of my client
[2010/06/17 10:50:11] <Volcane> i can move the machines to one in another region for a while
[2010/06/17 10:50:13] <plathrop> No centralized report; I'm doing that out-of-band by pulling the reports from the regions into HDFS
[2010/06/17 10:50:35] <plathrop> Yeah, I don't care about if one dies, I'll just spin up another instance... if I can get the cert generation automated
[2010/06/17 10:50:55] <Volcane> plathrop: well generatin the cert is trivial isnt it? start master up in webrick mode, job done?
[2010/06/17 10:51:00] <plathrop> but right now, I have to run puppetmasterd --no-daemonize once and hit control-c or apache won't start up because the certs are missing.
[2010/06/17 10:51:08] <plathrop> sure, but how do I automate that?
[2010/06/17 10:51:20] <Volcane> else you can muck about with puppetca generate
[2010/06/17 10:51:22] <plathrop> I need it to start, make the cert, then STOP
[2010/06/17 10:51:57] <Volcane> yeah def would be a good ffeature to add - same as i want in puppetd
[2010/06/17 10:52:03] <Volcane> to just make certs and exit
[2010/06/17 10:52:15] <plathrop> yeah
[2010/06/17 10:52:35] @ Quit: tonyskapunk: Quit: ERC Version 5.3 (IRC client for Emacs)
[2010/06/17 10:52:39] <plathrop> but in the meantime, any ideas how to automate this? I know some people use a wildcard cert, that's fine with me but I don't know how to make one
[2010/06/17 10:52:43] <plathrop> SSL makes my brain bleed
[2010/06/17 10:53:43] @ Quit: fluxdude: Quit: When two people dream the same dream, it ceases to be an illusion
[2010/06/17 10:53:45] <Volcane> well
[2010/06/17 10:53:47] <plathrop> I guess I could write a python wrapper that starts it, watches for the certs to get created, then sends it SIGTERM...?
[2010/06/17 10:53:54] <Volcane> you can just install a trap killmaster 2
[2010/06/17 10:54:00] <Volcane> start the master up
[2010/06/17 10:54:06] <Volcane> have a function killmaster that kills it
[2010/06/17 10:54:10] <Volcane> assume it make certs.
[2010/06/17 10:54:20] <plathrop> oooh
[2010/06/17 10:54:26] <plathrop> That would probably work...
[2010/06/17 10:54:29] <Volcane> heh
[2010/06/17 10:57:44] @ Quit: ghg: Quit: ghg
[2010/06/17 10:58:28] @ jdcasey joined channel #puppet
[2010/06/17 11:01:54] <Volcane> totally file a feature request though that would be useful
[2010/06/17 11:02:07] <Volcane> but generate should work - though i think i recal a bug
[2010/06/17 11:02:58] @ henk left channel #puppet ()
[2010/06/17 11:03:50] @ Quit: nareshov: Read error: Connection reset by peer
[2010/06/17 11:04:14] @ nareshov joined channel #puppet
[2010/06/17 11:10:15] @ Quit: Cuchulain: Ping timeout: 240 seconds
[2010/06/17 11:12:46] * jbooth really needs 2.6 to come out with stages. So much of this would be easy with them!
[2010/06/17 11:13:18] <plathrop> you mean 0.26?
[2010/06/17 11:13:46] <jbooth> I'm pretty sure they're doing a huge version jump (aka solaris), but yes.
[2010/06/17 11:14:12] @ pheezy joined channel #puppet
[2010/06/17 11:14:13] <eric0> plathrop: they moved the decimal over a place, i saw it in lukes slides from puppetcamp-EU
[2010/06/17 11:14:30] <plathrop> Oh, really? That's so fucking lame
[2010/06/17 11:15:15] <chadh> plathrop: like eric0 said, Luke explains it in his talk. kind of lame, but it is long past due to be > 1.0
[2010/06/17 11:15:22] <eric0> shrug i thought it was highly amusing
[2010/06/17 11:15:23] <plathrop> I bet their investors made them do it.
[2010/06/17 11:15:28] <bitfield> i thought 1.0 stuff was supposed to work :)
[2010/06/17 11:15:55] <plathrop> Yeah I disagree about the 1.0. I've long considered puppet to be one of the few honest open-source projects in terms of their version numbers
[2010/06/17 11:16:22] <plathrop> and even if it was time to do a 1.0, jumping to 2.6 is... lame
[2010/06/17 11:18:29] @ Cuchulain joined channel #puppet
[2010/06/17 11:19:20] <bitfield> they can start charging a fortune for it, make it only run on special hardware, then get bought by oracle and disappear
[2010/06/17 11:19:48] @ TREllis joined channel #puppet
[2010/06/17 11:19:56] <ashp> puppet 2010 clearly
[2010/06/17 11:20:04] @ Quit: yannL: Remote host closed the connection
[2010/06/17 11:20:08] <plathrop> We'll see. Once they took outside money all bets are off, despite the good intentions of the individuals at the company
[2010/06/17 11:20:11] <ashp> iPuppet 1.0
[2010/06/17 11:21:23] @ r3g1ster joined channel #puppet
[2010/06/17 11:21:25] <r3g1ster> hey guys
[2010/06/17 11:21:47] <r3g1ster> need a bit of help with trying to work with arrays in puppet
[2010/06/17 11:22:19] <r3g1ster> eg, i've defined my array
[2010/06/17 11:22:50] <r3g1ster> and want: file { "$arrayname" : owner => root }
[2010/06/17 11:23:11] @ ezmobius joined channel #puppet
[2010/06/17 11:23:12] @ pting joined channel #puppet
[2010/06/17 11:23:22] <r3g1ster> but more than 1 entry in the array means they all get put as 1 entry
[2010/06/17 11:24:00] <r3g1ster> any1 help me out on that?
[2010/06/17 11:24:03] <bitfield> maybe you don't want to quote the array name?
[2010/06/17 11:24:21] <bitfield> guessing wildly
[2010/06/17 11:25:19] <r3g1ster> so you mean: file { $arrayname : owner => root } ??
[2010/06/17 11:25:36] <plathrop> yeah, try that
[2010/06/17 11:25:39] <r3g1ster> k
[2010/06/17 11:25:40] <bitfield> yes, is that any better?
[2010/06/17 11:26:02] @ Quit: chadh: Ping timeout: 245 seconds
[2010/06/17 11:26:22] <r3g1ster> nope. syntax error now
[2010/06/17 11:27:18] <bitfield> pastie please?
[2010/06/17 11:27:59] <r3g1ster> http://www.heypasteit.com/clip/KQ7
[2010/06/17 11:28:04] @ Quit: TREllis: Quit: leaving
[2010/06/17 11:28:42] <jbooth> Your syntax error is in source.
[2010/06/17 11:28:57] <jbooth> You need to unroll that into a define, then call the define against the $configlist array.
[2010/06/17 11:29:21] <r3g1ster> ah k
[2010/06/17 11:29:36] <jbooth> Also, $title has special meaning and you might not want to use it unless you're already using said special meaning.
[2010/06/17 11:29:56] <r3g1ster> ye - this is in a define - so wanting to use the $title
[2010/06/17 11:30:00] <jbooth> okay
[2010/06/17 11:30:11] <jbooth> just be aware to pass it as something other than title to the child define. :-P
[2010/06/17 11:30:27] <r3g1ster> k thanks
[2010/06/17 11:30:43] <r3g1ster> this is my first time im trying to do somethig useful with puppet - so all a learning curve
[2010/06/17 11:30:53] <r3g1ster> got like 3 books open here too
[2010/06/17 11:31:20] <dan__t> So would it be unreasonable to want to do an svn export from a repo to populate a module's files directory before said class being applied to a host?
[2010/06/17 11:31:24] <dan__t> That's kind of how it works right?
[2010/06/17 11:34:46] @ test12345 joined channel #puppet
[2010/06/17 11:36:13] <test12345> Trying to evaluate puppet vs OpsCenter. Any opinions on this. We are migrating our infrastructure to solaris.
[2010/06/17 11:36:46] <mackn> out of curiosity what are you migrating from?
[2010/06/17 11:37:16] <test12345> Linux boxes (RHEL 5.x)
[2010/06/17 11:37:46] @ Bass2 joined channel #puppet
[2010/06/17 11:37:52] <mackn> don't like the penguin anymore? or is someone paying you to migrate? :)
[2010/06/17 11:38:37] <test12345> yes just a company policy.
[2010/06/17 11:38:45] <\|Mike\|> omfg.
[2010/06/17 11:38:49] <PhabX> are you guys an oracle shop test12345?
[2010/06/17 11:38:50] <\|Mike\|> they should get shot imho :P
[2010/06/17 11:38:59] <PhabX> \|Mike\|: um hmm
[2010/06/17 11:39:01] <dan__t> I'm going to make a policy. No pants.
[2010/06/17 11:39:06] <test12345> we use oracle
[2010/06/17 11:39:12] <test12345> in our apps
[2010/06/17 11:39:18] <mackn> it's normal for companies to migrate like this.. usually cuz of some 'deal' :)
[2010/06/17 11:39:39] <test12345> yes. some block deal oracle and solaris
[2010/06/17 11:39:41] <PhabX> i don't know much about opsware but puppet on its own can be integrated into just about anything
[2010/06/17 11:39:41] <mackn> i don't know much about OpsCenter but since it's tailored for sun i imagine it works well for solaris? :)
[2010/06/17 11:40:08] <mackn> but also puppet on platforms other than linux can be not as awesome
[2010/06/17 11:40:14] <mackn> it'll still work
[2010/06/17 11:40:26] <mackn> but it depends on your needs
[2010/06/17 11:40:34] <mackn> not sure how strong solaris support is in puppet
[2010/06/17 11:41:06] <eric0> heh puppet's non-linux support was one of the strongest marks in its favor, in fact
[2010/06/17 11:41:20] <test12345> we are looking ar puppet for application provisioning. backend is all java based servers (tomcat , spring dm and pure java servers)
[2010/06/17 11:41:24] <PhabX> test12345: what kind of 'things' are you looking to manage with puppet or opsware?
[2010/06/17 11:41:26] <PhabX> everything?
[2010/06/17 11:41:27] <eric0> SMF and launchd support for services and the cross platform package providers = win
[2010/06/17 11:42:01] @ Quit: Bass10: Ping timeout: 264 seconds
[2010/06/17 11:42:22] <test12345> so we are trying to use puppet to provision our application services (bunch of OSGI bundles) on different servers etc
[2010/06/17 11:42:23] @ Bass10 joined channel #puppet
[2010/06/17 11:42:32] @ Quit: Bass2: Ping timeout: 240 seconds
[2010/06/17 11:42:55] <PhabX> test12345: are they in native OS packages? archive files? or source code?
[2010/06/17 11:43:22] <test12345> "jar" files
[2010/06/17 11:43:26] <PhabX> and to they have services in SMF or do you have to hack your own startup scripts?
[2010/06/17 11:43:43] <PhabX> hmmm, just jar files?
[2010/06/17 11:43:50] @ Quit: nareshov: Read error: Connection reset by peer
[2010/06/17 11:43:54] <PhabX> you sure you don't want to look at something like hudson for that instead?
[2010/06/17 11:44:15] <PhabX> although, puppet would do a great job of managing jar files if thats what you wanted to do
[2010/06/17 11:44:23] @ nareshov joined channel #puppet
[2010/06/17 11:45:11] <test12345> basically this is what i am looking at -- since we have lots of services and each service is composed of a bunch of jar files , i need a way to provising the same services across multiple physical
[2010/06/17 11:45:13] <test12345> servers
[2010/06/17 11:45:40] <r3g1ster> jbooth: trying to work out how to do it - but not having joy
[2010/06/17 11:45:44] <test12345> also need a way to unprovision and update the services etc
[2010/06/17 11:45:49] <r3g1ster> what am i doing wrong here? http://www.heypasteit.com/clip/KQ9
[2010/06/17 11:47:15] <r3g1ster> error " Must pass solrindex to of type solr::configfiles"
[2010/06/17 11:49:54] <lilnick> Anyone have a good reference for how to install an RPM via puppet that's on the local filesystem - not in a yum repo?
[2010/06/17 11:51:51] <mackn> being ignorant and not knowing anything about using a yum repo with puppet... i imagine you can change the provider for that one RPM and use the path as the source. (or may you don't even have to change the provider)
[2010/06/17 11:51:56] <Kiloman> package { "foobar": ensure => installed, provider => rpm, source => '/path/to/foobar.rpm' }
[2010/06/17 11:52:02] <mackn> there ya go
[2010/06/17 11:52:03] <mackn> hah
[2010/06/17 11:52:11] <lilnick> ah, perfect
[2010/06/17 11:52:12] <lilnick> thanks
[2010/06/17 11:52:16] <Kiloman> I take it you've never used puppet on a RHEL4 box ;)
[2010/06/17 11:52:30] <Kiloman> yum is a lifesaver when used with puppet
[2010/06/17 11:52:38] <mackn> we're a debian/freebsd shop
[2010/06/17 11:52:52] <lilnick> I don't have that unfortunate experience
[2010/06/17 11:53:17] @ alban2 joined channel #puppet
[2010/06/17 11:53:58] @ Quit: r3g1ster: Quit: leaving
[2010/06/17 11:54:24] <PhabX> lilnick: the only problem with installing via RPM is that if your package has dependancies you need to make sure they are installed beforehand
[2010/06/17 11:54:41] <PhabX> if its has no deps you are good to go
[2010/06/17 11:54:54] <lilnick> ok, thanks - good point
[2010/06/17 11:55:44] @ tonyskapunk joined channel #puppet
[2010/06/17 11:55:45] <lilnick> I know on the command line you can use yum to install a local RPM & it'll satisfy dependencies from available repos - can you change the provider to yum but still define the source & get a similar effect?
[2010/06/17 11:56:15] <PhabX> lilnick: I use an exec to run yum manually with a localrepo
[2010/06/17 11:56:17] <PhabX> let me get you the syntax
[2010/06/17 11:56:43] <PhabX> and then it installs the package from the local filesystem and also resolves deps from the repos already configured
[2010/06/17 11:56:52] <lilnick> right - that would be ideal
[2010/06/17 11:57:09] <PhabX> 'yum localinstall /path/to/file'
[2010/06/17 11:57:59] <PhabX> you can also create your own REPO which is not that hard and push out the repo file
[2010/06/17 11:58:04] <PhabX> :)
[2010/06/17 11:58:24] <lilnick> yeah, in this case we don't want to setup a local repo for this one RPM
[2010/06/17 11:58:54] <Kiloman> yeah I think you can just do install and give it a file argument and it'll use that
[2010/06/17 11:59:09] <Kiloman> not sure if that's plumbed in to RPM though
[2010/06/17 11:59:13] <Kiloman> er, in to Puppet
[2010/06/17 12:00:25] <lilnick> alright thanks, let me noodle on this and try a few things - this helps
[2010/06/17 12:01:07] @ WALoeIII joined channel #puppet
[2010/06/17 12:02:02] @ zorzar_ joined channel #puppet
[2010/06/17 12:05:18] @ Quit: ayanich: Ping timeout: 240 seconds
[2010/06/17 12:05:24] @ Quit: zorzar: Ping timeout: 276 seconds
[2010/06/17 12:05:43] @ Quit: toi: Quit: Ex-Chat
[2010/06/17 12:06:11] @ ayanich joined channel #puppet
[2010/06/17 12:14:18] @ Quit: snoop: Quit: Quitte
[2010/06/17 12:21:47] <Volcane> plathrop: did that work?
[2010/06/17 12:23:55] @ hyde_ joined channel #puppet
[2010/06/17 12:24:32] <hyde_> all other servers are working, I have 2 servers, keeping failing with "err: Could not request certificate: Certificate retrieval failed: Certificate request does not match existing certificate; run 'puppetca --clean servername'
[2010/06/17 12:24:52] <hyde_> I already tried the clean command, and the certs are not on puppet server
[2010/06/17 12:25:05] <hyde_> did rm -rf ssl folder on the client as well.
[2010/06/17 12:25:12] <hyde_> restarted puppet client
[2010/06/17 12:25:16] <hyde_> still no luck
[2010/06/17 12:25:26] <jbooth> shut down the client, then remove, then restart
[2010/06/17 12:25:38] <jbooth> you might have had it run between your rm and restart
[2010/06/17 12:25:45] <hyde_> I did that too
[2010/06/17 12:26:02] <dearka> Volcane, in Type group, there is a function members if i want to say that user a1, a2, a3 is member of the group, i just use, members => a1, a2, a3 ,?
[2010/06/17 12:26:14] <hyde_> stop puppet client, rm -rf ssl, puppetca --clean on server side, start puppet client, no luck
[2010/06/17 12:26:16] <mackn> are your clients reporting they are trying to get a new cert?
[2010/06/17 12:26:19] <mackn> at least
[2010/06/17 12:26:31] <pheezy> Hmm...anyone using config_version? how's it work with environments?
[2010/06/17 12:26:44] <hyde_> I have 2 lines like:
[2010/06/17 12:26:48] <hyde_> info: Creating a new certificate request ..
[2010/06/17 12:26:58] <hyde_> info: Creating a new SSL key at /var/lib/puppet/ssl/private_keys ..
[2010/06/17 12:26:59] <dearka> hyde_, checked the date of this servers?
[2010/06/17 12:27:07] <hyde_> then debug: Calling puppetca.getcert
[2010/06/17 12:27:07] <jbooth> hyde_: Are you sure you removed the right ssl dir? What's puppetd --genconfig \| grep ssl say?
[2010/06/17 12:27:16] <jbooth> hyde_: Also dearka's suggestion.
[2010/06/17 12:27:45] <hyde_> date is correct
[2010/06/17 12:28:52] <dearka> jbooth, in Type group, there is a function members if i want to say that user a1, a2, a3 is member of the group, i just use, members => a1, a2, a3 ,?
[2010/06/17 12:29:13] <hyde_> I was removing the right folder per output from puppetd --genconfig
[2010/06/17 12:29:16] <jbooth> dearka: user{"foo": groups=>["root", "wheel", "users"]}
[2010/06/17 12:29:45] <jbooth> hyde_: Are you using the same hostname as the certificate the server has?
[2010/06/17 12:29:54] <mackn> you may just want to run a find in the puppetmaster's ssl dir and see if the hosts's stuff is in there and just remove it
[2010/06/17 12:29:56] <jbooth> hyde_: Nothing strange in /etc/hosts or a different resolver that would confuse ti?
[2010/06/17 12:30:55] <hyde_> yes, not seeing strange things so far
[2010/06/17 12:31:22] <jbooth> hyde_: Forward and reverse DNS work fine on both server and client for each other?
[2010/06/17 12:31:34] @ ceren joined channel #puppet
[2010/06/17 12:32:54] <hyde_> jbooth, it looks good there as well
[2010/06/17 12:33:09] @ Quit: mfournier: Ping timeout: 258 seconds
[2010/06/17 12:33:42] <mackn> is there anything 'special' about these 2 particular servers?
[2010/06/17 12:33:51] <mackn> that would make them not work
[2010/06/17 12:34:25] <mackn> should prolly ignore that last statement...
[2010/06/17 12:34:44] <mackn> any detail at all regardless of whether you think it'll cause things to break
[2010/06/17 12:34:48] <mackn> :)
[2010/06/17 12:36:23] <hyde_> mackn, I hope I would be able to tell, they are 2 node in this big cluster, all other nodes working fine.
[2010/06/17 12:36:33] <mackn> they are all identical?
[2010/06/17 12:37:17] <hyde_> suppose to be mostly the same except hostnames
[2010/06/17 12:37:57] <hyde_> tried puppetd -tv --debug, but it didn't tell me much
[2010/06/17 12:38:57] <jbooth> hyde_: There's no file anything like the client hostname on the server's /var/lib/puppet/ssl right?
[2010/06/17 12:39:35] <hyde_> jbooth, It has csr_hostname.pem, where hostname matches the right name
[2010/06/17 12:39:44] <joe-mac> packages can havea liases right?
[2010/06/17 12:39:54] <joe-mac> can i require => Resource["resource_alias"] ?
[2010/06/17 12:40:33] <hyde_> oh, you were referring to server side .. let me see
[2010/06/17 12:41:29] <hyde_> no files matching client hostname on server's folder
[2010/06/17 12:41:47] @ ZummiG777 joined channel #puppet
[2010/06/17 12:42:09] <mackn> and they don't show up in puppetca --list ?
[2010/06/17 12:42:10] @ Quit: jcape: Remote host closed the connection
[2010/06/17 12:42:12] <jbooth> joe-mac: Yes
[2010/06/17 12:42:16] <mackn> hrmm
[2010/06/17 12:42:23] <jbooth> hyde_: Dunno then, I'm out of ideas
[2010/06/17 12:42:25] <joe-mac> thanks jbooth started trying it anyways, i'm ballsy like that
[2010/06/17 12:42:32] @ jcape joined channel #puppet
[2010/06/17 12:43:01] <hyde_> mackn, they don't show up in puppetca --list --all
[2010/06/17 12:43:03] <ZummiG777> Question: I've been using puppet for a while now but don't know if this is a feature that currently exists. Can I use wildcards in the nodes file such as "cluster-01-*.example.com" ?
[2010/06/17 12:43:26] <mackn> can you try to manually connect fromt he client to the master
[2010/06/17 12:43:28] <mackn> just for kicks
[2010/06/17 12:43:30] <jbooth> ZummiG777: You can regexp in 0.25. I'm not sure about glob-based matches.
[2010/06/17 12:43:47] <ZummiG777> jbooth: Thanks!
[2010/06/17 12:45:31] <plathrop> Volcane: yeah, it's working great now.
[2010/06/17 12:45:43] <Volcane> plathrop: there better be glob posts forthcoming :P
[2010/06/17 12:46:16] <flakrat> I just reinstalled a server and when I try and register it with puppet I get "Retrieved certificate does not match private key; please remove certificate from server..."
[2010/06/17 12:46:43] <hyde_> my fault, I was switching from old puppet master server to new one, turns out those 2 nodes, got hard-coded puppet server in /etc/puppet/puppet.conf file.
[2010/06/17 12:46:49] <mackn> so need an ssl cert faq hah
[2010/06/17 12:46:55] <flakrat> I've done a "puppetca --revoke server01" and removed the .pem file for server01 on the puppet server
[2010/06/17 12:47:12] <mackn> hyde_: heh nice
[2010/06/17 12:47:27] <flakrat> but apparently the old cert is still sitting somewhere on the puppetmaster, any ideas what else to try?
[2010/06/17 12:47:30] <plathrop> Volcane: glob posts?
[2010/06/17 12:47:32] <jetole> Hey guys. I am setting up an apache class which lists several packages and I am wondering if there is a way to group the packages together so for the service I can say require => "defined group" and defined group makes sure all packages are installed
[2010/06/17 12:47:43] <Volcane> plathrop: about bootstrapping masters etc in ec2
[2010/06/17 12:47:57] <plathrop> Volcane: Oh! blog posts, gotcha
[2010/06/17 12:48:00] <plathrop> yeah, totally
[2010/06/17 12:48:02] <Volcane> plathrop: blog posts yeah sorry
[2010/06/17 12:48:06] <plathrop> After I clean this up a little
[2010/06/17 12:48:14] <jbooth> flakrat: --clean not revoke
[2010/06/17 12:48:17] <mackn> flakrat, try using --clean
[2010/06/17 12:48:26] <flakrat> doh, thanks jbooth mackn
[2010/06/17 12:48:33] <plathrop> I've got blanker permission to share my work where it isn't directly part of our IP :-)
[2010/06/17 12:48:40] <Volcane> plathrop: neat
[2010/06/17 12:48:44] <jbooth> jetole: require => Class["apache"] would do it, and more beside.
[2010/06/17 12:48:54] <Volcane> plathrop: hving just spent a day fighting that battle with a client, well done :)
[2010/06/17 12:48:58] <ZummiG777> jbooth: I'm trying to find a reference to regexp usage with puppet under the new documentation. Do you know what topic it would be listed?
[2010/06/17 12:49:08] <jetole> jbooth: but this is inside the apache class
[2010/06/17 12:49:27] <jbooth> ZummiG777: Not offhand, but I'd guess the tutorial.
[2010/06/17 12:49:30] <jetole> I am saying these packages need to be installed and then start the service and require packages
[2010/06/17 12:49:48] @ Quit: ninjazjb: Ping timeout: 260 seconds
[2010/06/17 12:50:01] <jbooth> jetole: Package{ before => Service["apache"] }
[2010/06/17 12:50:21] <flakrat> dang, after --clean it's still reporting that the cert doesn't match the private key
[2010/06/17 12:50:34] <jetole> jbooth: I don't understand what you just said
[2010/06/17 12:51:07] <jbooth> flakrat: Blow away ssl/ on the client, do the --clean, then try again
[2010/06/17 12:51:10] <mackn> flakrat, try stopping the client, rm the ssl cert, puppetca --clean, restart client
[2010/06/17 12:51:29] <jetole> jbooth: here is a quote from the book (Turnbull's): service { "squid": require => Package["squid"] }
[2010/06/17 12:51:42] @ Quit: test12345: Ping timeout: 252 seconds
[2010/06/17 12:51:53] <mackn> aparently i need to type faster...
[2010/06/17 12:51:58] @ thekad-afk is now known as thekad
[2010/06/17 12:52:04] <jbooth> jetole: http://docs.puppetlabs.com/guides/language_tutorial.html "Resource Defaults"
[2010/06/17 12:52:15] * jetole looks
[2010/06/17 12:52:35] <jbooth> jetole: You could also just use the book's version. Package["foo", "bar", "baz"]
[2010/06/17 12:52:51] <jbooth> The defaults version lets you (possibly) be less verbose.
[2010/06/17 12:53:14] <flakrat> jbooth, mackn thanks, deleting the cert on the client got things in order
[2010/06/17 12:53:50] <jetole> jbooth: so you're saying just the concatenation of require => { "x", "y", "z" }; ?
[2010/06/17 12:54:10] <jetole> *require package[ "x", "y", "z"];
[2010/06/17 12:54:40] @ allsystemsarego joined channel #puppet
[2010/06/17 12:55:37] <jetole> still didn't post that right but you get the idea, are you saying I should concat all packages into the square brackets when I do the require as opposed to what I asked about a way to sum the definition into a single object
[2010/06/17 12:55:51] <jbooth> jetole: Yes
[2010/06/17 12:56:00] <ZummiG777> Thanks jbooth, I found it!
[2010/06/17 12:56:12] <jbooth> jetole: You can apply that across resources too. require => [File["/etc/httpd.conf"], Package["apache"]]
[2010/06/17 12:56:15] <Volcane> jetole: you should use classes
[2010/06/17 12:56:36] <Volcane> jetole: class apache::install { package, package, package }
[2010/06/17 12:56:58] <Volcane> jetole: class apache::config { file{"/etc/....": require => Class["apache::install"] } }
[2010/06/17 12:57:34] <Kiloman> that's an interesting pattern
[2010/06/17 12:57:40] <Volcane> jetole: class apache { include apache::install, apache::config }
[2010/06/17 12:58:05] <Volcane> service resources in apache::service would require apache::config
[2010/06/17 12:58:19] <Volcane> resources in apache::config should notify Class["apache::service"] etc
[2010/06/17 12:58:37] <Volcane> that way. if you're adding another package later on, you edit apache::install and nothing else
[2010/06/17 13:00:58] @ Quit: \|GuS\|: Read error: Connection reset by peer
[2010/06/17 13:02:05] <ckdake> say i need to set up a mysql database and run a grant (via an exec) and set up a configuration file with the creds from that exec. The password needs to be random and it's easy enough to do this with part of the exec, but I somehow need to get this available as a class variable so that it can be used in a template
[2010/06/17 13:02:06] <ckdake> suggestions?
[2010/06/17 13:02:28] @ Quit: ZummiG777: Quit: Leaving
[2010/06/17 13:04:19] <mackn> hrmm..
[2010/06/17 13:04:35] @ Quit: mattock: Ping timeout: 258 seconds
[2010/06/17 13:05:11] <mackn> so basically.. you want to run an exec.. have the exec generate a random string... and then have puppet somehow get/use that random string in a template to generate another file
[2010/06/17 13:05:33] <ckdake> or puppet could generate the random string if thats any easier
[2010/06/17 13:05:35] @ mfournier joined channel #puppet
[2010/06/17 13:05:40] <ckdake> but yup, thats the gist of it
[2010/06/17 13:06:22] <mackn> hrmm..
[2010/06/17 13:07:00] @ Quit: aliver: Ping timeout: 265 seconds
[2010/06/17 13:07:10] <mackn> first idea is to use a more cmplex exec to generate the random pass and do both the grant and gen the config at once
[2010/06/17 13:07:39] @ Quit: hyde_: Ping timeout: 258 seconds
[2010/06/17 13:07:58] <mackn> but i guess if you need puppet's template feature for the conig...
[2010/06/17 13:08:03] <mackn> config
[2010/06/17 13:08:04] <mackn> hrmm..
[2010/06/17 13:08:27] <ckdake> yeah, a narsty exec could work but I do try so hard to avoid those
[2010/06/17 13:08:28] <mackn> have the config generated first with a placeholder for the pass and have the exec s// it shrug
[2010/06/17 13:08:39] <Volcane> you can use the concat module to build up the file you need - it supports pulling content in from files you generate somehow on the nodes
[2010/06/17 13:09:06] <Volcane> so you'd generate your random password into a file and symlink the file right into the middle of your desired file
[2010/06/17 13:09:18] <Volcane> http://github.com/ripienaar/puppet-concat
[2010/06/17 13:09:22] <mackn> that sounds wacky
[2010/06/17 13:09:23] <mackn> hah
[2010/06/17 13:09:44] <Volcane> see the example with motd.local there
[2010/06/17 13:09:58] <ckdake> both of those are other ideas I've considered, but they both just seem like the Wrong Way to me. There's got to be a way to set the value of a variable in a puppet class to _somethign_ random, either from a shell script execution or a substr(hash(date))
[2010/06/17 13:10:19] <ckdake> Volcane: i think you led me to that before which I'm using for snmpd.conf generation already :)
[2010/06/17 13:10:35] <Volcane> ckdake: compiles happen on the master, execs on the client, you have a chicken and egg. there's fqdn_rand but not perfect
[2010/06/17 13:11:03] <mackn> what baout have the template genearte the random pass and put it int he config and have the exec pull it for the grant
[2010/06/17 13:11:17] <mackn> shrug
[2010/06/17 13:11:18] <mackn> hah
[2010/06/17 13:11:27] <ckdake> mackn: ideas on how to gen that in a template?
[2010/06/17 13:12:15] <mackn> my exp with templates is limited... does one have full usage of ruby in a template?
[2010/06/17 13:12:32] <Volcane> mackn: yes, kind off, but they also run on th master
[2010/06/17 13:12:38] <mackn> yeah
[2010/06/17 13:12:39] <mackn> that's fine
[2010/06/17 13:13:17] <mackn> the way i was thinking is the template genatrete the config file first with the password and another exec can run and pull that passwd fromt he client's new config file to do the grant
[2010/06/17 13:14:14] <Kiloman> http://pastebin.osuosl.org/33440
[2010/06/17 13:14:18] <ckdake> sounds pretty good, i like this fqdn_rand thing though. should a class variable set with fqdn_rand(10000000000) and used in both places do the trick?
[2010/06/17 13:14:21] <mackn> i guess the question.. is there a simple random string generator in ruby heh
[2010/06/17 13:14:25] <Kiloman> doesn't use a template, but might be good enough?
[2010/06/17 13:14:50] <ckdake> Kiloman: thats basically what i have now, but would still need to get that info into the template
[2010/06/17 13:14:55] * ckdake uses `< /dev/urandom /usr/bin/tr -dc A-Za-z0-9_ \| /usr/bin/head -c20`
[2010/06/17 13:15:24] <Kiloman> yeah the problem with that is that it's all run client-side while the templates are expanded server-side, right?
[2010/06/17 13:17:41] <mackn> i like the idea of having the config file generated first and then have it trigger the exec to keep the database grant in check.
[2010/06/17 13:17:58] <mackn> or shrug
[2010/06/17 13:18:02] <mackn> i guess it dpeneds on your needs
[2010/06/17 13:18:16] <Kiloman> so you need two parts.. one on the server's class to run the grant statement, and another on the client node to insert that same password into the config?
[2010/06/17 13:18:41] <Kiloman> or are they both happening within the same node/class
[2010/06/17 13:18:46] <ckdake> same node/class
[2010/06/17 13:18:59] <ckdake> tricky thing is that we'll need to make changes to the template without changing the password
[2010/06/17 13:19:07] <ckdake> brain hurts
[2010/06/17 13:19:13] <mackn> ok
[2010/06/17 13:19:23] <mackn> that's sorta makes things different :)
[2010/06/17 13:20:47] <Kiloman> yeah so having it be less random and more a hash of hostname+salt might be better?
[2010/06/17 13:20:59] <mackn> so youeither need to store the passwd somewhere on the client for re-use or.. maybe having the passwd generated on the fly isn't the way to go for this application...
[2010/06/17 13:21:19] <mackn> how secure do you need to be? :)
[2010/06/17 13:21:41] <mackn> i saw regening the password everytime the template changes is super secure haha
[2010/06/17 13:21:43] <mackn> say
[2010/06/17 13:21:52] <ckdake> yeah could be nice!
[2010/06/17 13:22:09] <mackn> if the only 2 people who need to know the password are the database and the configfile.. why not hah
[2010/06/17 13:22:12] <ckdake> but this doesn't need to be really that secure at all. im liking just doing something like password=sha1(ipaddress) in the class, and using that in both the template and the exec grant
[2010/06/17 13:22:48] <mackn> no... cuz that means we all just wasted 20 minutes of our time pondering this....
[2010/06/17 13:23:45] <Kiloman> that's like a whole man-hour!
[2010/06/17 13:23:56] <mackn> haha
[2010/06/17 13:24:08] <Kiloman> of course if I really cared about that I wouldn't be on IRC in the first place would i ;)
[2010/06/17 13:27:06] <ckdake> thanks for the thoughts all :)
[2010/06/17 13:27:36] <ckdake> someday puppet will gain the ability to bend spacetime and all will be well
[2010/06/17 13:28:05] @ thekad is now known as thekad-afk
[2010/06/17 13:28:20] <mackn> i smell a feature request
[2010/06/17 13:28:27] <Volcane> http://pastie.org/1009126 :P
[2010/06/17 13:28:55] <mackn> all of these configs need to be posted somewhere!
[2010/06/17 13:28:57] <mackn> heh
[2010/06/17 13:29:01] <Volcane> same password per node
[2010/06/17 13:29:05] <ckdake> Volcane: ah nice, i hadn't thought of populating a variable with a template
[2010/06/17 13:29:19] <AngryParsley> is there some command-line util I can run to test if a file is under puppet's control?
[2010/06/17 13:29:28] <AngryParsley> or to get a list of files on the current machine that are under puppet's control
[2010/06/17 13:30:17] <Kiloman> Volcane: how different is that from just using the hash operator built in to puppet though?
[2010/06/17 13:30:18] <Volcane> AngryParsley: http://www.devco.net/archives/2010/02/26/what_does_puppet_manage_on_a_node-2.php
[2010/06/17 13:30:30] <Volcane> Kiloman: the fqdn rand thing or which?
[2010/06/17 13:30:32] <Kiloman> seems like the result is pretty similar
[2010/06/17 13:30:33] <Kiloman> yeah
[2010/06/17 13:30:42] <AngryParsley> yesssss
[2010/06/17 13:30:46] <AngryParsley> Volcane: thanks
[2010/06/17 13:30:47] <Volcane> Kiloman: yeah the hex thing is the same - i wrote that ages ago before i think fqdn_rand existed
[2010/06/17 13:30:48] <Kiloman> if your seeding the rng with the same value
[2010/06/17 13:31:19] <Kiloman> it's just a more complicated way to get the same effect
[2010/06/17 13:31:32] <Volcane> Kiloman: I use it to give my machines unique names from a massive list of sci fi related possible names and put it in motd :P
[2010/06/17 13:31:34] <Kiloman> makes sense as a historical thing though
[2010/06/17 13:31:35] <Kiloman> lol
[2010/06/17 13:31:38] <Volcane> Kiloman: but i did that long before fqdn_rand
[2010/06/17 13:32:37] <Volcane> Kiloman: http://pastie.org/1009133 :)
[2010/06/17 13:32:50] <Volcane> Kiloman: keeps some interesting theme going while keeping with sane hostnames that mean something
[2010/06/17 13:33:06] <Kiloman> haha
[2010/06/17 13:33:27] <Volcane> (i use space ship names from ian m banks books)
[2010/06/17 13:34:50] <Volcane> Kiloman: ah but fqdn_rand wont work here will it? it always give the same result, i want a range of pseudo random numbers that starts at the same point always
[2010/06/17 13:35:03] @ chadh joined channel #puppet
[2010/06/17 13:35:20] <AngryParsley> I use atomic elements. they have short names (h, c, li, br, etc) and can correspond to the last byte of an IP address (hydrogen is .1, carbon is .6, etc)
[2010/06/17 13:35:51] <Volcane> for hostnames?
[2010/06/17 13:35:59] <AngryParsley> yeah
[2010/06/17 13:36:07] <Volcane> ah, i keep hostnames that make sense
[2010/06/17 13:36:10] <AngryParsley> my laptop is carbon. at home its IP is 192.168.1.6
[2010/06/17 13:36:25] <kjetilho> haha, nice convention
[2010/06/17 13:36:51] <AngryParsley> and I set up local caching DNS so both c and carbon resolve to that IP
[2010/06/17 13:36:59] <hggh> too crazy. use hostname with there functions. ex. web for webserver, rweb for rails webserver; db for database :)
[2010/06/17 13:37:00] <Volcane> heh
[2010/06/17 13:37:12] <Volcane> hggh: yeah thats what i do, keeping the fun for the motd :)
[2010/06/17 13:37:18] <AngryParsley> oh yeah for work stuff it's all pretty dry
[2010/06/17 13:38:41] <hggh> and domainname contains the location. like web1.hh.de.example.com so everybody at your company knows that does the server do and where it is located
[2010/06/17 13:39:09] @ hyde_ joined channel #puppet
[2010/06/17 13:39:19] <Volcane> you can keep adding bits to host/domain names, you'll never solve all your needs
[2010/06/17 13:39:55] <mackn> i saw add the root password to the name.. so you never have to remember them all!
[2010/06/17 13:39:58] <mackn> say
[2010/06/17 13:40:12] <hggh> haha
[2010/06/17 13:40:20] <mackn> so you know where it is and how to get on
[2010/06/17 13:40:43] <mackn> and if you're worried i guess you can rot13 it or something...
[2010/06/17 13:41:06] <mackn> but that would create extra work to decode
[2010/06/17 13:41:26] @ Quit: reyjrar: Quit: Leaving.
[2010/06/17 13:41:29] * Volcane just dont bother, anything that needs to know about that stuf is done via mcollective
[2010/06/17 13:41:40] <Volcane> where my machines are identifiable with 100s of bits of meta data
[2010/06/17 13:41:55] <mackn> that's how the machines are going to take over...
[2010/06/17 13:42:11] <Volcane> need to ssh to machines with apache in germay? mc-ssh -W country=de /apache/
[2010/06/17 13:42:19] <Volcane> pick one in the menu, hit enter
[2010/06/17 13:42:57] <ashp> where is the mcollective plugin to make all my java applications work for the first time ever :(
[2010/06/17 13:43:04] <Volcane> lol
[2010/06/17 13:43:06] <mackn> that makes it too hard to hold passwords hostage when they try and fire me
[2010/06/17 13:43:33] <mackn> wait..it's in the hostname...damn
[2010/06/17 13:43:50] @ Quit: nexx: Quit: quit
[2010/06/17 13:43:52] <mackn> ok i need to try to look like i'm working..
[2010/06/17 13:47:04] <ashp> hmm i better update to 0.4.6
[2010/06/17 13:47:19] <Volcane> .7 will be out soon
[2010/06/17 13:47:29] <Volcane> annoying bug with many rpc clients in one script
[2010/06/17 13:47:40] <Volcane> which i just didnt do much of before, bugs been there for ever no doubt
[2010/06/17 13:47:51] <ashp> ah, i'll wait on .7
[2010/06/17 13:47:57] <ashp> i go on vacation for 2 weeks on friday
[2010/06/17 13:48:03] <ashp> and you want to know the most depressing thing in the world?
[2010/06/17 13:48:05] <Volcane> nice where?
[2010/06/17 13:48:08] <ashp> i'm like 'woohoo, i can finally get some work done.'
[2010/06/17 13:48:12] <Volcane> lol
[2010/06/17 13:48:15] <ashp> i'm moving on sunday to the house i bought on tuesday!
[2010/06/17 13:48:20] <ashp> so it's a stay at home vacation just to get settled in
[2010/06/17 13:48:22] <Volcane> u have a kid at home, whats the chance of getting work done
[2010/06/17 13:48:47] <Volcane> i guess the kid doesnt run around and cause havok yet
[2010/06/17 13:48:49] <ashp> well, about 2 hours worth a day, max :)
[2010/06/17 13:48:59] <ashp> oh she causes havoc all day long, she's 2 tomorrow
[2010/06/17 13:49:03] <ashp> naps are the only quiet time
[2010/06/17 13:49:07] <Volcane> heh
[2010/06/17 13:49:13] <ashp> this morning i was late to work because i was stuck playing tea party
[2010/06/17 13:49:19] <ashp> which is very serious to her
[2010/06/17 13:49:31] <Volcane> heh
[2010/06/17 13:49:46] <mackn> heh
[2010/06/17 13:54:17] <jamesturnbull> ashp: but good on you for playing instead of being a sucker and going to work :)
[2010/06/17 13:54:37] * jamesturnbull likes a chap with his priorities right :)
[2010/06/17 13:55:37] @ Quit: iAlien: Quit: Page closed
[2010/06/17 13:57:08] <ashp> yeah, work was still gonna be there
[2010/06/17 13:57:11] <ashp> but that tea party won't be :)
[2010/06/17 13:57:16] <mackn> heh
[2010/06/17 13:57:25] <ashp> the best thing about moving is the new town has a splash park and an outdoor pool
[2010/06/17 13:57:30] <ashp> so we're going to spend 2 weeks jumping in water
[2010/06/17 13:57:31] <mackn> nice
[2010/06/17 13:57:47] <mackn> can't wait til my kid gets old enough to play with
[2010/06/17 13:58:04] <mackn> right now he just stares at me
[2010/06/17 13:58:11] <Kiloman> I have a dog for that
[2010/06/17 13:58:16] <mackn> nod
[2010/06/17 13:58:24] <Kiloman> working on the kiddo though
[2010/06/17 13:58:27] <mackn> at least dogs sleep...
[2010/06/17 13:58:35] <Kiloman> I hear they're like dogs that slowly learn how to talk
[2010/06/17 13:58:38] <Kiloman> and then start asking for money
[2010/06/17 13:59:31] <ashp> mackn: how old is he?
[2010/06/17 13:59:47] <mackn> 6 weeks :)
[2010/06/17 14:01:35] @ Quit: dearka: Remote host closed the connection
[2010/06/17 14:03:37] @ Quit: allsystemsarego: Quit: Leaving
[2010/06/17 14:03:53] <ashp> ahhh, congrats
[2010/06/17 14:03:56] <ashp> newborn stage is so hard
[2010/06/17 14:04:02] <ashp> i put on 45lb in 4 months :(
[2010/06/17 14:04:30] <mackn> that's.... i dunno what to say about that
[2010/06/17 14:04:31] <mackn> hah
[2010/06/17 14:04:39] <Tonnerre> ashp, all due to Puppet?
[2010/06/17 14:04:40] <mackn> but i can totally see it happening
[2010/06/17 14:04:42] <zahna> hey guys, isn't there a way to redefine a resource attribute for a resource that's already been defined?
[2010/06/17 14:04:58] <zahna> like override a File[] source?
[2010/06/17 14:05:19] <kjetilho> you need to inherit the class which defines it
[2010/06/17 14:05:49] <ashp> Tonnerre: it made it so everything worked too well and i never had to leave my seat :D
[2010/06/17 14:06:27] <zahna> kjetilho: ah, that sounds familiar. thanks.
[2010/06/17 14:06:47] <Tonnerre> ashp, you need a hobby then :P
[2010/06/17 14:07:15] <ashp> i took up going to the gym for longer than my lunch break :D
[2010/06/17 14:07:34] <zahna> mackn: once kids get past 4 months or so, their coolness factor rises fast
[2010/06/17 14:08:42] <mackn> yeaht's what i hear... im sure part of that is due to the fact that I'll be getting more sleep..i hope
[2010/06/17 14:08:52] <Tonnerre> ashp, I cycle to work every day and do 100 push-ups every day while waiting for test builds before going to bed
[2010/06/17 14:09:00] <Tonnerre> ashp, that seems to do the trick
[2010/06/17 14:09:24] <Tonnerre> ashp, also, I eat lots of fruits and salad at work
[2010/06/17 14:11:42] @ lhuhn joined channel #puppet
[2010/06/17 14:12:00] <jbooth> I wish we had shower facilities here so I could cycle to work more than early spring and late fall. :-/
[2010/06/17 14:13:05] @ Quit: ezmobius: Remote host closed the connection
[2010/06/17 14:13:06] <Tonnerre> Well, we do have showers in the office
[2010/06/17 14:13:08] @ Diranged1 joined channel #puppet
[2010/06/17 14:14:19] @ Quit: flooose: Ping timeout: 265 seconds
[2010/06/17 14:15:45] @ Quit: Diranged: Ping timeout: 240 seconds
[2010/06/17 14:17:05] @ andrew3 joined channel #puppet
[2010/06/17 14:19:39] <plathrop> Volcane: so, how do you point your clients at the regional puppetmaster?
[2010/06/17 14:19:50] <plathrop> Ah, you said the puppetmasters are non-ec2
[2010/06/17 14:19:53] @ Quit: giskard: Remote host closed the connection
[2010/06/17 14:19:53] <plathrop> nevermind
[2010/06/17 14:19:55] <plathrop> damn it
[2010/06/17 14:20:03] <Volcane> plathrop: in the demo i fiddled /etc/hosts
[2010/06/17 14:20:18] <Volcane> plathrop: find it with discovery, get its ip, fiddle the clients hosts
[2010/06/17 14:20:28] <Volcane> to match whatever is in dns
[2010/06/17 14:20:34] <Volcane> err, whatever is in the cert
[2010/06/17 14:20:56] @ Quit: Diranged1: Quit: Leaving.
[2010/06/17 14:21:50] <PhabX> plathrop: not that this is a good way but we have an image for each region thats pointed already to its regional puppetmaster
[2010/06/17 14:22:12] <PhabX> and then each puppetmaster is configured to auto-sign client certs if their hostnames match our pattern
[2010/06/17 14:22:14] <Volcane> what if the master dies/needs rebuild? you redo all your amis?
[2010/06/17 14:22:25] <Volcane> or are you not talking ec2?
[2010/06/17 14:22:38] @ Quit: lutter: Quit: Leaving.
[2010/06/17 14:22:54] <PhabX> our puppetmasters are also non ec2, but we've considered moving to ec2 and putting all the certs on an esb volume so we don't lose them
[2010/06/17 14:24:45] <Volcane> the certs mean noting to the master once signed
[2010/06/17 14:24:47] <Volcane> only the clients
[2010/06/17 14:24:53] <Volcane> not much reason to back them up
[2010/06/17 14:25:00] @ sebas891 left channel #puppet ()
[2010/06/17 14:25:22] <PhabX> never though about that, espeically since rebuilding a node means a new client with a new cert technically
[2010/06/17 14:25:32] <PhabX> maybe well just backup the masters cert then
[2010/06/17 14:25:35] <plathrop> Yeah, I'm running into the problem where I'm going to have to fiddle /etc/hosts on all the clients and I really don't think that's a great idea.
[2010/06/17 14:25:40] <plathrop> But I guess I have to
[2010/06/17 14:25:52] <Volcane> plathrop: else keep dynamic dns pointing at masters
[2010/06/17 14:26:04] * Volcane has a sexy software GSLB :P
[2010/06/17 14:26:10] <plathrop> Yeah, I don't have time to build out a dynamic DNS infrastructure
[2010/06/17 14:26:21] <Tonnerre> Volcane, gslb?
[2010/06/17 14:26:24] <plathrop> I barely have time to roll out mcollective
[2010/06/17 14:26:45] <Volcane> Tonnerre: http://ruby-pdns.googlecode.com/
[2010/06/17 14:26:59] <Volcane> plathrop: time to get a consultant in :P
[2010/06/17 14:27:17] @ fredden joined channel #puppet
[2010/06/17 14:27:25] @ Quit: jcape: Remote host closed the connection
[2010/06/17 14:27:35] <PhabX> plathrop: i hear volcane is a great consultant ;-x
[2010/06/17 14:27:44] <plathrop> But I don't know how to pass that info in. I don't have a central lookup service. I guess I could set up a TXT record in our DNS and have the bootstrap script do that...
[2010/06/17 14:27:47] @ jcape joined channel #puppet
[2010/06/17 14:27:57] <plathrop> Yeah, I ask for a consultant for this, I lose my job.
[2010/06/17 14:28:06] <Volcane> plathrop: yah its shitty, i think the hosts thing isnt too bad
[2010/06/17 14:28:09] @ joe-mac left channel #puppet ()
[2010/06/17 14:28:42] <PhabX> hey Volcane, do you use ruby-pdns everywhere? no bind,djbdns or anything else?
[2010/06/17 14:28:43] <plathrop> So just hard-code it for now, I guess. UGh.
[2010/06/17 14:29:05] <Volcane> PhabX: no i just delegate the records i want to manage with it to machins running it, rest in bind
[2010/06/17 14:29:13] <PhabX> ahhh okay
[2010/06/17 14:29:17] <Volcane> PhabX: puppet IN NS pdns1 etc
[2010/06/17 14:30:15] <Volcane> early lesson, pns1 is a bad choice of host name :P
[2010/06/17 14:30:25] <mackn> haha
[2010/06/17 14:30:46] <Volcane> first time you use that out loud in a meeting etc :)
[2010/06/17 14:30:49] <hMz> no no, pns15
[2010/06/17 14:31:05] <PhabX> lmao
[2010/06/17 14:31:18] <gepetto> feed redmine had 10 updates, showing the latest 3
[2010/06/17 14:31:18] <gepetto> ::redmine:: Wiki edit: Using_Mongrel_Nginx (#3) @ http://projects.reductivelabs.com/projects/1/wiki/Using_Mongrel_Nginx?version=3 (by Jim Blomo)
[2010/06/17 14:31:18] <gepetto> ::redmine:: Wiki edit: Using_Thin_Nginx (#1) @ http://projects.reductivelabs.com/projects/1/wiki/Using_Thin_Nginx?version=1 (by Jim Blomo)
[2010/06/17 14:31:18] <gepetto> ::redmine:: Wiki edit: Using_Mongrel (#7) @ http://projects.reductivelabs.com/projects/1/wiki/Using_Mongrel?version=7 (by Jim Blomo)
[2010/06/17 14:31:54] @ ezmobius joined channel #puppet
[2010/06/17 14:33:56] @ Quit: MPSimmons: Quit: Leaving.
[2010/06/17 14:36:02] @ Quit: anvil14: Quit: anvil14
[2010/06/17 14:36:24] <lhuhn> Hi. I'm a puppet newbie, and I was happily editing the config on the server hosting puppetmasterd, and when I made changes, they were happening on the puppeted machine. Then, for no apparent reason puppetd stopped making changes on this machine. I'm running puppetd -td and nothing obvious is happening. Any ideas how to proceed?
[2010/06/17 14:37:46] <PhabX> lhuhn: have you tried reverting your changes?
[2010/06/17 14:37:53] <PhabX> are you seeing any errors?
[2010/06/17 14:39:11] <lhuhn> PhabX: I'm not seeing any errors. I was just working on the file, there's no version control. I reduced my node definition to include one class, and that class to only define one symbolic link.
[2010/06/17 14:39:30] <lhuhn> However, that link isn't being created.
[2010/06/17 14:39:46] <lhuhn> Other puppeted machines are still being managed.
[2010/06/17 14:41:42] <hMz> did you check the server err logs also?
[2010/06/17 14:42:04] <Volcane> lhuhn: best to put output from puppetd --test on pastie.org and show us
[2010/06/17 14:42:04] <hMz> does it pass --parseonly?
[2010/06/17 14:45:59] <lhuhn> Sorry, one second, I'm being called away from my desk.
[2010/06/17 14:47:18] @ thekad-afk is now known as thekad
[2010/06/17 14:53:48] <lhuhn> Back. My boss figured it out. I was creating a node with the same name as the class it was including, and this was causing puppetd to silently fail.
[2010/06/17 14:53:50] <pheezy> do most RPM-distro users use the yumrepo type or just manage repo files individually?
[2010/06/17 14:54:02] <lhuhn> If I change the name of the class to be different from the name of the node, it works.
[2010/06/17 14:56:01] @ blahdeblah joined channel #puppet
[2010/06/17 14:57:56] <hMz> you realize node is a reserved word, right?
[2010/06/17 14:58:45] <lhuhn> hMz: That wasn't the issue. The name of the node was the same as the name of a class it included, not the literal string "node"
[2010/06/17 14:59:17] <hMz> i would suspect you're not doing something right if a FQDN matches a class name ;P
[2010/06/17 14:59:33] <lhuhn> I'm not using FQDN
[2010/06/17 15:00:26] @ btipling joined channel #puppet
[2010/06/17 15:05:15] @ Quit: pheezy: Remote host closed the connection
[2010/06/17 15:12:31] @ pquerna joined channel #puppet
[2010/06/17 15:13:09] <pquerna> hi, I'm tryin to restart an upstart service using puppet -- using /sbin/reload rsyslog, it says its executing, but the service isn't actually getting reloaded (in this case, rsyslog)
[2010/06/17 15:13:30] <chadh> anyone seen "Could not retrieve local facts: unitialized constant Facter::Util::IP" ?
[2010/06/17 15:13:40] <chadh> I only see it run puppet runs in daemon mode
[2010/06/17 15:14:00] @ rodnet joined channel #puppet
[2010/06/17 15:14:10] <mackn> which version of facter are you running?
[2010/06/17 15:14:16] <mackn> and puppet
[2010/06/17 15:14:19] <chadh> 1.5.7-1.el5?
[2010/06/17 15:14:26] @ Quit: ezmobius: Quit: Leaving...
[2010/06/17 15:14:31] <chadh> 0.25.4-1
[2010/06/17 15:15:53] <mackn> heh was about to ask which platform but saw the version number on your facter
[2010/06/17 15:16:59] <chadh> 2 hosts out of 267 that just started doing this. And not when I run puppetd --test. very strange
[2010/06/17 15:20:42] @ MarkN joined channel #puppet
[2010/06/17 15:20:46] @ MarkN left channel #puppet ()
[2010/06/17 15:22:14] @ poison joined channel #puppet
[2010/06/17 15:24:32] @ Quit: hyde_: Quit: Leaving
[2010/06/17 15:25:46] <PhabX> Volcane: going to Devops?
[2010/06/17 15:27:01] <Volcane> wrong contitnent
[2010/06/17 15:27:21] <mackn> where's it at?
[2010/06/17 15:27:31] <Volcane> same place as velocity
[2010/06/17 15:27:34] <PhabX> near the google offices up north in california
[2010/06/17 15:27:53] <Volcane> hmm, or isnt it? thought it was, eitherway
[2010/06/17 15:27:56] @ Quit: kaptk2: Quit: Leaving.
[2010/06/17 15:28:00] <Volcane> am in england, cant fly ear screwed
[2010/06/17 15:28:40] <jamesturnbull> PhabX: hmmm it's someones office ... LinkedIn maybe?
[2010/06/17 15:29:05] <jamesturnbull> Volcane: do you fly at all?
[2010/06/17 15:29:17] <mackn> i hope you don't get seasick
[2010/06/17 15:29:22] <jamesturnbull> Volcane: ah I parse sentence good now - ear buggered now
[2010/06/17 15:29:25] @ lhuhn left channel #puppet ()
[2010/06/17 15:30:11] <PhabX> jamesturnbull: are you going to Devops? I though I saw your name on there
[2010/06/17 15:30:37] <jamesturnbull> I am speaking on a panel about DevOps Outside WebOps
[2010/06/17 15:30:42] <jamesturnbull> coughs
[2010/06/17 15:30:51] <PhabX> hah
[2010/06/17 15:30:56] <jamesturnbull> in other words DevOps in the 95% of the world's IT organisations that aren't WebOps
[2010/06/17 15:31:26] * jamesturnbull has opinions about WebOps that he might not keep to himself if plyed with alcohol at conferences
[2010/06/17 15:31:44] <hMz> but how do you feel about opscode?
[2010/06/17 15:31:51] * hMz chuckles
[2010/06/17 15:32:12] <jamesturnbull> hMz: don't really feel much either way
[2010/06/17 15:32:32] <hMz> the only time i altered my feeling was when i realized one of my old coworkers is the ceo
[2010/06/17 15:32:36] <Volcane> jamesturnbull: i fly, but i try to avoid it
[2010/06/17 15:32:57] <jamesturnbull> hMz: I like Josh and Adam - not sure how comfortable I was about how they started their business but to be honest I think they are in a different business to us
[2010/06/17 15:33:16] <jamesturnbull> hMz: Jesse?
[2010/06/17 15:33:22] <hMz> yea
[2010/06/17 15:33:29] <hMz> i worked with him at one of my first unix jobs back in '99
[2010/06/17 15:33:53] <jamesturnbull> yeah I am a bit uncomfortable with the O'Reilly/Conference/OpsCode cross over
[2010/06/17 15:34:02] <PhabX> jamesturnbull: man, now i'm worried that if i go to devops i'm going to get to listen to a lot of marketting garbage instead of good hands on tech talks
[2010/06/17 15:34:07] <hMz> but even back then, he was pretty in with oreily
[2010/06/17 15:34:08] <hMz> so it makes sense
[2010/06/17 15:34:12] <jamesturnbull> Opscode had two talks accepted at Velocity - ours were recjedt
[2010/06/17 15:34:32] <hMz> yeeaa, thats no bueno.
[2010/06/17 15:34:37] <jamesturnbull> PhabX: I suspect it'll be more than technical but I doubt it'll be marketing
[2010/06/17 15:34:39] <jamesturnbull> more cultural
[2010/06/17 15:34:51] @ Quit: jdcasey:
[2010/06/17 15:35:04] <jamesturnbull> at the very least it's a conflit of interest and he shoudl recuse himself from elements of that
[2010/06/17 15:35:06] <Volcane> sigh, twitter fwhaling and the football isnt even on
[2010/06/17 15:35:09] <PhabX> cultural is not bad
[2010/06/17 15:35:13] <PhabX> er not horrible
[2010/06/17 15:35:37] <jamesturnbull> well DevOps is about cultural change as much as it about technology - perhaps more so
[2010/06/17 15:35:53] <Volcane> yeah the tech is a side issue
[2010/06/17 15:36:01] @ anvil14 joined channel #puppet
[2010/06/17 15:36:51] <jamesturnbull> Volcane: yeah the last talk I gave about DevOps had no code and no products discussed
[2010/06/17 15:37:13] <jamesturnbull> http://www.slideshare.net/jamtur01/what-the-fuck-is-devops
[2010/06/17 15:37:27] @ Quit: jcape: Remote host closed the connection
[2010/06/17 15:37:34] <jamesturnbull> Apparently okay for Oz but Americans don't like swearing so I will have to change it if I give it here
[2010/06/17 15:37:41] * jamesturnbull thinks Americans are weird sometimes
[2010/06/17 15:37:42] <Kiloman> hmm, that's a hard URL to link to my boss ;)
[2010/06/17 15:37:47] @ jcape joined channel #puppet
[2010/06/17 15:37:47] <hMz> haha
[2010/06/17 15:37:55] <hMz> lmao
[2010/06/17 15:38:35] <Volcane> jamesturnbull: well. i should qualify, the tech is important but not the specific tools, more the requirement for the types
[2010/06/17 15:39:06] <Volcane> jamesturnbull: ie. need to have automation/cf management/etc. how u get there isnt important
[2010/06/17 15:39:20] <jamesturnbull> Volcane: yeah agreed - dobn't care what tools you chose (obviously Puppet is mandatory... :P) but if you're not automating you're not DevOps
[2010/06/17 15:41:23] <stahnma> jamesturnbull: I prefer the straightforward title :)
[2010/06/17 15:43:45] <jamesturnbull> stahnma: ditto
[2010/06/17 15:43:52] * jamesturnbull will bbl
[2010/06/17 15:44:12] <mackn> how many of you all are going to devops?
[2010/06/17 15:47:38] @ lak joined channel #puppet
[2010/06/17 15:52:25] * Volcane really wanted to make it to velocity this year
[2010/06/17 15:57:56] @ Quit: ajbourg: Quit: ajbourg
[2010/06/17 15:58:15] @ Quit: lak: Quit: lak
[2010/06/17 15:58:17] <PhabX> mackn: I'm going, although I'm having seconds thoughts now.
[2010/06/17 15:59:42] <mackn> i think i'll stop by...
[2010/06/17 15:59:47] <mackn> see some old faces
[2010/06/17 15:59:55] <PhabX> meet some new ones :)
[2010/06/17 16:00:00] <mackn> that too :)
[2010/06/17 16:01:17] @ Quit: jab_doa: Quit: Verlassend
[2010/06/17 16:01:53] @ bobinabottle joined channel #puppet
[2010/06/17 16:06:22] @ Quit: ona_matt: Ping timeout: 264 seconds
[2010/06/17 16:14:43] @ Quit: mfournier: Ping timeout: 258 seconds
[2010/06/17 16:15:36] <dan__t> So eh, being new to regex and all.... if $fqdn =~ /hdmail0\d+.prod.az.domain.local/ Would that match hdmail0N.prod.az.domain.local, N being some single digit number?
[2010/06/17 16:16:23] <tmz> dan__t: The + in \d+ means match 1 or more digits.
[2010/06/17 16:16:29] <dan__t> Yes.
[2010/06/17 16:16:29] <Kiloman> N is not a digit
[2010/06/17 16:16:35] <dan__t> I was using N as a placeholder, sorry.
[2010/06/17 16:16:43] <dan__t> I should have explained that.
[2010/06/17 16:16:57] <Kiloman> lol
[2010/06/17 16:17:00] <dan__t> Sorry!
[2010/06/17 16:17:15] <dan__t> I guess more importantly, is that the proper way to write a regex for puppet? It doesn't seem to match.
[2010/06/17 16:17:24] <Kiloman> looks good to me as a Perl guy
[2010/06/17 16:17:33] <tmz> Depending on how strict you want your regex to be, you should escape the dots as well, otherwise hdmail0N.prod.azpdomainslocal would patch.
[2010/06/17 16:17:43] <Kiloman> yeah
[2010/06/17 16:17:51] <Kiloman> but it should match your example
[2010/06/17 16:18:05] <dan__t> oh, good idea.
[2010/06/17 16:18:30] <tmz> Also, anchoring the start and end is usually good.
[2010/06/17 16:18:38] <dan__t> Got it.
[2010/06/17 16:19:31] <dan__t> Trying to use all this in a template, if that matters...
[2010/06/17 16:19:38] <dan__t> <% if $fqdn =~ /^hdmail0(\d+)\.prod\.az\.domain\.local/ %>
[2010/06/17 16:19:51] @ jcape left channel #puppet ()
[2010/06/17 16:20:05] <tmz> If you're in a template, you don't want the $ in front of fqdn.
[2010/06/17 16:20:19] <tmz> ruby doesn't use them for variables.
[2010/06/17 16:20:39] <Volcane> tmz: it does, just not those :)
[2010/06/17 16:20:41] <dan__t> Hah.
[2010/06/17 16:20:51] <dan__t> It works. Very cool. My first regex with puppet.
[2010/06/17 16:20:53] <tmz> Volcane: Good point.
[2010/06/17 16:23:56] @ hyde_ joined channel #puppet
[2010/06/17 16:24:02] <dan__t> Very cool, thank you.
[2010/06/17 16:25:29] <hyde_> I notice if I do 'puppetd -tv' on about 9 client nodes, 4 or 5 nodes would get the changes from puppet master server, and I have to run that command again for the other nodes to get those changes. Does this mean I have to tune puppet master server?
[2010/06/17 16:26:29] @ OpenMedia joined channel #puppet
[2010/06/17 16:26:50] <Volcane> u run them at the exact same time?
[2010/06/17 16:26:55] <hyde_> yes
[2010/06/17 16:27:03] <Volcane> probably not advised
[2010/06/17 16:27:23] <mackn> are you using it out of the box? (webrick)?
[2010/06/17 16:27:56] <hyde_> no, nginx and mongrel
[2010/06/17 16:28:50] <hyde_> previously I only gave it 512M RAM, I just bumped this VM to be 4G RAM, it still behaves the same
[2010/06/17 16:29:17] <Volcane> hyde_: when you say they dont get the changes do you get errors or something?
[2010/06/17 16:30:06] <hyde_> Volcane, no errors, but no changes as well
[2010/06/17 16:30:24] <Volcane> how soon after making the change?
[2010/06/17 16:30:33] <hyde_> right away
[2010/06/17 16:30:53] <hyde_> make changes on the master, run them at the same time for servers in the same cluster
[2010/06/17 16:31:03] <Volcane> same behavrior if u wait a bit?
[2010/06/17 16:31:22] <hyde_> have not tried that.
[2010/06/17 16:31:34] <Volcane> give it a try
[2010/06/17 16:31:42] <hyde_> ok
[2010/06/17 16:31:47] <Volcane> how many machines are you ever going to want to run like this? concurrently?
[2010/06/17 16:32:00] <hyde_> just one time setup
[2010/06/17 16:32:12] <hyde_> depends on cluster size
[2010/06/17 16:32:25] @ Quit: bobinabottle: Quit: bobinabottle
[2010/06/17 16:33:41] <Volcane> puppets not really designed for that kind of thing, tons of requests at the same time you'd need lots of puppetmaster processes on the master box more or less 1 per client
[2010/06/17 16:34:20] <hyde_> I remember previously when I do puppetrun from master to client, it shows up right away
[2010/06/17 16:34:41] <hyde_> might I should keep doing that
[2010/06/17 16:34:47] <Volcane> so did you try to wait a bit to see if it helps?
[2010/06/17 16:35:08] <hyde_> I will pick another cluster to try this
[2010/06/17 16:38:24] @ Quit: rmiller4pi8: Ping timeout: 248 seconds
[2010/06/17 16:38:47] <hyde_> I will give it 5 minutes
[2010/06/17 16:39:20] <Volcane> even 30 sec should be enough to test what i am thinking
[2010/06/17 16:39:41] <hyde_> ok, let me try now
[2010/06/17 16:40:42] <hyde_> cool. this time all nodes got the changes
[2010/06/17 16:41:00] <Volcane> masters check for changes to pp files every now and then
[2010/06/17 16:41:06] <Volcane> if you're too quick, they havnt all checked
[2010/06/17 16:41:48] <hyde_> so it means there are 2 masters, one already saw the changes, while the other one not?
[2010/06/17 16:42:25] <Volcane> yes
[2010/06/17 16:42:40] <hyde_> ok
[2010/06/17 16:42:52] <Volcane> how ever your nginx/passenger is setup
[2010/06/17 16:43:39] @ davea1 joined channel #puppet
[2010/06/17 16:49:30] @ freshtonic joined channel #puppet
[2010/06/17 16:50:44] @ bobinabottle joined channel #puppet
[2010/06/17 16:53:23] @ Quit: PhabX:
[2010/06/17 16:58:59] @ ajbourg joined channel #puppet
[2010/06/17 16:58:59] @ Quit: rodnet: Read error: Connection reset by peer
[2010/06/17 16:59:04] @ rodnet joined channel #puppet
[2010/06/17 17:02:45] @ Quit: WALoeIII: Quit: Bai.
[2010/06/17 17:03:40] @ tonyskapunk left channel #puppet ("ERC Version 5.3 (IRC client for Emacs)")
[2010/06/17 17:10:20] @ spheroma1 is now known as spheromak
[2010/06/17 17:18:25] @ swa_work joined channel #puppet
[2010/06/17 17:38:33] @ Quit: blahdeblah: Ping timeout: 260 seconds
[2010/06/17 17:46:37] @ WALoeIII joined channel #puppet
[2010/06/17 17:49:28] @ CraftyTech joined channel #puppet
[2010/06/17 17:53:28] @ anvil14_ joined channel #puppet
[2010/06/17 17:53:53] @ jcape joined channel #puppet
[2010/06/17 17:54:02] @ micah joined channel #puppet
[2010/06/17 17:54:18] @ Quit: anvil14: Ping timeout: 240 seconds
[2010/06/17 17:54:18] @ anvil14_ is now known as anvil14
[2010/06/17 17:54:38] @ Quit: micah: Client Quit
[2010/06/17 18:02:18] @ Quit: artis: Ping timeout: 240 seconds
[2010/06/17 18:02:54] @ rmiller4pi8 joined channel #puppet
[2010/06/17 18:03:29] @ Quit: rmiller4pi8: Read error: Connection reset by peer
[2010/06/17 18:03:56] @ rmiller4pi8 joined channel #puppet
[2010/06/17 18:06:00] @ rmiller4pi8 left channel #puppet ()
[2010/06/17 18:15:12] <CraftyTech> hello all
[2010/06/17 18:17:59] <QtPlatypus> Hi
[2010/06/17 18:19:05] @ johnf1 joined channel #puppet
[2010/06/17 18:19:59] @ Quit: ahasenack: Quit: Leaving
[2010/06/17 18:27:18] @ Quit: swa_work: Ping timeout: 240 seconds
[2010/06/17 18:31:57] <CraftyTech> has anyone gotten external_nodes.rb to work with https (foreman)
[2010/06/17 18:34:24] @ thekad is now known as thekad-afk
[2010/06/17 18:39:51] @ swa_work joined channel #puppet
[2010/06/17 18:45:33] @ wilmoore joined channel #puppet
[2010/06/17 18:53:31] @ Quit: WALoeIII: Quit: Bai.
[2010/06/17 18:56:40] @ Quit: johnf1: Read error: No route to host
[2010/06/17 19:02:04] @ btipling left channel #puppet ("Closed channel window.")
[2010/06/17 19:02:57] @ plathrop is now known as plathrop-away
[2010/06/17 19:04:11] @ Quit: ajbourg: Quit: ajbourg
[2010/06/17 19:21:08] @ artis joined channel #puppet
[2010/06/17 19:23:56] @ lak joined channel #puppet
[2010/06/17 19:45:23] @ blahdeblah joined channel #puppet
[2010/06/17 19:47:44] @ Quit: alban2: Ping timeout: 248 seconds
[2010/06/17 19:49:04] @ Quit: spinr: Ping timeout: 252 seconds
[2010/06/17 19:50:43] @ joe-mac joined channel #puppet
[2010/06/17 20:00:55] @ PhabX joined channel #puppet
[2010/06/17 20:06:29] @ Quit: jaredrhine: Ping timeout: 240 seconds
[2010/06/17 20:11:56] @ swa_work is now known as swa_
[2010/06/17 20:16:18] @ Quit: andrew3: Ping timeout: 240 seconds
[2010/06/17 20:16:18] @ Quit: rodnet: Read error: Connection reset by peer
[2010/06/17 20:16:23] @ rodnet joined channel #puppet
[2010/06/17 20:17:10] @ Quit: PhabX: Ping timeout: 265 seconds
[2010/06/17 20:18:11] @ PhabX joined channel #puppet
[2010/06/17 20:22:02] @ spinr joined channel #puppet
[2010/06/17 20:22:24] @ andrew3 joined channel #puppet
[2010/06/17 20:22:37] @ Quit: PhabX: Ping timeout: 252 seconds
[2010/06/17 20:27:05] @ btipling joined channel #puppet
[2010/06/17 20:37:29] @ Quit: lak: Quit: lak
[2010/06/17 20:40:51] @ pinoyskull joined channel #puppet
[2010/06/17 20:42:31] @ Quit: ceren: Quit: ceren
[2010/06/17 20:44:06] @ flooose joined channel #puppet
[2010/06/17 20:51:58] @ Quit: Bass10: Ping timeout: 265 seconds
[2010/06/17 20:53:12] @ kc7zzv joined channel #puppet
[2010/06/17 20:58:48] @ btipling left channel #puppet ("Closed channel window.")
[2010/06/17 21:01:36] @ Quit: wilmoore: Remote host closed the connection
[2010/06/17 21:01:46] @ Quit: pting: Quit: Ex-Chat
[2010/06/17 21:03:32] @ Quit: Demosthenes: Read error: Operation timed out
[2010/06/17 21:08:05] @ wilmoore joined channel #puppet
[2010/06/17 21:10:02] @ MarkN joined channel #puppet
[2010/06/17 21:10:04] @ MarkN left channel #puppet ()
[2010/06/17 21:23:13] @ Quit: wilmoore: Remote host closed the connection
[2010/06/17 21:23:53] @ Quit: bgupta: Read error: Connection reset by peer
[2010/06/17 21:25:53] @ Quit: cliff-hm: Ping timeout: 260 seconds
[2010/06/17 21:26:10] @ bgupta joined channel #puppet
[2010/06/17 21:28:40] @ Quit: MrHeavy: Ping timeout: 258 seconds
[2010/06/17 21:29:05] @ wilmoore joined channel #puppet
[2010/06/17 21:31:14] @ MrHeavy joined channel #puppet
[2010/06/17 21:33:24] @ jaredrhine joined channel #puppet
[2010/06/17 21:37:45] @ pheezy joined channel #puppet
[2010/06/17 21:40:42] <kc7zzv> Is anyone here using puppet-dashboard? I
[2010/06/17 21:40:44] <kc7zzv> I
[2010/06/17 21:41:35] <kc7zzv> I'm wondering how long it usually takes for the report pages to load. It takes 30-90 seconds each for me, and I wanted to be sure that's not usual.
[2010/06/17 21:46:58] @ pinoyskull- joined channel #puppet
[2010/06/17 21:48:49] @ Quit: pheezy: Remote host closed the connection
[2010/06/17 21:49:07] @ Quit: pinoyskull: Ping timeout: 265 seconds
[2010/06/17 21:57:33] @ Quit: flooose: Ping timeout: 260 seconds
[2010/06/17 22:00:45] @ Quit: joe-mac: Ping timeout: 240 seconds
[2010/06/17 22:03:12] @ Quit: wilmoore: Ping timeout: 248 seconds
[2010/06/17 22:05:23] @ nexx joined channel #puppet
[2010/06/17 22:13:43] @ \ask joined channel #puppet
[2010/06/17 22:14:26] @ joe-mac joined channel #puppet
[2010/06/17 22:22:29] @ ckauhaus joined channel #puppet
[2010/06/17 22:23:15] @ Quit: jcape: Ping timeout: 240 seconds
[2010/06/17 22:30:46] @ Quit: tuf: Ping timeout: 258 seconds
[2010/06/17 22:30:46] @ tuf_ is now known as tuf
[2010/06/17 22:31:32] @ Quit: LeLutin: Ping timeout: 258 seconds
[2010/06/17 22:32:18] @ Quit: MrHeavy: Ping timeout: 258 seconds
[2010/06/17 22:32:18] @ Quit: themurph: Ping timeout: 258 seconds
[2010/06/17 22:32:26] @ LeLutin joined channel #puppet
[2010/06/17 22:32:43] @ themurph joined channel #puppet
[2010/06/17 22:32:49] @ MrHeavy joined channel #puppet
[2010/06/17 22:33:28] @ wilmoore joined channel #puppet
[2010/06/17 22:35:37] @ gospch joined channel #puppet
[2010/06/17 22:42:11] @ Quit: ckauhaus: Ping timeout: 272 seconds
[2010/06/17 22:48:24] @ Quit: gospch: Remote host closed the connection
[2010/06/17 22:49:49] @ ckauhaus joined channel #puppet
[2010/06/17 22:50:31] @ mfournier joined channel #puppet
[2010/06/17 22:52:57] @ Quit: rodnet: Read error: Connection reset by peer
[2010/06/17 22:52:58] @ rodnet_ joined channel #puppet
[2010/06/17 23:01:16] @ shug joined channel #puppet
[2010/06/17 23:05:14] @ Quit: fredden: Quit: Leaving
[2010/06/17 23:10:10] @ littleidea joined channel #puppet
[2010/06/17 23:11:33] @ alban2 joined channel #puppet
[2010/06/17 23:22:51] @ jab_doa joined channel #puppet
[2010/06/17 23:25:59] @ floess_chris joined channel #puppet
[2010/06/17 23:26:31] <ReinH> kc7zzv: if the reports are large I'm afraid it takes a while to load them atm
[2010/06/17 23:26:34] <ReinH> we're working on it
[2010/06/17 23:27:57] <kc7zzv> Every page is taking that long. Does that change your answer?
[2010/06/17 23:28:27] @ mattock joined channel #puppet
[2010/06/17 23:28:28] @ Quit: rodnet_: Read error: Connection reset by peer
[2010/06/17 23:28:29] @ rodnet joined channel #puppet
[2010/06/17 23:29:11] <kc7zzv> In this case, "every" page is /, /nodes, the pages for the individual nodes, and the pages for the individual reports.
[2010/06/17 23:32:09] @ giskard joined channel #puppet
[2010/06/17 23:32:43] @ Quit: siezer: Ping timeout: 276 seconds
[2010/06/17 23:32:47] <kc7zzv> ReinH: I was wondering if using Webrick could be the problem.
[2010/06/17 23:33:04] <ReinH> kc7zzv: no, it's storing (very) large reports in the database
[2010/06/17 23:33:17] <ReinH> kc7zzv: "every" page shouldn't take that long
[2010/06/17 23:33:22] <ReinH> which version are you using?
[2010/06/17 23:34:28] @ Quit: giskard: Remote host closed the connection
[2010/06/17 23:35:00] <kc7zzv> I'm using a deb that's version 1.0. I'm almost sure it's from http://apt.puppetlabs.com/ubuntu
[2010/06/17 23:35:10] @ Quit: littleidea: Quit: littleidea
[2010/06/17 23:35:20] @ andrew3 left channel #puppet ()
[2010/06/17 23:37:30] @ Quit: mfournier: Ping timeout: 276 seconds
[2010/06/17 23:38:07] <kc7zzv> ReinH: Yes. It's from http://apt.puppetlabs.com/ubuntu
[2010/06/17 23:39:08] @ suchu joined channel #puppet
[2010/06/17 23:39:47] <kc7zzv> About 20% of the time is 100% CPU usage. Either "real" cpu usage or iowait, but the other 80% of the time it doesn't seem to be doing anything.
[2010/06/17 23:40:21] <zipkid> thanks ReinH ! :-)
[2010/06/17 23:40:31] @ Quit: blahdeblah: Ping timeout: 276 seconds
[2010/06/17 23:41:20] @ Quit: ckauhaus: Quit: Leaving.
[2010/06/17 23:43:14] <zipkid> darn! ReinH your commit is not on github ?? !!
[2010/06/17 23:43:36] @ Quit: OpenMedia: Quit: Leaving.
[2010/06/17 23:46:39] @ littleidea joined channel #puppet
[2010/06/17 23:51:47] @ blahdeblah joined channel #puppet
[2010/06/17 23:52:12] @ Quit: rodnet: Read error: Connection reset by peer
[2010/06/17 23:52:13] @ rodnet_ joined channel #puppet
[2010/06/17 23:52:15] @ allsystemsarego joined channel #puppet
[2010/06/17 23:54:08] @ Quit: rodnet_: Client Quit
[2010/06/17 23:54:21] <kc7zzv> ReinH: If the problem was just storing and retrieving data, wouldn't top either show iowait or cpu usage instead of cup-idle?
[2010/06/17 23:56:49] @ hamish joined channel #puppet

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!