Friday, 2012-01-13

[2012/01/13 00:00:59] @ Log started by gepetto
[2012/01/13 00:00:59] @ swygue joined channel #puppet
[2012/01/13 00:02:02] @ dim0 joined channel #puppet
[2012/01/13 00:03:56] @ Quit: kermit: Quit: Leaving.
[2012/01/13 00:10:47] @ Quit: shadoi: Quit: Leaving.
[2012/01/13 00:12:40] @ IndyMichaelB joined channel #puppet
[2012/01/13 00:15:12] @ Quit: emmanuelux: Remote host closed the connection
[2012/01/13 00:15:22] @ Quit: crazed: Read error: Connection reset by peer
[2012/01/13 00:15:32] @ crazed joined channel #puppet
[2012/01/13 00:17:20] @ shadoi joined channel #puppet
[2012/01/13 00:17:21] @ Quit: shadoi: Client Quit
[2012/01/13 00:17:59] @ emmanuelux joined channel #puppet
[2012/01/13 00:24:56] @ Quit: dim0: Quit: This computer has gone to sleep
[2012/01/13 00:29:20] @ KingBug_ is now known as KingBug
[2012/01/13 00:29:22] <nevyn> yes but a few things won't work.
[2012/01/13 00:29:34] <nevyn> in particular puppetrun isn't going to work.
[2012/01/13 00:30:28] @ Quit: ssvarma: Quit: Leaving.
[2012/01/13 00:31:44] @ emmanuel_ joined channel #puppet
[2012/01/13 00:31:44] @ Quit: emmanuelux: Write error: Connection reset by peer
[2012/01/13 00:34:19] @ ckauhaus joined channel #puppet
[2012/01/13 00:36:08] @ Quit: ckauhaus: Client Quit
[2012/01/13 00:37:05] @ Quit: emmanuel_: Remote host closed the connection
[2012/01/13 00:39:43] @ seanh-ansca joined channel #puppet
[2012/01/13 00:39:57] @ lak joined channel #puppet
[2012/01/13 00:39:58] @ Quit: lak: Changing host
[2012/01/13 00:39:58] @ lak joined channel #puppet
[2012/01/13 00:41:54] @ pipegeek joined channel #puppet
[2012/01/13 00:42:28] @ Quit: pipegeek: Client Quit
[2012/01/13 00:42:34] @ pipegeek joined channel #puppet
[2012/01/13 00:43:13] @ Quit: paroneayea: Read error: Connection reset by peer
[2012/01/13 00:43:58] @ Quit: pipegeek: Client Quit
[2012/01/13 00:45:09] @ Quit: Holocaine: Ping timeout: 255 seconds
[2012/01/13 00:47:37] @ langworthy joined channel #puppet
[2012/01/13 00:51:48] @ Surv_OT_Fittest joined channel #puppet
[2012/01/13 00:52:53] @ Quit: Surv_OT_Fittest: Client Quit
[2012/01/13 00:53:27] @ Quit: rodnet: Quit: Leaving
[2012/01/13 00:56:31] @ xeor joined channel #puppet
[2012/01/13 00:57:19] @ catay joined channel #puppet
[2012/01/13 00:58:16] @ Quit: neonflux: Ping timeout: 240 seconds
[2012/01/13 00:58:40] @ fimblo joined channel #puppet
[2012/01/13 01:02:45] @ neonflux joined channel #puppet
[2012/01/13 01:03:13] @ Quit: alanevans: Ping timeout: 252 seconds
[2012/01/13 01:06:39] @ samix__ joined channel #puppet
[2012/01/13 01:08:01] <samix__> hey consider a simple manifest http://dpaste.org/0SbX3/
[2012/01/13 01:08:19] <samix__> now when I run this on the server there may be two cases
[2012/01/13 01:08:49] <samix__> 1) iptables already running -> in this case, iptables is stopped and chkconfig iptables off run successfully
[2012/01/13 01:10:05] <samix__> 2) iptables not running -> I get an error that cannot stop service and puppet also skips chkconfig
[2012/01/13 01:10:24] <samix__> when it should atleast have chkconfiged the service off
[2012/01/13 01:12:25] @ Quit: kelseyhightower: Quit: kelseyhightower
[2012/01/13 01:13:55] <Harzilein> sigh:
[2012/01/13 01:13:56] <Harzilein> debug: /Stage[main]/App::Gemini/Rvm_gem[ruby-1.9.2-p290/bundler]/ensure: bundler "1.0.21 ruby" is installed, latest is "1.0.21"
[2012/01/13 01:14:09] <Djelibeybi> samix__: iptables has no running daemon
[2012/01/13 01:14:20] <Djelibeybi> samix__: so you need a hasstatus => true in the service definition
[2012/01/13 01:14:30] <Djelibeybi> samix__: so it uses /etc/init.d/iptables status to determine if it's running or not
[2012/01/13 01:14:41] <Djelibeybi> samix__: without it, it checks for a process called "iptables", which doesn't exist
[2012/01/13 01:15:03] <samix__> Djelibeybi: thanks, doing that now
[2012/01/13 01:16:55] @ alanevans joined channel #puppet
[2012/01/13 01:17:35] <samix__> err: /Stage[main]/Blackout/Service[ip6tables]/ensure: change from running to stopped failed: Could not stop Service[ip6tables]: Execution of '/sbin/service ip6tables stop' returned 3: at /etc/puppet/modules/blackout/manifests/init.pp:13
[2012/01/13 01:17:52] <samix__> now, after this I am expecting puppet to chkconfig iptables off
[2012/01/13 01:18:14] <samix__> but this does not happen
[2012/01/13 01:18:58] @ kermit joined channel #puppet
[2012/01/13 01:18:58] <samix__> ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[2012/01/13 01:19:20] <samix__> but it start the service
[2012/01/13 01:21:54] @ ali3n0 joined channel #puppet
[2012/01/13 01:21:55] @ Quit: gazoombo: Quit: Leaving.
[2012/01/13 01:21:55] <Djelibeybi> Yeah, iptables is a tricky one, because there isn't technically a service
[2012/01/13 01:22:07] <samix__> hmm, on further investigation
[2012/01/13 01:22:12] <samix__> it seems that on trying to stop iptables
[2012/01/13 01:22:15] <samix__> it gets a non 0 return status
[2012/01/13 01:22:35] <samix__> but then still I am expecting it to go ahead and turn off the service in chkconfig ?
[2012/01/13 01:22:40] <samix__> wonder why is it skipping that
[2012/01/13 01:22:56] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 01:22:57] @ Quit: littleidea: Quit: littleidea
[2012/01/13 01:22:58] <Djelibeybi> No, it won't
[2012/01/13 01:23:07] <Djelibeybi> The entire thing has to work, or the whole thing won't work
[2012/01/13 01:23:15] <Djelibeybi> So, once the service fails, it doesn't continue
[2012/01/13 01:23:18] <nevyn> Djelibeybi: but it does
[2012/01/13 01:23:26] @ HarrisonZhu left channel #puppet ()
[2012/01/13 01:23:31] <Djelibeybi> nevyn: it does, what?
[2012/01/13 01:23:39] <nevyn> Djelibeybi: I think this is a bug in the provider imho
[2012/01/13 01:24:05] @ tomben joined channel #puppet
[2012/01/13 01:24:20] <Djelibeybi> nevyn: possibly
[2012/01/13 01:24:21] @ bmahe joined channel #puppet
[2012/01/13 01:24:22] @ Quit: bmahe: Changing host
[2012/01/13 01:24:22] @ bmahe joined channel #puppet
[2012/01/13 01:24:54] <nevyn> if I've specified running => false, enabled => false, then if it's not running then the provider should check it's disabled then say YEP it's consistant with the resource definition
[2012/01/13 01:25:07] <Djelibeybi> nevyn: fair enough
[2012/01/13 01:25:17] <Djelibeybi> nevyn: but if the stop fails, shouldn't the whole thing fail
[2012/01/13 01:25:29] <nevyn> no
[2012/01/13 01:25:31] <Djelibeybi> i.e. if it IS running, and Puppet can't stop it, it just throws an error
[2012/01/13 01:25:50] @ Quit: kenperkins: Quit: Computer has gone to sleep.
[2012/01/13 01:25:53] <nevyn> so in a similar vein...
[2012/01/13 01:26:14] @ littleidea joined channel #puppet
[2012/01/13 01:26:20] <Djelibeybi> nevyn: I'm just playing devil's advocate here. I actually agree with you.
[2012/01/13 01:26:24] <nevyn> if I have ensure => stopped for say telnetd and it's not installed (and hence not running) this shouldn't cause warnings
[2012/01/13 01:26:33] <nevyn> which is a more tenuous argument..
[2012/01/13 01:27:46] <nevyn> should the init script return an error for /etc/init.d/<service> stop if the service is already stopped?
[2012/01/13 01:28:06] <nevyn> or for /sbin/service <service> stop
[2012/01/13 01:28:24] <nevyn> and that relies on the vaguaries of distribution and os policies
[2012/01/13 01:28:26] <nevyn> :(
[2012/01/13 01:29:09] <nevyn> Djelibeybi: penny for your thoughts?
[2012/01/13 01:29:29] <Djelibeybi> nevyn: yeah, that's an interesting one
[2012/01/13 01:29:48] <Djelibeybi> nevyn: I think it does to throw the [FAILED] message
[2012/01/13 01:30:13] <Djelibeybi> And on that note, time to walk the dog.
[2012/01/13 01:30:15] <Djelibeybi> Back later
[2012/01/13 01:30:19] <nevyn> ok.
[2012/01/13 01:30:22] <nevyn> Djelibeybi: it does.
[2012/01/13 01:30:34] @ Quit: Djelibeybi: Quit: Textual IRC Client: http://www.textualapp.com/
[2012/01/13 01:30:34] @ Quit: alanevans: Ping timeout: 276 seconds
[2012/01/13 01:34:21] @ jaydg joined channel #puppet
[2012/01/13 01:41:43] @ Quit: and`: Ping timeout: 252 seconds
[2012/01/13 01:41:55] @ ckauhaus joined channel #puppet
[2012/01/13 01:42:40] @ alanevans joined channel #puppet
[2012/01/13 01:47:28] @ Quit: axisys: Ping timeout: 276 seconds
[2012/01/13 01:48:35] @ Quit: neonflux: Quit: Leaving.
[2012/01/13 01:53:21] @ Quit: sdog: Remote host closed the connection
[2012/01/13 01:58:08] @ Quit: ckauhaus: Quit: Leaving.
[2012/01/13 01:59:28] @ Quit: jeremywf: Read error: Operation timed out
[2012/01/13 02:00:19] @ Quit: gniks: Quit: Leaving.
[2012/01/13 02:01:00] @ Djelibeybi joined channel #puppet
[2012/01/13 02:01:23] @ Quit: lak: Quit: Leaving.
[2012/01/13 02:02:41] @ Quit: joe-mac: Ping timeout: 257 seconds
[2012/01/13 02:03:29] @ preds__ is now known as preds
[2012/01/13 02:04:40] @ axisys joined channel #puppet
[2012/01/13 02:05:19] @ Kazuhiro joined channel #puppet
[2012/01/13 02:06:09] @ Quit: swygue: Ping timeout: 240 seconds
[2012/01/13 02:07:00] @ Quit: danblack: Ping timeout: 276 seconds
[2012/01/13 02:07:21] @ octane- joined channel #puppet
[2012/01/13 02:08:05] @ Quit: ali3n0: Quit: Leaving.
[2012/01/13 02:10:36] @ Quit: ghg: Quit: Computer has gone to sleep.
[2012/01/13 02:10:48] <lkthomas> err: Could not retrieve catalog from remote server: hostname was not match with the server certificate
[2012/01/13 02:10:51] <lkthomas> guys, any idea ?
[2012/01/13 02:11:22] <mosen> the host name of the agent might have changed
[2012/01/13 02:11:42] <lkthomas> you mean the client ?
[2012/01/13 02:11:49] <mosen> yep
[2012/01/13 02:11:55] <lkthomas> nope
[2012/01/13 02:11:57] <lkthomas> it doesn't
[2012/01/13 02:12:02] <lkthomas> it's all fresh installation
[2012/01/13 02:12:11] <lkthomas> how could I clear all existing cert and regen ?
[2012/01/13 02:12:24] <aknapp> puppet cert clean <hostname>
[2012/01/13 02:12:25] <mosen> it was already signed?
[2012/01/13 02:12:28] <aknapp> on the master
[2012/01/13 02:12:35] <lkthomas> signed, so yes
[2012/01/13 02:12:57] <mosen> aknapp is correct :)
[2012/01/13 02:12:58] @ dim0 joined channel #puppet
[2012/01/13 02:14:07] <lkthomas> hang on now, server is clear, what about client ?
[2012/01/13 02:15:07] @ Deesl joined channel #puppet
[2012/01/13 02:15:10] @ Quit: rcrowley: Quit: Computer has gone to sleep.
[2012/01/13 02:15:24] <aknapp> ok, so, you cleared it on the master?
[2012/01/13 02:15:28] <lkthomas> yes
[2012/01/13 02:15:36] @ Quit: axisys: Ping timeout: 255 seconds
[2012/01/13 02:15:47] <aknapp> on the client, you can do something like this: puppet agent --onetime --no-daemonize --waitforcert 5 --server
[2012/01/13 02:15:59] <aknapp> with your master appended onto the end of that
[2012/01/13 02:16:16] <aknapp> so, like 'puppet agent --onetime --no-daemonize --waitforcert 5 --server puppet.domain.tld'
[2012/01/13 02:17:01] <aknapp> then on the master, you just do 'puppet cert sign <hostname>'
[2012/01/13 02:17:15] @ Quit: worstadmin: Ping timeout: 245 seconds
[2012/01/13 02:17:35] <aknapp> that's it
[2012/01/13 02:18:39] <lkthomas> not work
[2012/01/13 02:18:46] <lkthomas> agent die after couple seconds
[2012/01/13 02:19:10] <aknapp> what does it say?
[2012/01/13 02:19:13] <lkthomas> no output
[2012/01/13 02:19:20] @ Quit: littleidea: Quit: littleidea
[2012/01/13 02:19:23] <lkthomas> command just finish by itself
[2012/01/13 02:19:38] <aknapp> what version of puppet are you running?
[2012/01/13 02:20:04] <lkthomas> 2.6.12
[2012/01/13 02:20:16] <aknapp> k, that should work then
[2012/01/13 02:20:33] <lkthomas> is that possible to clear all cert on agent ?
[2012/01/13 02:20:43] <lkthomas> it will be a lot easier to run puppetca
[2012/01/13 02:20:54] <rmt_> aknapp, "puppet agent --test --waitforcert 15 --server puppetmaster.example.com"
[2012/01/13 02:21:04] <lkthomas> shit
[2012/01/13 02:21:06] <lkthomas> I understand now
[2012/01/13 02:21:13] <lkthomas> I have puppetd running on the background
[2012/01/13 02:22:00] <lkthomas> err: Could not retrieve catalog from remote server: SSL_connect returned=1 errno=0 state=SSLv3 read server session ticket A: sslv3 alert certificate revoked
[2012/01/13 02:22:12] @ st33v joined channel #puppet
[2012/01/13 02:25:04] @ Quit: alanevans: Ping timeout: 244 seconds
[2012/01/13 02:26:21] @ ckauhaus joined channel #puppet
[2012/01/13 02:26:37] @ jodok joined channel #puppet
[2012/01/13 02:26:47] @ Stenbryggen joined channel #puppet
[2012/01/13 02:26:49] @ Quit: seanh-ansca: Quit: Leaving.
[2012/01/13 02:27:09] @ worstadmin joined channel #puppet
[2012/01/13 02:28:21] <lkthomas> well
[2012/01/13 02:28:32] <lkthomas> seems no one know how to deal with client cert clear
[2012/01/13 02:28:37] <lkthomas> I remove the whole SSL dir and seems ok now
[2012/01/13 02:28:45] <aknapp> ha, sorry
[2012/01/13 02:28:47] <aknapp> stepped away
[2012/01/13 02:28:50] @ Meier joined channel #puppet
[2012/01/13 02:28:54] <aknapp> yeah, that's usually how I deal with it
[2012/01/13 02:28:58] <aknapp> remove the ssl dir
[2012/01/13 02:29:12] @ ali3n0 joined channel #puppet
[2012/01/13 02:29:13] * lkthomas smack aknapp because he stepped away
[2012/01/13 02:30:22] @ Quit: oatsport1: Read error: Connection reset by peer
[2012/01/13 02:31:12] @ Quit: langworthy: Quit: langworthy
[2012/01/13 02:31:12] <lkthomas> by the way, how does puppetmaster know if config file have been changed ?
[2012/01/13 02:31:22] @ Quit: st33v: Quit: st33v
[2012/01/13 02:31:26] <lkthomas> because I am using svn to manage all config file
[2012/01/13 02:32:06] @ Quit: jetole: Ping timeout: 252 seconds
[2012/01/13 02:32:36] @ DJClean joined channel #puppet
[2012/01/13 02:32:48] <rmt_> lkthomas, puppet recipes == config files?
[2012/01/13 02:32:54] @ Kazuhiro left channel #puppet ()
[2012/01/13 02:33:01] <lkthomas> sorry ?
[2012/01/13 02:33:14] <rmt_> lkthomas, the puppetmaster doesn't cache puppet recipes - it reads them from the filesystem every time.
[2012/01/13 02:33:20] @ langworthy_ joined channel #puppet
[2012/01/13 02:33:31] <rmt_> s/recipes/modules/
[2012/01/13 02:33:44] <lkthomas> every time = during service restart ?
[2012/01/13 02:34:37] <rmt_> lkthomas, every time the puppet clients talk to the puppet master, the puppet master reads what's on the filesystem again. Therefore, if you do an svn update, the next time a client checks in, you will have new puppet modules/manifests.
[2012/01/13 02:34:51] <rmt_> No puppetmaster restart necessary.
[2012/01/13 02:34:51] <lkthomas> understand
[2012/01/13 02:36:22] <rmt_> What I encourage, however, is not to think of puppet recipes as configs. Think about reusable modules. Node definitions are configs, but these could be in in the form of puppet manifests, or from external data sources.
[2012/01/13 02:36:52] <lkthomas> any example ?
[2012/01/13 02:37:19] @ Quit: Niarf: Quit: Leaving.
[2012/01/13 02:37:47] <rmt_> lkthomas, Do you ever deploy the same application to multiple machines?
[2012/01/13 02:38:09] @ alanevans joined channel #puppet
[2012/01/13 02:38:39] <rmt_> You normally wouldn't do node mymachine1 { package { 'foo': ensure => latest; } } several times. You'd instead do something like:
[2012/01/13 02:39:30] <rmt_> node mymachine1 { class { 'myappmodule': port => 9555, packageversion => 'latest', dbhost => 'foo.bar.com' } }
[2012/01/13 02:39:32] @ jetole joined channel #puppet
[2012/01/13 02:40:03] <rmt_> Or, even better, node mymachine_in_environment_x { ... as above ... }
[2012/01/13 02:40:35] <rmt_> and then: node mymachine1 inherits myapp_in_environment_x { ... as above ... }
[2012/01/13 02:40:46] <rmt_> (sorry, myapp_in_environment_x is correct)
[2012/01/13 02:42:20] <rmt_> Try to make clean re-usable classes, even for configuring a single application. And then have nodes include these classes.
[2012/01/13 02:42:27] @ Quit: langworthy_: Quit: langworthy_
[2012/01/13 02:43:37] <rmt_> We found puppet-based node definitions and node templates limiting at my company (too many environments & datacenters), so we started using an ENC for this.
[2012/01/13 02:45:01] <rmt_> But having this nice separation between node configuration and reusable puppet modules made this easy. :-)
[2012/01/13 02:46:17] @ langworthy joined channel #puppet
[2012/01/13 02:49:28] @ Vasik\|work joined channel #puppet
[2012/01/13 02:50:24] @ Quit: Djelibeybi: Quit: Textual IRC Client: http://www.textualapp.com/
[2012/01/13 02:51:47] @ Quit: mauve_: Remote host closed the connection
[2012/01/13 02:52:38] @ Quit: larstobi1: Quit: Leaving.
[2012/01/13 02:52:53] @ Quit: erkules\|away: Changing host
[2012/01/13 02:52:53] @ erkules\|away joined channel #puppet
[2012/01/13 02:52:57] @ erkules\|away is now known as erkules
[2012/01/13 02:53:13] @ sdog joined channel #puppet
[2012/01/13 02:53:42] @ Quit: sdog: Changing host
[2012/01/13 02:53:42] @ sdog joined channel #puppet
[2012/01/13 02:54:50] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 02:55:36] @ tomben joined channel #puppet
[2012/01/13 02:56:22] @ Quit: bmahe: Quit: Leaving
[2012/01/13 02:59:59] @ axisys joined channel #puppet
[2012/01/13 03:00:23] <_NiC> What's ENC?
[2012/01/13 03:01:13] @ Quit: choonming: Quit: Leaving
[2012/01/13 03:01:20] @ Ramonster joined channel #puppet
[2012/01/13 03:01:37] @ trickyf joined channel #puppet
[2012/01/13 03:01:58] <mosen> external node classifier
[2012/01/13 03:02:13] <rmt_> External Node Classifier .. a way to get classes & parameters for a specific node using an external script.
[2012/01/13 03:06:00] <rmt_> Most often used if you have a central database of machines in some external database, and you want to use that as a primary means to configure a machine. It can still be combined with node definitions if required. In my case, our system database contains pointers to the rest of the configuration (an app module, a release of that app module, and a role within the app module)
[2012/01/13 03:06:38] <rmt_> Most people are on a much smaller scale, and an ENC will be of little value .. but as I said, good design is good design. ;-)
[2012/01/13 03:08:04] @ Quit: ldlework: Ping timeout: 240 seconds
[2012/01/13 03:08:44] <_NiC> Right.. don't think we need ENC quite yet then. :)
[2012/01/13 03:10:17] @ xanthspod joined channel #puppet
[2012/01/13 03:12:12] @ zul joined channel #puppet
[2012/01/13 03:12:38] @ pmorillon joined channel #puppet
[2012/01/13 03:12:58] @ raphdg joined channel #puppet
[2012/01/13 03:17:01] @ inecas joined channel #puppet
[2012/01/13 03:17:05] @ zipkid_ is now known as zipkid
[2012/01/13 03:18:10] @ Quit: mosen: Quit: Leaving
[2012/01/13 03:18:51] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 03:19:38] @ tomben joined channel #puppet
[2012/01/13 03:21:19] @ lkoranda joined channel #puppet
[2012/01/13 03:22:07] <nevyn> rmt_: I sometimes think environments are a feature that's abused. a few environments per change control domain would seem more than enough. if you're doing an environment per application I'd suggest that's doing it wrong (not saying you are doing this)
[2012/01/13 03:23:00] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 03:23:49] <lkthomas> guys, if puppet client is on NATed private IP address range, puppet server is on public IP address, would it work without problem ?
[2012/01/13 03:23:59] @ ldlework joined channel #puppet
[2012/01/13 03:24:38] @ tomben joined channel #puppet
[2012/01/13 03:26:24] @ nan0r joined channel #puppet
[2012/01/13 03:27:39] <henk> should afaik…
[2012/01/13 03:28:26] <nevyn> lkthomas: you keep asking a question that's been answered.
[2012/01/13 03:28:46] <nevyn> yes except puppetrun won't work.
[2012/01/13 03:28:57] @ Quit: duerF: Ping timeout: 240 seconds
[2012/01/13 03:30:37] <rmt_> nevyn, If it were one team doing it all, that'd be the case for me. But we have 30+ teams all working on their own cycles. ;-)
[2012/01/13 03:32:40] @ Quit: sdog: Ping timeout: 245 seconds
[2012/01/13 03:35:43] @ MattyM joined channel #puppet
[2012/01/13 03:37:15] @ larstobi joined channel #puppet
[2012/01/13 03:38:15] @ Holocaine joined channel #puppet
[2012/01/13 03:38:27] @ mayak joined channel #puppet
[2012/01/13 03:38:54] @ sdog joined channel #puppet
[2012/01/13 03:40:21] @ Quit: langworthy: Quit: langworthy
[2012/01/13 03:40:27] <lkthomas> nevyn, sorry that I am keeping being call off for something else and can't see the answer
[2012/01/13 03:40:41] @ dim0_ joined channel #puppet
[2012/01/13 03:41:38] <henk> It’s not like stuff disappears in your client. You can just scroll and read up…
[2012/01/13 03:41:39] * nevyn starts writing firewall rules for change and realises that he's missing info.
[2012/01/13 03:41:42] <nevyn> :(
[2012/01/13 03:42:11] @ bigwiggler joined channel #puppet
[2012/01/13 03:43:19] <lkthomas> henk, sorry for my mistake, LOL
[2012/01/13 03:44:17] <nevyn> sigh. pm is going to flay me when I get back from LCA
[2012/01/13 03:44:32] @ Quit: dim0: Ping timeout: 260 seconds
[2012/01/13 03:47:12] @ Quit: sdog: Changing host
[2012/01/13 03:47:12] @ sdog joined channel #puppet
[2012/01/13 03:50:11] @ Quit: clayb: Quit: Leaving.
[2012/01/13 03:50:12] @ Quit: zorg1: Ping timeout: 252 seconds
[2012/01/13 03:50:47] @ Quit: joshcooper: Quit: joshcooper
[2012/01/13 03:53:59] @ sdog1 joined channel #puppet
[2012/01/13 03:55:21] @ Quit: ldlework: Ping timeout: 240 seconds
[2012/01/13 03:56:49] @ Quit: sdog: Ping timeout: 245 seconds
[2012/01/13 03:57:36] @ pmorillon_ joined channel #puppet
[2012/01/13 03:58:44] @ Quit: pmorillon_: Client Quit
[2012/01/13 03:58:51] @ Quit: jodok: Quit: jodok
[2012/01/13 04:00:37] @ Quit: pmorillon: Ping timeout: 240 seconds
[2012/01/13 04:01:34] @ jodok joined channel #puppet
[2012/01/13 04:02:06] @ pmorillon joined channel #puppet
[2012/01/13 04:02:40] @ Quit: jodok: Remote host closed the connection
[2012/01/13 04:02:54] @ jodok joined channel #puppet
[2012/01/13 04:02:56] @ Quit: jodok: Changing host
[2012/01/13 04:02:56] @ jodok joined channel #puppet
[2012/01/13 04:04:15] @ Quit: comptona: Quit: Leaving.
[2012/01/13 04:06:39] @ danblack joined channel #puppet
[2012/01/13 04:06:52] @ Quit: pmorillon: Client Quit
[2012/01/13 04:06:52] @ robthoms_ joined channel #puppet
[2012/01/13 04:06:55] @ ezryx joined channel #puppet
[2012/01/13 04:07:53] @ scobal joined channel #puppet
[2012/01/13 04:07:54] @ Quit: scobal: Read error: Connection reset by peer
[2012/01/13 04:08:47] @ gregueuh joined channel #puppet
[2012/01/13 04:08:51] <gregueuh> hi
[2012/01/13 04:09:13] @ Quit: mapope: Read error: Connection reset by peer
[2012/01/13 04:09:14] @ Quit: robthoms__: Read error: Connection reset by peer
[2012/01/13 04:10:01] <gregueuh> I'm fairly new to Puppet, and even after reading the docs I can't find out how to run actions on the master only once the client has deployed its configuration
[2012/01/13 04:10:02] @ Quit: gebi: Read error: Operation timed out
[2012/01/13 04:10:10] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 04:10:38] @ tomben joined channel #puppet
[2012/01/13 04:10:44] <gregueuh> I'd like to create LDAP databases, but issuing the requests from the server so that passwords never get stored on the client
[2012/01/13 04:10:56] @ robthoms__ joined channel #puppet
[2012/01/13 04:11:08] <gregueuh> is there a way to do that?
[2012/01/13 04:12:21] @ Quit: robthoms_: Read error: Connection reset by peer
[2012/01/13 04:13:23] <Swat-> Could one do something like: <% if is_virtual != 'true' && manufacter = 'HP' %>bla<% end %>
[2012/01/13 04:13:58] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 04:14:38] @ tomben joined channel #puppet
[2012/01/13 04:19:14] @ csanchez joined channel #puppet
[2012/01/13 04:21:10] @ jodok_ joined channel #puppet
[2012/01/13 04:21:11] @ Quit: jodok_: Changing host
[2012/01/13 04:21:11] @ jodok_ joined channel #puppet
[2012/01/13 04:21:16] @ zorg1 joined channel #puppet
[2012/01/13 04:23:18] @ Quit: jodok: Read error: Operation timed out
[2012/01/13 04:23:18] @ jodok_ is now known as jodok
[2012/01/13 04:24:28] @ scobal joined channel #puppet
[2012/01/13 04:25:07] @ Quit: skm: Quit: Computer has gone to sleep.
[2012/01/13 04:33:54] <henk> Swat-: The answer is something like yes
[2012/01/13 04:34:41] @ duerF joined channel #puppet
[2012/01/13 04:37:58] @ Quit: csanchez: Quit: csanchez
[2012/01/13 04:38:40] @ csanchez joined channel #puppet
[2012/01/13 04:39:10] @ Quit: duerF: Client Quit
[2012/01/13 04:40:56] @ Quit: masterzen_: Quit: Au revoir!
[2012/01/13 04:41:30] @ masterzen joined channel #puppet
[2012/01/13 04:41:58] @ fronlius joined channel #puppet
[2012/01/13 04:43:39] @ Quit: danblack: Ping timeout: 276 seconds
[2012/01/13 04:44:32] @ Quit: AshishH: Remote host closed the connection
[2012/01/13 04:46:47] @ caaakeeey joined channel #puppet
[2012/01/13 04:48:41] @ Quit: Deesl: Quit: Bye!
[2012/01/13 04:51:10] @ verwilst joined channel #puppet
[2012/01/13 04:52:15] @ Quit: nan0r: Ping timeout: 245 seconds
[2012/01/13 04:53:57] @ Quit: mogitaff: Ping timeout: 240 seconds
[2012/01/13 04:55:01] @ nomadtacos joined channel #puppet
[2012/01/13 04:55:16] @ pmorillon joined channel #puppet
[2012/01/13 04:55:26] @ danblack joined channel #puppet
[2012/01/13 04:57:12] @ Quit: Chowzzf: Ping timeout: 268 seconds
[2012/01/13 04:57:46] @ redpepper is now known as RedPepper
[2012/01/13 04:59:25] @ Quit: Holocaine:
[2012/01/13 05:01:08] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 05:01:37] @ andreaturli joined channel #puppet
[2012/01/13 05:01:41] @ tomben joined channel #puppet
[2012/01/13 05:06:37] @ Quit: fronlius: Read error: Connection reset by peer
[2012/01/13 05:06:41] @ fronlius joined channel #puppet
[2012/01/13 05:07:56] @ rbowlby joined channel #puppet
[2012/01/13 05:08:03] <rbowlby> anyone know how to ensure a file resource that uses a template replaces the current file
[2012/01/13 05:08:29] <rbowlby> the content generated by the template is different than the current file but the file is not being updated
[2012/01/13 05:08:58] <caaakeeey> is there such thing as hosted puppet?
[2012/01/13 05:09:08] <rbowlby> weird, worked on the second run
[2012/01/13 05:09:54] <henk> caaakeeey: As in „managed server“? ;)
[2012/01/13 05:10:36] <caaakeeey> well a webs service where you can log in and set the puppet files etc
[2012/01/13 05:13:49] <henk> Not sure, but I would not want it…
[2012/01/13 05:14:23] @ Quit: zorg1: Quit: Leaving
[2012/01/13 05:17:20] @ Niarf joined channel #puppet
[2012/01/13 05:19:44] <matti> ken_barber1: You there?
[2012/01/13 05:21:01] @ nan0r joined channel #puppet
[2012/01/13 05:21:17] @ Quit: nan0r: Read error: Connection reset by peer
[2012/01/13 05:21:25] @ nan0r joined channel #puppet
[2012/01/13 05:21:35] @ Quit: fronlius: Read error: Connection reset by peer
[2012/01/13 05:21:42] @ fronlius joined channel #puppet
[2012/01/13 05:22:45] <matti> Eh.
[2012/01/13 05:22:45] @ The-Bat joined channel #puppet
[2012/01/13 05:25:51] <Swat-> henk: Could you please take a look at: http://pastebin.com/5KHQ4NFV
[2012/01/13 05:26:58] <Swat-> henk: i tried to solve it in a less elegant way, but it's still not working it seems.
[2012/01/13 05:27:06] @ Quit: pmorillon: Quit: pmorillon
[2012/01/13 05:28:03] <_rc> so what is happening, syntax error?
[2012/01/13 05:32:06] <Swat-> there is no syntax error, but also no output when i define it as in the pastebin
[2012/01/13 05:34:46] <Swat-> while facter shows me: is_virtual => false and manufacturer => Dell Inc
[2012/01/13 05:35:05] @ arBmind joined channel #puppet
[2012/01/13 05:35:23] <_rc> no output at all or not the output you intended?
[2012/01/13 05:35:45] <_rc> Dell Inc != Dell Computer Corp
[2012/01/13 05:36:20] <Swat-> _rc: yes i see that now; that is an error indeed
[2012/01/13 05:36:43] @ sihil joined channel #puppet
[2012/01/13 05:36:48] <Swat-> doh
[2012/01/13 05:37:20] @ pmorillon joined channel #puppet
[2012/01/13 05:37:21] <henk> AFAICT you can just drop lines 27 and 28
[2012/01/13 05:39:36] <Swat-> great thats makes it more readable :)
[2012/01/13 05:39:57] @ Quit: nimrod10: Quit: Coyote finally caught me
[2012/01/13 05:40:09] @ nimrod10 joined channel #puppet
[2012/01/13 05:42:12] @ Quit: danikov: Quit: danikov
[2012/01/13 05:44:04] @ Quit: worstadmin: Ping timeout: 268 seconds
[2012/01/13 05:45:17] @ tyska joined channel #puppet
[2012/01/13 05:45:21] <tyska> hello guys
[2012/01/13 05:46:26] <tyska> im using puppet 2.7.9 on ubuntu lucid, i need to destroy some certificates but any command with the certificate param returns -- The following options are required: ca_location
[2012/01/13 05:51:41] @ CJNE joined channel #puppet
[2012/01/13 05:54:41] @ kelseyhightower joined channel #puppet
[2012/01/13 05:56:10] <CJNE> i have started to get problems runnig puppet agent on one host, sometimes it works and sometimes not, i then get the message:
[2012/01/13 05:56:11] <CJNE> err: Could not retrieve catalog from remote server:
[2012/01/13 05:56:18] <CJNE> not more details
[2012/01/13 05:56:44] <CJNE> the server doesen't log anything at all in those cases
[2012/01/13 05:56:56] <henk> Sounds like the connection fails?
[2012/01/13 05:57:44] <CJNE> yeah, it seems to work until it tries to retreive the catalog (cert check etc)
[2012/01/13 05:58:51] @ danikov joined channel #puppet
[2012/01/13 05:59:45] <CJNE> but yeah, the top trace line is: /usr/lib/ruby/1.8/net/http.rb:586:in `connect'
[2012/01/13 06:00:29] @ Quit: miguelzinho: Quit: ChatZilla 0.9.88 [Firefox 9.0.1/20111220165912]
[2012/01/13 06:01:28] <CJNE> this started to happen today, the only thing i can think of that might have changed things is that i installed a gem that requires activeresource, could it be possible that activreresource changes the ruby http stuff? (i don't have a lot of ruby experience)
[2012/01/13 06:03:07] @ ironmunk joined channel #puppet
[2012/01/13 06:03:36] <CJNE> other servers works without any problems so i don't think it's server/network related
[2012/01/13 06:04:02] <henk> uhm o_O
[2012/01/13 06:04:52] <henk> All servers work but one and that tells you it’s not server or network related? What else is left matching these symptoms?
[2012/01/13 06:08:37] @ Quit: Ramonster: Quit: Computer has gone to sleep
[2012/01/13 06:09:08] <CJNE> meant to say not puppet master related, since other servers can retrieve the catalog fine. nothing have changed in the network configuration and it has been working perfectly until now so i don't think it's network related either.
[2012/01/13 06:10:02] <CJNE> any hints for how to debug would be appreciated :)
[2012/01/13 06:10:13] <crs> Hi there. I have added jenkins module to my puppet configuration. Then in one of my manifests I do include jenkins (i am not sure if that is right way to do that) and am getting error: err: Could not retrieve catalog from remote server: Error 400 on SERVER: Puppet::Parser::AST::Resource failed with error ArgumentError: Invalid resource type anchor at /path/to/manifest/file.pp. This is module I added:
[2012/01/13 06:10:15] <crs> https://github.com/rtyler/puppet-jenkins
[2012/01/13 06:10:28] @ Quit: omry_: Ping timeout: 252 seconds
[2012/01/13 06:10:35] <henk> lol, oh wow, being on standby would be so much more relaxed if networks actually did only break when things are changed :-p
[2012/01/13 06:11:24] <_rc> crs: did you also add its dependencies that add the anchor type?
[2012/01/13 06:11:25] <henk> CJNE: I guess I’d try sniffing for traffic from that client on the master und in general verify the connection between that node and the master.
[2012/01/13 06:11:40] <CJNE> well, if it was network related then it should be come so far as to try to retrieve the catalog?
[2012/01/13 06:12:02] <crs> _rc: Clearly not, I do not know what to add though. :\|
[2012/01/13 06:12:15] <_rc> crs: look at the metadata - https://github.com/rtyler/puppet-jenkins/blob/master/Modulefile
[2012/01/13 06:12:16] <henk> Network problem can have all weird kinds of symptons.
[2012/01/13 06:12:28] <_rc> it wants puppetlabs-stdlib
[2012/01/13 06:12:48] @ Quit: nevyn: Ping timeout: 248 seconds
[2012/01/13 06:13:15] @ omry_ joined channel #puppet
[2012/01/13 06:13:45] <_rc> CJNE: the basic advice, when faced with many machines that work, and one that doesn't, is first, double check it's still working on the other ones, then identify differences
[2012/01/13 06:14:01] <_rc> just work it through
[2012/01/13 06:14:19] <crs> _rc: Thanks for hint, will see what I can do.
[2012/01/13 06:15:09] @ Quit: daysmen_: Ping timeout: 240 seconds
[2012/01/13 06:15:25] <crs> _rc: what exacty is that stdlib?
[2012/01/13 06:15:53] <_rc> crs: https://github.com/puppetlabs/puppetlabs-stdlib#readme
[2012/01/13 06:16:13] <_rc> it's a standard library that doesn't ship as standard. yay!
[2012/01/13 06:17:11] <crs> _rc: :-). How can I add it? Simply put it into modules directory?
[2012/01/13 06:17:41] <_rc> well how did you add the other one?
[2012/01/13 06:18:34] @ Quit: Stenbryggen: Read error: Operation timed out
[2012/01/13 06:18:59] <crs> _rc: As a submodule. I see what you are trying to say. What I actually mean is: jenkins module requires puppetlabs/stdlib. Shold I mimic that structure under modules/?
[2012/01/13 06:19:15] @ Stenbryggen joined channel #puppet
[2012/01/13 06:19:32] <robinbowes> Morning all
[2012/01/13 06:20:04] <crs> _rc: Or do I just add stdlib to modules/ and jenkins will find it there?
[2012/01/13 06:21:04] <_rc> no, puppetlabs/stdlib is a namespace the module tool uses to describe the module, install it as stdlib
[2012/01/13 06:21:28] <crs> _rc: Thank you muchly. Will do that now. :)
[2012/01/13 06:23:33] <rbowlby> is there some issues with the "require" parameter in 2.7.9? My require statements appear to be straigt up ignored.
[2012/01/13 06:24:41] <_rc> statements or parameters? they are two different things
[2012/01/13 06:24:58] <rbowlby> requiring the apache module from within another module that places httpd/conf.d files in place.....the puppet run is borking
[2012/01/13 06:25:00] <rbowlby> statements
[2012/01/13 06:25:47] <rbowlby> it's attempting to install the files before the httpd/conf.d dir exists...not a clue why this isn't working
[2012/01/13 06:26:15] @ tyska left channel #puppet ()
[2012/01/13 06:26:47] @ Quit: csanchez: Quit: csanchez
[2012/01/13 06:26:56] <crs> _rc: thanks, it worked. Well not exactly though. Jenkins module is still moaning but it is completely different issue now.
[2012/01/13 06:27:05] @ ells joined channel #puppet
[2012/01/13 06:27:57] * robinbowes is struggling to work out what's causing this: http://pastie.org/3177711
[2012/01/13 06:29:49] <henk> ping puppet works?
[2012/01/13 06:30:20] <robinbowes> Yes - the client is hitting the server OK
[2012/01/13 06:31:47] <_rc> I've seen that under load, when the master just can't answer for pluginsync
[2012/01/13 06:32:14] <robinbowes> That's not the issue here - little or no load
[2012/01/13 06:32:24] @ kelseyhightower left channel #puppet ()
[2012/01/13 06:32:40] @ daysmen_ joined channel #puppet
[2012/01/13 06:32:59] <_rc> load isn't, but it's also not getting a answer, that's the first failure on line 3, everything else is cascade
[2012/01/13 06:33:41] <robinbowes> Yeah, I figured that
[2012/01/13 06:33:44] <robinbowes> I'm trying to work out why
[2012/01/13 06:33:48] <ells> robinbowes: running passenger or webbrick?
[2012/01/13 06:34:43] <CJNE> it's getting weird, if i edit /usr/lib/ruby/site_ruby/1.8/puppet/configurer.rb (tried to add some debugging) it works once then fails on next try, edit again and it works once then fails again
[2012/01/13 06:35:22] <_rc> CJNE: under passenger?
[2012/01/13 06:36:00] <CJNE> no, the builtin
[2012/01/13 06:36:10] <robinbowes> ells: mongrel
[2012/01/13 06:36:16] <CJNE> i edit on the client
[2012/01/13 06:36:27] <robinbowes> ie. out-of-othe-box config on RHEL
[2012/01/13 06:36:44] <CJNE> hmm, it's not consistent though
[2012/01/13 06:36:47] @ Quit: chadskidmore: Read error: Connection reset by peer
[2012/01/13 06:36:54] @ Quit: munhitsu: Quit: Disconnecting from stoned server.
[2012/01/13 06:37:08] @ munhitsu joined channel #puppet
[2012/01/13 06:37:43] <CJNE> is there a way to turn on more debugging on the server (access log or similar)?
[2012/01/13 06:37:45] @ Quit: Alssi: Read error: Connection reset by peer
[2012/01/13 06:38:01] @ Alssi joined channel #puppet
[2012/01/13 06:38:12] <CJNE> i tried to run it wirh —debug —no-deamon but nothing showed up
[2012/01/13 06:38:35] @ Quit: scobal: Read error: Connection reset by peer
[2012/01/13 06:38:37] @ Quit: lusis: Excess Flood
[2012/01/13 06:38:49] <ells> robinbowes: ah sorry - i thought you might have the default puppet WEBrick setup
[2012/01/13 06:40:30] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 06:40:48] @ scobal joined channel #puppet
[2012/01/13 06:41:00] @ Quit: Niarf: Quit: Leaving.
[2012/01/13 06:41:10] @ tomben joined channel #puppet
[2012/01/13 06:41:17] @ nevyn joined channel #puppet
[2012/01/13 06:41:49] @ octe left channel #puppet ()
[2012/01/13 06:42:22] @ lanky joined channel #puppet
[2012/01/13 06:42:38] <robinbowes> The odd thing is, I'm sure this worked when I set it up a few weeks ago, and I don't recall changing anything since!
[2012/01/13 06:43:23] @ lusis joined channel #puppet
[2012/01/13 06:52:21] @ JarJarBinks joined channel #puppet
[2012/01/13 06:53:29] <robinbowes> I am an idiot!
[2012/01/13 06:53:45] <Rudemeister> aq
[2012/01/13 06:53:51] <robinbowes> The problem was that I was using the wrong environment!
[2012/01/13 06:54:09] <ells> robinbowes: ahhh i was just about to suggest that ;-)
[2012/01/13 06:54:14] * ells ducks
[2012/01/13 06:54:30] <robinbowes> I have a common code dir called "master"
[2012/01/13 06:55:13] <robinbowes> And I have several environments which use that code, with different behaviour depending on environment
[2012/01/13 06:55:20] <robinbowes> (ie. different hiera data)
[2012/01/13 06:55:52] <robinbowes> I was using --environment=master instead of --environment={prod\|uat\|util,etc}
[2012/01/13 06:55:55] <robinbowes> Doh!
[2012/01/13 06:58:06] @ Quit: The-Bat: Quit: Konversation terminated!
[2012/01/13 06:58:13] <Rudemeister> :>
[2012/01/13 06:58:23] @ The-Bat joined channel #puppet
[2012/01/13 06:59:34] <ells> ;)
[2012/01/13 07:01:09] <crs> Rudemeister: Thanks once again for your help. All is working fine now.
[2012/01/13 07:01:13] <cirbri> How come only [a-Z0-9_] is acceptable in resource $names, but the file resources can (presumably) have any valid filename as its $name?
[2012/01/13 07:02:12] <_rc> cirbri: are you confusing an identifier with its contents?
[2012/01/13 07:03:13] @ Treibhol1 is now known as Treibholz
[2012/01/13 07:04:08] @ Quit: The-Bat: Quit: Konversation terminated!
[2012/01/13 07:04:19] <cirbri> _rc: I don't know. I assume that file{ "/tmp/q": } has a $name of "tmp/q", whereas custom{ "name_with_a_/_in": } wouldn't be valid.
[2012/01/13 07:04:20] @ The-Bat joined channel #puppet
[2012/01/13 07:04:26] @ Quit: nan0r: Quit: Leaving.
[2012/01/13 07:04:40] <_rc> cirbri: that's a bad assumption
[2012/01/13 07:05:23] <cirbri> _rc: I'll rephrase that. I think it would compile and run, but according to the documentation it would be invalid.
[2012/01/13 07:05:47] <_rc> which part of the documentation are you misreading?
[2012/01/13 07:06:27] <cirbri> _rc: I assume the basic language guide.. I've read quite a lot over the last few months, gimmie a sec.
[2012/01/13 07:07:32] @ noecc joined channel #puppet
[2012/01/13 07:07:47] <cirbri> _rc: Ah, you're right. I had been misreading the documentation.
[2012/01/13 07:08:15] <cirbri> _rc: Thanks for setting me straight.
[2012/01/13 07:08:17] <_rc> I'd be keen to see the documentation that supports what you say, but from your description I think you misunderstood something about variable/class naming, not about the possible values of variables
[2012/01/13 07:09:46] @ abhinavmehta joined channel #puppet
[2012/01/13 07:09:47] <_rc> "I think it was the language guide, or a blog, or something I read a while back" isn't the same as "I see this paragraph in the documentation $url"
[2012/01/13 07:09:51] @ Quit: KaZeR_W: Read error: Connection reset by peer
[2012/01/13 07:10:34] <_rc> whoa, set the switch to cranky there
[2012/01/13 07:10:50] <cirbri> _rc: Dude, I said that I was wrong :3 You were totally right, I musta-- yeah, you did ^^
[2012/01/13 07:11:15] <abhinavmehta> I want to ensure that apt-get is present on some system…how to do that? NOTE: I'm not saying apt-get update/upgrade…but want to ensure that apt-get present….I know, that it will be by-default always there…but what if I want to write a manual check for this…any pointers..?
[2012/01/13 07:11:23] <cirbri> _rc: yeah, it was just me misreading the language_guide.html
[2012/01/13 07:11:29] @ RedPepper is now known as redpepper
[2012/01/13 07:11:34] @ nan0r joined channel #puppet
[2012/01/13 07:11:58] <cirbri> _rc: And I was working on a project where each foo type was wrapped in a class of the same $name -- so I probably got them a little confused in my head.
[2012/01/13 07:12:10] <_rc> abhinavmehta: dont. just don't.
[2012/01/13 07:13:17] <_rc> abhinavmehta: if you really truly suspect that someone may take it away, state that you want it back with package { "apt": ensure => installed }
[2012/01/13 07:13:36] @ Quit: zul: Quit: Ex-Chat
[2012/01/13 07:14:08] <abhinavmehta> aha a…I was stupid, I was trying the same, but with 'apt-get', instead of just 'apt'.
[2012/01/13 07:14:19] <abhinavmehta> _rc: Thanks buddy..! :)
[2012/01/13 07:14:38] <_rc> abhinavmehta: dpkg -S $(which apt-get)
[2012/01/13 07:15:09] @ Quit: rubic: Quit: Leaving.
[2012/01/13 07:16:41] <abhinavmehta> hmm…but than with dpkg, it will more like a manual check….I guess, you are trying to say unless => dpkg …, fails than install/manage it.
[2012/01/13 07:16:49] <gregueuh> is there a way to run a command on the master when a client has reached a certain point in its deployment?
[2012/01/13 07:17:01] <gregueuh> I can't find anything like this in the docs or the recipes
[2012/01/13 07:17:03] <abhinavmehta> ps. correct me if I'm wrong.
[2012/01/13 07:17:40] <_rc> abhinavmehta: no, I'm saying you can ask dpkg what package a binary comes from, rather than guessing poorly
[2012/01/13 07:18:05] <_rc> gregueuh: not really, no
[2012/01/13 07:18:25] <abhinavmehta> ok
[2012/01/13 07:18:26] <_rc> gregueuh: you might enable reporting, and do something in a custom report handler
[2012/01/13 07:18:29] <gregueuh> _rc: that's what I thought :/
[2012/01/13 07:18:51] @ marrusl joined channel #puppet
[2012/01/13 07:18:56] <gregueuh> _rc: aren't reports handlers called only when the client has finished its job?
[2012/01/13 07:19:04] <_rc> yes
[2012/01/13 07:20:05] <gregueuh> not really what I need then: I'd like to create LDAP databases from the master once the client has created the right directory, and before it can proceed to its next task in the same run
[2012/01/13 07:20:26] <gregueuh> this is to prevent having the LDAP admin password on all LDAP servers in clear
[2012/01/13 07:21:07] <gregueuh> FS permissions look right on the clients in the puppetd directories, but I'd rather be safe than sorry
[2012/01/13 07:23:57] @ EL84 joined channel #puppet
[2012/01/13 07:24:00] <misc> what you seek is server orchestration
[2012/01/13 07:24:11] <misc> and you can achieve this with exported ressources
[2012/01/13 07:24:29] @ Ramonster joined channel #puppet
[2012/01/13 07:24:35] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 07:24:43] <misc> ( I do this for postgresql, to create remotely database, and then, on the client, run the sql query to create the table )
[2012/01/13 07:25:26] <gregueuh> misc: do you have some pointers? I don't see how exported resources help, but then I'm just beginning with Puppet
[2012/01/13 07:25:27] <_rc> that's still not as tightly coupled as what he describes
[2012/01/13 07:25:39] @ tomben joined channel #puppet
[2012/01/13 07:26:13] @ natewalck joined channel #puppet
[2012/01/13 07:26:23] @ KaZeR_W joined channel #puppet
[2012/01/13 07:26:52] <misc> gregueuh: http://svnweb.mageia.org/adm/puppet/modules/postgresql/manifests/init.pp?revision=2016&view=markup
[2012/01/13 07:27:13] <misc> _rc: yes, the issue is doing this in less than 3 run
[2012/01/13 07:27:15] @ Quit: daysmen_: Ping timeout: 245 seconds
[2012/01/13 07:27:47] <misc> you could alternatively use some kind of rpc, like ssh one the server to create the directory or execute something
[2012/01/13 07:27:56] <misc> and Volcane wrote something on his blog, let me seek it
[2012/01/13 07:28:02] @ Chowzzf joined channel #puppet
[2012/01/13 07:28:21] @ gazoombo joined channel #puppet
[2012/01/13 07:28:54] <misc> gregueuh: http://www.devco.net/archives/2011/07/03/real_time_puppet_events_and_network_wide_callbacks.php is maybe more what you need than my own hack :)
[2012/01/13 07:29:12] <abhinavmehta> misc: I want to learn about the operators you used in define tagged(), eg. <<\| …any good pointers..?
[2012/01/13 07:29:15] <gregueuh> misc: I was looking into the rest api doc to see if a call from the client could be done to trigger the creation, but I'm not yet familiar enough with all the subtelties involved
[2012/01/13 07:29:22] @ Quit: nomadtacos: Ping timeout: 276 seconds
[2012/01/13 07:29:32] @ Quit: danblack: Quit: solitude begins
[2012/01/13 07:29:39] <gregueuh> misc: thanks for the links :)
[2012/01/13 07:30:04] <misc> abhinavmehta: http://docs.puppetlabs.com/guides/exported_resources.html could be a start
[2012/01/13 07:30:33] <misc> and http://docs.puppetlabs.com/guides/virtual_resources.html
[2012/01/13 07:30:56] <abhinavmehta> misc: Thanks :)
[2012/01/13 07:34:57] @ choonming joined channel #puppet
[2012/01/13 07:36:09] @ Quit: daysmen: Ping timeout: 240 seconds
[2012/01/13 07:36:15] @ trickyf left channel #puppet ()
[2012/01/13 07:36:38] @ tuxaddicted joined channel #puppet
[2012/01/13 07:39:31] @ car\|0s joined channel #puppet
[2012/01/13 07:40:56] @ tyska joined channel #puppet
[2012/01/13 07:40:59] <tyska> guys
[2012/01/13 07:41:49] <_rc> random internet person with a question
[2012/01/13 07:42:18] <tyska> i installed puppet, in a master/slave architecture, master is configured to autosign requests but in the first time agent was with a wrong date, making the certificate invalid
[2012/01/13 07:42:48] <tyska> i used puppetca clean --all in master, and puppet certificate destroy [agent_name] on agent
[2012/01/13 07:43:07] <tyska> but now, when i run puppet agent --test i get just one message peer certificate won't be verified in this SSL session
[2012/01/13 07:43:18] <tyska> what can i do?
[2012/01/13 07:43:19] @ Quit: The-Bat: Quit: Konversation terminated!
[2012/01/13 07:43:20] <gregueuh> misc: thanks again, the second link looks exactly like what I want to achieve
[2012/01/13 07:44:15] <gregueuh> misc: and there seems to be some gems (no pun intended) in your Puppet repo
[2012/01/13 07:44:17] @ skm joined channel #puppet
[2012/01/13 07:44:42] <_rc> tyska: you cleaned all the certs on the master?
[2012/01/13 07:44:52] @ Quit: gazoombo: Quit: Leaving.
[2012/01/13 07:46:27] @ mogitaff joined channel #puppet
[2012/01/13 07:46:46] <tyska> _rc: yeah
[2012/01/13 07:49:18] <_rc> tyska: just blow away ssldir both ends, restart puppetmaster, restart the client
[2012/01/13 07:49:58] <_rc> the master will recreate the ca and its own cert
[2012/01/13 07:50:08] <tyska> _rc: must i remove the /etc/ssl or just its content?
[2012/01/13 07:51:12] <_rc> it shouldn't be /etc/ssl, it's whatever value you have for ssldir - puppet --configprint ssldir
[2012/01/13 07:54:34] <tyska> the directory is ~/.puppet/ssl
[2012/01/13 07:54:45] <tyska> _rc: but the directory does not exist
[2012/01/13 07:54:54] <tyska> _rc: i will try just to restart puppet
[2012/01/13 07:55:22] <_rc> that's because you ran it as a different use to who puppet usually runs as, so it generates confir to run out of a user homedir
[2012/01/13 07:56:42] <tyska> restart the services didn't work
[2012/01/13 07:57:20] <tyska> the ssldir is /home/ubuntu/.puppet/ssl, im using an ubuntu image on eucalyptus
[2012/01/13 07:57:34] <_rc> no it's not
[2012/01/13 07:58:04] @ Quit: bobra: Ping timeout: 240 seconds
[2012/01/13 07:59:04] <_rc> do you get the same answer for ssldir when you run as root?
[2012/01/13 07:59:48] @ Guest45399 is now known as mutante
[2012/01/13 07:59:58] @ Quit: mutante: Changing host
[2012/01/13 07:59:58] @ mutante joined channel #puppet
[2012/01/13 08:01:48] @ Quit: lanky: Read error: Connection reset by peer
[2012/01/13 08:01:48] <tyska> _rc: /var/lib/puppet/ssl
[2012/01/13 08:02:06] @ Quit: zwi: Quit: Leaving.
[2012/01/13 08:02:20] @ lanky joined channel #puppet
[2012/01/13 08:02:20] <_rc> tyska: right. so blow that away on both nodes, restart puppetmaster, restart client
[2012/01/13 08:02:37] <_rc> and try not to break it all again
[2012/01/13 08:05:02] @ Quit: omry_: Ping timeout: 244 seconds
[2012/01/13 08:07:36] <tyska> the error changed Could not request certificate: Connection refused - connect(2)
[2012/01/13 08:07:38] <tyska> =O
[2012/01/13 08:08:30] <gregueuh> looks like nothing is listening on the port
[2012/01/13 08:08:31] @ Quit: lanky: Read error: Connection reset by peer
[2012/01/13 08:08:34] @ swygue joined channel #puppet
[2012/01/13 08:09:07] @ leifmadsen joined channel #puppet
[2012/01/13 08:09:34] @ lanky joined channel #puppet
[2012/01/13 08:13:26] <caaakeeey> if i have a variable number of webservers, and a poolserver, how can i just say that /any/ new webserver should connect to that pool, ie in puppet terms pass all the ips of the web servers as an argument to a poolserver declaration, is this something that is better suited to chef?
[2012/01/13 08:14:28] @ jab_doa joined channel #puppet
[2012/01/13 08:15:29] @ larstobi1 joined channel #puppet
[2012/01/13 08:15:30] @ Quit: larstobi: Read error: Connection reset by peer
[2012/01/13 08:16:07] @ trickyf joined channel #puppet
[2012/01/13 08:17:03] @ ashp_ is now known as ashp
[2012/01/13 08:18:13] @ omry_ joined channel #puppet
[2012/01/13 08:19:55] @ Niarf joined channel #puppet
[2012/01/13 08:20:03] @ Quit: nan0r: Read error: Connection reset by peer
[2012/01/13 08:21:22] @ oatsport1 joined channel #puppet
[2012/01/13 08:22:46] @ Quit: IndyMichaelB: Quit: IndyMichaelB
[2012/01/13 08:24:16] @ Quit: lanky: Quit: Leaving
[2012/01/13 08:24:31] @ lanky joined channel #puppet
[2012/01/13 08:28:07] @ nan0r joined channel #puppet
[2012/01/13 08:30:02] @ zul joined channel #puppet
[2012/01/13 08:30:27] <EL84> @caaakeeey Do you use stored configuration?
[2012/01/13 08:30:42] @ luckman212_ joined channel #puppet
[2012/01/13 08:30:50] <caaakeeey> no
[2012/01/13 08:31:20] <Hunner> caaakeeey: Usually puppet tells what is a webserver and what isn't, so it should also be able to pass that list to the poolserver
[2012/01/13 08:31:31] <Hunner> s/puppet/the puppet master/
[2012/01/13 08:31:37] <caaakeeey> EL84, is that the way to do it
[2012/01/13 08:31:51] <caaakeeey> Hunner, sure but that requires all the knowledge up front
[2012/01/13 08:32:08] <Hunner> caaakeeey: I'm fond of using mcollective to query for my servers and passing that via hiera to the poolserver though
[2012/01/13 08:32:26] <Hunner> But you need activemq, mcollective, and hiera
[2012/01/13 08:32:31] <EL84> @caaakeeey well if you do, i could send you an function which returns an array of all Hosts wich includes an specific class
[2012/01/13 08:32:47] <EL84> Handy in templates
[2012/01/13 08:33:24] @ Quit: luckman212: Ping timeout: 240 seconds
[2012/01/13 08:34:25] <caaakeeey> EL84, that would be very helpful, thanks :)
[2012/01/13 08:35:01] @ zwi joined channel #puppet
[2012/01/13 08:35:36] @ joe-mac joined channel #puppet
[2012/01/13 08:36:04] <joelio> What would be the best way to approach manupulating xorg config that is auto generated. Want to ensure DPMS is disabled so there's a number of lines that need adding. An ainsl would seem the way to go, but interested to hear suggestions
[2012/01/13 08:38:05] <EL84> @caaakeeey http://pastebin.com/jcZL8y5K
[2012/01/13 08:38:24] @ tmclaugh joined channel #puppet
[2012/01/13 08:40:54] <EL84> @caaakeeey HTH
[2012/01/13 08:41:55] @ Quit: tuxaddicted: Quit: leaving
[2012/01/13 08:43:32] <caaakeeey> thanks :)
[2012/01/13 08:48:15] @ lanky_ joined channel #puppet
[2012/01/13 08:49:44] @ emmanuelux joined channel #puppet
[2012/01/13 08:49:56] @ Quit: lanky: Ping timeout: 252 seconds
[2012/01/13 08:49:59] @ IndyMichaelB joined channel #puppet
[2012/01/13 08:50:11] @ uphillian joined channel #puppet
[2012/01/13 08:55:13] @ sduchesneau joined channel #puppet
[2012/01/13 08:55:20] @ lanky_ is now known as lanky
[2012/01/13 08:59:58] @ Quit: tyska: Quit: Page closed
[2012/01/13 09:00:59] @ ghg joined channel #puppet
[2012/01/13 09:01:24] <tmclaugh> If I distribute a custom fact via puppet that fact's value isn't available until the next run of puppet right? Or is there some magic which distributes that and then causes facts to be reevaluated?
[2012/01/13 09:01:37] @ Quit: octane-: Quit: Leaving.
[2012/01/13 09:01:52] @ octane- joined channel #puppet
[2012/01/13 09:01:59] <_rc> pluginsync syncs the fact out before the facts are evaluated, so it'll be there
[2012/01/13 09:02:03] @ Quit: blentz: Quit: Ex-Chat
[2012/01/13 09:02:19] <tmclaugh> okay good! That makes my life easier.
[2012/01/13 09:02:29] <tmclaugh> thanks for that
[2012/01/13 09:02:41] <_rc> so as long as you're distributing via pluginsync, rather than by hand you'll be fine
[2012/01/13 09:03:10] @ blentz joined channel #puppet
[2012/01/13 09:03:49] <tmclaugh> I was reading about pluginsync on some sites last night and it sounded like that was the case but then on one site it said something like, "The next time you run puppet..." which made me confussed
[2012/01/13 09:04:02] @ countskm joined channel #puppet
[2012/01/13 09:04:03] <tmclaugh> thanks for clearing that
[2012/01/13 09:06:02] @ Quit: ghg: Quit: Computer has gone to sleep.
[2012/01/13 09:07:02] @ gazoombo joined channel #puppet
[2012/01/13 09:09:47] @ Quit: trickyf: Ping timeout: 252 seconds
[2012/01/13 09:10:50] @ Quit: jodok: Remote host closed the connection
[2012/01/13 09:11:03] @ GoodKarma joined channel #puppet
[2012/01/13 09:11:05] @ Quit: Diranged: Quit: Leaving.
[2012/01/13 09:11:07] @ jodok joined channel #puppet
[2012/01/13 09:11:08] @ Quit: jodok: Changing host
[2012/01/13 09:11:08] @ jodok joined channel #puppet
[2012/01/13 09:12:01] @ csanchez joined channel #puppet
[2012/01/13 09:12:12] @ trickyf joined channel #puppet
[2012/01/13 09:12:13] <GoodKarma> at which point are facter facts captured during the puppet client run? I am having a custom fact that is basically a cat of a specific file on the system, and that file is copied from the puppet master to the client via puppet as well, and things seem very odd
[2012/01/13 09:13:11] <GoodKarma> because in the first run that fact (runs after the file is copied) still has the old value from before the file was copied
[2012/01/13 09:13:17] @ paroneayea joined channel #puppet
[2012/01/13 09:14:33] @ djm68 joined channel #puppet
[2012/01/13 09:14:34] <_rc> GoodKarma: it goes: pluginsync, fact gathering, catalog request, catalog application
[2012/01/13 09:15:58] <GoodKarma> _rc: thanks, so is there a way to get around it, other than having to run puppet client twice (currently we are not ready to run in daemon or croned mode)
[2012/01/13 09:16:32] <countskm> the question is why can't these variables be contained in the manifests on the pupper server?
[2012/01/13 09:16:37] <_rc> to do what you want, you'll have to run it twice.
[2012/01/13 09:16:51] <countskm> is something else generating that file on the puppet server?
[2012/01/13 09:16:59] <_rc> to change that, you'll have to change what you do
[2012/01/13 09:17:10] <GoodKarma> yes, it basically a tag from the version control system
[2012/01/13 09:17:36] <GoodKarma> so it is dumped to a file on the puppet master (well multiple files depending on puppet environment)
[2012/01/13 09:18:04] <GoodKarma> and then the facter uses that to file to present a fact
[2012/01/13 09:18:12] <GoodKarma> that file*
[2012/01/13 09:18:25] <countskm> not sure if this is kosher, but what about a periodic job on the master that reads this file and edits the site.pp inroducting a global variable simulating that fact?
[2012/01/13 09:18:41] @ Quit: octane-: Quit: Leaving.
[2012/01/13 09:18:44] <GoodKarma> hmmm
[2012/01/13 09:19:19] <GoodKarma> i will think about it
[2012/01/13 09:19:39] <countskm> one line "perl -pi -e 's/globalvar=.*/globalvar=newval' site.pp"
[2012/01/13 09:19:40] <GoodKarma> its just that some systems might have different tags
[2012/01/13 09:19:42] <_rc> since you're putting the values on the server, you just need to a function to parse the file
[2012/01/13 09:19:42] <countskm> its a hack but just an idea
[2012/01/13 09:20:08] <GoodKarma> well, my solution is also a hack
[2012/01/13 09:20:25] @ Quit: brd: Ping timeout: 252 seconds
[2012/01/13 09:20:26] @ kelseyhightower joined channel #puppet
[2012/01/13 09:20:41] <countskm> _rc: ah so pop that file in the files dir and it should be shared w/ the client right?
[2012/01/13 09:20:59] @ Quit: kermit: Ping timeout: 244 seconds
[2012/01/13 09:21:12] <_rc> countskm: not really
[2012/01/13 09:21:30] @ Quit: trickyf: Ping timeout: 244 seconds
[2012/01/13 09:21:30] <countskm> :-) thats why i asked - wasn't sure i followed
[2012/01/13 09:21:44] <_rc> if the data is on the master, the master can just read it when doing catalog compliation, save all round tripping
[2012/01/13 09:22:12] @ brd joined channel #puppet
[2012/01/13 09:22:21] <_rc> http://docs.puppetlabs.com/guides/custom_functions.html
[2012/01/13 09:22:57] @ Bass10 joined channel #puppet
[2012/01/13 09:23:32] <countskm> ah i see - functions run on the master - gotcha - tx
[2012/01/13 09:23:49] @ Quit: lkoranda: Quit: Ex-Chat
[2012/01/13 09:24:09] @ Quit: Bass10: Max SendQ exceeded
[2012/01/13 09:24:36] @ Bass10 joined channel #puppet
[2012/01/13 09:29:31] @ Quit: Stenbryggen: Quit: Leaving.
[2012/01/13 09:30:41] <larstobi1> does Puppet use a library to parse puppet.conf ?
[2012/01/13 09:31:17] @ Quit: Meier: Quit: Leaving.
[2012/01/13 09:31:18] @ Quit: brd: Remote host closed the connection
[2012/01/13 09:31:31] @ brd joined channel #puppet
[2012/01/13 09:32:58] @ jodok_ joined channel #puppet
[2012/01/13 09:32:59] @ Quit: jodok_: Changing host
[2012/01/13 09:32:59] @ jodok_ joined channel #puppet
[2012/01/13 09:33:09] @ dclp_ joined channel #puppet
[2012/01/13 09:33:16] @ Quit: dclp_: Client Quit
[2012/01/13 09:33:33] @ Quit: zwi: Quit: Leaving.
[2012/01/13 09:34:11] <_rc> larstobi1: you mean like a third party one? no it uses Puppet::Util::Settings
[2012/01/13 09:34:57] @ astrostl joined channel #puppet
[2012/01/13 09:35:07] <larstobi1> _rc: yeah, that's what I meant :) I've just found Puppet::Util::Settings and trying to figure out how to use it
[2012/01/13 09:35:13] <larstobi1> thanks
[2012/01/13 09:35:29] <`mx> is there a way you can use a template in a module without giving the full path ?
[2012/01/13 09:35:42] @ Quit: jodok: Ping timeout: 260 seconds
[2012/01/13 09:35:42] @ jodok_ is now known as jodok
[2012/01/13 09:35:46] @ el_nacho joined channel #puppet
[2012/01/13 09:36:31] <_rc> `mx: template("red/file.txt") isn't a full path
[2012/01/13 09:36:48] <`mx> are you saying red is the module name?
[2012/01/13 09:36:49] <_rc> it's file.txt in $modulepath/red/templates
[2012/01/13 09:36:53] <`mx> ok
[2012/01/13 09:37:01] <_rc> correct
[2012/01/13 09:37:17] <`mx> thought I tried that first and it failed. shrug /me goes and tests
[2012/01/13 09:38:13] <`mx> _rc: thanks that worked. I swear I tried that before.
[2012/01/13 09:38:13] @ joe-mac1 joined channel #puppet
[2012/01/13 09:38:17] @ Quit: jodok: Remote host closed the connection
[2012/01/13 09:38:33] @ jodok joined channel #puppet
[2012/01/13 09:38:34] @ Quit: jodok: Changing host
[2012/01/13 09:38:34] @ jodok joined channel #puppet
[2012/01/13 09:38:35] @ Quit: brd: Remote host closed the connection
[2012/01/13 09:38:42] <_rc> check your commit history
[2012/01/13 09:39:42] @ Quit: pmorillon: Quit: pmorillon
[2012/01/13 09:40:08] @ Quit: ckauhaus: Quit: Leaving.
[2012/01/13 09:40:35] @ madhatter joined channel #puppet
[2012/01/13 09:41:02] @ madhatter is now known as Guest58742
[2012/01/13 09:42:32] @ spiette joined channel #puppet
[2012/01/13 09:43:08] @ lborda joined channel #puppet
[2012/01/13 09:44:15] @ brd joined channel #puppet
[2012/01/13 09:50:20] @ dim0_ left channel #puppet ("Leaving")
[2012/01/13 09:50:25] @ rcrowley joined channel #puppet
[2012/01/13 09:50:45] @ colonD joined channel #puppet
[2012/01/13 09:51:53] @ Quit: brd: Ping timeout: 255 seconds
[2012/01/13 09:51:55] @ kangman joined channel #puppet
[2012/01/13 09:52:19] @ Quit: colon_D: Ping timeout: 252 seconds
[2012/01/13 09:52:59] @ brd joined channel #puppet
[2012/01/13 09:53:11] @ Quit: larstobi1: Quit: Leaving.
[2012/01/13 09:55:12] @ _XMan_ joined channel #puppet
[2012/01/13 09:55:56] @ d3vnull joined channel #puppet
[2012/01/13 10:00:59] <denstark> Hello puppet friends! I'm curious, will I be able to do something like $var = [ "file1", "file2" ] then file {$var: source => 'puppet:///modules/module_name/', } will work to grab the files
[2012/01/13 10:01:33] <_rc> only if you write a define to wrap it
[2012/01/13 10:02:06] <denstark> Hrm... haven't done anything with defines, I'll look it up
[2012/01/13 10:02:07] @ Quit: brd: Ping timeout: 248 seconds
[2012/01/13 10:02:20] @ brd joined channel #puppet
[2012/01/13 10:03:13] @ Quit: inecas: Quit: Leaving
[2012/01/13 10:03:26] <_rc> define mymodule::filething { file { $name: source => "puppet://modules/name/$name" } } mymodule::filething { $var: }
[2012/01/13 10:04:06] @ tarjei joined channel #puppet
[2012/01/13 10:04:11] @ Quit: Vasik\|work: Remote host closed the connection
[2012/01/13 10:04:42] <tarjei> Hi, I'm trying to use puppet without puppetmaster using puppet apply. How do I handle file sources like puppet://$server/modulename/filename ?
[2012/01/13 10:05:17] <_rc> tarjei: don't put $server in, just call it puppet:///modules/modulename/filename and it'll be able to translate
[2012/01/13 10:05:41] <tarjei> can I set $server ="" then?
[2012/01/13 10:06:03] <_rc> why bother?
[2012/01/13 10:06:44] <_rc> don't use the variable in your strings, then you won't need to care about its value either way
[2012/01/13 10:06:54] <tarjei> ah ok thanks a bundle!
[2012/01/13 10:08:07] @ Quit: andreaturli: Remote host closed the connection
[2012/01/13 10:08:17] @ Quit: Damianz: Changing host
[2012/01/13 10:08:17] @ Damianz joined channel #puppet
[2012/01/13 10:09:35] @ tizzo-afk is now known as tizzo
[2012/01/13 10:12:13] @ Quit: kolla: Remote host closed the connection
[2012/01/13 10:12:16] @ trickyf joined channel #puppet
[2012/01/13 10:12:18] @ marczak joined channel #puppet
[2012/01/13 10:12:20] @ Quit: skm: Quit: Computer has gone to sleep.
[2012/01/13 10:12:42] @ gregueuh left channel #puppet ()
[2012/01/13 10:14:37] @ skm joined channel #puppet
[2012/01/13 10:16:07] @ Quit: dan__t: Quit: Leaving
[2012/01/13 10:19:31] @ Kazuhiro joined channel #puppet
[2012/01/13 10:23:18] @ Quit: Kazuhiro: Client Quit
[2012/01/13 10:23:51] @ littleidea joined channel #puppet
[2012/01/13 10:25:14] @ jodok_ joined channel #puppet
[2012/01/13 10:25:15] @ Quit: jodok_: Changing host
[2012/01/13 10:25:15] @ jodok_ joined channel #puppet
[2012/01/13 10:25:36] @ Quit: jodok: Read error: Operation timed out
[2012/01/13 10:25:36] @ jodok_ is now known as jodok
[2012/01/13 10:26:24] @ st33v joined channel #puppet
[2012/01/13 10:26:47] @ zwi joined channel #puppet
[2012/01/13 10:28:04] @ Quit: jodok: Remote host closed the connection
[2012/01/13 10:28:17] @ jodok joined channel #puppet
[2012/01/13 10:28:18] @ Quit: jodok: Changing host
[2012/01/13 10:28:18] @ jodok joined channel #puppet
[2012/01/13 10:30:40] @ Quit: Guest58742: Quit: Thanks for the fish.
[2012/01/13 10:30:52] @ madhatter joined channel #puppet
[2012/01/13 10:31:18] @ madhatter is now known as Guest70333
[2012/01/13 10:31:37] @ Quit: littleidea: Quit: littleidea
[2012/01/13 10:31:50] @ Quit: rcrowley: Quit: Computer has gone to sleep.
[2012/01/13 10:31:55] @ Quit: jab_doa: Quit: Verlassend
[2012/01/13 10:32:15] @ Quit: sdog1: Ping timeout: 245 seconds
[2012/01/13 10:32:57] @ abetterlie joined channel #puppet
[2012/01/13 10:34:33] @ krish joined channel #puppet
[2012/01/13 10:35:01] <krish> hey guys, how can I use ruby's Time.new function as a puppet variable?
[2012/01/13 10:35:14] <krish> I get errors when I assign
[2012/01/13 10:35:37] @ noecc left channel #puppet ("pax")
[2012/01/13 10:35:39] <_rc> $time = inline_template("<%= Time.new %>")
[2012/01/13 10:37:01] @ Stenbryggen joined channel #puppet
[2012/01/13 10:37:49] <krish> _rc: ok let me try
[2012/01/13 10:39:24] @ tmz_ is now known as tmz
[2012/01/13 10:41:21] @ freezey joined channel #puppet
[2012/01/13 10:42:07] @ Quit: d3vnull: Ping timeout: 248 seconds
[2012/01/13 10:42:20] @ Quit: jaydg: Remote host closed the connection
[2012/01/13 10:42:47] @ jonhattan joined channel #puppet
[2012/01/13 10:45:36] @ rocket joined channel #puppet
[2012/01/13 10:45:52] <joe-mac1> new should work but I typically call "Time.now"
[2012/01/13 10:46:23] <joe-mac1> I think they are synonymous, idk though
[2012/01/13 10:46:46] <_rc> I think we should paint it green
[2012/01/13 10:47:04] @ cwarden joined channel #puppet
[2012/01/13 10:47:42] @ Quit: CJNE: Quit: Leaving.
[2012/01/13 10:48:19] @ dan__t joined channel #puppet
[2012/01/13 10:48:46] @ Quit: djm68: Remote host closed the connection
[2012/01/13 10:51:42] <krish> _rc: this doesnt work? :)
[2012/01/13 10:51:43] <krish> $time = inline_template("<%= Time.new %>")
[2012/01/13 10:51:43] <krish> $mytimestamp = inline_template("<%= $time.strftime("%Y%m%d_%H%M%S" %>")
[2012/01/13 10:51:59] @ and` joined channel #puppet
[2012/01/13 10:51:59] <_rc> no, that won't work
[2012/01/13 10:52:18] <krish> how do I go about it then?
[2012/01/13 10:52:21] <_rc> because what's returned from inline_template is a string
[2012/01/13 10:52:45] <krish> ah
[2012/01/13 10:53:06] <_rc> $mytimestamp = inline_template("<%= Time.new.strftime("%Y%m%d_%H%M%S" %>") or something
[2012/01/13 10:53:11] <krish> can I use Time.new.strftime("%Y%m%d_%H%M%S" %>")
[2012/01/13 10:53:18] <krish> ah was gonna ask the same :)
[2012/01/13 10:53:21] <krish> thks, let me try
[2012/01/13 10:53:23] <_rc> you have extra "\s to worry about though
[2012/01/13 10:54:00] <joe-mac1> I do time comparison for automatic ssh key regeneration
[2012/01/13 10:54:03] <joe-mac1> it works
[2012/01/13 10:54:13] <joe-mac1> if you're still stuck in a couple minutes I can review how I did it
[2012/01/13 10:54:28] <_rc> http://docs.puppetlabs.com/references/stable/function.html#inlinetemplate
[2012/01/13 10:54:46] @ labrown joined channel #puppet
[2012/01/13 10:55:22] @ ldlework joined channel #puppet
[2012/01/13 10:57:39] @ geekbri joined channel #puppet
[2012/01/13 10:58:05] @ Kazuhiro joined channel #puppet
[2012/01/13 11:00:15] @ Quit: zul: Ping timeout: 248 seconds
[2012/01/13 11:01:23] @ Quit: sduchesneau: Remote host closed the connection
[2012/01/13 11:01:56] @ Sina_ joined channel #puppet
[2012/01/13 11:02:02] <Sina_> Hi
[2012/01/13 11:02:24] @ kermit joined channel #puppet
[2012/01/13 11:02:30] @ gniks joined channel #puppet
[2012/01/13 11:02:34] @ Quit: kermit: Changing host
[2012/01/13 11:02:34] @ kermit joined channel #puppet
[2012/01/13 11:02:35] @ Quit: gniks: Changing host
[2012/01/13 11:02:35] @ gniks joined channel #puppet
[2012/01/13 11:03:01] @ mturner joined channel #puppet
[2012/01/13 11:03:57] @ benjiedmund joined channel #puppet
[2012/01/13 11:04:28] @ mturner is now known as opsmason
[2012/01/13 11:04:32] @ Quit: benjiedmund: Remote host closed the connection
[2012/01/13 11:04:44] @ Quit: opsmason: Client Quit
[2012/01/13 11:04:55] @ benjiedmund joined channel #puppet
[2012/01/13 11:05:07] @ Sina_ left channel #puppet ()
[2012/01/13 11:05:26] @ opsmason joined channel #puppet
[2012/01/13 11:06:41] @ rcrowley joined channel #puppet
[2012/01/13 11:08:09] @ tizzo is now known as tizzo-afk
[2012/01/13 11:08:11] @ gabrtv joined channel #puppet
[2012/01/13 11:08:44] @ tizzo-afk is now known as tizzo
[2012/01/13 11:08:54] @ Quit: Niarf: Quit: Leaving.
[2012/01/13 11:09:08] <shortbus-> any suggestions why an exec fails when i specify the user(tomcat), but works when it runs as root? if i su - tomcat and run it by hand it works fine
[2012/01/13 11:09:45] <_rc> a billion and two environment variables?
[2012/01/13 11:09:49] @ Quit: Guest70333: Quit: Thanks for the fish.
[2012/01/13 11:10:15] @ sduchesneau joined channel #puppet
[2012/01/13 11:10:23] <joe-mac1> tomcat user especially typically has a special profile setup
[2012/01/13 11:10:25] @ d3vnull joined channel #puppet
[2012/01/13 11:12:37] <shortbus-> our tomcat user doesn't have much of env setup, mostly just some java stuffs.
[2012/01/13 11:17:02] <shortbus-> ah, it looks like its hg that's causing the problem, not puppet, because a simple touch worked.
[2012/01/13 11:20:15] @ Quit: and`: Quit: leaving
[2012/01/13 11:20:23] @ Atwa1337 joined channel #puppet
[2012/01/13 11:20:33] @ and` joined channel #puppet
[2012/01/13 11:20:43] @ Quit: gniks: Quit: Leaving.
[2012/01/13 11:21:02] @ Quit: jodok: Remote host closed the connection
[2012/01/13 11:21:17] @ jodok joined channel #puppet
[2012/01/13 11:21:18] @ Quit: jodok: Changing host
[2012/01/13 11:21:18] @ jodok joined channel #puppet
[2012/01/13 11:22:21] @ Quit: jodok: Remote host closed the connection
[2012/01/13 11:22:37] @ jodok joined channel #puppet
[2012/01/13 11:22:39] @ Quit: jodok: Changing host
[2012/01/13 11:22:39] @ jodok joined channel #puppet
[2012/01/13 11:22:55] @ benkevan joined channel #puppet
[2012/01/13 11:24:04] @ Quit: and`: Client Quit
[2012/01/13 11:24:12] @ and` joined channel #puppet
[2012/01/13 11:24:50] @ Quit: raphdg: Remote host closed the connection
[2012/01/13 11:25:16] @ Quit: and`: Changing host
[2012/01/13 11:25:16] @ and` joined channel #puppet
[2012/01/13 11:26:46] @ iw_work joined channel #puppet
[2012/01/13 11:28:02] @ jodok_ joined channel #puppet
[2012/01/13 11:28:03] @ Quit: jodok_: Changing host
[2012/01/13 11:28:03] @ jodok_ joined channel #puppet
[2012/01/13 11:28:52] @ Quit: jodok: Read error: Operation timed out
[2012/01/13 11:28:52] @ jodok_ is now known as jodok
[2012/01/13 11:29:33] @ Quit: nan0r: Read error: Connection reset by peer
[2012/01/13 11:30:37] @ londo_ joined channel #puppet
[2012/01/13 11:31:27] @ newtMcKerr joined channel #puppet
[2012/01/13 11:31:27] @ samix___ joined channel #puppet
[2012/01/13 11:31:40] @ gaahrdner joined channel #puppet
[2012/01/13 11:31:48] @ idoru joined channel #puppet
[2012/01/13 11:31:49] @ Quit: idoru: Remote host closed the connection
[2012/01/13 11:32:21] @ Quit: samix__: Ping timeout: 240 seconds
[2012/01/13 11:32:24] @ samix___ is now known as samix__
[2012/01/13 11:32:36] <gaahrdner> Anyone know how I can fix this error? I wrote a custom report, packed it up as a module with only the lib directory, and then listed it in the puppet.conf; Error 400 on SERVER: Could not autoload elmer_report: Class Elmer_report is already defined in Puppet::Reports
[2012/01/13 11:33:06] <gaahrdner> i pretty much just followed james turnbull's examples from kartar.net :-/
[2012/01/13 11:34:34] @ idoru joined channel #puppet
[2012/01/13 11:34:35] @ Quit: idoru: Read error: Connection reset by peer
[2012/01/13 11:35:27] <torrancew> gaahrdner: I've never heard of shipping reports like that, typically they're copied to the reports directory on the puppetmaster (or placed there by logic in the module) IIRC
[2012/01/13 11:36:41] @ Quit: matchaw__: Remote host closed the connection
[2012/01/13 11:36:44] <GoodKarma> hmm.. another problem... so I've got this bit of script that checks if some word exists in the motd file and if not it replaces it, the problem is that if it does exist (so desired) , error is printed as this : http://pastebin.com/ix9MKt7d
[2012/01/13 11:36:48] <GoodKarma> clues?
[2012/01/13 11:37:10] <gaahrdner> well for instance, this seems to indicate you just need to include the report as a module in your modulepath
[2012/01/13 11:37:11] <gaahrdner> http://www.kartar.net/2012/01/puppet-and-flowdock/
[2012/01/13 11:37:29] <misc> GoodKarma: grep -q ?
[2012/01/13 11:37:43] <misc> mhh no forgot
[2012/01/13 11:38:13] <misc> GoodKarma: why do you say "/bin/false" and /bin/true ?
[2012/01/13 11:38:13] <GoodKarma> will still return false
[2012/01/13 11:38:21] <misc> instead of
[2012/01/13 11:38:27] @ mayak left channel #puppet ()
[2012/01/13 11:38:30] * misc is too tired and should go sleeping
[2012/01/13 11:39:08] <GoodKarma> well there was a reason for this, dont remember now, but going to check rfn
[2012/01/13 11:39:38] <misc> I do not really understand what you want to achieve, in fact
[2012/01/13 11:40:04] <GoodKarma> I want to have a check that copied the file over ONLY if it does not contain specific string
[2012/01/13 11:40:11] <_rc> something very silly. "I want puppet to put a file down, unless I put a magic word in it to say it shouldn't"
[2012/01/13 11:40:26] <GoodKarma> yes, _rc exactly
[2012/01/13 11:40:33] <GoodKarma> its being edited manually a lot
[2012/01/13 11:40:40] <GoodKarma> people tend to put notices and such in motd
[2012/01/13 11:40:51] <_rc> if it's manually edited, don't control it with puppet at all
[2012/01/13 11:40:53] <GoodKarma> its its just a banner that says this is a restricted system etc
[2012/01/13 11:40:58] @ neonflux2 joined channel #puppet
[2012/01/13 11:41:01] @ Quit: omry_: Ping timeout: 240 seconds
[2012/01/13 11:41:10] <_rc> just set it how you need it when you provision
[2012/01/13 11:42:01] <misc> or split this in 2 : 1 part for edit, one part for puppet stuff, and concat them in /etc/motd,
[2012/01/13 11:42:09] @ Quit: d3vnull: Ping timeout: 255 seconds
[2012/01/13 11:42:14] @ omry_ joined channel #puppet
[2012/01/13 11:43:00] @ TheReaper joined channel #puppet
[2012/01/13 11:44:10] <TheReaper> Hey, quick question: I'm having a host with 2 ip adresses which acts as a router and a puppet master on a subnet which is routed via the host with the 2 adresses - now I want to have the router host be a puppet client but I always get the error, that the certificate does not match the private key
[2012/01/13 11:44:22] <TheReaper> any idea on how to add this host to the puppetmaster?
[2012/01/13 11:44:40] <GoodKarma> ok thanks nice people, will rethink the strategy, but the idea is that we do all postinstall (right after jumpstart/kickstar) stuff in puppet
[2012/01/13 11:45:03] <GoodKarma> so puppet puts all the files in place etc etc, and motd is really the only exception to the rule I can see now
[2012/01/13 11:45:09] @ Quit: swygue: Ping timeout: 240 seconds
[2012/01/13 11:46:21] @ Quit: opsmason: Quit: opsmason
[2012/01/13 11:46:32] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 11:46:37] @ opsmason joined channel #puppet
[2012/01/13 11:46:43] @ Quit: geekbri: Remote host closed the connection
[2012/01/13 11:46:44] <TheReaper> or the following error occurs: Cound not retrieve catalog from remote server: SSL_connect returned=1 errorno=0 state=SSLv3 read server certificate B: certificate verify failed
[2012/01/13 11:47:11] @ tomben joined channel #puppet
[2012/01/13 11:47:32] @ Quit: opsmason: Remote host closed the connection
[2012/01/13 11:47:47] @ opsmason joined channel #puppet
[2012/01/13 11:52:51] @ Quit: benkevan: Quit: leaving
[2012/01/13 11:54:07] @ Quit: mogitaff: Remote host closed the connection
[2012/01/13 11:56:49] @ st33v left channel #puppet ()
[2012/01/13 11:58:07] @ d3vnull joined channel #puppet
[2012/01/13 11:59:20] @ neonflux joined channel #puppet
[2012/01/13 11:59:25] @ neonflux1 joined channel #puppet
[2012/01/13 12:01:11] <aricg> TheReaper, make sure everything has a proper fqdn, remove all the certs under /var/lib/ssl and issue the certs anew
[2012/01/13 12:02:09] @ Quit: neonflux2: Ping timeout: 240 seconds
[2012/01/13 12:02:09] @ idoru joined channel #puppet
[2012/01/13 12:03:08] @ Quit: luckman212_: Read error: Connection reset by peer
[2012/01/13 12:03:13] @ Quit: KaZeR_W: Read error: Connection reset by peer
[2012/01/13 12:03:50] @ Quit: neonflux: Ping timeout: 248 seconds
[2012/01/13 12:03:55] @ Quit: omry_: Ping timeout: 245 seconds
[2012/01/13 12:04:00] @ nated joined channel #puppet
[2012/01/13 12:04:01] @ Quit: nated: Changing host
[2012/01/13 12:04:01] @ nated joined channel #puppet
[2012/01/13 12:06:05] @ omry_ joined channel #puppet
[2012/01/13 12:06:33] @ Quit: alanevans: Remote host closed the connection
[2012/01/13 12:07:05] @ langworthy joined channel #puppet
[2012/01/13 12:07:59] @ Quit: d3vnull: Ping timeout: 252 seconds
[2012/01/13 12:10:29] @ Quit: Ramonster: Quit: So Long and thanks for all the fish
[2012/01/13 12:11:05] @ TheReaper left channel #puppet ()
[2012/01/13 12:11:56] @ ascarter joined channel #puppet
[2012/01/13 12:12:04] @ scsinutz joined channel #puppet
[2012/01/13 12:12:16] @ scsinutz left channel #puppet ()
[2012/01/13 12:15:14] @ Quit: ali3n0: Quit: Leaving.
[2012/01/13 12:15:53] @ shadowshell joined channel #puppet
[2012/01/13 12:16:00] @ Quit: justin_donaldson: Quit: Leaving.
[2012/01/13 12:16:08] @ benkevan joined channel #puppet
[2012/01/13 12:16:18] @ gniks joined channel #puppet
[2012/01/13 12:16:28] @ daysmen joined channel #puppet
[2012/01/13 12:16:31] @ daysmen_ joined channel #puppet
[2012/01/13 12:16:58] @ Kazuhiro left channel #puppet ()
[2012/01/13 12:17:46] @ kenperkins joined channel #puppet
[2012/01/13 12:18:53] @ ckauhaus joined channel #puppet
[2012/01/13 12:19:25] @ Kazuhiro joined channel #puppet
[2012/01/13 12:20:46] @ althara joined channel #puppet
[2012/01/13 12:21:11] @ Quit: robthoms__: Quit: Leaving
[2012/01/13 12:22:40] @ djm68 joined channel #puppet
[2012/01/13 12:23:15] @ Quit: neonflux1: Read error: Connection reset by peer
[2012/01/13 12:23:17] @ neonflux joined channel #puppet
[2012/01/13 12:23:19] <marksteele> what's the best way to set all files in a folder's permissions to 0600 (using a file type with the recurse is not setting the right mode)
[2012/01/13 12:23:39] @ Quit: jodok: Quit: jodok
[2012/01/13 12:24:05] <marksteele> puppet's adding the +x bit
[2012/01/13 12:24:10] @ d3vnull joined channel #puppet
[2012/01/13 12:24:13] <marksteele> even though the mode is 0600
[2012/01/13 12:24:29] @ Quit: danikov: Quit: danikov
[2012/01/13 12:25:46] @ gnat42 joined channel #puppet
[2012/01/13 12:25:48] @ joshcooper joined channel #puppet
[2012/01/13 12:26:31] <gnat42> Hello again - I'm hoping someone here has experience with this - I've got a situation where we have setup func+puppet, where func uses the puppet certificates for its connections/authentication
[2012/01/13 12:26:36] <gnat42> that part is working fantastically
[2012/01/13 12:26:46] @ Quit: `Kevin: Ping timeout: 248 seconds
[2012/01/13 12:27:02] <gnat42> however we've added to that, a few minions (puppet clients) are able to issue commands to various other minions
[2012/01/13 12:27:07] <gnat42> and again that part functions
[2012/01/13 12:27:24] <gnat42> however, we'd like to assign a non-root user as the user to issue said func commands
[2012/01/13 12:27:30] <rismoney> when I do this source => 'puppet:///modules/${module_name}/files/win_perfmon.cfg' it doesn't seem to understand module_name. I am specifying a --modulepath
[2012/01/13 12:27:35] <rismoney> on the puppet apply
[2012/01/13 12:27:35] @ Quit: fronlius: Quit: fronlius
[2012/01/13 12:27:42] <gnat42> however that part fails because that user is unable to read the ssl/private_keys/hostname.pem
[2012/01/13 12:28:03] <gnat42> does anyone know how I can securely allow a single non-root user the ability to read the necessary certificates?
[2012/01/13 12:28:07] <_rc> rismoney: what version of puppet? also leave out /files/
[2012/01/13 12:29:11] <rismoney> _rc 2.7.9
[2012/01/13 12:29:25] <_rc> rismoney: also ${foo} won't interpolate in single quotes, only double
[2012/01/13 12:29:36] <rismoney> I am testing on Windows
[2012/01/13 12:29:49] <_rc> that doesn't matter
[2012/01/13 12:30:08] <_rc> the use of '' rather than "" does
[2012/01/13 12:30:30] <_rc> then you move onto the problem of saying /files/
[2012/01/13 12:31:03] <_rc> but you are on a puppet new enough to have $module_name, so you only have two of the three possible bugs
[2012/01/13 12:31:43] <rismoney> err: /Stage[main]/Win_perfmon/File[C:/test/win_perfmon.cfg]: Could not evaluate: Invalid module name; module names must be alphanumeric (plus '-'), not '' Could not retrieve file metadata for puppet:///modules//win_perfmon.cfg: Invalid module name; module names must be alphanumeric (plus '-'), not '' at C:/@inf/gitstuff/puppet/modules/win_perfmon/tests/win_perfmon.pp:14
[2012/01/13 12:32:18] <_rc> show what you're actually using
[2012/01/13 12:34:37] <GoodKarma> gnat42, how about something as simple as unix group membership plus cert file perms
[2012/01/13 12:34:56] <gnat42> GoodKarma: yeah I've been trying to use setfacl
[2012/01/13 12:35:09] @ Quit: langworthy: Quit: langworthy
[2012/01/13 12:35:11] <rismoney> in /modules/win_perfmon/tests i have 2 files init.pp which contains include win_perfmon.pp. In win_perfmon.pp I have this:
[2012/01/13 12:35:13] <gnat42> the default perms are rw-------+ puppet:root at the moment
[2012/01/13 12:35:27] <gnat42> and /var/lib/pupet/ssl has restrictive permissions
[2012/01/13 12:35:32] <gnat42> so I'd have to open those up
[2012/01/13 12:35:42] <gnat42> and I wanted to ensure that I was doing it securely
[2012/01/13 12:35:43] <rismoney> class win_perfmon
[2012/01/13 12:35:43] <rismoney> {
[2012/01/13 12:35:44] <rismoney> notify {"win_perfmon":}
[2012/01/13 12:35:44] <rismoney> file { 'C:/test/win_perfmon.cfg':
[2012/01/13 12:35:44] <rismoney> ensure => 'file', #file
[2012/01/13 12:35:44] <rismoney> mode => '660',
[2012/01/13 12:35:44] <rismoney> owner => 'WKSA-MSS002\Administrator',
[2012/01/13 12:35:45] <rismoney> group => 'WKSA-MSS002\Administrators',
[2012/01/13 12:35:45] <rismoney> source => "puppet:///modules/${module_name}/win_perfmon.cfg",
[2012/01/13 12:35:46] <rismoney> # source => 'C:\one\win_perfmon.cfg',
[2012/01/13 12:35:46] <rismoney> purge => 'true',
[2012/01/13 12:35:47] <rismoney> }
[2012/01/13 12:35:47] <rismoney> }
[2012/01/13 12:35:52] <_rc> rismoney: use pastie please
[2012/01/13 12:35:54] <GoodKarma> so maybe copy the cert to thay users home dir
[2012/01/13 12:36:03] <gnat42> I've even thought of ... exactly
[2012/01/13 12:36:42] <rismoney> Then I run this puppet apply init.pp --modulepath C:\@inf\gitstuff\puppet\modules
[2012/01/13 12:36:51] @ larstobi joined channel #puppet
[2012/01/13 12:36:58] <gnat42> I wasn't sure whether it was better to copy it or if there were people with experience doing this that knew a good way to do it (other than copy) since that felt less 'elegant' ?
[2012/01/13 12:37:04] @ Quit: ells: Ping timeout: 240 seconds
[2012/01/13 12:37:36] @ alfism joined channel #puppet
[2012/01/13 12:38:48] <rismoney> http://pastie.org/3179436
[2012/01/13 12:40:03] @ Quit: alfism: Client Quit
[2012/01/13 12:40:18] @ Quit: marrusl: Read error: Connection reset by peer
[2012/01/13 12:40:20] <GoodKarma> true it is a less elegant solution but can't think of anything else
[2012/01/13 12:40:37] <rismoney> _Rc pastie is awesome!
[2012/01/13 12:41:27] @ swygue joined channel #puppet
[2012/01/13 12:41:28] @ chadskidmore joined channel #puppet
[2012/01/13 12:41:37] <gnat42> GoodKarma: ok - thanks I'll look into that solution
[2012/01/13 12:42:43] @ alanevans joined channel #puppet
[2012/01/13 12:43:42] @ anthonysomerset joined channel #puppet
[2012/01/13 12:43:59] @ Quit: xe4l: Ping timeout: 276 seconds
[2012/01/13 12:47:32] @ marrusl joined channel #puppet
[2012/01/13 12:47:42] @ motomike joined channel #puppet
[2012/01/13 12:49:04] @ Quit: maes_: Read error: Connection reset by peer
[2012/01/13 12:49:14] @ Quit: lanky: Quit: Leaving
[2012/01/13 12:49:17] @ xe4l joined channel #puppet
[2012/01/13 12:49:18] @ maes_ joined channel #puppet
[2012/01/13 12:49:27] <rismoney> _rc still not working
[2012/01/13 12:50:48] @ pcarlisle joined channel #puppet
[2012/01/13 12:51:43] <_rc> well screw it, don't use module_name then
[2012/01/13 12:51:59] <_rc> it's not that much of a timesaver
[2012/01/13 12:52:41] @ Quit: abhinavmehta: Quit: abhinavmehta
[2012/01/13 12:53:05] @ Quit: ckauhaus: Ping timeout: 252 seconds
[2012/01/13 12:53:17] @ Quit: skm: Remote host closed the connection
[2012/01/13 12:53:51] @ skm joined channel #puppet
[2012/01/13 12:54:44] <rismoney> so I switched it to puppet:///modules/win_perfmon/win_perfmon.cfg and it now tells me it could not retrieve information from environment production source.
[2012/01/13 12:55:37] @ littleidea joined channel #puppet
[2012/01/13 12:55:57] <gnat42> I've got a very rudimentary puppet system installed and working, I was poking around at the /var/lib/puppet/yaml/node/host... files and see that it has an entry for classes: [ ]
[2012/01/13 12:55:59] <_rc> what's the invocation?
[2012/01/13 12:56:01] <gnat42> which is always empty
[2012/01/13 12:56:10] <gnat42> I'm wondering why
[2012/01/13 12:56:20] <gnat42> I have classes/X.pp
[2012/01/13 12:56:28] <gnat42> and some fall into one or the other
[2012/01/13 12:56:39] @ jodok joined channel #puppet
[2012/01/13 12:56:40] @ Quit: jodok: Changing host
[2012/01/13 12:56:40] @ jodok joined channel #puppet
[2012/01/13 12:56:57] <gnat42> I would assume that they would get assigned those classes, or is that something that is set on the puppet client as a fact?
[2012/01/13 12:57:01] <_rc> gnat42: it means no classes are assigned to that node
[2012/01/13 12:57:28] <_rc> your classes/x.pp will just be declaring class x
[2012/01/13 12:57:44] <_rc> you still need to say 'put this class on this node'
[2012/01/13 12:57:51] <gnat42> _rc: right, but it is applying changes to the nodes
[2012/01/13 12:58:23] <_rc> is parameters also []
[2012/01/13 12:58:31] <gnat42> so for example my site.pp imports everything from nodes/pp and classes/pp
[2012/01/13 12:58:43] <_rc> if so then they're the classes/parameters assigned by an enc
[2012/01/13 12:58:43] <gnat42> nodes has ucmc.pp node with two entries matching their hostnames
[2012/01/13 12:58:52] <gnat42> and then that includes classes/X.pp
[2012/01/13 12:59:00] @ mrwacky42 joined channel #puppet
[2012/01/13 12:59:31] @ Quit: sihil: Quit: Linkinus - http://linkinus.com
[2012/01/13 12:59:50] <gnat42> so I'm not sure how come the puppet master doesn't think those nodes are of that class
[2012/01/13 13:00:04] <_rc> gnat42: that's not what it's saying
[2012/01/13 13:00:10] <gnat42> and I'm completely new to puppet so this could be obvious
[2012/01/13 13:00:40] <_rc> gnat42: look at /var/lib/puppet/classes.txt
[2012/01/13 13:00:56] <gnat42> no such file
[2012/01/13 13:01:17] @ Quit: daysmen: Ping timeout: 268 seconds
[2012/01/13 13:01:25] <gnat42> doesn't exist anywhere in /var/lib/puppet or /etc/puppet
[2012/01/13 13:01:32] <gnat42> on the puppetmaster anyway
[2012/01/13 13:01:33] <_rc> well whatever you get out of puppet --configprint classfile
[2012/01/13 13:01:44] <_rc> no, it won't be on the master
[2012/01/13 13:01:50] <gnat42> oh ok
[2012/01/13 13:02:23] <_rc> what's in that yaml file is what the puppetmaster used at the start of catalog compilation to represent the node
[2012/01/13 13:02:27] <_rc> it's not the catalog
[2012/01/13 13:02:45] @ Quit: larstobi: Quit: Leaving.
[2012/01/13 13:02:46] <gnat42> its supposed to be in /var/lib/puppet/state/classes.txt (but isn't there)
[2012/01/13 13:02:56] <kenperkins> question for you guys with lots of servers: How do you manage/restrict access to your servers via ssh? are they all locked down except for one machine, etc? ssh gateway? vpn? etc?
[2012/01/13 13:02:58] <_rc> so classes, if it's there, is the classes assigned to that node by the external nodes classifier
[2012/01/13 13:03:09] <kenperkins> (not really a puppet question, but lots of people with lots of servers here)
[2012/01/13 13:03:24] @ Quit: cwarden: Ping timeout: 240 seconds
[2012/01/13 13:03:31] <gnat42> _rc: so maybe let me start from scratch
[2012/01/13 13:03:34] <_rc> gnat42: it will be on a client node
[2012/01/13 13:03:40] <gnat42> _rc: it isn't
[2012/01/13 13:03:49] <gnat42> I checked and puppet is currently running
[2012/01/13 13:03:55] @ Quit: cwebber: Remote host closed the connection
[2012/01/13 13:03:56] <torrancew> kenperkins: vpn, VLAN restrictions, and we recently installed an AD/LDAP aware firewall at our corp office, testing that now
[2012/01/13 13:04:10] <_rc> currently running as in it's applying it's first catalog right now
[2012/01/13 13:04:19] <kenperkins> sigh, I so don't want to have to deal with LDAP on my linux boxes :P
[2012/01/13 13:04:20] <_rc> or currently running as there's a daemon there
[2012/01/13 13:04:32] <gnat42> _rc: not likely applying, but yeah the puppet agent daemon is running
[2012/01/13 13:04:37] <torrancew> kenperkins: you can have them auth against an AD with a little work
[2012/01/13 13:04:46] <torrancew> but I feel ya
[2012/01/13 13:04:52] <kenperkins> meaning a windows AD with linux? yea I've read about that
[2012/01/13 13:05:10] <torrancew> LDAP was baked in for us long before I got to $job
[2012/01/13 13:05:29] <kenperkins> I love the idea of centralized accounts, it's just that ldap seems like such a PITA on linux compared to win
[2012/01/13 13:05:41] <_rc> gnat42: you'll see stuff in syslog on the node, where puppet says what changes it's doing
[2012/01/13 13:05:42] <henk> kenperkins: So far I only limit connections per source ip per minute, but due to distributed brute force attacks that are also aware of the throttling, I assume I’ll have to find some other solution. It‘s very easy and effective against simple attacks right now though.
[2012/01/13 13:05:48] <marksteele> kenperkins: look at IPA
[2012/01/13 13:05:58] <_rc> gnat42: but really, back all the way up to what are you trying to find out?
[2012/01/13 13:06:03] <gnat42> _rc: yeah I usually do.. there aren't any changes waiting so I'll only see Finished...
[2012/01/13 13:06:04] <kenperkins> IPA? I love me some india pale, but I don't think that's what you mean
[2012/01/13 13:06:04] <thedonvaughn> I use AD for auth but I don't store user info in LDAP. I have local accounts but auth backed by AD.
[2012/01/13 13:06:08] <thedonvaughn> that's only because it was an after thought
[2012/01/13 13:06:13] <thedonvaughn> kenperkins: freeipa.org, it's great :)
[2012/01/13 13:06:25] <marksteele> thedonvaughn: you use it?
[2012/01/13 13:06:39] <thedonvaughn> played with. set it up in a lab. tried to convince my team to move to it from AD and failed
[2012/01/13 13:06:40] * marksteele has been looking into it for a while
[2012/01/13 13:06:42] <thedonvaughn> but i was a big fan
[2012/01/13 13:06:44] <kenperkins> henk: Is that just an sshd_config?
[2012/01/13 13:06:45] <gnat42> _rc: so basically here's what I want, I have 33 machines with nearly identical purposes. except one needs to be additionally labeled an 'admin'
[2012/01/13 13:06:50] <gnat42> so I was hoping to use classes to do that
[2012/01/13 13:07:10] <gnat42> basically all of these machines get one set, and the admin machine gets that plus another set of instructions/classes...
[2012/01/13 13:07:17] <_rc> sure
[2012/01/13 13:07:38] <henk> kenperkins: No, iptables.
[2012/01/13 13:07:40] <_rc> are you currently using classes, or just files you call classes?
[2012/01/13 13:07:44] <gnat42> _rc: but I didn't want to change the hostname pattern that was being used
[2012/01/13 13:07:44] <kenperkins> gotcha
[2012/01/13 13:07:56] <gnat42> _rc: I would presume I'm actually just using files I call classes
[2012/01/13 13:07:58] <gnat42> I can paste them
[2012/01/13 13:08:00] @ Kazuhiro left channel #puppet ()
[2012/01/13 13:08:02] <gnat42> no secrets at this point
[2012/01/13 13:08:13] <gnat42> though I'm sure I haven't divided stuff up properly etc...
[2012/01/13 13:08:23] <_rc> paste one, be sure to include the path
[2012/01/13 13:08:43] <henk> kenperkins: See http://henk.hnjs.ch/blog/2010121401-iptables-recent-brute-force.txt
[2012/01/13 13:09:08] <gnat42> _rc: http://fpaste.org/WB3F/
[2012/01/13 13:09:09] <gnat42> is found /etc/puppet/manifests/classes/ucmc.pp
[2012/01/13 13:09:21] @ Quit: arBmind: Ping timeout: 240 seconds
[2012/01/13 13:09:37] <_rc> ok, so apart from not putting it in a module, that's a class
[2012/01/13 13:09:38] <gnat42> that file is included by http://fpaste.org/rwVe/
[2012/01/13 13:09:57] <_rc> right
[2012/01/13 13:09:57] <gnat42> which currently is using hostnames... and I think I want it to use 'classes' or tags or whatever
[2012/01/13 13:10:41] @ Quit: sduchesneau: Read error: Operation timed out
[2012/01/13 13:11:14] <henk> kenperkins: But that only describes the principle, atm the rules are added via a script in /etc/network/if-{up,down}.d (debian only, I guess), I plan to use ferm ultimately though.
[2012/01/13 13:11:14] @ langworthy joined channel #puppet
[2012/01/13 13:11:37] <gnat42> _rc: so what do I read or what do I do to figure out how to properly assign the machines 'tags' so the classes get assigned/included
[2012/01/13 13:11:41] <_rc> gnat42: so you're guessing at terminology I think, as you're already using a class
[2012/01/13 13:11:43] <kenperkins> I'm thinking I want to setup only 1 of my boxes to permit SSH, and then use that as a gateway to my other boxes
[2012/01/13 13:11:48] @ ckauhaus joined channel #puppet
[2012/01/13 13:12:26] <gnat42> _rc: well that's why I would expect on the puppetmaster the classes: [] for that node yaml to include my ucmc class
[2012/01/13 13:12:28] <gnat42> but it doesn't
[2012/01/13 13:12:33] <gnat42> so I'm not getting * something* ;)
[2012/01/13 13:13:20] <_rc> no, because that's the part of the structure populated by an ENC http://docs.puppetlabs.com/guides/external_nodes.html
[2012/01/13 13:13:49] <_rc> it's the catalog request, post merging with the enc output, and serialised
[2012/01/13 13:14:10] <_rc> but you're not using an ENC, you're allocating the class using your node statement
[2012/01/13 13:14:22] <_rc> so it simply won't show up there
[2012/01/13 13:14:30] @ Quit: d3vnull: Ping timeout: 252 seconds
[2012/01/13 13:14:30] <torrancew> Text: ping
[2012/01/13 13:14:36] <_rc> it will show up on the managed node in the classfile
[2012/01/13 13:14:40] <gnat42> _rc: ok
[2012/01/13 13:15:09] <gnat42> so is there something I can do to apply an additional class to one of these machines without the machine name as the filter?
[2012/01/13 13:15:20] <henk> kenperkins: You still have to secure that one, and I’d still secure the others ;)
[2012/01/13 13:15:39] @ cwebber joined channel #puppet
[2012/01/13 13:15:43] <kenperkins> right, but I'd secure the others by basically dropping all ssh except from the single blessed gateway IP
[2012/01/13 13:16:07] <_rc> node 'your.special.host' { include ucmc,admin }
[2012/01/13 13:16:23] <henk> kenperkins: Could hurt if that host goes down ;)
[2012/01/13 13:16:29] @ l0n joined channel #puppet
[2012/01/13 13:16:33] <kenperkins> fo sho, maybe I need a backup :D
[2012/01/13 13:16:39] <gnat42> _rc: so still use the hostname but make a direct match?
[2012/01/13 13:16:43] <_rc> just don't expect it to match the wildcard and the specific
[2012/01/13 13:16:46] @ Surv_OT_Fittest joined channel #puppet
[2012/01/13 13:16:54] <gnat42> that was going to be my next question
[2012/01/13 13:16:59] <gnat42> does the order of inclusion matter?
[2012/01/13 13:17:17] <gnat42> meaning if I have node /regex/ {} and node 'specific' {}
[2012/01/13 13:17:18] <_rc> I'm not sure what happens in that case, but I remember enough to say it's not reliable
[2012/01/13 13:17:38] <_rc> that I'm not sure of. I think it may be order dependent
[2012/01/13 13:18:01] <_rc> we switched to using an ENC so long ago I forget the specifics of node statements
[2012/01/13 13:18:02] <gnat42> because then would it be safe to have node 'specific hostname' {} ... node /regex/ {}
[2012/01/13 13:18:07] <gnat42> what is ENC?
[2012/01/13 13:18:13] <_rc> http://docs.puppetlabs.com/guides/external_nodes.html
[2012/01/13 13:18:29] <_rc> I think I linked that earlier
[2012/01/13 13:18:50] @ Quit: Surv_OT_Fittest: Client Quit
[2012/01/13 13:18:55] <marksteele> I've got this class: http://pastie.org/3179643 , however files inside the specified folder are getting permissions 644 instead of 600, any ideas?
[2012/01/13 13:18:57] <_rc> instead of writing node statements, you execute a script that emits yaml
[2012/01/13 13:19:07] <gabrtv> running into gem issue w/ hiera.. any ideas? notice: hiera(): Cannot load backend json: Unable to activate hiera-json-0.2.0, because hiera-0.3.0 conflicts with hiera (~> 0.2.0)
[2012/01/13 13:19:10] <gnat42> _rc: I see
[2012/01/13 13:19:37] @ Surv_OT_Fittest joined channel #puppet
[2012/01/13 13:19:54] <chjohnst> anyone using any OSS IPAM mgmt software, I know this is unrelated to puppet but figured I would ask (and not ipplan)
[2012/01/13 13:19:57] <gnat42> _rc: thanks for the help!
[2012/01/13 13:20:05] @ cwarden joined channel #puppet
[2012/01/13 13:20:34] <henk> kenperkins: You should secure and monitor these hosts “especially” well and make them failsafe regarding physical location, routing and perhaps even the OS depending what level of security you have to go for. Also remember that by doing that everything becomes a bit more difficult, i.e. no direct scp is possible.
[2012/01/13 13:20:55] <kenperkins> great point
[2012/01/13 13:21:16] @ Quit: daysmen_: Ping timeout: 240 seconds
[2012/01/13 13:22:11] <henk> s/$/s/ I guess ;)
[2012/01/13 13:22:52] @ Quit: abetterlie: Ping timeout: 268 seconds
[2012/01/13 13:23:21] @ Quit: ckauhaus: Ping timeout: 253 seconds
[2012/01/13 13:24:39] @ zanefactory joined channel #puppet
[2012/01/13 13:25:06] @ Quit: ezryx: Remote host closed the connection
[2012/01/13 13:25:21] @ Quit: caaakeeey: Quit: Leaving
[2012/01/13 13:26:30] @ d3vnull joined channel #puppet
[2012/01/13 13:27:44] @ Quit: rocket: Ping timeout: 240 seconds
[2012/01/13 13:27:45] @ Reepicheep joined channel #puppet
[2012/01/13 13:28:25] @ Quit: omry_: Ping timeout: 268 seconds
[2012/01/13 13:28:47] @ sdog joined channel #puppet
[2012/01/13 13:28:56] @ Quit: sdog: Changing host
[2012/01/13 13:28:56] @ sdog joined channel #puppet
[2012/01/13 13:30:42] @ omry_ joined channel #puppet
[2012/01/13 13:32:31] @ Quit: anthonysomerset:
[2012/01/13 13:32:47] @ jeremywf joined channel #puppet
[2012/01/13 13:34:50] @ Niarf joined channel #puppet
[2012/01/13 13:36:07] @ williemach joined channel #puppet
[2012/01/13 13:39:17] @ `Kevin joined channel #puppet
[2012/01/13 13:40:31] @ Quit: trickyf: Ping timeout: 260 seconds
[2012/01/13 13:40:39] @ Surv_OT_Fittest1 joined channel #puppet
[2012/01/13 13:41:49] @ Quit: sebian: Quit: test
[2012/01/13 13:42:21] @ Quit: Surv_OT_Fittest: Ping timeout: 240 seconds
[2012/01/13 13:43:22] @ sebian joined channel #puppet
[2012/01/13 13:44:49] <Text> Hi, anyone have time to examine my module to help me get a clue as to what I may be doing wrong? All the details are here: http://groups.google.com/group/puppet-users/browse_thread/thread/392227821e0fadc6#
[2012/01/13 13:45:46] @ Quit: d3vnull: Ping timeout: 260 seconds
[2012/01/13 13:46:33] @ LLaTeM joined channel #puppet
[2012/01/13 13:48:11] @ metcalfc joined channel #puppet
[2012/01/13 13:48:35] <ashp> Is there an easy way in git to say "when doing git merge always, always, accept the remote repo version and destroy local changes."
[2012/01/13 13:51:23] @ seanh-ansca joined channel #puppet
[2012/01/13 13:51:37] @ gozer__ joined channel #puppet
[2012/01/13 13:51:41] <gozer__> 17 YEARS OLD: http://i1.imgchili.com/3455/3455470_33639_1419685733799_.jpg
[2012/01/13 13:51:44] <gozer__> 19 YEARS OLD: http://h8torade.com/wp-content/uploads/2012/01/danielle_houghton-2.jpg
[2012/01/13 13:51:57] @ paxos joined channel #puppet
[2012/01/13 13:52:06] <gozer__> 19 YEARS OLD: http://i1.imgchili.com/3829/3829497_random_boobs_815_4.jpeg
[2012/01/13 13:52:36] <marksteele> yay, irc spam
[2012/01/13 13:52:51] @ Quit: cwarden: Ping timeout: 252 seconds
[2012/01/13 13:53:57] @ cwarden joined channel #puppet
[2012/01/13 13:54:00] @ jsurfer joined channel #puppet
[2012/01/13 13:54:16] @ _XMan_ left channel #puppet ()
[2012/01/13 13:54:37] @ Mode +o Volcane by ChanServ
[2012/01/13 13:54:43] @ gozer__ has been kicked from #puppet by Volcane (gozer__)
[2012/01/13 13:55:14] @ rocket joined channel #puppet
[2012/01/13 13:56:50] <Evolution> that poor girl in the second picture is horribly misproportioned.
[2012/01/13 13:57:00] <Evolution> she should seriously start discussing that with her doctor...
[2012/01/13 13:57:54] <misc> or with the one who did the image manipulation
[2012/01/13 13:58:06] <marksteele> probably has back aches
[2012/01/13 13:59:06] @ riftman joined channel #puppet
[2012/01/13 13:59:17] @ aculich joined channel #puppet
[2012/01/13 13:59:24] @ Quit: aculich: Client Quit
[2012/01/13 14:00:34] @ Quit: riftman: Client Quit
[2012/01/13 14:03:03] @ cliff-hm joined channel #puppet
[2012/01/13 14:04:11] @ ckauhaus joined channel #puppet
[2012/01/13 14:04:30] @ comptona joined channel #puppet
[2012/01/13 14:06:45] @ IndyMichaelB_ joined channel #puppet
[2012/01/13 14:11:03] @ Quit: dan__t: Read error: Operation timed out
[2012/01/13 14:11:04] @ dan__t joined channel #puppet
[2012/01/13 14:11:04] @ lak joined channel #puppet
[2012/01/13 14:11:53] @ Quit: lak: Changing host
[2012/01/13 14:11:54] @ lak joined channel #puppet
[2012/01/13 14:11:55] @ Quit: Vorik_: Ping timeout: 252 seconds
[2012/01/13 14:11:56] @ Quit: swygue: Read error: Operation timed out
[2012/01/13 14:11:57] @ Quit: Surv_OT_Fittest1: Quit: Leaving.
[2012/01/13 14:11:58] @ swygue joined channel #puppet
[2012/01/13 14:11:58] @ Quit: IndyMichaelB: Ping timeout: 255 seconds
[2012/01/13 14:11:58] @ IndyMichaelB_ is now known as IndyMichaelB
[2012/01/13 14:11:59] @ dnjaramba joined channel #puppet
[2012/01/13 14:11:59] @ Text_ joined channel #puppet
[2012/01/13 14:12:10] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 14:13:10] @ tomben joined channel #puppet
[2012/01/13 14:13:45] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 14:14:11] @ tomben joined channel #puppet
[2012/01/13 14:16:13] @ madhatter joined channel #puppet
[2012/01/13 14:16:39] @ madhatter is now known as Guest65839
[2012/01/13 14:17:20] @ Quit: Guest65839: Client Quit
[2012/01/13 14:18:29] <teratoma> maybe they are all same person
[2012/01/13 14:19:02] <jmccune> ashp: If you want that, don't merge
[2012/01/13 14:19:10] <jmccune> ashp: Use reset
[2012/01/13 14:20:57] @ danikov joined channel #puppet
[2012/01/13 14:22:47] <ashp> jmccune: I can use reset to get the upstream stuff?
[2012/01/13 14:25:51] @ Quit: LLaTeM: Quit: LLaTeM
[2012/01/13 14:26:32] <stahnma> for those using hiera, 0.3.0 is up on rubygems.org
[2012/01/13 14:28:25] @ Vorik joined channel #puppet
[2012/01/13 14:30:04] @ trickyf joined channel #puppet
[2012/01/13 14:30:16] <ashp> Weird, if puppet gets a failure to connect for dns purpose and you fix resolv.conf
[2012/01/13 14:30:24] <ashp> it will not try to resolve again until you restart the entire service
[2012/01/13 14:31:00] <ashp> So any dns failure will doom you forever
[2012/01/13 14:31:08] <Text_> Hi, anyone here have some advice fo this situation? http://groups.google.com/group/puppet-users/browse_thread/thread/392227821e0fadc6?pli=1
[2012/01/13 14:31:24] <agaffney> has anyone played around with creating a non-ruby puppet parser using the puppet grammar file in the source tree?
[2012/01/13 14:31:44] <agaffney> I was hoping to use perl's Parse::Yapp, but the grammar.ra has a bunch of ruby-isms for racc
[2012/01/13 14:33:06] <Dewin> ashp: I think there's a bug report for that somewhere.
[2012/01/13 14:33:21] <Dewin> #2776
[2012/01/13 14:33:22] <gepetto> Dewin: #2776 is http://projects.puppetlabs.com/issues/show/2776 "Puppet - Bug #2776: changes to resolv.conf are not followed by puppet on clients. It has a status of Accepted and is assigned to -"
[2012/01/13 14:34:00] <ashp> Oh interesting, let me go through my thoughts at it :D
[2012/01/13 14:34:37] <Dewin> It goes upstream to http://redmine.ruby-lang.org/issues/5095, but that was rejected 6 months ago.
[2012/01/13 14:35:03] <ashp> fantastic :)
[2012/01/13 14:35:15] @ Mkelly joined channel #puppet
[2012/01/13 14:35:56] <Dewin> You could probably do something like have a cronjob md5 your current resolv.conf and, if it differs from the last one, restart puppet.
[2012/01/13 14:36:05] @ sgmac joined channel #puppet
[2012/01/13 14:36:57] <Mkelly> Hello all, Can anyone point me to a recent and compehensive comparison between puppet and its competitors? (Chef, cfengine, etc) We are trying to determine which is the best for our company to spin up. Any advice is appreciated!
[2012/01/13 14:37:11] <ashp> well
[2012/01/13 14:37:17] <ashp> We here in #puppet recommend Puppet!
[2012/01/13 14:37:22] <Mkelly> :D
[2012/01/13 14:37:24] <ashp> I 100% recommend it ;)
[2012/01/13 14:37:30] <siert> Mkelly: have been working with cfengine2 for a long time, but recommend puppet :)
[2012/01/13 14:37:36] <chjohnst> there is also salt
[2012/01/13 14:37:39] <Dewin> A quick google finds http://bitfieldconsulting.com/puppet-vs-chef
[2012/01/13 14:37:40] <Volcane> Mkelly: i dont believe a truely balanced comparison has ever been written.
[2012/01/13 14:37:47] <ashp> I don't know of any recent comparisions, the biggest difference between chef/puppet from what I've seen is that chef requires you to do a lot more real ruby code
[2012/01/13 14:37:48] <Volcane> especially not that one
[2012/01/13 14:37:49] <Mkelly> Yah i have been googling it for awhile now
[2012/01/13 14:37:54] <Mkelly> alot of subjective opinion
[2012/01/13 14:37:55] <joe-mac1> yea that comparison isn't great
[2012/01/13 14:38:00] <ashp> But yeah, I don't think there's any objective recent comparisions
[2012/01/13 14:38:04] <Mkelly> nothing really solid though :(
[2012/01/13 14:38:16] @ PotatoRape joined channel #puppet
[2012/01/13 14:38:17] <ashp> most puppet people like me don't even know what chef is doing
[2012/01/13 14:38:19] <ashp> or has added since launch
[2012/01/13 14:38:53] <Mkelly> The Pros for chef people talk about is that it can "do more complex things" because it is just pure Ruby
[2012/01/13 14:39:11] <joe-mac1> except you can write puppet manifests in pure ruby now too
[2012/01/13 14:39:14] <Mkelly> as opposed to puppet resticting you more
[2012/01/13 14:39:23] <Mkelly> oh?
[2012/01/13 14:39:31] <ashp> Yeah, you can use the ruby DSL now in puppet
[2012/01/13 14:39:32] <joe-mac1> 2.6 introduced the ruby dsl
[2012/01/13 14:39:40] <Mkelly> Ah, news to me :)
[2012/01/13 14:39:53] @ Quit: Niarf: Quit: Leaving.
[2012/01/13 14:39:56] <ashp> Mkelly: You should write an objective comparision
[2012/01/13 14:40:06] <joe-mac1> which I have used for the one time out of the thousands of lines of puppet I have written that I truly needed iteration in a manifest
[2012/01/13 14:40:07] <ashp> I'd actually be interested in finding out how chef has advanced and where it's better than puppet
[2012/01/13 14:40:18] <sgmac> o
[2012/01/13 14:40:19] <sgmac> j
[2012/01/13 14:40:38] <siert> Mkelly: here's a pretty good comparison: http://distrinet.cs.kuleuven.be/software/sysconfigtools/overview
[2012/01/13 14:40:48] <pdtpatrick_> Question .. do i need to add $modulesdir to puppet.conf ?
[2012/01/13 14:41:03] <siert> Mkelly: which is not up-to-date
[2012/01/13 14:41:50] @ Quit: MattyM: Ping timeout: 268 seconds
[2012/01/13 14:43:18] @ Quit: sgmac: Remote host closed the connection
[2012/01/13 14:43:32] @ Quit: marksteele: Remote host closed the connection
[2012/01/13 14:44:32] <Mkelly> I read an article stating how puppet runs commands at a much slower rate/ takes more resources than cfengine
[2012/01/13 14:44:36] <Mkelly> http://www.usenix.org/publications/login/2010-02/pdfs/bjorgeengen.pdf
[2012/01/13 14:44:43] <Mkelly> any opinion on that statement?
[2012/01/13 14:45:00] <Volcane> Mkelly: its best to just test it and confirm
[2012/01/13 14:45:02] <Mkelly> granted its an old article
[2012/01/13 14:45:04] <joe-mac1> hard to argue that one
[2012/01/13 14:45:08] <joe-mac1> since cfengine is pure c
[2012/01/13 14:45:32] <joe-mac1> I don't think speed of applying typical catalog changes makes that a relevant issue though
[2012/01/13 14:45:37] <ashp> yeah puppet is slow because lak learnt a terrible language first ;)
[2012/01/13 14:45:51] @ Quit: krish: Ping timeout: 260 seconds
[2012/01/13 14:46:03] <shadowshell> Mkelly: What type of environment are you in? What are your goals with the tools? Having used cfengine, chef and puppet they all have a fit somewhere.
[2012/01/13 14:46:36] <shadowshell> Mkelly: Is your team full of Ruby devs?
[2012/01/13 14:46:37] <Mkelly> i am new to an environment with 100~ linux servers that are completely unmanaged. looking to be upwards of 250 end of year
[2012/01/13 14:46:41] <Mkelly> no it is not
[2012/01/13 14:46:43] <Mkelly> its full of me
[2012/01/13 14:46:50] <Mkelly> < not a developer
[2012/01/13 14:46:53] <shadowshell> Mkelly: what is on the servers?
[2012/01/13 14:46:54] <ashp> With 250 servers
[2012/01/13 14:46:59] <Mkelly> redhat
[2012/01/13 14:46:59] <ashp> you can run puppet or chef equally well
[2012/01/13 14:47:08] <shadowshell> i mean what do they do?
[2012/01/13 14:47:09] <ashp> Mkelly: Well here's a consideration for you
[2012/01/13 14:47:14] <Mkelly> jboss application
[2012/01/13 14:47:16] <Mkelly> few web
[2012/01/13 14:47:17] <chjohnst> you may need to leanr some rubyisms if you plan to use templates
[2012/01/13 14:47:21] <ashp> Mkelly: The next generation of all of Redhat's management tools will be built around puppet, really.
[2012/01/13 14:47:23] <chjohnst> the erb templating language is kinda meh
[2012/01/13 14:47:33] <Mkelly> that is good to know ashp
[2012/01/13 14:47:35] <ashp> I manage to use erb and I don't know a single bit of ruby because I'm dumb, so don't worry about that
[2012/01/13 14:47:42] <ashp> Mkelly: There's "katello" which will become "cloudforms"
[2012/01/13 14:47:45] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 14:47:51] <chjohnst> hehe depends on how complex your templates are ;-)
[2012/01/13 14:48:01] <ashp> Mkelly: So if in the future you want to move to a redhat supported product (it's the replacement for satellite) then Puppet would be a great choice
[2012/01/13 14:48:06] <ashp> because you'll be able to import your manifests easily
[2012/01/13 14:48:16] <Dewin> ashp: Hmm, I like that. I don't use Redhat, but that means a lot more people improving Puppet.
[2012/01/13 14:48:40] <Mkelly> i was looking at satellite too
[2012/01/13 14:48:41] @ tomben joined channel #puppet
[2012/01/13 14:48:44] <Mkelly> is that going away?
[2012/01/13 14:48:44] <ashp> Dewin: You'll notice over time redhat people sliding in and trying to get to grips with puppet/foreman ;)
[2012/01/13 14:48:50] <ashp> Mkelly: It's going away
[2012/01/13 14:48:53] @ Quit: mrwacky42: Quit: Leaving.
[2012/01/13 14:48:54] <chjohnst> I dont know how fast chef is, but I can say puppet is a lil slow mostly because of ruby
[2012/01/13 14:48:58] <shadowshell> Mkelly: puppet is likely the right choice for you, cfengine might do well also. I'm personally not a fan of the cfengine syntax and style in general, so I suggest puppet.
[2012/01/13 14:49:05] <agaffney> is there a known bug with puppet 2.6.7 that causes it to duplicate crontab entries when there's a cron in the manifest without a command?
[2012/01/13 14:49:07] <ashp> Mkelly: It's becoming completely replaced by what they call "systems engine" or something, which is puppet
[2012/01/13 14:49:24] <ashp> isn't chef also ruby? so it's probably not any faster
[2012/01/13 14:49:26] <Mkelly> Is there a timeline on that?
[2012/01/13 14:49:37] <Mkelly> would it be a waste to implement satellite at this time?
[2012/01/13 14:49:41] <chjohnst> I believe chef is also ruby
[2012/01/13 14:49:46] <shadowshell> chef is ruby
[2012/01/13 14:49:47] <Mkelly> (or are theses questions for redhat? :P )
[2012/01/13 14:49:49] <ashp> Mkelly: I'd say yes unless it solves an immediate need
[2012/01/13 14:49:58] <ashp> Mkelly: I was using puppet/foreman before we deployed satellite
[2012/01/13 14:50:01] <Mkelly> There is no patching at the moment
[2012/01/13 14:50:03] <ashp> and satellite was almost completely redundent for us
[2012/01/13 14:50:04] <Mkelly> so to me its a need
[2012/01/13 14:50:15] <ashp> Mkelly: Well redhat has another useful tool for that, we're just trying to deploy it ourself for exactly the same reason
[2012/01/13 14:50:19] <ashp> http://pulpproject.org/
[2012/01/13 14:50:25] <ashp> It's going into "Katello" which is the future of Satellite
[2012/01/13 14:50:29] <ashp> (http://katello.org/)
[2012/01/13 14:50:40] <ashp> I've been importing all my repos into Pulp, setting up syncs, all sorts
[2012/01/13 14:50:45] <Mkelly> Is Katello being developed by redhat?
[2012/01/13 14:50:48] <Mkelly> or purchased by them
[2012/01/13 14:50:55] <ashp> Based on this workflow/paper: https://github.com/stpierre/sponge/blob/master/doc/paper.pdf?raw=true
[2012/01/13 14:50:59] <ashp> It's being developed by redhat
[2012/01/13 14:51:11] <ashp> the author of http://www.theforeman.org/ , a front end for Puppet, also works for RHEL now
[2012/01/13 14:51:26] <joe-mac1> RH has such a boner for python
[2012/01/13 14:51:40] <ashp> joe-mac1: Looks like they are getting a lot more comfortable with ruby
[2012/01/13 14:51:44] <shadowshell> satellite is subscription based, how about spacewalk? http://spacewalk.redhat.com/
[2012/01/13 14:51:54] <chjohnst> python is dope though :-)
[2012/01/13 14:51:58] <joe-mac1> spacewalk requires oracle, unless they fixed that
[2012/01/13 14:52:03] <ashp> joe-mac1: I think basically they saw a need for management tools based around some kind of configuration management and decided puppet fills that space well
[2012/01/13 14:52:14] <joe-mac1> yea as in you'd have to be on dope to want to use it if you spent any time knowing ruby
[2012/01/13 14:52:15] <ashp> the postgres stuff apparently still doesn't work right in spacewalk
[2012/01/13 14:52:19] <shadowshell> it supports pgsql now
[2012/01/13 14:52:23] <shadowshell> oh?
[2012/01/13 14:52:24] <ashp> But if all you're doing is repo stuff spacewalk is kind of overkill
[2012/01/13 14:52:34] <ashp> shadowshell: I heard that in #rhel just today, but I haven't confirmed it
[2012/01/13 14:52:44] @ Quit: joshcooper: Read error: Connection reset by peer
[2012/01/13 14:52:44] <chjohnst> joe-mac1 eh?
[2012/01/13 14:52:49] @ joshcooper joined channel #puppet
[2012/01/13 14:52:50] <ohadlevy> ashp: katello is the open source of name for the system engine product
[2012/01/13 14:53:05] <ashp> ohadlevy: Yeah, that's what I thought, I probably explained it badly.
[2012/01/13 14:53:19] <ashp> Mkelly: But yeah, if you're planning on using redhat enterprise and sticking with it, you'd have an easier time with Puppet
[2012/01/13 14:53:26] <ashp> I think their support for puppet will just improve and improve from here
[2012/01/13 14:54:05] @ Quit: PotatoRape: Read error: Connection reset by peer
[2012/01/13 14:54:44] @ trickyf left channel #puppet ()
[2012/01/13 14:54:48] <Mkelly> Thank you for all the advice
[2012/01/13 14:55:17] <ashp> Mkelly: If you need to rant and rave about the horrors you find (with no patching you're in my situation) send me msg's any time ;)
[2012/01/13 14:55:29] @ davidr joined channel #puppet
[2012/01/13 14:55:31] <ashp> Also read that pulp paper I linked before to see what we're trying to do with patching, it's going to be awesome
[2012/01/13 14:55:47] <Mkelly> thats community developed correct?
[2012/01/13 14:55:50] <ashp> (multiple repos, unstable/stable, auto-syncing between them except for excluded packages, machines will all auto-patch constantly)
[2012/01/13 14:55:55] <Mkelly> (hard to sell to corp)
[2012/01/13 14:55:55] <ashp> Mkelly: community developed by redhat
[2012/01/13 14:56:07] @ Quit: Fai1ure: Read error: Connection reset by peer
[2012/01/13 14:56:14] <ashp> it's another redhat project that's going to be part of cloudforms, the next-gen redhat management
[2012/01/13 14:56:20] <ashp> That's one reason we're using it - it's the core of what they are building going forward
[2012/01/13 14:56:25] <ashp> so better to get involved now :)
[2012/01/13 14:56:27] <Mkelly> Yah im reading about cloudforms now
[2012/01/13 14:56:39] @ Fai1ure joined channel #puppet
[2012/01/13 14:56:41] <Mkelly> when is this planned to release?
[2012/01/13 14:56:45] @ bsg_kwolf joined channel #puppet
[2012/01/13 14:57:01] <ashp> haven't heard of a release date yet but they want to beta it relatively soon
[2012/01/13 14:57:06] <ashp> mid year for the beta I suspect
[2012/01/13 14:58:23] <Mkelly> So year + before purchasable
[2012/01/13 14:58:42] @ abetterlie joined channel #puppet
[2012/01/13 14:59:13] <ashp> I think so
[2012/01/13 14:59:21] @ Quit: samix__: Ping timeout: 240 seconds
[2012/01/13 14:59:22] <Mkelly> Oh did i read that puppet does network discovery?
[2012/01/13 14:59:45] <Mkelly> I may be confusing products
[2012/01/13 15:00:01] <misc> network discovery, I do not think
[2012/01/13 15:00:04] <Mkelly> via Mcollective
[2012/01/13 15:00:07] <Mkelly> it looks like
[2012/01/13 15:00:23] <misc> mhh, then I may have misunderstood what you mean by "network discovery"
[2012/01/13 15:00:44] <Mkelly> scanning the network for managable systems
[2012/01/13 15:00:46] <Mkelly> is what i mean
[2012/01/13 15:01:44] <misc> ok, I was more thinking of "netdisco" stuff
[2012/01/13 15:01:56] <misc> Mkelly: but you would stil need to use certificate to authenticate
[2012/01/13 15:04:54] @ tblamer joined channel #puppet
[2012/01/13 15:09:31] <gaahrdner> does anyone know how to write specs using rspec-puppet on a per module basis? So having no real module_path or manifest_dir ?
[2012/01/13 15:14:08] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 15:14:23] @ tcpsyn left channel #puppet ()
[2012/01/13 15:14:38] <gepetto> ::redmine:: Wiki edit: Engineering_done_done (#8) @ http://projects.puppetlabs.com/projects/puppet/wiki/Engineering_done_done?version=8 (by Matt Robinson)
[2012/01/13 15:14:39] <gepetto> ::redmine:: Wiki edit: Engineering_done_done (#9) @ http://projects.puppetlabs.com/projects/puppet/wiki/Engineering_done_done?version=9 (by Matt Robinson)
[2012/01/13 15:15:10] @ tomben joined channel #puppet
[2012/01/13 15:18:13] <`mx> is there a way to get the epoch time as a parameter I can use in a resource?
[2012/01/13 15:19:15] <gaahrdner> ahh nevermind, figured it out
[2012/01/13 15:20:14] @ JayTaph_ joined channel #puppet
[2012/01/13 15:20:39] @ Quit: abetterlie: Ping timeout: 240 seconds
[2012/01/13 15:22:41] @ Quit: JayTaph: Ping timeout: 240 seconds
[2012/01/13 15:22:41] @ JayTaph_ is now known as JayTaph
[2012/01/13 15:22:51] <pdtpatrick_> Question - i'm using passenger, i'm told I need to change START=yes to START=no in /etc/init.d/puppetmaster , is this valid?. If so are the nodes still able to connect fine to the service ?
[2012/01/13 15:24:28] <Volcane> yes cos the master then runs inside apache and not on its own
[2012/01/13 15:26:02] @ Niarf joined channel #puppet
[2012/01/13 15:26:04] @ CCNAALGERIA joined channel #puppet
[2012/01/13 15:26:39] @ Quit: newtMcKerr: Quit: Leaving.
[2012/01/13 15:28:38] @ Quit: car\|0s: Quit: Saliendo
[2012/01/13 15:28:59] @ CCNAALGERIA left channel #puppet ()
[2012/01/13 15:29:32] @ newtMcKerr joined channel #puppet
[2012/01/13 15:29:39] @ Quit: IndyMichaelB: Remote host closed the connection
[2012/01/13 15:29:56] @ IndyMichaelB joined channel #puppet
[2012/01/13 15:31:46] @ CCNAALGERIA joined channel #puppet
[2012/01/13 15:32:01] @ Quit: newtMcKerr: Client Quit
[2012/01/13 15:32:58] <pdtpatrick_> Volcane: so then the clients will automatically look for puppet (the puppet master), and passenger would be able to handle that? Won't there need to be a socket listening for incoming connections?
[2012/01/13 15:33:31] @ Quit: labrown: Quit: Leaving
[2012/01/13 15:34:05] <rismoney> anyone try using msi provider on Windows?
[2012/01/13 15:34:35] <Volcane> pdtpatrick_: if u set passenger up correctly it will open the port the master used to open
[2012/01/13 15:34:58] <pdtpatrick_> is there an example of how to set it up correctly please?
[2012/01/13 15:35:29] <Volcane> you searched for 'puppet passenger'?
[2012/01/13 15:35:46] <pdtpatrick_> I'm reading the labs documentation on this
[2012/01/13 15:36:20] <Volcane> then you'll see it tells apache to listen on 8140
[2012/01/13 15:36:27] @ CCNAALGERIA left channel #puppet ()
[2012/01/13 15:36:52] @ newtMcKerr joined channel #puppet
[2012/01/13 15:37:44] @ colonD is now known as colon_D
[2012/01/13 15:39:27] @ Quit: skm: Quit: Computer has gone to sleep.
[2012/01/13 15:42:07] @ Quit: joshcooper: Quit: joshcooper
[2012/01/13 15:42:18] @ Quit: snk: Quit: changing hosts
[2012/01/13 15:42:21] @ Quit: swygue: Read error: Operation timed out
[2012/01/13 15:43:23] @ themadcanudist joined channel #puppet
[2012/01/13 15:43:31] @ mbrannigan joined channel #puppet
[2012/01/13 15:43:51] <themadcanudist> hey guys… trying to igure out how this example42 nagios config sets a bunch of files to absent when the storedconfig entries are removed...
[2012/01/13 15:43:55] <themadcanudist> that seems like magic
[2012/01/13 15:44:06] <themadcanudist> anyone know what i'm talking about?
[2012/01/13 15:44:15] <themadcanudist> how does it track something that has been removed!?
[2012/01/13 15:44:22] <mbrannigan> is there a way for puppet to execute a shell command and capture its output in a variable?
[2012/01/13 15:44:35] @ Quit: astrostl:
[2012/01/13 15:44:41] @ Quit: Stenbryggen: Ping timeout: 240 seconds
[2012/01/13 15:46:29] <mbrannigan> when i add certain users, i want their passwords scrambled so nobody will know them
[2012/01/13 15:47:23] @ snk joined channel #puppet
[2012/01/13 15:47:32] @ Quit: snk: Changing host
[2012/01/13 15:47:33] @ snk joined channel #puppet
[2012/01/13 15:47:33] @ Quit: snk: Changing host
[2012/01/13 15:47:33] @ snk joined channel #puppet
[2012/01/13 15:47:34] @ Quit: tessier: Read error: Connection reset by peer
[2012/01/13 15:48:20] @ pll joined channel #puppet
[2012/01/13 15:49:20] <Volcane> why?
[2012/01/13 15:49:41] <Volcane> and if no1 should know them why do u want it in a variable?
[2012/01/13 15:50:12] @ Quit: shadowshell: Remote host closed the connection
[2012/01/13 15:50:18] @ Stenbryggen joined channel #puppet
[2012/01/13 15:50:38] @ Quit: newtMcKerr: Quit: Leaving.
[2012/01/13 15:51:05] @ newtMcKerr joined channel #puppet
[2012/01/13 15:51:26] @ justin_donaldson joined channel #puppet
[2012/01/13 15:51:39] <mbrannigan> well, i have a function called add_user which takes $uid, and, alternatively a password
[2012/01/13 15:52:03] <mbrannigan> for some of the system accounts, it's a policy to scramble the passwords instead of leaving the account locked, etc.
[2012/01/13 15:53:02] <Volcane> you can use generate() but you'd need to be able to generate the same password each run else it will keep changing them
[2012/01/13 15:53:15] @ Quit: snk: Quit: leaving
[2012/01/13 15:53:21] @ snk joined channel #puppet
[2012/01/13 15:53:24] <mbrannigan> if password is blank, i want to call a script to spit out a random password and then set the $password field to whatever was output
[2012/01/13 15:54:16] <themadcanudist> mbrannigan: look up generate()
[2012/01/13 15:54:18] <themadcanudist> in the puppet docs
[2012/01/13 15:54:21] <themadcanudist> i think it'll do what you want
[2012/01/13 15:54:33] <themadcanudist> just pay attention to what host it's executed on
[2012/01/13 15:55:16] <themadcanudist> oh sorry
[2012/01/13 15:55:16] <themadcanudist> =D
[2012/01/13 15:55:20] <themadcanudist> already answered
[2012/01/13 15:56:18] <mbrannigan> ah ok.. seems like that would do the trick.. so when the manifest is run on puppetclient, the randompassword script will be exectued on puppetmaster?
[2012/01/13 15:58:00] <themadcanudist> you got it
[2012/01/13 15:58:10] <themadcanudist> you might need to write a script that generates passwords and stores them on the master
[2012/01/13 15:58:21] <pdtpatrick_> Question -- i get this error when trying to use passenger as directed by puppet labs document. Complains that the .pem file does not exist or is empty
[2012/01/13 15:58:30] <pdtpatrick_> http://paste.pocoo.org/show/534429/
[2012/01/13 15:58:30] <themadcanudist> so it will always return the same random password or generate a new one
[2012/01/13 15:58:30] <themadcanudist> make sense?
[2012/01/13 15:58:38] @ Quit: natewalck: Quit: Outta here
[2012/01/13 15:58:45] <themadcanudist> of couse it will need to pay attention to the host/user
[2012/01/13 15:58:51] <mbrannigan> awesome.. thank you
[2012/01/13 15:58:53] <themadcanudist> so you'll have to be smart about how you do it
[2012/01/13 15:59:00] <Volcane> themadcanudist: sounds like a terrible idea, not only do you then store the passwords but anyone with access to the master can find them
[2012/01/13 15:59:08] <themadcanudist> it is a terrible idea
[2012/01/13 15:59:16] <Volcane> themadcanudist: and you'll also be creating a means of creating this secret passwords
[2012/01/13 15:59:24] <themadcanudist> i wouldn't do that, but the requirements are semi-terrible ;)
[2012/01/13 15:59:46] <Volcane> if u set the account to a scrambled unknown password its equivelant to locked though isnt it?
[2012/01/13 15:59:52] <mbrannigan> themadcanudist, could i check for the existance of the user and only create the user if it doesn't exist
[2012/01/13 16:00:09] <themadcanudist> oh, nobody needs the passwrod?
[2012/01/13 16:00:14] <mbrannigan> yeah, i don't agree with the requirement, but I'm the lowly admin
[2012/01/13 16:00:20] <themadcanudist> then just generate garbage each time and change it, who cares.
[2012/01/13 16:00:25] <themadcanudist> does anyone ever need it?
[2012/01/13 16:00:29] <mbrannigan> yeah, nobody should ever need it
[2012/01/13 16:00:32] <themadcanudist> ah
[2012/01/13 16:00:48] <themadcanudist> then why not just pass a *
[2012/01/13 16:00:56] @ Quit: tblamer: Ping timeout: 276 seconds
[2012/01/13 16:01:00] <mbrannigan> we _realllly_ trust our sudoers setup
[2012/01/13 16:01:24] <mbrannigan> password => '*' ?
[2012/01/13 16:01:30] <themadcanudist> yeah, volcane, wouldn't that work?
[2012/01/13 16:01:31] @ tblamer joined channel #puppet
[2012/01/13 16:01:42] <themadcanudist> that'll just disable passwords entirely
[2012/01/13 16:01:50] <Volcane> password => "!!" :)
[2012/01/13 16:01:53] <themadcanudist> ah
[2012/01/13 16:01:54] <themadcanudist> yeah
[2012/01/13 16:01:58] <themadcanudist> right
[2012/01/13 16:02:05] <Volcane> which is locking the account and what he doesnt want
[2012/01/13 16:02:16] <Volcane> yet about a million times better shrug
[2012/01/13 16:02:28] <mbrannigan> well, it's for the root user
[2012/01/13 16:02:31] <mbrannigan> O.o
[2012/01/13 16:02:35] <mbrannigan> sigh
[2012/01/13 16:02:52] <mbrannigan> as I said, I don't quite agree... but ...
[2012/01/13 16:03:01] <themadcanudist> ok
[2012/01/13 16:03:10] <themadcanudist> just generate random passwords each go… /shrug
[2012/01/13 16:03:20] <mbrannigan> hah.. yeah.. thank you guys for your help
[2012/01/13 16:03:47] <mbrannigan> I'm a complete noob with this... waiting for my copy of pro puppet (thanks the_ramink)
[2012/01/13 16:03:54] <themadcanudist> you can still sudo to a locked account, can't you?
[2012/01/13 16:04:15] <mbrannigan> I think so, but locking the root account kinda freaks me out
[2012/01/13 16:04:20] <themadcanudist> it just changes the password to one that has no possible encrypted value
[2012/01/13 16:04:26] <themadcanudist> just test it
[2012/01/13 16:04:31] <mbrannigan> true
[2012/01/13 16:04:32] <themadcanudist> passwd -l <testaccount>
[2012/01/13 16:04:33] <themadcanudist> not root
[2012/01/13 16:04:35] <themadcanudist> and if it works
[2012/01/13 16:04:37] <themadcanudist> you're golden
[2012/01/13 16:04:56] <themadcanudist> you don't have to run anything, just pass !! after you check the variable
[2012/01/13 16:05:20] <themadcanudist> you can even test on root, just keep a terminal open and try sshing in and sudoing in another...
[2012/01/13 16:05:21] <themadcanudist> anyway
[2012/01/13 16:05:23] <themadcanudist> you have options
[2012/01/13 16:05:35] @ miche joined channel #puppet
[2012/01/13 16:06:04] <Mkelly> why lock root?
[2012/01/13 16:06:51] <antarus> Mkelly: policy
[2012/01/13 16:07:28] @ Quit: Stenbryggen: Quit: Leaving.
[2012/01/13 16:07:46] @ ali3n0 joined channel #puppet
[2012/01/13 16:08:26] <wilco> I think you can also SSH into a locked account if you have pubkey auth setup
[2012/01/13 16:08:33] @ Aleks3Y joined channel #puppet
[2012/01/13 16:08:42] <Volcane> 'locked' is just a stupid word for it
[2012/01/13 16:08:53] <wilco> yeah
[2012/01/13 16:09:03] <Mkelly> Well yeah policy, but whyyy
[2012/01/13 16:09:18] <Volcane> it does no locking, it just sets the password to an invalid hash - ie. never possible to use password authentication at all ever
[2012/01/13 16:09:41] <Volcane> much better than setting it to a valid but unknown password
[2012/01/13 16:10:16] <themadcanudist> yes
[2012/01/13 16:10:19] <mbrannigan> my test vm is still happy with it, so that sounds like a great solution
[2012/01/13 16:12:03] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 16:12:19] <themadcanudist> cool
[2012/01/13 16:13:12] @ tomben joined channel #puppet
[2012/01/13 16:16:17] @ Quit: Mkelly:
[2012/01/13 16:17:14] @ Mkelly joined channel #puppet
[2012/01/13 16:18:36] @ Quit: ckauhaus: Ping timeout: 260 seconds
[2012/01/13 16:19:02] @ ckauhaus joined channel #puppet
[2012/01/13 16:19:55] @ Quit: tmclaugh: Quit: tmclaugh
[2012/01/13 16:20:35] @ Quit: lborda: Ping timeout: 245 seconds
[2012/01/13 16:21:05] @ Djelibeybi joined channel #puppet
[2012/01/13 16:25:45] @ Quit: jonhattan: Quit: Ex-Chat
[2012/01/13 16:26:35] @ PotatoRape joined channel #puppet
[2012/01/13 16:26:43] @ Quit: motomike: Remote host closed the connection
[2012/01/13 16:27:41] @ Stenbryggen joined channel #puppet
[2012/01/13 16:28:02] @ motomike joined channel #puppet
[2012/01/13 16:28:28] @ Kazuhiro joined channel #puppet
[2012/01/13 16:28:57] @ Quit: miche: Quit: Textual IRC Client: http://www.textualapp.com/
[2012/01/13 16:35:59] @ justintime joined channel #puppet
[2012/01/13 16:36:25] @ lborda joined channel #puppet
[2012/01/13 16:36:28] @ bmahe joined channel #puppet
[2012/01/13 16:37:00] <justintime> What's the main reason that I see classes inheriting from their foo::params class instead of simply including it?
[2012/01/13 16:37:28] @ skm joined channel #puppet
[2012/01/13 16:39:40] @ tizzo is now known as tizzo-afk
[2012/01/13 16:41:40] @ swygue joined channel #puppet
[2012/01/13 16:42:13] @ Quit: ali3n0: Quit: Leaving.
[2012/01/13 16:42:13] <joe-mac1> why do people still use that pattern now that parameterized classes exist?
[2012/01/13 16:44:22] <pll> Anyone here using 2.7.9 ?
[2012/01/13 16:45:29] @ Quit: leifmadsen: Quit: This is how I roll; animal print pants outta control!
[2012/01/13 16:45:31] @ ali3n0 joined channel #puppet
[2012/01/13 16:45:35] @ worstadmin joined channel #puppet
[2012/01/13 16:45:49] <ozy_work> is it possible to require one CLASS to be done before another?
[2012/01/13 16:45:54] <ozy_work> I know how to do it with resources
[2012/01/13 16:46:07] <pll> sure.
[2012/01/13 16:46:09] <chjohnst> pll: yes
[2012/01/13 16:46:35] <pll> chjohnst: do you manage any dirs recursively ?
[2012/01/13 16:46:54] <chjohnst> mmm I think so yea
[2012/01/13 16:47:03] <chjohnst> just one though nothing major
[2012/01/13 16:47:06] <pll> I have file { "/some/path" : ensure => directory, mode => 700,...}
[2012/01/13 16:47:14] <justintime> joe-mac1: most of what I see does both -- inheritance and params: https://github.com/puppetlabs/puppetlabs-mysql/blob/master/manifests/server.pp or https://github.com/example42/puppet-openssh/blob/master/manifests/init.pp
[2012/01/13 16:47:20] @ Quit: verwilst: Quit: Ex-Chat
[2012/01/13 16:47:28] <pll> And it sets everything to 700, even non-executable files
[2012/01/13 16:47:43] <chjohnst> trying to look for the manifest one sec
[2012/01/13 16:47:50] <pll> Someone here mentioned this was a 2.7.6 bug fixed in 2.7.9, and I'm not seeing it fixed :(
[2012/01/13 16:48:02] <joe-mac1> justintime: right but I can't think of a reason why
[2012/01/13 16:48:14] <joe-mac1> othan than backwards compatibility
[2012/01/13 16:48:49] <mutex> hrm
[2012/01/13 16:49:24] <mutex> justintime: looks like they do both, I agree
[2012/01/13 16:49:40] <mutex> my understanding is that parameterized classes are 'the way of the future'
[2012/01/13 16:49:51] <justintime> In both cases, those are pretty bleeding edge modules,
[2012/01/13 16:50:05] <justintime> and example42 claims no compatibility with anything < 2.6
[2012/01/13 16:50:16] @ Quit: freezey: Quit: freezey
[2012/01/13 16:50:40] <mutex> justintime: it looks like they use inheritance for cleanliness and default values
[2012/01/13 16:50:53] <joe-mac1> yea, waste of space if you ask me
[2012/01/13 16:51:03] <joe-mac1> there's a point at which modularity gets out of control
[2012/01/13 16:51:30] <joe-mac1> separation is good but unless there's something I am not immediately thinking of, it strikes me as superfluous to have ::params classes now that you can pass params directly to classes
[2012/01/13 16:51:48] @ IndyMichaelB_ joined channel #puppet
[2012/01/13 16:51:53] @ Quit: IndyMichaelB_: Client Quit
[2012/01/13 16:52:04] @ Quit: JayTaph: Quit: JayTaph
[2012/01/13 16:52:51] @ Quit: IndyMichaelB: Read error: Operation timed out
[2012/01/13 16:54:42] @ mrwacky42 joined channel #puppet
[2012/01/13 16:55:08] <chjohnst> pll: so I recursively purge
[2012/01/13 16:55:18] <chjohnst> in one spot
[2012/01/13 16:55:21] <pll> oh.
[2012/01/13 16:55:28] <pll> I'm doing the opposite.
[2012/01/13 16:55:30] <chjohnst> but in one directory I do push down a directory of goodies
[2012/01/13 16:55:39] <pll> Do you set the mode of the dir ?
[2012/01/13 16:56:09] <chjohnst> 47 '/var/lib/cobbler/kickstarts':
[2012/01/13 16:56:09] <chjohnst> 48 recurse => true,
[2012/01/13 16:56:09] <chjohnst> 49 purge => false,
[2012/01/13 16:56:09] <chjohnst> 50 owner => root,
[2012/01/13 16:56:09] <chjohnst> 51 group => root,
[2012/01/13 16:56:09] <chjohnst> 52 mode => 0644,
[2012/01/13 16:56:09] <chjohnst> 53 ignore => '.git',
[2012/01/13 16:56:10] <chjohnst> 54 require => Package['cobbler'],
[2012/01/13 16:56:10] <chjohnst> 55 source => 'puppet:///cobbler/kickstarts';
[2012/01/13 16:56:11] <chjohnst> 56 }
[2012/01/13 16:56:32] <chjohnst> works perfect
[2012/01/13 16:56:41] <pll> So, what are the permissions on /var/lib/cobbler/kickstarts ?
[2012/01/13 16:56:47] @ marksteele joined channel #puppet
[2012/01/13 16:57:23] <marksteele> I'd like to create a module which will create file dynamically if it doesn't exist, and re-create it if it changes
[2012/01/13 16:57:35] <marksteele> that possible?
[2012/01/13 16:57:42] <pll> marksteele: sure.
[2012/01/13 16:57:43] <chjohnst> 755
[2012/01/13 16:57:50] <marksteele> how?
[2012/01/13 16:57:57] <pll> Hmm. maybe my problem is mode => 7000
[2012/01/13 16:58:01] <pll> err, 700
[2012/01/13 16:58:09] @ Quit: ali3n0: Quit: Leaving.
[2012/01/13 16:58:15] <pll> marksteele: depends upon how you want to create the file.
[2012/01/13 16:58:19] <marksteele> see http://pastie.org/3180761
[2012/01/13 16:58:27] <pll> But once it's created, just subscribe to it.
[2012/01/13 16:58:59] @ danblack joined channel #puppet
[2012/01/13 16:59:09] <marksteele> here's what I want to do: add all users who's UID < 500 into a file. If anyone changes the file, I want to re-create it based on the original dynamic creation
[2012/01/13 16:59:18] <pll> I think that second file { "/etc/ftpusers" ...} is redundant.
[2012/01/13 16:59:42] @ Quit: opsmason: Quit: opsmason
[2012/01/13 17:00:03] <pdtpatrick_> Question - i've setup passenger and its listening on port 8140 - i'm now trying to import data from puppet .. rake RAILS_ENV=production puppet:migrate:populates_hosts .. this does not seems to be working because dashboard shows nothing (i'm using foreman on my server)
[2012/01/13 17:00:04] <pll> I believe the creates=> from the exec{} creates the File["/etc/ftpuser"] for you.
[2012/01/13 17:00:23] <marksteele> i'll try it out
[2012/01/13 17:00:29] <joe-mac1> creates doesn't create anything
[2012/01/13 17:00:32] <marksteele> but can't get mode/owner from there can you?
[2012/01/13 17:00:42] <joe-mac1> it's a shortcut to commonly used unless => 'test -e file'
[2012/01/13 17:01:05] <joe-mac1> basically exec won't run if the file you put in creates exists, since it's saying this exec, creates this file when it runs successfully
[2012/01/13 17:01:10] <pll> joe-mac1: it doesn't instantiate a File[] object ?
[2012/01/13 17:01:10] <joe-mac1> or has already been run successfully
[2012/01/13 17:01:19] <joe-mac1> no
[2012/01/13 17:01:22] <themadcanudist> is there a way to reference a variable defined in a node definition (top-scope) from within a class using scope.lookupvars() ?
[2012/01/13 17:01:23] <pll> huh.
[2012/01/13 17:01:25] <joe-mac1> there might be an auto require if the resource exists
[2012/01/13 17:01:32] <joe-mac1> have to look at the code to find that bit out
[2012/01/13 17:02:06] @ Quit: hattwick_: Ping timeout: 255 seconds
[2012/01/13 17:02:11] <marksteele> the module I pastie'd doesn't work, just creates empty file
[2012/01/13 17:02:43] <themadcanudist> how can i specify scope.lookupvars('$node::$variable')
[2012/01/13 17:02:47] <themadcanudist> if you know what i mean
[2012/01/13 17:03:02] <joe-mac1> you want to get the variable of another node
[2012/01/13 17:03:04] <joe-mac1> 's catalog?
[2012/01/13 17:03:06] <themadcanudist> no
[2012/01/13 17:03:08] <joe-mac1> out of another node's catalog**?
[2012/01/13 17:03:10] <themadcanudist> of the node its running on
[2012/01/13 17:03:12] @ Quit: uphillian: Quit: Leaving.
[2012/01/13 17:03:15] <joe-mac1> ::variable
[2012/01/13 17:03:23] <pll> Aha! chjohnst, I had the mode wrong.
[2012/01/13 17:03:24] <joe-mac1> :: with nothing on the left means top scope
[2012/01/13 17:03:25] <themadcanudist> sweet! lemme try
[2012/01/13 17:03:28] <themadcanudist> kk
[2012/01/13 17:03:29] <joe-mac1> but you should be able to just use var
[2012/01/13 17:03:30] <pll> if I set it to 600, I get what I want !
[2012/01/13 17:03:31] <joe-mac1> if it is top scope
[2012/01/13 17:03:49] <themadcanudist> yeah, wasn't working for some reason
[2012/01/13 17:03:53] <joe-mac1> yea
[2012/01/13 17:04:00] <themadcanudist> hmm
[2012/01/13 17:04:07] <themadcanudist> perhaps it's some code before.. i'll continue to debug
[2012/01/13 17:04:10] @ Quit: paroneayea: Read error: Connection reset by peer
[2012/01/13 17:04:14] <themadcanudist> thanks though!
[2012/01/13 17:04:16] <joe-mac1> I thought htat when dynamic scope went away just var is evaluated as local scope, if not in local, then global... but nothing in between. used to traverse scopes.
[2012/01/13 17:04:39] <marksteele> ahh got it to work
[2012/01/13 17:05:39] @ Quit: lak: Quit: Leaving.
[2012/01/13 17:08:13] @ lak joined channel #puppet
[2012/01/13 17:08:14] @ Quit: lak: Changing host
[2012/01/13 17:08:14] @ lak joined channel #puppet
[2012/01/13 17:08:40] <themadcanudist> joe-mac1: my bad… parse ordering bit me.
[2012/01/13 17:08:42] <themadcanudist> working
[2012/01/13 17:08:50] <chjohnst> pll cpp;l
[2012/01/13 17:08:54] <chjohnst> *cool
[2012/01/13 17:09:02] @ nomadtacos joined channel #puppet
[2012/01/13 17:10:22] <pll> chjohnst: first day with the new finfers ;)
[2012/01/13 17:10:41] <chjohnst> fingers? :-)
[2012/01/13 17:10:50] <pll> Right.
[2012/01/13 17:11:02] <pll> finfers to emphasize the typos :)
[2012/01/13 17:11:09] @ Quit: Chowzzf: Ping timeout: 244 seconds
[2012/01/13 17:11:24] <chjohnst> tyops
[2012/01/13 17:11:30] @ Quit: lak: Client Quit
[2012/01/13 17:12:05] @ Quit: rbowlby: Ping timeout: 258 seconds
[2012/01/13 17:13:07] @ jblaine joined channel #puppet
[2012/01/13 17:13:13] @ willaerk joined channel #puppet
[2012/01/13 17:13:26] @ Quit: joe-mac1: Remote host closed the connection
[2012/01/13 17:13:42] @ paroneayea joined channel #puppet
[2012/01/13 17:13:54] @ Quit: jblaine: Remote host closed the connection
[2012/01/13 17:14:31] @ Quit: gaahrdner: Remote host closed the connection
[2012/01/13 17:14:54] @ jblaine joined channel #puppet
[2012/01/13 17:15:00] @ Quit: jblaine: Remote host closed the connection
[2012/01/13 17:15:21] @ shadowshell joined channel #puppet
[2012/01/13 17:16:45] @ Quit: el_nacho: Remote host closed the connection
[2012/01/13 17:17:13] @ jblaine joined channel #puppet
[2012/01/13 17:17:59] @ Quit: jblaine: Changing host
[2012/01/13 17:17:59] @ jblaine joined channel #puppet
[2012/01/13 17:18:05] @ Quit: marczak: Read error: Operation timed out
[2012/01/13 17:18:18] @ d3vnull joined channel #puppet
[2012/01/13 17:20:29] @ kelseyhightower_ joined channel #puppet
[2012/01/13 17:23:50] @ Quit: kelseyhightower: Ping timeout: 248 seconds
[2012/01/13 17:23:50] @ kelseyhightower_ is now known as kelseyhightower
[2012/01/13 17:24:30] @ Quit: sdog: Quit: Leaving.
[2012/01/13 17:24:46] @ hattwick joined channel #puppet
[2012/01/13 17:24:59] @ Kazuhiro left channel #puppet ()
[2012/01/13 17:25:00] @ Quit: hal-j: Quit: Leaving.
[2012/01/13 17:25:21] @ Quit: worstadmin: Read error: Connection reset by peer
[2012/01/13 17:30:11] <themadcanudist> is there a clever way to have a class exit gracefully without complaining about dependencies if an initial exec command failed? right now it works, but it will scream about all the failed deps if the initial exec fails
[2012/01/13 17:30:16] @ millere joined channel #puppet
[2012/01/13 17:30:29] <themadcanudist> i wonder if there is a way to structure the class so the rest of the resources just aren't run, but it doesn't complain?
[2012/01/13 17:30:38] @ Quit: fir31ight: Ping timeout: 276 seconds
[2012/01/13 17:31:11] <themadcanudist> checking metaparameters
[2012/01/13 17:31:26] @ Quit: Aleks3Y: Quit: Leaving...
[2012/01/13 17:31:51] @ gozer_ joined channel #puppet
[2012/01/13 17:31:54] @ shadoi joined channel #puppet
[2012/01/13 17:31:55] <gozer_> http://i41.tinypic.com/qx3xp5.jpg
[2012/01/13 17:31:57] <gozer_> http://i41.tinypic.com/qx3xp5.jpg
[2012/01/13 17:31:57] <millere> Hi all - is there a pattern for combining directory contents? (eg, I have modules/scripts/files/{common-bin, testbox-bin} and I want to combine them in /usr/local/bin for a given testbox?)
[2012/01/13 17:32:00] @ Quit: ckauhaus: Quit: Leaving.
[2012/01/13 17:32:00] <gozer_> http://i41.tinypic.com/qx3xp5.jpg
[2012/01/13 17:32:01] @ Quit: gozer_: Killed (idoru (Spam is off topic on freenode.))
[2012/01/13 17:32:14] @ Quit: newtMcKerr: Quit: Leaving.
[2012/01/13 17:32:57] <themadcanudist> interesting
[2012/01/13 17:33:09] @ marienz joined channel #puppet
[2012/01/13 17:33:45] @ aculich joined channel #puppet
[2012/01/13 17:34:24] @ niko joined channel #puppet
[2012/01/13 17:35:02] @ Quit: d3vnull: Ping timeout: 260 seconds
[2012/01/13 17:36:24] @ pll left channel #puppet ("ERC Version 5.3 (IRC client for Emacs)")
[2012/01/13 17:37:39] <themadcanudist> ok i guess i can solve my own problem by creating a custom Fact that finds out the data i want… then i can just put a conditional in the class in question instead of an exec
[2012/01/13 17:37:41] <themadcanudist> that would do it =)
[2012/01/13 17:37:44] @ fir31ight joined channel #puppet
[2012/01/13 17:38:00] @ worstadmin joined channel #puppet
[2012/01/13 17:38:17] @ Quit: gazoombo: Quit: Leaving.
[2012/01/13 17:38:39] @ Quit: mbrannigan: Quit: Leaving
[2012/01/13 17:43:42] @ lak joined channel #puppet
[2012/01/13 17:43:44] @ Quit: lak: Changing host
[2012/01/13 17:43:44] @ lak joined channel #puppet
[2012/01/13 17:45:06] <shadowshell> will ENC work with `puppet apply`?
[2012/01/13 17:45:13] <shadowshell> masterless?
[2012/01/13 17:46:50] @ jblaine left channel #puppet ()
[2012/01/13 17:46:59] @ newtMcKerr joined channel #puppet
[2012/01/13 17:47:08] @ d3vnull joined channel #puppet
[2012/01/13 17:48:41] @ Quit: ldlework: Ping timeout: 240 seconds
[2012/01/13 17:49:30] @ Quit: danblack: Ping timeout: 276 seconds
[2012/01/13 17:54:58] @ Quit: newtMcKerr: Quit: Leaving.
[2012/01/13 17:56:13] @ Quit: clustermagnet: Ping timeout: 248 seconds
[2012/01/13 17:57:12] @ Quit: lak: Quit: Leaving.
[2012/01/13 17:58:17] @ Quit: jodok: Quit: jodok
[2012/01/13 18:00:36] @ Quit: Mkelly:
[2012/01/13 18:00:42] @ Quit: d3vnull: Ping timeout: 260 seconds
[2012/01/13 18:02:07] @ joshcooper joined channel #puppet
[2012/01/13 18:02:44] @ Mode +b !@173-228-80-252.dsl.static.sonic.net by Volcane
[2012/01/13 18:04:23] @ IndyMichaelB joined channel #puppet
[2012/01/13 18:04:49] @ Quit: bmahe: Quit: Leaving
[2012/01/13 18:05:30] @ newtMcKerr joined channel #puppet
[2012/01/13 18:07:21] @ Quit: samography: Quit: leaving
[2012/01/13 18:08:16] <countskm> http://qurl.com/7tj1z
[2012/01/13 18:08:22] <gnat42> is there an easy way to drop a file/folder/symlink on all users found in /home ?
[2012/01/13 18:08:23] @ Quit: nb: Ping timeout: 268 seconds
[2012/01/13 18:08:26] <countskm> might be old but that talks about things u loose as masterless
[2012/01/13 18:08:33] <countskm> always ways around in in unix though ;-)
[2012/01/13 18:12:11] @ Quit: lborda: Quit: Ex-Chat
[2012/01/13 18:12:15] <countskm> shadowshell: i have a feeling this will actually work on the client node_terminus and external_nodes but havent tried myself
[2012/01/13 18:12:34] @ Quit: kangman: Remote host closed the connection
[2012/01/13 18:13:30] @ Quit: millere: Ping timeout: 252 seconds
[2012/01/13 18:13:42] @ Quit: littleidea: Read error: No route to host
[2012/01/13 18:13:50] <countskm> the article i pasted references the advantage of only having the master have ldap (if thats ur enc) creds but does not explicitly rule out the client using enc
[2012/01/13 18:14:18] @ Quit: gniks: Quit: Leaving.
[2012/01/13 18:15:07] @ d3vnull joined channel #puppet
[2012/01/13 18:16:19] @ Quit: csanchez: Quit: csanchez
[2012/01/13 18:16:48] @ Quit: key: Remote host closed the connection
[2012/01/13 18:17:31] @ samography joined channel #puppet
[2012/01/13 18:18:04] @ Quit: Niarf: Quit: Leaving.
[2012/01/13 18:21:12] @ Quit: localhost: Remote host closed the connection
[2012/01/13 18:21:46] @ Guest79498 joined channel #puppet
[2012/01/13 18:22:26] @ localhost joined channel #puppet
[2012/01/13 18:25:28] <pdtpatrick_> Question - i've set up passenger with apache and its listening on port 8140 as mentioned in the documentation. However, New clients cannot talk to the puppet server and I'm not seeing any new certs to be signed.
[2012/01/13 18:25:46] @ dwalu joined channel #puppet
[2012/01/13 18:26:03] @ Quit: Atwa1337: Ping timeout: 244 seconds
[2012/01/13 18:27:34] @ Quit: tblamer: Quit: Going offline, see ya! (www.adiirc.com)
[2012/01/13 18:29:59] <the_ramink> pdtpatrick_: I'd start by verifying that you can reach port 8140 on your Puppet master from a client. Then try openssl s_client -connect puppet.yourdomain.com:8140 -showcerts and see if ssl looks good. Also pastie.org up any relavent logs from the server side.
[2012/01/13 18:30:25] @ freezey joined channel #puppet
[2012/01/13 18:32:47] @ Quit: ascarter: Ping timeout: 260 seconds
[2012/01/13 18:33:37] @ ascarter joined channel #puppet
[2012/01/13 18:33:57] <pdtpatrick_> interesting
[2012/01/13 18:34:03] <pdtpatrick_> I'm getting a 404
[2012/01/13 18:34:15] <pdtpatrick_> puppet.tech-corps.com:8140 10.1.134.214 - - [13/Jan/2012:15:34:05 -0800] "GET /production/certificate/ca? HTTP/1.1" 404 2737 "-" "-"
[2012/01/13 18:34:21] @ Quit: newtMcKerr: Quit: Leaving.
[2012/01/13 18:34:25] <pdtpatrick_> client error
[2012/01/13 18:34:49] <pdtpatrick_> that was from the apache logs
[2012/01/13 18:35:08] <the_ramink> pdtpatrick_: what's your vhost looks like and which version of passenger are you running
[2012/01/13 18:35:21] @ newtMcKerr joined channel #puppet
[2012/01/13 18:35:23] <pdtpatrick_> i'll paste bin
[2012/01/13 18:35:36] <the_ramink> I suspect the vhost isn't fully configure or passenger isn't installed
[2012/01/13 18:35:42] @ Quit: spiette: Ping timeout: 260 seconds
[2012/01/13 18:37:08] <pdtpatrick_> the_ramink: http://paste.pocoo.org/show/pW3XRFsHn0cc0JuNOlXh/
[2012/01/13 18:37:51] @ themadcanudist left channel #puppet ()
[2012/01/13 18:39:07] @ pcarlisl_ joined channel #puppet
[2012/01/13 18:39:16] @ ken_barber joined channel #puppet
[2012/01/13 18:39:59] <the_ramink> pdtpatrick_: DocumentRoot /usr/share/foreman/public is probably incorrect for a Puppet master
[2012/01/13 18:40:00] @ neonflux1 joined channel #puppet
[2012/01/13 18:40:16] @ Stenbryggen1 joined channel #puppet
[2012/01/13 18:40:22] @ Djelibey_ joined channel #puppet
[2012/01/13 18:40:42] @ tomben_ joined channel #puppet
[2012/01/13 18:40:57] @ paroneay` joined channel #puppet
[2012/01/13 18:41:12] @ Quit: d3vnull: Ping timeout: 252 seconds
[2012/01/13 18:41:15] @ Vorik_ joined channel #puppet
[2012/01/13 18:41:34] <pdtpatrick_> the_ramink: here's the module version i have
[2012/01/13 18:41:35] <pdtpatrick_> ii libapache2-mod-passenger 2.2.11debian-2 Rails and Rack support for Apache2
[2012/01/13 18:41:42] @ danblack joined channel #puppet
[2012/01/13 18:41:50] <pdtpatrick_> i also noticed there's a puppetmaster-passenger (this is not installed)
[2012/01/13 18:41:51] @ newtMcKerr1 joined channel #puppet
[2012/01/13 18:41:53] @ mfridh_ joined channel #puppet
[2012/01/13 18:41:54] @ bauke joined channel #puppet
[2012/01/13 18:42:07] @ faulpaul_ joined channel #puppet
[2012/01/13 18:42:32] @ masterzen_ joined channel #puppet
[2012/01/13 18:42:41] @ gnat421 joined channel #puppet
[2012/01/13 18:42:45] @ fhd_ joined channel #puppet
[2012/01/13 18:42:51] @ jorhett1 joined channel #puppet
[2012/01/13 18:42:53] @ Quit: benkevan: Quit: leaving
[2012/01/13 18:42:59] @ brd_ joined channel #puppet
[2012/01/13 18:43:08] @ hggh__ joined channel #puppet
[2012/01/13 18:43:09] @ TREllis_ joined channel #puppet
[2012/01/13 18:43:11] <the_ramink> puppetmaster-passenger provides, /usr/share/puppet/rack/puppetmasterd/config.ru which is part of the parth DocumentRoot should be pointing to
[2012/01/13 18:43:16] @ ridankul1us joined channel #puppet
[2012/01/13 18:43:21] @ kwame_ joined channel #puppet
[2012/01/13 18:43:32] @ DJClean_ joined channel #puppet
[2012/01/13 18:44:02] @ Quit: hattwick: Ping timeout: 260 seconds
[2012/01/13 18:46:40] <pdtpatrick_> the_ramink: what about Directory? point that to foreman public ?
[2012/01/13 18:46:41] @ Quit: danblack: Read error: Connection reset by peer
[2012/01/13 18:47:03] <pdtpatrick_> or point that /usr/share/puppet/rack/puppetmasterd/ ??
[2012/01/13 18:47:32] <the_ramink> pdtpatrick_: I'm confused, are you installing foreman or a Puppet master. They are two different bits of software though some of their functions overlap
[2012/01/13 18:47:36] @ Sargun_S1reen joined channel #puppet
[2012/01/13 18:48:06] @ Quit: freezey: Quit: freezey
[2012/01/13 18:48:09] <pdtpatrick_> the_ramink: i've installed puppet but i'll also like to use dashboard
[2012/01/13 18:48:20] @ cirbri_ joined channel #puppet
[2012/01/13 18:48:25] <pdtpatrick_> first step i guess is if you can help me figure out the puppet master part
[2012/01/13 18:48:26] <the_ramink> dashboard is also a different peiece of software.
[2012/01/13 18:48:28] @ Quit: newtMcKerr: .net .split
[2012/01/13 18:48:29] @ Quit: joshcooper: .net .split
[2012/01/13 18:48:30] @ Quit: paroneayea: .net .split
[2012/01/13 18:48:30] @ Quit: Stenbryggen: .net .split
[2012/01/13 18:48:31] @ Quit: Djelibeybi: .net .split
[2012/01/13 18:48:32] @ Quit: tomben: .net .split
[2012/01/13 18:48:33] @ Quit: Vorik: .net .split
[2012/01/13 18:48:33] @ Quit: omry_: .net .split
[2012/01/13 18:48:35] @ Quit: pcarlisle: .net .split
[2012/01/13 18:48:36] @ Quit: neonflux: .net .split
[2012/01/13 18:48:36] @ Quit: kenperkins: .net .split
[2012/01/13 18:48:38] @ Quit: gnat42: .net .split
[2012/01/13 18:48:39] @ Quit: brd: .net .split
[2012/01/13 18:48:40] @ Quit: joe-mac: .net .split
[2012/01/13 18:48:41] @ Quit: masterzen: .net .split
[2012/01/13 18:48:42] @ Quit: jetole: .net .split
[2012/01/13 18:48:43] @ Quit: DJClean: .net .split
[2012/01/13 18:48:44] @ Quit: bauke_: .net .split
[2012/01/13 18:48:46] @ Quit: lwhalen: .net .split
[2012/01/13 18:48:47] @ Quit: ken_barber1: .net .split
[2012/01/13 18:48:49] @ Quit: cirbri: .net .split
[2012/01/13 18:48:49] @ Quit: viq: .net .split
[2012/01/13 18:48:51] @ Quit: TCPcaveman: .net .split
[2012/01/13 18:48:52] @ Quit: jorhett: .net .split
[2012/01/13 18:48:53] @ Quit: faulpaul: .net .split
[2012/01/13 18:48:54] @ Quit: patcon: .net .split
[2012/01/13 18:48:55] @ Quit: hggh: .net .split
[2012/01/13 18:48:55] @ Quit: ba6: .net .split
[2012/01/13 18:48:56] @ Quit: mogitux: .net .split
[2012/01/13 18:48:56] @ Quit: tim\|mac: .net .split
[2012/01/13 18:48:58] @ Quit: Sargun_Screen: .net .split
[2012/01/13 18:48:58] @ Quit: TREllis: .net .split
[2012/01/13 18:49:00] @ Quit: ridankulous: .net .split
[2012/01/13 18:49:00] @ Quit: kwame: .net .split
[2012/01/13 18:49:02] @ Quit: londo: .net .split
[2012/01/13 18:49:02] @ Quit: jyrkip: .net .split
[2012/01/13 18:49:03] @ Quit: fhd: .net .split
[2012/01/13 18:49:04] @ Quit: codec: .net .split
[2012/01/13 18:49:05] @ Quit: HCoyote: .net .split
[2012/01/13 18:49:05] @ Quit: mfridh: .net .split
[2012/01/13 18:49:06] @ Quit: snuden: .net .split
[2012/01/13 18:49:07] @ kenperkins joined channel #puppet
[2012/01/13 18:49:24] <pdtpatrick_> i've done the changes you recommended
[2012/01/13 18:49:30] <pdtpatrick_> config.ru
[2012/01/13 18:49:43] <pdtpatrick_> should i also change the <Directory > to something else?
[2012/01/13 18:50:03] @ Demosthenes joined channel #puppet
[2012/01/13 18:52:04] @ Quit: blentz: Ping timeout: 240 seconds
[2012/01/13 18:52:07] @ Quit: Reepicheep: Quit: Ex-Chat
[2012/01/13 18:52:16] <pdtpatrick_> after install puppetmaster-passenger, i now get the follow error when i run "passenger-status"
[2012/01/13 18:52:17] <pdtpatrick_> ERROR: Phusion Passenger doesn't seem to be running.
[2012/01/13 18:52:23] @ hattwick joined channel #puppet
[2012/01/13 18:52:41] @ viq joined channel #puppet
[2012/01/13 18:52:41] @ TCPcaveman joined channel #puppet
[2012/01/13 18:52:41] @ tim\|mac joined channel #puppet
[2012/01/13 18:52:42] @ codec joined channel #puppet
[2012/01/13 18:52:43] @ mogitux joined channel #puppet
[2012/01/13 18:52:43] @ jyrkip joined channel #puppet
[2012/01/13 18:52:45] @ jetole joined channel #puppet
[2012/01/13 18:52:59] @ kwame_ is now known as kwame
[2012/01/13 18:53:01] @ HCoyote joined channel #puppet
[2012/01/13 18:53:04] @ danblack joined channel #puppet
[2012/01/13 18:53:09] @ ba6 joined channel #puppet
[2012/01/13 18:53:18] @ omry_ joined channel #puppet
[2012/01/13 18:53:23] <the_ramink> pdtpatrick_: well it's 4pm on a Friday in my timezone and there is booze to be drunk. I recommend finding the Passenger/Puppet docs and following them completely instead of this halfassed installation of whatever it is you're doing. It should "just work" if you follow them and use the apache.conf recommended in the docs. Good luck. Else ping me around 9am PST on Monday.
[2012/01/13 18:53:41] @ lwhalen joined channel #puppet
[2012/01/13 18:53:45] @ Quit: the_ramink: Quit: ~ Trillian Astra - www.trillian.im ~
[2012/01/13 18:54:58] @ snuden joined channel #puppet
[2012/01/13 18:55:11] @ joe-mac joined channel #puppet
[2012/01/13 18:56:27] @ gniks joined channel #puppet
[2012/01/13 18:59:40] @ Quit: xe4l: Ping timeout: 276 seconds
[2012/01/13 19:00:43] @ Quit: danblack: Read error: Connection reset by peer
[2012/01/13 19:00:57] @ xe4l joined channel #puppet
[2012/01/13 19:02:54] @ Quit: pcarlisl_: Quit: Computer has gone to sleep.
[2012/01/13 19:04:53] @ Quit: newtMcKerr1: Quit: Leaving.
[2012/01/13 19:05:39] @ blentz joined channel #puppet
[2012/01/13 19:06:43] @ Quit: neonflux1: Quit: Leaving.
[2012/01/13 19:07:39] @ patcon joined channel #puppet
[2012/01/13 19:08:21] @ Quit: paxos: Quit: Leaving.
[2012/01/13 19:09:26] @ Quit: williemach: Quit: Leaving.
[2012/01/13 19:09:26] @ Quit: Stenbryggen1: Quit: Leaving.
[2012/01/13 19:10:52] @ Stenbryggen joined channel #puppet
[2012/01/13 19:11:00] @ st33v joined channel #puppet
[2012/01/13 19:12:30] @ Quit: zwi: Quit: Leaving.
[2012/01/13 19:13:49] @ pcarlisle joined channel #puppet
[2012/01/13 19:14:01] @ Quit: dwalu: Quit: dwalu
[2012/01/13 19:14:54] @ dwalu joined channel #puppet
[2012/01/13 19:15:52] @ themadcanudist joined channel #puppet
[2012/01/13 19:16:17] @ Quit: Text_: Ping timeout: 258 seconds
[2012/01/13 19:16:33] <themadcanudist> hey guys… is there any way to only execute a number of chained resources if an initial (first) Exec resource succeeds?
[2012/01/13 19:16:40] <themadcanudist> or a clever way of doing that?
[2012/01/13 19:17:39] @ Quit: DJClean_: Read error: Operation timed out
[2012/01/13 19:23:13] @ Quit: st33v: Quit: st33v
[2012/01/13 19:23:52] @ Quit: iw_work: Quit: Leaving
[2012/01/13 19:26:18] @ Quit: benjiedmund: Remote host closed the connection
[2012/01/13 19:26:34] @ danblack joined channel #puppet
[2012/01/13 19:27:44] @ Quit: emmanuelux: Ping timeout: 240 seconds
[2012/01/13 19:29:19] @ Quit: danblack: Read error: Connection reset by peer
[2012/01/13 19:29:39] @ gazoombo joined channel #puppet
[2012/01/13 19:29:49] @ danblack joined channel #puppet
[2012/01/13 19:29:50] @ Quit: Djelibey_: Changing host
[2012/01/13 19:29:50] @ Djelibey_ joined channel #puppet
[2012/01/13 19:30:02] @ Djelibey_ is now known as Djelibeybi
[2012/01/13 19:30:19] @ emmanuelux joined channel #puppet
[2012/01/13 19:30:20] @ newtMcKerr joined channel #puppet
[2012/01/13 19:31:09] @ Quit: willaerk: Quit: Leaving
[2012/01/13 19:31:20] @ Quit: bsg_kwolf: Quit: Leaving.
[2012/01/13 19:32:03] @ Quit: Djelibeybi: Quit: Textual IRC Client: http://www.textualapp.com/
[2012/01/13 19:32:17] @ Quit: and`: Quit: leaving
[2012/01/13 19:32:37] @ lak joined channel #puppet
[2012/01/13 19:32:38] @ Quit: lak: Changing host
[2012/01/13 19:32:38] @ lak joined channel #puppet
[2012/01/13 19:33:16] @ Quit: dan__t: Ping timeout: 240 seconds
[2012/01/13 19:37:30] @ Quit: danblack: Read error: Connection reset by peer
[2012/01/13 19:37:59] @ danblack joined channel #puppet
[2012/01/13 19:40:05] @ Quit: danblack: Read error: Connection reset by peer
[2012/01/13 19:42:03] @ mbrannigan joined channel #puppet
[2012/01/13 19:46:03] <mbrannigan> is this a way to determine if a user exists within a manifest? http://pastebin.com/3zPRFXZC
[2012/01/13 19:46:13] <mbrannigan> it seems to always return true
[2012/01/13 19:47:18] <justintime> themadcanudist: does using a notify on the Exec work? I think the others will fail with dependency issues if the first fails.
[2012/01/13 19:47:45] @ Quit: mrwacky42: Quit: Leaving.
[2012/01/13 19:55:38] @ danblack joined channel #puppet
[2012/01/13 19:59:01] @ Quit: gabrtv: Quit: gabrtv
[2012/01/13 20:00:16] @ Quit: chadskidmore: Quit: Computer has gone to sleep.
[2012/01/13 20:00:54] @ Quit: danblack: Read error: Connection reset by peer
[2012/01/13 20:01:32] @ n8 joined channel #puppet
[2012/01/13 20:02:33] @ Quit: metcalfc: Ping timeout: 255 seconds
[2012/01/13 20:02:36] <themadcanudist> yeah, i already have them failing with dep issues
[2012/01/13 20:03:04] <themadcanudist> i was just wondering if there was a way to do it where they don't fail, they just don't get executed… i guess it doesn't matter.. it just seems reasonable to have different execution paths without considering them failures
[2012/01/13 20:03:28] <themadcanudist> ie… it would be cool if unless was a metaparameter...
[2012/01/13 20:03:57] <themadcanudist> or you could put resources in the unless statement for exec (based on execution of resource)
[2012/01/13 20:03:59] <themadcanudist> stuff like that
[2012/01/13 20:04:17] @ st33v joined channel #puppet
[2012/01/13 20:04:54] @ Quit: kenperkins: Ping timeout: 248 seconds
[2012/01/13 20:06:14] @ Quit: djm68: Remote host closed the connection
[2012/01/13 20:06:32] @ Quit: newtMcKerr: Quit: Leaving.
[2012/01/13 20:07:16] @ Quit: kermit: Quit: Leaving.
[2012/01/13 20:07:24] @ Quit: lak: Quit: Leaving.
[2012/01/13 20:10:53] @ Quit: althara: Ping timeout: 252 seconds
[2012/01/13 20:11:10] @ Quit: dwalu: Quit: dwalu
[2012/01/13 20:12:32] @ vrais joined channel #puppet
[2012/01/13 20:14:03] @ Guest79498 is now known as nb_
[2012/01/13 20:14:10] @ Quit: nb_: Changing host
[2012/01/13 20:14:10] @ nb_ joined channel #puppet
[2012/01/13 20:17:55] @ Quit: st33v: Quit: st33v
[2012/01/13 20:19:39] @ Quit: vrais:
[2012/01/13 20:24:00] @ kermit joined channel #puppet
[2012/01/13 20:25:20] @ Quit: tomben_: Read error: Connection reset by peer
[2012/01/13 20:26:11] <rodjek> themadcanudist: you may be going about things the wrong way for puppet
[2012/01/13 20:26:13] @ tomben joined channel #puppet
[2012/01/13 20:26:20] <rodjek> what does the first exec resource do?
[2012/01/13 20:26:53] @ gabrtv joined channel #puppet
[2012/01/13 20:28:47] @ Quit: langworthy: Quit: langworthy
[2012/01/13 20:29:27] @ Quit: gabrtv: Client Quit
[2012/01/13 20:30:43] @ gabrtv joined channel #puppet
[2012/01/13 20:40:05] @ Quit: rcrowley: Quit: Computer has gone to sleep.
[2012/01/13 20:40:47] @ Quit: marrusl: Quit: Ex-Chat
[2012/01/13 20:42:14] @ Quit: pcarlisle: Quit: Computer has gone to sleep.
[2012/01/13 20:43:05] @ newtMcKerr joined channel #puppet
[2012/01/13 20:45:17] @ rubic joined channel #puppet
[2012/01/13 20:45:33] <shadowshell> countskm: Thanks for the info. I had seen that thread, but I guess not the entire thing. It seems from what this says it is possible then
[2012/01/13 20:45:49] @ Quit: kermit: Quit: Leaving.
[2012/01/13 20:48:45] @ Quit: alanevans: Remote host closed the connection
[2012/01/13 20:52:34] @ BobLfoot joined channel #puppet
[2012/01/13 20:54:22] @ zwi joined channel #puppet
[2012/01/13 20:54:24] @ Quit: cwarden: Ping timeout: 240 seconds
[2012/01/13 20:55:07] @ abetterlie joined channel #puppet
[2012/01/13 20:55:42] @ kermit joined channel #puppet
[2012/01/13 20:57:54] @ st33v joined channel #puppet
[2012/01/13 21:02:44] <BobLfoot> I want to find something to replace cobbler, I've been told puppet can do this. I can't find anything on the puppetlabs.com website that tells how I'd do that. Everything I am finding talks about puppet modifying the system it's installed on and I don't want to ahve to install puppet on every vm I launch. I was looking for a program like cobbler where I could define the systems on the server and deploy them to their various hardware/virtual instance.
[2012/01/13 21:03:40] @ Quit: joe-mac: Ping timeout: 240 seconds
[2012/01/13 21:04:06] @ Quit: jsurfer: Ping timeout: 248 seconds
[2012/01/13 21:04:52] <misc> I am not sure that puppet alone can replace cobbler
[2012/01/13 21:04:58] <misc> more that puppet complement cobbler
[2012/01/13 21:05:38] @ ali3n0 joined channel #puppet
[2012/01/13 21:06:49] @ Holocaine joined channel #puppet
[2012/01/13 21:08:34] @ nitram_macair_ joined channel #puppet
[2012/01/13 21:13:35] @ erkules\|away joined channel #puppet
[2012/01/13 21:14:56] @ Quit: Hypnoz: Quit: Leaving.
[2012/01/13 21:15:50] @ Quit: erkules: Ping timeout: 248 seconds
[2012/01/13 21:17:59] @ Quit: seanh-ansca: Read error: Operation timed out
[2012/01/13 21:18:43] @ Quit: comptona: Ping timeout: 252 seconds
[2012/01/13 21:20:25] @ HarrisonZhu joined channel #puppet
[2012/01/13 21:22:48] @ Quit: mbrannigan: Quit: Leaving
[2012/01/13 21:23:38] @ andrew_ joined channel #puppet
[2012/01/13 21:23:49] @ Quit: shadowshell: Read error: Connection reset by peer
[2012/01/13 21:24:04] @ andrew_ is now known as Guest75046
[2012/01/13 21:24:14] @ Guest75046 is now known as AndrewH
[2012/01/13 21:24:21] @ shadowshell joined channel #puppet
[2012/01/13 21:24:22] @ AndrewH is now known as AndrewH_
[2012/01/13 21:24:54] <AndrewH_> is there a way to turn off the client displaying the changes to the last_run_summary all the time?
[2012/01/13 21:24:57] @ Quit: emmanuelux: Read error: No route to host
[2012/01/13 21:25:37] @ Quit: st33v: Quit: st33v
[2012/01/13 21:25:59] @ emmanuelux joined channel #puppet
[2012/01/13 21:26:44] @ Quit: skm: Quit: Computer has gone to sleep.
[2012/01/13 21:27:21] @ lak joined channel #puppet
[2012/01/13 21:27:35] @ Quit: lak: Changing host
[2012/01/13 21:27:35] @ lak joined channel #puppet
[2012/01/13 21:28:05] @ Quit: BobLfoot: Quit: leaving
[2012/01/13 21:28:10] @ e1mer joined channel #puppet
[2012/01/13 21:28:11] @ Quit: e1mer: Changing host
[2012/01/13 21:28:11] @ e1mer joined channel #puppet
[2012/01/13 21:28:44] @ Quit: PotatoRape: Quit: Leaving
[2012/01/13 21:30:18] <AndrewH_> is there a way to turn this off for every agent run? notice: /File[/var/lib/puppet/state/last_run_summary.yaml]/content:
[2012/01/13 21:30:40] <rodjek> AndrewH_: probably not
[2012/01/13 21:31:19] <AndrewH_> rodjek: damn ok. i just got everyone used to checking for blue messages and a recent upgrade makes that appear all the time
[2012/01/13 21:33:28] @ Quit: nitram_macair_: Quit: nitram_macair_
[2012/01/13 21:33:34] <rodjek> AndrewH_: you could try setting lastrunreport = /dev/null
[2012/01/13 21:33:38] <rodjek> might work?
[2012/01/13 21:34:44] @ bmahe joined channel #puppet
[2012/01/13 21:34:54] <AndrewH_> rodjek: err: nope :( Could not send report: /dev/null is not a file
[2012/01/13 21:35:38] <rodjek> ah well, was worth a shot
[2012/01/13 21:35:44] <AndrewH_> i might just have to comment it out for the moment
[2012/01/13 21:36:54] <rodjek> AndrewH_: another option is the write your own report process that strips out that line for you
[2012/01/13 21:37:00] <rodjek> if you never want to see it
[2012/01/13 21:38:40] <AndrewH_> rodjek: thanks for the suggestion. ill give it a go. its that line pluss all the timing diff afterwards which looks a spammy to me for internal puppet stuff
[2012/01/13 21:43:55] @ Quit: AndrewH_: Quit: Page closed
[2012/01/13 21:44:16] @ Quit: Demosthenes: Ping timeout: 240 seconds
[2012/01/13 21:48:08] @ nb_ is now known as nb__
[2012/01/13 21:48:12] @ alanevans joined channel #puppet
[2012/01/13 21:48:16] @ nb__ is now known as nb
[2012/01/13 21:54:13] @ Quit: Holocaine:
[2012/01/13 21:56:31] @ Quit: shadoi: Quit: Leaving.
[2012/01/13 21:56:45] @ Atwa1337 joined channel #puppet
[2012/01/13 21:58:02] @ Quit: shanlar_: Read error: Connection reset by peer
[2012/01/13 21:58:07] @ Quit: nated: Ping timeout: 260 seconds
[2012/01/13 22:00:59] @ Quit: zwi: Quit: Leaving.
[2012/01/13 22:01:52] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 22:02:04] @ jsurfer joined channel #puppet
[2012/01/13 22:02:44] @ tomben joined channel #puppet
[2012/01/13 22:03:03] @ Quit: jsurfer: Remote host closed the connection
[2012/01/13 22:06:28] @ Quit: lak: Quit: Leaving.
[2012/01/13 22:07:22] @ chapinj joined channel #puppet
[2012/01/13 22:08:41] <chapinj> is it possible to force one whole class to go after a certain resource?
[2012/01/13 22:10:04] @ Quit: aculich: Ping timeout: 248 seconds
[2012/01/13 22:10:15] @ Quit: ali3n0: Quit: Leaving.
[2012/01/13 22:14:42] <jamesturnbull> chapinj: Class["nameofclass"]
[2012/01/13 22:14:54] <chapinj> thanks!
[2012/01/13 22:15:02] <jamesturnbull> chapinj: use that as the value ofthe metaparameter like require or before etc
[2012/01/13 22:15:48] <chapinj> thanks
[2012/01/13 22:16:21] @ Quit: Atwa1337: Ping timeout: 260 seconds
[2012/01/13 22:21:23] @ Quit: choonming: Quit: Leaving
[2012/01/13 22:32:24] @ joe-mac joined channel #puppet
[2012/01/13 22:33:03] <gepetto> ::redmine:: Wiki edit: PuppetAix (#6) @ http://projects.puppetlabs.com/projects/puppet/wiki/PuppetAix?version=6 (by James Turnbull)
[2012/01/13 22:36:26] @ Quit: kesor: Remote host closed the connection
[2012/01/13 22:36:36] @ Quit: cparedes: Remote host closed the connection
[2012/01/13 22:36:37] @ Quit: devicenull: Remote host closed the connection
[2012/01/13 22:36:38] @ Quit: bk_one: Remote host closed the connection
[2012/01/13 22:36:39] @ Quit: arnihermann: Write error: Connection reset by peer
[2012/01/13 22:36:45] @ Quit: garethr: Remote host closed the connection
[2012/01/13 22:36:45] @ Quit: patcon: Remote host closed the connection
[2012/01/13 22:38:14] @ Quit: joe-mac: Ping timeout: 255 seconds
[2012/01/13 22:38:16] @ patcon joined channel #puppet
[2012/01/13 22:39:17] @ kesor joined channel #puppet
[2012/01/13 22:40:14] @ devicenull joined channel #puppet
[2012/01/13 22:43:26] @ garethr joined channel #puppet
[2012/01/13 22:47:33] @ bk_one joined channel #puppet
[2012/01/13 22:49:45] @ cparedes joined channel #puppet
[2012/01/13 22:50:19] @ danblack joined channel #puppet
[2012/01/13 22:52:00] @ Quit: zanefactory: Quit: zanefactory
[2012/01/13 22:52:07] @ aculich joined channel #puppet
[2012/01/13 22:56:42] @ Quit: motomike: Quit: Leaving.
[2012/01/13 23:00:59] @ Quit: blentz: Quit: Ex-Chat
[2012/01/13 23:04:42] @ langworthy joined channel #puppet
[2012/01/13 23:06:19] @ Demosthenes joined channel #puppet
[2012/01/13 23:09:35] @ bigwiggl1r joined channel #puppet
[2012/01/13 23:13:01] @ Quit: bigwiggler: Ping timeout: 268 seconds
[2012/01/13 23:16:52] @ Quit: cliff-hm: Ping timeout: 260 seconds
[2012/01/13 23:20:35] @ Quit: e1mer: Ping timeout: 252 seconds
[2012/01/13 23:24:43] @ Kazuhiro joined channel #puppet
[2012/01/13 23:27:47] @ arnihermann joined channel #puppet
[2012/01/13 23:36:33] @ Quit: leepa: Remote host closed the connection
[2012/01/13 23:36:34] @ Quit: WALoeIII: Remote host closed the connection
[2012/01/13 23:36:35] @ Quit: cparedes: Remote host closed the connection
[2012/01/13 23:36:36] @ Quit: garethr: Remote host closed the connection
[2012/01/13 23:36:55] @ Quit: patcon: Remote host closed the connection
[2012/01/13 23:36:56] @ Quit: kesor: Remote host closed the connection
[2012/01/13 23:36:56] @ Quit: lusis: Remote host closed the connection
[2012/01/13 23:36:57] @ Quit: arnihermann: Remote host closed the connection
[2012/01/13 23:36:58] @ Quit: bk_one: Remote host closed the connection
[2012/01/13 23:36:59] @ Quit: devicenull: Remote host closed the connection
[2012/01/13 23:37:09] @ Quit: ascarter: Ping timeout: 240 seconds
[2012/01/13 23:39:01] @ bk_one joined channel #puppet
[2012/01/13 23:39:22] @ karthick1987 joined channel #puppet
[2012/01/13 23:40:08] @ patcon joined channel #puppet
[2012/01/13 23:41:08] @ devicenull joined channel #puppet
[2012/01/13 23:41:33] @ seanh-ansca joined channel #puppet
[2012/01/13 23:41:53] @ leepa joined channel #puppet
[2012/01/13 23:42:09] @ ascarter joined channel #puppet
[2012/01/13 23:42:27] @ WALoeIII joined channel #puppet
[2012/01/13 23:44:06] @ kesor joined channel #puppet
[2012/01/13 23:46:26] @ lusis joined channel #puppet
[2012/01/13 23:48:14] @ Quit: agagag: Remote host closed the connection
[2012/01/13 23:48:43] @ Quit: tomben: Read error: Connection reset by peer
[2012/01/13 23:49:14] @ tomben joined channel #puppet
[2012/01/13 23:50:47] @ Quit: emmanuelux: Remote host closed the connection
[2012/01/13 23:51:24] @ Quit: alanevans: Ping timeout: 252 seconds
[2012/01/13 23:51:55] @ alanevans joined channel #puppet
[2012/01/13 23:53:56] @ agagag joined channel #puppet
[2012/01/13 23:54:03] @ emmanuelux joined channel #puppet
[2012/01/13 23:56:04] @ Quit: alanevans: Ping timeout: 240 seconds
[2012/01/13 23:57:24] @ Quit: danblack: Ping timeout: 276 seconds

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!