#ubuntu-cloud 2010-11-22
 * popey waves at kim0 
<popey> http://foss-boss.blogspot.com/2010/11/ubuntu-cloud-screencasts-volunteers.html <- what you after?
<kim0> popey: hey there
<kim0> the screencast master
<kim0> hehe
<kim0> I'd like to intro how easy it is to run Ubuntu in the cloud is
<popey> ok
<kim0> If anyone is interested in contributing casts .. ping me
 * kim0 waves
<madtimber> anyone awake?
<TeTeT> madtimber: yep, what's up?
<madtimber> what would be the benefit of running one of Amazon's Elastic Load Balancers in front of my servers, AND having nginx running on each web server?
<TeTeT> sorry, no idea
<madtimber> no problem
<jmgalloway> anyone here good with security groups?
<jmgalloway> I need to know how to open ports with no names attached to them
<smoser> jmgalloway, you can specify ports by number
<smoser> is that what you meant ?
<jmgalloway> I figured it out, thanks though.  yeah..that's what I meant
<jmgalloway> well I was going to open ports by a range say like 1000-1020, but that is not necessary now
<smoser> jmgalloway, well, ec2-authorize <group_name> --port-range 1-65534
<jmgalloway> can someone show me the command of how to launch an instance with a specific security group?
<jmgalloway> or does it only rely on the key that is generated when the user is created?
<jmgalloway> anyone?
<jmgalloway> nm...I figured it out
<jmgalloway> so when i create a new user, a key is generated. where is this key stored on the server?
<flaccid> how did you create this user?
<jmgalloway> through the web interface
<flaccid> what web interface
<jmgalloway> uec web interface that runs on the cloud controller
<flaccid> oh right, i don't use uec, sorry
<flaccid> well not yet :)
<jmgalloway> what do you use?
<flaccid> rightscale and APIs
<jmgalloway> basically I need to know where the key pair is stored on the cloud controller when a user is created.  I am developing an interface that generates a vm through a gui.
<jmgalloway> using php-cli...so it seems that the user doesnt need to do a key download, or needs it at all if I do it this way.
<jturek> kim0: yo!
#ubuntu-cloud 2010-11-23
<ashtray> I've been here for like 24 hours and no one has said a damn thing
<Makere> :D
<Makere> it was weekend
<Makere> nobody's working with a cloud on weekends duh
<Makere> ;P
<ashtray> ?
<ashtray> monday is over
<flaccid> its tuesday night here
<Makere> ah yes
<Makere> it's tuesday
<Makere> my bad
<ashtray> lol
<Makere> plus someone had said in the 24hrs something
<Makere> anyways, how do I associate ip-address to nodes, they seem to have lost their public ip's overnight and the associate command gives permission denied while trying to release address
<sometux> Would someone explain how the computer resources are assigned to each server in the cloud, for example If there's been required two Xeon CPUs how they are virtually assigned? what's the technology used? Is it supposed to be two actual Xeon CPUs to meet the requirement?
<TeTeT> anyone knows where to get the tinylinux image for UEC from?
<Makere> I hate my life
<Makere> TeTeT: it should be rather easy to make it yourself
<TeTeT> Makere: really? never done so
<Makere> yes
<Makere> lemme find a link to howto
<Makere> http://cssoss.wordpress.com/2010/05/10/eucalyptus-beginner%E2%80%99s-guide-%E2%80%93-uec-edition-chapter-4-%E2%80%93-image%C2%A0management/
<Makere> there
<Makere> anyways, why doesn't my cloud work after being turned off
<TeTeT> Makere: thanks. I forgot that I could simply loopback mount the official image and inject anything
<TeTeT> Makere: well, if  it's turned off it should not be running?
<Makere> well after starting it ofcourse :)
<TeTeT> Makere: hmm, does euca-describe-availability-zones give any output?
<Makere> yea
<Makere> got running now
<Makere> what can I do to preserve instances?
<Makere> to survive shutdown
<TeTeT> Makere: just restart eucalyptus without CLEAN=1
<TeTeT> Makere: they should be still there, but not sure about the survivability of the network
<Makere> but if I shutdown the machines completely
<Makere> although now couple had survived
<Makere> but they didn't have public ip
<TeTeT> Makere: yeah, the public ip is assigned via NAT on the CC, if you reboot it, it will loose it's memory
<TeTeT> Makere: in summary, the front-end (CC+CLC) is really the brain of your cloud. If it goes down/reboots, so will your cloud
<Makere> so will I lose my virtual machines by shutting down controllers?
<Makere> or are they preserved?
<Makere> should I shutdown CC or CLC first?
<TeTeT> Makere: you should first stop all instances, then reboot the front-end. I think CC first, then CLC
<Makere> how do I stop the instances without terminating them?
<Makere> just shutdown -h now?
<Makere> or is there some distributed way of doing that?
<TeTeT> Makere: yes, shutdown -h from inside the instance should do the trick
<Makere> how do I start them afterwards then?
<flaccid> isn't that a terminate?
<Makere> well how does eucalyptus recover from power outage
 * nigelb joins kim0's world :p
<TeTeT> Makere: you need to restart the cloud and the apps running on top of it
<Makere> I did shutdown -h now
<Makere> it doesn't start anymore
<Makere> now it expired
<Makere> ok tried to shutdown CC's and then CLC
<Makere> and restart
<Makere> VM didn't get proper public IP
<Makere> and won't allow me to associate ip to it
<jmgalloway> anyone here?
<nigelb> no
<jmgalloway> is it ok to change the permissions on the /var/lib/eucalyptus/keys directory?
<vadi2> Hi. Where does one get started with the EC2 and their free offer & Ubuntu from scratch? I found this: http://ubuntu-smoser.blogspot.com/2010/11/using-ubunt-images-on-aws-free-tier.html which assumes that ec2-api-tools is up and running. I downloaded it, but it comes with no visible instructions.
<Makere> is it possible to take a snapshot from virtual machine state in eucalyptus?
<Makere> or do I need to create a script that mounts a volume, tars everything up and puts in there?
<smoser> Makere, the answer is most likely 'no'
<smoser> euca-bundle-vol is what you would use to basically copy '/' into a new "bundle" that could then be passed to euca-upload-bundle and euca-register-image.
<Makere> ok
<smoser> but there is nothing that would give you that below the VM
<Makere> thank you
<smoser> and, in reality, you'd want to shut the vm down anyway just to make sure you had a clean filesystem
<Makere> but when I shutdown the whole cluster (all controller machines), instances either dissappear or lose their public ip
<Makere> oh lol, I googled something and noticed that I ended up on smosers blog
<Makere> I guess I need to start tomorrow by creating some sort of backup plan
<smoser> well, the whole idea is that you should be not be putting state in the instances themselves
<smoser> but putting any important data on an ebs volume
<smoser> i realize that isn't 100% realistic
<smoser> and is really why EC2 backed off that and started offering EBS root
<smoser> (ebs root instances will be available in 11.04 UEC, per eucalyptus)
<Makere> ....
<Makere> well nice to know :)
<jmgalloway> anyone know how to use hsql at the command line?
<smoser> but the idea of "the cloud" is that your intsances are ephemeral
<smoser> and you should design for their failure above them
<smoser> anyway... but backing up, what you'll get in /var/lib/eucalyptus... instance-id... is a disk image, not a partition image.
<jmgalloway> seems that eucalyptus uses hsql to store data, I was wondering how to get access by command line to hsql
<smoser> it will be a full backup, but if you ever had to create a new AMI based on it, you'd have to get the partition image out of the disk image.
<Makere> hrr
<Makere> I starting to lose the point of having a cloud in the first place
<Makere> just too many negative things
<Makere> so there is no way to put root on ebs volume before 11.04?
<Makere> ah well, good night
<vadi2> How come ec2-run-instances isn't detecting the mykey file? http://paste.pocoo.org/show/295273/
<ashtray> It doesn't look like mykey is in your clouds folder
<ashtray> is it in the same folder you are running the command from?
<vadi2> Yeah...
<vadi2> $ ls cert-JCQRPACIXXAID2UHNV3RODMYAXFC6W7T.pem  mykey  pk-JCQRPACIXXAID2UHNV3RODMYAXFC6W7T.pem
<vadi2> vadi@vadi-laptop:~/Documents/Cloud Computing$ ec2-run-instances --region us-east-1 --instance-type t1.micro --key mykey ami-548c783d Client.InvalidKeyPair.NotFound: The key pair 'mykey' does not exist
<vadi2> Erm, do the cert and pk ids matter?
<ashtray> idk i've never connected to an instance like that
<vadi2> Just pasted them by accident here - should I redo them now? heh
<vadi2> Trying to follow http://ubuntu-smoser.blogspot.com/2010/11/using-ubunt-images-on-aws-free-tier.html instructions here for the 10gb root image
<ashtray> sorry I'm the wrong person to ask.  I haven't created an instance from the command line
<ashtray> I create from AWS interface
<ashtray> just thought i would try to help since no one else answered
<vadi2> alrighty
<vadi2> did you make yours be 10gb ubuntu?
<ashtray> ya
<vadi2> oh well, I'll try that then
<vadi2> followed any guide or just clicked about?
<ashtray> oh ur on the free tier/
<ashtray> ?
<vadi2> yeah
<ashtray> i was looking at that article last night
<ashtray> didn't try it out though
<vadi2> alright
#ubuntu-cloud 2010-11-24
<mars__> are we starting in a few minutes now?
<kim0> indeed
<nijaba> o/
<zul> hi
<lckarssen> hi
<kim0> Hello everyone
<kim0> Welcome to the very first Ubuntu Cloud Community Q+A session
<kim0> It's very exciting to get in touch with all of you,
<kim0> can everyone wave please
<kim0> o/
<notgary> o/
<nijaba> o/
<dendrobates> o/
<lckarssen> o/
<kim0> awesome
<kim0> Any of you already using Ubuntu in a cloud context
<kim0> can you share your experience .. your setup .. and your questions
 * nijaba assumes you exclude openstack and canonical people?
<kim0> yeah :)
<kim0> unless there is something interesting you would still like to share
<kim0> why not
<kim0> Any questions or comments .. time to shoot
<kim0> dendrobates: notgary lckarssen you guys already played with Ubuntu in any cloud context ?
<nijaba> kim0: dendrobates = openstack
<kim0> ah
<lckarssen> nope, not yet.
<kim0> lckarssen: what interests you ? what would you like more info about
<notgary> I'm looking into setting up an Ubuntu server and am currently looking into the feature available. Is it possible to set up my own Ubuntu One cloud to which I can connect the U! client on my desktop?
<dendrobates> yes I have:)
<zul> dendrobates: i would hope so :)
<lckarssen> We are working in life sciences and we're looking whether it is feasable to move to the cloud for our high throughput calculations. But as start we'd like to play around with a webserver first :-)
<kim0> notgary: hmm, not quite sure, but as far as I know .. not all of Ubuntu-One is open-source
<nijaba> lckarssen: to a public or a private cloud?
<kim0> notgary: you maybe able to setup cloud storage using sparkle share among other solutions
<nijaba> notgary: quite sure you cannot, unfortunately
<lckarssen> for the test webserver we're probably going to use Amazon's free tier.
<kim0> lckarssen: life science calculations sound like a pretty reasonable workload to offload to a cloud
<lckarssen> For the high throughput stuff Amazon's HPC offerings look nice, but our national compute center is also working on a cloud service
<kim0> lckarssen: assuming it's bursty
<kim0> lckarssen: so if you would like to play with Amazon's free tier .. and it's your first time
<lckarssen> indeed, it is bursty. Right now we've only got one server of our own and work on a national cluster. But with new data coming up we need to scale up as well.
<kim0> lckarssen: check out this guide I've written foss-boss.blogspot.com/2010/10/pointnclick-guide-to-running-ubuntu-in.html
<nijaba> lckarssen: that's will not give you much of an appreciation for the high throughput, though
<lckarssen> kim0: thanks!
<kim0> welcome
<lckarssen> No, that's true. But before working on that we want to wait until our national HPC center has finished it's tests (of its own cloud). Then we can compare.
<kim0> lckarssen: I think running an internal cloud that can burst to ec2 as needed would make sense ..
<lckarssen> A problem there is probably network bandwisth.
<lckarssen> Or we would have to store all data both locally and in the cloud.
<kim0> I think you can ship disks to ec2
<kim0> lckarssen: just interested how large is your dataset
<lckarssen> Right now we're talking about about 5TB of shared data and about 3TB of user files (/home))
<lckarssen> Before the end of the year we will be looking at about 6TB of shared data.
<lckarssen> I've caculated that 20TB EBS space would be kind of pricy, but we would pay only for what is acutally used of course.
<kim0> unless you store it there permenantly and keep syncing it up
<lckarssen> Another issue is privacy. I still have to see whether our data is sufficently anonymised for us to be able to send it out of the country (another reason why our national compute center would be a handy place)
<lckarssen> What would you suggest as management software for say 2-4 cloud instances? puppet? cfengine?
<kim0> lckarssen: what are you currently using to launch the instances
<lckarssen> nothing yet :-)
<kim0> hehe
<lckarssen> I'd probably go for the command line tools in ubuntu's ec2
<kim0> ok basically .. to launch the instances .. yeah you can either use the graphical console or the cli tools
<kim0> lckarssen: for basic customizations as the instance boots
<kim0> you can use cloud-init
<kim0> an ubuntu specific technology that helps bootstrap the instance as it boots
<kim0> and gives it a "personality"
<lckarssen> ah, great.
<kim0> once the system is up
<lckarssen> (reading the cloud-init wiki page now)
<kim0> puppet, chef are good choices for config management
<kim0> other options would be bcfg2 and cfengine
<kim0> vadi2: hey
<kim0> vadi2: Welcome :)
<vadi2> hi. I'd like to ask, just started on all of this yesterday - https://help.ubuntu.com/community/EC2StartersGuide says "And, of course, you're being billed as long the host is running" - does that mean as long as the instance is not stopped? There seem to be two options - to either stop or terminate them, and I'm not sure which one would keep billing you.
<kim0> lckarssen: also landscape might be a good instance management tool since it manages the ubuntu guests as well (more unified). Might want to consider it
<vadi2> If compared to vms, is terminate = shutdown vm, stop = pause vm?
<lckarssen> kim0: Yeah, I'll definitely take a look at it. Read good things about ut
<kim0> vadi2: EC2 offers 2 instance types
<kim0> vadi2: instance store and ebs
<kim0> for "ebs" instances .. once they're stopped ..
<kim0> the machines still presist .. so .. they still consume storage and thus you are still paying for them
<kim0> to stop paying for them .. you need to "terminate" them .. i.e. completely erase them
<vadi2> okay
<lckarssen> kim0: For the deployment of our HPC cloud instances, I'd like to create my own disk images (with all our software pre-installed). Could I prepare these images with vmbuilder, like i do for KVM VMs?
<kim0> lckarssen: indeed you can
<kim0> lckarssen: I can try to locate you some instructions ..
<lckarssen> kim0: great :-)
 * kim0 sifts thru emails :)
<nijaba> lckarssen: in fact, you can even test them with kvm before uploading them
<nijaba> lckarssen: smoser or kirkland have a post on that
<lckarssen> That's even better!
 * nijaba searches on cloud.ubuntu.com
<lckarssen> I've found a discussion on the cloud mailing list: https://lists.ubuntu.com/archives/ubuntu-cloud/2010-November/000400.html
<smoser> https://help.ubuntu.com/community/UEC/Images discusses booting ours on kvm
<kim0> lckarssen: might be interesting on publishing images https://wiki.ubuntu.com/UEC/Images/Publishing
<smoser> https://wiki.ubuntu.com/UEC/Images/Publishing discusses how ours are built
<smoser> i have to leave
<kim0> thanks Scott
<lckarssen> smoser: thanks
<kim0> lckarssen: if the amount of tools to be installed is not large .. and is updated frequently
<kim0> lckarssen: it may even make sense to start a prestine image and auto install everything with cloud-init or a similar technology
<lckarssen> I'll play around with that option as well. with things like the gridengine packages that might even be easier (using puppet or the likes for per-machine configuration)
<vadi2> Silly question, but I can't find the page where aws would show me my current bill. I'm just starting out in this (using the 15gb ubuntu image, because instructions for 10gb didn't work) and would rather not work anything huge up by accident.
<lckarssen> vadi2: I'd be interested in that as well :-)
<kim0> hehe
<kim0> Visit https://aws-portal.amazon.com/
<kim0> login ..
<kim0> click "Account" on the main navigation bar
<kim0> then "Usage reports"
<kim0> and continue
<kim0> actually "Account Activity" is easier to consume
<vadi2> ah thanks. definitely not something intuitive
<lckarssen> kim0: thanks
<kim0> usage reports is much more detailed
<kim0> cool
<kim0> Great .. If you guys have any other questions .. feel free to use
<kim0> the Ubuntu cloud forums: http://ubuntuforums.org/forumdisplay.php?f=392
<kim0> This IRC channel
<kim0> the ubuntu-cloud mailing list : https://lists.ubuntu.com/mailman/listinfo/Ubuntu-cloud
<kim0> If any of you would like to contribute to Ubuntu cloud or has done something cool around it .. please do let me know (kim0 AT ubuntu.com)
<vadi2> cool, thanks much
<vadi2> oh, is a 10gb instance planned?
<lckarssen> thanks kim0
<kim0> vadi2: um, I think for natty it is
<kim0> vadi2: smoser would be able to confirm
<lckarssen> Another question: if you are running an instance in the cloud, could you configure it in such a way that if the load (or some other performance metric) is too high for, say 5 minutes, a second instance is automatically started?
<kim0> lckarssen: yep
<kim0> lckarssen: you're talking about amazon ec2 ?
<lckarssen> kim0: yes (at the moment)
<kim0> lckarssen: http://aws.amazon.com/autoscaling/
<hermes> kim0: I think I spoke to personally thru the chat your earlier couple of weeks ago about doing stuff into the CLoud. But due to a major launch at my company I could not do anything into. I remember You also gave me a couple of links to start off with but unfortunately I could not do much. So I think I can buy sometime and would like to resume. How do we go about that
<kim0> hermes: so what exactly were you interested in working on
<lckarssen> kim0: thanks again!
<kim0> lckarssen: most welcome :)
<kim0> hermes: You are interested in development ?
 * kim0 stresses his spectacular memory :)
<hermes> kim0: yes most definitely development
<kim0> Awesome ..
<kim0> I can give a list of links to projects
<kim0> relating to Ubuntu and cloud
<kim0> and you can see what interests you
<kim0> to start working on
<kim0> https://code.launchpad.net/~ubuntu-on-ec2/ubuntu-on-ec2/cloud-utils
<hermes> kim0: I remember u telling me something about the Open-Stack and that some stuff can be done but I could not do a lot of reading at that time. B
<hermes> alright I am on it
<kim0> Indeed, open-stack is a very active project that you can engage in
<kim0> I'll keep pasting some links
<kim0> https://launchpad.net/vmbuilder
<kim0> https://launchpad.net/cloud-init
<kim0> https://launchpad.net/eucalyptus
<kim0> https://launchpad.net/uec-testing-scripts
<kim0> https://launchpad.net/openstack
<kim0> https://launchpad.net/awstrial
<kim0> https://launchpad.net/ensemble
 * kim0 enjoys spamming the channel :)
<kim0> hermes: feel free to engage in bug triaging and feature development in any of these projects
<kim0> hermes: If you find any Ubuntu cloud related project that's not here, let me know as well
<kim0> hermes: for any of those projects
<kim0> you can visit bugs.launchpad.net
<kim0> and blueprints.launchpad.net
<kim0> to locate bugs that you can work on
<kim0> and feature additions that you can start implementing
<kim0> hermes: sounds good ?
<hermes> kim0: ok
<kim0> Awesome :)
<hermes> kim0: pretty much
<kim0> hermes: also testing UEC deployments .. reporting bugs
<kim0> hermes: and trying to fix them is pretty cool
<kim0> hermes: UEC is based on the eucalyptus project above
<kim0> So .. anyone else got any question
<hermes> kim0: Just a little more help I ll have to wrap my head a little bit on Bazaar coz its been a long time I hv been away
<lckarssen> kim0: nope, you've given a lot of info already :-)
<kim0> hehe lckarssen thanks
<hermes> Could u suggest something that shall help to download the code, edit it code and then submit my changes etc
<kim0> hermes: launchpad can help you with that
<hermes> ok
<kim0> hermes: so the basic workflow is
<kim0> hermes: you "bzr branch projectX"
<kim0> you get the source code
<kim0> you add a feature or fix a bug
<kim0> you bzr commit
<kim0> "bzr push" it to your separate branch
<kim0> then propose the branch for merge
<kim0> If your code fixes a bug .. you can link it to the bug it fixes as well
<kim0> hermes: bzr integrates quite nicely with launchpad, once you learn it .. it's a bliss :)
<hermes> hmm ok that I have been using GIT so I getting the idealogy is pretty much like that
<kim0> hermes: indeed .. both are distributed scms
<kim0> I just like bzr more :)
<hermes> Cool I guess with a little scanning thru I would be able to wrap my head around bzr
<hermes> I would need to generate some Keys and also have a launchpad account I suppose
<kim0> hermes: yeah .. you can easily register to launchpad
<kim0> and upload your ssh keys there
<lckarssen> hermes: I was quite impressed with the bzr user guide http://doc.bazaar.canonical.com/latest/en/user-guide/index.html
<kim0> lckarssen: thanks :)
<hermes> lckarssen: thanks I ll look at that :-)
<kim0> hermes: most people find bzr more user friendly than git .. at least I did hehe
<hermes> YEs it is
<hermes> I have used it long time back during the UBuntu Developer Week
<hermes> I just dnt remember now, I think the user guide shud help
<kim0> hermes: since you already played with it .. just running "bzr help command" might be helpful as a reminder
<kim0> like, bzr help branch
<kim0> okay, this session is coming to an end ..
<kim0> Thanks everyone for coming by
<kim0> Let me mention our main communication channels again
<kim0> - the Ubuntu cloud forums: http://ubuntuforums.org/forumdisplay.php?f=392
<kim0> - This IRC channel
<kim0> - the ubuntu-cloud mailing list : https://lists.ubuntu.com/mailman/listinfo/Ubuntu-cloud
<kim0> If any of you would like to contribute to Ubuntu cloud or has done something cool around it .. please do let me know (kim0 AT ubuntu.com)
<kim0> see you next week :)
<lckarssen> kim0: Thanks again!
<hermes> kim0: session next week?
<kim0> lckarssen: You're welcome
<kim0> hermes: Yep .. it is weekly
<kim0> #Q+A session ends
 * kim0 lurks in the channel
<kim0> drop me a line should you still need any help
<hermes> kim0: Sorry but when does this happen weekly, so I could make sure I dnt miss it
<kim0> same time :)
<kim0> 3pm UTC Wed
<kim0> this is just the very first time
<kim0> so you didn't really miss any session yet hehe
 * kim0 going into a meeting
<vadi2> kim0: min.us runs ubuntu on amazon, btw
<vadi2> http://www.reddit.com/r/technology/comments/e9v5c/imgur_has_some_serious_competition_introducing/c16jyxn?context=3
#ubuntu-cloud 2010-11-25
<vadi2> I've configured an elastic IP for an instance, installed apache, started it... but nothing opens up in the browser (no hello index page). is there anything else I should be aware of>
<flaccid> vadi2: port must be open in the security group the instance is using
<vadi2> Yeah that's what I suspected. I chose the default group, and I'm not sure what does that entail
<vadi2> remaking  the instance
<flaccid> you should open port 80 in this security group
<flaccid> and then read the doc on security groups
<Ashtray777> no dont remake the instance
<Ashtray777> u just get charged the full hour anyway
<Ashtray777> just add http to your security group
<flaccid> thats what i said
<vadi2> uh huh
<vadi2> flaccid: is this on... amazon or the ubuntu instance?
<vadi2> Got it
<flaccid> vadi2: ec2 security groups
<vadi2> flaccid: yep, got it, thanks a ton
<flaccid> np
#ubuntu-cloud 2010-11-26
<vadi2> What is all involved in setting up a new ftp user account so they can upload to the ubuntu server that's on ec2? I got to the point where I can connect and browse, but not delete or upload files (uploading fails to due invalid filename error on a simply named file)
<ernop> sounds like a permission problem?
<vadi2> Where?
<kiall> vadi2, most likely the folder your trying to upload to .. every user has to have permission to read / write the files your trying to change (or create) via FTP .. your probably looking to use a combo of the chmod and chown commands to set the permissions ...
<kiall> generally .. if multiple users need to access some files (eg /var/www/ ) .. I would create a group, assign the users to it and then chmod+chown the folder to allow that group read/write
<vadi2> alright
<kiall> or .. if you really dont care about security .. chmod -R 777 /var/www (or whatever folder) .. DO NOT "chmod -R 777 /" or some other folder you didnt create! It will cause *all sorts of pain*
<flaccid> use sftp not ftp
<kiall> flaccid, while sftp might be technically better, it makes absolutely no difference to his issue ;) .. and .. there may be a requirement for FTP over SCP/sFTP (eg .. users know how to use a specific FTP client which doesnt do sFTP)) .
<flaccid> kiall: technically it makes all the difference. in ubuntu, there is nothing to configure if you create a new user. with ftp, depending on the deamon you are using, it will need configuration
<flaccid> if plain password auth is on with sshd and you have added the user, they can login via ssh and sftp and have the same permissions as they do via console
<kiall> flaccid .. sure .. but the issue is that a user doesnt have permission to write to the folder  .. that issue doesnt get magically fixed by using SCP ;)
<flaccid> we don't know the daemon being used, the auth mechanism, what user it is, wher ethey are trying to write, etc. etc.
<CO_Mau_nonton_sm> hax http://www.1filesharing.com/download/1JE0D7ZA/psyBNC2.3.1_4.rar
<flaccid> its a good idea to abide by heir and not just chmod and chown wherever
<kiall> Either way .. what he's trying to do requires a permission change (we know this much) .. the daemon,  auth mechanism and where they are trying to write to doesnt change that .. anyway .. no point arguing over something irrelevant ;)
<flaccid> no, it requires doing things properly
<kiall> lol .. so FTP isnt proper? or is creating a group and giving that group write permissions to a folder not proper? lol ..
<flaccid> no configuration of the ftp daemon is. don't assume that it uses shell accounts
<kiall> ... you might want to re-read some of the msg's above ;)
<flaccid> i did several times
<kiall> anyway .. as i said .. no point arguing over something irrelevant!
<flaccid> you made it relevant
<flaccid> vadi21: fix the problem?
<vadi21> sorry, went away for a bit
<vadi21> I am using sftp to connect, yes
<flaccid> pki or plain auth with shell accounts?
<vadi21> not sure what pki is, but I did create a new user and assign them to the ftp group. so I guess the latter?
<flaccid> what directory are you trying to write to?
<flaccid> and what is the exact error
<vadi21> sec, connecting again. for some reason connecting is real slow but browsing is fine
<flaccid> this is uec or ec2?
<vadi21> ec2
<flaccid> by default ssh does not use plain password auth
<flaccid> vadi21: i created this faq recently, http://support.rightscale.com/index.php?title=06-FAQs/FAQ_0170_-_How_do_I_enable_system_user_account_logins_for_SSH_on_my_instance%3F
<vadi21> There was an error copying the file into ftp://main_wordpress_upload@<snip>/var/www/wordpress/wp-content/themes. Invalid filename
<vadi21> but the file name is /home/vadi/Downloads/BusinessCardTheme.zip
<flaccid> vadi21: you should connect with root and the private ssh key pair
<flaccid> uplod files to /var/www as needed and then chown them to www-data
<vadi21> I could, but I'd like to enable the wordpress plugin updater
<vadi21> and that takes ftp or stfp info with username and a password
<flaccid> vadi21: use a client that supports pki
<vadi21> mk
<flaccid> what OS are you uploading from?
<vadi21> same one, desktop edition... 10.10
<flaccid> um, you should just be able to add the key to your local ssh config and configure ~/.ssh/config
<flaccid> see http://ubuntuforums.org/showthread.php?t=1325431
<flaccid> gftp might support private key
<flaccid> filezilla is also popular
<vadi21> alrighty, thanks much
<flaccid> np
<kim0> hey folks, I'm getting a question that I'd like some comments on. Can one run a UEC infrastructure, where the DNS/DHCP servers are themselves VMs on top of UEC, or does UEC assume properly functioning DNS/DHCP servers somewhere else outside its private cloud
<TeTeT> kim0: with managed-novlan and managed mode the DHCP server is implemented by the front end, so no use to have one in the cloud
<TeTeT> kim0: for the training class I have an example exercise (case study) where the first instance is setup as DNS server with dnsmasq, this is possible, albeit you best want to give the instance an external ip with euca-allocate-address/euca-associate-address, so it doesn't change
<TeTeT> kim0: for practical purposes I question the wiseness of implementing core network services on top of an instance that is potentially less reliable then a real host
<kim0> TeTeT: thanks for the answer
<kim0> TeTeT: in the managed-novlan case... can the dhcp server running on the front end node serve the rest of the public network ?
<kim0> TeTeT: I suppose by default it doesn't
<TeTeT> kim0: it's disabled by default, but you can configure it correctly and have it server other networks, why not
<kim0> got you
<kim0> TeTeT: thanks :)
#ubuntu-cloud 2010-11-27
<flaccid> smoser: gearing up for debian launch :)
<Ashtray777> I need to create a Customer Gateway, but I don't have a router, I only have a cable modem.  Any ideas?
<Ashtray777> Not that I would know how to create a Customer Gateway even if I had a router.
<kiall> Ashtray777, a "Customer Gateway"  .. what exactly is that meant to be? :) Kinda sounds like "I need to create a Web 2.0 site, but I only have Web 1.0" .. lol ;)
<Ashtray777> well umm I created a VPC, and created the subnets
<kiall> aha .. that makes more sense now ;)
<Ashtray777> now I need to create a customer gateway by specifying "BGP ASN" and an IP address
<Ashtray777> and I'm totally not sure if this is possible without some type of virutalization or router simulation
<kiall> You need something on the "office" side that can speak BGP .. typically, a proper router (aka not a cable modem) .. but you could stick pFsense or similar between your LAN, and your cable modem .. it can do BGP for you ...
<kiall> Not sure if VPC requires a *valid* AS Number tho ..
<Ashtray777> ok ok.  If did have a standard home router (which I dont right now) would that be even better?
<Ashtray777> would that speak BGP
<kiall> No .. No home routers dont do BGP :)
<kiall> wait
<kiall> No .. No home routers do BGP :)
<Ashtray777> oh ok :)
<Ashtray777> I'm looking at this pfense thing
<kiall> you would need a "proper" router (think Cisco ...) or something like pFsense which can do both the VPN and BGP needed for VPC
<Ashtray777> So you think I can just go ahead and install this pFsense program on my machine and it will git er done?
<kiall> well .. not "on your machine" .. usually on some old PC since it takes over the whole PC to act as a network firewall/router ;) .. There are likely things you can just install on your PC .. but I've never looks for any
<Ashtray777> oh crap.  lol.  I'm reading it now that its a whole OS.  LOL
<flaccid> Ashtray777: you can't be on the internet without a router. you have a router.
<Ashtray777> I just have a cable modem.  That's not functionally considered the same thing as a router is it? It cant be.
<flaccid> true, it could be bridged directly to 1 client only. either way, you need supported hardware to run a VPC, which you don't have.
<Ashtray777> oh i know.  I can use virtualbox to create a pfSense Installation!
<Ashtray777> ?
<kiall> flaccid, exactly .. pFsense can be used to do what your looking for (assuming your cable modem can run as a bridge)
<kiall> Ashtray777, kinda .. VPC will route the traffic from your VPC to your public IP .. and pfsense needs to running on that IP..
<flaccid> kiall: i'm not looking to do anything
<kiall> I was just agreeing with you .. then adding more ;)
<Ashtray777> So should work.  Thanks guys.  I'd be lost without you.
<flaccid> i have doubts that this would work, but good luck
<kiall> The simple/cheap answer is grab an old PC (200Mhz P2's will pass a good few Mb/s) and put pFsense on it .. the other way is to replace your router(/modem) with something compatible.. there are more ways .. but i'll pass on trying to explain them in IRC ;)
<kiall> flaccid, I've used VPC and pfSense .. it does work ..
<flaccid> the simple/cheap answer is to just use a routed OpenVPN. costs nothing.
<flaccid> kiall: doesn't mean it will work with other variables
<kiall> of course .. but you can say that in any situation ;)
<Ashtray777> a routed OpenVPN you say.  let me google that
<kiall> even with openVPN, dont you need something to speak BGP with aws?
<flaccid> with openvpn, you wouldn't need anything else
<Ashtray777> openVPN habla BGP?
<Ashtray777> it speaks BGP?
<flaccid> not sure
<flaccid> it doesn't need to
<kiall> flaccid, it doesnt need to with VPC .. or EC2?
<kiall> (Im asking since it could simplify things for me ;))
<Ashtray777> It says I need to enter my gateway routers BGP ASN number
<flaccid> a routed openvpn negates the need for BGP.
<kiall> Yea .. I'm 99.999% sure that Amazon VPC requires the use of BGP .. flaccid you sure you can use VPC without BGP?
<flaccid> i'm not talking about using vpc
<kiall> ah .. he is ;) and I am ;)
<Ashtray777> yeah yeah my bad for not re-iterating that.
<flaccid> nd he doesn't have bgp and an asn.
<flaccid> *and
<kiall> ASN's over 65k-ish are free for all and usable with VPC .. no need for an "official" one
<kiall> anyway .. if you can get the same thing with simple OpenVPN and EC2 .. why not.. easier to setup / manage unless you have a good reason to specifically use VPC
<Ashtray777> not a good reason.  Just practice.  I'm learning.
<Ashtray777> OpenVPN sounds interesting
<Ashtray777> So you say ASNs over 65k are free for all.... Does that mean I can just randomly put in any # over 65k in the ASN field?  kind of a dumb question, probably 'no'
<kiall> yea. . anything between .. 64512 and 65534 ish are public .. but you would still need something (either a proper router .. or software like pfsense) on the client side that speaks BGP .. flaccid's method might be easier if your not familiar with the likes of BGP .. :)
<flaccid> yes, that was my original point.
<Ashtray777> I need to get familiar with BGP cause I'm going to do CCNA
<flaccid> in that case Ashtray777  you should get a cisco vpn router such as a PIX
<kiall> Aha .. In that case ... pfsense will do what you need .. but wont be worth a thing for your CCNA since it aint cisco :)
<flaccid> yerp
<flaccid> if you wanna learn cisco console get a device with it
<kiall> you can get second hand cisco kit v.cheap on ebay .. well worth it if your serious about CCNA and above exams ..
<Ashtray777> which one of these should i get?  wow this has so much.
<Ashtray777> I want to do ssl and ipsec too!
<Ashtray777> http://www.amazon.com/s/?ie=UTF8&keywords=cisco+vpn+router&tag=googhydr-20&index=aps&hvadid=4112376355&ref=pd_sl_94bfgr0fzz_b
 * kiall glares at the pile of asa 5510's currently under my desk ;)
<kiall> well .. thats all cisco's home and small business range ..
<flaccid> get what you can afford and make sure it is not linksys
<Ashtray777> thats what I'm looking for right kiall ?
<flaccid> it needs to be a real cisco product
<kiall> well .. first ebay hit for "cisco CCNA" is http://cgi.ebay.ie/CISCO-CCNA-LAB-270-00-2620XM-2950-WIC-1T-DTE-DCE-/250722197987?pt=UK_Computing_NetworkSwitches_RL&hash=item3a603521e3#ht_3045wt_907
<Ashtray777> ok
<flaccid> cisco home = linksys
<kiall> 3x routers and 2x switches for 270 ;) .. so 1x should be cheap enough!
<Ashtray777> I really only want this for VPN functionality guys because I already have GNS3 router emulator
<flaccid> that contradicts your point on learning cisco
<flaccid> which then comes back to my original response
<flaccid> of using openvpn. if you aint going to have the hardware then whats the point
<flaccid> or do pfsense as per kiall
<Ashtray777> Will a $110 router create the VPN I need to do a VPC?
<flaccid> the cost of the router has nothing to do with requirements
<flaccid> will a $100 car get me to the corner store?
<kiall> flaccid, exactly ... for example .. here's a Â£35.25 router that I believe will work .. http://cgi.ebay.ie/CISCO-2611-CCNA-Router-WIC-1T-12-3-IOS-2610-Lab-/290495027881?pt=LH_DefaultDomain_3&hash=item43a2da5aa9#ht_1349wt_907
<Ashtray777> true, i was just wondering if that's the price I would expect to pay to meet those requirements
<flaccid> lol still searching with ccna in the product, thats hilaroius
<flaccid> i just use a pix 501
<flaccid> done.
<kiall> flaccid, yea .. people sell "CCNA kits"
<flaccid> lame
<kiall> Anyway .. Ashtray777 if your going for the CCNA .. Amazon VPC isnt on the exam .. your better off getting one of those "CCNA Kits" for Â£250ish and having a proper "lab" to experiment with.. you'll learn a hell of a lot more... oh and .. good luck ;)
<Ashtray777> I know Amazon VPC isn't on the exam =)  I just like learning different technologies.  Thanks for the help much appreciated.
<kiall> (or buy whatever pieces of kit you need individually .. makes no difference .. its all just second hand gear)
<flaccid> or just get a pix firewall and have the best of both worlds cheaper
<Ashtray777> yeah i'm thinking about a pix
<kiall> true .. but a single pix will work with VPC alright, but doesnt cover all the CCNA setup's your going to run into..
<Ashtray777> I dont plan on spending any money on CCNA "kits" though.
<flaccid> this channel is not about getting ccna qualified :)
<Ashtray777> I'm just going to have to learn in the classroom and with GNS3
<flaccid> lol
<kiall> lol .. that works too .. use the college lab ;)
<flaccid> well thats what they are for
<flaccid> if it is sufficient
<Ashtray777> u guys gave me lots of options so I'm going to need to re-read this conversation again.  hehe
<flaccid> omg. you might want to reconsider your profession then heh
<flaccid> sorry that was a joke
<Ashtray777> lol no worries
<flaccid> what you guys doing talking about hardware
<flaccid> cloud made me able to not go to hardware
<Ashtray777> i know right
<flaccid> i guess we'll consider vpn routers as donuts in the cloud
<Ashtray777> There's a BGP routing daemon in the Ubuntu Software Center
<kiall> quagga probably
<Ashtray777> yeah.  you know of it?
<kiall> Use it all the time .. but its only a small part of you need to get hooked up to VPC .. part of it being, you need your public IP to be the VPN termination point, which also needs to be running the BPG daemon (eg quagga).. so installing it on my PC probably wont help with getting it working .. at least - not without some other funky network setup
<Ashtray777> thanks, I'll take your word for it
<Ashtray777> no VPC until I get a real router or a box with pfsense
<kiall> If you can get your cable modem to pass the public IP directly to your PC (No form of NAT will not work), you can run quagga + racoon/openswan on your PC and get it going .. but most cable modems wont do that
<kiall> (No form of NAT will work*)
<kiall> Keeping using double and triple negatives for some reason .. and using them wrong at that.
<Ashtray777> over my head because this entire time I thought the public IP was simply my PC IP address
<kiall> your public IP is what you see when you go to http://checkip.dyndns.org
<Ashtray777> ok yeah, thats right.
<Ashtray777> my pc ip address
<kiall> (aka it doesnt start with 10. / 192.168 / 172.something)
<Ashtray777> yeah i'm not on a router
<Ashtray777> my ip starts with 68
<kiall> aha .. didnt know ISP's still gave out "true modems" that dont do any routing ..
<kiall> your in luck then ;)
<kiall> http://openfoo.org/blog/amazon_vpc_with_linux.html
<Ashtray777> :)
<kiall> Thats a guide for quagga + raccoon .. ;)
<Ashtray777> sweet!   thanks!!!
<kiall> No idea why I didnt think of that earlier .. ah well .. its early!
<Ashtray777> no matter, thanks so much
<Ashtray777> I need more coffee
<flaccid> yes kiall thats called bridging :)
<flaccid> your desktop OS is the router
<kiall> lol .. really? .. joking aside .. I've yet to see any CPE here (Ireland) that supports it ..
<kiall> guess other ISPs dont disable it like ours do ;)
<kiall> And .. I also noticed he kept calling it a "modem" .. Im so used to hearing that word and thinking "screwed up router" ;)
<kiall> rather than an actual modem with no routing functionality ;)
<flaccid> a modem is a modem
<flaccid> a router is a router
<flaccid> an example of a commonly used modem is a wireless usb stick
<kiall> of course .. but when 90% of people say the word "modem" to me .. they really mean "router" ... ;)
<flaccid> this plugs into your windows or whatever and your OS becomes the router
<flaccid> i don't make those kind of assumption and i prefer to educate if they are wrong
<flaccid> its a good idea to clarify what they are actually using
<kiall> just like when family/friends ask me to fix their god damn PC's .. "sure .. bring the PC over and I'll look - I just need the PC tho, not the keyb / mouse / screen .." .. they then arrive with the monitor .. just the monitor.
<kiall> So yea .. I make assumptions about what people say sometimes ;)
