/srv/irclogs.ubuntu.com/2011/08/29/#ubuntu-ensemble.txt

_mup_ensemble/expose-cleanup r337 committed by jim.baker@canonical.com01:37
_mup_Test new securitygroup function01:37
_mup_ensemble/expose-cleanup r338 committed by jim.baker@canonical.com02:23
_mup_Merged trunk & resolved conflicts02:23
_mup_ensemble/expose-cleanup r339 committed by jim.baker@canonical.com03:03
_mup_Fixed merge issues03:03
niemeyerGreetings!13:40
hazmatniemeyer, greetings13:55
hazmati do find the abbreviations to make reading the go branches a bit harder to read13:57
hazmatit would help if the abbreviations where at least documented once13:57
hazmat+type ifaceExpC struct {13:58
hazmatis interface expander c?13:58
hazmatthe variable declaration for the type uses stringC which i assume to be string constant.. but thats a different usage than the preceding statement that uses C for ?13:59
niemeyerhazmat: Checker14:09
niemeyerhazmat: That convention was used on every single type within schema.go14:09
niemeyerhazmat: I can rename it if it feels so tricky14:10
niemeyerhazmat: It's akin to _state, though14:10
hazmatniemeyer, its just that without that context it becomes harder to understand, i don't know that it needs renaming but a comment would be useful14:10
niemeyerhazmat: I'm happy to rename or to add the comment14:11
niemeyerhazmat: // The *C convention is used within schema.go for Checkers14:11
niemeyer?14:11
hazmatniemeyer, what's schema.M?14:12
niemeyerhazmat: That's documented14:13
niemeyerhazmat: 14:13
niemeyer/ All map types used in the schema package are of type M.14:13
niemeyertype M map[interface{}]interface{}14:13
hazmatniemeyer, ic14:13
niemeyerhazmat: This is just a handy alias to this type that allows building maps as14:14
niemeyerhazmat: schema.M{"a": 1}, etc14:14
niemeyerhazmat: map[interface{}]interface{}{"a": 1} would work, but.. :)14:14
hazmatindeeds its an improvement14:15
niemeyerhazmat: Yeah, this became clear in tests14:15
niemeyerhazmat: I wasn't using it before, but when I started to test the results in the formula work, got boring14:15
hazmatniemeyer, is this sort of multi-file lookup for abbreviations common in go?14:16
niemeyerhazmat: multi-file lookup?14:16
hazmatniemeyer, abbreviation used in one place, but needs to be tracked down to a different file to understand naming?14:17
niemeyerhazmat: Not a different file.. this is a package, and the type is defined and has meaning within the package itself14:17
niemeyerhazmat: schema.M is used for schemas only14:18
niemeyerhazmat: Just for comprehension, note that the file could be named foo.go14:18
niemeyerhazmat: The "schema" in "schema.M" comes from the package name, not the file name14:18
niemeyerhazmat: In other words, I wouldn't use schema.M in things not related to the schema itself14:19
hazmatniemeyer, their not different packages? one is ensemble/go/schema and ensemble/go/formula? 14:20
niemeyerhazmat: These are different packages, yeah14:20
niemeyerhazmat: In these terms it's quite similar to Python.. if you use ensemble.environment.Environment, you may go to ensemble.environment to see what's that14:22
hazmatniemeyer, so in this case we have one package's abbreviation being used in another package, the question is if that sort of usage is common?14:22
niemeyerhazmat: The distinction, as I was pointing out, is that unlike Python packages are multi-file14:23
niemeyerhazmat: It's not an abbreviation.. it's a type14:23
niemeyerhazmat: and the reason why the type is used in a different file is because we're using _schema_ in the other package14:24
hazmatniemeyer, the name itself is an abbreviation, its the name for a type14:24
niemeyerhazmat: It's not an abbreviation, it's a real type14:24
niemeyerhazmat: reflect.TypeOf(schema.M{}) != reflect.TypeOf(map[interface{}]interface{}{})14:24
hazmat"M" is not an abbreviation for MapType?14:25
niemeyerhazmat: Sorry, I see what you mean14:25
niemeyerhazmat: Yes14:25
niemeyerhazmat: Let me try to drive a parallel to show you what I mean14:25
hazmati think this would be much readable if we avoided cross package abbreviations, i'm just trying to understand if this usage is common in go14:26
niemeyerhazmat: Alright.. I'll put map[interface{}]interface{}{} back then14:28
hazmatniemeyer, i don't think thats any better, but is there a better name for the type?14:29
niemeyerhazmat: schema.M?14:29
niemeyerhazmat: That was my take on it.. makes building the map easier14:29
niemeyerhazmat: I've used the same convention in other marshalling modules14:29
niemeyerhazmat: But I won't bikeshed on that.. if you have other suggestions, I can change14:30
hazmatniemeyer, schema.SchemaMap ?14:34
niemeyerhazmat: Heh14:34
niemeyerhazmat: Duplicating the schema name won't make it handier or more readable in any way14:34
niemeyerhazmat: Also, what's the difference between schema.SchemaMap and schema.Map?14:35
niemeyerhazmat: I can rename schema.Map to ...14:36
hazmatMapChecker14:36
niemeyerhazmat: schema.GenericMap14:36
hazmatyeah.. that works as well, and M->Map14:36
niemeyerhazmat: I can do that as well, as long as you never complain again about naming things with _state.. ;-D14:36
niemeyerhazmat: Imagine how the schema definition would look like..14:37
hazmatniemeyer, sounds good as long as there no complaints about a -(_state) branch ;-)14:37
niemeyerhazmat: schema.MapChecker(schema.StringChecker(), schema.InterfaceChecker(....))14:37
hazmatyeah.. that's lame14:38
niemeyerhazmat: Ok, I'll do the name change14:38
niemeyerhazmat: But in a follow up branch if that's alright14:38
niemeyerSince it'll touch everything else14:38
hazmatniemeyer, feel to change it a different name, i just think having a common entry point into a package be an abbreviation also feels like a violation of encapsulation14:39
niemeyerhazmat: I don't understand how that could be the case14:40
niemeyerhazmat: There's zero encapsulation involved14:40
hazmatbecause it tends to require reading the relevant implementation to understand its use14:40
niemeyerhazmat: The only reason we use schema.M in formula is because we're dealing with the schema there14:40
niemeyerhazmat: I also don't think this is true.. you don't have to read the implementation to understand its use.. you have to read the documentation, which is a pretty general problem 14:42
niemeyerhazmat: It's like saying we need to read Python's json.dumps prototype to understand how to call it14:42
hazmatwhat it is and what its doing are fairly obvious by name alone, schema.M is not 14:43
niemeyerhazmat: Agreed.. it's a convention to be aware of14:43
hazmatso if your reading code that uses both, one is pretty clear without additional context and one is not14:43
niemeyerhazmat: The same convention is used in gobson and goyaml14:43
niemeyerActually, I lie.. gobson only it seems14:44
niemeyerAnyway.. I was explaining the POV14:45
niemeyerI'm fine with renaming it14:45
niemeyerhazmat: and answering your very first and simple question, no, this is not a general convention, and if it becomes one it's my fault ;-014:48
niemeyer;-)14:48
hazmatniemeyer, thanks, good to know14:50
_mup_ensemble/go-formulas r8 committed by gustavo@niemeyer.net14:52
_mup_Renamed schema.M/L to schema.Map/ListType14:52
_mup_Bug #836753 was filed: schema.M/L are not readable <Ensemble:In Progress by niemeyer> < https://launchpad.net/bugs/836753 >14:55
niemeyerfwereade: Gosh.. is all of that really needed for adding _http auth_?15:16
SpamapShttp://ec2-107-20-64-136.compute-1.amazonaws.com:8080/job/tested%20PPA/42/console15:38
SpamapSSo, other than the failure at the end because I forgot to quote the 'cd' ... first iteration of integration tests went well.15:39
SpamapSlp:~clint-fewbar/ensemble/jenkins-test-suite has the code under misc/jenkins15:39
SpamapSI need to break it up into 3 or 4 bash scripts.. but the interesting parts are wait4state and unit2machine .. which I think should become subcommands or at least helper args to some of the commands15:40
SpamapSwait4state especially would be best written as a zookeeper watch15:40
SpamapSOne thing I was struggling with was whether there was a way to address yaml nodes similar to xpath for xml.15:45
SpamapSThe way that wait4state works is pretty weird and crazy.. but it works for this specific job15:46
jimbakerSpamapS, taking a look15:47
jimbakerSpamapS, we should definitely make wait4state easier to do. as you said, it really should be using zk watch support15:48
jimbakerSpamapS, re some sort of xpath - really this is some sort of query syntax for working w/ python collections. there must be a number of packages out there to do just that15:50
jimbakerbiab, i have to go to a quick doctor's appt15:51
* SpamapS will have to vacate his house and go work at a co-working space in about an hour while the exterminators work. UGH15:51
fwereadeniemeyer: sorry, had to pop out -- and, as far as I can tell, yes it is15:54
fwereadeniemeyer: I looked pretty hard for alternatives I could piggyback on, but nothing seemed cleanly doable15:54
SpamapSfwereade: were you at least able to configure the webdav service to auth against cobbler, so the auth credentials can remain the same?15:58
fwereadeSpamapS: hm, I didn't think to try that -- if you don't specif separate cobbler credentials, it falls back to the orchestra ones16:01
fwereadeSpamapS: same model as the configurable storage-url -- if you don't include one, it assumes http://%(orchestra-server)s/webdav16:02
=== daker is now known as daker_
fwereadeSpamapS: but I have no idea how to set up cobbler and webdav with a shared auth source16:03
SpamapSfwereade: I forget what our default is, but https://fedorahosted.org/cobbler/wiki/CustomizableAuthentication has a run down on the auth methods possible.. authn_passthru would be the simplest way to get this done.16:04
SpamapSfwereade: actually authn_configfile will also work because we can point the webdav service at the same config16:04
fwereadeSpamapS: easier than I thought then :)16:05
fwereadeniemeyer: https://code.launchpad.net/~fwereade/ensemble/webdav-unicode-paths/+merge/72579 -- did you mean to mark that as approved for merge, or should I get someone else to give it a look?16:08
SpamapSfwereade: how well does urllib2 handle https btw?16:13
SpamapSfwereade: is it going to squawk because of self signed certs or anything like that?16:13
fwereadeSpamapS: hm, I have no idea16:14
SpamapSfwereade: I'd say that initially it *should* complain with invalid certs, but that we should make it easy to turn that off given Orchestra's "backoffice" role.16:15
kirklandSpamapS: certs for what?16:15
fwereadeSpamapS: wounds reasonable, but I'm not sure what context you're asking about16:15
SpamapSkirkland: for the webdav file storage16:15
kirklandSpamapS: RoAkSoAx is already using orchestra + preseed to install SSL certs in deployed guests16:16
kirklandSpamapS: for SSL protected rsyslog16:16
kirklandSpamapS: you should be able to just force the webdav to use those same certs16:16
SpamapSSeeing as formulas run as root and have no cryptographic verification built in.. its fairly important to consider the security implications they carry.16:16
kirklandSpamapS: or use the same mechanism to install additional certs16:16
SpamapSYeah that sounds good.16:16
SpamapSGive the admin a way to easily pull that in to his local cert store.16:17
SpamapSI think by default it should be easy and just work w/o intervention. I also think that if the admin needs/wants to crank up the security, they should be able to.16:18
SpamapS(And I'm sure some people will argue that by default it should be high security, and admins should be able to turn off security)16:19
niemeyeradam_g, negronjl, lynxman: ping16:24
negronjlniemeyer: pong16:25
niemeyernegronjl: Hey man16:25
negronjlniemeyer:  Happy Monday ( if there is such a thing ) :)16:25
niemeyernegronjl: Was just wondering about how you guys feel about how the package and code stability has been progressing16:26
niemeyernegronjl: Are you happy with it in general, or do you feel we've been breaking things too often somehow?16:26
negronjlniemeyer:  Althought I am very happy with the project in general, I would feel more confortable with some stable version of ensemble that, may not have all of the latest and greates features, but, it is stable.16:27
niemeyernegronjl: That's a bit different from the actual question.. I would like to have a stable version too :-)16:27
negronjlniemeyer:  I found myself with a very close call on NoSQL conference where I was scheduled to talk about Ensemble but, ensemble was broken16:27
niemeyernegronjl: The question is whether we've been breaking things often16:28
negronjlniemeyer:  not often no.16:28
niemeyernegronjl: Ok, cool.. I understand the desire for stability, and we're doing things to improve that16:28
niemeyernegronjl: I just want to make sure I understand the feeling16:28
negronjlniemeyer:  To clarify my earlier point.  It would help if there is a version in ensemble that would be considered stable enough and we can somehow pin it ( a /stable ppa or so ) until another version becomes stable enough and can replace it.  This would alleviate some of the issues that I experienced during NoSQL last week.16:30
negronjlniemeyer:  Just my thoughts.16:30
niemeyernegronjl: Sounds good.. I hope this is the version in Ubuntu16:31
* SpamapS too16:36
SpamapSnegronjl: to niemeyer's point, the version in Ubuntu is actually pretty stable. :)16:37
jcastroyes that's what I was using and it was working fine16:53
adam_gassuming whats in the archive is stable, it would good if nodes install straight from the archive by default, with the option to install a bleeding edge versin from ppa:ensemble/ppa (default now). 17:06
adam_gniemeyer: ^17:06
niemeyerfwereade: I did, sorry17:06
fwereadeniemeyer: thanks, no worries17:06
niemeyerfwereade: Marked it now17:06
niemeyerfwereade: Sad about the auth complexity :(17:06
fwereadeniemeyer: cheers17:06
fwereadeniemeyer: me too :(17:06
niemeyerfwereade: It's _auth_, for dev's sake17:07
fwereadeniemeyer: I came to terms with it eventually, but... quite17:07
ahasenackadam_g: you mean the nodes install something else? Like, trunk?17:08
adam_gahasenack: i just bootstrapped a node using 0.5+bzr330-0ensemble1, and userdata sets up access to the ppa instead of installing out of the archive17:09
ahasenackadam_g: is that ppa "bleeding edge"?17:10
adam_gahasenack: honestly do not know how/when/why packages get built and pushed there, but installing from there is where ive personally hit show stopper bugs.17:12
hazmatahasenack, the ppa is a trunk daily build17:12
ahasenackok17:12
niemeyerfwereade: Can't we use the same technique twisted.web._auth.digest uses, and rely on twisted.creds.credentials?17:15
niemeyerfwereade: It feels like you're reimplementing it17:16
fwereadeniemeyer: hm, I was put off by the privateness of the module, and assumed that something would end up breaking if I used a _kindaprivate module17:19
niemeyerfwereade: The _auth module has pretty much nothings inside it17:19
fwereadehm, I thought that was where the meat of it was17:19
fwereadeniemeyer: let me check again17:19
niemeyerfwereade: You're allowed to look inside private modules! ;-017:19
niemeyer:-)17:19
hazmat"_auth" ;-)17:20
hazmatthere's a bug open for it17:20
hazmatit might be nice to ask therve or free17:20
hazmator on #twisted17:20
niemeyerhazmat: There's nothing interesting inside it17:21
fwereadeniemeyer: well, crap, somehow I missed cred.credentials17:21
niemeyerhazmat: Besides a pointer to twisted.cred.credentials17:21
fwereadeniemeyer: I, er, did look :/17:21
fwereadeniemeyer: maybe I stopped looking at that point though :(17:21
niemeyerfwereade: Don't worry about it17:22
niemeyerfwereade: Maybe it's not even useful.. but certainly has very similar logic, so worth checking17:23
fwereadeniemeyer: definitely so, I'll give it a look17:23
niemeyerfwereade: In either case, the auth logic itself should be factored out of FileStorage17:23
niemeyerfwereade: and the file17:23
niemeyerfwereade: and put into its own module, and tested in isolation17:23
fwereadeniemeyer: it's not immediately apparent how to hook it up, but you're right, it's doing just the right thing17:23
niemeyerfwereade: This is a major missing piece in the http library, rather than part of the FileStorage problem17:23
fwereadeniemeyer: it didn't feel quite big enough to do that at the time, but you're right17:24
fwereadecheers17:24
hazmatas another way of getting basic auth into twisted web client ... http://code.activestate.com/recipes/525493-simple-crawler-using-twisted/17:24
niemeyerhazmat: Not sure about what's the point there?17:25
hazmatits a much simpler layering of basic auth onto twisted web client17:26
fwereadehazmat: surely basic auth is barely worth bothering with?17:26
niemeyerhazmat: Yeah, I'm trying to understand what's your underlying suggestion.. is it that we should use client.HTTPDownload?17:27
niemeyerfwereade: Can we?17:27
fwereadeniemeyer: use basic auth?17:28
hazmatfwereade, that's fair, its not secure over http, but over https its fine17:28
niemeyerhazmat: Use HTTPDownloader17:28
niemeyerErm17:28
niemeyerfwereade: Use HTTPDownloader17:28
fwereadeniemeyer: looking at it, we probably can, the only reason I didn't use getPage is because apparently I can't get at the reply headers17:29
niemeyerfwereade: gotHeaders?17:30
fwereadeniemeyer: yes indeed, that's on HTTPDownloader17:30
fwereadeniemeyer: so, looking at it, we probably can17:30
fwereadeniemeyer: I saw things saying "if getPage isn't good enough, use Agent"... so I used Agent :/17:31
fwereadeniemeyer: sounds like it's a solid "needs fixing" with a side helping of "lrn2google"17:32
fwereadeniemeyer: at least the code'll end up smaller :)17:32
niemeyerfwereade: Both approaches are surprisingly involved, to be honest17:32
fwereadeniemeyer: the creds stuff looks like it might be quite helpful, I'll look into that17:32
niemeyerfwereade: The approach referenced by hazmat seems slightly  better because it's more encapsulated than the one in your branch17:33
fwereadeniemeyer: there are approaches I didn't consider, so I should definitely look into them17:33
niemeyerfwereade: It should be possible to merge your auth with the simpler approach17:33
niemeyerhazmat: Which is why I was asking what was the underlying suggestion17:33
fwereadeniemeyer: ah, I see17:33
fwereadeniemeyer: I think it's worth spending a little while trying to hook up the cred.credentials solution though, that would be best17:34
niemeyerfwereade: Sounds good.. I'm happy with any of these options17:34
fwereadeniemeyer: anyway, I'm sorry to cut you off, but the calls for suppertime are becoming quite insistent17:34
fwereadeniemeyer: I'll try to have something better tomorrow17:35
niemeyerfwereade: The only thing that we should necessarily do is to factor that problem auth of the FileStorage17:35
niemeyers/auth of/out of/17:35
niemeyerContextual typo :)17:35
niemeyerSpamapS: This is sitting on our review queue for 2 weeks untouched: https://code.launchpad.net/~clint-fewbar/txaws/fix-s3-port/+merge/7128917:47
niemeyerSpamapS: Can you please address the points for getting it merged, or put it back in Work In Progress otherwise?17:48
SpamapSniemeyer: I started working on that about 30 minutes ago actually. :)17:50
niemeyerSpamapS: WOohay17:50
SpamapSniemeyer: just writing some test code. I addressed the first point before Robert made it. :)17:50
niemeyerSpamapS: Great timing then :)17:50
SpamapSniemeyer: It seems that all of the tests in txaws are functional tests.. I see no mocking for AWS17:51
niemeyerSpamapS: I've tweaked tests there before17:53
niemeyerSpamapS: There are unittests17:53
SpamapSjimbaker: so.. security group cleanup...18:12
jimbakerSpamapS, yes, it's about ready to land18:13
jimbaker(in expose-cleanup branch)18:13
SpamapSjimbaker: http://ec2-107-20-64-136.compute-1.amazonaws.com:8080/job/tested%20PPA/43/console18:14
SpamapSjimbaker: is that a bug?18:14
jimbakerSpamapS, expose-cleanup fixes this issue18:15
SpamapSjimbaker: so I have to manually delete all the groups before I can re-use the environment?18:16
jimbakerwhat we see here is generally seen when doing an immediate bootstrap after shutdown - the instance originally associated with this group is still around (in 'shutting-down' state) and so cannot be deleted18:16
jimbakerSpamapS, once expose-cleanup lands in trunk, you won't have to anything18:16
jimbakerthe other possibility is to just wait sufficiently long18:16
SpamapSjimbaker: the shutdown was 24 hours ago18:17
m_3I just wait it out18:17
m_3wow!18:17
jimbakerSpamapS, something is holding onto that security group then18:17
m_3usually cleans itself up after a few minutes18:17
jimbakerSpamapS, so expose-cleanup simply polls the instance state to see if they're terminated. if so, it can delete the associated security groups18:18
jimbakeror i should say, this polling is done in a revised shutdown_machines in ensemble.providers.ec218:18
jimbakerSpamapS, please check whether or not you can manually delete that security group18:19
jimbakerusing the AWS console18:19
jimbakeror tool of choice18:19
SpamapShow can I see what instances are in a group w/ the cmdline tools?18:19
jimbakerSpamapS, i don't believe that's directly possible, but i could be wrong18:20
jimbakeri know it's in the reservation part of the instance description18:20
SpamapShmm must have been transient18:21
_mup_ensemble/expose-cleanup r340 committed by jim.baker@canonical.com18:21
_mup_Merged trunk18:21
SpamapSits odd, my testing does shutdown+bootstrap pretty constantly.. maybe 10 seconds of lag between those two steps18:22
m_310s is rarely enough time... I usually let it sit for a minute between shutdown and the next bootstrap18:23
jimbakerSpamapS, that testing regimen is not going to work well until this cleanup occurs - it needs at least a couple of minutes in between for ec2 to properly cleanup18:23
SpamapSjimbaker: but it has worked maybe 20 times so far18:23
* m_3 surprised18:23
jimbakerSpamapS, i'm also surprised18:24
jimbaker:)18:24
jimbakersounds like ec2 was especially fast in its cleanup18:24
SpamapSI think the way I'll make it work is just to put each target in its own "environment"18:24
jimbakerSpamapS, that makes much more sense18:24
m_3good test of other things too :)18:24
SpamapSI need to find a way to generate and dump an environments.yaml into the test chroots anyway. :p18:25
jimbakerthat will definitely isolate18:25
_mup_ensemble/expose-cleanup r341 committed by jim.baker@canonical.com18:34
_mup_PEP8 & PyFlakes18:34
lynxmanniemeyer: pong, sorry it was bank holiday here in the UK18:34
niemeyerlynxman: Hey18:35
niemeyerlynxman: No worries18:35
jimbakerhazmat, i briefly looked at autodoc, but there seems to be some problem in our docstrings which is causing it to crash when i run  the sphinx build18:35
niemeyerlynxman: Was just wondering about how Ensemble has been treating you.. I've heard a few claims that you guys were facing problems with us introducing new bugs daily, but it sounds like it wasn't really the case18:35
lynxmanniemeyer: we had some stability issues in formulas indeed, but as soon as that happens we either ask here or open bug reports18:36
niemeyerlynxman: What kind of stability problem was that?  Just want to make sure I'm aware18:37
hazmatjimbaker, any tracebacks?18:37
jimbakerhazmat, sure, let me paste18:37
jimbakerhazmat, actually hold on that - i was going against my expose-cleanup branch, but i didn't want it to get mired in a bigger problem, so i reverted my sphinx conf changes18:38
jimbakerhazmat, just fairly simple - update conf.py, plus __init__.py (or use some third party gen scripts to do the walking)18:39
lynxmanniemeyer: in my case was just trying to make Ensemble work against openstack, but hazmat helped a lot on it so I didn't need to file any bugs18:40
jimbakerhazmat, docutils was crashing in its statemachine.py code w/ a recursion limit issue, so something was indigestible18:40
niemeyerlynxman: Ahh, ok18:40
lynxmanniemeyer: negronjl and iamfuzz are working on the cloudfoundry formulas which encountered more issues, which were raised on time18:40
niemeyerlynxman: Well.. OpenStack support is a minefield at the moment18:40
SpamapSso.. does ensemble make use of blueprints at all?18:40
jimbakerhazmat, anyway, i will recreate in a bit18:40
hazmatSpamapS, not really bcsaller1 and i where experimenting with them18:40
hazmatbut pretty much zero18:41
lynxmanniemeyer: it kinda is, but so far works pretty okay :)18:41
hazmatniemeyer, its not that bad18:41
niemeyerlynxman: That's good to know :-)18:41
SpamapSI was thinking of a suite of tools to make ensemble more command-line-useful ... waiting for states, outputting data about machines/services that is not yaml.. and exit codes to differentiate permanent and transient errrors.18:41
lynxmanniemeyer: as said, hazmat helped a great deal18:41
hazmatniemeyer, the ec2 compatibility issue they have marked as a bug, although its unclear when they'll fix it.. but just as far as impact to the ec2 provider, its like a dozen lines18:42
jimbakerSpamapS, maybe "ensemble watch"18:42
niemeyerhazmat: Yeah, I'm more concerned in conceptual terms than in terms of the particular issue18:42
hazmatnot including tests of course18:42
jimbakerSpamapS, another thing that might be useful is to have a wait-for ensemble is ready command18:42
niemeyerhazmat: It doesn't feel like there's serious interest in preserving the compatibility18:42
hazmatniemeyer, so they will fix ec2 bugs, but not s3 is what i got out of it18:42
hazmatniemeyer, agreed about the overall compatibility.. they have a layer, it has tests, they won't break it, but if something doesn't work, we'll probably need to make it do so18:43
jimbakerSpamapS, there are now at least two places that do that last bit for the ec2 provider (via polling ec2_describe_instances); in particular ftests have this functionality18:43
SpamapSjimbaker: right, there's really a swath of changes that need a binding purpose.. this is what blueprints are for18:43
jimbakerm_3, i would assume this wait-for-ensemble command would be useful for you too18:44
hazmatniemeyer, they have an ec2 compatibility bug for the security group work, that ensemble needs, its still marked as a bug as opposed to the s3 one.18:44
hazmathttps://bugs.launchpad.net/nova/+bug/82960918:44
_mup_Bug #829609: EC2 compatibility describe security group returns erroneous value for group ip permissions <Ensemble:In Progress by hazmat> <OpenStack Compute (nova):Confirmed> < https://launchpad.net/bugs/829609 >18:44
SpamapSjimbaker: actually I'd say that zookeeper is the system of record... so polling zk is the only sensible thing to do.18:44
jimbakerSpamapS, also in ftests18:44
jimbakerspecifically a watch for our ZK nodes created by ensemble18:45
niemeyerhazmat: Good to know about their feeling about that, thanks18:45
jimbakerlet me push what i have for that - not yet sufficiently robust, but at least it usually works18:46
hazmatdepending on the command probably an agent watch for unit or machine18:46
_mup_ensemble/fix-functional-testing r334 committed by jim.baker@canonical.com18:47
_mup_Better branch identification18:47
jimbakerSpamapS, i don't like ensemble.ftests.test_ec2_provider.EC2MachineTest.assert_node yet, but it's on the right path18:49
jimbakernote that we still need to poll ec2 first, then *watch* zk18:49
SpamapSjimbaker: well my point is that this is something to plan at a larger scale than solving each of these issues one by one.18:50
SpamapSjimbaker: there's a real use case for using ensemble in jenkins for instance.18:50
SpamapSjimbaker: you only need to ask the provider for the seed so you can find zookeeper. After that you wait for zookeeper, then you listen to zookeeper.18:51
jimbakerSpamapS, agreed with that approach18:51
m_3jimbaker: yes, something that gives us that functionality18:56
SpamapSugh these test cases are really oddly organized18:58
hazmatSpamapS, yeah.. you need an output capture from openstack effectively19:03
SpamapShazmat: for what I did, I just need to verify that the port is put back into the generated urls actually. :)19:03
hazmatSpamapS, that sounds much nicer ;-)19:04
hazmatfixing the security group parsing needs a response output capture to verify the implementation19:04
SpamapShazmat: right, that one at least is being discussed upstream as being fixed .. tho probably not in diablo. :(19:05
SpamapShrm.. txaws's test cases that use venusian fail when it is installed .. looks like they were written to a different venusian api19:13
SpamapShttp://paste.ubuntu.com/677409/19:14
_mup_ensemble/trunk r335 committed by jim.baker@canonical.com19:31
_mup_merge expose-cleanup [r=niemeyer,fwereade][f=824219]19:31
_mup_For EC2: shutting down machines removes machine security groups;19:31
_mup_destroying the environment removes the environment security group.19:31
niemeyerjimbaker: Just double checking: have you tested it with a real interaction on _trunk_?19:32
jimbakerniemeyer, i will double check it one more time - it has worked every time, but i will check as pushed19:33
niemeyerjimbaker: Awesome, thanks a lot19:33
ahasenackSpamapS: txaws needs venusian 1.0a1 at least, it was just released19:33
niemeyerSpamapS: your opinion on this would also be welcome19:33
jimbakerniemeyer, looks good as pushed with bouncing repeatedly (ensemble bootstrap && ensemble shutdown && ...), this was the pathological case of what the cleanup now fixes19:36
jimbakerSpamapS, m_3 - but nothing like real usage. so please tell me if this doesn't fix the problem you've been seeing19:38
m_3jimbaker: will do19:38
jimbakerm_3, thanks!19:39
SpamapSso, I just realized a big problem19:39
SpamapSEnsemble by default pulls itself on deployed machines from the PPA19:40
SpamapSThis means that if ensemble is being driven from, say, mac ports.. at revision 295 .. it may deploy incompatible versions of ensemble onto the machines.19:40
SpamapSI *think* have an answer for this.. but it may be a little bit weird...19:41
jimbakerSpamapS, there's an outstanding bug about this that i started looking into19:42
jimbakerbug 82814719:42
_mup_Bug #828147: Ensemble branch option needs to allow for distro pkg, ppa, and source branch install <Ensemble:New for jimbaker> < https://launchpad.net/bugs/828147 >19:42
jimbakerSpamapS, it's not quite what you described just now, but it does allow for precise specification of what it should be on the target environment19:43
SpamapSjimbaker: it has to automatically choose itself though19:45
jimbakerSpamapS, exactly, it would be nice for an automagic option in ensemble-origin19:45
SpamapSI can't think of any time where I want to, by default, deploy something other than what I'm running.19:45
SpamapSunless we guarantee backward compatibility19:45
jimbakerSpamapS, we actually are planning to do just that for client access19:46
hazmatjimbaker, we're not guaranteeing backward compatibility19:46
jimbakerthere's now a protocol version that's stored in zk (in the topology node to be precise); it's checked for compatibility on every operation working w/ topology (which is most of them)19:46
hazmatwe're just detecting a conflict19:46
jimbakerhazmat, sorry i've reinterpreted the problem so it works like you said :)19:47
jimbakerwe only guarantee backwards compatibility if the protocol version is compatible19:47
jimbakerthis still allows for some wiggle room19:48
hazmatSpamapS, the txaws tests run fine on natty fwiw19:49
SpamapShazmat: yeah the tests run fine for me w/o venusian19:49
SpamapSon oneiric19:49
* ahasenack is invisible19:51
hazmatSpamapS, ping me when you've got tests pushed, i'll merge to my updated my branch (~hazmat/txaws/fix-s3-port-and-bucket-op/) and push for review19:54
niemeyerhazmat: Does that look good:20:00
niemeyerc.Assert(meta.Provides["server"], Equals, formula.Relation{Interface: "mysql"})20:00
niemeyer?20:00
hazmatniemeyer, that looks great20:01
niemeyerhazmat: Awesome, I'll move forward with it then, thanks20:01
SpamapShazmat: I pushed over an hour ago20:03
hazmatSpamapS, awesome, good to know, i'll merge and push the additional fixes for review, thanks20:03
OldSchooldoes ensemble have to be used w/ EC2 or can you use it with, say, an in-house ESXi environment?20:03
OldSchoolah, wait, found the FAQs finally20:04
hazmatOldSchool, no esxi support at the moment, ensemble supports pluggable providers, and we're working on some additional ones at the moment (physical machine, openstack, local dev), but no plans atm for esxi 20:04
SpamapShazmat: no, thank *you* :)20:04
OldSchoolthank you20:06
hazmatOldSchool, it shouldn't be too bad to add one, implementing a provider has gotten cleaned up quite a bit, and made easier, but its probably going to need community contribution.. if your interested folks around here be happy to help you out20:06
OldSchoolsweet, I just heard about it from a Canonical rep on Friday after doing some tinkering w/ Puppet and Landscape20:07
OldSchoolI only admin 4-5 Ubuntu boxes at work and they're pretty self-sufficient, I'm just always interested in automation, more curious for future projects20:08
hazmatOldSchool, if you want to give ensemble a test drives, its probably to use ec2.. we'll be supporting a local development mode in the 11.10 release for ubuntu laptop/desktops which will also allow some experimentation and test driving20:12
hazmats/probably/probably best20:13
OldSchoolawesome20:22
OldSchoolI'll have to try out EC220:22
OldSchoolthanks for your help, gotta run but I'm sure I'll be around20:26
=== daker_ is now known as daker
SpamapSargh, why does vim think 'description:' needs to be un-indented in yaml?21:34
_mup_ensemble/go-formulas r9 committed by gustavo@niemeyer.net21:50
_mup_Adding sample formula repository content for tests.21:50
_mup_ensemble/go-formulas r10 committed by gustavo@niemeyer.net21:51
_mup_Added support for pasing relations within the formula metadata.21:51
_mup_This completes support for formula metadata parsing.21:51
_mup_Bug #837027 was filed: Formula metadata parsing in Go must be completed <Ensemble:New> < https://launchpad.net/bugs/837027 >21:55
_mup_ensemble/stack-crack r329 committed by kapil.thangavelu@canonical.com21:58
_mup_be flexible about int vs. str status codes, remove error test relying on error result response parsing.21:58
_mup_ensemble/stack-crack r330 committed by kapil.thangavelu@canonical.com22:04
_mup_remove the ec2 key name usage, to verify its nesc.22:04
botchagalupeensemble: environments22:28
botchagalupeenvironments:22:28
botchagalupe  sample:22:28
botchagalupe    type: ec222:28
botchagalupe    control-bucket: ensemble-9cb5c6eea8334c9780078fe63f6ccdb022:28
botchagalupe    admin-secret: 06ae08af8e0f4dd79180401bc28824b022:28
botchagalupeaccess-key: AKIAISCMJNNSSTGM4L2A22:28
botchagalupesecret-key: PAWXMkTfIpfySaYuayzK3jnGOmOBBzodJ9ysyqPW22:28
botchagalupeThat does't work and this does...22:28
botchagalupeensemble: environments22:28
botchagalupeenvironments:22:28
botchagalupe  sample:22:28
botchagalupe    type: ec222:28
botchagalupe    control-bucket: ensemble-9cb5c6eea8334c9780078fe63f6ccdb022:28
botchagalupe    admin-secret: 06ae08af8e0f4dd79180401bc28824b022:28
botchagalupe    access-key: AKIAISCMJNNSSTGM4L2A22:28
botchagalupe    secret-key: PAWXMkTfIpfySaYuayzK3jnGOmOBBzodJ9ysyqPW22:28
botchagalupealso any help on how to pre-seed a environments.yaml file before the bootstrap?22:29
niemeyerbotchagalupe: Hey22:32
niemeyerbotchagalupe: I'm not sure I get the pastes.. do you mean you'd like to have global access/secret keys?22:33
niemeyerbotchagalupe: The file format is yaml, so the indentation indeed matters22:33
niemeyerbotchagalupe: In terms of pre-seeding, you can just drop it in place and Ensemble will rely on the pre-existing one22:34
niemeyerbotchagalupe: pre-existing environments.yaml, that is22:34
niemeyerbotchagalupe: You can hand-pick all the values.. Ensemble doesn't really need anything special in there as long as you provide valid data22:34
botchagalupeno if I indent the access-key in col 1 the bootstrap fails22:37
botchagalupeugly in col 1 but ugly not to support it...22:38
botchagalupemy bad… sorry… 22:38
botchagalupecol… will it override the the bucket and oter key values… I will give it a try .. thanks… 22:40
niemeyerbotchagalupe: Yeah, the key is part of the environment, so it has to be indented with the environment fields itself22:47
niemeyerbotchagalupe: That said, you can also use environment variables for the keys22:47
niemeyerbotchagalupe: As standard for the ec2-* tools22:47
niemeyerbotchagalupe: and omit them from the env entirely22:47
niemeyerbotchagalupe: AWS_ACCESS_KEY_ID etc22:48
botchagalupeSaw that in the doc.. I was trying to pre seed in a chef cookbook for quick setup…  22:51
hazmatbotchagalupe, you can also set it in environment variables23:06
niemeyerbotchagalupe: Quite interesting23:07
hazmatbotchagalupe, ie. AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY23:08
jcastroit would be a nice convenience feature to spit out the link to the keys on AWS when you try to bootstrap and it doesn't find anything23:09
niemeyerhazmat: I just said that :)23:10
hazmatniemeyer, oh.. my proxy disconnected for a few minutes, i missed about 20m of the conversation it looks like23:10
niemeyerjcastro: You mentioning the env variables as well?23:11
niemeyerhazmat: Aha, ok :)23:11
hazmathmm.. having some problems on canonistack connectivity23:27
hazmatlooks like the s3server is hosed23:35
_mup_ensemble/stack-crack r331 committed by kapil.thangavelu@canonical.com23:42
_mup_verify txaws branch support23:42

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!