[00:19] <SpamapS> hlan: euca-get-console-output can be helpful
[00:19] <SpamapS> hlan: or ec2-get-console-output if you prefer :)
[00:24] <hlan> SpamapS: is this the same as "Get system log" in the ec2 gui?
[00:24] <SpamapS> hlan: probably, I've never used the gui
[01:10] <hlan> I just installed the daily precise ami I found here http://uec-images.ubuntu.com/precise/current/
[01:10] <hlan> as I probably need to update the kernel ASAP.
[01:10] <Laice> hey there
[01:10] <hlan> I see some weird daemons running... "whoopsie"
[01:11] <Laice> got an issue with 3 dedicateds when we set a keepalive on the ssh connection is constantly refused
[01:11] <Laice> ending up in us having to reimage the servers ¬.¬
[01:11] <hlan> the biggest problem is that dnsmasq is running for some reason and it's preventing me from booting my DNS server
[01:14] <hlan> how can I remove dnsmasq... apt-get tells me that dnsmasq isn't even installed??
[01:14] <hlan> and I can't find anything in init.d
[01:17] <blendedbychris> i had a do-package-upgrade going and i got disconnected from ssh… can i resume the upgrade somehow (or the ssh session) ?
[01:18] <blendedbychris> release-upgrade*
[01:25] <Laice> i'm having problems with ssh aswell
[01:27] <greppy> blendedbychris: I know it won't help this time, but you may want to look at using screen or tmux in the future...
[01:31] <DiabolicalGamer> I'm attempting to setup a MaaS server on Ubuntu 12.04, but my nodes keep hanging at "init: cloud-init-nonet main process (256) killed by TERM signal"
[01:31] <DiabolicalGamer> Can anyone help?
[01:31] <bigjools> I can try
[01:31] <DiabolicalGamer> Thanks :-)
[01:32] <bigjools> having said that I am more familiar with the webapp side of things than cloud-init
[01:32] <bigjools> smoser, any idea? ^
[01:33] <DiabolicalGamer> hmm, if I could login to the nodes themselves or access their logs that would really help
[01:41] <hlan> after upgrading to precise htop shows weird ââ characters in the process list... weird
[01:41] <hlan> perhaps some unicode support or something that messes with the layout?
[01:42] <DiabolicalGamer> I think I may have found the problem...
[01:43] <DiabolicalGamer> http://pastebin.com/JPw9F5FN
[01:43] <DiabolicalGamer> My apache error log is full of these and they appear whenever the cloud-init-nonet runs
[01:44] <DiabolicalGamer> any ideas?
[01:44] <hlan> crap, just tested upgrading to ubuntu precise to fix my ec2 kernel crash, just had the exact same behavior :/
[01:45] <hlan> so I just ruled out upgrading from 3.0 to 3.2
[01:45] <hlan> and the system log is dead silent as usual...
[01:45] <bigjools> DiabolicalGamer: ah I know
[01:45] <bigjools> DiabolicalGamer: the clock is wrong on the node
[01:45] <DiabolicalGamer> lol
[01:45] <DiabolicalGamer> is that all?
[01:45] <bigjools> well either the node or the maas server
[01:46] <DiabolicalGamer> *facepalm*
[01:46] <bigjools> yeah, it breaks OAuth if they are too different
[01:46] <DiabolicalGamer> it must be the nodes then because I configured the system clock when I installed ubuntu on the cloud controller
[02:02] <DiabolicalGamer> is there a way to force the nodes to run ntp-update?
[02:03] <DiabolicalGamer> *ntpdate
[02:12] <DiabolicalGamer> OMG it worked!
[02:12] <DiabolicalGamer> Thanks bigjools
[02:12] <bigjools> DiabolicalGamer: yay!
[02:13] <bigjools> we know this is a bug, just need to work out a good way of fixing it
[02:13] <DiabolicalGamer> That error should be much more noisy.
[02:13] <DiabolicalGamer> like "Hey guy you forgot to set your clock!"
[02:13] <DiabolicalGamer> lol
[02:13] <bigjools> it should not be noisy at all, it should work
[02:14] <DiabolicalGamer> I had to set my clock to a weird time to get it working
[02:14] <bigjools> weird as in "eleventy past fiveses" ?
[02:15] <DiabolicalGamer> I think it has to do with timezones or something
[02:16] <DiabolicalGamer> I just did the math and changed it to what "should" work and it did
[02:18] <Laice> *punches sshd_config in the face*
[02:23] <blendedbychris> testing?
[02:24] <blendedbychris> Hey all.. I just upgraded to ubuntu precise and my interfaces are not coming up for some reason… any help?
[02:24] <blendedbychris> They are still configured from my lucid install
[02:24] <Laice> you updated to 12.04 beta?
[02:24] <blendedbychris> yes
[02:25] <Laice> what's in the interfaces file
[02:26] <blendedbychris> eh crap uhm
[02:26] <Laice> "/etc/network/interfaces
[02:26] <Laice> ignore the "
[02:26] <blendedbychris> gotta type this out really stupid pptp is all forwarded
[02:26] <blendedbychris> auto eth0
[02:26] <blendedbychris> iface eth0 inet static
[02:26] <blendedbychris> pre-up /usr/sbin/ethtool -s eth0 speed 1000 duplex full autoneg on
[02:27] <Laice> use paste.ubuntu.com mate
[02:27] <blendedbychris> address 10.16.26.135
[02:27] <blendedbychris> can't :(
[02:27] <Laice> :'(
[02:27] <blendedbychris> I promise I would
[02:27] <blendedbychris> I'd have to disconnect from my kvm
[02:27] <blendedbychris> netmask 255.255.255.192
[02:27] <Laice> is 10.16.26.135 an internal?
[02:27] <blendedbychris> up route add -net 10.0.0.0/8 gw 10.16.26.129
[02:28] <blendedbychris> yes
[02:28] <blendedbychris> really just worred about that atm
[02:28] <Laice> i can't see an external ip
[02:28] <Laice> that why you can't connect?
[02:28] <blendedbychris> i'm just worried about the internal atm… ifconfig has neither interface listed just lo
[02:28] <Laice> hmm
[02:29] <blendedbychris> maybe a driver issue?
[02:29] <blendedbychris> or pre-up ?
[02:29] <Laice> does iftop bring any interfaces up
[02:29] <blendedbychris> oh ya… there's no such thing as /usr/sbin/ethtool
[02:29] <Laice> was this a dist-upgrade from your provider or using one of their images?
[02:30] <Laice> sorry brb one sec
[02:30] <blendedbychris> well provider to precise
[02:30] <blendedbychris> i'm going to comment out the pre-p crap
[02:31] <blendedbychris> ya that fixes it
[02:31] <blendedbychris> any idea if that's necessary?
[02:33] <Laice> pass varies by provider
[02:33] <Laice> tbh on the dist upgrade
[02:33] <Laice> it should have asked you about changes to the interfaces file
[02:34] <Laice> showing you what lines it wanted to add and which lines it wanted to remove.
[02:34] <blendedbychris> well I'm sure there were no changes
[02:34] <Laice> *sets up 4th dedicated server in 24 hours*
[02:34] <Laice> well technically 7th if you include the 3 i bricked ¬.¬
[02:34] <blendedbychris> but /usr/sbin changed to /sbin
[02:37] <Laice> on my fresh 11.10 installs i have one in both /sbin and /usr/sbin
[02:39] <hlan> I don't have any "/proc/sys/fs/inode-max", why is that? :/
[02:39] <Laice> nor do it
[02:39] <Laice> i*
[02:46] <Laice> 3 terminals open one on each desktop pasting the same line into every one.  Joy. lol.
[02:47] <blendedbychris> is there an easy way to create an image of a server?
[02:48] <Laice> clonezilla
[02:49] <blendedbychris> Laice: does that work for ext4?
[02:49] <blendedbychris> or a better question why would i use that vs dd
[02:53] <blendedbychris> bleh
[02:54] <Laice> pass
[02:54] <blendedbychris> huh?
[02:54] <Laice> i'm passing the question :P might say on clonezilla.org
[02:54] <blendedbychris> i don't even know how to get started using clonezilla heh
[02:54] <blendedbychris> especially in a hosted environment
[02:55] <Laice> if all else should fail PUSH ALL OF THE BUTTONS.  something will happen eventually
[02:55] <blendedbychris> he
[02:55] <Laice> the faster you push the buttons the better the server admin you are :p
[02:56] <Laice> plus it makes you look more clever.  Mostly as they can't see you're flailing around xD
[02:56] <blendedbychris> bleh this isn't worth the effort
[02:57] <Laice> how much do you pay for your vps?
[02:57] <blendedbychris> i wanted to clone a clean precise install so i didn't have to go through that networking crapola
[02:57] <blendedbychris> oh we use softlayer and get ripped of royally for our vps
[02:57] <Laice> get a kimsufi dedicated
[02:57] <Laice> cheap as hell
[02:57] <blendedbychris> not my decision
[02:57] <Laice> is in europe anyway
[02:57] <Laice> heh
[02:57] <Laice> money speaks louder than words :P
[02:58] <blendedbychris> i use linode for my nonwork stuff
[02:58] <blendedbychris> the big factor though for work is we need some sort of mass storage
[02:58] <blendedbychris> and most vps providers don't really offer that
[02:58] <Laice> it amazes me that people go for a VPS when dedicateds work out to be better value and in many cases cheaper.
[02:59] <blendedbychris> yea when you start adding more storage dedicated is cheaper
[02:59] <Laice> 20$ per month gets me 5TB bandwith a 4 core 1.8ghz atom and 2gb ram.  perfect for small hostings
[02:59] <Laice> which is why we have a cluser of them :P
[02:59] <blendedbychris> atom wtf?
[02:59] <Laice> cluster*
[03:00] <Laice> better than someone screwing your vps's cpu
[03:00] <blendedbychris> linode is the same but you share 8cpu 4cores
[03:00] <Laice> euch
[03:00] <Laice> it's the "share" bit i hate
[03:00] <blendedbychris> lmfa my news just had a image they showed online that had a watermark "Web Viewing Only"
[03:01] <blendedbychris> er
[03:01] <blendedbychris> on tv rather
[03:01] <Laice> *picards*
[03:01] <blendedbychris> Laice: do you know of a quick way to copy a server to another?
[03:01] <blendedbychris> same hardware and drives
[03:01] <Laice> clonezilla.
[03:02] <blendedbychris> would i boot the livecd on a new server?
[03:02] <blendedbychris> the*
[03:02] <Laice> does support ext4 looking at this http://clonezilla.org/
[03:04] <Laice> looks like you can save the image to another partition
[03:04] <blendedbychris> my issue is i use the whole drive though?
[03:05] <blendedbychris> bleh
[03:05] <blendedbychris> too much of a hassel
[03:05] <Laice> no pain no gain
[03:05] <Laice> or in this case, no pain in reimaging :P
[03:06] <Laice> i swear i'm gonna make a script for configuring the server automatically once it's reimaged
[03:06] <blendedbychris> the stupd little 1gb storage they give you for this kind of crap isn't even working
[03:06] <Laice> lol made me laugh they offer you at ovh for $1 per month a technitian will walk into the data cente and plug a usb stick in.
[03:07] <blendedbychris> bargain
[03:07] <Laice> probably would get annoyed about me ringing up and saying "uh, could you plug it into this server now please, now this one, now this one...."
[03:07] <blendedbychris> retards just jumped into the pool outside…. it's like 60degs
[03:08] <blendedbychris> "ohhh it's so cold"
[03:08] <the1_> anyone here knows how to assign variables in #cloud-config user-data so I use the values multiple times?
[03:15] <twb> blendedbychris: 60 is warm unless you're a silly yankee imperialist
[03:15] <twb> Or I guess a scientist...
[03:17] <Laice> what's that in real money (*C)
[03:17] <DiabolicalGamer> Okay another road block here... MaaS is working, but now JuJu is complaining.
[03:17] <blendedbychris> or live in texas
[03:20] <DiabolicalGamer> http://pastebin.com/wTWBAXeS
[03:20] <DiabolicalGamer> Any help would be greatly appreciated.
[03:21] <twb> This whole cloud thing is actually secrets just a game to make up as many acronyms as possible, isn't it
[03:21] <twb> s/secrets/secretly/
[03:22] <DiabolicalGamer> I was beginning to wonder that myself
[03:29] <DiabolicalGamer> http://pastebin.com/LqkjUzvR
[03:29] <DiabolicalGamer> So it seems like juju is breaking the maas api
[03:29] <DiabolicalGamer> Any ideas?
[03:32] <blendedbychris> http://www.youtube.com/watch?feature=player_embedded&v=DbkvYMIjIu4
[03:43] <bigjools> DiabolicalGamer: looking for you now
[03:43] <DiabolicalGamer> thanks
[03:44] <bigjools> DiabolicalGamer: is this the first time you ran bootstrap?
[03:44] <DiabolicalGamer> yes
[03:44] <bigjools> which version of juju are you using?
[03:45] <bigjools> if it's the latest from the ppa that's ok
[03:45] <DiabolicalGamer> latest ppa
[03:45] <bigjools> the whole maas server log would be useful too
[03:47] <DiabolicalGamer> the /var/log/maas/maas.log?
[03:48] <bigjools> DiabolicalGamer: yes
[03:52] <DiabolicalGamer> bigjools: Here -> http://pastebin.com/i9VPmJAn
[03:54] <bigjools> DiabolicalGamer: you have done something weird with your database
[03:54] <DiabolicalGamer> It's a fresh install
[03:55] <bigjools> you added some nodes?
[03:55] <DiabolicalGamer> Yes
[03:55] <DiabolicalGamer> Two
[03:55] <bigjools> what status are they
[03:55] <bigjools> ?
[03:55] <DiabolicalGamer> Ready
[03:55] <bigjools> ok so you commissioned them already?
[03:55] <DiabolicalGamer> Yes
[03:56] <bigjools> can you try destroying the juju env and bootstrap again
[03:56] <bigjools> this is obviously a bug but I want to try and work out where the problem is before you delete the evidence :)
[03:57] <DiabolicalGamer> hmm I'm not sure what you mean by destroying juju
[03:57] <DiabolicalGamer> do u mean purging?
[03:57] <bigjools> juju destroy-environment
[03:57] <DiabolicalGamer> oh lol
[03:58] <bigjools> something is out of sync between juju and maas
[03:58] <bigjools> so let's start from scratch
[03:58] <DiabolicalGamer> okay done
[03:59] <bigjools> and bootstrap again
[03:59] <DiabolicalGamer> hmm same error
[04:00] <bigjools> ok
[04:00] <DiabolicalGamer> 2012-04-17 20:59:48,751 INFO Bootstrapping environment 'maas' (origin: ppa type: maas)... Unexpected Error interacting with provider: 500 INTERNAL SERVER ERROR 2012-04-17 20:59:49,100 ERROR Unexpected Error interacting with provider: 500 INTERNAL SERVER ERROR
[04:00] <bigjools> not sure if this works on the packaged version, but try "maas dbshell"
[04:00] <bigjools> should get a psql prompt
[04:01] <DiabolicalGamer> lol sudo thinks maas is a user not a command
[04:01] <bigjools> it is :)
[04:02] <DiabolicalGamer> I know, but it's asking for the password linked to the maas account rather than mine when I sudo
[04:03] <DiabolicalGamer> I don't know it's password
[04:03] <bigjools> it doesn't have one IIRC
[04:04] <bigjools> sudo -u maas maas dbshell ?
[04:06] <DiabolicalGamer> psql: fe_sendauth: no password supplied
[04:06] <DiabolicalGamer> won't let me in
[04:06] <DiabolicalGamer> even if I sudo su -
[04:06] <bigjools> darn it, ok sorry I'm not too familiar with what happened in the packaging, I only worked in the dev environment.  Ummm let me think
[04:07] <bigjools> try adding a PGUSER=maas
[04:08]  * bigjools clutching at straws
[04:09] <DiabolicalGamer> hmm no go
[04:09] <DiabolicalGamer> even used passwd to assign maas a password
[04:09] <DiabolicalGamer> still nothing
[04:09] <bigjools> yeah it's the DB password
[04:09] <roaksoax> DiabolicalGamer: did you upgrade or where did you see that issue?
[04:10] <bigjools> roaksoax, my man!
[04:10] <roaksoax> DiabolicalGamer: the password one? what versions of maas are you using?
[04:10] <roaksoax> bigjools: lol
[04:10] <DiabolicalGamer> one sec
[04:10] <bigjools> roaksoax: trying to get a psql prompt on his maas db
[04:11] <bigjools> so I can see what state the nodes are in etc
[04:11] <fjlacoste> DiabolicalGamer: do you have a ssh key created?
[04:11] <DiabolicalGamer> yes
[04:11] <bigjools> fjlacoste: he's not getting that far
[04:11] <fjlacoste> DiabolicalGamer: the pastebin you provided is cropped
[04:11] <DiabolicalGamer> following: https://help.ubuntu.com/community/UbuntuCloudInfrastructure
[04:11] <bigjools> something is blowing up with bootstrap
[04:12] <fjlacoste> DiabolicalGamer: can you paste them again with full line length?
[04:12] <fjlacoste> (without the $ add the end)
[04:12] <bigjools> and from the logs, some of the nodes are already allocated but in status READY
[04:12] <bigjools> fjlacoste: http://pastebin.com/i9VPmJAn
[04:12] <DiabolicalGamer> sure moving the log from linux to windows must've messed it up
[04:13] <bigjools> the full one you did is fine
[04:13] <roaksoax> sudo maas dbshell needs a password
[04:13] <fjlacoste> bigjools: that error is a red herring
[04:13] <fjlacoste> it's because public-keys raise a 404
[04:13] <roaksoax> you'll find the DB pass in /etc/maas/maas_local_settings.py
[04:13] <fjlacoste> which is expected behavior
[04:13] <bigjools> fjlacoste: not convinced about that
[04:13] <fjlacoste> bigjools: i am *sure* about this
[04:13] <DiabolicalGamer> I didn't have my ssh key set at first, then I set it.
[04:13] <fjlacoste> i have seen that error several times
[04:13] <bigjools> fjlacoste: ok :)
[04:13] <fjlacoste> and it's benign
[04:14] <fjlacoste> simply add ssh keys to your account and it will disappear
[04:14] <fjlacoste> but it's not the root cause
[04:14] <bigjools> weird
[04:14] <bigjools> wtf is causing that
[04:14] <bigjools> the maas api doesn't care about ssh keys
[04:14] <DiabolicalGamer> I already have an ssh key added...
[04:14] <bigjools> maas api for juju I mean
[04:15] <DiabolicalGamer> okay I got into the postgre shell
[04:15] <fjlacoste> ah, i know what it is
[04:15] <fjlacoste> that's because the owner isn't created
[04:16] <bigjools> fjlacoste: I think commissioning left the user allocated on the node
[04:16] <fjlacoste> yeah
[04:16] <fjlacoste> we fixed that
[04:16] <bigjools> we did
[04:16] <bigjools> but which version is he using? :)
[04:16] <roaksoax> but that's not in archives
[04:16] <fjlacoste> DiabolicalGamer: are you running the latest package from testing?
[04:16] <fjlacoste> DiabolicalGamer: but do not upgrade to the testing ppa for now
[04:17] <fjlacoste> the new maas-provision package is broken
[04:17] <fjlacoste> on upgrade
[04:17] <DiabolicalGamer> No all stable
[04:17] <fjlacoste> yeah
[04:17] <fjlacoste> so that one has that bug
[04:17] <bigjools> yeah
[04:17] <fjlacoste> you can workaround by resetting the owner
[04:17] <fjlacoste> in the DB
[04:17] <fjlacoste> or you can wait a few minutes
[04:17] <fjlacoste> for roaksoax to upload a fixed maas-provision package
[04:17] <fjlacoste> and then update to the testing ppa
[04:18] <fjlacoste> let me know if you want the DB surgery workaround
[04:18] <fjlacoste> it's actually documented in the bug
[04:18] <fjlacoste> let me paste you the bug number
[04:18] <bigjools> DiabolicalGamer: in the dbshell, update massserver_node set owner=null;
[04:18] <DiabolicalGamer> can I manually download the necessary deb package?
[04:18] <fjlacoste> DiabolicalGamer: no, because it depends on maas-provisioning
[04:19] <fjlacoste> DiabolicalGamer: https://bugs.launchpad.net/maas/+bug/981068
[04:20] <DiabolicalGamer> bigjools: are you sure that's right?
[04:20] <DiabolicalGamer> massserver_node or maasserver_node
[04:20] <DiabolicalGamer> it through an error
[04:20] <bigjools> oops
[04:20] <bigjools> DiabolicalGamer: in the dbshell, update maasserver_node set owner=null;
[04:21] <bigjools> :)
[04:21] <DiabolicalGamer> okay that worked lol
[04:21] <DiabolicalGamer> so should that fix it or do I need to change anything else?
[04:21] <bigjools> bootstrap again
[04:22] <DiabolicalGamer> still no go
[04:22] <DiabolicalGamer> same error when bootstrapping
[04:22] <bigjools> destroy again
[04:23] <bigjools> and restart maas
[04:24]  * bigjools has to run out in a couple of mins
[04:25] <DiabolicalGamer> rebooting...
[04:26] <bigjools> if that doesn't work, delete the nodes, re-commission, apply the sql above and then bootstrap
[04:28] <DiabolicalGamer> the command for the dbshell isn't working anymore
[04:28] <bigjools> what does it say?>
[04:28] <bigjools> and I have to go now unfortunately, I'll be back in an hour
[04:28] <DiabolicalGamer> ERROR:  column "owner" of relation "maasserver_node" does not exist LINE 1: update maasserver_node set owner=null;
[04:28] <fjlacoste> DiabolicalGamer: the bug as a better workaround
[04:29] <fjlacoste> DiabolicalGamer: and an updated maas-provision is building in the testing ppa
[04:31] <DiabolicalGamer> cool, glad to hear it :-)
[04:32] <DiabolicalGamer> can you link me to the testing ppa?
[04:39] <blendedbychris> is it possible to clone packages on another server?
[04:39] <blendedbychris> build a cluster of servers with the same software
[04:43] <SpamapS> blendedbychris: yes but what you really want is config management
[04:43] <SpamapS> blendedbychris: not just packages.. config files.. everything
[04:45] <SpamapS> blendedbychris: for that, there's juju, puppet, chef, cfengine. :) juju is more than config management.. but its hard to explain :)
[04:46] <twb> And does juju require an interpreter be installed on every node? :-/
[04:46] <twb> grumble puppet grumble
[04:46] <SpamapS> twb: juju uses an agent
[04:47] <SpamapS> currently written in python, though its being rewritten in go
[04:47] <twb> Haha
[04:47] <twb> bandwagons are go
[04:47] <SpamapS> go executables are standalone, so no interpreter then :)
[04:48] <SpamapS> twb: I haven't really seen anybody on the "go" bandwagon other than us juju interested people. :-P
[04:48] <twb> Oh, wow, I didn't know Pike and Thompson were co-authors.  They should advertise it as P&T Go, not Google Go
[04:49] <lifeless> sako: aka plan 10.
[04:49] <lifeless> bah
[04:49] <lifeless> twb: ^
[04:49] <lifeless> sako: sorry.
[04:50] <blendedbychris> SpamapS: i have been using csync for configuration management
[04:50] <blendedbychris> think it's worth the effort for two servers?
[04:51] <blendedbychris> (if you've already halfway configured the otehr
[04:51] <twb> Though I won't be really happy until scheme (with opt-in mutable cons cells) takes over the world...
[04:52] <twb> lifeless: neither of them are listed first on wikipedia though
[05:01] <fjlacoste> DiabolicalGamer: you can upgrade to the testing ppa
[05:28] <blendedbychris> anyone here use lsynd?
[05:28] <blendedbychris> I have no idea how to configure the keypair
[05:49] <koolhead17> hi all
[06:11] <blendedbychris> is there a csync2 alternative… i fricking hate setting up inet.d an djunk
[06:11] <blendedbychris> and*
[06:11] <blendedbychris> there should be a tool as easy as lsyncd
[06:13] <twb> blendedbychris: I didn't understand a word of that.
[06:15] <blendedbychris> csync2 configuration involves installing something for xinet.d and configuring private/public keys beyond what's already root.
[06:15] <blendedbychris> just looking for an alternative
[06:16] <blendedbychris> puppet seems to be a popular one
[06:19] <blendedbychris> it doesn't run as a daemon i think is why i find it so difficult to install
[06:20] <sbeattie> blendedbychris: you're looking for configuration synchronization?
[06:20] <blendedbychris> yes
[06:20] <blendedbychris> just something that will copy config and restart the appropriate service
[06:22] <jeeves_moss> is there a way of removing 2 drives from a pool without replacing them?  I have 2 IDE and 4 SATA drives.  The IDEs are throwing errors, and I suspect slowing down the pool
[06:22] <sbeattie> bcfg2, puppet, and cfengine are the traditional approaches to that, but all may be a bit more complex than you're looking for
[06:23] <twb> puppet has a daemon (puppetmaster) that serves configuration management to its slaves (puppet), which are IIRC invoked by cron
[06:24] <andol> twb: Well, the intended approach for Puppet is to also run the client/slave as a daemon, and then have it configured to do its thing with regular time intervals, but it is also possible to run the puppet client standalone from cron.
[06:24] <twb> One popular way of running puppet is entirely by hand -- you write the "manifest" with an editor, copy it to the host in question, and run puppet directly on it
[06:25] <andol> Yeah, that second approach fits nicely with having the manifests in a git repo, on a nfs share, or so.
[06:28] <twb> haha, my recorded bitching about puppet, was with you
[06:28] <twb> http://paste.debian.net/163630/
[06:29] <twb> blendedbychris: how many boxes do you have?
[06:30] <blendedbychris> 2 haha
[06:30] <twb> blendedbychris: it is definitely not worth the effort
[06:30] <twb> blendedbychris: do it by hand
[06:30] <twb> (FSVO it = configuration management)
[06:30] <blendedbychris> i've done csync2 before with two nodes
[06:30] <blendedbychris> it was helpful
[06:30] <twb> IMO you need >16 hosts before it's worth caring
[06:31] <blendedbychris> i don't get why they intend it to be so damn "secure"
[06:31] <twb> blendedbychris: because it amounts to a privileged RPC
[06:32] <blendedbychris> my thoughts are … shared root keys with lsyncd is just as insecure
[06:32] <blendedbychris> or rather privs
[06:33] <twb> I am not familiar with lsyncd, but obviously in assymetric cryptography, it is a failure /a priori/ to share/reuse private keys between principals.
[06:33] <blendedbychris> no idea what that means
[06:34] <blendedbychris> all i had to do is ssh-keygen and ssh-copy-id on root to get it going
[06:35] <twb> blendedbychris: you don't know what you're doing, and if you try to deploy ANY kind of configuration management, you are going to hurt yourself and probably others.
[06:35] <blendedbychris> indeed
[06:38] <andol> twb: Well, at least we ended up agreeing on something :)
[06:39] <blendedbychris> glad we are all learning here
[06:44] <jeeves_moss> is there a way to remove a disk from a ZFS pool?
[06:47] <twb> jeeves_moss: NFI, have you asked #opensolaris or #solaris?
[06:47] <twb> Hell there might even be a #zfs
[06:47] <jeeves_moss> twb, not yet, but I bet no one is there tonight
[06:48] <jeeves_moss> twb, thanks.  I've asked in all 3 channels
[07:00] <linocisco> hi all, I want to setup VPN with the existing ipstar dish in each remote office sites like a star topology. Can accomplish using ubuntu server?
[07:13] <TylerWhitney> two USB hard drives on a home Ubuntu server, 1TB and 2TB; I need to have the full 3TB... plan on using them as just a means to do an identical mirror of just ONE USB3 drive connected to a different computer in the home, over the network. Trying to decide on the level of RAID I setup using mdadm (linux raid) ... I'm going between RAID0 (obviously no redundancy, but better IO and performance
[07:13] <TylerWhitney> maybe) vs. non-raid JBOD (straight concatenation, again no redundancy, but if one fails I don't lose all) ......... thoughts?
[07:16] <twb> So wait, you actually have one each of 1TB, 2TB and 3TB, and you want to RAID0 the first two, and then mirror that with the 3TB?
[07:16] <TylerWhitney> sort of yeah, lol
[07:17] <TylerWhitney> nvm, just realize raid0 would not give full 3tb, dumb question: so if I do go about my actions it would be jbod I need to go with
[07:17] <twb> Is the 3TB disk already provisioned?
[07:17] <TylerWhitney> twb: but yes, you are correct in that I have one of each drive
[07:17] <twb> Obviously the best choice would be to simply buy a second 3TB and raid1 it; 3TBs are around AU$220 at present.
[07:18] <TylerWhitney> yes, and full of data; I want some sort of backup/redundant solution to it... preferably using the two disks (1TB and 2TB) I already have hanging out
[07:18] <twb> If you're *booting* off the 3TB it is non-trivial to RAID it and still continue booting
[07:18] <TylerWhitney> no booting, simply just a USB "data" drive
[07:18] <twb> If it's just (say) /home, then you can do it with not too much hassle
[07:18] <TylerWhitney> yes, I completely agree with you, the "best" choice, lol
[07:19] <twb> if it's in a USB enclosure, you should take it out and connect it over SATA before RAIDing it
[07:19] <TylerWhitney> twb: thats a great point, I was considering asking that!
[07:19] <twb> RAID over USB is significantly more flaky -- apart from anything else, you cannot use SMART to check HDD health
[07:20] <TylerWhitney> currently, the two drives are connected to the server via USB and a JBOD (using mdadm) is setup and thye are formatting as ext3
[07:20] <TylerWhitney> but I think I will probably take them out and go straight SATA
[07:20] <TylerWhitney> definitely faster speeds
[07:20] <TylerWhitney> Im sort of just playing around until I get around to purchasing another 3TB to mirror to
[07:21] <twb> What you want to do is hook up all three over SATA, then mdadm --create -n2 -l0 /dev/md0 /dev/2tb /dev/1tb
[07:21] <twb> Then mdadm --create -l1 <create degraded> /dev/md1 /dev/md0
[07:21] <TylerWhitney> well currently, the 3TB is connected via USB3 to a windows box and is my main data store...
[07:21] <twb> Then you provision the fs on top of md1 (the degraded RAID1), then you add the original 3T as a node to md1
[07:22] <TylerWhitney> nested raid then?
[07:22] <twb> Yes, you are doing half RAID10 and half RAID1
[07:22] <TylerWhitney> I see
[07:22] <twb> (RAID1 (RAID0 1t 2t) 3t)
[07:22] <twb> If you see what I mean
[07:22] <TylerWhitney> indeed
[07:23] <TylerWhitney> well first step take these bad boys out of USB enclosures
[07:23] <twb> But if this is for work, you really should just tell them to drop $200 for hardware, because it will be cheaper and require less downtime and be more reliable
[07:23] <TylerWhitney> no definitely not for work
[07:23] <TylerWhitney> just me playing around with redundancy at home
[07:23] <TylerWhitney> hence me being cheap
[07:24] <TylerWhitney> thanks for the wisdom twb
[07:25] <TylerWhitney> Im going to play and try a few things... I like the nested RAID (RAID1 (RAID0 1t 2t) 3t) very cool idea
[07:30] <RoyK> TylerWhitney: might be better to use mirrors at the bottom, so multiple mirrors are striped etc
[07:42] <blendedbychris> how can i figure out what mta is installed on a system?
[08:57] <WuxiIxuw> Please any one here tried vps  from rocketvps.com ? any feed back please?
[11:40] <cornfeed> good morning
[12:32] <railsraider> hi i want to compleytly remove all iptables and install arno-firewall
[12:32] <railsraider> iptables -F doesn't work as arno fails to load the config
[12:33] <railsraider> how do i completely remove flush reset the iptables
[12:42] <al-maisan> Is there a way to add a rule to the default security group from CloudInit for an aws ec2 instance?
[13:07] <WuxiIxuw> please i'd like to secure the vps using ubuntu 10.4 lts ... where exactly i can found what can ido from a to z ?
[13:22] <resno> WuxiIxuw: install fail2ban
[13:23] <resno> and really depends on how far you want to go... the choice is to secure it vs make it easy to access for you and users
[13:39] <WuxiIxuw> resno: what else?
[13:42] <resno> i asked a question
[13:42] <resno> whats more improtant security or accessiblity?
[14:12] <cldwalker> hi all, anyone know a way to skip the configuration dialog when installing postfix? DEBIAN_FRONTEND=interactive and -y aren't working
[14:15] <Jeeves_> Well, interactive is wrong
[14:16] <Jeeves_> noninteractive might work better
[14:17] <esuave> anyone ever have problems with SNMPD and a trap divide error from the kernel?
[14:20] <cldwalker> Jeeves_: my bad, I meant noninteractive which doesn't work
[14:20] <Jeeves_> cldwalker: Oh, ok.
[14:21] <mamuskus> Hi !
[14:26] <lamont> cldwalker: remind me which question in the postfix config I hate?
[14:29] <cldwalker> lamont: all of them? i'm trying to automate installing a package that depends on postfix but I'm not using any postfix functionality
[14:36] <macnix> after adding a new apt source and run apt-get update, the new packages are not picked up in the context of the same shell script
[14:37] <macnix> if I run the same shell script again, all works fine
[14:37] <macnix> what am I missing here?
[14:39] <lamont> cldwalker: ISTR that all but one question is preseedable (and maybe I fixed that?).  the questions it asks are questions that must be answered
[14:39] <Pici> macnix: I don't think we can really troubleshoot without seeing the script.
[15:34] <macnix> Pici: got it, the problem was a previously create conf while which the package prompted about the action
[15:35] <macnix> created*
[15:35] <macnix> created conf file*
[15:43] <ironm> hello. may I ask what virtualization would you recommend for precise? KVM, row Xen or XCP? Thank you in advance for any hints.
[15:46] <ironm> another question. I have tested shortly virt-manager to manage KVM VMs. Is there a better choice?
[15:58] <failover> ironm, if simplicity counts, stick with KVM, it's easier to install and use...
[16:00] <ironm> failover, I have tested XCP (XenServer) before. It looks to be much more complicated to manage it.
[16:00] <ironm> failover, would you recommend virt-manager? .. or ist there a better tool?
[16:00] <ironm> thanks a lot for your hint failover  :)
[16:03] <failover> ironm, virt-manager sound's ok, a lot of people use stuff like proxmox too
[16:06] <ironm> I have to check it proxmox is a commercial tool or GPL based one
[17:01] <Jak2000> hi all
[17:01] <Jak2000> how to stop the firewall?
[17:02] <patdk-wk> flush all the iptables rule lists :)
[17:03] <Jak2000> service iptables stop
[17:03] <Jak2000> wont work :(
[17:03] <patdk-wk> I don't remember saying that
[17:04] <patdk-wk> http://www.adminsehow.com/2009/08/how-to-clear-all-iptables-rules/
[17:04] <patdk-wk> yay for google :)
[17:05] <EvilResistance> i thought iptables wasnt a service?
[17:05] <patdk-wk> it's not :)
[17:05] <EvilResistance> Jak2000, sudo iptables -F  <-- flushes the firewall
[17:05] <EvilResistance> it'll clear out any rules and default to ACCEPT on everything i tihink
[17:05] <EvilResistance> (I think...)
[17:05] <patdk-wk> EvilResistance, only the normal ones, not nat or mangle or raw tables
[17:06] <EvilResistance> of course  :P
[17:06] <patdk-wk> it's always mangle that I need cleaned :)
[17:06] <EvilResistance> patdk-wk, can't save an iptables.flushed.rules in /etc/, and do iptables-restore M /etc/iptables.fulshed.rules ?
[17:06] <EvilResistance> :P
[17:07] <Jak2000> but i not want flush the oiptables
[17:07] <Jak2000> i only want stop the iptables
[17:07] <patdk-wk> you can't *stop* iptables
[17:07] <patdk-wk> as iptables isn't a daemon
[17:07] <EvilResistance> ^
[17:07] <patdk-wk> therefor it doesn't *run*
[17:07] <EvilResistance> yep
[17:07] <patdk-wk> if you really want to stop it. unload all kernel modules related to it
[17:07] <patdk-wk> OR turn off your computer
[17:07] <EvilResistance> otherwise, flush the iptables rules
[17:07] <Jak2000> :(
[17:08] <EvilResistance> (which we've said to do)
[17:08] <Pici> by default there aren't any rules.
[17:08] <Jak2000> i opened a port:
[17:08] <EvilResistance> indeed
[17:08] <Jak2000> iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
[17:09] <EvilResistance> Jak2000, if you're behind a router, you need to forward your ports at the router too
[17:09] <EvilResistance> or behind a corporate firewall, same deal
[17:09] <EvilResistance> (if you're trying to get connections from the external network aka the internet)
[17:10] <Pici> mysql shouldn't require any extra steps network-wise.
[17:10] <EvilResistance> except removing the line that binds it to localhost
[17:10] <EvilResistance> (last i checked that's still the default setup)
[17:10] <EvilResistance> or the line that skips networking (which means its only bound to 127.0.0.1:port
[17:10] <EvilResistance> )
[17:10] <EvilResistance> s/bound/listening on/
[17:15] <EvilResistance> Jak2000, are you trying to get MySQL to listen to requests from outside your system?
[17:22] <Jak2000> EvilResistance yes :)
[17:22] <EvilResistance> Jak2000, i dont have my linux nearby, but ideally you need to do two things: (1) set bind-address=[IP] and (2) comment out the skip-networking lines in the configs for mysql
[17:23] <EvilResistance> then service mysql restart
[17:23] <EvilResistance> (remember to edit the config with superuser/sudo and to use sudo with service mysql restart)
[17:23] <EvilResistance> where [IP] in (1) is your server/system's IP address
[17:24] <Jak2000> EvilResistance ok thx
[17:25] <EvilResistance> and leave the iptables rule you added
[17:25] <EvilResistance> (and remember: default mysql server setups don't bind to an internet-listening area, it by default only listens locally (127.0.0.1)
[17:26] <Jak2000> EvilResistance: set bind-address  is on my.cnf right?
[17:27] <EvilResistance> mhm
[17:27] <EvilResistance> same with comment out skip-networking
[17:27]  * EvilResistance forgot the name of the conf file, hence why he said "I'm not near my linux machine"
[17:28] <Jak2000> ok
[17:29] <Jak2000> EvilResistance: how to remove these iptables rule: iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
[17:29] <EvilResistance> no need
[17:29] <EvilResistance> otherwise, if you really want to purge that rule, you have to figure out whether you have other rules
[17:29] <EvilResistance> if you have other rules, you have to know which # rule that rule is in the table
[17:29] <Jak2000> ok
[17:29] <EvilResistance> and the iptables -D INPUT # or w/e it is
[17:30] <Jak2000> done i can connectfrom out of the server :)
[17:30] <EvilResistance> to wipe all iptables rules, iptables -F
[17:30] <Jak2000> thx
[17:45] <blendedbychris> any stunnel users around?
[17:45] <blendedbychris> trying to troubleshoot why the thing isn't doing anything and it doesn't spit anything in the log
[19:23] <Unkn0wn> apache: sh: id: not found
[19:23] <Unkn0wn> What could be causing this behavior?
[19:24] <Unkn0wn> it is in the apache error log
[20:01] <axisys> why would eth0:1 not come up? I had to up it manually and then it gives odd error message
[20:01] <axisys> details: http://dpaste.com/733885/
[20:42] <utlemming> [NOTICE] New S3-Backed EC2 mirrors are being activated. Please see https://lists.ubuntu.com/archives/ubuntu-cloud/2012-April/000752.html for more information
[21:55] <DiabolicalGamer> Hello Everyone
[21:56] <DiabolicalGamer> I'm still trying to get MaaS to work, but I'm not sure I added the correct testing ppa.
[21:57] <DiabolicalGamer> Is this the correct one? -> https://launchpad.net/~maas-maintainers/+archive/testing
[22:00] <DiabolicalGamer> Also the delete option for a node is blurred out because it claims they are busy.
[22:00] <DiabolicalGamer> I managed to force a delete by modifying the url, however this was severely bugged and led to duplicate mac address entries.
[22:13] <hallyn> Ursinha: looking at bug 984381, i marked it as affecting oneiric, but lp won't give me a row where i can set it confirmed for oneiric.  ?
[22:13] <Ursinha> hallyn, let me see
[22:13] <Ursinha> hallyn, check now
[22:14] <Ursinha> hallyn, the nomination needed approval
[22:14] <Ursinha> I approved that and you might be able to see it now
[22:14] <hallyn> thanks, Ursinha.  I've seen that before, never understood it.
[22:15] <hallyn> What's the point?
[22:15] <Ursinha> that is because anyone can nominate a bug to a release, but that's not necessarily true
[22:15] <Ursinha> so a person that has appropriated permissions can evaluate if a task for a given series is worth having
[22:16] <Ursinha> anyone can indicate a problem happens in a release, but only a few can confirm that
[22:18] <Ursinha> that's so we won't have unmanageable loads of past releases bugs that will never be looked at/aren't valid to be backported/aren't bugs
[22:18] <Ursinha> hallyn, but I guess you should be able to approve that?
[22:18] <Ursinha> hallyn, bdmurray knows it better
[22:22] <hallyn> Ursinha: ok, thanks.  (yes, I was figuring that bugsquad members would have the perms, but maybe it has to do with per-package upload rights)
[22:22] <bdmurray> hallyn: can you upload php5?
[22:22] <hallyn> i'd have to check
[22:22] <hallyn> (and don't have the archive acl tools handy)
[22:22] <hallyn> i would think i would through the server set, which i have upload rights to
[22:23] <bdmurray> for nominations and release targettin the way it works is bug control can nominate
[22:23] <hallyn> but i'm not coredev and never asked for (or wanted) php5 rights explicitly
[22:23] <bdmurray> then uploaders or some other team can approve
[22:26] <bdmurray> anyway afaict you can't upload php5
[22:27] <hallyn> bdmurray: just checked, php5 does not appear to be in server set, so that all makes sense
[22:28] <hallyn> (I would think it *should* be, but...)
[22:28] <hallyn> thanks both, good night
[22:56] <DiabolicalGamer> anyone from the MaaS server team here?
[23:21] <DiabolicalGamer> Anyone know where the password for the MaaS api is?
[23:21] <bigjools> DiabolicalGamer: there's no password, you set up an oauth key
[23:21] <DiabolicalGamer> I think my configuration got reset because it's throwing an auth error
[23:22] <bigjools> check the same key is still in use
[23:41] <JRWR> I wanted some advice on a file system to use on across 5-10 servers that have a shared block device (iSCSI), GlusterFS and LusterFS seem to be it, but they dont say anything about shared block device support