Wednesday, 2010-07-14

[2010/07/14 00:05:44] @ Log started by gepetto
[2010/07/14 00:05:44] <alcy> joschi: I think it looks for scripts in init.d. I use mcollective to check statuses, and mcolelctive in turn uses puppet to see them, and the error i get when I check the status of a (non-existent) service is no script found in /etc/init.d
[2010/07/14 00:11:11] <joschi> alcy: yes it does that - at least when the init provider is used ;)
[2010/07/14 00:11:44] <alcy> yup.
[2010/07/14 00:14:25] <ecolitan> i cant get a custom fact to show up when I call facter, the fact works when I test on my desktop
[2010/07/14 00:21:44] @ \ask joined channel #puppet
[2010/07/14 00:21:45] @ Quit: rcrowley: Quit: rcrowley
[2010/07/14 00:22:29] <ecolitan> well it sort of works, if i run 'facter \| grep fs_devices ' i see the fact returned, but 'facter fs_devices' doesnt return anything
[2010/07/14 00:25:45] @ PaulWay[w] left channel #puppet ("I must go, there are too many tangrams on this channel.")
[2010/07/14 00:37:13] @ gettalong joined channel #puppet
[2010/07/14 00:37:50] @ Quit: flooose: Remote host closed the connection
[2010/07/14 00:41:50] <gettalong> Hi everybody! I have a strange problem with puppet master 0.25.1 on Ubuntu 8.04.4. When running the puppetmasterd standalone executable, everything works fine. Now I would like to have the puppet master daemon running in passenger. When the first client connects, it gets the correct catalog. However, when other clients connect afterwards, they all get the catalog from the first client... Has someone else experienced this problem?
[2010/07/14 00:45:24] <jamesturnbull> ecolitan: it's a known issue with facter
[2010/07/14 00:45:30] @ Quit: poison: Remote host closed the connection
[2010/07/14 00:45:30] <jamesturnbull> ecolitan: there is a fix in the next release
[2010/07/14 00:45:53] @ jab_doa joined channel #puppet
[2010/07/14 00:48:17] <ecolitan> jamesturnbull: ok, the custom fact doesnt work at all on the puppetmaster server and other client machines, it gets copied to /var/lib/puppet/lib/facter/ but doesnt do anything
[2010/07/14 00:49:04] @ Quit: mfournier: Ping timeout: 276 seconds
[2010/07/14 00:54:20] <jamesturnbull> ecolitan: define "doesn't do anything?"
[2010/07/14 00:56:26] @ Quit: freshtonic: Quit: freshtonic
[2010/07/14 00:57:02] <Volcane> ecolitan: add to [main] of puppet.conf: factpath = $vardir/lib/facter
[2010/07/14 00:57:14] <ecolitan> jamesturnbull: on the puppetmaster the file is in /etc/puppet/modules/custom/lib/facter/filesystem.rb, i see in the log its copied to the client machine into /var/lib/puppet/lib/facter/
[2010/07/14 00:58:32] @ Quit: mgisbers: Ping timeout: 260 seconds
[2010/07/14 00:58:40] <ecolitan> but on the client machine when i run facter\|grep fs i get no ressult
[2010/07/14 00:58:57] <Volcane> ecolitan: facter -p \| grep ...
[2010/07/14 00:58:59] <ecolitan> Volcane: i have that line in the puppet.conf,
[2010/07/14 00:59:01] <marut> `facter --puppet \| grep ..`
[2010/07/14 00:59:30] <ecolitan> ok that works
[2010/07/14 00:59:52] <ecolitan> thanks so much you guys!
[2010/07/14 00:59:52] <Volcane> -p tells it to look in puppets fact path
[2010/07/14 01:01:52] <jamesturnbull> ecolitan: and until next release facter yourfactname will almost never work :)
[2010/07/14 01:02:40] <sejo> is there a way to send customized notices when a recipe is actually ran?
[2010/07/14 01:03:01] <sejo> I'd like to add some stuff to the info that is sent to the reports
[2010/07/14 01:03:16] <Volcane> notify{"meh":}
[2010/07/14 01:03:20] <ecolitan> jamesturnbull: thank you, working slowly through the book :)
[2010/07/14 01:03:35] <sejo> Volcane: that executes whether or not changes are done
[2010/07/14 01:04:10] <sejo> I wish to notice only when a change has been made
[2010/07/14 01:04:35] <Volcane> ah
[2010/07/14 01:04:43] <Volcane> well you didnt say that :)
[2010/07/14 01:04:50] <sejo> example augeas action, is executed -> send notice, not executed -> ignore
[2010/07/14 01:04:52] <Volcane> recipes are always 'ran' :)
[2010/07/14 01:04:57] <sejo> ach :p
[2010/07/14 01:04:59] <sejo> sorry
[2010/07/14 01:05:20] <sejo> I can't seem to find it in the documentation
[2010/07/14 01:05:31] <Volcane> exec{"cowsay meh": logoutput => true, refreshonly => true} :P
[2010/07/14 01:06:09] <Volcane> and notify it, obviously not a solution
[2010/07/14 01:06:11] @ gebi joined channel #puppet
[2010/07/14 01:07:30] @ itguru joined channel #puppet
[2010/07/14 01:07:31] @ Quit: itguru: Changing host
[2010/07/14 01:07:31] @ itguru joined channel #puppet
[2010/07/14 01:07:51] @ poison joined channel #puppet
[2010/07/14 01:08:03] <sejo> Volcane: true not really perhaps I should make a bug for it
[2010/07/14 01:08:16] @ verwilst joined channel #puppet
[2010/07/14 01:08:47] <Volcane> sejo: 2.6 has much better reports,each changing resource is clearly indicated etc
[2010/07/14 01:09:20] <sejo> ideal it would be like <type> { <name>: notice_on_change => "logtext", notice_no_change => "logtext2" }
[2010/07/14 01:09:30] <sejo> fer my usecase :p
[2010/07/14 01:14:10] @ ody joined channel #puppet
[2010/07/14 01:14:23] @ ody is now known as odyi
[2010/07/14 01:14:52] @ fbe joined channel #puppet
[2010/07/14 01:19:53] @ mfournier joined channel #puppet
[2010/07/14 01:20:11] <gettalong> Does anybody else have problems with false catalogs being applied on clients when running puppet master under passenger? Or a solution for this problem?
[2010/07/14 01:23:01] <Volcane> define false?
[2010/07/14 01:23:13] @ MattyM joined channel #puppet
[2010/07/14 01:27:01] @ TREllis joined channel #puppet
[2010/07/14 01:28:10] <itguru> I finally wrote my own module from the ground up, and deployed it, and it works! - woohoo for me!
[2010/07/14 01:28:37] <blkperl> itguru: congrats :)
[2010/07/14 01:28:39] <sejo> congrats itguru
[2010/07/14 01:28:44] <gettalong> volcane: first host-a connects and gets the correct catalog, then host-b connects and gets the catalog from host-a...
[2010/07/14 01:28:46] <itguru> I know it's no big thing really, but now that I understand it to the point of writing a module, I can REALLY see the power of puppet
[2010/07/14 01:28:56] <itguru> :)
[2010/07/14 01:29:08] <Volcane> gettalong: hmm, thats pretty screwed up, never seen that reported
[2010/07/14 01:29:09] <sejo> itguru: I can't but my processor can :p
[2010/07/14 01:29:20] <itguru> Thanks blkperl and sejo hehe! (small pleasures help a sysad not go crazy :)
[2010/07/14 01:29:28] <Volcane> gettalong: when getting the wrong catalog do you see a log line saying its compiling the right one?
[2010/07/14 01:29:35] <joschi> gettalong: do you have any cache running in front of or in your apache httpd?
[2010/07/14 01:30:28] <gettalong> volcane: not using any cache, just apache and passenger 2.2.9
[2010/07/14 01:30:37] * blkperl wants to bash bug 2211 with a hammer so that his module works :/
[2010/07/14 01:30:48] <joschi> is it possible to have File resource only realized, when an Exec resource was run and not realize it when it wasn't (due to unless/onlyif precondition)?
[2010/07/14 01:30:59] <itguru> It took me a more than one attempt, I shall say, to understanding templating, but it makes a bucket load of sense - I'm currently in the process of converting existing config files we have to templates
[2010/07/14 01:31:40] @ TREllis_ joined channel #puppet
[2010/07/14 01:33:08] @ Quit: TREllis: Ping timeout: 252 seconds
[2010/07/14 01:34:09] <sejo> joschi: can you do it with a define that you run in the onlyif? (dunno never tested just an idea)
[2010/07/14 01:34:58] <joschi> sejo: I'm not quite sure what you mean...
[2010/07/14 01:35:11] <Volcane> joschi: not at present
[2010/07/14 01:35:48] <joschi> Volcane: ok, thanks.
[2010/07/14 01:37:48] <ecolitan> when a fact returns multiple comma seperated values eg. /dev/sda1,/dev/sdb1,... how can I in a template get a particular one?
[2010/07/14 01:38:23] <gettalong> volcane: it's a bit strange, for example it says:
[2010/07/14 01:38:27] @ suit joined channel #puppet
[2010/07/14 01:38:35] <joschi> ecolitan: you'll have to split the string yourself
[2010/07/14 01:39:07] <gettalong> volcane: Jul 8 15:55:29 cc puppetmasterd[15090]: Forbidden request: cc.mat.univie.ac.at (131.130.16.7) access to /catalog/soweto.mat.univie.ac.at [find] authenticated at line 52
[2010/07/14 01:39:47] <gettalong> volcane: I had to set "allow *" in auth.conf to get around this and then the false catalog was applied...
[2010/07/14 01:39:48] <joschi> ecolitan: irb(main):001:0> "test1,test2".split(',') => ["test1", "test2"]
[2010/07/14 01:40:04] <joschi> ecolitan: and after that it's a normal array
[2010/07/14 01:40:41] <ecolitan> joschi: and that can be done in the template file itself with ruby syntax?
[2010/07/14 01:40:53] <joschi> ecolitan: yes! it's erb after all ;)
[2010/07/14 01:41:16] <ecolitan> joschi: ok, will give it a go!
[2010/07/14 01:42:28] <Volcane> joschi, ecolitan: puppet manifests have a split function too.
[2010/07/14 01:42:30] @ lkoranda joined channel #puppet
[2010/07/14 01:50:26] @ Geoff1 joined channel #puppet
[2010/07/14 01:57:26] <henk> hi, in the module layout there is a file manifests/default.pp mentioned. i have no idea what the difference between default.pp and init.pp is. does anyone know where that's explained?
[2010/07/14 02:01:49] <blkperl> i usually just use init.pp
[2010/07/14 02:02:57] <sejo> is there an option that will send notices of actions it did not do (because onlyif is not met?)
[2010/07/14 02:05:52] <joschi> henk: maybe the default.pp is included in the init.pp manifest. AFAIK (and that's not much ;) init.pp is the "magic" filename in a puppet module which is loaded when the module is included somewhere
[2010/07/14 02:07:12] <Volcane> henk: defaults.pp would be the class modulename::defaults
[2010/07/14 02:07:14] <joschi> sejo: just was looking for something like that myself, but didn't find any possibility to check that
[2010/07/14 02:07:46] <joschi> Volcane: isn't that dependend on whether there is actually a "class defaults { ... }" in the defaults.pp file?
[2010/07/14 02:07:52] <sejo> joschi: ok thanks.
[2010/07/14 02:08:19] <Volcane> joschi: it would be class modulename::defaults { ... }
[2010/07/14 02:09:44] * sejo is going to see whether he can create a patch that allows it :p
[2010/07/14 02:10:23] <joschi> Volcane: ok, besides that small syntax errorof mine, there's no technical connection between class name and file name, or is there?
[2010/07/14 02:10:55] <Volcane> joschi: there's a direct and specific connection
[2010/07/14 02:11:03] <Volcane> joschi: modulename::foo belongs in modulename/manifests/foo.pp
[2010/07/14 02:11:17] <Volcane> joschi: modulename::foo::bar belongs in modulename/manifests/foo/bar.pp
[2010/07/14 02:11:42] <Volcane> joschi: think about it, you ask for a class with a name, and puppetmaster has to find it on the disk somehow, this is called autoloading and it works by convention
[2010/07/14 02:11:43] <rodjek> joschi: although that's not enforced, it's good practice
[2010/07/14 02:12:02] <Volcane> rodjek: its enforced. the only exception is the main init.pp can have many classes
[2010/07/14 02:12:07] <joschi> Volcane: is that a convention or a technical requirement? I thought the "subclasses" would be included in manifests/init.pp of the module
[2010/07/14 02:12:38] <Volcane> joschi: you can put subclasses in init.pp thats the only exception, if not in init.pp then in files names according to class name
[2010/07/14 02:12:43] <rodjek> Volcane: err, my manifests must work by magic then, cause i've got plenty of working examples of module::foo living in module/gronk.pp
[2010/07/14 02:13:43] <Volcane> rodjek: then you probably have import statements in your init.pp
[2010/07/14 02:14:17] <sejo> am I reading type.rb correct? can we add a noop =: true, to a type?
[2010/07/14 02:14:24] <sejo> =>
[2010/07/14 02:14:24] <Volcane> rodjek: or import statements somewhere else
[2010/07/14 02:14:33] <rodjek> yes, i do. my point is that the layout your prescribing isn't the only way
[2010/07/14 02:14:56] <Volcane> sejo: http://docs.puppetlabs.com/references/stable/metaparameter.html
[2010/07/14 02:15:18] <Volcane> rodjek: its the only way if you want to use auto importing, you're not using auto importing
[2010/07/14 02:15:25] <joschi> Volcane: thanks for clarifying
[2010/07/14 02:15:45] <Volcane> rodjek: so for you, the module layout isnt "working" as much as you've put files in a place and then told it to import those files.
[2010/07/14 02:15:54] <crb> Is anyone able to weigh in on Puppet adding users, and then trying to use them, in the same run? (mailing list post at http://groups.google.com/group/puppet-users/browse_thread/thread/8b3cda86c03f05e1 explains)
[2010/07/14 02:16:28] <rodjek> Volcane: yes. i have a strong dislike of style guides :P a shortcoming of mine
[2010/07/14 02:16:54] <sejo> Volcane: cool, I'll try to add a new metaparam :p
[2010/07/14 02:18:26] <Volcane> rodjek: well then suggesting your way is still a module and that somehow the convention isnt enforced is probably not helping someone who is trying to learn how to use modules, since you're not :)
[2010/07/14 02:18:39] <Volcane> not using modules that is
[2010/07/14 02:18:41] <Legooolas> Does the up2date package provider do gpg key handling/import, or should I get my RHEL boxes to use yum instead?
[2010/07/14 02:19:01] * blkperl wonders who left the #grr in the source code :)
[2010/07/14 02:19:09] <rodjek> Volcane: i wolud argue that it is still a module. along with namespaced manifests, it has facts, types and providers
[2010/07/14 02:19:15] <Volcane> rodjek: puppet had the ability to organize files into groups and then force you to import them for ever, modules introduced convention that removed that need
[2010/07/14 02:19:55] <henk> Volcane, joschi: thanks! sounds interesting... didn't even know about subclasses having their own files and they could be auto imported. gotta read some more about that i guess...
[2010/07/14 02:23:58] @ Quit: \ask: Remote host closed the connection
[2010/07/14 02:24:28] @ Quit: gettalong: Quit: gettalong
[2010/07/14 02:24:43] @ gettalong joined channel #puppet
[2010/07/14 02:27:11] <tim\|mac> wasn't there a script that you could periodically run to remove old entries from the puppetmaster db?
[2010/07/14 02:27:17] <tim\|mac> for exported resources and the like
[2010/07/14 02:27:36] @ DbT_ joined channel #puppet
[2010/07/14 02:29:28] @ Quit: emiddd_: Ping timeout: 260 seconds
[2010/07/14 02:29:57] @ Djelibeybi joined channel #puppet
[2010/07/14 02:30:50] <DbT_> Hi all! I am trying to install foreman on RHEL5, no luck until now. 1st problem: during migration an error is displayed; second problem: when connecting to the foreman webrick on port 3000, it returns a piece of HTML (together with http code 500) with "undefined method `each' for nil:NilClass"
[2010/07/14 02:31:12] <DbT_> I am using storedconfig in mysql an I configured the same db in foreman
[2010/07/14 02:33:52] <alcy> DbT_Which method are you suing to install Foreman ?
[2010/07/14 02:34:04] <alcy> using
[2010/07/14 02:35:31] <DbT_> alcy: I have used the module by Ohad Levy
[2010/07/14 02:35:31] <DbT_> which used the available RPM packages from the foreman repo
[2010/07/14 02:35:49] @ yannL joined channel #puppet
[2010/07/14 02:36:07] <alcy> what's the error during migration
[2010/07/14 02:39:11] @ Quit: Djelibeybi: Quit: Leaving
[2010/07/14 02:42:58] @ Quit: itguru: Remote host closed the connection
[2010/07/14 02:45:57] @ Quit: jab_doa: Quit: Verlassend
[2010/07/14 02:47:04] <DbT_> alcy: unfortunately, I cannot acccess the system at this time (and cannot access IRC when I am at that site), but it was something about 'family' class or relationship which could not be migrated or something like that.
[2010/07/14 02:48:47] @ Quit: gettalong: Quit: gettalong
[2010/07/14 02:49:06] @ gettalong joined channel #puppet
[2010/07/14 02:52:34] @ Geoff1 left channel #puppet ()
[2010/07/14 02:54:38] @ Quit: fbe: Ping timeout: 265 seconds
[2010/07/14 02:56:21] <suit> when you're enabling a service on ubuntu/debian using puppet.. is there a way to specify the priority? e.g. update-rc.d myservice defaults 77 ?
[2010/07/14 03:00:21] @ Quit: gettalong: Read error: Connection reset by peer
[2010/07/14 03:00:32] @ gettalong joined channel #puppet
[2010/07/14 03:02:12] @ fbe joined channel #puppet
[2010/07/14 03:04:48] @ Quit: gettalong: Ping timeout: 240 seconds
[2010/07/14 03:06:43] @ Quit: fbe: Ping timeout: 265 seconds
[2010/07/14 03:10:21] @ Peanut joined channel #puppet
[2010/07/14 03:11:14] <bronto> are configuration variables (e.g.: vardir) available in templates?
[2010/07/14 03:11:41] <bronto> I mean, can one use stuff like <%= vardir %> and it will DWIM?
[2010/07/14 03:11:52] <Volcane> bronto: next release only
[2010/07/14 03:12:08] * bronto sighs...
[2010/07/14 03:12:10] <bronto> OK, thanks
[2010/07/14 03:13:04] <rodjek> bronto: in the meantime you could create a fact that read vardir from your puppet.conf
[2010/07/14 03:13:35] <Peanut> Hi - in puppet, can I ensure that a particular service/port is present in /etc/services ?
[2010/07/14 03:13:55] <bronto> rodjek: I see. OK...
[2010/07/14 03:14:37] <rodjek> Peanut: yeah, you can use Augeas (which comes with a lens for /etc/services) to do that
[2010/07/14 03:14:54] @ Djelibeybi joined channel #puppet
[2010/07/14 03:15:23] <sejo> if you do notify => Type[name] does the receiving Type knows what resource subscribed?
[2010/07/14 03:15:59] <sejo> and can you pass a parameter to it?
[2010/07/14 03:16:00] @ Quit: poison: Read error: Connection reset by peer
[2010/07/14 03:16:07] @ poison joined channel #puppet
[2010/07/14 03:16:30] <Peanut> Oh, I see - there's no direct way to talk to /etc/services from within puppet? Installing Augeas on my nodes is a bit much of a change for ensuring one entry exists in /etc/services :-)
[2010/07/14 03:17:15] @ Quit: londo_: Remote host closed the connection
[2010/07/14 03:18:10] <rodjek> Peanut, well you could just exec { "bleh": command => "echo 'service port' >> /etc/services", unless => "grep 'service port' /etc/services" }
[2010/07/14 03:18:12] <ashp> Peanut: be lazy and just use file{} and copy out an entire /etc/services that includes what you need
[2010/07/14 03:18:31] <rodjek> probably want to make a nice regexp for that grep, but you see the point
[2010/07/14 03:19:03] <Peanut> rodjek: thanks, I'll give that a try. My puppet slaves are all Debian Etch with puppet pinned in Apt to a Lenny release, so it's a bit complicated to just add Augeas.
[2010/07/14 03:19:20] <rodjek> fair enough :)
[2010/07/14 03:20:25] * Peanut can see the added value of Augeas compared to coming up with a bulletproof regexp yourself though ;-)
[2010/07/14 03:21:23] <rodjek> yup
[2010/07/14 03:26:08] @ nexx joined channel #puppet
[2010/07/14 03:33:10] @ londo_ joined channel #puppet
[2010/07/14 03:34:47] @ Quit: ckauhaus: Ping timeout: 252 seconds
[2010/07/14 03:43:26] @ ckauhaus joined channel #puppet
[2010/07/14 03:45:13] @ sts left channel #puppet ()
[2010/07/14 03:46:27] @ Quit: Djelibeybi: Quit: Leaving
[2010/07/14 03:46:59] @ TREllis_ is now known as TREllis
[2010/07/14 04:01:53] <henk> can anyone point me in the right direction regarding module dependencies? i don't quite understand from http://docs.puppetlabs.com/guides/modules.html
[2010/07/14 04:03:44] <Volcane> how do you mean mod dependencies?
[2010/07/14 04:06:17] <henk> Volcane: on that page is a section titled "Internal Organisation". in the last paragraph of that it says "There are cases, however, where the module depends on generic things that most people will already have defines or classes for in their regular manifests. Instead of adding these into the manifests of your module, add them to the depends folder" i don't understand what they are used for or where that'd be sensible...
[2010/07/14 04:07:53] <alcy> henk: You should probably get a few modules from github or elsewhere and see the way they are organized. The ones available from example42 are also pretty cool.
[2010/07/14 04:08:15] <henk> alcy: do you know of one that uses depends?
[2010/07/14 04:08:21] <Volcane> henk: thats just a documentation convention really, doesnt serve any technical merit. it doesnt create dependencies etc
[2010/07/14 04:08:35] <henk> Volcane: oh, ok. thanks
[2010/07/14 04:08:53] <Volcane> dependencies etc are exactly the same as for normal classes
[2010/07/14 04:09:00] <Volcane> require => Class["foo::bar"] etc
[2010/07/14 04:11:18] <henk> ok
[2010/07/14 04:11:32] @ Quit: Qix: Remote host closed the connection
[2010/07/14 04:12:02] <henk> oh, and 'import' is generally not needed with a sensible modules layout, right?
[2010/07/14 04:12:07] <Volcane> yup
[2010/07/14 04:13:58] <henk> if i include a simple class like 'iptables', the init.pp is always loaded, but if i load a class 'iptables::throttling' and there is a 'throttling.pp' in the iptables module, only that is loaded, correct? (disregarding defaults.pp which is loaded in both cases?)
[2010/07/14 04:14:14] <Volcane> defaults.pp doesnt do anything magical
[2010/07/14 04:14:45] <Volcane> people just tend to put a bunch of configuration variables in modname::defaults so they can do like ${modname::defaults::var} in other classes for settings
[2010/07/14 04:14:54] <Volcane> its not a requirement, and doesnt get magically loaded
[2010/07/14 04:15:36] <Volcane> rest is as you say yes, except defaults.pp is not magical at all - its just another class
[2010/07/14 04:16:52] <henk> d'uh, of course, as you mentioned before it's $module::defaults... sorry. i still have to 'include $module::defaults' in the init.pp or other manifests i add to the module if i want to use stuff from defaults.pp, right?
[2010/07/14 04:17:08] <Volcane> yup, include module::defaults
[2010/07/14 04:18:35] <henk> ok, cool, i think that's what i was just missing today :)
[2010/07/14 04:18:39] <henk> Volcane: thanks again!
[2010/07/14 04:22:41] @ gettalong joined channel #puppet
[2010/07/14 04:26:50] <Volcane> cant find jamesturnbull's module now but he recently released one that bootstraps a puppet dev server. it had a defaults like class that demonstrate nicehow how it works
[2010/07/14 04:27:23] <Volcane> guess you can look at my concat too http://github.com/ripienaar/puppet-concat/tree/master/manifests/
[2010/07/14 04:27:32] <Volcane> see the setup module, same idea as the defaults one
[2010/07/14 04:32:05] <henk> Volcane: thank you very much :)
[2010/07/14 04:33:08] @ Quit: ceren: Quit: ceren
[2010/07/14 04:34:32] @ gettalong left channel #puppet ()
[2010/07/14 04:39:10] <alcy> are there any good alternatives for storeconfig ? I have heard nothing but bad things about it from various blogs. I don't need it now, but soon, will.
[2010/07/14 04:40:38] <Volcane> not really, i am going to build something like chef's searchable db with mcollective registration to deal with that
[2010/07/14 04:40:54] <Volcane> but thats just a vague plan atm
[2010/07/14 04:41:13] <Volcane> mcollective registration -> couch db -> full text search in manifests and templates
[2010/07/14 04:42:15] <alcy> masterzen seems to have tinkered with it much, so I guess that should be a reliable-enough solution. glad to know about mcollective's role,, though. its dev is really on a roll ! :D
[2010/07/14 04:42:36] <Volcane> he made the thin configs which should help
[2010/07/14 04:42:51] <Volcane> really though the stored confs as a model doesnt work too hot if you have a distributed system with many masters
[2010/07/14 04:43:08] <Volcane> esp if there is latency between them
[2010/07/14 04:43:54] <alcy> shoudl be ok with <50 masters ?
[2010/07/14 04:44:06] <Volcane> 50 masters? wtf :)
[2010/07/14 04:44:42] <alcy> too less or tto high ? :P
[2010/07/14 04:44:54] <Volcane> problem is, say you have masters in 3 countries
[2010/07/14 04:45:00] <Volcane> or DCs or whatever
[2010/07/14 04:45:04] <Volcane> each serving machines in that dc
[2010/07/14 04:45:15] <Volcane> but say monitoring needs a global view of all the resources
[2010/07/14 04:45:32] <Volcane> this makes it pretty hard, cos you have nodes checking on various masters who all have to go into some DB
[2010/07/14 04:45:44] <Volcane> yet the db needs to have a global consistant state
[2010/07/14 04:46:15] <Volcane> many approaches to deal with it around things like middleware, replication, etc, but fairly painful over slow links and will probably kill performance of compiles depending how you do it
[2010/07/14 04:46:50] <Volcane> and things go weird when links between DC/countries are off for example
[2010/07/14 04:48:13] <Volcane> so thats quite a significant problem to deal with
[2010/07/14 04:48:21] <alcy> http://theforeman.org/projects/foreman/wiki/Puppet_Facts#But-I-have-many-puppet-masters-or-Foreman-is-on-another-server seems to address the issue somwhat
[2010/07/14 04:48:47] <Volcane> yes, i think the idea of searching for machines matching criteria is much more sane in general than the exporting of resources approach
[2010/07/14 04:51:15] @ Quit: shug: Quit: Leaving
[2010/07/14 04:52:04] <Volcane> still. I hope to build something that let me have the searchable resource automagically replicate into each dc/country and that compiles/runs in that country doesnt require access to some central resource like a foreman host.
[2010/07/14 04:52:47] <Volcane> soething like foremans query interface http://theforeman.org/projects/foreman/wiki/Query_Interface
[2010/07/14 04:53:18] @ ceren joined channel #puppet
[2010/07/14 04:54:08] <alcy> foreman does have a lot of answers.
[2010/07/14 04:54:28] <Volcane> yup
[2010/07/14 04:55:18] <alcy> I wish there more devs/users to help the project though !
[2010/07/14 04:57:07] * alcy doesn't feel like re-iterating his noobness.
[2010/07/14 04:59:11] <fenris02> is foreman meant to operate in the same space as mcollective/func ?
[2010/07/14 04:59:59] <Volcane> fenris02: no its a kind of thing like cobbler and dashboard combined - a web ui that drives deploys and such
[2010/07/14 05:00:25] <fenris02> neat
[2010/07/14 05:06:32] <henk> another question about manifests: if i 'include iptables', modules/iptables/manifests/init.pp is loaded. when i 'include iptables::throttling', modules/iptables/manifests/throttling.pp is loaded, right? how about a second level of subclassing, i.e. 'include iptables::throttling::ssh'?
[2010/07/14 05:06:50] <Volcane> modules/iptables/manifests/throttling/ssh.pp
[2010/07/14 05:07:13] <Volcane> personally i'd like to iptables::throttling to come from either modules/iptables/manifests/throttling.pp or modules/iptables/manifests/throttling/init.pp
[2010/07/14 05:07:20] <Volcane> but my ticket on that point has been unloved
[2010/07/14 05:08:14] <henk> huh? i thought atm it is coming from modules/iptables/manifests/throttling.pp? or do you mean iptables::throttling::ssh?
[2010/07/14 05:08:47] <Volcane> at the moment its as above, I'd like the throttling/init.pp thing as an enhancement, its not there now
[2010/07/14 05:09:36] @ Quit: gebi: Ping timeout: 260 seconds
[2010/07/14 05:16:36] @ ahasenack joined channel #puppet
[2010/07/14 05:20:13] @ Quit: DbT_: Ping timeout: 240 seconds
[2010/07/14 05:20:50] @ vachon joined channel #puppet
[2010/07/14 05:21:31] <vachon> hey all, im kinda stuck... i have a module/class blah and a blah::class2, do i need to include or is it auto-included
[2010/07/14 05:21:47] <vachon> the class2 class of course
[2010/07/14 05:22:04] <henk> Volcane: ah ok. yeah, i guess that'd make it more consistent...
[2010/07/14 05:22:28] <Volcane> henk: yeah just nice to know all throttle related stuff is in one dir rather than in throttle subdir and one dir up
[2010/07/14 05:23:36] <henk> definitely!
[2010/07/14 05:24:11] <fenris02> what does throttling reference?
[2010/07/14 05:24:35] @ DbT_ joined channel #puppet
[2010/07/14 05:26:15] <henk> fenris02: sorry?
[2010/07/14 05:27:03] <henk> fenris02: i don't understand what you are asking i'm afraid...
[2010/07/14 05:28:42] <henk> Volcane: regarding you module structure (::install, ::config, ::service): does it make sense to put those subclasses in their own .pp? atm i can't think of any reason, but perhaps i am missing something...
[2010/07/14 05:29:00] <Volcane> henk: yes they are in sep file
[2010/07/14 05:29:02] <fenris02> are you throttling messages, bandwidth/traffic, or resources allocated ?
[2010/07/14 05:30:00] <vachon> well that kinda plugs in where i am stuck, would you have to include ::install or is it autoincluded or only auto-imported or is something else the right thing to do?
[2010/07/14 05:30:52] <lisa> in a file {} definition for the source => component can i use $name to refer to the name of the file (eg file { "/etc/foo": source => "puppet:///files/$name" } as $name to an expansion to puppet:///files/etc/foo ?
[2010/07/14 05:30:55] <henk> fenris02: generally this class will hold all classes doing any kind of throttling with iptables. in fact there is only one class doing this atm and it's using the recent module to throttle new connections to port 22...
[2010/07/14 05:31:06] <fenris02> vachon, isnt it safer to just manually include lines? files will not be included multiple times regardless
[2010/07/14 05:31:20] <henk> Volcane: thanks
[2010/07/14 05:31:26] <vachon> fenris02: multiple includes is harmless if you code it right
[2010/07/14 05:31:28] <agaffney> lisa: I don't think that $name can be used outside of a define, but then I've never tried it
[2010/07/14 05:31:42] <vachon> esp is module/class scope
[2010/07/14 05:32:40] @ alcy left channel #puppet ()
[2010/07/14 05:33:16] <lisa> agaffney: ah. well that'll suck if it doesn't work! :) there's 33 files to this shorewall class!
[2010/07/14 05:34:28] @ seanos joined channel #puppet
[2010/07/14 05:34:47] @ emiddd_ joined channel #puppet
[2010/07/14 05:36:53] @ bodepd joined channel #puppet
[2010/07/14 05:42:13] @ Quit: ckauhaus: Quit: Leaving.
[2010/07/14 05:42:45] @ Quit: bug: Quit: bug
[2010/07/14 05:53:19] @ radkin joined channel #puppet
[2010/07/14 05:53:56] @ herdingcat joined channel #puppet
[2010/07/14 06:00:57] @ nanliu joined channel #puppet
[2010/07/14 06:03:50] @ Quit: p3rror: Ping timeout: 252 seconds
[2010/07/14 06:05:05] @ shug joined channel #puppet
[2010/07/14 06:05:59] @ p3rror joined channel #puppet
[2010/07/14 06:06:54] @ jumex joined channel #puppet
[2010/07/14 06:10:52] @ Quit: robinbowes: Ping timeout: 265 seconds
[2010/07/14 06:14:42] <lisa> is the redmine having problems?
[2010/07/14 06:21:34] @ gebi joined channel #puppet
[2010/07/14 06:24:16] @ pheezy joined channel #puppet
[2010/07/14 06:24:32] <ohadlevy> Volcane: what did I do wrong? :)
[2010/07/14 06:24:50] * Volcane dont think he mentioned something wrong :P
[2010/07/14 06:25:42] <tim\|mac> ohadlevy: you weren't at puppetcamp in gent! that's a big wrong :P
[2010/07/14 06:26:07] <ohadlevy> tim\|mac: hmm.. maybe next year when I'm not living in apac anymore :)
[2010/07/14 06:26:17] <tim\|mac> ;-)
[2010/07/14 06:31:01] @ ckauhaus joined channel #puppet
[2010/07/14 06:38:01] @ Quit: pheezy: Remote host closed the connection
[2010/07/14 06:38:32] <nahamu> Volcane, your mcollective provisioner looks really cool
[2010/07/14 06:38:55] <Volcane> thanks
[2010/07/14 06:39:57] @ cliff-hm joined channel #puppet
[2010/07/14 06:42:29] @ bobbyz joined channel #puppet
[2010/07/14 06:42:34] @ MinSkleip joined channel #puppet
[2010/07/14 06:43:12] <MinSkleip> Hi there
[2010/07/14 06:44:20] <MinSkleip> I have a question about puppet and templates, is there any way to not transfer the template to the client if it hasn't changed since the last run?
[2010/07/14 06:45:01] <vachon> MinSkleip: define transfer
[2010/07/14 06:45:57] <MinSkleip> I noticed that the template content is being copied from the server to the client each time I run puppetd on the client
[2010/07/14 06:46:26] <MinSkleip> regardless if there are any changes to the resulting file or not
[2010/07/14 06:46:34] <vachon> i have not seen this... you sure you arent using a dynamic variable somewhere in it that is causing it to be reevaluated?
[2010/07/14 06:47:27] <MinSkleip> I did a test with a large template without variables
[2010/07/14 06:48:10] <vachon> hrm... i have a small one puppet.conf to be precise, and it only copies when it changes
[2010/07/14 06:48:55] <MinSkleip> I'm using puppet version 0.25.5
[2010/07/14 06:49:39] <vachon> ah, im on .25.4, not sure if that makes a diff, i know .25.5 has an issue with facts that end in ":", check redmine
[2010/07/14 06:49:45] <MinSkleip> this does not happen with files (source => 'puppet:/// etc), only with templates
[2010/07/14 06:49:49] <vachon> but the : issue isnt yours
[2010/07/14 06:52:37] <MinSkleip> I'll test with .25.4 and get back to you
[2010/07/14 06:53:21] @ jdcasey joined channel #puppet
[2010/07/14 06:57:24] @ sebas891 left channel #puppet ()
[2010/07/14 07:00:00] @ lutter joined channel #puppet
[2010/07/14 07:01:29] <MinSkleip> vachon: same issue with 0.25.4
[2010/07/14 07:01:48] <vachon> odd, wonder why i dont see it
[2010/07/14 07:01:56] <Volcane> MinSkleip: thats how it works, the comparison happens on the client
[2010/07/14 07:02:13] <Volcane> MinSkleip: the master has no idea if whats on the node is different or not
[2010/07/14 07:03:25] <MinSkleip> why doesn't it just compare hashes instead like it does with static files?
[2010/07/14 07:04:18] <Volcane> MinSkleip: cos the processing of the template happens at compile time when it has access to the node facts and scope of your manifests, the hashing stuff happens as you request each file since files are independant from the compiled state
[2010/07/14 07:07:58] <MinSkleip> couldn't it save the result from the compile and use it for hashing the same way it does with files?
[2010/07/14 07:08:24] <Volcane> probably could, i dont think its ever been considered a problem. are you building massive files with templates?
[2010/07/14 07:08:39] @ santoroj1 joined channel #puppet
[2010/07/14 07:08:51] @ bug joined channel #puppet
[2010/07/14 07:10:19] <MinSkleip> I have a snort config which needs to be updated with the current ip address of the client (validated every minute). as there are many clients, this will use lots of network bandwidth
[2010/07/14 07:10:27] @ Quit: kenneho: Quit: Ex-Chat
[2010/07/14 07:12:03] @ jab_doa joined channel #puppet
[2010/07/14 07:12:06] @ mapu joined channel #puppet
[2010/07/14 07:12:58] <Volcane> and how often do your nodes run puppet?
[2010/07/14 07:13:18] <MinSkleip> once every minute
[2010/07/14 07:13:28] <vachon> eek
[2010/07/14 07:13:42] <Volcane> that isnt a design that will work well no matter what you do :)
[2010/07/14 07:13:45] <MinSkleip> that is because the snort.conf will have a variable with ppp0 IP, changing often enough to cause troubles
[2010/07/14 07:14:13] <Volcane> puppet's infrastructure doesnt deal well with "many clients" checking in that frequently
[2010/07/14 07:14:29] <Volcane> I'd probably approach the problem with puppet copying out a file - not the final file
[2010/07/14 07:14:42] <Volcane> and a cron on the node that takes the puppet supplied file and fill in the ip. that makes the final ip
[2010/07/14 07:14:49] <Volcane> that will scale regardless of how many nodes you have
[2010/07/14 07:14:55] <Volcane> sounds hacky, but its much better
[2010/07/14 07:15:09] <Volcane> cos even when your nodes are offline, or master down, your snort capabiltiy remains current
[2010/07/14 07:15:21] @ eidolon joined channel #puppet
[2010/07/14 07:15:51] <Volcane> for somethig critical like that, I'd always attempt to have the changes be made when the master/network/dns/other outages happen
[2010/07/14 07:16:13] @ ecapriolo joined channel #puppet
[2010/07/14 07:16:46] <vachon> even with a huge master cluster that would just cry, imho
[2010/07/14 07:17:10] <Volcane> yup, its never going to work to go down that design route
[2010/07/14 07:17:37] <MinSkleip> that's true.
[2010/07/14 07:17:52] <vachon> i do it every 5 minutes for snort.conf and that is pushing it (only 5 servers), the file is just to frigging big
[2010/07/14 07:18:28] <Volcane> if you really wanted to do a round trip to the master I'd use a concat system
[2010/07/14 07:18:30] <MinSkleip> the nice thing though is that puppet can restart snort when ppp0 gets a new ip
[2010/07/14 07:18:35] @ Quit: mapu: Quit: No Ping reply in 180 seconds.
[2010/07/14 07:18:41] <Volcane> copy hte bulk of the file out with a file - not template - and just template in the dynamic bits
[2010/07/14 07:18:53] <vachon> Volcane: shamelessly but correctly plugging his module
[2010/07/14 07:18:57] <Volcane> :)
[2010/07/14 07:19:01] @ mapu joined channel #puppet
[2010/07/14 07:19:07] <Volcane> infact, you could avoid that completely
[2010/07/14 07:19:20] <Volcane> since my module can include purely local generated non puppet manage content into a final file
[2010/07/14 07:19:21] <vachon> technically ageaus COULD do it, but no one ever wants to make a lens
[2010/07/14 07:19:39] <Volcane> cron can just make a file with the line containing your ip, concat can incorporate it into the final file
[2010/07/14 07:19:55] <Volcane> and still restart snort based on config file changing
[2010/07/14 07:20:17] @ Quit: ckauhaus: Ping timeout: 252 seconds
[2010/07/14 07:20:38] <MinSkleip> great idea
[2010/07/14 07:20:50] <vachon> Volcane: you do anything for CI? I'm been bouncing the idea around with hudson
[2010/07/14 07:20:56] <Volcane> still, you dont want to run clients every minute no matter how much you streamline that part
[2010/07/14 07:21:05] <Volcane> vachon: nope
[2010/07/14 07:21:10] <vachon> testing on production isnt exactly correct (granted its not live yet)
[2010/07/14 07:21:17] <Volcane> have staging boxes
[2010/07/14 07:21:44] <vachon> im thinking vm's, i have to replicate something that is un-replicateable with hardware we have
[2010/07/14 07:22:07] <Volcane> yeah, its a horribly hard problem to solve
[2010/07/14 07:22:22] <vachon> stupid 20k firewalls and such
[2010/07/14 07:23:34] @ pheezy joined channel #puppet
[2010/07/14 07:24:16] <MinSkleip> Can I have puppet check just one module every minute without contacting the puppetmaster?
[2010/07/14 07:24:32] <Volcane> MinSkleip: you can run masterless puppet - using 'puppet' and not 'puppetd'
[2010/07/14 07:24:39] <Volcane> MinSkleip: if you put hte puppet manifests on the node
[2010/07/14 07:24:40] @ Quit: m1nish: Quit: Leaving
[2010/07/14 07:25:56] <MinSkleip> ah yes, that'll work
[2010/07/14 07:25:57] <MinSkleip> thanks!
[2010/07/14 07:30:50] @ notbrien joined channel #puppet
[2010/07/14 07:32:49] @ littleidea joined channel #puppet
[2010/07/14 07:33:28] @ fluxdude joined channel #puppet
[2010/07/14 07:34:16] <MinSkleip> thanks again, I'll come back with more questions ;)
[2010/07/14 07:35:27] @ Quit: alexs_: Ping timeout: 265 seconds
[2010/07/14 07:38:33] @ Quit: MinSkleip: Ping timeout: 252 seconds
[2010/07/14 07:38:47] @ Quit: littleidea: Quit: littleidea
[2010/07/14 07:39:55] @ ckdake1 left channel #puppet ()
[2010/07/14 07:40:41] @ ckauhaus joined channel #puppet
[2010/07/14 07:42:05] <ashp> i just crunched our webstats and i'm sad to find 400k hits from netscape 4
[2010/07/14 07:42:09] <ashp> as well as hits from windows 95
[2010/07/14 07:42:39] <Volcane> bots
[2010/07/14 07:42:54] <Volcane> (hopefully) :)
[2010/07/14 07:43:18] <ashp> this is a university so it's probably some crusty professor
[2010/07/14 07:43:21] <ashp> who refuses to update
[2010/07/14 07:43:33] <Volcane> redirect him to goatse :P
[2010/07/14 07:44:02] <Volcane> i find thats very effective against idiots who img src images from my servers into their shitty myspace profiles
[2010/07/14 07:44:36] <ashp> my original aim with all this processing was just to get a list of user agents so i can write a script to delete all the lines featuring searchbots
[2010/07/14 07:44:45] <ashp> so i can find out what legacy content is still actually being visited by real people
[2010/07/14 07:44:56] <Volcane> many bots just fake browser headers :(
[2010/07/14 07:45:05] @ themroc is now known as themroc_climhs
[2010/07/14 07:45:13] <ashp> yeah, that's killing me, i was hoping that we could tell what was supposed to still be served by the logfiles
[2010/07/14 07:45:26] <ashp> as not one single person here knows what content should or shouldn't exist anymore
[2010/07/14 07:45:33] <Volcane> nasty
[2010/07/14 07:45:34] <Tonnerre> I think one of my scripts sets the UserAgent to fake-browser/1.0
[2010/07/14 07:46:39] <ashp> I just feel we should open up a new space and say "hey if you previously maintained your site via sftp you better upload it again as we're deleting anything not updated in the last 24 months!"
[2010/07/14 07:46:42] <Tonnerre> Because somebody's website was filtering for «libwww» in the UA
[2010/07/14 07:46:48] <ashp> but nobody will ever, ever, ever, ever, allow that :(
[2010/07/14 07:47:14] @ Quit: ckauhaus: Ping timeout: 252 seconds
[2010/07/14 07:48:04] @ sebas891 joined channel #puppet
[2010/07/14 07:48:07] <ashp> oh god why do the developers insist on setting php_value's in apache
[2010/07/14 07:48:35] @ Quit: Guest37091: Remote host closed the connection
[2010/07/14 07:50:59] @ Yogesh joined channel #puppet
[2010/07/14 07:51:16] <Yogesh> Hello Guys
[2010/07/14 07:51:25] <Yogesh> I have some queries
[2010/07/14 07:51:41] <Yogesh> can any one help here
[2010/07/14 07:52:08] @ rcrowley joined channel #puppet
[2010/07/14 07:52:16] <ohadlevy> Yogesh: not much if you dont ask :)
[2010/07/14 07:52:20] <ashp> we can try!
[2010/07/14 07:52:23] <ashp> (hey ohad!)
[2010/07/14 07:52:35] <Yogesh> Good Joke
[2010/07/14 07:52:38] <Yogesh> anyways
[2010/07/14 07:52:43] <Yogesh> I just want to see the puppet interface
[2010/07/14 07:52:46] <Yogesh> how it looks like
[2010/07/14 07:52:59] <Yogesh> as there are no images on the website
[2010/07/14 07:53:05] <Yogesh> so its an incomplete website
[2010/07/14 07:53:19] <Volcane> you mean puppet dashboard?
[2010/07/14 07:53:29] <Volcane> puppet itself has as its intgerface your text editor and shell.
[2010/07/14 07:54:09] <ohadlevy> ashp: whatsup
[2010/07/14 07:54:21] <ashp> webserver nightmares, same as every day lately ;)
[2010/07/14 07:54:23] <Yogesh> well
[2010/07/14 07:54:36] <Yogesh> after the complete installation how it looks
[2010/07/14 07:54:39] <Yogesh> I want to see that
[2010/07/14 07:54:52] <ohadlevy> Yogesh: you might be in the wrong channel ;)
[2010/07/14 07:55:48] <Yogesh> well where I should contact
[2010/07/14 07:55:49] @ robinbowes joined channel #puppet
[2010/07/14 07:56:11] <ohadlevy> Yogesh: what are you expecting to see?
[2010/07/14 07:56:25] <Volcane> Yogesh: there's soe shots of the dashboard here http://www.puppetlabs.com/blog/puppet-labs-announces-puppet-dashboard-v1-0/ but mostly you are going to work in a text editor and manage a unix service
[2010/07/14 07:56:49] <Volcane> Yogesh: the dashboard is a reporting / classification interface, most work happens in source code like programming
[2010/07/14 07:57:10] <Yogesh> ok
[2010/07/14 07:58:04] <ohadlevy> Yogesh: there are also screenshots of foreman here: http://theforeman.org/projects/foreman/wiki/Screenshots
[2010/07/14 08:03:16] @ tonyskapunk joined channel #puppet
[2010/07/14 08:04:50] @ Quit: santoroj1: Ping timeout: 252 seconds
[2010/07/14 08:06:22] @ santoroj1 joined channel #puppet
[2010/07/14 08:06:46] @ WALoeIII joined channel #puppet
[2010/07/14 08:10:05] @ Quit: bodepd: Quit: bodepd
[2010/07/14 08:13:00] * duritong trying out 2.6
[2010/07/14 08:13:02] <duritong> I get err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate':
[2010/07/14 08:13:17] <duritong> err: /File[/var/lib/puppet/lib]: Failed to retrieve current state of resource: Could not retrieve file metadata for puppet://puppet.example.com/plugins:
[2010/07/14 08:13:22] <duritong> err: Could not retrieve catalog from remote server:
[2010/07/14 08:13:22] <duritong> warning: Not using cache on failed catalog
[2010/07/14 08:13:22] <duritong> err: Could not retrieve catalog; skipping run
[2010/07/14 08:13:31] @ Olly joined channel #puppet
[2010/07/14 08:13:35] <duritong> that's on a 0.25.5 client
[2010/07/14 08:13:40] <duritong> anybody else encounters that?
[2010/07/14 08:13:44] @ Olly is now known as Guest7067
[2010/07/14 08:14:16] <vachon> do you have pluginsync enabled?
[2010/07/14 08:14:20] @ Guest7067 is now known as olly_
[2010/07/14 08:14:23] @ olly_ is now known as olly__
[2010/07/14 08:14:54] <olly__> is it possible to copy the contents of a folder in the puppet fileserver, into a remote folder?
[2010/07/14 08:15:22] <vachon> olly__: yes, look at recurse in the file doc's
[2010/07/14 08:15:42] <vachon> that said, its not exactly a great performance thing
[2010/07/14 08:15:51] <vachon> vcsrepo is much better imo
[2010/07/14 08:17:08] @ Quit: mapu: Read error: Connection reset by peer
[2010/07/14 08:18:17] @ jmccune joined channel #puppet
[2010/07/14 08:18:58] @ bodepd joined channel #puppet
[2010/07/14 08:24:12] @ rhinoman joined channel #puppet
[2010/07/14 08:24:38] @ lak joined channel #puppet
[2010/07/14 08:26:00] <olly__> vachon, thanks. its only a couple of files
[2010/07/14 08:26:17] <olly__> vachon, put they change depending on environment. so i just wanted them in a folder
[2010/07/14 08:26:21] <vachon> jsut remember on every run it md5's the entire dir's contents
[2010/07/14 08:27:04] <olly__> vachon, i could change the checksum to md5lite if that became a problem right?
[2010/07/14 08:27:22] <vachon> could
[2010/07/14 08:28:36] @ Quit: mfournier: Ping timeout: 248 seconds
[2010/07/14 08:28:47] @ Quit: rhinoman: Ping timeout: 252 seconds
[2010/07/14 08:31:21] @ Quit: p3rror: Read error: Operation timed out
[2010/07/14 08:35:31] @ Quit: DbT_: Quit: zzzz
[2010/07/14 08:35:55] * duritong looks like a not directly 2.6 related problem
[2010/07/14 08:36:28] @ simpel joined channel #puppet
[2010/07/14 08:36:31] @ simpel is now known as simplechat
[2010/07/14 08:39:10] @ Quit: TREllis: Quit: leaving
[2010/07/14 08:39:12] @ Quit: sdog: Quit: Leaving.
[2010/07/14 08:44:30] @ Quit: bodepd: Quit: bodepd
[2010/07/14 08:44:48] @ bodepd joined channel #puppet
[2010/07/14 08:46:42] @ Quit: bodepd: Client Quit
[2010/07/14 08:47:29] @ kaptk2 joined channel #puppet
[2010/07/14 08:48:47] @ Quit: verwilst: Quit: Ex-Chat
[2010/07/14 08:50:48] @ Quit: WALoeIII: Ping timeout: 240 seconds
[2010/07/14 08:50:58] <simplechat> Hey anyone around
[2010/07/14 08:50:59] <simplechat> ?
[2010/07/14 08:53:00] @ notbrien_ joined channel #puppet
[2010/07/14 08:53:03] @ zooz joined channel #puppet
[2010/07/14 08:53:41] <zooz> how do I clean/delete certs/keys on a node itself? (used to be connected to some old puppetmaster)
[2010/07/14 08:53:52] @ Quit: notbrien_: Read error: Connection reset by peer
[2010/07/14 08:53:54] <bhearsum> rm -rf /var/lib/puppet/ssl, usually
[2010/07/14 08:53:55] <agaffney> zooz: rm -rf /var/lib/puppet/ssl/*
[2010/07/14 08:53:59] <bhearsum> sometimes its in /etc/puppet/ssl
[2010/07/14 08:54:05] <zooz> oh, cool, thanks
[2010/07/14 08:54:31] <zooz> is it save to delete subdirs of /var/lib/puppet/ssl/ ?
[2010/07/14 08:54:32] @ notbrien_ joined channel #puppet
[2010/07/14 08:55:00] @ Quit: notbrien: Ping timeout: 260 seconds
[2010/07/14 08:55:01] @ Quit: notbrien_: Read error: Connection reset by peer
[2010/07/14 08:55:20] <zooz> s/save/safe/
[2010/07/14 08:55:30] <bhearsum> on a client, it shoul be
[2010/07/14 08:55:42] @ notbrien joined channel #puppet
[2010/07/14 08:56:10] @ Quit: notbrien: Remote host closed the connection
[2010/07/14 08:56:52] @ scottz_ joined channel #puppet
[2010/07/14 08:56:54] @ notbrien joined channel #puppet
[2010/07/14 08:57:21] @ Quit: notbrien: Remote host closed the connection
[2010/07/14 08:57:37] @ Quit: jab_doa: Quit: Verlassend
[2010/07/14 08:57:52] @ Quit: Yogesh: Quit: Page closed
[2010/07/14 08:58:04] @ notbrien joined channel #puppet
[2010/07/14 08:58:33] @ Quit: Pupeno: Quit: http://pupeno.com
[2010/07/14 08:58:34] @ Quit: notbrien: Remote host closed the connection
[2010/07/14 08:58:48] <zooz> find /var/lib/puppet/ssl/ -type f -exec rm -f {} \;
[2010/07/14 08:58:54] <zooz> just to be sure :-)
[2010/07/14 08:59:16] @ notbrien joined channel #puppet
[2010/07/14 08:59:49] @ Quit: notbrien: Read error: Connection reset by peer
[2010/07/14 09:00:12] <Beens> you can do -delete as find option (bit easier ;))
[2010/07/14 09:00:26] @ notbrien joined channel #puppet
[2010/07/14 09:00:56] @ Quit: notbrien: Remote host closed the connection
[2010/07/14 09:01:08] <simplechat> Is there any way to specify a large list of packages to install?
[2010/07/14 09:01:16] <simplechat> without needing hundreds of package {} statements?
[2010/07/14 09:01:33] <Volcane> simplechat: package{["one", "two", "three"]: ensure => present}
[2010/07/14 09:01:39] <Volcane> simplechat: any array
[2010/07/14 09:01:40] <zooz> $packagelist = ["package1", "package2"]
[2010/07/14 09:01:41] @ notbrien joined channel #puppet
[2010/07/14 09:01:58] <simplechat> Volcane, thanks :d
[2010/07/14 09:02:05] @ Quit: notbrien: Remote host closed the connection
[2010/07/14 09:02:11] <simplechat> :D
[2010/07/14 09:02:16] <emag> so, will Bad Things(tm) like "exhaust all available connections to MySQL" happen if puppet 0.25.4 is run with, say, rails 2.1.0? (this is mostly rhetorical)
[2010/07/14 09:02:50] @ notbrien joined channel #puppet
[2010/07/14 09:03:09] @ toi joined channel #puppet
[2010/07/14 09:03:18] @ Quit: notbrien: Remote host closed the connection
[2010/07/14 09:04:01] @ notbrien joined channel #puppet
[2010/07/14 09:05:06] @ Quit: radkin: Remote host closed the connection
[2010/07/14 09:05:48] @ Quit: jmccune: Ping timeout: 240 seconds
[2010/07/14 09:07:02] @ mfournier joined channel #puppet
[2010/07/14 09:07:25] @ Quit: lak: Quit: lak
[2010/07/14 09:08:34] @ p3rror joined channel #puppet
[2010/07/14 09:09:59] @ Quit: mikepea: Remote host closed the connection
[2010/07/14 09:10:13] <simplechat> Hey guys if i have a class that defines something (say sudoers) is there any easy way to override its source file for an inherited class?
[2010/07/14 09:10:40] @ zz_shenson is now known as shenson
[2010/07/14 09:13:03] <jbooth> Yes, see overriding resources in the docs. There's also an alternate way to do it in the virtual/exported resources docs.
[2010/07/14 09:13:09] @ vachon left channel #puppet ()
[2010/07/14 09:13:40] @ mikepea joined channel #puppet
[2010/07/14 09:17:56] @ mikepea_ joined channel #puppet
[2010/07/14 09:19:11] <simplechat> jbooth, docs as in the wiki?
[2010/07/14 09:19:48] @ Quit: p3rror: Ping timeout: 248 seconds
[2010/07/14 09:19:50] <jbooth> As in the wiki or on puppetlabs itself.
[2010/07/14 09:19:57] @ Quit: drbob: Quit: Lost terminal
[2010/07/14 09:19:57] <jbooth> I think most of them I mentioned are on puppetlabs not hte wiki
[2010/07/14 09:20:14] <Volcane> the language tutorial
[2010/07/14 09:20:46] @ DbT_ joined channel #puppet
[2010/07/14 09:20:48] <simplechat> jbooth, i can't seem to find it :(
[2010/07/14 09:20:53] * simplechat is still very green at puppet stuff
[2010/07/14 09:20:57] @ Quit: mikepea: Ping timeout: 246 seconds
[2010/07/14 09:20:57] @ mikepea_ is now known as mikepea
[2010/07/14 09:21:22] @ Quit: DbT_: Read error: Connection reset by peer
[2010/07/14 09:21:33] @ DbT_ joined channel #puppet
[2010/07/14 09:22:36] <simplechat> and for some reason google can't seem to give me particularly specific results :(
[2010/07/14 09:24:49] @ bodepd joined channel #puppet
[2010/07/14 09:25:27] <simplechat> Like say i'm trying to work out if i can get puppet to run an exec if a specific file isn't found (trying to run a build on a puppet node). I can't seem to get a single decent google result
[2010/07/14 09:25:46] @ gmcquillan joined channel #puppet
[2010/07/14 09:25:53] @ PhabX joined channel #puppet
[2010/07/14 09:26:48] <Volcane> simplechat: there are a few key docs, the language tutorial, the type reference and the function reference
[2010/07/14 09:27:03] <Volcane> simplechat: those are all on docs.puppetlabs.com and should be your reference for all the core functionality and langauge constructs
[2010/07/14 09:27:18] <simplechat> language tutorial is http://docs.puppetlabs.com/guides/language_tutorial.html ?
[2010/07/14 09:27:18] @ lak joined channel #puppet
[2010/07/14 09:27:28] @ sdog joined channel #puppet
[2010/07/14 09:27:45] @ Quit: sdog: Changing host
[2010/07/14 09:27:45] @ sdog joined channel #puppet
[2010/07/14 09:27:55] <jbooth> looks right, yeah
[2010/07/14 09:27:59] <Volcane> :)
[2010/07/14 09:28:02] <Volcane> oops...
[2010/07/14 09:28:10] @ Quit: bodepd: Client Quit
[2010/07/14 09:28:24] <jbooth> and ref:types and ref:functions if I have my syntax right for the bot.
[2010/07/14 09:28:32] <jbooth> ... that'd be a no.
[2010/07/14 09:28:46] <simplechat> i'm looking at it, but say i want to know how to make exec only run if it hasn't already built it
[2010/07/14 09:29:05] <jbooth> look up the type reference and read through exec's options.
[2010/07/14 09:29:06] <simplechat> but its not in the language guide, which is where i'd expect it :(
[2010/07/14 09:29:12] <simplechat> type reference?
[2010/07/14 09:29:13] <simplechat> ok
[2010/07/14 09:29:14] @ Quit: poison: Remote host closed the connection
[2010/07/14 09:29:14] <Volcane> simplechat: then read the type reference, see what the options to exec are and determine if they do what u want
[2010/07/14 09:29:28] <Volcane> exec is a type - all the foo{...: } stuff are types
[2010/07/14 09:29:41] <simplechat> type references as http://docs.puppetlabs.com/guides/types/ ?
[2010/07/14 09:29:43] @ WALoeIII joined channel #puppet
[2010/07/14 09:29:48] @ Quit: bobbyz: Ping timeout: 240 seconds
[2010/07/14 09:30:08] <jbooth> You're probably looking for 'creates' in this case, but you might want unless or onlyif instead, depending.
[2010/07/14 09:30:38] <simplechat> creates?
[2010/07/14 09:30:39] <jbooth> FWIW, if your exec 'builds' something, that might be a sign that you should package 'something' and just use the native package type. Having execs build things tends to get ... hairy.
[2010/07/14 09:31:09] <simplechat> I know, but we are still trying to work out how to build new debian repositories/.debs/etc
[2010/07/14 09:31:17] @ HCoyote left channel #puppet ()
[2010/07/14 09:31:25] <simplechat> plus we have to do other configuration to say unbreak the xen debian packages :)
[2010/07/14 09:31:34] <simplechat> (they need symlinks and the like that arn't in there by default)
[2010/07/14 09:31:43] <Volcane> simplechat: you dont use exec to do that
[2010/07/14 09:31:52] <Volcane> simplechat: puppet has a file type to manage files, dirs, links etc
[2010/07/14 09:32:13] @ Hypnoz joined channel #puppet
[2010/07/14 09:32:25] <simplechat> I've seen them
[2010/07/14 09:32:32] <simplechat> i'm not sure how i'd do this for things like network bridges and the like
[2010/07/14 09:34:20] <simplechat> like i need to add a new network bridge if it doesn't already exist
[2010/07/14 09:34:30] @ Quit: ecolitan: Remote host closed the connection
[2010/07/14 09:34:35] <simplechat> so i should use onlyif? :)
[2010/07/14 09:34:55] <Volcane> you should rethink your approach really
[2010/07/14 09:34:59] @ labrown joined channel #puppet
[2010/07/14 09:35:05] <Volcane> you're thinking that you should do different things depending on the state of the node
[2010/07/14 09:35:13] <Volcane> where what puppet does is tell the node the desired state
[2010/07/14 09:35:20] <Volcane> and check it ever x minutes
[2010/07/14 09:35:30] <Volcane> so if you have a file, you use the file type to copy it out
[2010/07/14 09:35:35] <Volcane> and puppet will ensure its always the same
[2010/07/14 09:36:07] <Volcane> thinking that way removed the need for any kind of 'if the node....' style questions
[2010/07/14 09:36:52] <simplechat> hmmmm
[2010/07/14 09:37:15] @ Quit: sdog: Quit: Leaving.
[2010/07/14 09:37:22] <Volcane> cos pupept doesnt change things if they are already in the desired state
[2010/07/14 09:37:27] <Volcane> it only changes them if they're different
[2010/07/14 09:37:34] @ jatencio joined channel #puppet
[2010/07/14 09:37:42] <simplechat> hmmmmm
[2010/07/14 09:37:42] <Volcane> so as long as you declare how you want it to be, then thats how it will be
[2010/07/14 09:37:47] <simplechat> ok
[2010/07/14 09:37:51] <simplechat> that is nice
[2010/07/14 09:37:59] <simplechat> but i'm kind of unsure, like say i want this node to have this IP address
[2010/07/14 09:38:04] <simplechat> i need to specify that in the file
[2010/07/14 09:38:08] <simplechat> but the file is static?
[2010/07/14 09:38:15] <Volcane> you can build files up using templates
[2010/07/14 09:38:30] <Volcane> where you supply on the puppet code side the desired ip addres and it fills it in
[2010/07/14 09:38:58] @ Quit: MattyM: Remote host closed the connection
[2010/07/14 09:39:02] <simplechat> http://projects.reductivelabs.com/projects/puppet/wiki/Puppet_Templating
[2010/07/14 09:39:04] <simplechat> ?
[2010/07/14 09:39:26] <Volcane> yes
[2010/07/14 09:39:34] @ Quit: nexx: Quit: quit
[2010/07/14 09:40:08] <simplechat> It doesn't specify how to template files?
[2010/07/14 09:40:14] <simplechat> ah
[2010/07/14 09:40:16] <simplechat> content =>
[2010/07/14 09:40:16] <simplechat> ?
[2010/07/14 09:40:27] <Volcane> hint: you wont get anywhere if you dont read docs.
[2010/07/14 09:40:45] <Volcane> we've told you what docs to read, please take more than 2 seconds to answer a question you have, then you learn something
[2010/07/14 09:41:35] <simplechat> i've read the docs, but a good portion of the time the docs don't really help
[2010/07/14 09:41:45] <simplechat> like say the package [] list wasn't on any documentation i found
[2010/07/14 09:42:42] @ Quit: olly__: Quit: This computer has gone to sleep
[2010/07/14 09:42:46] <simplechat> also, i'm starting to think that 3am isn't a good time to start moving your xen servers over to puppet :)
[2010/07/14 09:43:05] <Volcane> simplechat: http://docs.puppetlabs.com/guides/language_tutorial.html#arrays covers the user of arrays to instantiate many copies of a resource.
[2010/07/14 09:43:18] <Volcane> s/user/use
[2010/07/14 09:43:39] @ Quit: fluxdude: Quit: KVIrc 4.0.0 Insomnia http://www.kvirc.net/
[2010/07/14 09:44:45] <simplechat> hmm :(
[2010/07/14 09:44:50] @ radkin joined channel #puppet
[2010/07/14 09:45:00] @ Quit: lkoranda: Quit: Ex-Chat
[2010/07/14 09:45:01] @ olly__ joined channel #puppet
[2010/07/14 09:45:15] <simplechat> Oddly enough the first time i read that it didn't seem to mean that
[2010/07/14 09:45:57] <Volcane> sure its a lot to take in, best to spend a fair bit of time experimenting and getting used to how things work
[2010/07/14 09:46:25] <Volcane> cos a lot of how puppet work is about understanding the concepts behind it rather than syntax
[2010/07/14 09:46:35] @ benkevan joined channel #puppet
[2010/07/14 09:46:44] <Volcane> and you only get that through experimentation and experiencing it, its quite a departure from say a shell script, a whole new way of thinking
[2010/07/14 09:46:49] <benkevan> if I have multiple classes.. and one inherits another.. are the definitions carried across?
[2010/07/14 09:46:58] <Volcane> and therefore simply using it to exec shell scripts, or ./configure style stuff doesnt work well
[2010/07/14 09:47:04] <Volcane> cos conceptually its just not the same thing
[2010/07/14 09:48:01] @ jatencio left channel #puppet ()
[2010/07/14 09:51:12] @ thekad-afk is now known as thekad
[2010/07/14 09:52:07] @ mclarke joined channel #puppet
[2010/07/14 09:53:39] <simplechat> yeah
[2010/07/14 09:53:46] <simplechat> at the moment i'm trying to wrap my head around templating
[2010/07/14 09:53:55] <simplechat> which is kind of painful because i know no ruby or related
[2010/07/14 09:54:09] <simplechat> is there anything more then http://projects.reductivelabs.com/projects/puppet/wiki/Puppet_Templating ?
[2010/07/14 09:54:16] @ Quit: seanos: Ping timeout: 260 seconds
[2010/07/14 09:54:23] <Legooolas> You'll only need a few tiny bits of Ruby.
[2010/07/14 09:54:43] <Legooolas> I don't know ruby much at all and the templating is no problem once you can if/else/whatever as that covers a lot of it.
[2010/07/14 09:54:49] <simplechat> does "wrong number of arguments" mean anything to anybody?
[2010/07/14 09:54:56] <simplechat> ok
[2010/07/14 09:55:13] <simplechat> i have test.erb which is basically pulled from that page
[2010/07/14 09:55:35] <simplechat> i defined the variable in site.pp
[2010/07/14 09:55:38] <Legooolas> Just things like <%= variable %> and <% if foo then %> included text for foo <% else %> included text for else <% end %>
[2010/07/14 09:55:43] <Legooolas> and that covers a lot already.
[2010/07/14 09:55:56] <simplechat> and i used content => template("test.erb") in my class
[2010/07/14 09:56:02] <simplechat> hmmmm
[2010/07/14 09:56:07] <simplechat> that doesn't seem that bad
[2010/07/14 09:56:14] <simplechat> but yeah, where would the arguments be?
[2010/07/14 09:56:38] @ BarnacleBob joined channel #puppet
[2010/07/14 09:56:39] <benkevan> does someone have a good example set of manifests so I can see how you seperate your classes (ie what detail).. I'm trying to figure out if I should break them out for each (ie rhel4 / rhel5 / all rhel / sles 10 / sles 11 / all sles) etc.. trying to get some idea's
[2010/07/14 09:56:40] <Legooolas> Did you put the = in? "<%= foo %>" for variables, and "<% if ... %>" for logic
[2010/07/14 09:56:49] <BarnacleBob> does the mysql backend for puppet use innodb or myisam tables?
[2010/07/14 09:57:06] <simplechat> the entirity of test.erb is "<%= test %>"
[2010/07/14 09:57:18] <simplechat> and i've defined $test = "blah" in site.pp
[2010/07/14 09:57:30] <Legooolas> simplechat: Try a different name, test might be a reserved word or something?
[2010/07/14 09:57:40] <Legooolas> (grabbing a straws)
[2010/07/14 09:57:55] <Legooolas> benkevan: http://www.example42.com/ is good
[2010/07/14 09:58:10] <Legooolas> They have a nice presentation on separation and stuff somewhere that I am failing to remember at the mo.
[2010/07/14 09:58:24] <Legooolas> http://www.lab42.it/presentations/puppetmodules/puppetmodules.html
[2010/07/14 09:58:25] <Legooolas> There.
[2010/07/14 09:58:37] <Legooolas> BarnacleBob: Mysql backend for storeconfigs?
[2010/07/14 09:58:56] <benkevan> wow.. thanks Legooolas
[2010/07/14 09:59:54] <BarnacleBob> Legooolas, yes sorry for storeconfigs
[2010/07/14 10:00:12] <BarnacleBob> turns out my server had skip-innodb on so if it expects to use innodb its not
[2010/07/14 10:00:22] <BarnacleBob> and could be a culprit in some performance problems
[2010/07/14 10:00:40] @ Quit: lak: Quit: lak
[2010/07/14 10:00:40] <benkevan> boy.. i have a lot to learn
[2010/07/14 10:01:21] <Legooolas> benkevan: I was trying to make a nice way of including distro-specific classes and using progressively more generic ones if they don't exist, but didn't find a way to make it work without a lot of boilerplate
[2010/07/14 10:01:42] <Legooolas> i.e. include <magic-which-knows-distro-and-version>
[2010/07/14 10:02:00] <Legooolas> and then it would try modulename::rhel::five
[2010/07/14 10:02:04] <Legooolas> and modulename::rhel
[2010/07/14 10:02:05] <Legooolas> etc
[2010/07/14 10:02:33] <Legooolas> But where I need it I just use a switch (well, case) on $operatingsystem and $lsbdistrelease
[2010/07/14 10:02:38] <benkevan> Legooolas: so probably just conditional for $operatingsystem and $operatingsystemversion or whatever?
[2010/07/14 10:02:40] <Legooolas> and include the classes explicitly
[2010/07/14 10:02:43] <Legooolas> r
[2010/07/14 10:02:44] @ littleidea joined channel #puppet
[2010/07/14 10:03:14] <benkevan> it's my 3rd day on puppet.. still in a single site.pp and haven't gone modular yet.. so now i'm uber lost HAHA.. back to the book really quick to get a better understanding
[2010/07/14 10:03:58] <Legooolas> The thing I couldn't get to be automatic was because you can't detect if a class exists (unless that's changed?)
[2010/07/14 10:04:06] <Legooolas> BarnacleBob: Yeah, InnoDB (on mine at least)
[2010/07/14 10:04:19] <BarnacleBob> crapity crap crap
[2010/07/14 10:04:42] <BarnacleBob> thanks Legooolas
[2010/07/14 10:04:55] <Legooolas> You can probably just change the table type, I'm not sure if it will get angry or change them back or something..
[2010/07/14 10:05:01] <Legooolas> InnoDB is better anyway ;P
[2010/07/14 10:05:07] <BarnacleBob> thats entirely false
[2010/07/14 10:05:12] <BarnacleBob> but in this case its correct
[2010/07/14 10:05:18] <BarnacleBob> :)
[2010/07/14 10:05:32] <BarnacleBob> myisam rules at specific types of data patters and can blow innodb out of the water
[2010/07/14 10:05:56] <Legooolas> mysqldump locks the whole tables when you use myisam, so it's useless for backups :P
[2010/07/14 10:06:07] <Legooolas> At least InnoDB does proper transactions.
[2010/07/14 10:06:23] <BarnacleBob> but with myisam you can lock the table, and copy the files instead of using mysqldump
[2010/07/14 10:06:34] <BarnacleBob> if you have a backup slave its way better backup strategy than innodb
[2010/07/14 10:06:45] <Legooolas> Backup slaves are a better idea anyway, yeah.
[2010/07/14 10:07:03] @ lutter1 joined channel #puppet
[2010/07/14 10:07:13] @ Quit: lutter: Quit: Leaving.
[2010/07/14 10:07:18] <BarnacleBob> wtf this my.cnf doesn't have skip-innodb but the running daemon tells me it does
[2010/07/14 10:08:05] <benkevan> this is going to sound like a dumb question.. when building the file structure.. is it best to have /etc/puppet/manifests/{node,roles,infrastructures,baselines,modeules.pp,site.pp}, or have all those at the /etc/puppet level?
[2010/07/14 10:09:19] @ paxos joined channel #puppet
[2010/07/14 10:10:15] <Legooolas> benkevan: /etc/puppet/modules/<modules>/{manifests,templates,files} for generic stuff
[2010/07/14 10:10:42] <Legooolas> and /etc/puppet/modules/project_something/{nodes,roles,...} for project-specific stuff
[2010/07/14 10:10:43] <benkevan> manifests/modules? or modules/modules ?
[2010/07/14 10:10:59] <benkevan> hummm.. ok.. I haven't gotten to modules yet..
[2010/07/14 10:11:04] <Legooolas> modules/{apache,nagios,exim,...}
[2010/07/14 10:11:39] <benkevan> Legooolas: ah.. ok..
[2010/07/14 10:11:41] <Legooolas> I'm not sure when the docs/tutorial get modules, but it gets a lot neater when they do :)
[2010/07/14 10:11:55] <benkevan> so with modules/<modules> where do the nodes actually go?
[2010/07/14 10:12:38] <BarnacleBob> /etc/puppet/site.pp or /etc/puppet/nodes.pp
[2010/07/14 10:12:44] <BarnacleBob> at least thats what i do
[2010/07/14 10:12:49] <BarnacleBob> except i have environments
[2010/07/14 10:12:52] <BarnacleBob> so its a bit different
[2010/07/14 10:13:12] @ bronto1 joined channel #puppet
[2010/07/14 10:13:12] <benkevan> I'd probably want /etc/puppet/nodes/production/nodes.pp ? no?
[2010/07/14 10:13:34] <benkevan> this shit is fun.. but boy.. lots to learn
[2010/07/14 10:13:42] <BarnacleBob> benkevan, let me paste my structure for ya
[2010/07/14 10:13:58] <benkevan> BarnacleBob: that'd be awesome.. Legooolas if you could do that too.. so I can get an idea.. of how peeps do it :D
[2010/07/14 10:14:11] <benkevan> i have a single site.pp within manifests right now that has all my classes / nodes / definitions :D
[2010/07/14 10:15:43] @ bronto1 is now known as marco
[2010/07/14 10:15:53] @ marco is now known as maroon
[2010/07/14 10:15:59] <BarnacleBob> benkevan, http://pastebin.com/tBKjaFTx
[2010/07/14 10:16:57] <benkevan> BarnacleBob: thanks..
[2010/07/14 10:17:02] <BarnacleBob> benkevan, in my setup you could just replicate one structure under environments and then have the same module structure
[2010/07/14 10:17:06] <BarnacleBob> its a bit complicated
[2010/07/14 10:17:21] <BarnacleBob> i use modulepath=environment/live, modules
[2010/07/14 10:17:23] <Legooolas> I've not got environments yet, but that's high on the list...
[2010/07/14 10:17:31] <benkevan> BarnacleBob: mine is simpele.. /etc/puppet/manifest/site.pp :( hahaha
[2010/07/14 10:18:02] <BarnacleBob> benkevan, for your simple starting out just look at environments/live/main/
[2010/07/14 10:18:08] <BarnacleBob> that its the structure you probably want
[2010/07/14 10:18:16] <BarnacleBob> and you can just ignore modules for now
[2010/07/14 10:18:32] <BarnacleBob> just in site.pp make sure to include 'classes/.pp' and roles/.pp
[2010/07/14 10:18:33] @ Quit: lutter1: Read error: Connection reset by peer
[2010/07/14 10:18:34] @ lutter joined channel #puppet
[2010/07/14 10:18:35] <BarnacleBob> and the nodes.pp
[2010/07/14 10:18:56] @ delimiter joined channel #puppet
[2010/07/14 10:19:27] <delimiter> hi folks, I have a VM running on KVM and it's facter output says virtual => physical
[2010/07/14 10:19:27] <delimiter> is that expected?
[2010/07/14 10:19:53] <benkevan> delimiter: it may be something to do with paravirtualization?
[2010/07/14 10:19:54] @ jmccune joined channel #puppet
[2010/07/14 10:20:10] <Legooolas> This list is too huge and too much of a mess to paste :P
[2010/07/14 10:20:38] <benkevan> http://pastebin.com/9eAY2egq
[2010/07/14 10:21:42] <BarnacleBob> benkevan, i would just avoid trying to figure out environments for right now. it took me like a week to get it working right and i've been using puppet for 3 years
[2010/07/14 10:21:50] <Legooolas> heh
[2010/07/14 10:22:02] <benkevan> ok.. fair enough..
[2010/07/14 10:22:21] <benkevan> Legooolas: do you have your example without environments :D
[2010/07/14 10:22:30] <BarnacleBob> just get one structure working till you think you've got a good handle on it and modules, then you can jump into environments
[2010/07/14 10:22:42] <Volcane> I've hopefully a simple to follow blog post abt environments http://www.devco.net/archives/2009/10/10/puppet_environments.php
[2010/07/14 10:22:43] <BarnacleBob> because environments are just switching up the module paths on the fly
[2010/07/14 10:23:18] <Legooolas> benkevan: I meant that my current one without environments is too messy :P
[2010/07/14 10:23:49] <BarnacleBob> Volcane, at first glance that does look pretty good. i had issues with environments because i wanted something about them to work differently to fit my old way of puppet configs, but i eventually gave up on that :)
[2010/07/14 10:24:30] <Volcane> yeah its all a bit like ruby on rails, its awesome just do thing the way its designed
[2010/07/14 10:24:40] <Volcane> if you wanted your own db design with rails you'll f'n hate it
[2010/07/14 10:24:44] <Volcane> just give up and go with the convention
[2010/07/14 10:24:58] <delimiter> benkevan: It (facter) does show physicalprocessorcount => 0 and processor0 => QEMU Virtual CPU version 0.12.3 and facter/virtual.rb does not seem to do any tests for KVM-ish attributes
[2010/07/14 10:25:03] @ devdas joined channel #puppet
[2010/07/14 10:25:06] @ p3rror joined channel #puppet
[2010/07/14 10:25:35] @ coleman9719 left channel #puppet ()
[2010/07/14 10:27:03] <simplechat> is there any reason why puppet would suddenly be insanely slow
[2010/07/14 10:27:09] <delimiter> benkevan: seems fixed in newer version of facter, see http://projects.puppetlabs.com/issues/2755
[2010/07/14 10:27:27] <benkevan> Volcane: not bad.. but.. node devl (that's not the actual name of the node i'm guessing.. how would you then have another node definition that was the actual server name, then included node devl? would that just be node 'hostname' includes devl ?
[2010/07/14 10:27:48] <Volcane> benkevan: erm dev1 would be the node name
[2010/07/14 10:28:11] <benkevan> delimiter: ah.. too bad it says 0% complete even though last status is ready for check in
[2010/07/14 10:28:15] <benkevan> and closed haha
[2010/07/14 10:28:19] <Volcane> benkevan: shortened for the purpose of just showing how it works
[2010/07/14 10:28:40] <jiboumans> morning
[2010/07/14 10:28:58] @ Quit: littleidea: Ping timeout: 265 seconds
[2010/07/14 10:29:12] <benkevan> Volcane: ah.. ok.. but can nodes be nested also? (I guess that's my question)
[2010/07/14 10:29:33] <Volcane> benkevan: i tend to have a module, say role, and in there things like role::webserver
[2010/07/14 10:29:34] <jiboumans> anyone here that can point me to the right way to setup 2 puppetmasters living behind a loadbalancer? the tricky part seems to be the certificate holding the hostname of the puppetmaster itself, which doesn't work 1) behind an LB and 2) if the client is directed to the other puppetmaster
[2010/07/14 10:29:46] <Volcane> benkevan: so in web server nodes i just ahve 'include roles::webserver'
[2010/07/14 10:29:54] <Volcane> benkevan: you can also do node inheritance but its best avoided
[2010/07/14 10:29:57] <benkevan> Volcane: I haven't gotten to any of those yet.. ah.. ok.. that makes it simple.. i like that
[2010/07/14 10:30:24] <Volcane> benkevan: you can even do like: node /^web.+/ { include roles::webserver }
[2010/07/14 10:30:47] <simplechat> notice: Finished catalog run in 60.32 seconds
[2010/07/14 10:31:08] <simplechat> up from 0.3 seconds
[2010/07/14 10:31:54] <benkevan> Volcane: boy.. I have a lot to learn
[2010/07/14 10:33:38] @ Quit: docelic__: Ping timeout: 260 seconds
[2010/07/14 10:34:05] <benkevan> the examples on example42.com under infrastructures have node inheretance for geophraphical locations (which I think would be helpful) .. also class location (for domains)
[2010/07/14 10:34:08] @ fbe joined channel #puppet
[2010/07/14 10:34:49] @ Quit: jdcasey: Remote host closed the connection
[2010/07/14 10:34:55] <simplechat> the servers are 0.2ms away
[2010/07/14 10:36:52] @ elventails left channel #puppet ()
[2010/07/14 10:37:33] <Volcane> benkevan: yeh, node inheritance has a lot of weirdness and complexity that i just dont find useful
[2010/07/14 10:38:01] <Volcane> benkevan: for handling data like say your local smtp relay or whatever, i use this http://www.devco.net/archives/2009/08/31/complex_data_and_puppet.php
[2010/07/14 10:39:14] <benkevan> Volcane: in there where is something like $location defined?
[2010/07/14 10:39:29] <Volcane> a fact
[2010/07/14 10:39:59] <benkevan> ok.. i haven't gotten to extending puppet (creating my own facts for facter)
[2010/07/14 10:40:52] <Volcane> but it could just be variables in your node blocks
[2010/07/14 10:40:59] <Volcane> same effect for the purpose of that example
[2010/07/14 10:41:08] @ Quit: lutter: Quit: Leaving.
[2010/07/14 10:41:10] <Whoop> simplechat: That means nothing, explain what you're actually doing
[2010/07/14 10:41:19] @ lutter joined channel #puppet
[2010/07/14 10:41:20] <Whoop> simplechat: Are you transfering huge batches of files?
[2010/07/14 10:41:24] <simplechat> Whoop, nope
[2010/07/14 10:41:35] <simplechat> puppet just went from taking 0.3 seconds to run to taking 60
[2010/07/14 10:41:40] <simplechat> reboot apparently fixed the problem
[2010/07/14 10:41:41] <simplechat> no idea why
[2010/07/14 10:41:42] <Whoop> What changed?
[2010/07/14 10:41:45] <ashp> i probably shouldn't have let this software write out a 87,000,000 line csv
[2010/07/14 10:41:48] <Whoop> Bouncing your master doesn't fix it?
[2010/07/14 10:41:56] <simplechat> nothing changed
[2010/07/14 10:41:58] <simplechat> it just broke
[2010/07/14 10:42:03] <simplechat> Whoop, bouncing master?
[2010/07/14 10:42:12] <Whoop> Well something clearly changed :P
[2010/07/14 10:42:14] @ Quit: lutter: Read error: Connection reset by peer
[2010/07/14 10:42:18] <Whoop> Just perhaps not something that you changed
[2010/07/14 10:42:21] @ lutter joined channel #puppet
[2010/07/14 10:42:57] <Legooolas> Is there a way to see what storeconfigs are being used? I've got what looks like an old node config giving arguments which are now invalid
[2010/07/14 10:43:13] <Legooolas> Or, a way to vape the storeconfigs (mysql, so just drop the db?)
[2010/07/14 10:43:14] <Volcane> Legooolas: old nodes stay in the db forever
[2010/07/14 10:43:27] <Volcane> Legooolas: you need to cull them somehow, there are scripts/tips on the wiki
[2010/07/14 10:43:30] <simplechat> :(
[2010/07/14 10:43:40] <benkevan> http://fpaste.org/gSma/ < is my current site.pp :)
[2010/07/14 10:43:55] <Legooolas> Volcane: Ok ta. Are there ways to show the stored configs too, so I could see what node(s) are causing the problem?
[2010/07/14 10:44:18] <Volcane> Legooolas: no out the box tools, but its a normal rails db. alternatively you can point foreman at it
[2010/07/14 10:44:36] <Legooolas> Volcane: Ok thanks :) (Not that I'm using foreman yet)
[2010/07/14 10:44:42] <benkevan> http://fpaste.org/mX7V/
[2010/07/14 10:44:45] <benkevan> rather
[2010/07/14 10:45:59] <simplechat> just generally, is there any more information and/or a working configuration for puppet templates?
[2010/07/14 10:46:10] @ Quit: lutter: Read error: Connection reset by peer
[2010/07/14 10:46:18] @ lutter joined channel #puppet
[2010/07/14 10:46:25] <Volcane> simplechat: here's a template: <%= message %>
[2010/07/14 10:46:26] <Legooolas> Anyway, it can wait until tomorrow :)
[2010/07/14 10:46:32] <ecapriolo> Are modules the only way to include other files?
[2010/07/14 10:46:33] * Legooolas disappears
[2010/07/14 10:46:39] <Volcane> simplechat: here's a class: class hello { $message = "foo" }
[2010/07/14 10:46:43] @ Quit: maroon: Quit: Leaving.
[2010/07/14 10:46:58] <Volcane> simplechat: now add to the class: file{"/tmp/test": content => template("template.erb") }
[2010/07/14 10:47:07] <Volcane> simplechat: and magically the /tmp/test file has the word "foo" in it
[2010/07/14 10:47:20] <Volcane> simplechat: there's nothing more to it than that. past that, get a beginners guide to ruby
[2010/07/14 10:47:31] @ bobbyz joined channel #puppet
[2010/07/14 10:47:32] @ docelic__ joined channel #puppet
[2010/07/14 10:48:22] @ Quit: radkin: Read error: Connection reset by peer
[2010/07/14 10:49:27] <simplechat> cool
[2010/07/14 10:49:42] <simplechat> Volcane, i have no idea why that works and my attempt, which was almost the same, failed miserably
[2010/07/14 10:49:45] <simplechat> but meh, more i know :D
[2010/07/14 10:49:47] <benkevan> is minue => "*/5" a valid minute command for the cron resource in puppet?
[2010/07/14 10:49:47] <simplechat> thanks heaps Volcane
[2010/07/14 10:50:19] <Volcane> benkevan: yeah
[2010/07/14 10:50:28] @ Quit: lutter: Client Quit
[2010/07/14 10:50:36] @ lutter joined channel #puppet
[2010/07/14 10:51:45] @ seanos joined channel #puppet
[2010/07/14 10:51:49] <devdas> benkevan, minute
[2010/07/14 10:51:50] <devdas> yes
[2010/07/14 11:00:19] @ \ask joined channel #puppet
[2010/07/14 11:02:03] @ littleidea joined channel #puppet
[2010/07/14 11:07:50] <benkevan> do you guys typically have seperate classes for virtual?
[2010/07/14 11:07:56] <benkevan> ie for ntp for clock drift?
[2010/07/14 11:08:13] <Volcane> how do you mean virtual?
[2010/07/14 11:08:29] <mackn> like virtual machines?
[2010/07/14 11:08:50] <mackn> i assume from your ntp reference
[2010/07/14 11:14:57] <aforgue> cron { "ntp": command => "/usr/bin/env PATH=/bin:/usr/bin:/usr/local/bin ntpdate $timeserver", minute => 0 }
[2010/07/14 11:15:22] <aforgue> That clock drift problem is only an issue on SLES10-32 bit boxes isn't it?
[2010/07/14 11:15:33] <Volcane> all clocks drift
[2010/07/14 11:15:34] <aforgue> we switched to the xen kernel and the issue went away
[2010/07/14 11:15:48] <aforgue> no shit
[2010/07/14 11:15:59] <Volcane> xen, by default, will just keep the VMs the same as the host
[2010/07/14 11:16:12] <aforgue> but on some versions of sles and vmware it drifts like 20m per hour
[2010/07/14 11:16:22] <Volcane> which presumably is less all over the show than trying to get a vm to keep track
[2010/07/14 11:16:28] <Volcane> so you can install vmware tools and tell it to do the same
[2010/07/14 11:16:32] <simplechat> Is there any reason why an exec will continue to run even if the file it was subscribed to doesn't change?
[2010/07/14 11:16:34] <benkevan> aforgue: naw.. RHEL 4 32bit also :)
[2010/07/14 11:16:39] <mackn> that's not drifting.. that's stumbling over...
[2010/07/14 11:17:01] <mackn> refreshonly.. or something like that
[2010/07/14 11:17:05] <aforgue> yeah, refreshonly
[2010/07/14 11:17:06] <Volcane> simplechat: all resources get 'ran' on every puppet run. an exec will execute every time unless you tell it to be refreshonly
[2010/07/14 11:17:13] <benkevan> aforgue: yah.. I'm not using variables.. but yah.. same difference.. :) (I guessi should define a variable..) ..
[2010/07/14 11:18:09] <benkevan> aforgue: stupid question again.. where do I define the $timeserver variable? as a fact?
[2010/07/14 11:18:48] <simplechat> Volcane, refreshonly being only if the resource changed?
[2010/07/14 11:18:57] <mackn> yes
[2010/07/14 11:19:07] <mackn> or any notifies
[2010/07/14 11:19:13] <mackn> basically it won't run every time :)
[2010/07/14 11:19:26] <simplechat> :D
[2010/07/14 11:19:27] <aforgue> benkeven: wherever, a fact, a variable based on another fact, hard code it
[2010/07/14 11:19:34] <simplechat> this is surprisingly awesome :D
[2010/07/14 11:20:27] <benkevan> aforgue: another stupid question.. what's the best way to make sure that the said ntp cron entry only ran on RHEL4 / SLES10 servers, and not ALL virtual servers? by giving different class?
[2010/07/14 11:20:48] @ Alagar1 joined channel #puppet
[2010/07/14 11:21:16] <aforgue> why wouldn't you just do it everywhere?
[2010/07/14 11:21:35] <benkevan> aforgue: because RHEL 5 / SLES 11 doesn't have the issue.. no?
[2010/07/14 11:21:44] @ Quit: Alagar1: Client Quit
[2010/07/14 11:21:45] <benkevan> rather just do it to the machines that have the problem of drifting
[2010/07/14 11:21:46] <aforgue> yeah, but is it really a problem to have it run anyway?
[2010/07/14 11:21:53] <benkevan> i guess not
[2010/07/14 11:21:55] <mackn> for the sake of going through the excersize....
[2010/07/14 11:21:57] <aforgue> it simplifies your manifests
[2010/07/14 11:21:59] <benkevan> other then having it spam cron log
[2010/07/14 11:22:08] <aforgue> eh...
[2010/07/14 11:22:14] <mackn> heh
[2010/07/14 11:22:18] <benkevan> hehe
[2010/07/14 11:22:21] <aforgue> well add 1>/dev/null
[2010/07/14 11:22:25] <mackn> haha
[2010/07/14 11:22:29] <aforgue> so it'll only log if there's stderr
[2010/07/14 11:23:01] <benkevan> true..
[2010/07/14 11:23:07] <aforgue> or use exec with logoutput for it
[2010/07/14 11:23:19] <aforgue> but I prefer the cron way since then it'll run even if puppet doesn't
[2010/07/14 11:23:30] @ manlymatt83 left channel #puppet ()
[2010/07/14 11:24:28] <devicenull> perhaps I missed something, but why not just use ntpd?
[2010/07/14 11:24:33] <mackn> i like to use virtual resources to do stuff like this.. just defien the cron job as as virtual and realize it for the nodes you want it to run in
[2010/07/14 11:24:46] <mackn> if you still wanted to go the route of only having the cron run on some nodes
[2010/07/14 11:25:27] <aforgue> devicenull: ntpd doesn't work on certain versions of vmware+sles (I guess rhel too) where the clock drifts an insane amount
[2010/07/14 11:25:36] <devicenull> ah
[2010/07/14 11:25:49] <aforgue> I don't remember vmware tools having any effect, but it was a year or two ago
[2010/07/14 11:25:54] <benkevan> mackn: I skipped over virtual resources for the time being :)
[2010/07/14 11:25:56] <benkevan> do you have an example
[2010/07/14 11:26:13] <benkevan> even a little amount makes certificates go wonky
[2010/07/14 11:26:28] @ Alagar1 joined channel #puppet
[2010/07/14 11:26:28] @ Quit: Alagar1: Excess Flood
[2010/07/14 11:26:50] <mackn> do you haev a way to identify which nodes are VMs?
[2010/07/14 11:27:16] <benkevan> mackn: yah.. $virtual => vmware
[2010/07/14 11:27:25] <mackn> i guess if you hace a class that is run just by VMs you can just trhow the cron in there and not need to use virtual
[2010/07/14 11:28:00] <benkevan> yah.. I thought of creating a class for virtual.. but seems like I should be able to easily use conditional statements
[2010/07/14 11:28:05] <simplechat> Hmmm, i know i can manage users via puppet, but its not mentioned in http://docs.puppetlabs.com/guides/language_tutorial.html ?
[2010/07/14 11:28:54] @ Quit: jmccune: Ping timeout: 252 seconds
[2010/07/14 11:28:59] <Volcane> simplechat: see the type reference
[2010/07/14 11:29:16] <simplechat> ah
[2010/07/14 11:29:28] <simplechat> so in short, everything i'd expect to be in the language tutorial is in the type reference?
[2010/07/14 11:29:53] @ Quit: shug: Quit: Leaving
[2010/07/14 11:30:20] <Volcane> simplechat: the language tutorial teaches you about the language, things like if case, variables etc
[2010/07/14 11:30:28] <simplechat> hmmm
[2010/07/14 11:30:29] <simplechat> ok
[2010/07/14 11:30:35] <Volcane> simplechat: the type reference tells you about puppet types - those are the bits that puppet use to do work on nodes
[2010/07/14 11:30:47] <Volcane> simplechat: file{....: } is a type as is user{} package{} etc
[2010/07/14 11:31:07] <benkevan> Volcane: and cron :D i'm learning me hows
[2010/07/14 11:31:10] <simplechat> hmmm
[2010/07/14 11:31:22] <Volcane> simplechat: and then functions - in the function reference - are things like template()
[2010/07/14 11:31:50] <mackn> it's like vocabulary vs grammar
[2010/07/14 11:31:51] @ Quit: littleidea: Ping timeout: 246 seconds
[2010/07/14 11:32:05] <mackn> sort of..
[2010/07/14 11:32:16] <benkevan> hummmm.. now how to make sure that it assigns dns settings
[2010/07/14 11:32:46] <pheezy> can you use the defined function in selector?
[2010/07/14 11:33:08] <pheezy> i basically want to notify one or another service depending on if a class is included
[2010/07/14 11:34:58] <pheezy> Hmm i guess selector wouldn't be it, probably if else :X
[2010/07/14 11:35:17] <Volcane> define type you mean?
[2010/07/14 11:36:07] @ radkin joined channel #puppet
[2010/07/14 11:37:35] <simplechat> hmmm, if i have a file say /root/.ssh/authorized_keys, if /root/.ssh doesn't exist, is it automatically created?
[2010/07/14 11:37:42] <Volcane> no
[2010/07/14 11:38:00] <simplechat> ok
[2010/07/14 11:38:31] <pheezy> nah like notify => if defined(Class[foo]) { foo-service} else if defined(Class[bar] { bar-service} else { undef}
[2010/07/14 11:39:18] <Volcane> pheezy: yeah you can create resources like that. but dont forget that if defined() doesnt actually work well
[2010/07/14 11:40:07] <pheezy> yeah because of parsing order
[2010/07/14 11:42:26] <aforgue> simplechat: For that you'd just do file { "/root/.ssh": ensure => directory } file { "/root/.ssh/authorized_keys": ..., require => File["/root/.ssh"] }
[2010/07/14 11:42:33] <simplechat> This might be kind of a wierd question, but is there any nice way to get puppet to reboot if a kernel changes?
[2010/07/14 11:42:39] @ littleidea joined channel #puppet
[2010/07/14 11:42:41] <aforgue> GAH!
[2010/07/14 11:42:45] <Volcane> agaffney: the require isnt needed, gets added automagically :)
[2010/07/14 11:42:46] <simplechat> aforgue, ah, thats a good idea :)
[2010/07/14 11:42:49] <simplechat> ?
[2010/07/14 11:43:00] <benkevan> man.. this crap is hard.. haha
[2010/07/14 11:43:08] <aforgue> i guess if you'd really want to do that -- I personally wouldn't --
[2010/07/14 11:43:53] <aforgue> package {"kernel": notify => Exec["reboot"] } exec { "reboot": command => "/usr/bin/env init 6", refreshonly => true }
[2010/07/14 11:43:54] <BarnacleBob> simplechat, i've done that before. use exec's with the onlyif option. but at my new work i just had the resource fail if the machine wasn't rebooted to the proper kernel
[2010/07/14 11:43:59] <BarnacleBob> so that someone could manually reboot
[2010/07/14 11:44:09] <aforgue> I think that's pretty dangerous though
[2010/07/14 11:44:30] <simplechat> would that with xen though?
[2010/07/14 11:44:32] <simplechat> hmmmm
[2010/07/14 11:44:41] <aforgue> for the hypervisor?
[2010/07/14 11:44:43] <BarnacleBob> well xen was what i am doing it for
[2010/07/14 11:44:44] @ adrian_broher joined channel #puppet
[2010/07/14 11:44:53] <benkevan> err: Could not retrieve catalog; skipping run
[2010/07/14 11:44:54] <pheezy> heres my snipped Volcane: http://pastie.org/1044455 , basically i'm trying to figure out how to have the http service notified if puppet::server::passenger class is included, so that it will restart and read the new changes
[2010/07/14 11:44:57] <BarnacleBob> if the -xen kernel isn't running then fail
[2010/07/14 11:45:23] @ SEJeff joined channel #puppet
[2010/07/14 11:45:29] @ jdcasey joined channel #puppet
[2010/07/14 11:45:37] <BarnacleBob> simplechat, i did a exec /bin/echo "please reboot to xen kernel" && /bin/false unless uname -a \| grep -i xen
[2010/07/14 11:45:39] <SEJeff> How can I have puppet autocreate an ldap ssl certificate if it doesn't exist?
[2010/07/14 11:45:50] <SEJeff> I know it will involve File and Exec classes, but am not sure the best way to go about it
[2010/07/14 11:45:52] <pheezy> everytime i try and override i get "only subclasses can override parameters"
[2010/07/14 11:46:04] <bdha> exec { .. unless => }
[2010/07/14 11:46:12] <BarnacleBob> SEJeff, use just the Exec class with the creates=>/path/to/file attribute
[2010/07/14 11:46:15] <benkevan> why would I fail to retrieve catalog?
[2010/07/14 11:46:22] <Volcane> pheezy: and the notifies you have there in that class puppet::server::passenger isnt enough?
[2010/07/14 11:46:23] <SEJeff> bdha, care to explain?
[2010/07/14 11:46:43] <SEJeff> BarnacleBob, And how would I add that to requires?
[2010/07/14 11:46:43] <BarnacleBob> SEJeff, let me write you an example
[2010/07/14 11:46:59] <SEJeff> BarnacleBob, Sorry, I am quite new to puppet, but have a good idea and have been looking at the best way to do it
[2010/07/14 11:47:05] <BarnacleBob> np
[2010/07/14 11:47:06] <pheezy> Volcane: sure if something changes in that directory in that file, but not for the file /etc/puppet/puppet.conf
[2010/07/14 11:47:10] <BarnacleBob> i'll give you an example real quick
[2010/07/14 11:47:14] <Volcane> pheezy: ah ok
[2010/07/14 11:47:14] <SEJeff> Sure
[2010/07/14 11:47:30] <Volcane> pheezy: mostly thats not needed, puppet re-reads its settings
[2010/07/14 11:47:30] <simplechat> BarnacleBob, hmmm where would that output end up?
[2010/07/14 11:47:37] <pheezy> it works fine if puppetmaster is running on webrick :)
[2010/07/14 11:47:52] <pheezy> yeah true, but occasionaly it is, adding new environments etc
[2010/07/14 11:47:54] @ goraxe joined channel #puppet
[2010/07/14 11:48:33] <Volcane> pheezy: nods, hard problem
[2010/07/14 11:48:35] <BarnacleBob> simplechat, on the console or in the puppet log. wherever it goes with syslog. also if you use foreman/puppetshow/puppetdash etc the node will show up as failing
[2010/07/14 11:48:50] <simplechat> puppetdash?
[2010/07/14 11:49:30] <BarnacleBob> SEJeff, http://pastebin.com/m2i6vdfn hopefully that helps
[2010/07/14 11:49:49] <pheezy> i could put an "if defined" in the http module but thats ugly, and might not always work
[2010/07/14 11:49:53] <BarnacleBob> simplechat, a web interface for looking at the status of puppet across your cluster. also other features
[2010/07/14 11:50:09] <simplechat> oooh, nice :)
[2010/07/14 11:50:19] @ jmccune joined channel #puppet
[2010/07/14 11:50:40] <SEJeff> BarnacleBob, Yeah that is a great start. Now my question is: Will that run every time a refresh of service ldap happens? Ideally, I'd like this to happen only the first time the ldap server is installed
[2010/07/14 11:50:56] <SEJeff> ^And if the file does not exist already
[2010/07/14 11:51:31] <BarnacleBob> SEJeff, if you look at the docs for the exec type. since you specify the creates command the exec will only run if the file mentioned doesn't exist
[2010/07/14 11:51:42] <SEJeff> BarnacleBob, Thankyou again
[2010/07/14 11:51:59] <BarnacleBob> SEJeff, the require only says that the exec should happen before the service. not actually running it if the service changes
[2010/07/14 11:52:18] <simplechat> Just generally, are there any examples of the user resource?
[2010/07/14 11:52:36] <BarnacleBob> i believe there is an example in the language tutorial
[2010/07/14 11:53:00] <simplechat> thank you :)
[2010/07/14 11:53:52] <BarnacleBob> np
[2010/07/14 11:54:45] <simplechat> unf it doesn't seem to be there :(
[2010/07/14 11:54:51] <simplechat> it seems to have everything except user
[2010/07/14 11:55:47] <simplechat> i have http://docs.puppetlabs.com/guides/types/user.html
[2010/07/14 11:55:48] <Volcane> simplechat: they all work the same
[2010/07/14 11:56:02] <simplechat> but i can't visualise what i'd need to get a user working
[2010/07/14 11:56:09] <Volcane> simplechat: <type>{"<resource name": property => value, property => value}
[2010/07/14 11:56:16] @ omry joined channel #puppet
[2010/07/14 11:56:18] <Volcane> simplechat: so when looking at the type reference for user
[2010/07/14 11:56:24] <Volcane> simplechat: <type> == user
[2010/07/14 11:56:30] <Volcane> simplechat: <resource name> = bob
[2010/07/14 11:56:39] <Volcane> simplechat: properties are the stuff in the type reference by user
[2010/07/14 11:56:47] <Volcane> simplechat: like comment => "Bob the Builder"
[2010/07/14 11:56:48] <simplechat> like could i just specify the username?
[2010/07/14 11:56:55] <simplechat> and will it pick sane defaults?
[2010/07/14 11:57:11] <Volcane> your definition of sane might not match its
[2010/07/14 11:57:16] <Volcane> it wont make home dirs by defaults
[2010/07/14 11:57:21] <Volcane> as metnioned in the docs
[2010/07/14 11:58:31] <simplechat> thats kind of odd
[2010/07/14 11:59:53] @ eidolon left channel #puppet ()
[2010/07/14 12:00:39] <SEJeff> Is it possible to do the equivalent of: echo $(facter fqdn) \| awk -F. '{print $2}' in a manifest to get the 2nd field in the hostname?
[2010/07/14 12:00:52] <SEJeff> And assign it to a variable named cluster
[2010/07/14 12:00:56] <BarnacleBob> SEJeff, check out the functions reference
[2010/07/14 12:01:13] <BarnacleBob> $foo=regsub(/regexp/,$fqdn)
[2010/07/14 12:02:53] @ Quit: gebi: Ping timeout: 240 seconds
[2010/07/14 12:04:54] <SEJeff> BarnacleBob, Ah the functions reference is perfect. Would something like this work? $foo = split($fqdn, ".")[1]
[2010/07/14 12:05:10] <Volcane> cant access array elements directly like that
[2010/07/14 12:05:12] <BarnacleBob> hrm. not sure
[2010/07/14 12:05:17] <BarnacleBob> ok no :)
[2010/07/14 12:05:25] <Volcane> afaik next version can, not sure if that made it in
[2010/07/14 12:05:53] <SEJeff> BarnacleBob, Sorry for being a nuisance. I know python very well, but exactly 0 ruby
[2010/07/14 12:06:06] <Volcane> SEJeff: great thing this isnt ruby then :P
[2010/07/14 12:06:07] <BarnacleBob> heh yeah
[2010/07/14 12:06:16] <SEJeff> This is the equivalent in python: fqdn.split('.')[1]
[2010/07/14 12:06:20] <Volcane> SEJeff: the language in .pp files isnt ruby
[2010/07/14 12:06:24] <SEJeff> Volcane, Well ruby-esque :)
[2010/07/14 12:06:43] <BarnacleBob> ruby would be like var.split(".")[1]
[2010/07/14 12:06:54] <SEJeff> Unless you write your manifests in pure ruby using 0.26 ;)
[2010/07/14 12:06:59] <SEJeff> Ah ok. Thats exactly like python
[2010/07/14 12:07:20] <SEJeff> Well is it possible to get the 2nd entry in an array returned from split() in a manifest?
[2010/07/14 12:07:33] <BarnacleBob> SEJeff, i would use regsubst
[2010/07/14 12:07:42] <Volcane> doesnt the function reference have an example showing how to do that with regsubs like BarnacleBob suggested?
[2010/07/14 12:08:11] <BarnacleBob> doing $foo=split() and then $bar=$foo[1] might work
[2010/07/14 12:08:23] <Volcane> cant access array elements
[2010/07/14 12:08:24] <SEJeff> Volcane, What he suggested worked, but I'm not a fan of regex when splitting on the . is all that is needed
[2010/07/14 12:08:40] <Volcane> SEJeff: if there was a simpler way we'd have suggested that :)
[2010/07/14 12:08:42] <BarnacleBob> Volcane, ah wasn't sure if that was just functions or both
[2010/07/14 12:08:45] <SEJeff> BarnacleBob, But you're probably right in this instance.
[2010/07/14 12:10:39] @ Quit: cynicism1c: Quit: leaving
[2010/07/14 12:11:59] @ Quit: yannL: Read error: Operation timed out
[2010/07/14 12:12:31] @ yannL joined channel #puppet
[2010/07/14 12:13:09] @ Quit: BarnacleBob: Quit: Leaving
[2010/07/14 12:17:12] @ HouseAway is now known as AimanA
[2010/07/14 12:30:47] @ Quit: jumex: Ping timeout: 252 seconds
[2010/07/14 12:37:26] @ thekad is now known as thekad-afk
[2010/07/14 12:40:15] <simplechat> is there any way to pull an entire directory off the puppet server?
[2010/07/14 12:43:31] <pheezy> Hmm does puppetdashboard use the reportserver directive or is there a dashboard_server
[2010/07/14 12:43:53] @ Quit: fbe: Ping timeout: 264 seconds
[2010/07/14 12:45:03] <simplechat> apparently not :(
[2010/07/14 12:45:07] <SEJeff> simplechat, use recurse => true
[2010/07/14 12:45:16] <simplechat> :D
[2010/07/14 12:45:18] <simplechat> apparently so :D
[2010/07/14 12:45:22] @ Quit: seanos: Ping timeout: 276 seconds
[2010/07/14 12:45:34] <SEJeff> simplechat, Example to pull down a directory of rules files: http://projects.puppetlabs.com/projects/puppet/wiki/OSSEC-HIDS_Patterns
[2010/07/14 12:45:41] <SEJeff> CTRL f search for recurse
[2010/07/14 12:46:43] <simplechat> nice :D
[2010/07/14 12:47:18] @ Quit: pheezy: Read error: Connection reset by peer
[2010/07/14 12:48:24] @ pheezy joined channel #puppet
[2010/07/14 12:49:07] @ Quit: p3rror: Ping timeout: 265 seconds
[2010/07/14 13:01:07] @ Quit: devdas: Ping timeout: 245 seconds
[2010/07/14 13:01:23] @ hal-j1 joined channel #puppet
[2010/07/14 13:01:26] @ zvart joined channel #puppet
[2010/07/14 13:02:16] @ seanos joined channel #puppet
[2010/07/14 13:07:17] @ Quit: toi: Quit: Ex-Chat
[2010/07/14 13:08:46] <fenris02> SEJeff, why would you do that instead of distribute from the puppet host?
[2010/07/14 13:09:10] <SEJeff> fenris02, why would you do what?
[2010/07/14 13:10:18] <fenris02> SEJeff, that one uses wget to pull the tarball for every managed host
[2010/07/14 13:10:34] <fenris02> SEJeff, why do that instead of pulling the tarball once, and distributing it ?
[2010/07/14 13:10:37] <SEJeff> fenris02, I wouldn't, that is insane. I just searched the wiki for recurse and linked the first result
[2010/07/14 13:11:17] @ zvart left channel #puppet ()
[2010/07/14 13:11:28] <fenris02> heh, ok. that answers my question :)
[2010/07/14 13:12:07] @ jab_doa joined channel #puppet
[2010/07/14 13:13:34] @ Quit: bobbyz: Read error: Connection reset by peer
[2010/07/14 13:19:27] <benkevan> why would my catalog expire, and why would I be unable to retrieve a new catalog?
[2010/07/14 13:20:55] @ Quit: seanos: Read error: Operation timed out
[2010/07/14 13:20:58] <benkevan> http://www.fpaste.org/Vzi2/ < is what I see with --debug --verbose --test --no-daemonize
[2010/07/14 13:22:50] <aforgue> --test includes --no-daemonize and --verbose
[2010/07/14 13:22:54] <aforgue> in case you hate typing :)
[2010/07/14 13:23:22] <benkevan> oh haha.. good to know
[2010/07/14 13:23:44] <Kiloman> try --test --debug --trace
[2010/07/14 13:23:47] <benkevan> but still on one of my clients (that was previously working) i can no longer get updates to :(
[2010/07/14 13:24:35] <benkevan> doesn't look like anything other then it saying it's using cached certificates for ca for <hostname> etc
[2010/07/14 13:25:31] <Kiloman> is it able to talk to the master?
[2010/07/14 13:26:06] <Kiloman> can you successfully telnet to the puppetmaster host/port?
[2010/07/14 13:28:44] <fenris02> iirc, it uses ssl so you would need to use openssl -sclieint
[2010/07/14 13:28:53] <benkevan> Kiloman: yes..
[2010/07/14 13:29:45] @ seanos joined channel #puppet
[2010/07/14 13:29:55] <Kiloman> fenris02: if you wanted to do anything, yes... but telnet should work to at least test that it can hit the port
[2010/07/14 13:30:47] <Kiloman> does the puppetmaster log anything when you run the test?
[2010/07/14 13:31:29] @ thekad-afk is now known as thekad
[2010/07/14 13:32:29] <benkevan> Kiloman: nope
[2010/07/14 13:33:26] <Kiloman> that sucks! ;)
[2010/07/14 13:33:34] <benkevan> Agreed.. only 1 client.. and it was working
[2010/07/14 13:33:49] <benkevan> still see it in puppetca --list --all
[2010/07/14 13:34:05] <benkevan> and debug just doesn't give good info
[2010/07/14 13:34:06] <benkevan> hummm
[2010/07/14 13:34:12] <benkevan> can I delete the local cache somehow on the puppet
[2010/07/14 13:36:04] <aforgue> yeah rm -rf /var/lib/puppet
[2010/07/14 13:36:10] <aforgue> and delete the cert on the server
[2010/07/14 13:36:20] <aforgue> puppetca --clean <host>
[2010/07/14 13:36:20] <benkevan> how can I delete the cert?
[2010/07/14 13:36:22] <benkevan> ah
[2010/07/14 13:36:23] <benkevan> k
[2010/07/14 13:36:37] <aforgue> btw, don't ever use puppetca --clean --all
[2010/07/14 13:36:38] <aforgue> that's bad
[2010/07/14 13:36:49] <benkevan> haha..
[2010/07/14 13:36:49] <aforgue> it deletes the server cert too
[2010/07/14 13:36:52] <benkevan> nice
[2010/07/14 13:39:02] <benkevan> weird..
[2010/07/14 13:39:09] <benkevan> now it won't even show up on the server :( hahaha
[2010/07/14 13:39:13] <benkevan> when I try to rejoin it
[2010/07/14 13:39:16] <benkevan> weeeeeeeeird
[2010/07/14 13:39:48] <aforgue> it doesn't generate a new cert on the client?
[2010/07/14 13:39:58] <benkevan> it generated the new cert on the client
[2010/07/14 13:40:04] <benkevan> but I can't sign it on the server
[2010/07/14 13:40:18] <benkevan> puppetca --list doesn't have the host showing up.. hummmina
[2010/07/14 13:40:18] <aforgue> never seen that one before
[2010/07/14 13:40:26] <benkevan> wonder if it's version mismatch?
[2010/07/14 13:40:36] <benkevan> let me uninstall it all and just keep my single site.pp
[2010/07/14 13:40:38] <benkevan> and start over
[2010/07/14 13:40:38] <benkevan> :D
[2010/07/14 13:45:57] <benkevan> weird..
[2010/07/14 13:48:16] <aforgue> yeah you shouldn't have to do that
[2010/07/14 13:48:44] <benkevan> i wonder if it's because of a version mismatch
[2010/07/14 13:48:48] <benkevan> that guest still isn't showing up
[2010/07/14 13:49:20] <aforgue> run puppetmasterd with --no-daemonize and --debug
[2010/07/14 13:49:32] <aforgue> and then have the client re-request the cert and see what goes on on the server site
[2010/07/14 13:49:34] @ themroc_climhs is now known as themroc_319
[2010/07/14 13:49:35] <aforgue> side*
[2010/07/14 13:50:25] <benkevan> nope.. nothing
[2010/07/14 13:50:40] <aforgue> what server does the client think it's using
[2010/07/14 13:50:51] <benkevan> puppet
[2010/07/14 13:51:18] <benkevan> I've even explicitly defined --server and --port
[2010/07/14 13:51:37] <benkevan> I have another host that's just fine.. (I'm wondering if it's version mismatch)
[2010/07/14 13:51:45] <aforgue> what are the versions?
[2010/07/14 13:51:56] <benkevan> .24.8 (server) on this specific client it's .25.5
[2010/07/14 13:52:07] <aforgue> oh, yeah -- maybe
[2010/07/14 13:52:12] <aforgue> the server has to be later than the client
[2010/07/14 13:52:19] <mackn> i don't thin the clients can be higher than master.. at least..not that much higher
[2010/07/14 13:52:45] <Volcane> 25 clients only talk to 25 servers
[2010/07/14 13:52:51] <Volcane> 24 clients can talk to 25 servers
[2010/07/14 13:52:51] * benkevan may have to consider running RHEL for my puppet to use epel.. since NOVEL buildservice for puppet is broked
[2010/07/14 13:53:08] <benkevan> it used to work.. but I think I was on .25.4
[2010/07/14 13:53:10] <benkevan> hehe
[2010/07/14 13:53:12] <aforgue> You're on sles11 right?
[2010/07/14 13:53:16] <benkevan> aforgue: yes.. SLES11
[2010/07/14 13:53:26] <benkevan> do you have a recent rpm?
[2010/07/14 13:53:30] <aforgue> I have sles11 RPMs for facter/puppet for 25.5
[2010/07/14 13:53:37] <aforgue> that I built
[2010/07/14 13:53:54] <benkevan> ben.kevan@gmail.com ? or can you host really quick? (srpm would be awesome too.. so I can borrow your .spec)..
[2010/07/14 13:54:07] <benkevan> the buildservice ones are broken (borked exit codes.. making init scripts unusable)
[2010/07/14 13:54:18] <aforgue> I'll put it on my linode
[2010/07/14 13:54:34] <benkevan> that sound ssexual
[2010/07/14 13:54:40] <aforgue> small problem is that it's at my old work
[2010/07/14 13:54:46] <aforgue> and nobody is there to get it
[2010/07/14 13:54:50] <benkevan> does that mean you don't have it? haha
[2010/07/14 13:54:57] <aforgue> I don't have VPN access
[2010/07/14 13:55:05] <benkevan> ah.. do you have the .spec or anything?
[2010/07/14 13:55:08] <aforgue> they axed my VPN access like 2 days before I quit
[2010/07/14 13:55:15] <benkevan> aforgue: rightfully so :)
[2010/07/14 13:55:32] @ Quit: seanos: Ping timeout: 248 seconds
[2010/07/14 13:55:38] <aforgue> there's a spec file in the conf/redhat directory in the source
[2010/07/14 13:55:46] <aforgue> er, conf/sles
[2010/07/14 13:55:47] @ Quit: littleidea: Quit: littleidea
[2010/07/14 13:55:50] <aforgue> one of those
[2010/07/14 13:56:00] <benkevan> agreed..
[2010/07/14 13:56:06] <benkevan> let me see if I can build on that..
[2010/07/14 13:56:12] <aforgue> if not just install from source
[2010/07/14 13:56:14] <aforgue> :D
[2010/07/14 13:56:14] <benkevan> (I don't really have a sles build environment..
[2010/07/14 13:56:15] <benkevan> :(
[2010/07/14 13:56:49] <benkevan> aforgue: in your SMT did you just put it into the updates? or did you create your own repo?
[2010/07/14 13:57:08] <aforgue> you have to create your own repo
[2010/07/14 13:57:25] <aforgue> if you put it in the updates, the repoindex or whatever wont match and it'll never see the update
[2010/07/14 13:57:31] <benkevan> :( .. I'm new to SMT so gotta figure that one out (or is it similar to mrepo?)
[2010/07/14 13:57:33] <aforgue> if you replace the rpm, the gpg sig wont match and will ignore it
[2010/07/14 13:57:45] <benkevan> aforgue: but I can just add it and do a createrepo . ? no?
[2010/07/14 13:57:48] <aforgue> the createrepo is easy and doing your repository is easy
[2010/07/14 13:57:56] <benkevan> ah.. still better to just do new repo for internal stuff anyways IMO
[2010/07/14 13:58:00] <aforgue> getting your clients to recognize the catalog is the worst part
[2010/07/14 13:58:23] <aforgue> smt-custom-catalog you need to run with all the ID#'s of the different OSes you'll have
[2010/07/14 13:58:46] @ p3rror joined channel #puppet
[2010/07/14 13:59:10] <aforgue> so hopefylly just x86_64 sles11
[2010/07/14 13:59:21] <benkevan> aforgue: that's the hope :)
[2010/07/14 13:59:25] <aforgue> but there's different IDS for SP0, SP1, and each architeture
[2010/07/14 13:59:35] <benkevan> although I may build for i386 (since we do have some web instances that REQUIRE i386.. which is retarded
[2010/07/14 13:59:47] <benkevan> yah.. everything right now is SLES 11 SP1
[2010/07/14 13:59:59] <aforgue> sles10 is the worst, because there's a different ID for each different METHOD you used to install (network, vs slipstreamed, vs from CD)
[2010/07/14 14:00:06] <benkevan> haha
[2010/07/14 14:00:17] <aforgue> I got it all figured out the braindamge, before I quit and came to apple
[2010/07/14 14:00:49] <benkevan> which office?
[2010/07/14 14:01:12] <aforgue> cupertino
[2010/07/14 14:01:20] <benkevan> < in Hercules
[2010/07/14 14:01:47] <aforgue> no clue where that is, heh
[2010/07/14 14:01:54] <benkevan> Carquinez Bridge
[2010/07/14 14:02:22] <Kiloman> like the graphics device company?
[2010/07/14 14:02:25] <mackn> heh
[2010/07/14 14:02:39] <mackn> < in SF
[2010/07/14 14:02:53] <mackn> and i don't really know where hercules is
[2010/07/14 14:03:00] <mackn> heard of it..
[2010/07/14 14:03:10] <benkevan> mackn: haha.. it's right past Rodeo ? .. next to Pinole
[2010/07/14 14:03:16] <mackn> pinole!
[2010/07/14 14:03:18] <mackn> i know where that is
[2010/07/14 14:03:25] <mackn> one of the first In'n'outs in the bay area
[2010/07/14 14:03:30] @ jcdenaes joined channel #puppet
[2010/07/14 14:03:31] @ Quit: jdcasey: Remote host closed the connection
[2010/07/14 14:03:35] <benkevan> I go there a bit for lunch :D
[2010/07/14 14:03:44] <mackn> used to go there a lot when i was living in berkeley
[2010/07/14 14:04:12] <aforgue> I moved from Michigan, oh how I love In-N-Out
[2010/07/14 14:04:53] <mackn> i moevd from LA..oh how i missed it until they finally built the one in pinole
[2010/07/14 14:04:55] <mackn> now it's everywhere!
[2010/07/14 14:05:27] <benkevan> I worked at the one in Fairfield for 2 years
[2010/07/14 14:05:37] <mackn> yeah..i dunno where that is either
[2010/07/14 14:06:46] @ Quit: nanliu: Quit: nanliu
[2010/07/14 14:07:26] @ Quit: delimiter: Ping timeout: 265 seconds
[2010/07/14 14:10:19] @ Quit: cmoates: Ping timeout: 265 seconds
[2010/07/14 14:10:50] @ nanliu joined channel #puppet
[2010/07/14 14:11:13] @ Quit: labrown: Quit: Leaving
[2010/07/14 14:12:10] @ Quit: KenjiP0p: Ping timeout: 276 seconds
[2010/07/14 14:18:34] <benkevan> warning: Deprecation notice: must now include '$' in prototype on line 3 in file /etc/puppet/manifests/site.pp
[2010/07/14 14:18:40] <benkevan> what does that really mean?
[2010/07/14 14:19:01] <benkevan> define compliance_lock(owner = root, group = root, mode = 0644, backup = false, recurse = false, ensure = file) {
[2010/07/14 14:19:05] <Volcane> define foo ($bar) { ... }
[2010/07/14 14:19:07] <fenris02> means use puppet://servername/path/
[2010/07/14 14:19:08] <Volcane> the $ isnt optional
[2010/07/14 14:19:09] <benkevan> is line 3
[2010/07/14 14:19:24] <benkevan> so $owner, $group etc?
[2010/07/14 14:19:27] <Volcane> yup
[2010/07/14 14:19:34] <benkevan> well poop on a turtle
[2010/07/14 14:19:37] <Volcane> :)
[2010/07/14 14:19:41] <fenris02> oh, that used to be optional?
[2010/07/14 14:19:44] <benkevan> this book I just bought it way out dated :(
[2010/07/14 14:19:53] <fenris02> what book?
[2010/07/14 14:19:59] <benkevan> pulling strings with puppets
[2010/07/14 14:20:07] <benkevan> s/puppets/puppet
[2010/07/14 14:20:22] <Volcane> benkevan: its still useful to get the concepts and such over and as a way to make sense of the wiki
[2010/07/14 14:20:37] <Volcane> benkevan: but yah, get the basics down with the book and start using docs.puppetlabs.com
[2010/07/14 14:20:53] <benkevan> i'm building a good base right now
[2010/07/14 14:21:01] <benkevan> with the help of the book, and you guys not saying "GTFO"
[2010/07/14 14:21:07] <benkevan> yet at least
[2010/07/14 14:21:36] <Volcane> heh
[2010/07/14 14:23:03] @ shenson is now known as zz_shenson
[2010/07/14 14:23:29] @ delimiter joined channel #puppet
[2010/07/14 14:25:28] @ rmayr joined channel #puppet
[2010/07/14 14:26:11] <benkevan> been learning alot of things lately (outside of puppet) so my little pea brain is already saturated
[2010/07/14 14:26:42] @ Quit: rmayr: Remote host closed the connection
[2010/07/14 14:27:12] @ rmayr joined channel #puppet
[2010/07/14 14:27:42] <benkevan> i took an entperise linux job (internally) without enterprise linux experience.. so trying to catch up with the environment I've setup.. and start doing what some other places setup (like puppet) .. :D
[2010/07/14 14:28:01] <benkevan> all the unix admins are super old school.. and everything is home grown scripts.. which I ported over fo rRHEL.. but now.. done with all that crap
[2010/07/14 14:31:57] @ dotemacs left channel #puppet ()
[2010/07/14 14:32:58] @ fredden joined channel #puppet
[2010/07/14 14:33:19] @ seanos joined channel #puppet
[2010/07/14 14:34:59] <aforgue> welcome to the desert... of the real
[2010/07/14 14:36:55] @ Quit: rmayr: Remote host closed the connection
[2010/07/14 14:37:30] <benkevan> my other backup linux admin is a complete waste
[2010/07/14 14:37:55] <mackn> most backups are
[2010/07/14 14:38:00] @ Quit: seanos: Ping timeout: 260 seconds
[2010/07/14 14:38:05] <benkevan> mackn: he's RHCE haha
[2010/07/14 14:38:20] <mackn> the more acronyms they have after their names..the more of a waste they are
[2010/07/14 14:38:21] <mackn> heh
[2010/07/14 14:38:31] @ rmayr joined channel #puppet
[2010/07/14 14:38:32] <benkevan> HAHA
[2010/07/14 14:38:36] @ Quit: adrian_broher: Quit: Verlassend
[2010/07/14 14:39:03] <mackn> but really.. i think it's probably an issue with lazy vs ability
[2010/07/14 14:39:08] <mackn> but shrug
[2010/07/14 14:40:53] @ Quit: jmccune: Ping timeout: 264 seconds
[2010/07/14 14:41:44] @ Quit: rmayr: Remote host closed the connection
[2010/07/14 14:47:28] @ plathrop-away is now known as plathrop
[2010/07/14 14:53:40] @ Quit: lutter: Quit: Leaving.
[2010/07/14 14:55:38] @ Quit: radkin: Remote host closed the connection
[2010/07/14 14:58:56] @ Quit: notbrien: Quit: notbrien
[2010/07/14 14:59:09] @ Quit: rmiller4pi8: Quit: Leaving.
[2010/07/14 14:59:20] @ rmiller4pi8 joined channel #puppet
[2010/07/14 15:00:42] @ littleidea joined channel #puppet
[2010/07/14 15:01:43] <benkevan> mackn: a lethal mix of both
[2010/07/14 15:01:56] <benkevan> he's an RHCE and a week after he got the cert, he asked me how to install an RPM
[2010/07/14 15:03:00] <mackn> heh
[2010/07/14 15:03:19] @ Quit: rmiller4pi8: Ping timeout: 240 seconds
[2010/07/14 15:03:58] <mackn> yeah... not really sure what one needs to do for those certs.. but i imagine it's more an issue with wanting to shell out the money to go through the process than anything else..
[2010/07/14 15:06:03] <yakub> does he have his RHCE # in his .sig ?
[2010/07/14 15:06:11] <benkevan> yakub: of course
[2010/07/14 15:06:28] <benkevan> he's my backup for Linux and VMware, and makes about 30k more them me HAHAH
[2010/07/14 15:06:38] <Kiloman> yeah
[2010/07/14 15:06:42] <Kiloman> that's the depressing thing
[2010/07/14 15:06:42] <benkevan> gotta love it
[2010/07/14 15:06:50] <Kiloman> stupid certs get you more money during the hiring process
[2010/07/14 15:06:51] <yakub> can you back him up to tape
[2010/07/14 15:06:59] <Kiloman> before everyone figures out that you're a fuckwit
[2010/07/14 15:07:11] <Kiloman> hiding behind your certs :(
[2010/07/14 15:07:12] <yakub> what does rhce test test ?
[2010/07/14 15:07:23] <benkevan> yakub: the ability to show upto the ttes tI guess
[2010/07/14 15:07:31] <mackn> your ability to shell out 800 bux or whatever it costs these days
[2010/07/14 15:07:32] <benkevan> (whoa.. not spelling because that last sentence was bad)
[2010/07/14 15:08:11] <Kiloman> A+ stuff is like that too
[2010/07/14 15:08:15] <Kiloman> if you see it in a sig, run away
[2010/07/14 15:08:40] <benkevan> I'm security+ .. I'd never put that in anything (except resume as accomplishments) and even then ahha
[2010/07/14 15:08:44] <benkevan> oh.. and MCSE and VCP
[2010/07/14 15:08:47] <benkevan> but those were company paid
[2010/07/14 15:08:54] <Kiloman> yeah
[2010/07/14 15:09:05] <Kiloman> sometimes I think about getting work to pay for certs
[2010/07/14 15:09:12] <Kiloman> but then I think about what I'd learn
[2010/07/14 15:09:24] <benkevan> builders need to fix the client.init and server.init for puppet scripts
[2010/07/14 15:09:35] @ jmccune joined channel #puppet
[2010/07/14 15:09:45] <Kiloman> and it's probably less useful stuff than what I've picked up just as part of work duties
[2010/07/14 15:09:56] <Kiloman> and I'd just have more work piled up when I'm done ;)
[2010/07/14 15:10:22] @ seanos joined channel #puppet
[2010/07/14 15:10:23] <benkevan> he hasn't touched a server in days HAHA
[2010/07/14 15:10:32] <benkevan> we dont' have high workload right now
[2010/07/14 15:10:44] <benkevan> but instead of trying to better the environment (ie puppet) he wants to scour craigslist
[2010/07/14 15:13:41] @ rodnet joined channel #puppet
[2010/07/14 15:13:44] @ bitfield joined channel #puppet
[2010/07/14 15:13:53] @ Quit: simplechat: Ping timeout: 264 seconds
[2010/07/14 15:18:01] @ Quit: ecapriolo: Quit: KVIrc Insomnia 4.0.0, revision: 4030, sources date: 20100125, built on: 2010-02-25 23:12:54 UTC http://www.kvirc.net/
[2010/07/14 15:20:17] <joe-mac> actually, the RHCE test is somewhat involved
[2010/07/14 15:20:26] <joe-mac> idk how he could have passed it without knowing how to isntall an rpm
[2010/07/14 15:20:51] <joe-mac> more than just 'show up and pass', i've known competent guys not pass it the first time.
[2010/07/14 15:21:02] <stahnma> turns out you don't have to pass the test to put the letters after your name
[2010/07/14 15:21:07] <joe-mac> haha
[2010/07/14 15:21:24] <mackn> heh
[2010/07/14 15:21:59] <joe-mac> maybe he failed and lied to management so they wouldn't chew him out lol
[2010/07/14 15:22:02] <benkevan> haha.. i actually asked to confirm his RHCE ID after asking me about the RPM's
[2010/07/14 15:22:12] <benkevan> joe-mac: nope.. i asked for it.. i thought the same
[2010/07/14 15:22:25] <joe-mac> jeez, that's kinda odd... tough to cheat too
[2010/07/14 15:22:40] <benkevan> he went to a "boot camp"
[2010/07/14 15:22:45] <jamesturnbull> yeah I've not done it but I know good engineers who credit it as a good cert unlike many others
[2010/07/14 15:23:04] <benkevan> jamesturnbull: who can I contact about some of the init scripts in the suse puppet packages?
[2010/07/14 15:23:06] <joe-mac> yea, i ddi that too as a refresher for certain stuff, but rudimentary knowledge like that, idk
[2010/07/14 15:23:10] <joe-mac> suse
[2010/07/14 15:23:13] <joe-mac> novell i mean
[2010/07/14 15:23:41] <benkevan> joe-mac: no.. I mean the client.init and server.init that's included within the puppet packages from puppet website
[2010/07/14 15:23:55] <jamesturnbull> benkevan: log a ticket and attach a patch
[2010/07/14 15:24:08] <jamesturnbull> benkevan: we only keep that as a hold-over really
[2010/07/14 15:24:36] * jamesturnbull is of the opinion we shouldn't probably remove all upstream packaging extras but he's been dissuaded
[2010/07/14 15:24:52] <jamesturnbull> s/shouldn't/should/
[2010/07/14 15:24:58] <benkevan> jamesturnbull: ah.. ok.. i'll throw up a patch upstream.. just a few really small things like adding $null instead of leaving some things blank.. so things actually run
[2010/07/14 15:25:03] @ punkmexic joined channel #puppet
[2010/07/14 15:26:19] <joe-mac> yea, too difficult to keep up with all the platforms
[2010/07/14 15:26:38] <jamesturnbull> joe-mac: and it's really their area of expertise rather than ours
[2010/07/14 15:26:47] <benkevan> joe-mac: agreed.. that's where little peeonme's come into help
[2010/07/14 15:27:07] <benkevan> so I can feel like I've actually helped..
[2010/07/14 15:27:30] <benkevan> although the person that did the buildservice for novell IMO killed it :( (changed init script to puppet-server (just to match the package name)
[2010/07/14 15:27:36] <benkevan> I love puppetmaster :D
[2010/07/14 15:28:14] <joe-mac> yea, should have kept the package name to puppetmaster too thoguh
[2010/07/14 15:28:26] <jamesturnbull> benkevan: are the SuSE buildserver packages working? Last time I looked they were somewhat dated
[2010/07/14 15:28:30] <joe-mac> idk, i tried to use suse the other day, a customer system, and everything seemed all retarded
[2010/07/14 15:28:46] <benkevan> jamesturnbull: they are complete crap, and I've filed bug against it..
[2010/07/14 15:29:06] <benkevan> I just built some new.. in the buildservice using my own project..
[2010/07/14 15:29:25] <jamesturnbull> do they have a current maintainer we can nag?
[2010/07/14 15:29:34] <matti> lo jamesturnbull
[2010/07/14 15:30:11] <jamesturnbull> matti: hey! how are you?
[2010/07/14 15:30:25] <benkevan> jamesturnbull: There were 4 maintainers listed.. (I also filed a bug against SLES using my Corporate Account.. telling them that they should be more proactive with moving SLES 11 version branch from .24.9 to .25.5 since it includes definition for zypper (which for SLES is kind of important)
[2010/07/14 15:31:53] <benkevan> yay.. my packages are done.. and unlike the ones in the build service, the exit codes are correct (so when you do a service puppetmaster start.. it actuall says done instead of failed) haha
[2010/07/14 15:31:57] @ Quit: kaptk2: Quit: Leaving.
[2010/07/14 15:33:14] <matti> jamesturnbull: No too bad. Too busy recently... tight deadlines.
[2010/07/14 15:35:18] <jamesturnbull> matti: yeah know the feeling
[2010/07/14 15:35:32] @ zorzar_ joined channel #puppet
[2010/07/14 15:35:34] <jamesturnbull> matti: actually looked forward to a plane ride this morning to catch up on my reading/sleeping
[2010/07/14 15:36:57] <matti> jamesturnbull: Hahah. Weird place to "feel like home" ;]
[2010/07/14 15:39:16] @ Quit: zorzar: Ping timeout: 276 seconds
[2010/07/14 15:39:23] <jamesturnbull> matti: I sure the guy next to me suffered through some snoring :)
[2010/07/14 15:39:42] @ Quit: bitfield: Quit: Colloquy for iPhone - http://colloquy.mobi
[2010/07/14 15:40:00] <matti> jamesturnbull: :p
[2010/07/14 15:40:27] <jamesturnbull> also had forgotten what a weird place Reno is
[2010/07/14 15:40:57] <jhelwig> jamesturnbull: Been a while since you've seen Reno 911?
[2010/07/14 15:41:41] <jamesturnbull> jhelwig: never watched it - I had to go there when I worked at a casino years ago
[2010/07/14 15:41:44] @ sebas891 left channel #puppet ()
[2010/07/14 15:42:27] @ Quit: benkevan: Ping timeout: 246 seconds
[2010/07/14 15:45:26] @ benkevan joined channel #puppet
[2010/07/14 15:45:31] <benkevan> man.. F13 just hard crashed on me..
[2010/07/14 15:46:45] @ Quit: paxos: Quit: paxos
[2010/07/14 15:46:50] <benkevan> hummm.. ok
[2010/07/14 15:47:15] <benkevan> i upgraded server to .25.5 but now my client (.25.4) still can't attach to the server
[2010/07/14 15:47:51] <benkevan> ah.. ok.. now it does.. I just had to remove /var/lib/puppet.. awesomeness YAY
[2010/07/14 15:48:07] <benkevan> upgrading to .25.5 from .24.8 made my .25.4 client see my puppetmaster.. boo yaa
[2010/07/14 15:51:14] @ punkmexic left channel #puppet ("Leaving")
[2010/07/14 15:51:35] <benkevan> nwo to figure out how to create a custom SMT repo.. to deploy my puppets from here on out
[2010/07/14 15:59:35] <aforgue> good
[2010/07/14 15:59:47] <aforgue> there's a semi-good article on novell.com on how to do it
[2010/07/14 16:00:03] @ Djelibeybi joined channel #puppet
[2010/07/14 16:02:03] <benkevan> aforgue: you have linkage?
[2010/07/14 16:02:13] @ KenjiP0p joined channel #puppet
[2010/07/14 16:02:26] <aforgue> http://www.novell.com/communities/node/6335/creating-yum-repository-and-publishing-it-smt
[2010/07/14 16:03:02] <benkevan> aforgue: I built my own rpm's.. so I'm good now.. i didn't want to use the broken ass novell build service one..
[2010/07/14 16:03:14] <benkevan> although I did do it in buildservice, so that other can have access
[2010/07/14 16:03:21] <benkevan> since i'm kind of a nice guy
[2010/07/14 16:03:32] <aforgue> heh
[2010/07/14 16:03:57] <benkevan> ewwww.. I just saw it said rug
[2010/07/14 16:04:20] <aforgue> ignore that part
[2010/07/14 16:04:38] <benkevan> haha
[2010/07/14 16:04:45] <aforgue> ignore all parts that say rug
[2010/07/14 16:04:52] <aforgue> kick dirt in its face
[2010/07/14 16:05:16] <benkevan> http://blog.barfoo.org/2009/10/22/creating-a-custom-rpm-repository-for-smt/ < looks pretty good..
[2010/07/14 16:05:27] <benkevan> I know.. I used to be a suse fan.. and with ZMD / RUG I nearly puked
[2010/07/14 16:05:34] @ freshtonic joined channel #puppet
[2010/07/14 16:05:35] <aforgue> it was terrible
[2010/07/14 16:05:50] @ delimiter left channel #puppet ()
[2010/07/14 16:06:35] @ pting joined channel #puppet
[2010/07/14 16:07:36] <benkevan> it was quite sad to see that opensuse 11.3 doesn't have a feh package available
[2010/07/14 16:07:36] <benkevan> haha
[2010/07/14 16:07:47] @ Quit: tonyskapunk: Quit: ERC Version 5.3 (IRC client for Emacs)
[2010/07/14 16:10:53] <aforgue> at least they moved ruby into -Pool
[2010/07/14 16:11:07] <aforgue> before it was only on the SDK and you had to mirror all that stupid crap just to get ruby
[2010/07/14 16:11:28] <Kiloman> wow really?
[2010/07/14 16:12:22] <aforgue> In les10 yeah
[2010/07/14 16:12:54] <aforgue> i ended up manually copying the ruby to a custom repo
[2010/07/14 16:13:15] @ Quit: joe-mac: Quit: Leaving.
[2010/07/14 16:13:18] @ Quit: jhunter: Quit: leaving
[2010/07/14 16:13:23] @ jhunter joined channel #puppet
[2010/07/14 16:15:24] @ Quit: jhunter: Client Quit
[2010/07/14 16:15:31] @ jhunter joined channel #puppet
[2010/07/14 16:16:40] @ Quit: littleidea: Quit: littleidea
[2010/07/14 16:17:27] @ Quit: jmccune: Ping timeout: 246 seconds
[2010/07/14 16:17:55] @ Quit: p3rror: Ping timeout: 265 seconds
[2010/07/14 16:19:12] @ Quit: nanliu: Quit: nanliu
[2010/07/14 16:19:54] @ OpenMedia joined channel #puppet
[2010/07/14 16:19:57] <benkevan> haha.. nice
[2010/07/14 16:20:04] <benkevan> lets see how my added repo works..
[2010/07/14 16:20:05] @ MarkN joined channel #puppet
[2010/07/14 16:21:08] <benkevan> does this gpg --gen-key every finish on sles? sheesh
[2010/07/14 16:22:22] <Kiloman> needs more entropy
[2010/07/14 16:22:32] <Kiloman> pop open another terminal and run updatedb or something
[2010/07/14 16:22:45] <mackn> heh yeah if there isn't enough entropy it'll block waiting for more
[2010/07/14 16:23:07] <Kiloman> or point it at /dev/urandom instead of /dev/random ;)
[2010/07/14 16:23:07] @ jmccune joined channel #puppet
[2010/07/14 16:24:45] @ Quit: jab_doa: Quit: Verlassend
[2010/07/14 16:24:57] <benkevan> sudo find / -name *.sh -exec cat {} \;
[2010/07/14 16:25:00] <benkevan> 5 times
[2010/07/14 16:25:29] <Kiloman> IIRC you need something that's going to do actual disk IO
[2010/07/14 16:25:56] <Kiloman> after the first time, most of that is going to be cached on a machine with a decent amount of ram
[2010/07/14 16:26:17] <Kiloman> maybe dd if=/dev/sda of=/dev/null ?
[2010/07/14 16:27:37] <benkevan> really.. didn't know it had to hit actual disk..
[2010/07/14 16:27:43] <benkevan> on RHEL i just danced on the keyboard
[2010/07/14 16:27:48] @ Quit: mfournier: Ping timeout: 240 seconds
[2010/07/14 16:27:51] @ MarkN left channel #puppet ()
[2010/07/14 16:27:51] <Kiloman> haha
[2010/07/14 16:28:05] <Kiloman> yeah anything that does actual hardware IO I think
[2010/07/14 16:28:11] <Kiloman> keyboard, mouse, HD
[2010/07/14 16:28:13] <Kiloman> not sure about network
[2010/07/14 16:28:24] <benkevan> dude.. there's no way.. it isn't done
[2010/07/14 16:28:27] <benkevan> it has to be hung
[2010/07/14 16:28:27] <benkevan> haha
[2010/07/14 16:28:32] <benkevan> oh god
[2010/07/14 16:28:34] <benkevan> I'm a fucking idiot
[2010/07/14 16:28:53] <benkevan> I was scrolled up on my terminal
[2010/07/14 16:28:56] <Kiloman> ahahaha
[2010/07/14 16:29:01] <Kiloman> I hate when that happens ;)
[2010/07/14 16:29:02] <mackn> hahaha
[2010/07/14 16:29:35] <benkevan> :(
[2010/07/14 16:29:38] <benkevan> 5 minutes
[2010/07/14 16:30:41] @ p3rror joined channel #puppet
[2010/07/14 16:32:13] @ Quit: bug: Quit: bug
[2010/07/14 16:33:45] @ Quit: benkevan: Quit: leaving
[2010/07/14 16:34:23] @ littleidea joined channel #puppet
[2010/07/14 16:36:51] @ Spruit_elf joined channel #puppet
[2010/07/14 16:39:52] @ Quit: jmccune: Ping timeout: 245 seconds
[2010/07/14 16:41:10] @ jmccune joined channel #puppet
[2010/07/14 16:49:04] @ S_BS joined channel #puppet
[2010/07/14 16:50:38] <S_BS> is it possible to change the manifests folder location for puppet on ubuntu?
[2010/07/14 16:53:28] <mackn> manifestdir=
[2010/07/14 16:54:05] <S_BS> is that a command line option while running puppetmasterd
[2010/07/14 16:54:20] <mackn> in puppet.conf
[2010/07/14 16:55:14] <S_BS> sweet thank you!
[2010/07/14 16:55:45] @ Quit: SpacePope: Read error: No route to host
[2010/07/14 16:55:49] @ Quit: jcdenaes: Quit: jcdenaes
[2010/07/14 16:57:20] @ PaulWay[w] joined channel #puppet
[2010/07/14 17:00:19] @ SpacePope joined channel #puppet
[2010/07/14 17:01:41] @ Quit: S_BS: Quit: Page closed
[2010/07/14 17:01:42] @ thekad is now known as thekad-afk
[2010/07/14 17:08:33] @ Quit: jmccune: Ping timeout: 260 seconds
[2010/07/14 17:11:45] <jiboumans> is there an equivalent of 'mkdir -p' for directories? i'm getting this: err: //s_logger/File[/mnt/var/log/apache2]/ensure: change from absent to directory failed: Cannot create /mnt/var/log/apache2; parent directory /mnt/var/log does not exist
[2010/07/14 17:11:51] <jiboumans> only /mnt exists on fresh machines
[2010/07/14 17:12:29] <Spruit_elf> jiboumans: i tought there wasn't aparently it creates a whole new set of issues
[2010/07/14 17:14:31] <Spruit_elf> jiboumans: i think this covers it: http://projects.puppetlabs.com/issues/86
[2010/07/14 17:14:44] * jiboumans reads
[2010/07/14 17:14:46] @ Quit: PhabX: Remote host closed the connection
[2010/07/14 17:16:12] <jiboumans> oh my
[2010/07/14 17:16:19] <jiboumans> Spruit_elf: 4 year long, heated conversation
[2010/07/14 17:16:26] <Spruit_elf> jup
[2010/07/14 17:16:28] * jiboumans goes with the work around...
[2010/07/14 17:17:15] <Spruit_elf> the interesting part is at the bottom something about permissions and predictability
[2010/07/14 17:19:08] <Kiloman> any issue number that low, you know it's gotta be good ;)
[2010/07/14 17:19:12] <jiboumans> heh
[2010/07/14 17:19:47] <jiboumans> fwiw, the work around works like a charm: file { ['/mnt', '/mnt/var', '/mnt/var/log', '/mnt/var/log/apache2/']:
[2010/07/14 17:19:48] <jiboumans> ensure => directory,
[2010/07/14 17:20:15] <hal-j1> that works well if you want/need the same ownership, mode, etc… for each level
[2010/07/14 17:20:48] <hal-j1> if not, do several files each one requiring the parent File
[2010/07/14 17:20:57] <hal-j1> IMHO
[2010/07/14 17:21:56] <jiboumans> understood; and same ownership is fine here.. i was literally looking for 'mkdir -p'
[2010/07/14 17:23:25] <hal-j1> there's always exec if you're hung up on mkdir -p, but I wouldn't suggest it :)
[2010/07/14 17:24:58] <jiboumans> heh, yeah just the functionality, not the actual shell out
[2010/07/14 17:25:23] @ hal-j1 is now known as hal-j
[2010/07/14 17:33:51] <hal-j> also keep in mind that puppet wants each file to be defined only once. so if you'll need /mnt/var/log/[somethingelse] later on, you'll probably want to break out the creation of /mnt/var/log elsewhere and include whatever does that in both places
[2010/07/14 17:38:23] @ Quit: ahasenack: Quit: Leaving
[2010/07/14 17:39:41] @ Quit: \ask: Ping timeout: 264 seconds
[2010/07/14 17:40:39] @ scb joined channel #puppet
[2010/07/14 17:40:51] <jiboumans> i'm not quite following something. I"m trying to follow the best practices wiki page to split configuration up in /modules and /services. So far so good.
[2010/07/14 17:41:37] <jiboumans> However, I have a file /etc/puppet/services/foo/files/bar that i wish to use as the source for a file on the filesystem
[2010/07/14 17:42:07] <jiboumans> i'm getting 400 'no permission' errors for the path i'm using, and i'm not understanding http://projects.puppetlabs.com/projects/puppet/wiki/File_Serving_Configuration to configure access to that file
[2010/07/14 17:42:34] <jiboumans> it explains it well for /etc/puppet/files, but i'm unclear how the /modules and /services scheme fit in there
[2010/07/14 17:44:22] <hal-j> if "services" is configured as a module path you should be able to refer to .../services/foo/files/bar as puppet:///foo/bar
[2010/07/14 17:44:23] <jiboumans> i believe i'm supposed to use the uri: 'puppet:///services/foo/bar'
[2010/07/14 17:45:02] <jiboumans> hal-j: yeah, '../services' and '../modules' are listed in the modulepath of the configuration
[2010/07/14 17:45:14] <hal-j> try puppet:///foo/bar
[2010/07/14 17:45:50] <jiboumans> doing so now
[2010/07/14 17:46:32] <jiboumans> hal-j: good catch, works
[2010/07/14 17:46:33] <jiboumans> thanks
[2010/07/14 17:46:38] <hal-j> np
[2010/07/14 17:48:31] <jiboumans> hal-j: gave me a deprecation warning though, suggesting i use puppet:///modules/foo/bar. that seems to work fine fwiw
[2010/07/14 17:49:10] <scb> Hello, I have a question about the Puppet/GPL license...
[2010/07/14 17:49:13] <scb> I want use puppet to install/configure my commercial software at client data centers.
[2010/07/14 17:49:19] <scb> Does this mean I have to license my software under the GPL, and customers can give away my source code? Or, does this mean that only my Puppet recipes are licensed under the GPL, and can be give away (which I have no problem with)?
[2010/07/14 17:50:07] <hal-j> jiboumans: I'm still on 0.24.8 so my suggestions are going to be with that caveat :)
[2010/07/14 17:50:13] @ Quit: kuh: Ping timeout: 240 seconds
[2010/07/14 17:50:32] <jiboumans> hal-j: no problem at all :) last i ran was 0.24.x as well, trying to get on the new hipness here
[2010/07/14 17:50:57] <hal-j> it's on my todo list
[2010/07/14 17:51:16] <hal-j> along with eleventeen other things
[2010/07/14 17:53:04] <Spruit_elf> scb, im no layer but from what i know you only have to gpl your code if you link against puppet or modify it
[2010/07/14 17:54:03] <Kiloman> RPM is GPL
[2010/07/14 17:54:11] <Kiloman> but making a RPM of your software doesn't make it GPL
[2010/07/14 17:54:28] <Spruit_elf> scb you can use puppet safely and even distribute it as long as you provide the source
[2010/07/14 17:54:33] <Spruit_elf> (for puppet)
[2010/07/14 17:54:54] <Kiloman> or just offer to provide the source
[2010/07/14 17:55:03] <scb> spruit / kiloman: thanks... I have no problem distributing the puppet code
[2010/07/14 17:55:04] <Kiloman> just providing a link to the puppet website might be enough
[2010/07/14 17:55:21] <Kiloman> unless you're modifying it
[2010/07/14 17:55:25] @ kuh joined channel #puppet
[2010/07/14 17:55:32] <Spruit_elf> but if your software is not a derivative or linked against puppet i think your safe (even your puppet recipes don't have to be gpl)
[2010/07/14 17:56:08] <Spruit_elf> but be nice and share them (is possible) ;-)
[2010/07/14 17:56:15] <Spruit_elf> is =if
[2010/07/14 17:56:16] <scb> of course ;-)
[2010/07/14 17:58:12] @ Quit: Hypnoz: Ping timeout: 248 seconds
[2010/07/14 18:03:15] <Spruit_elf> scb for more info on gpl see http://www.gnu.org/licenses/gpl-faq.html#GPLInProprietarySystem (the first paragraph linked to is a bit negative but i assume that in your case the second and following paragraphs apply)
[2010/07/14 18:05:46] <scb> spruit: I think I'm ok... I want to use GPL software to deploy proprietary software. There is no linkage. And giving away the puppet recipes is not a problem.
[2010/07/14 18:06:31] @ thekad-afk is now known as thekad
[2010/07/14 18:08:03] @ Quit: Djelibeybi: Quit: Leaving
[2010/07/14 18:09:15] @ FOCer joined channel #puppet
[2010/07/14 18:09:38] <scb> again, thanks spruit & kiloman
[2010/07/14 18:11:42] @ Quit: herdingcat: Read error: Connection reset by peer
[2010/07/14 18:13:28] @ Quit: Spruit_elf: Quit: Spruit_elf
[2010/07/14 18:17:55] @ thekad is now known as thekad-afk
[2010/07/14 18:27:04] @ Quit: gmcquillan: Quit: gmcquillan
[2010/07/14 18:28:17] @ Quit: Rinman: Ping timeout: 252 seconds
[2010/07/14 18:29:34] @ MaxBube joined channel #puppet
[2010/07/14 18:32:59] @ Quit: MaxBube: Client Quit
[2010/07/14 18:33:21] @ MaxBube joined channel #puppet
[2010/07/14 18:35:08] @ Wandrewvious joined channel #puppet
[2010/07/14 18:37:16] @ Quit: yannL: Remote host closed the connection
[2010/07/14 18:37:35] @ scb left channel #puppet ()
[2010/07/14 18:38:03] @ Djelibeybi joined channel #puppet
[2010/07/14 18:38:07] <jiboumans> someone around that wrote the puppetlabs-apache module? require => [A2mod[foo]] doesn't seem to work as a dependency
[2010/07/14 18:39:00] <jiboumans> (//apache/A2mod[headers]) Failed to retrieve current state of resource: No ability to determine if a2mod exists
[2010/07/14 18:39:02] @ Quit: WALoeIII: Ping timeout: 245 seconds
[2010/07/14 18:39:27] @ Quit: Wandrewvious: Ping timeout: 245 seconds
[2010/07/14 18:39:41] <jiboumans> when run a second time, it works - so it's an ordering thing somehow
[2010/07/14 18:45:37] <jiboumans> (//apache/A2mod[headers]) Failed to retrieve current state of resource: No ability to determine if a2mod exists
[2010/07/14 18:46:03] <jiboumans> whoops, double paste -- anyway, that's the part that triggers it, but the provider does offer an exists? method
[2010/07/14 18:46:58] <jiboumans> how can i go about figuring out what's causing this and even better, fixing it?
[2010/07/14 18:47:54] @ \ask joined channel #puppet
[2010/07/14 18:48:27] * jiboumans waves at \ask
[2010/07/14 19:00:10] @ ahuman joined channel #puppet
[2010/07/14 19:03:06] @ ohadlevy left channel #puppet ()
[2010/07/14 19:20:18] @ WALoeIII joined channel #puppet
[2010/07/14 19:21:39] @ jcesario joined channel #puppet
[2010/07/14 19:39:54] <jcesario> version 0.25.4 : has anyone experienced when using file: recurse, replace => false, checksum => undef, and source {} , puppet will still attempt to read the entire folder and every file in it? strace shows it still opening and reading files.
[2010/07/14 19:44:41] @ Quit: Djelibeybi: Quit: Leaving
[2010/07/14 19:45:03] <jcesario> its similar to bug #1469 except that setting checksum to mtime\|undef\|md5lite does nothing to stop the read
[2010/07/14 19:45:04] <gepetto> jcesario: #1469 is http://projects.puppetlabs.com/issues/show/1469 "Puppet - Bug #1469: File recursion with a remote source should not recurse locally - Puppet Labs"
[2010/07/14 19:52:33] <jcesario> i think this is it actually: http://tinyurl.com/245jfwl
[2010/07/14 19:57:24] @ cowbud joined channel #puppet
[2010/07/14 19:57:46] <cowbud> is there a way to run puppet on a remote system without puppet installed? kinda like a through it over the fence configuration where it runs all of its commands over ssh?
[2010/07/14 19:58:03] <cowbud> through/throw
[2010/07/14 19:58:50] <jcesario> not that im aware of. have you looked at func or capistrano though?
[2010/07/14 19:59:13] <cowbud> no but I will :) thanks for the pointers
[2010/07/14 19:59:20] @ Quit: MaxBube: Quit: Ex-Chat
[2010/07/14 19:59:23] <jcesario> i prefer func personally.
[2010/07/14 19:59:50] <cowbud> good to know, may save me some time :)
[2010/07/14 20:00:02] <cowbud> thank you very much
[2010/07/14 20:05:46] @ PhabX joined channel #puppet
[2010/07/14 20:09:57] <fenris02> mcollective might work too
[2010/07/14 20:18:01] @ Quit: ceren: Quit: ceren
[2010/07/14 20:22:13] @ cyrus_mc joined channel #puppet
[2010/07/14 20:24:08] @ Quit: cliff-hm: Ping timeout: 258 seconds
[2010/07/14 20:24:09] @ Quit: mclarke: Quit: mclarke
[2010/07/14 20:25:00] <cyrus_mc> If I have something like the following: http://pastebin.com/ffVPfwUN
[2010/07/14 20:25:34] <cyrus_mc> and within the nsswitch class I want to act on whether something is tagged wes or not, does the nsswitch see the wes tag for node wes?
[2010/07/14 20:26:03] <cyrus_mc> I wrote something similar and looking at the log it does not appear to see the tag wes. Almost like since the include for nsswitch is in the base class it doesn't see it
[2010/07/14 20:26:23] <cowbud> fenris02: thanks ill take a look
[2010/07/14 20:27:11] <fenris02> someone here does that iirc
[2010/07/14 20:27:54] <cyrus_mc> anyone?
[2010/07/14 20:29:41] <fenris02> cyrus_mc, dunno. i've never tried that yet. in all my 4-days of "vast" experience 8)
[2010/07/14 20:30:43] <cyrus_mc> fenris02: well I think we are about equal in experience
[2010/07/14 20:31:07] <cyrus_mc> I believe it is not inheriting the tag since if I remove the if (tagged(wes)) line it executes what was in the if statement
[2010/07/14 20:31:12] <cyrus_mc> when I put it back in, it doesn't
[2010/07/14 20:33:21] <cyrus_mc> also, how can I check a file for the existence of a certain line?
[2010/07/14 20:34:10] <fenris02> i think augeas helps with that?
[2010/07/14 20:34:44] <cyrus_mc> augeas?
[2010/07/14 20:34:46] <cyrus_mc> what is that
[2010/07/14 20:35:17] <fenris02> yum info augeas
[2010/07/14 20:36:29] <cyrus_mc> thanks
[2010/07/14 20:37:15] <fenris02> tbf, i know very little more than what that command says
[2010/07/14 20:42:43] @ alcy joined channel #puppet
[2010/07/14 20:42:55] @ PaulWay[w] left channel #puppet ("I must go, there are too many tangrams on this channel.")
[2010/07/14 20:43:14] @ Quit: cyrus_mc: Quit: leaving
[2010/07/14 21:00:59] @ AimanA is now known as HouseAway
[2010/07/14 21:02:40] @ kc7zzv joined channel #puppet
[2010/07/14 21:02:47] @ gniks joined channel #puppet
[2010/07/14 21:05:32] @ Quit: kc7zzv: Client Quit
[2010/07/14 21:06:32] @ Djelibeybi joined channel #puppet
[2010/07/14 21:15:06] @ gniks1 joined channel #puppet
[2010/07/14 21:15:36] @ Quit: gniks1: Client Quit
[2010/07/14 21:16:01] @ gniks1 joined channel #puppet
[2010/07/14 21:18:48] @ Quit: gniks: Ping timeout: 260 seconds
[2010/07/14 21:19:12] @ Quit: pipegeek: Quit: Leaving.
[2010/07/14 21:25:16] @ crdant joined channel #puppet
[2010/07/14 21:33:34] @ Quit: Djelibeybi: Quit: Leaving
[2010/07/14 21:39:22] @ Quit: pheezy: Remote host closed the connection
[2010/07/14 21:45:09] @ Quit: gniks1: Quit: Leaving.
[2010/07/14 21:45:38] @ gniks joined channel #puppet
[2010/07/14 21:49:55] @ physicspackage joined channel #puppet
[2010/07/14 21:50:51] @ Quit: physicspackage: Client Quit
[2010/07/14 21:51:48] @ Quit: p3rror: Ping timeout: 248 seconds
[2010/07/14 21:52:52] @ nickar joined channel #puppet
[2010/07/14 21:53:31] <nickar> hi people!, i have a question about ssh keys, is there anyone over there?
[2010/07/14 21:54:12] <fenris02> depends in the q?
[2010/07/14 21:54:29] <nickar> i am trying this code: http://projects.puppetlabs.com/projects/puppet/wiki/Module_Ssh_Auth_Patterns
[2010/07/14 21:54:49] <nickar> it is attached to the page, this is the file: http://projects.puppetlabs.com/attachments/935/auth.pp
[2010/07/14 21:55:26] <nickar> and when i check the code for syntax errors with puppet --parseonly --ignoreimport auth.pp
[2010/07/14 21:55:48] <nickar> it says "Could not match 'class' in ....
[2010/07/14 21:56:36] <nickar> err: Could not parse for environment production: Could not match 'class' at /etc/puppet/modules/auth.pp:10
[2010/07/14 21:57:38] <nickar> i'm just wget-ing the file :( Do you know what could it be happeining here? or if there is another way to have public key authentication configured with puppet?
[2010/07/14 22:00:56] <fenris02> huh. line 10 is a blank. dos2unix help?
[2010/07/14 22:01:03] <nickar> mmm...
[2010/07/14 22:01:24] @ Quit: crdant: Quit: Leaving.
[2010/07/14 22:01:26] <nickar> oh, you are a genius,
[2010/07/14 22:01:30] <nickar> thanks fenris02
[2010/07/14 22:01:38] <fenris02> beginners luck
[2010/07/14 22:01:39] <nickar> i forgot that, ...
[2010/07/14 22:02:49] <nickar> i think i should inform the article's author, it should be unixified :) (does puppetmasterd run on windows ? (i think so, it is ruby ...) )
[2010/07/14 22:03:36] <fenris02> good question. i believe it does though.
[2010/07/14 22:03:43] @ plathrop is now known as plathrop-away
[2010/07/14 22:04:49] @ p3rror joined channel #puppet
[2010/07/14 22:07:53] @ mclarke joined channel #puppet
[2010/07/14 22:09:36] @ crdant joined channel #puppet
[2010/07/14 22:13:45] @ Quit: pting: Ping timeout: 246 seconds
[2010/07/14 22:31:24] @ Quit: gniks: Quit: Leaving.
[2010/07/14 22:32:06] @ Quit: PhabX: Quit: PhabX
[2010/07/14 22:33:19] @ Quit: nickar: Ping timeout: 258 seconds
[2010/07/14 22:37:21] @ Quit: nevyn: Ping timeout: 265 seconds
[2010/07/14 22:38:58] @ nevyn joined channel #puppet
[2010/07/14 22:43:23] @ Quit: nevyn: Ping timeout: 260 seconds
[2010/07/14 22:45:30] @ Quit: ahuman: Remote host closed the connection
[2010/07/14 22:50:25] @ nevyn joined channel #puppet
[2010/07/14 23:07:40] @ Quit: rcrowley: Quit: rcrowley
[2010/07/14 23:08:12] <jcesario> version 0.25.4 : has anyone experienced when using file: recurse, replace => false, checksum => undef, and source {} , puppet will still attempt to read the entire folder and every file in it? strace shows it still opening and reading files. think this is it actually: http://tinyurl.com/245jfwl
[2010/07/14 23:08:30] @ Quit: fredden: Quit: Leaving
[2010/07/14 23:08:34] <jcesario> i think maybe this is a job for the mailing list...
[2010/07/14 23:12:48] @ Quit: p3rror: Ping timeout: 258 seconds
[2010/07/14 23:15:06] @ Quit: alban2: Read error: Connection reset by peer
[2010/07/14 23:15:11] @ alban2 joined channel #puppet
[2010/07/14 23:15:59] @ ceren joined channel #puppet
[2010/07/14 23:21:05] @ Quit: alban2: Ping timeout: 264 seconds
[2010/07/14 23:21:16] @ Quit: DbT_: Quit: zzzz
[2010/07/14 23:24:31] @ p3rror joined channel #puppet
[2010/07/14 23:32:16] @ sdog joined channel #puppet
[2010/07/14 23:34:30] @ pting joined channel #puppet
[2010/07/14 23:40:31] @ Quit: sdog: Changing host
[2010/07/14 23:40:31] @ sdog joined channel #puppet
[2010/07/14 23:41:14] @ ecolitan joined channel #puppet
[2010/07/14 23:44:05] @ Quit: ecolitan: Remote host closed the connection
[2010/07/14 23:44:19] @ ecolitan joined channel #puppet
[2010/07/14 23:53:24] @ DbT_ joined channel #puppet
[2010/07/14 23:55:11] @ kenneho joined channel #puppet
[2010/07/14 23:56:25] @ themroc_319 is now known as themroc_26

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!