Sunday, 2011-11-20

[2011/11/20 00:04:32] @ Log started by gepetto
[2011/11/20 00:04:32] @ Quit: blahdeblah: Ping timeout: 248 seconds
[2011/11/20 00:09:13] @ Quit: sumsuch: Quit: sumsuch
[2011/11/20 00:11:33] @ Quit: neonflux: Read error: Connection reset by peer
[2011/11/20 00:11:42] @ neonflux joined channel #puppet
[2011/11/20 00:12:12] @ Quit: jsm: Quit: jsm
[2011/11/20 00:14:26] @ sumsuch joined channel #puppet
[2011/11/20 00:18:16] @ Quit: sarkis_: Ping timeout: 240 seconds
[2011/11/20 00:25:59] @ sarkis_ joined channel #puppet
[2011/11/20 00:27:47] @ msaum joined channel #puppet
[2011/11/20 00:27:55] @ msaum left channel #puppet ()
[2011/11/20 00:27:59] @ msaum joined channel #puppet
[2011/11/20 00:28:11] @ dissipate joined channel #puppet
[2011/11/20 00:28:41] <dissipate> hello, does anyone have info on what the general practice is for commands that have to be run as root in puppet?
[2011/11/20 00:28:58] <dissipate> do you put puppet in the sudoer's file?
[2011/11/20 00:33:51] @ Quit: ohadlevy: Quit: Leaving
[2011/11/20 00:34:13] @ ohadlevy_ is now known as ohadlevy
[2011/11/20 00:34:43] @ ohadlevy is now known as Guest67635
[2011/11/20 00:35:32] @ Quit: ^conner: Read error: Connection timed out
[2011/11/20 00:36:26] @ ^conner joined channel #puppet
[2011/11/20 00:37:57] @ Quit: sumsuch: Quit: sumsuch
[2011/11/20 00:41:49] @ Quit: dnjaramba: Ping timeout: 240 seconds
[2011/11/20 00:41:49] @ dnjaramba_ joined channel #puppet
[2011/11/20 00:42:29] @ Quit: mitchellh: Quit: Computer has gone to sleep
[2011/11/20 00:44:33] @ Guest67635 is now known as ohadlevy_
[2011/11/20 00:45:21] <Dominic> dissipate: the agent typically runs as root
[2011/11/20 00:46:15] @ Quit: dnjaramba_: Ping timeout: 252 seconds
[2011/11/20 00:46:43] @ dnjaramba joined channel #puppet
[2011/11/20 00:47:53] @ Quit: sarkis_: Ping timeout: 252 seconds
[2011/11/20 00:53:20] @ Quit: helindbe: Read error: Connection reset by peer
[2011/11/20 00:53:35] <dissipate> Dominic, i see, that makes sense. :O
[2011/11/20 00:54:07] <dissipate> Dominic, seems like a major security issue if your SSL gets compromised though.
[2011/11/20 00:54:25] @ helindbe joined channel #puppet
[2011/11/20 00:58:08] <dissipate> i'm curious about something. i understand the need to have fully qualified paths for commands running in puppet, but if you have to qualify the path for every command, how do you get around having a bunch of 'if' statements for different operating systems that have those commands' binaries in other paths?
[2011/11/20 01:00:59] @ Holocaine joined channel #puppet
[2011/11/20 01:15:01] @ Quit: alanna: Remote host closed the connection
[2011/11/20 01:15:24] @ alanna joined channel #puppet
[2011/11/20 01:17:49] @ Quit: tdb: Ping timeout: 240 seconds
[2011/11/20 01:19:44] @ Quit: alanna: Ping timeout: 248 seconds
[2011/11/20 01:25:21] @ Quit: neonflux: Quit: Leaving.
[2011/11/20 01:26:22] @ flex___ joined channel #puppet
[2011/11/20 01:29:14] @ ohadlevy_ is now known as ohadlevy
[2011/11/20 01:38:52] @ druggo joined channel #puppet
[2011/11/20 01:41:10] @ blahdeblah joined channel #puppet
[2011/11/20 01:41:29] <blahdeblah> Trying again: Am i right in thinking that the mailalias type does not automatically run "newaliaes" or the equivalent?
[2011/11/20 01:41:39] @ manlymatt83 joined channel #puppet
[2011/11/20 01:41:57] <manlymatt83> Question: if certdnsnames is no longer valid, what can I list under the [master] section so that there are subject alt names for my master certificate?
[2011/11/20 01:42:11] <manlymatt83> I have certname as "puppet.mydomain.com" but I also want some hosts to be able to connect as simply "puppet".
[2011/11/20 01:42:54] @ Quit: bje: Ping timeout: 276 seconds
[2011/11/20 01:44:02] @ Quit: msaum: Quit: Leaving.
[2011/11/20 01:47:08] @ roidelapluie joined channel #puppet
[2011/11/20 01:47:09] @ Quit: roidelapluie: Changing host
[2011/11/20 01:47:09] @ roidelapluie joined channel #puppet
[2011/11/20 01:49:12] @ bje joined channel #puppet
[2011/11/20 01:56:50] @ toi joined channel #puppet
[2011/11/20 02:00:52] @ msaum joined channel #puppet
[2011/11/20 02:01:58] @ Quit: emergion: Quit: later...
[2011/11/20 02:08:03] @ emergion joined channel #puppet
[2011/11/20 02:10:04] @ Quit: bmahe: Quit: Leaving
[2011/11/20 02:22:16] @ ohookins joined channel #puppet
[2011/11/20 02:22:23] <dissipate> has anyone noticed that to have puppet recursively chown a directory that has a lot of files and subdirectories takes a long time?
[2011/11/20 02:22:40] <dissipate> it's added a couple of minutes for me
[2011/11/20 02:25:53] <ohookins> a couple of minutes is nothing!
[2011/11/20 02:28:26] <dissipate> ohookins, oh yeah? have you added hours?
[2011/11/20 02:28:42] <ohookins> 15-20 minutes on some machines was not unheard of
[2011/11/20 02:28:50] @ mmoya joined channel #puppet
[2011/11/20 02:29:15] @ danikov joined channel #puppet
[2011/11/20 02:29:29] <ohookins> i believe it's a known performance issue, unless things have changed the last couple of months
[2011/11/20 02:30:08] @ Quit: ldlework: Ping timeout: 248 seconds
[2011/11/20 02:31:28] <dissipate> ohookins, i wonder if there is an 'onlyif' that can prevent it from checking over and over.
[2011/11/20 02:33:58] <ohookins> dissipate: you can limit when resources run with the schedule attribute
[2011/11/20 02:34:39] <dissipate> ohookins, i basically only need it to run once
[2011/11/20 02:34:49] <dissipate> because there is nothing that is going to overwrite the chown
[2011/11/20 02:41:51] <ohookins> might be easier for you to run the chown/chmod in an exec limited by an onlyif or unless
[2011/11/20 02:43:12] @ ldlework joined channel #puppet
[2011/11/20 02:47:37] <dissipate> ohookins, what would the onlyif command be?
[2011/11/20 02:48:32] <dissipate> i wonder if i can do this: schedule{chown: repeat => 1}
[2011/11/20 02:50:04] <ohookins> unless => 'stat ${myfile} --printf %U \| grep desireduserid'
[2011/11/20 02:50:11] @ elmer__ joined channel #puppet
[2011/11/20 02:50:15] <ohookins> there are probably better ways to do it
[2011/11/20 02:50:36] <ohookins> and that would need double quotes, not single
[2011/11/20 02:50:47] <ohookins> unless => "stat ${myfile} --printf %U \| grep desireduserid"
[2011/11/20 02:50:50] @ ohookins left channel #puppet ("Leaving.")
[2011/11/20 02:50:58] @ ohookins joined channel #puppet
[2011/11/20 02:54:38] @ Quit: OMCK: Read error: Operation timed out
[2011/11/20 02:57:27] @ mpdude_ joined channel #puppet
[2011/11/20 03:00:24] <dissipate> ohookins, i see, that makes sense. thanks for the tip.
[2011/11/20 03:01:00] @ Quit: mpdude: Ping timeout: 252 seconds
[2011/11/20 03:04:22] <dissipate> hmm, it seems Puppet doesn't get you that much farther away from imperative methods vs. declarative. it works pretty well for the package stuff and a few other things, but for a lot of stuff it seems you just have to run some command.
[2011/11/20 03:04:58] <Spads> dissipate: you can do a lot without that, really.
[2011/11/20 03:05:13] <Spads> dissipate: and the creates field is highly useful for execs
[2011/11/20 03:05:34] <Spads> to make them work more declaratively but when you need dynamic data (key generation, etc)
[2011/11/20 03:06:11] @ Quit: mscman: Ping timeout: 258 seconds
[2011/11/20 03:06:59] <dissipate> Spads, my config is relatively simple and i have several commands.
[2011/11/20 03:07:18] <dissipate> and now i'm going to be using the 'chown' command.
[2011/11/20 03:07:24] <Spads> wait, you're WHAT?
[2011/11/20 03:07:28] @ Quit: elmer__: Read error: Connection reset by peer
[2011/11/20 03:07:30] <Spads> you can assert permissions on files, you know
[2011/11/20 03:07:51] @ mscman joined channel #puppet
[2011/11/20 03:08:11] <dissipate> Spads, the performance of doing a recursive chown declaratively in puppet is bad.
[2011/11/20 03:08:32] <dissipate> it's added several minutes to my catalog update
[2011/11/20 03:08:33] * Spads nods
[2011/11/20 03:08:39] <Spads> yeah, that's a fair cop
[2011/11/20 03:08:53] <Spads> but that's a bug, really
[2011/11/20 03:09:21] <Spads> I mean I share your frustration on that, but there are typically declarative ways to do things that a lot of poeple just give up on and resort to exec when they don't have to
[2011/11/20 03:09:23] <dissipate> ohookins, gave me a good way around it, but it's a command.
[2011/11/20 03:09:48] * Spads nods
[2011/11/20 03:10:03] * ohookins shamefully hides in the corner
[2011/11/20 03:10:43] <dissipate> Spads, time to make an OS with a declarative scripting language? :O
[2011/11/20 03:16:40] @ Quit: ldlework: Ping timeout: 240 seconds
[2011/11/20 03:20:01] @ Quit: choonming: Read error: Connection timed out
[2011/11/20 03:20:45] @ choonming joined channel #puppet
[2011/11/20 03:20:55] <kjetilho> Puppet could use inotify to enforce this continuously
[2011/11/20 03:21:20] <kjetilho> just to point out one relatively low-impact solution (performancewise)
[2011/11/20 03:21:46] <Spads> kjetilho: except that puppet has to support systems that aren't Linux
[2011/11/20 03:22:04] <Spads> because freebsd is making a comebahahahahaahahahahahahaha
[2011/11/20 03:23:16] @ elmer__ joined channel #puppet
[2011/11/20 03:23:16] <kjetilho> Spads: Puppet has varying support anyway
[2011/11/20 03:23:23] <Spads> kjetilho: I know.
[2011/11/20 03:23:38] <Spads> kjetilho: there's whole core puppet resource types that only make sense on mackertoshes
[2011/11/20 03:23:54] <kjetilho> and selinux
[2011/11/20 03:24:01] <Spads> which is great if you're a padophile, but totally irrelevant to freedom-lovers
[2011/11/20 03:24:05] <Spads> haha yeah
[2011/11/20 03:24:15] <Spads> boy was that ever a sad story
[2011/11/20 03:24:21] <dissipate> Spads, didn't you hear? it's all about GNU Hurd
[2011/11/20 03:24:37] <Spads> dissipate: no way! hurd-ng!
[2011/11/20 03:25:17] <kjetilho> on Solaris, it could use event ports (IIRC)
[2011/11/20 03:25:29] <kjetilho> I'm sure FreeBSD has a usable API for this, too
[2011/11/20 03:25:48] <kjetilho> people with file managers on their desktop aren't happy without it
[2011/11/20 03:25:54] <Spads> yeah, there's probably efficient notifications you could use to collect change events
[2011/11/20 03:26:04] <Spads> on any system you care about
[2011/11/20 03:26:10] <Spads> anything you're willing to put in production
[2011/11/20 03:27:24] <Spads> so then comes the question of what you do on a reboot, or if puppet is run from cron or...
[2011/11/20 03:27:59] <kjetilho> you use today's code
[2011/11/20 03:28:13] * Spads nods
[2011/11/20 03:28:25] <Spads> naming things, off-by-one errors, and cache invalidation...
[2011/11/20 03:28:33] <kjetilho> I wouldn't hold my breath, though :-)
[2011/11/20 03:28:34] <dissipate> huh? is puppet even set up to listen to file change events??
[2011/11/20 03:29:04] <Spads> dissipate: scroll back. we're proposing an enhancement
[2011/11/20 03:31:17] <dissipate> Spads, I see. my bad.
[2011/11/20 03:31:52] @ Quit: dkr: Ping timeout: 258 seconds
[2011/11/20 03:31:57] <dissipate> ohookins, btw, that tip you gave me for chown just totally eliminated that long wait. thanks.
[2011/11/20 03:32:53] @ dkr joined channel #puppet
[2011/11/20 03:36:26] @ tdb joined channel #puppet
[2011/11/20 03:38:03] <dissipate> what's the status of puppet in the IT community? i've talked to several sysadmins. they said they have heard of puppet but they hadn't done anything with it. is this typical?
[2011/11/20 03:39:45] @ Quit: mmoya: Read error: Operation timed out
[2011/11/20 03:41:07] @ Gibheer joined channel #puppet
[2011/11/20 03:41:32] <Gibheer> why is solaris not supported for servers? i could not find any hint on that
[2011/11/20 03:42:45] <dissipate> Gibheer, that's news to me. i thought it was.
[2011/11/20 03:43:15] <Gibheer> in the documentation, it says, that it's only supported as an agent
[2011/11/20 03:43:49] <Gibheer> i have a openindiana box here and as it did not start the server, i took a look and could not find any hint, that it was supported
[2011/11/20 03:44:59] <Gibheer> Cannot determine basic system flavour (Puppet::Error) <== that's the message i get with puppetd --help
[2011/11/20 03:45:07] <Gibheer> the factor is running fine
[2011/11/20 03:48:08] <kjetilho> Gibheer: I guess they just don't want to test the required gems on Solaris
[2011/11/20 03:48:23] <kjetilho> and especially on Solaris <= 10 it would be a real pain
[2011/11/20 03:48:39] <Gibheer> yeah
[2011/11/20 03:49:10] <Gibheer> but they could test on solaris 11 or openindiana
[2011/11/20 03:49:36] <Gibheer> do you know, where the tests are located, so that i can get it working?
[2011/11/20 03:51:06] @ manlymatt83 left channel #puppet ()
[2011/11/20 03:52:42] @ Quit: Holocaine:
[2011/11/20 03:54:49] <dissipate> Gibheer, seems like something you could contribute to the puppet community if you could get the server to run on solaris.
[2011/11/20 03:55:00] <dissipate> i heard puppetlabs is hiring as well...
[2011/11/20 03:55:43] @ OMCK joined channel #puppet
[2011/11/20 03:56:08] <Gibheer> that's why i'm asking, where i could begin
[2011/11/20 03:56:51] <Gibheer> to fix puppet would be the simplest solution to coding my own system or trying to get chef working
[2011/11/20 03:58:12] @ Quit: emergion: Quit: later...
[2011/11/20 04:00:49] @ Quit: msaum: Quit: Leaving.
[2011/11/20 04:01:42] @ Quit: dissipate: Ping timeout: 245 seconds
[2011/11/20 04:01:44] @ agagag joined channel #puppet
[2011/11/20 04:02:44] @ dbgster joined channel #puppet
[2011/11/20 04:04:53] <kjetilho> Gibheer: first step is Passenger in general I guess? does that work on OI?
[2011/11/20 04:05:15] <kjetilho> you really don't want to run either Mongrel or shudder Webbrick
[2011/11/20 04:05:26] <Gibheer> it should work, i think
[2011/11/20 04:05:44] @ BManojlovic joined channel #puppet
[2011/11/20 04:05:44] @ Quit: BManojlovic: Changing host
[2011/11/20 04:05:44] @ BManojlovic joined channel #puppet
[2011/11/20 04:05:45] <Gibheer> did not try it till now, as it wasn't mentioned anywhere
[2011/11/20 04:07:12] <kjetilho> it's not strictly a requirement
[2011/11/20 04:07:41] <kjetilho> but Webbrick performance is so bad it is only useful for testing/demo
[2011/11/20 04:08:13] <Gibheer> yeah
[2011/11/20 04:08:57] <Gibheer> looks good so far
[2011/11/20 04:09:03] <Gibheer> i would say, yes it works
[2011/11/20 04:09:23] <kjetilho> great, that's a good start
[2011/11/20 04:09:37] <kjetilho> means that Rubygems aren't totally useless on OI :)
[2011/11/20 04:09:53] <Gibheer> i'm using rvm
[2011/11/20 04:10:06] <Gibheer> who would use rubygems from any distro ;)
[2011/11/20 04:11:12] <kjetilho> doesn't help if the gems themselves has hidden dependencies
[2011/11/20 04:12:43] @ emergion joined channel #puppet
[2011/11/20 04:12:46] <Gibheer> that's true, but i hope there isn't anything, that can't be solved
[2011/11/20 04:13:47] <Spads> webbrick also makes an excellent brick.
[2011/11/20 04:15:39] <Gibheer> kjetilho: would puppet work with thin or unicorn too?
[2011/11/20 04:15:46] <kjetilho> never heard of them
[2011/11/20 04:17:01] <Gibheer> okay, i take that as a yes :D
[2011/11/20 04:18:42] <Spads> do you mean gunicorn?
[2011/11/20 04:20:07] <Gibheer> http://unicorn.bogomips.org/ <== this one
[2011/11/20 04:20:19] <Spads> Oh
[2011/11/20 04:20:43] <Gibheer> or this one http://code.macournoyer.com/thin/
[2011/11/20 04:24:43] @ Quit: Spads: Ping timeout: 244 seconds
[2011/11/20 04:43:37] @ skm joined channel #puppet
[2011/11/20 04:45:22] @ steki-BLAH joined channel #puppet
[2011/11/20 04:45:34] @ Quit: steki-BLAH: Changing host
[2011/11/20 04:45:34] @ steki-BLAH joined channel #puppet
[2011/11/20 04:45:44] @ dissipate joined channel #puppet
[2011/11/20 04:45:57] @ Quit: BManojlovic: Read error: Operation timed out
[2011/11/20 04:46:02] @ steki-BLAH is now known as BManojlovic
[2011/11/20 04:54:52] @ Quit: elmer__: Read error: Connection reset by peer
[2011/11/20 04:55:28] @ elmer__ joined channel #puppet
[2011/11/20 05:00:23] @ ohookins left channel #puppet ("Leaving.")
[2011/11/20 05:07:38] @ Quit: emergion: Quit: later...
[2011/11/20 05:11:14] @ ukd1 joined channel #puppet
[2011/11/20 05:17:36] @ emergion joined channel #puppet
[2011/11/20 05:23:00] @ Quit: n0ts_: Ping timeout: 244 seconds
[2011/11/20 05:24:21] @ elmer__ is now known as e1mer
[2011/11/20 05:24:29] @ Quit: e1mer: Changing host
[2011/11/20 05:24:29] @ e1mer joined channel #puppet
[2011/11/20 05:27:11] @ n0ts_ joined channel #puppet
[2011/11/20 05:27:55] @ Quit: nimrod10: Quit: Coyote finally caught me
[2011/11/20 05:32:19] @ Quit: emergion: Quit: later...
[2011/11/20 05:33:39] @ Quit: Will\|: Ping timeout: 276 seconds
[2011/11/20 05:36:20] @ Quit: zipkid: .net .split
[2011/11/20 05:36:20] @ Quit: idn: .net .split
[2011/11/20 05:36:21] @ Quit: supplicant: .net .split
[2011/11/20 05:36:22] @ Quit: bzrk: .net .split
[2011/11/20 05:36:23] @ Quit: CoolCold: .net .split
[2011/11/20 05:36:24] @ Quit: mburns: .net .split
[2011/11/20 05:36:24] @ Quit: omry: .net .split
[2011/11/20 05:36:24] @ Quit: fim: .net .split
[2011/11/20 05:36:26] @ Quit: Sil4nc4: .net .split
[2011/11/20 05:36:28] @ Quit: wereHamster: .net .split
[2011/11/20 05:36:29] @ Quit: mfournier: .net .split
[2011/11/20 05:36:30] @ Quit: ^scott^: .net .split
[2011/11/20 05:36:30] @ Quit: apollo13: .net .split
[2011/11/20 05:36:31] @ Quit: kjetilho: .net .split
[2011/11/20 05:36:32] @ Quit: nxhack: .net .split
[2011/11/20 05:36:32] @ Quit: tobert: .net .split
[2011/11/20 05:36:32] @ Quit: HelgeO: .net .split
[2011/11/20 05:36:33] @ Quit: joemiller: .net .split
[2011/11/20 05:36:33] @ Quit: sietse_: .net .split
[2011/11/20 05:36:34] @ Quit: dpash: .net .split
[2011/11/20 05:36:35] @ Quit: joshbeci_: .net .split
[2011/11/20 05:36:35] @ Quit: anrxc: .net .split
[2011/11/20 05:36:36] @ Quit: elementai: .net .split
[2011/11/20 05:36:38] @ Quit: walkeran: .net .split
[2011/11/20 05:36:38] @ Quit: Zoiah: .net .split
[2011/11/20 05:36:40] @ Quit: slapster: .net .split
[2011/11/20 05:36:40] @ Quit: blast_hardcheese: .net .split
[2011/11/20 05:36:41] @ Quit: Corey: .net .split
[2011/11/20 05:36:41] @ Quit: Dantman: .net .split
[2011/11/20 05:36:42] @ Quit: wilco: .net .split
[2011/11/20 05:36:42] @ Quit: nibalizer: .net .split
[2011/11/20 05:36:43] @ Quit: haus: .net .split
[2011/11/20 05:36:43] @ Quit: glarizza: .net .split
[2011/11/20 05:36:44] @ Quit: TREllis: .net .split
[2011/11/20 05:36:45] @ Quit: v: .net .split
[2011/11/20 05:36:45] @ Quit: mattrobinson: .net .split
[2011/11/20 05:36:46] @ Quit: crashmag_: .net .split
[2011/11/20 05:36:47] @ Quit: Zeelot: .net .split
[2011/11/20 05:36:47] @ Quit: samppah: .net .split
[2011/11/20 05:36:47] @ Quit: nico: .net .split
[2011/11/20 05:36:48] @ Quit: Sub_Oracle: .net .split
[2011/11/20 05:36:48] @ Quit: zaargy: .net .split
[2011/11/20 05:36:49] @ Quit: jokajak: .net .split
[2011/11/20 05:36:49] @ Quit: chequers: .net .split
[2011/11/20 05:36:49] @ Quit: adedommelin: .net .split
[2011/11/20 05:36:50] @ Quit: hajile: .net .split
[2011/11/20 05:36:50] @ Quit: nlew: .net .split
[2011/11/20 05:36:51] @ Quit: _rc: .net .split
[2011/11/20 05:36:52] @ SubOracle joined channel #puppet
[2011/11/20 05:36:52] @ hajile_ joined channel #puppet
[2011/11/20 05:36:52] @ kjetilho joined channel #puppet
[2011/11/20 05:36:52] @ HelgeO joined channel #puppet
[2011/11/20 05:36:52] @ DanielFriesen joined channel #puppet
[2011/11/20 05:36:52] @ bzrk joined channel #puppet
[2011/11/20 05:36:52] @ glarizza_ joined channel #puppet
[2011/11/20 05:36:52] @ nlew_ joined channel #puppet
[2011/11/20 05:36:52] @ _rc_ joined channel #puppet
[2011/11/20 05:36:52] @ zaargy_ joined channel #puppet
[2011/11/20 05:36:52] @ idn joined channel #puppet
[2011/11/20 05:36:52] @ mfournier joined channel #puppet
[2011/11/20 05:36:52] @ Sil4nc4 joined channel #puppet
[2011/11/20 05:36:52] @ ^scott^ joined channel #puppet
[2011/11/20 05:36:52] @ mattrobi1son joined channel #puppet
[2011/11/20 05:36:52] @ samppah joined channel #puppet
[2011/11/20 05:36:52] @ Zoiah joined channel #puppet
[2011/11/20 05:36:52] @ dpash joined channel #puppet
[2011/11/20 05:36:52] @ CoolCold joined channel #puppet
[2011/11/20 05:36:52] @ zipkid joined channel #puppet
[2011/11/20 05:36:53] @ joemiller joined channel #puppet
[2011/11/20 05:36:53] @ nico joined channel #puppet
[2011/11/20 05:36:53] @ sietse_ joined channel #puppet
[2011/11/20 05:36:53] @ fim joined channel #puppet
[2011/11/20 05:36:53] @ haus joined channel #puppet
[2011/11/20 05:36:53] @ adedommelin joined channel #puppet
[2011/11/20 05:36:53] @ TREllis joined channel #puppet
[2011/11/20 05:36:53] @ tobert joined channel #puppet
[2011/11/20 05:36:54] @ Corey joined channel #puppet
[2011/11/20 05:36:54] @ Quit: ecolitan: Excess Flood
[2011/11/20 05:36:54] @ joshbeci joined channel #puppet
[2011/11/20 05:36:54] @ crashmag joined channel #puppet
[2011/11/20 05:36:54] @ supplicant joined channel #puppet
[2011/11/20 05:36:54] @ jokajak joined channel #puppet
[2011/11/20 05:36:54] @ anrxc joined channel #puppet
[2011/11/20 05:36:54] @ omry joined channel #puppet
[2011/11/20 05:36:54] @ wereHamster joined channel #puppet
[2011/11/20 05:36:55] @ nibalizer joined channel #puppet
[2011/11/20 05:36:55] @ ecolitan joined channel #puppet
[2011/11/20 05:37:03] @ wilco joined channel #puppet
[2011/11/20 05:37:04] @ elementai joined channel #puppet
[2011/11/20 05:37:19] @ slapster joined channel #puppet
[2011/11/20 05:37:26] @ mburns joined channel #puppet
[2011/11/20 05:37:31] @ clover-leaf joined channel #puppet
[2011/11/20 05:37:51] @ d3c joined channel #puppet
[2011/11/20 05:37:53] @ apollo13 joined channel #puppet
[2011/11/20 05:38:16] <d3c> I have a package named the same but from two different providers, yum and gem. how may I install both? (optipng)
[2011/11/20 05:38:58] <d3c> puppet complains about duplicate package name even though I specify a different provider on each package
[2011/11/20 05:39:08] @ nxhack joined channel #puppet
[2011/11/20 05:40:18] @ walkeran joined channel #puppet
[2011/11/20 05:41:23] <kjetilho> d3c: you need to use package { "gem-foo": name => 'foo', provider => 'gem' }
[2011/11/20 05:41:44] <d3c> kjetilho: ah, thanks
[2011/11/20 05:41:57] @ blast_hardcheese joined channel #puppet
[2011/11/20 05:44:18] <d3c> kjetilho: can I specify multiple packages in name? e.g. package { 'x' : name => [ 1, 2, 3 ], ... I know this works for package { [1, 2, 3] : ...
[2011/11/20 05:45:58] <kjetilho> no
[2011/11/20 05:46:13] <kjetilho> you mean to make your own groups?
[2011/11/20 05:46:34] @ v joined channel #puppet
[2011/11/20 05:46:37] <d3c> yeah, like a group with deps for some other resource
[2011/11/20 05:46:59] <kjetilho> it is common to use classes for that
[2011/11/20 05:48:32] <d3c> well, that's right
[2011/11/20 05:49:13] @ Zeelot joined channel #puppet
[2011/11/20 05:50:21] @ Quit: wereHamster: Read error: Connection reset by peer
[2011/11/20 06:06:02] @ Quit: cwebber: Remote host closed the connection
[2011/11/20 06:10:39] @ jaytaph joined channel #puppet
[2011/11/20 06:12:46] @ Quit: ohadlevy: Ping timeout: 260 seconds
[2011/11/20 06:16:34] @ ohadlevy joined channel #puppet
[2011/11/20 06:17:04] @ Quit: skm: Quit: Computer has gone to sleep.
[2011/11/20 06:25:47] @ Spads joined channel #puppet
[2011/11/20 06:26:19] @ wereHamster joined channel #puppet
[2011/11/20 06:30:38] @ jonhattan joined channel #puppet
[2011/11/20 06:32:08] @ Quit: ohadlevy: Read error: Connection timed out
[2011/11/20 06:32:32] @ ohadlevy joined channel #puppet
[2011/11/20 06:34:14] @ Quit: BManojlovic: Remote host closed the connection
[2011/11/20 06:34:24] @ pfo joined channel #puppet
[2011/11/20 06:35:23] @ Quit: illsci: Quit: Read error: 3.1415926535 (Excessive pi)
[2011/11/20 06:36:35] @ Quit: Spads: Ping timeout: 252 seconds
[2011/11/20 06:41:20] @ Quit: omry: Ping timeout: 248 seconds
[2011/11/20 06:42:12] <Dominic> dissipate: sorry, I've been out today. To respond to your earlier point, it's a huge security vuln if your puppetmaster was compromised... but adding sudo won't help unless you were incredibly strict about commands/files it could edit. Even still, I doubt you'd have a problem escalating to root.
[2011/11/20 06:43:18] <Dominic> dissipate: and re setting PATH for execs, use resource defaults (see the language guide) and selectors based on the OS to set up the "path" parameter of the exec defaults, you'll only have to do it once then.
[2011/11/20 06:43:46] <dissipate> Dominic, i see. i have set up autosigning, but i have set up a firewall to block incoming connections from outside sources. probably not the most secure, but it will have to do for now. :/
[2011/11/20 06:44:00] @ omry joined channel #puppet
[2011/11/20 06:44:40] <Dominic> yeah, autosigning isn't best if you can avoid it, e.g. tying in signing to your server provisioning process
[2011/11/20 06:46:01] <Dominic> (though for the opposite reason to earlier, as you'd leak possibly sensitive information to an attacker)
[2011/11/20 06:49:12] <dissipate> Dominic, i'm not so sure about the 'declarative' nature of puppet. it seems one still must use a lot of 'execs' to get things set up. although, it helps a lot with packages.
[2011/11/20 06:49:48] @ illsci joined channel #puppet
[2011/11/20 06:50:36] <Dominic> depends what you're doing, I don't find myself needing many at all
[2011/11/20 06:51:05] <dissipate> Dominic, my configuration is not that complex and i have already used a number of execs.
[2011/11/20 06:51:21] <Dominic> perhaps you need some new types or providers instead
[2011/11/20 06:51:55] <dissipate> i also had to swap out a recursive 'chown' declaration for an actual 'chown' exec due to major performance issues (the declaration added several minutes to the puppet catalog update)
[2011/11/20 06:52:20] <supplicant> I have this same problem ^^
[2011/11/20 06:52:28] <dissipate> but apparently this is a known issue
[2011/11/20 06:53:33] <Dominic> there was a fix for one file serving performance issue in 2.7.7rc2, but generally it is a problem. The solution is normally to use a package.
[2011/11/20 06:55:24] <Dominic> ( #9671 was in 2.7.7rc2 )
[2011/11/20 06:55:24] <gepetto> Dominic: #9671 is http://projects.puppetlabs.com/issues/show/9671 "Puppet - Bug #9671: transaction eval_generate slow on many files in recurse managed directory. It has a status of Merged - Pending Release and is assigned to Josh Cooper"
[2011/11/20 06:56:44] @ Quit: ohadlevy: Quit: ZNC - http://znc.in
[2011/11/20 06:57:02] @ ohadlevy joined channel #puppet
[2011/11/20 07:00:48] @ Quit: ukd1: Ping timeout: 252 seconds
[2011/11/20 07:00:52] @ Quit: justdave: Read error: Connection reset by peer
[2011/11/20 07:00:58] @ justdave joined channel #puppet
[2011/11/20 07:01:47] @ Quit: flex___: Ping timeout: 244 seconds
[2011/11/20 07:07:33] @ Quit: Wolfspyre: Quit: Leaving.
[2011/11/20 07:08:22] @ Wolfspyre joined channel #puppet
[2011/11/20 07:08:59] @ Quit: ohadlevy: Quit: ZNC - http://znc.in
[2011/11/20 07:09:04] @ ohadlevy joined channel #puppet
[2011/11/20 07:13:32] @ chadskidmore joined channel #puppet
[2011/11/20 07:14:46] @ Spads joined channel #puppet
[2011/11/20 07:18:06] @ mmoya joined channel #puppet
[2011/11/20 07:23:31] @ Quit: e1mer: Read error: Connection reset by peer
[2011/11/20 07:25:08] @ Quit: ohadlevy: Read error: Connection timed out
[2011/11/20 07:26:33] @ ohadlevy joined channel #puppet
[2011/11/20 07:26:52] @ mattr- joined channel #puppet
[2011/11/20 07:26:52] @ Quit: mattr-: Changing host
[2011/11/20 07:26:52] @ mattr- joined channel #puppet
[2011/11/20 07:27:04] @ Quit: mattr: Ping timeout: 240 seconds
[2011/11/20 07:32:53] @ rcrowley joined channel #puppet
[2011/11/20 07:36:42] @ Quit: bobbyz: Quit: Leaving
[2011/11/20 07:42:19] @ e1mer joined channel #puppet
[2011/11/20 07:42:21] @ Quit: ohadlevy: Read error: Connection timed out
[2011/11/20 07:42:31] @ Quit: pfo: Quit: pfo
[2011/11/20 07:44:32] @ ohadlevy joined channel #puppet
[2011/11/20 07:52:08] @ cwebber joined channel #puppet
[2011/11/20 07:57:18] @ Quit: cwebber: Ping timeout: 276 seconds
[2011/11/20 07:57:54] @ Quit: ohadlevy: Ping timeout: 258 seconds
[2011/11/20 07:59:33] @ ohadlevy joined channel #puppet
[2011/11/20 08:04:10] @ Quit: Ned_: Ping timeout: 244 seconds
[2011/11/20 08:04:49] @ Quit: samc: Ping timeout: 244 seconds
[2011/11/20 08:07:39] @ jsm joined channel #puppet
[2011/11/20 08:12:33] @ Ned_ joined channel #puppet
[2011/11/20 08:14:04] @ neonflux joined channel #puppet
[2011/11/20 08:17:37] <jpalmer> I know there is a ${module_name} var. is there one to get the class name? I'm envisioning a single template file that is usable by several classes.. the template could have an 'if' defined for various classes.
[2011/11/20 08:20:13] @ cwebber joined channel #puppet
[2011/11/20 08:21:12] <illsci> hmm
[2011/11/20 08:21:14] @ samc joined channel #puppet
[2011/11/20 08:21:26] <illsci> I have Class['apt::install'] -> Class['apt::repos'] -> Class['apt::update'] in my apt init.pp and I run it in stage pre...
[2011/11/20 08:21:54] <illsci> but I'm seeing that everytime this happens on hosts when I build it the apt-get update in apt::update is happening beofre the apt::repos modules are called
[2011/11/20 08:22:38] <jpalmer> have class apt::update require class apt::repos
[2011/11/20 08:23:06] <jpalmer> that'll make sure the repos are installed first.
[2011/11/20 08:23:21] @ skm joined channel #puppet
[2011/11/20 08:23:29] <illsci> ahttp://pastebin.com/bDVVNxt5
[2011/11/20 08:23:45] @ sdog joined channel #puppet
[2011/11/20 08:23:56] @ Quit: sdog: Changing host
[2011/11/20 08:23:56] @ sdog joined channel #puppet
[2011/11/20 08:24:02] <illsci> why does apt::install and apt::update happen in stage pre but the apt::repos::blah's happen in main
[2011/11/20 08:24:06] <illsci> I think that's the issue...
[2011/11/20 08:24:21] <illsci> I would have thought that they would all happen in pre
[2011/11/20 08:24:29] <illsci> install -> repos -> update
[2011/11/20 08:25:04] <illsci> I have class { 'apt': stage => 'pre', }
[2011/11/20 08:25:20] @ Quit: cwebber: Read error: Operation timed out
[2011/11/20 08:25:28] <illsci> so why wouldn't it include apt in the pre stage and run its modules classes in order as defined in init.pp
[2011/11/20 08:26:37] <illsci> jpalmer: isn't Class['apt::install'] -> Class['apt::repos'] -> Class['apt::update'] saying apt::install requires apt::repos: which requires the update
[2011/11/20 08:27:00] <illsci> uhmm... so that sounds backwards actually..
[2011/11/20 08:27:36] <illsci> I still don't get why they don't all happen in the "pre" stage
[2011/11/20 08:29:27] <joe-mac> because they are distinct classes
[2011/11/20 08:29:41] <joe-mac> apt::service unless included in ::apt you can't set the stage like that
[2011/11/20 08:29:51] <joe-mac> you have to say apt::service stage main probably
[2011/11/20 08:30:24] <illsci> so I run ::apt in pre... and it's init.pp includes install and update and repos
[2011/11/20 08:30:29] <illsci> install and update run in pre
[2011/11/20 08:30:43] <illsci> but the repos doesn't... and all it does is include other repos::somerepo
[2011/11/20 08:30:57] @ Quit: skm: Quit: Computer has gone to sleep.
[2011/11/20 08:30:58] <illsci> I don't see why install and update end up in pre
[2011/11/20 08:31:49] <illsci> http://pastebin.com/j6sRhsAM
[2011/11/20 08:31:53] <illsci> thats what the whole thing looks like
[2011/11/20 08:32:43] <illsci> is it because I use top scope in that repos class...
[2011/11/20 08:32:44] <illsci> hmm
[2011/11/20 08:34:41] <illsci> joe-mac: So apt::repos IS included in ::apt...
[2011/11/20 08:35:47] @ artista_frustrad joined channel #puppet
[2011/11/20 08:36:39] @ cwebber joined channel #puppet
[2011/11/20 08:42:57] @ Quit: artista_frustrad: Ping timeout: 244 seconds
[2011/11/20 08:45:03] @ Quit: cwebber: Ping timeout: 258 seconds
[2011/11/20 08:51:48] <illsci> yeah I'm just not understanding how parts of an included class that are set to run at stage pre doesn't have all of the stuff it includes run in the same stage
[2011/11/20 08:51:50] <illsci> or how to make that happen
[2011/11/20 08:52:07] <illsci> If I add in apt::repos to stage pre it complains that apt is already defined
[2011/11/20 08:56:02] @ artista_frustrad joined channel #puppet
[2011/11/20 08:58:50] @ countskm joined channel #puppet
[2011/11/20 09:00:47] @ gniks joined channel #puppet
[2011/11/20 09:04:23] @ Gibheer left channel #puppet ()
[2011/11/20 09:08:53] @ samkottler joined channel #puppet
[2011/11/20 09:11:10] @ Quit: jonhattan: Quit: Ex-Chat
[2011/11/20 09:11:51] @ msaum joined channel #puppet
[2011/11/20 09:20:52] @ indigo joined channel #puppet
[2011/11/20 09:21:22] @ Quit: samkottler: Quit: Leaving.
[2011/11/20 09:22:08] <indigo> if class A references a variable in class B, how can I declare in class A that it requires class B, and assure that the variables defined in B will be available in A, without actually evaluating class B (as "include b" would do)
[2011/11/20 09:22:20] @ samkottler joined channel #puppet
[2011/11/20 09:23:02] <indigo> I can do "Class['b'] -> Class['a']", and there will be an error if i don't somewhere include a or b, but if i do them in the wrong order, all the references to b's variables from a will be undef.
[2011/11/20 09:25:50] @ Quit: e1mer: Read error: Connection reset by peer
[2011/11/20 09:26:00] @ trickyf joined channel #puppet
[2011/11/20 09:26:03] @ zwi joined channel #puppet
[2011/11/20 09:34:13] @ Quit: cmoates: Ping timeout: 244 seconds
[2011/11/20 09:34:32] @ cmoates joined channel #puppet
[2011/11/20 09:39:14] @ Ashutto joined channel #puppet
[2011/11/20 09:40:37] @ Quit: duerF: Ping timeout: 240 seconds
[2011/11/20 09:41:25] @ ghg joined channel #puppet
[2011/11/20 09:41:52] @ eft left channel #puppet ()
[2011/11/20 09:41:56] @ Quit: ghg: Client Quit
[2011/11/20 09:44:26] @ Quit: chadskidmore: Quit: Computer has gone to sleep.
[2011/11/20 09:45:15] @ mcarpent joined channel #puppet
[2011/11/20 09:50:27] @ sumsuch joined channel #puppet
[2011/11/20 09:51:46] <joe-mac> illsci: you still need to dfine the stafge for it
[2011/11/20 09:52:14] <joe-mac> when I tested stages I found that it doesn't propagate like that
[2011/11/20 09:52:24] <joe-mac> and some other quirks related to variable scope
[2011/11/20 09:52:56] <joe-mac> indigo: you don't need a requirement for that
[2011/11/20 09:53:36] <joe-mac> are you sure you're referencing them right?
[2011/11/20 09:54:58] @ duerF joined channel #puppet
[2011/11/20 10:00:49] @ mitchellh joined channel #puppet
[2011/11/20 10:01:32] @ trickyf left channel #puppet ()
[2011/11/20 10:02:08] @ giskard left channel #puppet ()
[2011/11/20 10:04:07] @ Quit: meltemi: Remote host closed the connection
[2011/11/20 10:05:16] @ meltemi joined channel #puppet
[2011/11/20 10:06:58] @ sarkis_ joined channel #puppet
[2011/11/20 10:08:59] <indigo> joe-mac: i'm not sure. But I can't explain otherwise :(
[2011/11/20 10:09:35] <indigo> the line in question is command_line => "$nagios::plugins::check_procs -w $totalprocswarn -c $totalprocscrit",
[2011/11/20 10:09:53] @ Quit: dissipate: Read error: Operation timed out
[2011/11/20 10:09:59] <joe-mac> can you try puytting the variable in {}
[2011/11/20 10:10:02] <indigo> $nagios::plugins::check_procs is expanding to '' on one node, but the correct path on all the other nodes
[2011/11/20 10:10:08] <joe-mac> like ${nagios::plugins::check_procs}
[2011/11/20 10:10:24] <joe-mac> oh- you're not including it at all
[2011/11/20 10:10:43] <indigo> including what all?
[2011/11/20 10:11:00] <joe-mac> is nagios::plugins included on the node where that var doesn't expand?
[2011/11/20 10:11:14] <indigo> yes
[2011/11/20 10:12:01] <indigo> i have a class server which does "include nagios::plugins" and then "include nagios::procs" (this is where that line is)
[2011/11/20 10:12:37] <indigo> it's included on all my servers. But, on one node, i need some different settinsg for nagios::procs, so in that node definition, i do "class {"nagios::procs": ...} before i do "include server".
[2011/11/20 10:12:43] <indigo> it's on that node that i have the problem.
[2011/11/20 10:13:24] <indigo> i'm simplifying quite a bit, but i think that's the relevant difference.
[2011/11/20 10:14:40] @ Quit: mcarpent: Quit: Thanks for the fish.
[2011/11/20 10:15:31] <indigo> i'm trying to make a minimal reproduction. give me a sec.
[2011/11/20 10:18:57] @ matchaw_ joined channel #puppet
[2011/11/20 10:19:16] @ sascha_ joined channel #puppet
[2011/11/20 10:20:33] <indigo> yeah, this doesn't make sense at all. When I try to reproduce, I get errors like warning: Scope(Class[A]): Could not look up qualified variable 'b::message'; class b has not been evaluated
[2011/11/20 10:20:38] <sascha_> question about the file type. If I say file /etc/foo.conf and source => foo.conf, will puppet know to look inside the same module/files dir? Or do I really have to specify the path for puppet to identify the file?
[2011/11/20 10:21:08] <indigo> sascha_: use source => "puppet:///modules/MODULENAME/foo.conf"
[2011/11/20 10:21:31] <indigo> source => "foo.conf" will probably result in some error.
[2011/11/20 10:21:54] <sascha_> ok
[2011/11/20 10:21:54] <indigo> or maybe it will look for foo.conf is whatever happens to be the CWD, which isn't really useful.
[2011/11/20 10:21:58] <sascha_> no
[2011/11/20 10:22:18] <sascha_> I would just assume that information inside the same module would know to be self referencing
[2011/11/20 10:22:34] <sascha_> I don't know why my class would be looking outside the module for a file template
[2011/11/20 10:22:58] <indigo> i use files from other modules
[2011/11/20 10:23:09] <indigo> it's not something i do often, but i do it
[2011/11/20 10:24:00] <indigo> /etc/puppet.fileserver.conf also allows one to set up other repositories of files. i don't use it. I gather it's fallen in favor to modules.
[2011/11/20 10:24:10] <sascha_> right, so I'd think that would be the special case, instead of referencing files from within the module
[2011/11/20 10:24:23] <indigo> sure. but explicit is better than implicit.
[2011/11/20 10:24:32] <indigo> and besides, "foo.conf" isn't a URI.
[2011/11/20 10:24:32] <sascha_> ok
[2011/11/20 10:27:08] @ verwilst joined channel #puppet
[2011/11/20 10:31:22] @ joshcooper joined channel #puppet
[2011/11/20 10:34:51] @ Quit: joshcooper: Client Quit
[2011/11/20 10:46:32] <indigo> it would be rather nice if attempting to stick undef in a string was an error, rather than a silent failure.
[2011/11/20 10:46:46] <indigo> foo=undef; "$foo" -> failure, not "".
[2011/11/20 10:47:25] <illsci> I need to a2enmod a bunch of apache modules as part of my config.pp
[2011/11/20 10:47:32] <illsci> What's a good way to do that... exec?
[2011/11/20 10:47:55] <illsci> I have to look up the exec options... I'm always curious how to use them for different types of operations..
[2011/11/20 10:48:38] <indigo> i manage modules by making the symlinks directly with puppet.
[2011/11/20 10:48:46] <illsci> werd
[2011/11/20 10:50:21] <indigo> i guess you could use exec, and use the "creates" parameter to avoid executing a2enmod each run (though it's already idempotent, so wouldn't really hurt anything)
[2011/11/20 10:50:48] @ Quit: Jenza: Quit: ''
[2011/11/20 10:51:47] @ mpdude joined channel #puppet
[2011/11/20 10:53:08] @ Quit: mitchellh: Quit: Computer has gone to sleep
[2011/11/20 10:53:51] @ Quit: mpdude_: Ping timeout: 258 seconds
[2011/11/20 10:55:05] @ Quit: matchaw_: Ping timeout: 240 seconds
[2011/11/20 10:56:13] @ jonhattan joined channel #puppet
[2011/11/20 10:57:02] @ chadskidmore joined channel #puppet
[2011/11/20 10:57:04] @ Quit: jonhattan: Client Quit
[2011/11/20 10:57:09] <illsci> do you use absolute paths in your links?
[2011/11/20 10:57:38] <illsci> I wonder how you would do that... all the other symlinks are created in that dir and use relative paths..
[2011/11/20 10:58:04] @ Quit: omry: Ping timeout: 258 seconds
[2011/11/20 10:58:09] <indigo> puppet can make relative symlinks
[2011/11/20 10:58:19] <indigo> but i use absolute symlinks for a different reason
[2011/11/20 10:59:18] @ omry joined channel #puppet
[2011/11/20 11:00:27] <indigo> but really, maybe execing a2enmod is the way to go. The reason i'm not doing it might boil down to laziness.
[2011/11/20 11:00:45] @ larstobi joined channel #puppet
[2011/11/20 11:00:49] @ Quit: larstobi: Client Quit
[2011/11/20 11:00:51] <indigo> i guess not using it has advantages if you want to manage non-debian hosts.
[2011/11/20 11:01:58] @ Quit: dnjaramba:
[2011/11/20 11:01:58] @ chadskid_ joined channel #puppet
[2011/11/20 11:02:11] @ valy_32 joined channel #puppet
[2011/11/20 11:02:19] @ Quit: valy_32: Remote host closed the connection
[2011/11/20 11:03:51] @ Quit: chadskidmore: Ping timeout: 260 seconds
[2011/11/20 11:03:52] @ chadskid_ is now known as chadskidmore
[2011/11/20 11:12:00] @ jonhattan joined channel #puppet
[2011/11/20 11:28:02] @ Quit: sumsuch: Quit: sumsuch
[2011/11/20 11:28:55] @ Quit: jonhattan: Quit: Ex-Chat
[2011/11/20 11:30:37] @ Quit: sarkis_: Ping timeout: 240 seconds
[2011/11/20 11:31:40] @ Quit: Ashutto: Quit: Leaving
[2011/11/20 11:33:29] @ Quit: mpdude: Remote host closed the connection
[2011/11/20 11:34:05] @ mpdude joined channel #puppet
[2011/11/20 11:38:55] @ Log started by gepetto
[2011/11/20 11:38:55] @ Joined channel #puppet
[2011/11/20 11:38:55] @ Topic is "Puppet Enterprise 2.0 is out: http://bit.ly/PE_2 \| Important Security Announcement: http://bit.ly/AltNames \| Puppet 2.7.6 and 2.6.12 available at downloads.puppetlabs.com \| http://docs.puppetlabs.com \| Bugs & Feature Requests http://bit.ly/dKVa0A"
[2011/11/20 11:38:55] @ Topic set by jhelwig!~jhelwig@puppetlabs/development/jhelwig on Wed Nov 16 14:16:37 -0800 2011
[2011/11/20 11:39:05] @ Mode +Ccnt by adams.freenode.net
[2011/11/20 11:40:40] <indigo> joe-mac: reproduced it: http://pastebin.com/fTnwNFhx
[2011/11/20 11:41:18] <indigo> though, it only has a problem when running in the puppet agent. if i apply that manifest with puppet apply, it tells me "class nagios::plugins has not been evaluated", which makes sense.
[2011/11/20 11:41:53] <zleslie> indigo: you don't need to quote your includes
[2011/11/20 11:42:08] <indigo> yeah, i've realized that
[2011/11/20 11:42:22] <indigo> but i don't think it is causing the problem, do you?
[2011/11/20 11:42:40] <zleslie> I missed the problem
[2011/11/20 11:43:04] <indigo> that reference to $nagios::plugins::check_procs in the notify comes up as undef
[2011/11/20 11:43:12] <indigo> so it prints "this should not be empty: "
[2011/11/20 11:43:17] <zleslie> oh
[2011/11/20 11:43:37] <zleslie> you need to include nagios::plugins within Class["nagios::monitor::procs"]
[2011/11/20 11:44:12] <zleslie> You are referencing a variable outside of the class. You should include the class were the variables exist to bring them in local
[2011/11/20 11:45:30] <indigo> i could do that, but i'd rather not implicitly declare nagios::plugins
[2011/11/20 11:45:42] <indigo> which is why i have the line Class["nagios::plugins"] -> Class["nagios::monitor::procs"]
[2011/11/20 11:46:21] <zleslie> Ahh, do that in you're server class then, no?
[2011/11/20 11:46:33] <zleslie> I don't understand why nagios::monitor::procs needs to exist at all
[2011/11/20 11:47:18] <indigo> maybe i want to install the nagios plugins but i don't want to monitor procs.
[2011/11/20 11:48:00] <zleslie> I might not have enough context from your one paste. Will nagios::monitor::procs do soemhing more than a notify?
[2011/11/20 11:48:08] <indigo> in reality, yes
[2011/11/20 11:48:11] <zleslie> ok
[2011/11/20 11:48:24] <indigo> what it actually does is export some nagios services that make it monitor the processes on the node that includes it
[2011/11/20 11:48:47] <indigo> this is just a minimal example of the problem
[2011/11/20 11:49:03] <zleslie> imo, if you are going to reference something out of class, then you should require or include that class.
[2011/11/20 11:49:08] <indigo> nagios::plugins of course just installs the plugins
[2011/11/20 11:49:32] <zleslie> Also, you ocould just add a paramater to plugins, like class plugins ($moniter=false) {...}
[2011/11/20 11:49:41] @ Holocaine joined channel #puppet
[2011/11/20 11:49:41] <zleslie> or something
[2011/11/20 11:49:50] <indigo> i could, but then i'd have like 1000 parameters.
[2011/11/20 11:50:11] <zleslie> ok
[2011/11/20 11:50:24] <indigo> or at least numberOfThingsIMightMonitor*AverageNumberOfParametersForEach parameters. It's a big number.
[2011/11/20 11:50:36] <zleslie> Then you are using it wrong
[2011/11/20 11:50:52] <zleslie> Can you paste more code or something
[2011/11/20 11:50:58] <zleslie> I don't see your vision
[2011/11/20 11:51:05] <indigo> are you familar with nagios?
[2011/11/20 11:51:11] <zleslie> I am.
[2011/11/20 11:51:18] <indigo> so, nagios::plugins installs the plugin
[2011/11/20 11:51:24] <indigo> well, a set of basic plugins
[2011/11/20 11:51:43] <indigo> nagios::plugins::$check_procs is the path to check_procs, which varies between operating systems
[2011/11/20 11:52:04] <indigo> nagios::monitor::procs, the real version, exports a nagios_service that uses the check_procs plugin.
[2011/11/20 11:52:07] @ Quit: Holocaine: Client Quit
[2011/11/20 11:52:14] <zleslie> Ah
[2011/11/20 11:52:23] <zleslie> Have you used a params class before?
[2011/11/20 11:52:30] <indigo> yes, all the time.
[2011/11/20 11:52:48] <zleslie> okay
[2011/11/20 11:52:51] <indigo> the real version of nagios::monitor::procs has parameters for the warning and critical thresholds
[2011/11/20 11:54:21] <zleslie> What do you mean by "real version"
[2011/11/20 11:54:39] <indigo> i mean the version i have in production that i haven't reduced to this simple example.
[2011/11/20 11:55:26] <indigo> here's the real version: http://pastebin.com/zwSbKf8j
[2011/11/20 11:56:16] @ Quit: nul0op: Ping timeout: 240 seconds
[2011/11/20 11:57:18] @ mpdude_ joined channel #puppet
[2011/11/20 11:58:41] <zleslie> I see your problem.
[2011/11/20 11:58:58] <indigo> what about a solution? :)
[2011/11/20 11:59:20] <zleslie> Eh, I think you may be overcomplicating it, but I am not sure
[2011/11/20 11:59:37] <zleslie> For certain hosts, you want to change the values that are passed to nagios::monitor::procs, correct?
[2011/11/20 11:59:44] <indigo> yes
[2011/11/20 12:00:03] <zleslie> May I ask the reason?
[2011/11/20 12:00:17] <zleslie> The reason to change the value, I mean
[2011/11/20 12:00:26] @ Quit: mpdude: Ping timeout: 260 seconds
[2011/11/20 12:00:26] <zleslie> link latency, box size?
[2011/11/20 12:00:30] <indigo> for some hosts, 150 processes is normal. On others, that would indicate abnormal activity.
[2011/11/20 12:00:44] <zleslie> And you are going to know all of those hosts ahead of time?
[2011/11/20 12:00:49] <indigo> yes.
[2011/11/20 12:00:55] <zleslie> I would use hiera
[2011/11/20 12:01:09] <zleslie> Seen hiera yet?
[2011/11/20 12:01:15] <indigo> a little bit. I don't like it.
[2011/11/20 12:01:20] <zleslie> Why?
[2011/11/20 12:01:27] <indigo> because it makes modules site dependant.
[2011/11/20 12:01:47] <zleslie> I see how it can, but its not a requirement
[2011/11/20 12:02:32] <indigo> i don't see what's wrong with my approach, or how hiera is a solution to my problem.
[2011/11/20 12:02:36] <zleslie> class { "nagios::monitor::procs": totalprocswarn => hiera("totalprocswarn")...
[2011/11/20 12:02:47] <zleslie> then its passed from the top
[2011/11/20 12:03:02] <indigo> why do i need hiera("totalprocswarn") when I already know the value i want is 200?
[2011/11/20 12:03:16] <zleslie> I needed hiera to make my nagios configs work.
[2011/11/20 12:03:34] <zleslie> if you know you want it to be 200, then why are you making it a variable?
[2011/11/20 12:03:48] <indigo> i know on xen02, i want to warn at 200 procs. So, node xen02 { class "nagios::monitor::procs": totalprocswarn => 200 } }. Can't be more clear than that, can it?
[2011/11/20 12:03:55] <zleslie> All that does, is move the default value from 200 in the module, to the hiera lookup structure
[2011/11/20 12:04:13] <indigo> how is the default value in my module at all related to my problem?
[2011/11/20 12:05:00] <jpalmer> I've never used hiera, but I'd write the module so that if the hiera lookup doesn't exist, the module has a fallback "default" value. so as not to be site-specific.
[2011/11/20 12:05:04] <zleslie> Its your use of include nagios::monitor::procs, and your expectation that you are going to pass variables in using the class{ "nagios::monitor::procs": totalprocswarn
[2011/11/20 12:05:17] @ sumsuch joined channel #puppet
[2011/11/20 12:05:26] <zleslie> jpalmer: hiera can do that alreadu
[2011/11/20 12:06:18] <zleslie> indigo: do you see? There can only be one class instance named nagios::monitor::procs. With include, you assume the values that are set by the class. With class { } syntax, you pass values into the resource. You can't have both
[2011/11/20 12:06:51] <indigo> yes, except that I can.
[2011/11/20 12:06:52] <zleslie> indigo: hiera would help because you would just pass values always, at least for this class, but you put the lookup of what those values should be outside of the class itself
[2011/11/20 12:07:11] <indigo> if i've already done class{'foo':}, if i later do "include foo", then it's a noop
[2011/11/20 12:07:48] <zleslie> If foo has $bar =200 as default, and you do class { "foo": bar => 100; } it will fail
[2011/11/20 12:08:01] <indigo> no it won't.
[2011/11/20 12:08:25] <indigo> it will make a foo with bar 100. defaults are there to be ignored when an explicit value is given. that's what makes them defaults.
[2011/11/20 12:09:09] @ nul0op joined channel #puppet
[2011/11/20 12:12:03] @ Djelibeybi joined channel #puppet
[2011/11/20 12:14:39] <zleslie> http://pastie.org/2894419
[2011/11/20 12:15:12] <zleslie> That is what I am refering to.
[2011/11/20 12:15:46] <zleslie> puppet apply -v, with that code snip gives Duplicate definition: Class[Foo] is already defined; cannot redefine at /tmp/test.pp:6
[2011/11/20 12:16:05] <zleslie> I am testing on an old version though
[2011/11/20 12:16:41] <indigo> ok, but that's not what i'm doing.
[2011/11/20 12:17:00] <indigo> reverse lines 5 and 6 and you won't get that
[2011/11/20 12:17:46] <zleslie> Interesting
[2011/11/20 12:18:05] <indigo> moreover, if you make foo output $bar, you will see that it is 200, not 100.
[2011/11/20 12:18:27] @ Quit: sumsuch: Quit: sumsuch
[2011/11/20 12:18:29] <zleslie> I noticed that
[2011/11/20 12:19:17] <indigo> i have a class nagios::monitor::localresources that includes several other classes under nagios::monitor, like disks, procs, load, swap, etc
[2011/11/20 12:19:59] <zleslie> Okay, you have a point about the ordering, which seems like a bug to me
[2011/11/20 12:20:02] <indigo> each of those has some reasonable defaults. But if I need different defaults on a paticular node, I can declare that particular class with some non-default parameters before i declare localresources.
[2011/11/20 12:21:02] <zleslie> From what I understand that you want, is a data structure that tells puppet which values to change, and which to leave alone.
[2011/11/20 12:22:22] <indigo> are you trying to sell me on hiera again?
[2011/11/20 12:22:27] <zleslie> no
[2011/11/20 12:22:36] <indigo> because that sounds like a description of hiera
[2011/11/20 12:22:58] <zleslie> There are lots of ways to write things. I have used solutions that work for me. Hiera has been one of them, but its not right for everywhere.
[2011/11/20 12:23:40] <zleslie> I think managing all the locations that can change the values in a class sound painful.
[2011/11/20 12:23:42] <indigo> well, the interesting thing is that if i try that manifest (http://pastebin.com/fTnwNFhx) with puppet apply, i get an error. but if i try it with puppet agent, it does the wrong thing, silently.
[2011/11/20 12:24:27] <zleslie> That is probably because puppet apply parses the file in order, and with puppet agent you are left to the whim of the autoloader
[2011/11/20 12:24:52] <zleslie> Puppet will never guarantee order
[2011/11/20 12:25:05] <zleslie> And as such, I think it would be a bad idea to make your manifests rely on order
[2011/11/20 12:25:08] <indigo> then it shouldn't allow situations where order is important
[2011/11/20 12:25:32] <zleslie> I agree, where I mentioned above that I thought it was a bug that reversing lines made the code pass
[2011/11/20 12:25:33] @ cwebber joined channel #puppet
[2011/11/20 12:25:44] <indigo> i could see that argument
[2011/11/20 12:26:04] <indigo> though, the order should be explicit when i say "Class["nagios::plugins"] -> Class["nagios::monitor::procs"]"
[2011/11/20 12:27:28] @ Quit: chadskidmore: Quit: Computer has gone to sleep.
[2011/11/20 12:27:42] <zleslie> Meh, but my guess is that by the time its figuring out which order to run the resources in, you already have the values for the resources, which makes that not work like you expect it to
[2011/11/20 12:28:49] @ Quit: taihen: Remote host closed the connection
[2011/11/20 12:29:27] <indigo> well, i've only recently started using puppet, but I think one of the most underisable aspects of it is that the semantics seem to straddle an area between declarative and imperative, in that order shouldn't matter but it does, and the actual order isn't well-defined.
[2011/11/20 12:29:45] <zleslie> yes
[2011/11/20 12:30:06] <indigo> seems a bit like lack of foresight in design
[2011/11/20 12:30:44] <zleslie> It should always be declarative. There has been talk about being about to explicitly state order within a class, which is the Class["foo"] -> syntax you mentioned above
[2011/11/20 12:31:05] <indigo> yeah, but it doesn't actually work.
[2011/11/20 12:31:11] <zleslie> indigo: please file a bug
[2011/11/20 12:31:16] @ Quit: nul0op: Quit: Leaving
[2011/11/20 12:31:26] <zleslie> indigo: http://projects.puppetlabs.com/
[2011/11/20 12:32:48] @ Quit: cwebber: Ping timeout: 248 seconds
[2011/11/20 12:32:57] @ sdog left channel #puppet ()
[2011/11/20 12:32:57] <indigo> it's hard to find the way to submit a bug
[2011/11/20 12:33:10] <indigo> i remember a few days ago having the same problem.
[2011/11/20 12:33:13] <zleslie> you need to register
[2011/11/20 12:33:21] <indigo> i'm registered, and logged in.
[2011/11/20 12:33:43] @ sumsuch joined channel #puppet
[2011/11/20 12:33:47] <zleslie> https://projects.puppetlabs.com/projects/puppet/issues/new
[2011/11/20 12:33:58] <indigo> where is there a link to /new?
[2011/11/20 12:34:27] <zleslie> The tabs accross the project, overview, activity, roadmap, issues, NEW ISSUE..
[2011/11/20 12:34:36] <indigo> ah.
[2011/11/20 12:34:49] <indigo> i was looking under "issues"
[2011/11/20 12:34:52] <zleslie> Oh
[2011/11/20 12:34:57] <indigo> maybe "issues" should say "view issues"
[2011/11/20 12:35:08] <zleslie> its just redmine
[2011/11/20 12:35:13] <zleslie> I don't disagree
[2011/11/20 12:35:35] <indigo> what do i call this bug? I could say the problem is any number of things.
[2011/11/20 12:35:46] <zleslie> I would say, yes, what we discussed is a bug
[2011/11/20 12:36:39] <indigo> but which part? that I can declare a class by include or by class { ... ? Or that the behavior is different between puppet agent and puppet apply? Or that it doesn't respect ordering dispite my explicit statement of such? Or that ordering matters at all?
[2011/11/20 12:37:01] <zleslie> The ordering is a bug.
[2011/11/20 12:37:12] <zleslie> The other complaints you have about puppt may be features
[2011/11/20 12:38:37] <indigo> so the subject will be "Classes can be declared with "class {..." and "include ...", and the order of such matters". Sound about right?
[2011/11/20 12:38:50] <zleslie> Sure
[2011/11/20 12:39:59] <zleslie> And code examples will help
[2011/11/20 12:44:38] @ Quit: neonflux: Read error: Connection reset by peer
[2011/11/20 12:44:45] @ neonflux joined channel #puppet
[2011/11/20 12:45:33] @ maes_ joined channel #puppet
[2011/11/20 12:46:18] @ Quit: maes_`: Read error: Connection reset by peer
[2011/11/20 12:47:51] @ Quit: artista_frustrad: Ping timeout: 244 seconds
[2011/11/20 12:51:20] @ fredden joined channel #puppet
[2011/11/20 12:54:28] @ BManojlovic joined channel #puppet
[2011/11/20 12:56:14] @ Quit: samkottler: Quit: Leaving.
[2011/11/20 13:00:27] @ artista_frustrad joined channel #puppet
[2011/11/20 13:05:42] <indigo> ok well, bug 10972 created.
[2011/11/20 13:08:04] @ pfo joined channel #puppet
[2011/11/20 13:10:51] @ Quit: schvin: Remote host closed the connection
[2011/11/20 13:10:56] @ schvin joined channel #puppet
[2011/11/20 13:12:55] @ jkoppe joined channel #puppet
[2011/11/20 13:13:05] @ Quit: mpdude_: Remote host closed the connection
[2011/11/20 13:14:34] @ mpdude joined channel #puppet
[2011/11/20 13:14:36] @ samkottler joined channel #puppet
[2011/11/20 13:19:21] @ taihen joined channel #puppet
[2011/11/20 13:19:25] @ Quit: tily: Ping timeout: 240 seconds
[2011/11/20 13:20:27] <zleslie> Good ticket.
[2011/11/20 13:22:15] @ jonhattan joined channel #puppet
[2011/11/20 13:28:32] @ bmahe joined channel #puppet
[2011/11/20 13:28:32] @ Quit: bmahe: Changing host
[2011/11/20 13:28:32] @ bmahe joined channel #puppet
[2011/11/20 13:28:47] @ Quit: mpdude: Remote host closed the connection
[2011/11/20 13:29:05] @ nimrod10 joined channel #puppet
[2011/11/20 13:30:40] @ Quit: toi: Ping timeout: 240 seconds
[2011/11/20 13:32:17] @ Quit: jaytaph: Quit: jaytaph
[2011/11/20 13:33:07] @ avatar4d joined channel #puppet
[2011/11/20 13:35:20] <sascha_> anyone around who could advise on hiera config/query syntax? I seem to be missing a key piece of understanding.
[2011/11/20 13:35:22] <sascha_> https://gist.github.com/2441f381a4055b1747dc
[2011/11/20 13:35:44] @ Quit: avatar4d: Client Quit
[2011/11/20 13:36:47] @ avatar4d joined channel #puppet
[2011/11/20 13:44:36] @ joshcooper joined channel #puppet
[2011/11/20 13:46:52] @ mitchellh joined channel #puppet
[2011/11/20 13:49:37] @ Quit: joshcooper: Remote host closed the connection
[2011/11/20 13:49:37] @ Quit: avatar4d: Read error: Connection reset by peer
[2011/11/20 13:49:48] @ joshcooper joined channel #puppet
[2011/11/20 13:50:47] @ Holocaine joined channel #puppet
[2011/11/20 13:51:03] @ newtMcKerr joined channel #puppet
[2011/11/20 13:52:06] @ emergion joined channel #puppet
[2011/11/20 13:53:42] @ Quit: joshcooper: Client Quit
[2011/11/20 13:55:52] @ Quit: verwilst: Quit: Ex-Chat
[2011/11/20 13:58:14] @ alanna joined channel #puppet
[2011/11/20 14:00:22] @ Quit: axisys: Ping timeout: 260 seconds
[2011/11/20 14:00:27] @ labrown joined channel #puppet
[2011/11/20 14:00:44] @ avatar4d joined channel #puppet
[2011/11/20 14:01:58] @ axisys joined channel #puppet
[2011/11/20 14:03:22] <Volcane> sascha_: thats weird, i am not sure whats up with that
[2011/11/20 14:03:38] <Volcane> it seems fine
[2011/11/20 14:05:04] <Volcane> sascha_: are you running the gem or master from github?
[2011/11/20 14:07:15] <Volcane> sascha_: it should be logging something like: DEBUG: Sun Nov 20 22:05:28 +0000 2011: Hiera JSON backend starting
[2011/11/20 14:07:37] <Volcane> for your 2nd command at least and fact that it doesnt says maybe the files not found in the ruby libdir or something
[2011/11/20 14:08:58] <sascha_> gem
[2011/11/20 14:09:13] <sascha_> I tried with the yaml backend too
[2011/11/20 14:09:21] @ dgillies joined channel #puppet
[2011/11/20 14:09:46] <Volcane> the gem is fairly old - i havnt had time to do a release for ages, might be worth downloading from master and building a local gem at least to see if that behaves better
[2011/11/20 14:11:02] <sascha_> I can try that
[2011/11/20 14:11:07] <sascha_> I"m running a pretty recent ruby
[2011/11/20 14:13:20] <Volcane> you can more or less just do 'rake gem' in the git clone
[2011/11/20 14:16:37] @ Quit: avatar4d: Ping timeout: 240 seconds
[2011/11/20 14:16:48] @ Quit: l0g1sic: Ping timeout: 248 seconds
[2011/11/20 14:16:53] @ Quit: labrown: Quit: Leaving
[2011/11/20 14:18:49] @ avatar4d joined channel #puppet
[2011/11/20 14:19:18] @ lak joined channel #puppet
[2011/11/20 14:19:19] @ Quit: lak: Changing host
[2011/11/20 14:19:19] @ lak joined channel #puppet
[2011/11/20 14:20:50] @ Quit: d3c: Quit: leaving
[2011/11/20 14:22:43] @ Quit: mitchellh: Quit: Computer has gone to sleep
[2011/11/20 14:24:28] @ flex joined channel #puppet
[2011/11/20 14:24:48] @ tilgovi joined channel #puppet
[2011/11/20 14:24:48] @ Quit: tilgovi: Changing host
[2011/11/20 14:24:48] @ tilgovi joined channel #puppet
[2011/11/20 14:26:01] @ Quit: avatar4d: Ping timeout: 260 seconds
[2011/11/20 14:26:10] @ Quit: jonhattan: Quit: Ex-Chat
[2011/11/20 14:28:13] @ chadskidmore joined channel #puppet
[2011/11/20 14:30:36] @ mpdude joined channel #puppet
[2011/11/20 14:30:37] @ Quit: samkottler: Quit: Leaving.
[2011/11/20 14:34:26] @ Quit: sumsuch: Ping timeout: 260 seconds
[2011/11/20 14:34:30] @ raadad joined channel #puppet
[2011/11/20 14:34:33] <raadad> hey guys
[2011/11/20 14:34:45] <raadad> Could not load confine test 'operatingsystem': cannot load such file -- puppet/provider/confine/operatingsystem
[2011/11/20 14:34:49] <raadad> any idea's?
[2011/11/20 14:35:18] @ ghg joined channel #puppet
[2011/11/20 14:36:59] @ Quit: dbgster: Quit: dbgster
[2011/11/20 14:41:49] <raadad> ???
[2011/11/20 14:43:14] @ mosen joined channel #puppet
[2011/11/20 14:44:07] @ skm joined channel #puppet
[2011/11/20 14:45:27] @ Quit: mpdude: Remote host closed the connection
[2011/11/20 14:46:40] @ Quit: ghg: Ping timeout: 240 seconds
[2011/11/20 14:47:49] @ Quit: alanna: Remote host closed the connection
[2011/11/20 14:48:18] @ ghg joined channel #puppet
[2011/11/20 14:48:20] @ alanna joined channel #puppet
[2011/11/20 14:48:38] @ Quit: pfo: Quit: pfo
[2011/11/20 14:49:50] @ Quit: lwhalen: Quit: Computer has gone to sleep
[2011/11/20 14:53:05] @ Quit: alanna: Ping timeout: 260 seconds
[2011/11/20 14:53:37] @ matchaw joined channel #puppet
[2011/11/20 14:59:30] @ shadoi joined channel #puppet
[2011/11/20 15:02:37] @ Quit: tilgovi: Ping timeout: 240 seconds
[2011/11/20 15:03:57] @ noakes joined channel #puppet
[2011/11/20 15:05:54] @ Quit: samc: Ping timeout: 244 seconds
[2011/11/20 15:07:10] <jsm> so i have a big yaml dump of all my users & their ssh keys.. i'm using with this hiera… i'd like to be able to tell a machine being built, use only jim & bob from this user list… but can't figure out how
[2011/11/20 15:08:13] <jsm> i can't find a clean way to pass a list of users, then have a manifest loop through known users for a match, and then add those users
[2011/11/20 15:08:20] @ johnston joined channel #puppet
[2011/11/20 15:08:37] <jsm> i'd almost need some sort of function that could do a hash/list intersetion
[2011/11/20 15:08:41] <jsm> intersection
[2011/11/20 15:11:44] <Volcane> jsm: you can use the hiera_array function to build an array up through the hierarchy then just include those classes
[2011/11/20 15:15:44] <jsm> Volcane: but that requires me to specify a class with the specific users? i'm trying to do this with using a custom fact (since this is AWS based), i'd like as much as possible not to be on the puppetmaster
[2011/11/20 15:16:26] <Volcane> u can also pass the array to a define that then look up the properties of each user
[2011/11/20 15:16:47] <jsm> like a nested define?
[2011/11/20 15:16:57] <Volcane> $users = hiera_arary("users"); users::create_user{$users: }
[2011/11/20 15:17:17] <Volcane> you'd then in the define just use hiera to fetch the properties for each user using the $name var
[2011/11/20 15:17:54] <jsm> oh, i wasn't aware it could do that..
[2011/11/20 15:18:16] <jsm> will give it a go, thanks
[2011/11/20 15:18:54] <jsm> and the blog is coming, this is the my last bit before i stamp out a "release" to our dev team
[2011/11/20 15:19:29] <Volcane> nice
[2011/11/20 15:21:14] @ Quit: matchaw: Remote host closed the connection
[2011/11/20 15:21:18] @ KaiserBeto1 joined channel #puppet
[2011/11/20 15:24:07] @ sumsuch joined channel #puppet
[2011/11/20 15:25:35] <sascha_> Volcane: it's a problem with 1.9.2 ruby
[2011/11/20 15:25:54] <sascha_> I took a moment and installed rvm/1.8.7 and it gave me just what i thought it should
[2011/11/20 15:26:21] <Volcane> hmm, lame
[2011/11/20 15:26:41] <Volcane> would you mind opening a tikcet @ puppetlabs redmine describing this?
[2011/11/20 15:26:46] <Volcane> there's a project for hiera there
[2011/11/20 15:26:57] <sascha_> no not at all
[2011/11/20 15:27:33] <sascha_> if I don't give hiera a hierarchy, will it search everything?
[2011/11/20 15:27:35] @ ldlework joined channel #puppet
[2011/11/20 15:27:51] <Volcane> no i think it defaults to just 'global' then
[2011/11/20 15:27:55] <Volcane> or 'common' actually
[2011/11/20 15:28:18] <sascha_> my greater experience is with Chef so I'm trying to make a data structure that will work, but all i know is data bags
[2011/11/20 15:28:34] <Volcane> yeh been reading your blog posts :)
[2011/11/20 15:28:39] <sascha_> and I need to store configs for like 20 instances of jboss
[2011/11/20 15:29:02] <sascha_> I'm trying to write polite blog posts. It's worth it to me to learn both tools
[2011/11/20 15:29:14] <Volcane> and they're all very different or you're trying to make a full feature template?
[2011/11/20 15:29:24] <sascha_> one thing I like about puppet is the ability to use puppet as the system of record for nodes
[2011/11/20 15:29:34] <sascha_> they're all very similar with different settings
[2011/11/20 15:29:40] <Volcane> ok
[2011/11/20 15:29:54] <sascha_> so different connection pool sizes, min/max memory, database connection info
[2011/11/20 15:30:11] <sascha_> I'd planned to make a data store for each app
[2011/11/20 15:31:51] <sascha_> I'm still working out what needs to go in the app data store and the more global data store. That's what I was brainstorming today until I got hung up on hiera not responding to my queries
[2011/11/20 15:32:14] <Volcane> if u define a hierarchy for all your normal global data
[2011/11/20 15:32:19] <Volcane> and just want files per app you can do like
[2011/11/20 15:32:33] <Volcane> hiera("foo", "", "app_${appname}") or whatever
[2011/11/20 15:32:42] <Volcane> this will look in app_appname.json first before the rest
[2011/11/20 15:32:57] <Volcane> handy for just having a case where u know you'd like a file with all the data for some speicifc thing in it
[2011/11/20 15:33:21] <Volcane> the "" is default value as uaul
[2011/11/20 15:33:51] <raadad> exit
[2011/11/20 15:33:53] <sascha_> yeah, that's what I was hoping. That I could make a define or parameterized class that took the app name as an arg and then used that to find the data in the stpre
[2011/11/20 15:33:54] <sascha_> store
[2011/11/20 15:38:39] @ mick_laptop joined channel #puppet
[2011/11/20 15:39:28] @ matchaw joined channel #puppet
[2011/11/20 15:40:48] @ dissipate joined channel #puppet
[2011/11/20 15:40:48] @ Quit: dissipate: Changing host
[2011/11/20 15:40:48] @ dissipate joined channel #puppet
[2011/11/20 15:41:25] <indigo> has anyone else ever thought that nodes and classes are an unnecessary duplication of functionality?
[2011/11/20 15:41:58] <indigo> they are both collections of resources. But, nodes do a lot less than classes. But, only nodes can match a node.
[2011/11/20 15:43:50] <indigo> maybe i'll make an example.
[2011/11/20 15:44:30] <Volcane> indigo: indeed, lots of talk of getting rid of node as a construct
[2011/11/20 15:44:37] <indigo> ok, good.
[2011/11/20 15:44:56] <Volcane> indigo: but if you avoid node inheritance completely then the distinction makes sense
[2011/11/20 15:45:10] <indigo> well, i'm not sure. i'll finish my example.
[2011/11/20 15:47:19] @ Quit: ghg: Ping timeout: 252 seconds
[2011/11/20 15:48:04] <indigo> here's the problem i'm dealing with: say you have a class that includes a bunch of other classes. Like, you have a class that monitors local resources (disk, swap, ...) with nagios. The actual monitoring of each local resource is describe in its own class
[2011/11/20 15:48:23] <indigo> let's say nagios::monitor::localresources, which includes nagios::monitor::disk, and nagios::monitor::swap
[2011/11/20 15:49:10] <indigo> on most nodes, you want to say "i want to monitor all the local resources". And, mostly the parameters of that monitoring (the warning thresholds, etc) are the same. But on some nodes, you want to override it.
[2011/11/20 15:49:17] <indigo> there's really not a good way to do that.
[2011/11/20 15:49:38] <Volcane> extlookup or hiera lets u manage the data that configures those checks
[2011/11/20 15:50:03] @ samkottler joined channel #puppet
[2011/11/20 15:50:06] <indigo> yeah, everyone keeps saying that, but it seems like a bad solution.
[2011/11/20 15:50:19] <indigo> and besides they are poorly documented.
[2011/11/20 15:50:45] <indigo> i'll tell you why it seems like a bad idea though: classes are already hierarchies of configuration. Why do I want another hierarchy of configuration?
[2011/11/20 15:51:02] <Volcane> because data isnt code
[2011/11/20 15:51:07] <mmoya> any problem with master at version 2.7.x and clients at 2.6.x ?
[2011/11/20 15:51:10] <Volcane> and the hierarchies you need for those are different
[2011/11/20 15:51:11] <indigo> what? yes it is.
[2011/11/20 15:51:33] <Volcane> data in code is 'hard coded data'
[2011/11/20 15:51:39] <indigo> at least, it is in assembly, and it is in lisp, and i guess it is everywhere in between also.
[2011/11/20 15:51:44] <Volcane> something everyone agrees is a terrible idea
[2011/11/20 15:52:07] * sascha_ agrees
[2011/11/20 15:52:08] <indigo> i don't know why site.pp is any "harder" than anything else.
[2011/11/20 15:52:58] <Volcane> clear seperation of data and code
[2011/11/20 15:53:01] <Volcane> and a configurable layer of data
[2011/11/20 15:53:10] <Volcane> means u can write code focused on teh function
[2011/11/20 15:53:15] <indigo> modules are code. site.pp is data.
[2011/11/20 15:53:20] @ blahdeblah left channel #puppet ()
[2011/11/20 15:53:25] <Volcane> and later configure that code by simply providing data
[2011/11/20 15:53:28] <indigo> they don't have to be in separate languages to be separate.
[2011/11/20 15:54:07] <Volcane> so in your site.pp do you just have a load of case statemtns that set global vars or do you from there do param class inclusion with different values based on case statements?
[2011/11/20 15:54:19] <Volcane> how do you handle things like the ntp server for dc1 and dc2 tha tmight not be the same?
[2011/11/20 15:54:54] <Volcane> just trying to see what u mean by site.pp for data - since thats not a general pattern ppl use
[2011/11/20 15:55:14] <indigo> node dc1 { class {"ntp": server=>"ntp.dc1" }} ; node dc2 { class {"ntp": server=>"ntp.dc2"}}
[2011/11/20 15:55:33] <indigo> seems pretty straightforward to me.
[2011/11/20 15:55:48] <Volcane> this creates a huge amount of duplication in your nodes, multiple that by 1000 and it soon gets pretty nightmarish
[2011/11/20 15:55:57] <indigo> how so?
[2011/11/20 15:56:04] @ Quit: msaum: Quit: Leaving.
[2011/11/20 15:56:07] <Volcane> 1000x providing the same data
[2011/11/20 15:56:14] <indigo> no, not really.
[2011/11/20 15:56:29] <indigo> if i have 1000 nodes that are like dc1, then i do this:
[2011/11/20 15:56:47] <indigo> class dc1 { class { "ntp" => server "ntp.dc1" } }
[2011/11/20 15:56:50] <indigo> then
[2011/11/20 15:57:10] <indigo> node n1.dc1 { include dc1 }; node n2.dc1 { include dc1 } ...
[2011/11/20 15:57:21] <indigo> or just node *.dc1 { include dc1 }, if you prefer
[2011/11/20 15:57:33] <Volcane> fair enough, each to their own. big sets of manifests have 100s or 1000s pieces of data
[2011/11/20 15:57:40] <Volcane> some ppl find having the data in one convenient place works better for them
[2011/11/20 15:57:49] <Volcane> others dont, puppet lets you do either
[2011/11/20 15:57:52] <Volcane> so pick what works for u
[2011/11/20 15:57:53] @ Quit: rcrowley: Quit: Computer has gone to sleep.
[2011/11/20 15:58:45] <Volcane> extlookup/hiera distills your example down to one line of code
[2011/11/20 15:58:57] <Volcane> a line of code that doesnt need to change when you get dc3 or dc100
[2011/11/20 15:59:12] <indigo> I don't understand the difference between changing a line of code and a line of data.
[2011/11/20 15:59:13] <Volcane> which makes for easier to read, understand and maintain code
[2011/11/20 16:00:28] <indigo> let me tell you what i think would be a good solution
[2011/11/20 16:00:30] @ tuv joined channel #puppet
[2011/11/20 16:00:57] <tuv> is there an offline channel for puppeteers?
[2011/11/20 16:01:05] <tuv> oops.. i meant, an offtopic channel
[2011/11/20 16:01:09] <indigo> if i have a class a, and i want a class b that's just like it, but a little different, i can already make b inherit a and override bits of its configuration
[2011/11/20 16:01:29] @ Quit: shadoi: Quit: Leaving.
[2011/11/20 16:01:43] <indigo> the problem is that if i have class a and b, included by c, and i want to make d that's like c but does a a bit differently, there's not a way to override the behavior of a parent of a parent.
[2011/11/20 16:01:50] <indigo> follow me so far?
[2011/11/20 16:02:12] @ Quit: kinsel: Ping timeout: 276 seconds
[2011/11/20 16:02:22] <Volcane> tuv: what kind of topic
[2011/11/20 16:02:25] <Volcane> indigo: sure
[2011/11/20 16:02:33] @ rcrowley joined channel #puppet
[2011/11/20 16:03:01] <indigo> ok so, maybe i would have a include b and c, and i would make a take parameters that it would then pass on to b and c. Then, i can declare a any way i want, and have it influence b and c any way i want.
[2011/11/20 16:03:34] <indigo> the problem now is that if a includes many classes, and each of those classes have many parameters, now a has many many parameters.
[2011/11/20 16:03:53] @ kinsel joined channel #puppet
[2011/11/20 16:03:54] @ Quit: johnston: Ping timeout: 265 seconds
[2011/11/20 16:04:29] <Volcane> exactly - this is the same problem you find in any language where you think hard coding data is the solution
[2011/11/20 16:05:12] <indigo> there's a related problem. Let's say I like nagios_service, but I don't like how it creates files with mode 600. So, when I declare a nagios_service, i also want to declare a file. But, I don't want to have to declare two resources each time i want a nagios service, so i want to make a wrapper. But, my wrapper has to take all the parameters of nagios_service, then pass them on.
[2011/11/20 16:05:22] @ lwhalen joined channel #puppet
[2011/11/20 16:06:19] <tuv> Volcane: small business server platform. e.g. zimbra, scalix, kolab, citadel, custom built...etc
[2011/11/20 16:06:24] <Volcane> yeah the wrapper define thing is a pita - the built in types should be more configurable
[2011/11/20 16:06:29] <indigo> many languages have a way to say, "this function can take a variable number of arguments". Those arguments are then captured in an array, and then there's a way to say "call this function with this array as arguments". So I can use that to make a wrapper function. In python it would look like "def wrapper(a, kw): wrapped_function(a, **kw)"
[2011/11/20 16:06:49] <Volcane> indigo: that doesnt translate well to declaritive languages
[2011/11/20 16:06:54] <indigo> sure it does.
[2011/11/20 16:07:02] <tuv> Volcane: looking for experiences and recommendation as to how to implement one, and which way to go
[2011/11/20 16:07:10] <indigo> you can have that, and also still only have single assignment.
[2011/11/20 16:07:17] <Volcane> tuv: there are various general sysadmin channels i guess, like the lopsa one maybe
[2011/11/20 16:07:29] <tuv> lopsa?
[2011/11/20 16:07:53] <Volcane> league of professional sys admins
[2011/11/20 16:08:04] <tuv> ah.. nice.. thanks
[2011/11/20 16:08:37] <indigo> puppet already has hashes, and parameters are hashes. What's missing is a way to say "expand this hash in this resource declaration"
[2011/11/20 16:08:57] @ Quit: marcellods: Ping timeout: 258 seconds
[2011/11/20 16:08:59] <indigo> if there was that, then my class a that includes b and c and d and includes parameters that can modify how b and c and d are declared is easy.
[2011/11/20 16:09:00] <mmoya> is there any problem with having different versions in master and agents (ie. master is 2.7.x and clients are 2.6.x) ?
[2011/11/20 16:09:08] <indigo> also resources that wrap only one thing are also easy.
[2011/11/20 16:09:21] @ Quit: dissipate: Ping timeout: 276 seconds
[2011/11/20 16:09:52] @ hamish joined channel #puppet
[2011/11/20 16:09:56] <Volcane> mmoya: should be ok mostly if master is newer than clients
[2011/11/20 16:11:29] @ joshcooper joined channel #puppet
[2011/11/20 16:14:28] @ abetterlie joined channel #puppet
[2011/11/20 16:16:43] @ Quit: DJClean: Read error: Operation timed out
[2011/11/20 16:17:09] @ Quit: matchaw: Remote host closed the connection
[2011/11/20 16:21:39] <Ahlee_> is it possible to put a Require statement on an include?
[2011/11/20 16:22:05] <Ahlee_> Before I pull in this class, I want to make sure something else has run
[2011/11/20 16:23:46] @ mitchellh joined channel #puppet
[2011/11/20 16:23:52] <haus> if you use a class resource instead of an include, you can use -> between them
[2011/11/20 16:24:53] @ Quit: mitchellh: Client Quit
[2011/11/20 16:26:00] <Ahlee_> Good call on the class resource, trying to break myself of the include habit
[2011/11/20 16:26:08] <Ahlee_> but i don't follow you on the -> denotion
[2011/11/20 16:26:20] <haus> i.e SomethingBefore["something"] -> Class["class"]
[2011/11/20 16:26:46] <Ahlee_> ah, so rather than include, chain/call/whatever you have it
[2011/11/20 16:26:49] <haus> (http://docs.puppetlabs.com/learning/ordering.html under 'Chaining')
[2011/11/20 16:26:51] <Ahlee_> er, rather than Require
[2011/11/20 16:26:55] <Ahlee_> thank you.
[2011/11/20 16:26:59] <haus> yea, that's what i would do
[2011/11/20 16:27:04] <haus> np
[2011/11/20 16:27:08] @ Vulcan[OMNI] joined channel #puppet
[2011/11/20 16:29:48] <Ahlee_> That did it
[2011/11/20 16:29:51] <Ahlee_> Thank you so much.
[2011/11/20 16:30:00] <haus> glad it worked
[2011/11/20 16:33:25] @ Quit: lak: Quit: Leaving.
[2011/11/20 16:35:18] @ Quit: hansi: Remote host closed the connection
[2011/11/20 16:36:01] @ Quit: lwhalen: Quit: Computer has gone to sleep
[2011/11/20 16:38:21] @ Quit: Stenbryggen: Quit: Leaving.
[2011/11/20 16:39:38] @ mcarpent joined channel #puppet
[2011/11/20 16:42:33] @ joshcooper_ joined channel #puppet
[2011/11/20 16:44:48] <mick_laptop> I'm working on a puppet module. would someone mind (once I'm done) to check it out and correct me if I make a mistake?
[2011/11/20 16:45:25] @ Quit: joshcooper: Ping timeout: 240 seconds
[2011/11/20 16:45:25] @ joshcooper_ is now known as joshcooper
[2011/11/20 16:47:37] @ Quit: joshcooper: Quit: joshcooper
[2011/11/20 16:47:59] @ pfo joined channel #puppet
[2011/11/20 16:49:50] @ Quit: pfo: Client Quit
[2011/11/20 16:50:16] @ jamescollins joined channel #puppet
[2011/11/20 16:50:23] @ murkk joined channel #puppet
[2011/11/20 16:52:20] <murkk> is the puppetlabs/ruby module that is available in the module forge on github somewhere I would like to send a change back
[2011/11/20 16:54:45] @ Quit: samkottler: Quit: Leaving.
[2011/11/20 17:06:13] @ avatar4d joined channel #puppet
[2011/11/20 17:12:43] @ Quit: countskm: Quit: leaving
[2011/11/20 17:13:14] @ helindbe_ joined channel #puppet
[2011/11/20 17:14:19] @ Quit: helindbe: Read error: Connection reset by peer
[2011/11/20 17:14:19] @ helindbe_ is now known as helindbe
[2011/11/20 17:15:42] @ avatar4d left channel #puppet ()
[2011/11/20 17:17:00] @ Quit: Kiall: Quit: ZNC - http://znc.sourceforge.net
[2011/11/20 17:17:46] @ Kiall joined channel #puppet
[2011/11/20 17:18:20] @ chadskidmore left channel #puppet ("Textual IRC Client: http://www.textualapp.com/")
[2011/11/20 17:22:45] @ vagn joined channel #puppet
[2011/11/20 17:23:12] @ vagn left channel #puppet ()
[2011/11/20 17:23:15] @ Quit: gniks: Quit: Leaving.
[2011/11/20 17:23:54] @ gniks joined channel #puppet
[2011/11/20 17:24:45] @ Quit: Kiall: Quit: ZNC - http://znc.sourceforge.net
[2011/11/20 17:26:40] @ Kiall joined channel #puppet
[2011/11/20 17:29:31] @ lwhalen joined channel #puppet
[2011/11/20 17:29:59] @ vagn_ joined channel #puppet
[2011/11/20 17:30:41] @ vagn_ is now known as vagn
[2011/11/20 17:35:19] @ msaum joined channel #puppet
[2011/11/20 17:36:54] @ Quit: sumsuch: Quit: sumsuch
[2011/11/20 17:41:28] @ Quit: mmoya: Ping timeout: 240 seconds
[2011/11/20 17:46:20] @ tilgovi joined channel #puppet
[2011/11/20 17:48:55] @ Quit: jsm: Quit: jsm
[2011/11/20 17:50:20] @ cwebber joined channel #puppet
[2011/11/20 17:52:04] @ Enf joined channel #puppet
[2011/11/20 17:54:23] @ Quit: BManojlovic: Remote host closed the connection
[2011/11/20 17:54:45] @ Quit: cwebber: Ping timeout: 258 seconds
[2011/11/20 17:54:59] @ alanna joined channel #puppet
[2011/11/20 17:55:49] @ dbgster joined channel #puppet
[2011/11/20 17:56:16] @ Quit: ldlework: Ping timeout: 240 seconds
[2011/11/20 18:13:07] <indigo> so, what's the difference between including a class inside another, and inheriting it?
[2011/11/20 18:20:39] @ Quit: alanna: Remote host closed the connection
[2011/11/20 18:21:03] @ alanna joined channel #puppet
[2011/11/20 18:22:35] @ alanna_ joined channel #puppet
[2011/11/20 18:22:36] @ Quit: alanna: Read error: Connection reset by peer
[2011/11/20 18:24:07] @ Quit: flex: Remote host closed the connection
[2011/11/20 18:24:09] @ Quit: dgillies: Remote host closed the connection
[2011/11/20 18:26:06] <noakes> Indigo: if you inherit, you can override in the subclass
[2011/11/20 18:26:33] <indigo> but you can also override if you don't.
[2011/11/20 18:26:53] <indigo> and if you do, sometimes you still can't override.
[2011/11/20 18:27:11] @ e1mer joined channel #puppet
[2011/11/20 18:27:12] @ Quit: e1mer: Changing host
[2011/11/20 18:27:12] @ e1mer joined channel #puppet
[2011/11/20 18:27:22] <noakes> hmmm... I always get an error when I try to do that if I don't inherit
[2011/11/20 18:27:55] <noakes> let me try really quickly
[2011/11/20 18:27:58] <indigo> here's an example of inheriting, and being able to override, but it not actually overriding: http://pastie.org/2895790
[2011/11/20 18:28:25] @ ghg joined channel #puppet
[2011/11/20 18:28:59] @ Quit: alanna_: Remote host closed the connection
[2011/11/20 18:29:22] @ alanna joined channel #puppet
[2011/11/20 18:29:38] <indigo> here's overriding without inheriting: http://pastie.org/2895793
[2011/11/20 18:30:08] @ dgillies joined channel #puppet
[2011/11/20 18:30:21] @ Quit: alanna: Read error: Connection reset by peer
[2011/11/20 18:30:49] @ alanna joined channel #puppet
[2011/11/20 18:31:10] <indigo> here's a case that will confuse you: http://pastie.org/2895795
[2011/11/20 18:32:20] @ Quit: dgillies: Remote host closed the connection
[2011/11/20 18:33:23] @ dgillies joined channel #puppet
[2011/11/20 18:34:53] @ Quit: alanna: Remote host closed the connection
[2011/11/20 18:35:17] @ alanna joined channel #puppet
[2011/11/20 18:36:09] @ Kazuhiro joined channel #puppet
[2011/11/20 18:37:39] @ joshcooper joined channel #puppet
[2011/11/20 18:38:12] @ Quit: tilgovi: Remote host closed the connection
[2011/11/20 18:39:37] @ Quit: alanna: Ping timeout: 245 seconds
[2011/11/20 18:41:24] @ Quit: joshcooper: Client Quit
[2011/11/20 18:43:05] <noakes> I was thinking more along these lines: http://pastie.org/2895833
[2011/11/20 18:43:35] <noakes> though that is using 2.6.9 - haven't updated to 2.7 yet
[2011/11/20 18:44:04] <indigo> yeah, i've never had to do that though, and that feature has never solved my problems.
[2011/11/20 18:44:37] <indigo> you'd think it would be the way of choice to say, "i'm making a thing, which is just like this other thing, except ..."
[2011/11/20 18:45:23] <indigo> but, the only things you seem to actually do that are useful to set your new thing apart are add more things to it, which is just "include", and you don't need to inherit to do that.
[2011/11/20 18:46:18] <Volcane> 'making a thing, which is just like the other thing' is the problem - there is only ever one 'thing'
[2011/11/20 18:46:35] <Volcane> so you can edit any of its properties or undefine any of its properties as long as you inherit from the class that made it
[2011/11/20 18:46:52] <Volcane> or with the collection thing shown earlier
[2011/11/20 18:47:26] <indigo> what about http://pastie.org/2895790 ?
[2011/11/20 18:47:59] <Volcane> best avoided
[2011/11/20 18:48:07] <indigo> why?
[2011/11/20 18:48:07] <Volcane> most things with inheritance is best avoided
[2011/11/20 18:48:18] <indigo> then why is it around, anyway?
[2011/11/20 18:48:20] <Volcane> too easy to make mistakes and get fluctuating behavior
[2011/11/20 18:48:32] <Volcane> parsing order dependant etc
[2011/11/20 18:48:41] <indigo> isn't that a bug?
[2011/11/20 18:49:11] <Volcane> i think it is
[2011/11/20 18:49:25] <indigo> what about http://pastie.org/2895795? Also a bug?
[2011/11/20 18:50:18] <Volcane> thats the collection thing i mentioned - and its buggy due to parsing order, so best avoided
[2011/11/20 18:50:53] <indigo> but how do you say "i want to do this, except..."?
[2011/11/20 18:51:47] <Volcane> depends on the situation - but mostly the right way is to externalize your data and create per node data for the special cases
[2011/11/20 18:52:01] <indigo> it seems to me that both inheritance and spaceship overrides (or whatever they are called) should go away, because they were implemented without considering the implications. But, there doesn't seem to be a good alternate solution.
[2011/11/20 18:52:31] <Volcane> inheritance works fine if you just want to alter a resource
[2011/11/20 18:53:17] <indigo> does it?
[2011/11/20 18:53:54] <Volcane> yup
[2011/11/20 18:53:58] <mosen> like using plusignment on class defaults?
[2011/11/20 18:54:06] <indigo> what about this? http://pastie.org/2895866
[2011/11/20 18:54:36] <indigo> i can't decide if the message should be "default" or "alternate".
[2011/11/20 18:55:00] <Volcane> it should be alternate
[2011/11/20 18:55:21] <indigo> it is, but if i declared class a, then shouldn't it also be default?
[2011/11/20 18:55:22] <Volcane> if u have a resource - made anywhere - and you change it anywhere, its changed
[2011/11/20 18:55:51] <indigo> how can i not reassign a variable, but i can reassign a resource parameter?
[2011/11/20 18:55:51] <Volcane> its not order related, its not 2 resources
[2011/11/20 18:55:56] @ marcellods joined channel #puppet
[2011/11/20 18:56:17] @ Quit: choonming: Quit: Leaving
[2011/11/20 18:56:20] <indigo> right, it's one resource, and its message was default, and then it was alternate.
[2011/11/20 19:00:47] <indigo> i've never read it stated explicitly, but it seems like a goal of the puppet language is to be free of side effects
[2011/11/20 19:01:20] @ Quit: rcrowley: Quit: Computer has gone to sleep.
[2011/11/20 19:01:32] <indigo> would you concede that overriding with inheritance, or with the spaceship override syntax, necessarily has side effects?
[2011/11/20 19:01:53] <Volcane> i already said parsing order side effects is a bug :)
[2011/11/20 19:03:22] <Volcane> there's a ton of really bad usability bugs in puppets design, imho really huge amounts of it even down to little things like whats acceptable chars in var names
[2011/11/20 19:03:24] <indigo> maybe hiera really is a solution to my problems. The problem is, I can't really get a grasp on what it is, because there isn't much documentation :(
[2011/11/20 19:04:12] <Volcane> read the extlookup documentation in the function reference
[2011/11/20 19:04:18] <Volcane> hiera is very very much the same thing
[2011/11/20 19:04:28] <Volcane> excepts its not CSV specific and it supports more complex data
[2011/11/20 19:04:35] <Volcane> extlookup is well documented afaik
[2011/11/20 19:04:59] @ jsm joined channel #puppet
[2011/11/20 19:05:03] <indigo> ok, i'll look into it
[2011/11/20 19:05:27] <indigo> also, can we come back to to this one: http://pastie.org/2895790
[2011/11/20 19:05:28] @ Quit: joe-mac1: Ping timeout: 240 seconds
[2011/11/20 19:05:48] @ Spads_ joined channel #puppet
[2011/11/20 19:06:10] <indigo> classes should be resources just like any other, and i should be able to override their attributes, like any other, if i've inherited from the thing that made it. But, I can't. Why is that?
[2011/11/20 19:07:03] <indigo> actually, this brings to mind another strange possibility.
[2011/11/20 19:07:12] <Volcane> it should error when you try to do that imho - but mostly i think the design of param classes is fatally flawed on many levels
[2011/11/20 19:07:26] <Volcane> but basically a class is a singleton its one thing and cant change once created
[2011/11/20 19:07:38] <Volcane> so trying to do resource like overrides on a class just shouldnt make sense
[2011/11/20 19:07:54] <indigo> what do you mean, "created"?
[2011/11/20 19:08:06] <indigo> i don't really follow
[2011/11/20 19:08:15] <Volcane> once you include a class or do class{"foo": } thats it, its done
[2011/11/20 19:08:26] @ Quit: Spads: Ping timeout: 252 seconds
[2011/11/20 19:08:29] <Volcane> there's only 1 class and it doesnt change
[2011/11/20 19:08:35] <indigo> why is that different from file{"foo": } ?
[2011/11/20 19:08:48] <indigo> there's still only one File["foo"], and that doesn't change.
[2011/11/20 19:09:02] <Volcane> but files can change
[2011/11/20 19:09:11] <Volcane> say you manage /etc/puppet/puppet.conf
[2011/11/20 19:09:28] <Volcane> on all machines u want it to be template("puppet.erb") but on your puppet master you want puppet-master.erb
[2011/11/20 19:09:49] <Volcane> class inheritance - classes are just containers to group resources - lets you do that adjustment
[2011/11/20 19:10:04] <indigo> but classes are also resources
[2011/11/20 19:10:11] <Volcane> so on all machines you include puppet::config but on your master you include puppet::master which inherits from the config and sets the template
[2011/11/20 19:10:21] @ Kazuhiro left channel #puppet ()
[2011/11/20 19:10:21] <Volcane> no they're not - the syntax for param classes is a UX bug
[2011/11/20 19:10:32] <Volcane> its fucking dumb, confusing and promotes exactly the kind of errors in mental model you hve
[2011/11/20 19:10:37] <indigo> ugh.
[2011/11/20 19:10:44] <indigo> well until now, i saw no reason they shouldn't be.
[2011/11/20 19:10:53] <Volcane> yeah, cos its badly designed
[2011/11/20 19:10:54] <indigo> and the documentation explicitly says that classes are resources.
[2011/11/20 19:11:04] <Volcane> where?
[2011/11/20 19:11:10] <indigo> why is it bad? I still don't see the reason why it shouldn't work like i want it to work.
[2011/11/20 19:11:26] <indigo> if you are going to allow resources to be overridden, then why not also classes?
[2011/11/20 19:11:45] <Volcane> once you include a class - with whatever syntax -
[2011/11/20 19:11:51] <Volcane> its parsed and resources are created
[2011/11/20 19:12:04] <Volcane> if you then later were to somehow inherit this class and change vars? whats to happen?
[2011/11/20 19:12:14] <Volcane> should it somehow edit all the resources already created with that class?
[2011/11/20 19:12:14] <indigo> well, this sounds like an implementation error.
[2011/11/20 19:12:24] <Volcane> defined tyes behave more like what u want
[2011/11/20 19:12:40] <Volcane> but yes, param classes is a implementation error
[2011/11/20 19:13:05] <indigo> so you are saying get rid of parameratized classes?
[2011/11/20 19:13:22] <indigo> or just make it clear that they are not resources?
[2011/11/20 19:13:28] @ Quit: the_ramink: Ping timeout: 260 seconds
[2011/11/20 19:13:28] @ dan__t joined channel #puppet
[2011/11/20 19:13:47] <Volcane> shrug i dont influence the language design. whoever implimented param classes didnt think about it properly and the resulting implimentation is broken as you discovered - not fit for the use case
[2011/11/20 19:13:51] <Volcane> so personally i dont use them
[2011/11/20 19:14:16] <indigo> how do you solve that problem, then?
[2011/11/20 19:14:52] <Volcane> more importantly using param classes now - with all the legion of bugs, bad design and unintended consequences - will almost certainly ensure that you will rewrite your manifests when these issues get solved
[2011/11/20 19:16:12] <indigo> they solve a common problem though, and i'm not sure how i'd otherwise solve that problem
[2011/11/20 19:16:50] <indigo> say i have a class that makes my node sync to an ntp server, but not all my nodes sync to the same server. what do i do?
[2011/11/20 19:16:50] <Volcane> the inheritance model that puppet has just doesnt let you override data - and resources created from data - properly
[2011/11/20 19:17:12] <Volcane> so if you have a data problem - like you do - externalizing data is the solution
[2011/11/20 19:17:28] <indigo> by externalizing the data, you mean use heira?
[2011/11/20 19:17:29] @ checkers joined channel #puppet
[2011/11/20 19:17:34] <Volcane> in my case, i have country_us.json that puts all my machines in US to use the us pool ntp servers
[2011/11/20 19:17:42] <Volcane> and country_uk.json and maybe some.node.com.json
[2011/11/20 19:17:47] <Volcane> and maybe common.json
[2011/11/20 19:18:02] <Volcane> machines in country xx where there isnt a json file would just take data from common.json
[2011/11/20 19:18:04] <indigo> heira does this?
[2011/11/20 19:18:22] <Volcane> that way i have full flexibility over the data at all levels of my choosing - and i never have to change any code
[2011/11/20 19:18:27] <Volcane> yes. hiera and extlookup
[2011/11/20 19:18:36] <indigo> i see
[2011/11/20 19:18:45] <checkers> hi, I'd like to set a variable only if it's not already set. I tried this but it doesn't work: if $variable { # do nothing } else { $variable="default variable" }
[2011/11/20 19:18:57] <checkers> what's the correct way to do this?
[2011/11/20 19:19:14] <Volcane> country_us.json woul dhave {"ntpserver": ["1.us.pool.ntp.org", "2.us.pool.ntp.org"]}
[2011/11/20 19:19:17] <Volcane> simple as that
[2011/11/20 19:19:18] <indigo> checkers: set a new variable (convention is ot add a _real suffix), not re-set the old one.
[2011/11/20 19:19:37] <Volcane> in my ntp::config i have either $ntpserver = hiera("ntpserver") in the params or in the body of the class
[2011/11/20 19:19:48] <indigo> Volcane: i think that makes sense
[2011/11/20 19:20:14] <Volcane> a year from now if i decide i want another layer of data - say for customer
[2011/11/20 19:20:18] <Volcane> i just add that to hiera
[2011/11/20 19:20:20] <Volcane> no code change
[2011/11/20 19:20:29] <Volcane> hugely important for change control and such
[2011/11/20 19:20:35] <indigo> yeah
[2011/11/20 19:20:41] <indigo> well, i guess i better see the need now
[2011/11/20 19:20:53] <indigo> i'll look in to it more. thanks for the discussion
[2011/11/20 19:21:15] <Volcane> you can search my blog www.devco.net for hiera and extlookup to see use cases etc
[2011/11/20 19:21:25] <Volcane> (i wrote both extlookup and hiera)
[2011/11/20 19:21:28] <checkers> indigo: thanks
[2011/11/20 19:22:01] @ Quit: indigo: Quit: leaving
[2011/11/20 19:22:10] <checkers> indigo: so something like: if $variable { $variable_real = $variable } else { $variable_real = "default value" } ?
[2011/11/20 19:22:14] <checkers> blah
[2011/11/20 19:22:17] @ choonming joined channel #puppet
[2011/11/20 19:22:37] <Volcane> checkers: try if $variable == undef { ... } might work
[2011/11/20 19:23:29] @ Quit: bmahe: Quit: Leaving
[2011/11/20 19:25:45] @ ghanima joined channel #puppet
[2011/11/20 19:26:37] @ Quit: jsm: Quit: jsm
[2011/11/20 19:34:46] @ countskm joined channel #puppet
[2011/11/20 19:39:35] @ jsm joined channel #puppet
[2011/11/20 19:40:48] <jsm> yawn
[2011/11/20 19:41:52] @ Quit: e1mer: Ping timeout: 240 seconds
[2011/11/20 19:47:09] <checkers> thanks Volcane, I think it works, I'm just fighting some ordering rules
[2011/11/20 19:49:40] <sascha_> Volcane: since you're still awake (aren't you in the UK?), I have a couple more hiera questions
[2011/11/20 19:50:13] <sascha_> the default hierarchy in the /etc/hiera.conf, is that just a default? Can I set that in each class/use case where I'm grabbing data?
[2011/11/20 19:51:18] @ joe-mac1 joined channel #puppet
[2011/11/20 19:54:22] <sascha_> also, I'm looking at ext lookup. When I first read the hiera doc, I thought it was a replacement for extlookup; but now it looks as though the two are complimentary?
[2011/11/20 19:54:41] @ e1mer joined channel #puppet
[2011/11/20 20:00:39] @ delewis joined channel #puppet
[2011/11/20 20:01:37] @ bobra joined channel #puppet
[2011/11/20 20:03:59] @ Spads joined channel #puppet
[2011/11/20 20:04:29] @ spleeyah joined channel #puppet
[2011/11/20 20:05:44] <spleeyah> Two questions: 1) would a boolean in puppet be true/false or True/False 2) if in a template i want to do <% if foo == true %>output<% endif %> ... is that the proper syntax?
[2011/11/20 20:05:48] <spleeyah> (I'm not a ruby person). :P
[2011/11/20 20:07:01] @ Quit: Spads_: Ping timeout: 240 seconds
[2011/11/20 20:09:52] @ alanna joined channel #puppet
[2011/11/20 20:10:40] @ Quit: Djelibeybi: Quit: Textual IRC Client: http://www.textualapp.com/
[2011/11/20 20:11:49] @ Quit: kubicek: Ping timeout: 240 seconds
[2011/11/20 20:15:07] @ MUILTFN joined channel #puppet
[2011/11/20 20:15:31] @ tilgovi joined channel #puppet
[2011/11/20 20:15:33] @ Quit: tilgovi: Changing host
[2011/11/20 20:15:33] @ tilgovi joined channel #puppet
[2011/11/20 20:16:36] @ kubicek joined channel #puppet
[2011/11/20 20:17:34] @ Quit: newtMcKerr: Quit: Leaving.
[2011/11/20 20:18:40] @ Quit: joe-mac1: Ping timeout: 240 seconds
[2011/11/20 20:21:00] @ Quit: spleeyah: Remote host closed the connection
[2011/11/20 20:27:54] <Volcane> sascha_: the hierarchy is global and you can add 1 entry to the top of the hierarchy in an specific hiera() call using the 3rd param
[2011/11/20 20:28:02] <Volcane> sascha_: hiera replaces eventually extlookup
[2011/11/20 20:28:09] <Volcane> sascha_: atm i am in portland visiting puppetlabs
[2011/11/20 20:28:34] <sascha_> oh, that makes more sense
[2011/11/20 20:28:39] <sascha_> the last, that is :)
[2011/11/20 20:29:24] <sascha_> so if hiera finds a matching value in two places, which one wins?
[2011/11/20 20:29:33] <sascha_> I think i read that it stops once it finds a value?
[2011/11/20 20:29:38] <Volcane> for the normal hiera() the first one wins
[2011/11/20 20:29:50] <Volcane> but there's also hiera_array and hiera_hash which combines
[2011/11/20 20:30:12] <sascha_> oof. Lot of stuff to learn
[2011/11/20 20:30:47] <sascha_> trying to figure out the best way to arrange my data and use it
[2011/11/20 20:31:37] <sascha_> I started the day out writing erb templates then got distracted constructing data to go in them. I may have to go back to writing templates while I let all this simmer
[2011/11/20 20:31:42] @ Quit: kubicek: Quit: ZNC - http://znc.sourceforge.net
[2011/11/20 20:31:55] <Volcane> yeah modeling data is very complex
[2011/11/20 20:32:06] <Volcane> understanding teh relationship of complex data to complex architectures
[2011/11/20 20:32:24] <Volcane> and most of us just cant do it without strong programming or analytical backgrounds
[2011/11/20 20:32:44] <sascha_> and because I'm doing this for someone else, I have to make sure the data is maintainable by the devs when I hand this off
[2011/11/20 20:32:50] <Volcane> and then you look at the move towards purely paramaterized classes that puppet is taking and then boggle
[2011/11/20 20:32:57] <sascha_> I looked at those
[2011/11/20 20:33:11] <sascha_> I couldn't entirely tell the use case difference between a def and a param class
[2011/11/20 20:33:39] <Volcane> hiera has a data structure that maps well to the 'physical' of what we tend to manage but u need to understand it
[2011/11/20 20:33:47] <Volcane> thinking of it like a case statement is best
[2011/11/20 20:34:24] <sascha_> yeah, I just meant, I'm not sure what the parameterized class gets you that you can't write in a definition or something else
[2011/11/20 20:34:39] <Volcane> bbiab
[2011/11/20 20:35:00] <sascha_> Most of my stuff is going to be class foo {grab hiera data => $foo and dump it into an erb template}
[2011/11/20 20:35:07] @ kubicek joined channel #puppet
[2011/11/20 20:35:21] <sascha_> for 20 different instances of a middleware app
[2011/11/20 20:37:52] @ Quit: fredden: Quit: Leaving
[2011/11/20 20:40:04] @ Quit: vagn: Quit: Leaving
[2011/11/20 20:42:57] @ Quit: dbgster: Quit: dbgster
[2011/11/20 20:47:35] <Volcane> sascha_: yeah - you can also do class foo($bar=hiera("bar")) { } or something to have param classes that fetch default data from hiera
[2011/11/20 20:47:43] <Volcane> sascha_: makes it a bit less rubbish
[2011/11/20 20:49:04] <sascha_> that's what I thought they were for (parameterized classes). I thought they looked like a place to pull instance data. I have encountered some stuff where people seem to want to embed lots of data in the class itself and I don't understand it.
[2011/11/20 20:49:27] <Volcane> yeah, so in the old days
[2011/11/20 20:49:41] <Volcane> node "foo" { $bar = "1" ; include foo }
[2011/11/20 20:49:47] <Volcane> would have had the same effect
[2011/11/20 20:49:53] <sascha_> my next puppet for chef users is going to be "where do I put my $#%Q! data?!" once I understand enough about what I'm doing to not sound dumb
[2011/11/20 20:49:58] <Volcane> the $bar would kind of fall through the scopes and just be visible in foo
[2011/11/20 20:50:04] @ gaveen joined channel #puppet
[2011/11/20 20:50:04] <Volcane> this caused a ton of weird shit to happen
[2011/11/20 20:50:04] @ Quit: gaveen: Changing host
[2011/11/20 20:50:04] @ gaveen joined channel #puppet
[2011/11/20 20:50:10] <sascha_> I bet
[2011/11/20 20:50:12] <Volcane> so now the scopes being tightened up a lot
[2011/11/20 20:50:24] <Volcane> so that it just wont work that way anymore - kind of
[2011/11/20 20:50:39] <Volcane> anyway so the only real/correct way to get data into a class is via a parameter
[2011/11/20 20:50:52] <sascha_> I'm a fan of that
[2011/11/20 20:51:01] <Volcane> on paper it make sense
[2011/11/20 20:51:10] <Volcane> but then you actually try to use it and its a cluster fuck
[2011/11/20 20:51:20] <sascha_> the parameterized class?
[2011/11/20 20:51:47] <sascha_> well maybe they just don't have the use case ironed out for it. Is it to fill in for some missing functionality?
[2011/11/20 20:51:51] <Volcane> yes, very suddenly you go through the pains indigo went through earlier today
[2011/11/20 20:51:58] <Volcane> its either a LOT of reptition
[2011/11/20 20:52:01] <Volcane> or not flexible at all
[2011/11/20 20:52:14] <Volcane> neither is desirable
[2011/11/20 20:52:17] <sascha_> right
[2011/11/20 20:52:24] <sascha_> I'm not a fan of the first especially
[2011/11/20 20:52:37] <Volcane> and then to "solve" those problems with puppet
[2011/11/20 20:52:51] <Volcane> people who can program start writing external node classifiers in ruby/perl/python
[2011/11/20 20:53:11] <Volcane> where they model the data in a real programming language because the design of param classes basically makes 'just puppet' useless
[2011/11/20 20:53:15] <sascha_> I saw some of his issues earlier. I was keeping one eye on the discussion
[2011/11/20 20:53:25] <sascha_> right
[2011/11/20 20:54:11] <sascha_> so but what I don't quite get is the diff between a defined type and a parameterized class
[2011/11/20 20:54:31] <Volcane> yeah the lines are very blurred
[2011/11/20 20:54:38] @ l0g1sic joined channel #puppet
[2011/11/20 20:54:38] <Volcane> the design actively promote confusion and frustration
[2011/11/20 20:54:48] <Volcane> a param class is lke a define that u can use only once per node
[2011/11/20 20:54:59] <sascha_> because the defined type is what I've had in the back of my head for the jboss work I'm doing
[2011/11/20 20:55:07] <Volcane> so for example - 'install apache' - thats a class task
[2011/11/20 20:55:25] <Volcane> where add those vhost to the node is a define type task - cos you can have many vhosts on a machine
[2011/11/20 20:55:54] <sascha_> yes
[2011/11/20 20:55:59] <sascha_> I agree
[2011/11/20 20:56:36] <Volcane> and since classes need data - what version of apache to install - it needs parameters
[2011/11/20 20:56:53] <sascha_> ok
[2011/11/20 20:57:09] <sascha_> Im starting to see where this is going
[2011/11/20 20:58:35] <sascha_> I've had similar discussions about chef - because chef recipes can have attributes and they can have data. When is a piece of information an attribute and when is it data? Both can be overridden in chef but they are handled very differently.
[2011/11/20 20:59:04] @ Quit: tilgovi: Read error: Operation timed out
[2011/11/20 20:59:23] @ tilgovi joined channel #puppet
[2011/11/20 21:00:46] @ tily joined channel #puppet
[2011/11/20 21:02:15] <Volcane> yeah donno the specifics of chef but its databags has a similar override structure to hiera
[2011/11/20 21:02:23] <sascha_> right
[2011/11/20 21:02:32] <Volcane> except hiera is configurable and u can have them however u want
[2011/11/20 21:02:47] <sascha_> yeah the yaml threw me a bit at first
[2011/11/20 21:02:59] <sascha_> but I can see how that would make it way more flexible than just json
[2011/11/20 21:03:17] <Volcane> you can use either, they're more or less interchangable
[2011/11/20 21:03:37] <Volcane> puppet already use yaml for some other stuff - external nodes etc - so ppl would have seen yaml before maybe
[2011/11/20 21:03:53] <Volcane> and not all versions of ruby comes with json so i didnt want to default to that
[2011/11/20 21:04:23] <sascha_> I just started editing a client's wiki and they run mediawiki software, so I actually recognized some of the yaml notation when I thought about it
[2011/11/20 21:05:43] <sascha_> regardless, the whole thing's been fun for me
[2011/11/20 21:06:06] <sascha_> I like puzzles, and config mgmt is like one never-ending game of puzzles
[2011/11/20 21:08:05] <jsm> Volcane: I tried doing what you mention with passing a user list to a user define function, but i keep getting initialized constant as soon as I try to reference the hash: http://fpaste.org/Nzcb/
[2011/11/20 21:08:54] <Volcane> jsm: if u want something in the define you either have to pass it in as a paramter or do the hiera lookup in the define
[2011/11/20 21:12:50] <jsm> ok, so i changed to this: http://fpaste.org/IXs6/, and still get the Uninitialized constant...
[2011/11/20 21:13:36] @ Spads_ joined channel #puppet
[2011/11/20 21:14:01] @ lak joined channel #puppet
[2011/11/20 21:14:01] @ Quit: lak: Changing host
[2011/11/20 21:14:01] @ lak joined channel #puppet
[2011/11/20 21:14:02] <sascha_> wouldn't the variable need to prefaced with @?
[2011/11/20 21:14:27] <Volcane> jsm: whats the actual error?
[2011/11/20 21:14:33] <Volcane> sascha_: nah not in puppet code - thas ruby
[2011/11/20 21:14:38] <jsm> Volcane: err: Could not retrieve catalog from remote server: Error 400 on SERVER: uninitialized constant Puppet::ParserError at /etc/puppet/environments/cloudg/modules/user/manifests/virtual.pp:21 on node ip-10-12-23-26.ec2.internal
[2011/11/20 21:14:39] <sascha_> :) k
[2011/11/20 21:14:47] <jsm> line 21 is the first line of the define
[2011/11/20 21:16:24] <Volcane> jsm: thats pretty bad - but by looking at that code your define is outside of the class {} so its just localuser not user::virtual::localuser
[2011/11/20 21:16:48] @ Quit: Spads: Ping timeout: 276 seconds
[2011/11/20 21:19:00] <jsm> sorry, perhaps i should paste the full thing.. may make it easier: http://fpaste.org/JbM7/
[2011/11/20 21:19:06] <jsm> they are actually in 2 different files/classes
[2011/11/20 21:20:26] <jsm> $lo_admin_users is a puppet fact… and i can test the fact that lo_users is returned via the hiera cli
[2011/11/20 21:20:47] <Volcane> ok - weird donno - that error is an error telling you it couldnt show you the real error
[2011/11/20 21:20:51] <jsm> so it's tough to debug the unintialized constant error
[2011/11/20 21:24:11] <Volcane> line 66 should be => User[...]
[2011/11/20 21:24:20] <Volcane> donno if thats it but its something
[2011/11/20 21:25:11] <jsm> thanks, but didn't do the trick...
[2011/11/20 21:25:14] @ ezmobius joined channel #puppet
[2011/11/20 21:25:44] <jsm> i wonder if i should show you my actual yaml
[2011/11/20 21:25:47] <jsm> would that help?
[2011/11/20 21:27:25] <Volcane> what version puppet?
[2011/11/20 21:27:53] <jsm> 2.7.1
[2011/11/20 21:28:49] <jsm> http://fpaste.org/Z2wG/ is my yaml that's referenced for hiera('lo_users')
[2011/11/20 21:29:15] <jsm> i'm think it may be the problem
[2011/11/20 21:30:26] @ mitchellh joined channel #puppet
[2011/11/20 21:30:28] @ Quit: mitchellh: Client Quit
[2011/11/20 21:30:45] @ dissipate joined channel #puppet
[2011/11/20 21:30:46] @ Quit: dissipate: Changing host
[2011/11/20 21:30:46] @ dissipate joined channel #puppet
[2011/11/20 21:31:39] <Volcane> so thats a array of hashes
[2011/11/20 21:31:47] <Volcane> you're using it as if its a hash of hashes
[2011/11/20 21:31:58] <Volcane> $ ruby -r yaml -r pp -e 'pp YAML.load_file("foo.yaml")'
[2011/11/20 21:32:05] <Volcane> shows you the structure
[2011/11/20 21:32:14] <Volcane> where you do like $user_hash[$name]['key_type']
[2011/11/20 21:34:39] <jsm> ah, exactly.. ok… so i will see how to make this yaml be a hash of hashes
[2011/11/20 21:35:32] @ Spads joined channel #puppet
[2011/11/20 21:35:33] @ Quit: Spads: Changing host
[2011/11/20 21:35:33] @ Spads joined channel #puppet
[2011/11/20 21:38:33] @ the_ramink joined channel #puppet
[2011/11/20 21:39:12] @ Quit: Spads_: Ping timeout: 245 seconds
[2011/11/20 21:39:36] @ mitchellh joined channel #puppet
[2011/11/20 21:42:45] @ Quit: Holocaine:
[2011/11/20 21:43:19] @ Quit: dissipate: Read error: Connection reset by peer
[2011/11/20 21:45:40] @ marczak joined channel #puppet
[2011/11/20 21:48:07] @ ezmobius is now known as ezmobius\|zoning
[2011/11/20 21:48:32] @ Quit: marczak_: Ping timeout: 248 seconds
[2011/11/20 21:55:35] <jsm> Volcane: much closer now: Puppet::Parser::AST::Resource failed with error ArgumentError: No title provided and :user is not a valid resource reference at /etc/puppet/environments/cloudg/modules/user/manifests/virtual.pp
[2011/11/20 21:55:48] <jsm> yaml is now a hash of hashes
[2011/11/20 21:56:04] @ Maliuta joined channel #puppet
[2011/11/20 21:56:28] <jsm> that is referring to line 40 of http://fpaste.org/JbM7/
[2011/11/20 21:59:42] @ Quit: vkdir: Ping timeout: 258 seconds
[2011/11/20 22:00:06] @ Quit: localhost: Remote host closed the connection
[2011/11/20 22:00:42] <jsm> fixed it
[2011/11/20 22:00:47] @ joshcooper joined channel #puppet
[2011/11/20 22:01:12] <jsm> Volcane, I owe you big time. Whenever you're in DC, contact me. I'd be happy to take you out for some beers and pick your brain.
[2011/11/20 22:01:20] @ localhost joined channel #puppet
[2011/11/20 22:02:42] <eric0> jsm: http://www.devco.net/wishlist/
[2011/11/20 22:03:38] <jsm> eric0: even better, thanks
[2011/11/20 22:05:31] @ pugnacity joined channel #puppet
[2011/11/20 22:05:44] <jsm> hmm.. i wonder if amazon U.S. users can buy for amazon U.K.
[2011/11/20 22:07:14] <the_ramink> jsm: I've bought stuff through amazon uk when I didn't want to wait a year for the next Iain M Banks book to hit the US
[2011/11/20 22:07:18] @ Quit: emergion: Quit: later...
[2011/11/20 22:08:39] <eric0> _surface detail_ ftw!!
[2011/11/20 22:09:36] <the_ramink> heh
[2011/11/20 22:09:59] @ Quit: ianbrandt: Quit: ianbrandt
[2011/11/20 22:10:53] <checkers> I have a puppet question. I think it's about the order of evaluation of my puppet configuration. Here's my config and the output I see: http://www.privatepaste.com/e430f7a1e5
[2011/11/20 22:10:59] @ ezmobius\|zoning is now known as ezmobius\|zoning\|
[2011/11/20 22:11:07] @ Quit: jamescollins: Quit: jamescollins
[2011/11/20 22:11:36] <checkers> I want to override the NTP servers for a few servers. But it seems that puppet is not picking up my node override as expected
[2011/11/20 22:12:03] <Volcane> jsm: thanks :) no more wishlist though i have a pile of books as high as i am from the wishlist already and most still to read :)
[2011/11/20 22:12:20] <Volcane> stupid amazon in the uk wont let ppl gift ebooks/kindle books that would be good sigh
[2011/11/20 22:12:33] <checkers> I think the reason is because the soe class is evaluated before the contents of the 'app.equ' class
[2011/11/20 22:12:48] <checkers> can anyone confirm, and offer advice on how to fix this?
[2011/11/20 22:12:49] <jsm> Volcane: ah, dang… I could gift you a gift card :)
[2011/11/20 22:13:00] @ vkdir joined channel #puppet
[2011/11/20 22:13:21] <Volcane> heh
[2011/11/20 22:17:15] <checkers> yeah. it seems my guess is right. The node 'app.equ' is evaluated after my 'soe' class is run, so it can't override the configuration
[2011/11/20 22:17:36] @ Quit: vkdir: Ping timeout: 260 seconds
[2011/11/20 22:17:52] <checkers> how can I use this class inheritence with overrides? Or is it not possible
[2011/11/20 22:21:13] <eric0> checkers: underneath the syntax, you have a data/code separation problem that you should address with extlookup/heira or your own node classifier
[2011/11/20 22:22:45] <checkers> What problem is that?
[2011/11/20 22:22:49] @ Quit: alanna: Remote host closed the connection
[2011/11/20 22:23:13] @ alanna joined channel #puppet
[2011/11/20 22:24:54] <eric0> you have some bits of data that apply to most hosts, but some special machines need to override those defaults
[2011/11/20 22:25:41] <eric0> at the moment this is just ntp server ip addreses, but since puppet node inheritance only works 1 time, if there's another axis on which those machines differ, you can't reuse this mechanism
[2011/11/20 22:26:12] <jsm> eric0: use hiera :)
[2011/11/20 22:26:45] @ Quit: noakes: Quit: noakes
[2011/11/20 22:27:00] <eric0> jsm: its not my problem, i'm responding to checkers (with that same advice)
[2011/11/20 22:27:15] <jsm> eric0: oh heh.. i need sleep clearly
[2011/11/20 22:27:25] <jsm> time for netflix and nap time
[2011/11/20 22:27:26] <jsm> g'nite
[2011/11/20 22:28:06] @ Quit: alanna: Ping timeout: 260 seconds
[2011/11/20 22:28:07] <checkers> So you're saying, we currently architect the puppet tree by DC/hostname, but sometimes we'll want to classify nodes by something other than DC first?
[2011/11/20 22:28:56] <checkers> eg, equ::app01 vs app::01.equ
[2011/11/20 22:30:30] <eric0> aye, inevitably something will come up and you won't be able to adapt node inheritance to it, because its pretty fscked (as i think even PL folk agree)
[2011/11/20 22:30:39] <checkers> I think we solved this problem. We have puppet code blocks classified into 'roles' for configuration that shouldn't be grouped by datacenter
[2011/11/20 22:31:12] <checkers> I don't know the technical term, but it's like adding a blog post tag to a section of puppet code, and we can literally just include it onto the relevant machines
[2011/11/20 22:31:44] <checkers> `include roles::ourapp::webserver` for that stuff
[2011/11/20 22:32:06] <checkers> mostly network stuff goes into the DC (eg 'equ') level of the node hierarchy, like this NTP thing
[2011/11/20 22:32:48] @ artkrz joined channel #puppet
[2011/11/20 22:32:59] <checkers> (fwiw, I agree this is a common problem. The only true solution IMO is to have a flat hierarchy and add another layer on top that lets you create arbitrary sets of nodes which you can name)
[2011/11/20 22:33:33] @ sumsuch joined channel #puppet
[2011/11/20 22:33:50] <checkers> which is basically what we've done. perhaps we should move this network configuration into the same structure
[2011/11/20 22:35:17] @ Stenbryggen joined channel #puppet
[2011/11/20 22:35:22] <eric0> https://github.com/puppetlabs/hiera is the supported option
[2011/11/20 22:35:34] @ Quit: Stenbryggen: Client Quit
[2011/11/20 22:36:03] <eric0> we took this to an extreme and built a config management DB around http://verdad.sf.net/ which implements the same hierarchy-with-overrides ideas in a key-values tore
[2011/11/20 22:36:07] <eric0> ^tore^store
[2011/11/20 22:36:17] @ riha joined channel #puppet
[2011/11/20 22:36:59] <checkers> hm, this looks like a key-value store too
[2011/11/20 22:36:59] @ zwi1 joined channel #puppet
[2011/11/20 22:38:37] @ Quit: zwi: Read error: Operation timed out
[2011/11/20 22:38:44] <Volcane> its a k=v store with a hierarchy built in
[2011/11/20 22:38:52] <Volcane> that can also do hash merges and build arrays
[2011/11/20 22:39:09] <Volcane> removes all this awkward modeling that you're doing in code
[2011/11/20 22:40:08] <checkers> So you're suggesting, going back to my example, that I just make soe have something like `$ntp_servers_real = hiera("ntp_servers")` and hiera will return the right data for each machine?
[2011/11/20 22:40:24] <Volcane> yup
[2011/11/20 22:40:55] <checkers> hm. When you say "supported", do you mean it's part of mainline?
[2011/11/20 22:41:18] <Volcane> eventually yeah
[2011/11/20 22:41:38] @ rutger_ joined channel #puppet
[2011/11/20 22:41:56] <checkers> it will be in 3.0 or something?
[2011/11/20 22:42:14] <Volcane> 2.8 apparently but who knows
[2011/11/20 22:43:18] <Volcane> also pretty easy to add new backends to it - someone wrote one that stores gpg encrypted data like passwords and shit - it was less than 50 lines of ruby code
[2011/11/20 22:43:25] <Volcane> and then everywhere you use hiera you get that ability
[2011/11/20 22:46:38] @ Rince left channel #puppet ("Leaving...")
[2011/11/20 22:49:35] @ Meier joined channel #puppet
[2011/11/20 22:51:25] @ Quit: joshcooper: Quit: joshcooper
[2011/11/20 22:52:39] @ mmoya joined channel #puppet
[2011/11/20 22:56:02] @ larstobi joined channel #puppet
[2011/11/20 22:59:17] @ rcrowley joined channel #puppet
[2011/11/20 22:59:32] @ Quit: mosen: Quit: Leaving
[2011/11/20 22:59:55] @ alanna joined channel #puppet
[2011/11/20 23:00:55] @ Quit: gniks: Quit: Leaving.
[2011/11/20 23:01:37] @ EL84 joined channel #puppet
[2011/11/20 23:07:21] @ Quit: dgillies: Remote host closed the connection
[2011/11/20 23:10:11] @ bkdem joined channel #puppet
[2011/11/20 23:13:55] @ jaydg joined channel #puppet
[2011/11/20 23:19:19] @ Quit: nokia3510: Ping timeout: 244 seconds
[2011/11/20 23:21:58] @ Vasik\|work joined channel #puppet
[2011/11/20 23:23:17] @ emergion joined channel #puppet
[2011/11/20 23:27:21] @ Quit: gaveen: Quit: Leaving
[2011/11/20 23:32:05] @ DJClean joined channel #puppet
[2011/11/20 23:32:35] @ jaytaph joined channel #puppet
[2011/11/20 23:33:12] @ Quit: alanna: Remote host closed the connection
[2011/11/20 23:33:35] @ alanna joined channel #puppet
[2011/11/20 23:34:27] @ octane- joined channel #puppet
[2011/11/20 23:37:35] @ Quit: ghg: Quit: Computer has gone to sleep.
[2011/11/20 23:38:30] @ Quit: alanna: Ping timeout: 276 seconds
[2011/11/20 23:42:25] @ larsar joined channel #puppet
[2011/11/20 23:44:41] @ MattyM joined channel #puppet
[2011/11/20 23:46:45] @ Quit: jsm: Quit: jsm
[2011/11/20 23:48:09] @ alanna joined channel #puppet
[2011/11/20 23:50:40] @ Quit: MUILTFN: Ping timeout: 240 seconds
[2011/11/20 23:51:24] @ Quit: emergion: Quit: later...
[2011/11/20 23:51:31] @ Quit: tilgovi: Ping timeout: 260 seconds
[2011/11/20 23:53:47] @ Quit: lak: Quit: Leaving.
[2011/11/20 23:54:01] @ trickyf joined channel #puppet
[2011/11/20 23:54:06] @ emergion joined channel #puppet
[2011/11/20 23:57:04] @ Quit: alanna: Remote host closed the connection
[2011/11/20 23:57:39] @ alanna joined channel #puppet

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!