/srv/irclogs.ubuntu.com/2012/06/19/#maas.txt

=== Aaton is now known as Aaton_off
negronjl	This officially sucks ..	00:40
negronjl	now that I have the MaaS WoL thing more or less worked out, juju is not working...	00:40
negronjl	juju bootstrap turns the machine up but, there is no IP address to that machine ... and I can't log in to the node either.	00:40
negronjl	Does anyone know which kickstart is used to load the machine up when it is in the "Ready" state ? I need to add a password to the ubuntu user there.	00:41
negronjl	I need to take a break from this for a few minutes ... I'll be back in a few	00:47
bigjools	negronjl: don't do that, juju gives the ubuntu user your public ssh key	01:06
negronjl	bigjools: don't do which part ... I've done so many things that I am going crazy and losing track.	01:06
bigjools	<negronjl> Does anyone know which kickstart is used to load the machine up when it is in the "Ready" state ? I need to add a password to the ubuntu user there.	01:07
negronjl	bigjools: I am having issues with juju now ( got past the WoL issues )	01:09
negronjl	bigjools: after the nodes are "Ready" I can't get juju bootstrap to finish	01:10
negronjl	bigjools: I am able to do "juju bootstrap" or "juju bootstrap --constraints maas-name=quantal"	01:10
bigjools	negronjl: how do you know it's not finished?	01:10
negronjl	bigjools: I have a monitor hooked up to the node	01:11
negronjl	bigjools: it WoL the system, installs everything that needs to be installed ( system, juju, etc. )	01:11
negronjl	bigjools: after i end up @ the login promt, I try "juju status" but, I get "no route to host"	01:13
negronjl	bigjools: i can't even ping the node.	01:13
negronjl	bigjools: I was wondering how to get inside of the node ( the juju bootstrap node ) to see if I can figure out what is happening	01:15
bigjools	are you relying on zeroconf for name lookup, or dns on the maas server?	01:17
negronjl	dns on maas server	01:19
bigjools	and is it correct?	01:19
negronjl	it is ... when I "host <insert node name>" it replies correctly	01:19
bigjools	can you ssh ubuntu@host?	01:20
negronjl	no ... "no route to <nodename>"	01:20
negronjl	it doesn't seem to be a DNS issue as I cannot get to the node by address	01:20
negronjl	I am working on 192.168.1.0/24 and I have checked every IP ... the node doesn't appear to have an IP	01:21
bigjools	it doesn't sound like a juju or maas problem	01:22
bigjools	did the dhcpd assign an ip?	01:22
negronjl	bigjools: according to the DHCP ... no	01:22
negronjl	bigjools: The node doesn't appear to be asking for one	01:24
negronjl	bigjools: That's why I was asking for a way to get in the node so I can ( with the monitor/keyboard ) check things out.	01:27
lifeless	negronjl: are you running precise? is that what was used to do the demo ?	01:30
negronjl	lifeless: yes and yes	01:30
lifeless	ok cool	01:30
lifeless	uhm	01:30
lifeless	bigjools: ip allocation will be dhcp on each node right ?	01:31
lifeless	negronjl: have you got tcpdump / wireshark running on the dhcp server, see what comes in ?	01:31
negronjl	lifeless: yes but, when I do "juju bootstrap" I don't see the node asking for an address	01:32
lifeless	ok, even though it powers up ?	01:32
negronjl	lifeless: yes .. the node powers up and it appears to install correctly ... it then reboots and it leaves me at the login prompt.	01:34
lifeless	during the install, it must do networking - do you see dhcp requests during that period ?	01:34
negronjl	I then do "juju status" and I get a "no route to host"	01:34
lifeless	If you don't, it suggests that the wireshark config is wrong, if you do, but don't later, it tells us either that a) dhcp is being more persistent than usual :P[unlikely] or b) dhcp isn't trying on the reboot.	01:35
lifeless	negronjl: you could try using arp to locally associate the address used during the install with the node, and see if it responds to that via ping/ssh	01:36
negronjl	ahh ... I could try that lifeless	01:36
negronjl	lifeless: give me a minute to try it out	01:36
lifeless	sure	01:36
lifeless	also check you see DHCP for the install phase.	01:36
negronjl	lifeless: i will	01:37
bigjools	I have had it up to HERE with ubuntu problems already today	01:39
lifeless	welcome back	01:40
negronjl	bigjools: amen to that :)	01:40
bigjools	three reboots	01:40
bigjools	and it's 11:40am	01:40
negronjl	just so we are all on the same page .. I am monitoring DHCP traffic at the maas server with tcpdump -i eth0 -n port 67 and port 68	01:54
negronjl	I just did a "juju bootstrap" ( leaving maas to pick a node for me )	01:55
negronjl	I see the DHCP requests from the node and the responses from the DHCP server	01:55
=== wgrant_ is now known as wgrant
negronjl	hah .. i found something	01:58
negronjl	i found that the IP that the node got differs from what's expected.	01:59
negronjl	ie: the node's name is natty so, when i do "host natty" I get "192.168.1.103" but, when I look at the tcpdump output, I see that the address is 192.168.1.168	02:00
negronjl	I cannot ping 192.168.1.103 but, I CAN ping 192.168.1.168	02:00
negronjl	I CANNOT ssh into 192.168.1.168 though ... it asks me for password but, I don't have one	02:01
bigjools	is cobbler set to manage DNS and DHCP?	02:01
bigjools	it is supposed to set the same IP in both	02:02
bigjools	if it doesn't then things will break like this	02:02
negronjl	cobbler is managing DNS but, not DHCP	02:02
bigjools	there's your problem	02:02
negronjl	there's one of my problems ...	02:02
bigjools	:)	02:02
lifeless	optimist :P	02:02
bigjools	ha	02:02
negronjl	lol	02:02
lifeless	why isn't cobbler managing DHCP ?	02:02
negronjl	this is the way the setup was sent to me	02:02
negronjl	but, even if I change that ... i still have the problem that I cannot log int	02:03
negronjl	s/int/in	02:03
lifeless	well	02:03
lifeless	so cloud-init may not have run	02:03
lifeless	because its not got the right ip now	02:03
negronjl	ok ... let's try to fix the DNS/DHCP issue first i guess....	02:03
lifeless	definitely	02:04
negronjl	I have a dd-wrt router in the mix acting as DHCP ... let me pull that out of the equation...then I will need a bit of help fixing the DHCP in the maas server ...	02:04
negronjl	brb ...breaking things :)	02:04
bigjools	/etc/cobbler/settings	02:04
bigjools	manage_dhcp: 1	02:05
lifeless	negronjl: the whole thing should be its own standalone network, with (I believe) a local archive mirror and everything	02:05
negronjl	bigjools: checking /etc/cobbler/settings now	02:05
negronjl	lifeless: i have the local mirror thing working.	02:05
lifeless	negronjl: or at worst, with the maas server itself attached on one side to the maas cluster LAN,a nd on the other to your network.	02:05
lifeless	again, AIUI, second hand knowledge ;)	02:06
negronjl	oh wow ... according to /etc/cobbler/settings .... the maas server is managing both dns and dhcp ( manage_dhcp: 1 manage_dns: 1 )	02:06
negronjl	this doesn't seem right ....	02:06
bigjools	check that your node has got an entry in the dhcpd config	02:09
bigjools	is it using dnsmasq or isc?	02:09
bigjools	it should map a mac to an IP	02:10
negronjl	bigjools: ok .. let me check ...	02:15
negronjl	let's start with this ... the maas server should have a static ip address	02:15
negronjl	right now it doesn't	02:15
negronjl	it is assumes that it will be 192.168.1.2 ( I am working with a 192.168.1.0/24 network )	02:15
negronjl	I should probably fix the maas server first	02:16
lifeless	yup	02:16
lifeless	if its dual attached, it can be dhcp on the external side	02:16
lifeless	but the cluster side has to be pretty fixed ;)	02:17
negronjl	lifeless: the maas server is a laptop with a broken screen :/	02:18
negronjl	and one interface only	02:20
lifeless	no wifi? or wifi only ?	02:20
lifeless	negronjl: it arrived broken?	02:21
negronjl	lifeless: it did although I have a vague recollection of a conversation with mrussell ( Mark Russell ) that it may have been broken before shipment to my house.	02:22
negronjl	maas server has a static ip now	02:22
negronjl	now checking dhcpd ( /etc/dhcp3 ) configuration	02:22
lifeless	cry for help sent	02:23
negronjl	bigjools: in MaaS ... what handles the DHCP server ( I see maas-dhcp package installed but, don't really know where the config resides )	02:24
lifeless	its lacking all technical info about where we are at; wrong audience for that I think.	02:24
negronjl	lifeless: thx ... well said .. cry for help	02:24
bigjools	negronjl: cobbler does everything	02:24
bigjools	maas is just driving it	02:24
negronjl	bigjools: ok .. so earlier you had mentioned for me to make sure that I had something in dhcp config ... where should I be looking ?	02:25
bigjools	dhcp config is written by cobbler	02:25
bigjools	so we need to see if it wrote it right	02:25
bigjools	so, just looking for that MAC to IP mapping so the node gets the IP address we expect	02:25
negronjl	bigjools: I'll start a node to see how it behaves now	02:28
bigjools	ok	02:28
negronjl	hah ... i have to laugh because I don't want to cry ... the maas server just froze ... rebooting it	02:30
bigjools	you are seriously unlucky	02:30
negronjl	bigjools: what handles dhcp and dns here ...	02:34
bigjools	negronjl: it's in settings	02:34
negronjl	I'm really not trying to ask stupid questions ... I am just trying not to assume anything at this point	02:35
bigjools	so you can tell cobbler to drive isc dhcp or dnsmasq	02:35
bigjools	it's dnsmasq out the box IIRC	02:35
negronjl	it appears to be dnsmasq	02:36
negronjl	bigjools: where is the config for dnsmasq ?	02:38
bigjools	/etc/dnsmasq.conf?	02:39
negronjl	i may have to rebuild this environment .. ( maas-flush and all ). I think that having two dns/dhcp servers in the network ( cobbler and the router ) may have screwed the config on the nodes	02:41
bigjools	very likely	02:41
negronjl	rebuilding now ... it'll take a few minutes	02:44
negronjl	bigjools: now pxe booting is not working .... TFTP open timeout	02:54
bigjools	yay	02:54
negronjl	bigjools: i have cobbler using the system's tftp ... should I change it so cobbler uses it's own instead ?	02:54
negronjl	system's tfpt => tfptd-hpa ( /etc/init.d/tftpd-hpa )	02:55
bigjools	that should be ok	02:55
negronjl	the system's ? it was working before so it seems to be a config issue somewhere in cobbler	02:55
bigjools	you must have been use pxe on the router before	02:55
negronjl	apparently	02:56
bigjools	using*	02:56
bigjools	I don't know what's best here, try flipping and see	02:56
negronjl	ok	02:56
negronjl	nope ... I think I was getting further with the router ...	03:02
negronjl	maybe try having the router pass the pxe and dhcp and have the maas server handle dns	03:02
negronjl	bigjools: ^^	03:03
bigjools	I don't know what's best, sorry	03:03
bigjools	you need roaksoax perhaps	03:04
bigjools	if he is up	03:04
lifeless	negronjl: its what, 8pm for you ?	03:05
negronjl	lifeless: it is	03:05
lifeless	negronjl: ok; I'm going to break for a late lunch in a minute	03:06
lifeless	negronjl: whats the network layout you have in use?	03:06
negronjl	lifeless: flat network ( 192.168.1.0/24 )	03:06
lifeless	negronjl: e.g. nodes + maas server on one switch, where does your router come into it, and so on.	03:06
negronjl	lifeless: router is 192.168.1.1 ( gw and dhcp )	03:07
negronjl	lifeless: 192.168.1.2 -> maas-server	03:07
lifeless	negronjl: you haven't turned dhcp off ?	03:07
lifeless	on the router that is	03:07
bigjools	are all the necessary daemons running on the maas box?	03:07
negronjl	lifeless: i did turn dhcp off on the router but, pxe stopped working	03:07
negronjl	bigjools: they are	03:07
lifeless	negronjl: ok, leave it off please :)	03:07
lifeless	negronjl: you won't have your router at Structure :>	03:08
bigjools	dnsmasq, dhcpd, bind, tftpd	03:08
bigjools	and tgtd	03:08
negronjl	lifeless: the router was shipped here with the rest of the stuff so, yes .. i could	03:08
negronjl	bigjools: no dhcpd nor bind ... dnmasq instead	03:08
lifeless	negronjl: oh, it was? See, bad assumptions R us :)	03:08
negronjl	bigjools: tftpd-hpa for tftp	03:08
bigjools	ok	03:09
bigjools	so we need to work out why the node cannot see a pxe server (ie dhcpd)	03:09
bigjools	firewalled?	03:09
negronjl	bigjools: straight cable	03:09
lifeless	negronjl: are the nodes plugged into the router, or a switch/hub ?	03:09
negronjl	lifeless: switch	03:09
negronjl	here is the setup	03:09
negronjl	one switch where all of the nodes and maas-server are connected	03:10
negronjl	maas server is a laptop running the above mentioned daemons	03:10
negronjl	that is all	03:10
lifeless	the router is plugged into the switch?	03:10
negronjl	9 nodes ( HP microservers ) one switch and one laptop.	03:10
bigjools	can you get a pxe test client?	03:10
negronjl	when I was using the router ... it was also plugged in the switch to provide dhcp/dns	03:11
lifeless	ok, cool.	03:11
lifeless	so, default switch environment is to forward everything, pxe should work fine there.	03:11
lifeless	negronjl: got wireshark up? can you get the DCHP OFFER contents, that should have the pxe metadata in it.	03:11
negronjl	lifeless: pxe was working fine with the router but, I believe that the nodes were getting their IPs from the DHCP but not updating the DNS.	03:11
negronjl	I believe the DHCP was on the router but, DNS was on router AND maas server ...	03:12
negronjl	not sure but, I really believe that there was a conflict between the router's dns/dhcp and the maas-server's dns/dhcp	03:12
lifeless	sure, so we now have dhcp and dns both set to managed in cobbler	03:13
lifeless	and wol is firing up the node	03:13
lifeless	and its failing to PXE boot ?	03:13
rick1	execuse me, does anyone know the MaaSslave's default username and password ?	03:13
lifeless	rick1: your ssh key should be copied into the ubuntu user for you by cloud-init.	03:14
negronjl	lifeless: with all the wires running across my dining room table, I may have found something ... let me try again .. give me just a second	03:14
lifeless	rick1: If I remember correctly.	03:14
rick1	lifeless: so, I can just login to it?	03:14
lifeless	ssh yes	03:14
lifeless	it won't have a password at all	03:15
rick1	lifeless: Thanks, I'll try	03:15
negronjl	lifeless: pxe booting is now working off of the maas server ( no router involved )	03:15
negronjl	I am going to continue deploying to see if things are better now	03:15
lifeless	negronjl: what was wrong?	03:15
roaksoax	negronjl: that machine has been broken for ages and that's the same one used at the ODS demo	03:16
bigjools	rick1: the user is "ubuntu"	03:16
negronjl	network loop	03:16
rick1	bigjools: oh, Okay	03:16
roaksoax	negronjl: use the dd-wrt router for DNS/DHCP	03:16
roaksoax	negronjl: don't use maas	03:16
lifeless	roaksoax: ohhai!; I'll let you steer :)	03:17
negronjl	roaksoax: i see now that by using the maas-server for dns/dhcp i can't spoof the archives ...	03:17
negronjl	roaksoax: I'll switch it back ... give me just a second	03:17
negronjl	roaksoax: do I need to turn dns/dhcp off in cobbler now that the router is back in the picture ??	03:17
roaksoax	negronjl: yeah don't use maas-server as DHCP/DNS because you'll have to manually assign what IP addresses the clients will get throught DHCP	03:18
roaksoax	negronjl: yes you do	03:18
roaksoax	negronjl: the dd-wrt should already e confogured for DNS/DHCP so you shouldn't really have any issues there	03:18
rick1	lifeless: It shows Connection reset by peer, It must be something wrong with the PXE installation.... always shows commissioning on the WebUI	03:18
negronjl	roaksoax: just to be sure .... manage_tftpd and manage_dns should both be set to 0 ( and not 1 ) on /etc/cobbler/settings ??	03:19
roaksoax	negronjl: manage_dns manage_dhcp	03:19
roaksoax	negronjl: we do manage_tfptd	03:19
negronjl	roaksoax: sorry yes .. those two	03:19
negronjl	roaksoax: manage_dns and manage_dhcp	03:20
negronjl	roaksoax: they are both set to 1 on /etc/cobbler/settings	03:20
roaksoax	negronjl: I can't recall (i'm zombie already), but you should be able to dpkg-reconfigure maas-dhcp and disable DNS/DHCP	03:21
lifeless	roaksoax: negronjl: I'm going to take that lunch break. Will check in in ~40	03:21
negronjl	lifeless: thx	03:21
negronjl	roaksoax: I'll do that ..	03:21
roaksoax	lifeless: provecho :)	03:21
negronjl	roaksoax: did dpkg-reconfigure but, I don't get the option to disable it.	03:22
negronjl	roaksoax: trying again ( i disabled it directly in /etc/cobbler/settings ) at this point, i am just trying things out	03:26
* roaksoax checks		03:26
roaksoax	negronjl: try purging maas-dhcp	03:26
negronjl	roaksoax: will do	03:27
negronjl	roaksoax: not sure if you are still around but, I have a question....	03:54
roaksoax	negronjl: shoot	03:54
negronjl	roaksoax: After the node is in "Ready" state ... can I then run "juju bootstrap" ?	03:54
negronjl	roaksoax: or is there anything that I have to do between Ready and juju bootstrap	03:55
roaksoax	negronjl: ready state are ready to be used	03:55
negronjl	roaksoax: so, juju bootstrap would be ok at that point ?	03:55
roaksoax	negronjl: yes,	03:56
negronjl	roaksoax: thx ... I think I should be good for now ... thank you VERY much for all you patience and help during this.	03:57
roaksoax	no worries	03:57
roaksoax	negronjl: we've been there	03:57
roaksoax	:)	03:57
lifeless	hows it looking guys?	04:04
rick1	Still stuck on "Commissioning" state	04:09
lifeless	rick1: I don't know the states all that well, but I think that means 'trying to turn it on and install it'	04:09
rick1	lifeless: yes	04:10
lifeless	rick1: are you using wake on lan or a power board or something? or just reaching down and pushing the power button ?	04:12
rick1	after maas slave PXE booting, scrolling of many screen of messages, stay on "cloud-init-nonet killed by TERM signal" for a while, then jump to login screen	04:12
rick1	lifeless: yes, I set to wol	04:13
lifeless	bigjools: / roaksoax: ^ any thoughts?	04:13
bigjools	no idea why that TERM happens, I think we went through all the usual suspects	04:13
bigjools	so I'd have to defer to roaksoax or smoser who have more knowledge of cloud-init than I	04:14
negronjl	I have had so many issues today that I may be able to help with this.	04:16
negronjl	rick1: would you pastebin the contents of /etc/maas/maas_local_settings.py please ?	04:16
rick1	ok, wait a moment	04:17
negronjl	rick1: I am looking for the value of: DEFAULT_MAAS_URL	04:17
negronjl	rick1: In my case ( out of many ), cloud-init was not working correctly because I had an issue where DEFAULT_MAAS_URL was not properly set to the IP address ( not the hostname ) of the maas-server	04:18
rick1	negronjl: DEFAULT_MAAS_URL = "http://10.20.0.1/"	04:18
negronjl	rick1: also make sure that the time on your nodes ( all of them ) as well as the maas-server is the same .. weird .. I know but, it helps	04:19
bigjools	oauth FTL	04:19
negronjl	bigjools: do I have to upload my SSH key to the maas server before i do anything with it ?	04:23
rick1	negronjl: oh, you are right, the time is different	04:23
negronjl	bigjools: juju status ( after a successful juju bootstrap ) gives me Invalid SSH key	04:23
bigjools	negronjl: no, unless you plan on starting nodes manually in the UI	04:23
negronjl	rick1: put them all on the same time	04:23
negronjl	bigjools: I get Invalid SSH key ....	04:24
bigjools	negronjl: yeah that happens if it's still booting before its run the preseed that adds the user data	04:24
bigjools	if the console is at the login prompt then it's not booted properly	04:24
bigjools	wrong image or failure to get metadata	04:25
negronjl	bigjools: hmmm... how do I avoid that ? Did I do something wrong here ?	04:25
bigjools	negronjl: the clock problem?	04:26
bigjools	perhaps	04:26
negronjl	bigjools: nope ... all nodes are time synced	04:26
negronjl	bigjools: maas-server as well	04:26
bigjools	is it at login prompt?	04:27
negronjl	bigjools: yup .. .and I can't log in to figure what may be wrong ...	04:27
bigjools	ok is there anything in maas-server syslog from the node?	04:27
negronjl	Test WP failed, assume Write Enabled	04:29
negronjl	Asking for cache data failed	04:29
negronjl	Assuming drive cache: write through	04:29
rick1	negronjl:now time is synced, but still the same problem.	04:29
negronjl	Test WP failed .....	04:29
negronjl	rick1: .... 10.20.0.1 is your maas server right ?	04:30
rick1	negronjl: yes	04:30
lifeless	negronjl: is juju bootstrap running for you now ?	04:30
negronjl	lifeless: it does but, I cannot juju status ( invalid ssh key )	04:31
lifeless	check your environments config is right and so forth ?	04:31
negronjl	rick1: dpkg-reconfigure maas ... make sure your maas server ip is correct ...	04:31
negronjl	rick1: sudo cobbler sync	04:31
negronjl	rick1: try again	04:31
bigjools	negronjl: watch the console during boot, see if anything else looks bad	04:32
rick1	negronjl: ok	04:32
rick1	negronjl: still the same. and I found a bug report about this. https://bugs.launchpad.net/ubuntu/+source/maas/+bug/992075	04:39
ubot5	Ubuntu bug 992075 in maas (Ubuntu) "Commissioning status persists with cloud-init 0.6.3-0ubuntu1" [Undecided,Confirmed]	04:39
negronjl	rick1: for me, it was a simple case of /etc/maas/maas_local_settings.py having the wrong DEFAULT_MAAS_URL	04:40
* bigjools adds that to the FAQ		04:40
rick1	negronjl: :), I'm go out and take a break, thank you VERY much	04:40
negronjl	rick1: no worries .. just paying it forward ... I have been helped a LOT	04:40
bigjools	please consider amending or adding to the https://answers.launchpad.net/maas/+faqs	04:43
negronjl	bigjools, lifeless: good news: I am now able to ssh ubuntu@<node_ip>	05:06
negronjl	bigjools, lifeless: bad news: the dhcp address associated with the name does NOT match what MaaS thinks it should be	05:06
negronjl	bigjools, lifeless: MaaS and Juju think that my node is 192.168.1.101 but, my node got an address of 192.168.1.127 ... I have to check the DHCP server to see what may be going on but, I will have to do that tomorrow ... I am calling it a night ...	05:07
bigjools	negronjl: what is dhcp serving?	05:17
negronjl	bigjools: checking that now ... 'cause as far as I know ...the router should be the _only_ DHCP running and it has static dhcp clients	05:17
bigjools	negronjl: mac address mismatch then	05:18
bigjools	check static config vs what maas has	05:18
negronjl	bigjools: checking that too but, gotta be honest ... I'm pretty tired ... I'll be checking that and then calling it a night	05:18
negronjl	what do you mean ... what maas has ?	05:19
bigjools	maas stores macs for the nodes	05:19
bigjools	and tells cobbler what to write	05:19
bigjools	so if you're now doing your own static config then it's probably different	05:19
negronjl	bigjools: do tell ... the router's DHCP/DNS seems to have all of the right MAC addresses ...	05:20
bigjools	how do you know?	05:20
negronjl	bigjools: can you tell me where to find what maas-server has ?	05:20
bigjools	look in its UI	05:20
negronjl	bigjools: that seems to be right as well	05:21
bigjools	are you sure the DHCP server on the router is assigning the IP then?	05:22
negronjl	bigjools: checking again	05:25
bigjools	also, in some dhcp setups you need to explicitly say that pxe boots can have the same IPs as regular boots	05:26
negronjl	done for tonight ... I'll fight some more with this tomorrow	05:39
negronjl	thank you very much for the help all	05:39
lifeless	sleep well	05:44
bigjools	nn	05:47
SpamapS	lifeo/	06:03
SpamapS	lifeless: o/	06:03
* SpamapS wonders what happened to irssi there		06:04
lifeless	o/	06:04
lifeless	you hit tab and typed too fast	06:04
lifeless	and triggered its 'paste detection'	06:04
lifeless	which, FTW, bypasses all character evaluation.	06:05
SpamapS	ahhh	06:06
SpamapS	probably the bursty ssh	06:07
SpamapS	actually I'd swear its only bursty when I'm in tmux	06:07
=== rick2 is now known as rick1125
* czajkowski hugs jtv		07:50
jtv	czajkowski: all for that little email? blush	08:26
jtv	And hi to you too :)	08:27
czajkowski	jtv: yes you at least replied!	08:27
czajkowski	simple things in life realy	08:27
jtv	:)	08:27
flacoste	roaksoax: have you seen the question from Brian G. Peterson on the maas-devel list? he's having problems with the avahi boot story	13:19
flacoste	is the image supposed to be working?	13:19
flacoste	is the error he's encountering the same than you did when you tested with matsubara?	13:20
roaksoax	i havent	13:27
roaksoax	i will address it in a bit	13:27
flacoste	roaksoax: thanks!	13:27
jtv	Daviey: where on the TFTP path do the enlistment kernels live?	15:05
jtv	Or do we use the same as install/commissioning?	15:05
Daviey	jtv: wherever makes sense to you.	15:12
Daviey	enlistment kenel == install kernel	15:12
Daviey	comissioning kernel is sperate	15:12
jtv	OK, I'll use the install kernel then. Thanks.	15:12
jtv	Daviey: do we know yet exactly what kernel options we need to append for enlistment?	15:13
rvba	jtv: I think it's the options of maas-enlist in /var/lib/tftpboot/pxelinux.cfg/default	15:15
rvba	jtv: am I right?	15:15
Daviey	roaksoax: do you have those to hand?	15:15
jtv	rvba: not sure I understand you correctly. Are you referring to the maas-enlist profile in Cobbler?	15:16
rvba	jtv: no, I'm referring to the line " append initrd=..." next to the "LABEL maas-enlist" bit in the file /var/lib/tftpboot/pxelinux.cfg/default	15:17
jtv	Ah, thanks.	15:18
jtv	Unfortunately I don't seem to have that bit there.	15:18
rvba	jtv: http://paste.ubuntu.com/1049268/	15:18
jtv	Whoa that's a lot bigger than what I've got	15:19
roaksoax	Daviey: the kernel options	15:19
roaksoax	Daviey: yeah those are appended automatically by cobbler	15:19
roaksoax	err	15:20
jtv	Weird stuff in there... multiple locale options	15:20
jtv	Yeah, talking to me, I know. :)	15:20
roaksoax	some of them are appended automatically	15:20
roaksoax	jtv: some of the ones appended in the default file come from maas-import-isos and some from the commissioning	15:20
jtv	From the commissioning? But this is for a node that isn't even ready for commissioning yet.	15:21
roaksoax	jtv: the default ones are: append initrd=/images/precise-i386/initrd.gz ksdevice=bootif lang= text hostname=precise-i386 domain=local.lan suite=precise	15:21
roaksoax	jtv: when you import an ISO it creates the file that appends a few kernel args	15:21
jtv	We need a way to organize generation of this stuff I guess.	15:21
roaksoax	jtv: when you run maas-import-isos, it appends other required kernel args	15:21
roaksoax	jtv: and when you run maas-import-ephemerals, it adds different kernel args	15:22
roaksoax	jtv: so we just need a default, and we need to be able to add and modify them as needed	15:22
jtv	That's all plumbing we don't have yet, I think.	15:22
roaksoax	jtv: the addition of new custom kernel args is done by both, maas-import-isos and maas-import-ephemerals. So we should be able to do similar way to add more kernel args. However, we should be able to also add kernel args per node and as needed	15:23
jtv	But we're driving this from the inside out, rather from the outside in as Cobbler does.	15:25
jtv	In Cobbler, the scripts make this stuff up because they need to create profiles and that's where this stuff gets stored. We're driving it from the database, independently from the import scripts.	15:26
roaksoax	jtv: right, so import a netboot or server ISO into cobbler and check what args are added by default :).	15:28
roaksoax	jtv: should be similar to http://pastebin.ubuntu.com/1049288/	15:28
jtv	Have to organize this in some way that makes it reusable.	15:29
rvba	roaksoax: another question for you: right now, a node, once the install is done, calls "wget "http://$http_server:$http_port/cblr/svc/op/nopxe/system/$system_name" -O /dev/null". We've already created the equivalent method (to disable PXE boot) on the metadata API. The trouble is that the call to this method needs to be oauth-authenticated. I'm afraid I'm going to have to expose that method anonymously. Do	15:29
rvba	you have a better idea?	15:29
rvba	roaksoax: I'm asking you because I'm not sure what the limitations are exactly… could we use a tool with oauth support instead of wget?	15:31
jtv	We have some code that we were hoping to extract into a library at some point…	15:33
jtv	Based on the juju code.	15:33
jtv	src/apiclient/maas_client.py	15:33
roaksoax	rvba: can't we just do similar way to how cloud init does it?	15:33
rvba	roaksoax: what would that mean exactly?	15:34
roaksoax	rvba: hold on, have an idea	15:34
roaksoax	rvba: ok, so for cloud-init, MAAS gives cobbler the MAAS_PRESEED which is a base64 blob right?	15:35
rvba	roaksoax: yes	15:36
rvba	roaksoax: in the cobbler-less world, this is not base64 encoded any more, but obviously the same data is present in the preseed context when it gets rendered.	15:37
roaksoax	rvba: ok, so even better then, in the template, we can just get the auth credentials and hand them to curl	15:38
roaksoax	rvba: unless ytou want to store them in base64. So in the template, we just get the variable where that blod is stored, decode it, separate the credentials and give them out to curl	15:39
rvba	roaksoax: are you sure that curl supports oauth?	15:40
roaksoax	rvba: weren't we using it at the beginning for enlistment? before we decided not to?	15:40
rvba	roaksoax: I /think/ we were using a python script.	15:41
roaksoax	rvba: if it does not, then we need it to be unauthenticated	15:41
roaksoax	rvba: unless we get a python script that runs the credentials	15:41
roaksoax	rvba: which might be a PITA	15:41
rvba	roaksoax: why would it be a PITA?	15:43
roaksoax	rvba: downloading a script of late_command and executing it	15:44
roaksoax	rvba: another thing we could do would be do something we used to do with juju/orchestra	15:44
roaksoax	rvba: which was basically have a base64 blob that decoded into a .py file which was run	15:44
roaksoax	rvba: it should allow us to import python-oauth	15:45
roaksoax	rvba: but it is even more prone to errors	15:45
rvba	Indeed.	15:45
rvba	And less testable.	15:45
roaksoax	indeed	15:46
roaksoax	that's the same issue with wgetting a python script and having to do the same thing	15:46
roaksoax	rvba: so I think we'd have to have it unauthenticated for ease	15:46
rvba	Yep, I'm afraid that's the only simple solution.	15:47
rvba	Note that we will have kinda the same problem when exposing the preseed files. The preseed contains authentication creadentials… and I'm afraid we will have to expose it in the open.	15:47
rvba	roaksoax: because that preseed url will be passed as a kernel argument (url=...) and I suppose we don't have a way to use some kind of authentication when fetching that file do we?	15:49
roaksoax	rvba: right, but the preseed should only be obtainable by the PXE client machine and not by simply browsing the server http	15:49
roaksoax	rvba: or only exposed on the network which PXE is happening	15:51
roaksoax	rvba: and not that I know of.	15:51
rvba	roaksoax: how can we prevent someone browsing the server to fetch that file?	15:51
rvba	roaksoax: I mean how can we tell the request comes from the legitimate client machine? Using the IP would be a start but kinda fragile.	15:52
roaksoax	rvba: i have seen websites on which for instances, if you access to http://www.test.com/files/ it does not list the files, however, if you access test.com/files/file1.xyz it is downloadable	15:54
roaksoax	rvba: it is probably just hidding	15:54
roaksoax	it	15:54
rvba	Preventing directory listing is not a proper protection.	15:55
rvba	Besides, this is an API so there is no directory listing anyway.	15:55
roaksoax	yeah, never mind me then	15:56
roaksoax	err don't mind me :)	15:56
rvba	roaksoax: anyway, I think we will concentrate on having full feature parity with cobbler without making things worse w.r.t. security. And then we will iterate on that. Thanks for your help.	16:00
roaksoax	welcome	16:00
negronjl	... and back again with this	16:02
negronjl	roaksoax: 'morning. have another question for ya	16:04
negronjl	roaksoax: yesterday you had mentioned that we should be using the router as DHCP/DNS	16:05
negronjl	roaksoax: If we are using the router as DHCP/DNS should we turn dnsmasq off on the maas server ?	16:05
negronjl	roaksoax: or is the router acting as a relay ( DHCP/DNS relay that is ) ?	16:06
roaksoax	negronjl: when you remove maas-dhcp dnsmasq will no longer be running for cobbler	16:08
roaksoax	sudo cobbler sync should update the settings to not run it	16:08
* roaksoax brb		16:08
negronjl	roaksoax: ok ...thx	16:08
jtv	Daviey, roaksoax: actually… should the kernel options for enlistment be based on the “ephemeral” kopts or on the “install” kopts?	16:17
negronjl	I am now getting a Bad archive mirror error	16:22
negronjl	roaksoax, Daviey: i need help with the mirror ... it doesn't seem to be working. I get "Bad archive error" on the screen. On syslog ( on the node ), I get mirror does not have any suite symlinks and mirror does not support the specified release (precise) but, when I run the wget command manually ( wget -q http://archive.ubuntu.com/ubuntu/dists/precise/Release -O - \| grep -E '^(Suite\|Codename):' I do get Suite: precise .... this st	16:32
negronjl	opped working when I stopped dnsmasq BTW to allow the router to answer DHCP requests.	16:32
negronjl	Daviey, roaksoax: nm ... i figured it out	16:43
Daviey	spoofing archive.ubuntu.com to the wrong ip address?	16:50
negronjl	Daviey: not really sure but, I just edited /etc/dnsmasq.conf and commented out all of the dhcp parts and it seems to be working now	17:21
Daviey	negronjl: wait, on the router?!	17:53
negronjl	Daviey: the router is the DHCP/DNS	17:53
negronjl	Daviey: I disabled dhcp on dnsmasq on the maas server	17:54
Daviey	negronjl: hmm, who installed dnsmasq on the maas server?!	17:54
negronjl	Daviey: no idea .. it was like that when I got it.	17:55
negronjl	Daviey: I still need dnsmasq running on maas server. If I don't, the nodes complain about a bad archive mirror ...	17:55
Daviey	hmm	17:55
negronjl	Daviey: so I just commented the dhcp parts of /etc/dnsmasq.conf and it seems to work better.	17:56
Daviey	negronjl: the router should handle all dhcp/dns..	17:56
negronjl	Daviey: now I am to the point where juju bootstrap works ( still without WoL ) but, when I do juju status, the command hangs	17:56
Daviey	or at least it did, when i left it	17:56
negronjl	Daviey: the router does	17:56
Daviey	juju status should hang, until the boostrap node is ready, no?	17:57
Daviey	negronjl: WOL should work, only when a node is cleanly shutdown	17:57
Daviey	negronjl: i did suggest attempting to switch out the power control 'card' in the APC to the other one.	17:58
Daviey	The one which you can plug into the wall, has a duff management card.	17:58
Daviey	I hoped you could just swap it out.	17:58
negronjl	Daviey: I could try that. I should open both PDUs and see about that	18:01
negronjl	Daviey: that would still leave me with the juju status problem.	18:01
Daviey	negronjl: juju status should hang until the ootstrap node is ready	18:04
Daviey	is it ready?	18:04
negronjl	Daviey: it is at the login prompt ( has been like that for 10 minutes already ). Nothing is happening.	18:05
negronjl	Daviey: juju status is still hanging	18:05
Daviey	negronjl: okay, then this wouldn't seem to be a maas problem as such.. but a juju problem	18:06
Daviey	have you logged in to see what the heck is going on?	18:06
Daviey	zookeeper poorly?	18:06
lifeless	negronjl: Daviey: how is it looking?	18:06
negronjl	lifeless, Daviey: I am trying again.	18:07
negronjl	lifeless: I have the MaaS part working ( no WoL yet ). juju bootstrap is working but, juju status hangs	18:08
negronjl	lifeless: at the same time, Daviey recommends i open the PDUs and take a part out of one to put it into the other to see if the PDU works.	18:08
Daviey	I haven't seen the new one, but if they are the same model.. that makes sense.. the old model had a duff management computer	18:13
Daviey	WoL is fragile at best, but handled with care.. and a dry run on stage to prepare them.. should leave them in an adequate state	18:13
negronjl	Daviey: I'm trying to open the PDUs right now ... re: WoL, I am trying to see if I can reproduce it to where I can consistently have WoL working ... so far .. no luck.	18:14
Daviey	(WOL only works if cleanly shutdown)	18:15
negronjl	Daviey: within the maas process, how do you go about cleanly shutting them down when maas controls the entire process.	18:16
Daviey	negronjl: doing a dry run, turning them on by hand.. then briefly pressing the power button to shut them down.	18:17
Daviey	(brief press)	18:17
negronjl	Daviey: WoL is now working ....	18:21
negronjl	Daviey: waiting on bootstrap node ( connecting monitor to it )	18:21
negronjl	lol ... now I get Invalid SSH key ...	18:23
Daviey	:S	18:26
lifeless	Daviey: seen that before ?	18:29
Daviey	lifeless: no	18:35
lifeless	SpamapS: roaksoax: ^ ?	18:35
Daviey	It's not clear to me if it is the juju ssh key, or the maas ssh key failing	18:35
Daviey	if there is no maas ssh key, then it could be a hint that juju/zookepper has failed.	18:35
Daviey	(or not yet online)	18:35
SpamapS	lifeless: sorry I missed the context	18:35
Daviey	negronjl: can you confirm that there is an accurate ssh key in MAAS ui?	18:36
Daviey	attacking the problem by allowing maas to inject the ssh key AND juju inserting the same key makes much sense.	18:36
lifeless	SpamapS: we've now gotten everything seeming to run up, but juju status is whinging about the ssh key being invalid	18:37
SpamapS	raw ssh works?	18:38
Daviey	juju would be using the same ssh key as the laptop, so i can't imagine raw ssh would work	18:38
=== Aaton_off is now known as Aaton
* Daviey wonders if negronjl is using the laptop, rather than his own machine.		18:39
SpamapS	worth a try with ssh -v	18:39
Daviey	i'd rather negronjl validates the ssh key in MAAS ui first.	18:40
SpamapS	ok I still dont' know what I'm being asked. :)	18:40
* Daviey suspects it is null		18:40
negronjl	Daviey: I am using the ssh key in the maas server	18:40
negronjl	i have NOT put any ssh key in the maas server UI	18:40
Daviey	if the database has been reset since i last had my mits on it, it will be empty.	18:41
Daviey	you need to copy and paste the public key into the maas ui, under Pref's	18:41
negronjl	Daviey: ok ... let me try that ... brb	18:42
Daviey	... my hunch is that juju/zookeeper is borked.. and you can't get into it, as no key has been injected.	18:42
Daviey	negronjl: on a side note, did you update the local apt mirror?	18:43
negronjl	Daviey: no ... this is an isolated network	18:43
* lifeless hopes thats good :)		18:43
* negronjl too . It has the same archive as it did when it was "working"		18:44
Daviey	well, if it were me.. i'd have updated tto precise release.. curently it's pre-release archive	18:44
Daviey	negronjl: well, juju seems fragile in that snapshot.	18:44
Daviey	i'd hope that precise-release is more stable :)	18:45
lifeless	negronjl: so, you're adding the ssh key to maas and trying again I guess?	18:45
negronjl	Daviey: this experience has me second-guessing everything that i do fearing i may break more things ...	18:46
negronjl	Daviey: Do you think I should update the mirror ? If so, how ?	18:46
Daviey	negronjl: i don't blame you at all.	18:46
Daviey	negronjl: Lets see the current status.. juju destroy-enviroment .. add you key to the MAAS ui	18:47
Daviey	(your key == the laptop key)	18:47
Daviey	do a juju bootstrap.. so at least you can sanely get into the box	18:47
Daviey	then, if we hit the same problem again.. SpamapS will be a better person to help debug why juju has failed.	18:48
Daviey	(sorry SpamapS!)	18:48
negronjl	Daviey: did that already .. waiting on the node to come to life	18:48
Daviey	negronjl: cool	18:48
SpamapS	Daviey: no worries, I'm good at ignoring other peoples' problems	18:49
Daviey	hah	18:50
Daviey	negronjl: if i am not mistaken, the public key should be http://pb.daviey.com/ITE8/	18:52
negronjl	Daviey: it is	18:53
Daviey	negronjl: for /what to do/, get inspiration from /home/ubuntu/charms/timed-deploy.sh	18:53
Daviey	utils.py is really helpful	18:54
negronjl	Daviey: i have. It is useful indeed.	18:54
Daviey	negronjl: timed-deploy.sh was an effort to leave it in an install loop, bootstrap, deploy, teardrop	18:55
Daviey	teardown	18:55
SpamapS	hah	18:57
SpamapS	freudian slip?	18:57
SpamapS	the deploy does indeed bring tears to some peoples' eyes :)	18:57
Daviey	SpamapS: one of my servers is called teardrop, so automagic hangs :)	18:58
Daviey	s/hangs/hands	18:58
Daviey	damn, i need to EOD	18:58
negronjl	Daviey: thx for all of your help :)	18:58
Daviey	negronjl: I won't go just yet, but my typing suggests i should :)	18:59
negronjl	Daviey: ah .. ok ... well thanks for your help anyway ... and stick around to help some more :)	18:59
negronjl	The bootstrap machine is done.... juju status still hangs	19:09
negronjl	I was able to ssh into the box	19:09
SpamapS	negronjl: status may be hanging on zookeeper starting up	19:09
Daviey	with the ssh key in MAAS aswell?	19:09
SpamapS	sshd comes up before zk	19:09
negronjl	i see that /var/log/cloud-init-output.log has something about juju-admin: error: unrecognized arguments: --constraints-data=......	19:10
Daviey	right, but if the ssh public key came from the metadataservice,he should be able to directly ssh now.	19:10
Daviey	of crap	19:10
negronjl	SpamapS: zookeeper is running	19:10
SpamapS	negronjl: I bet you have an old juju	19:10
SpamapS	negronjl: dpkg -l juju	19:10
negronjl	node: 504	19:11
negronjl	maas server: 539	19:11
negronjl	that is not right :/	19:11
SpamapS	yeah but that should support --constraints-data	19:13
SpamapS	oh wait	19:13
SpamapS	node 504	19:13
SpamapS	yeah thats broken	19:13
SpamapS	negronjl: apt-cache policy juju	19:13
SpamapS	where did that come from?!	19:13
* SpamapS saw 504 and thought 540		19:13
Daviey	SpamapS: hapen to know off the top of your head what precise juju paa is?	19:14
Daviey	i want to rule out that it isn't usin that	19:14
SpamapS	juju should have 531	19:16
SpamapS	precise rather	19:16
SpamapS	0.5+bzr531-0ubuntu1.1 0	19:16
SpamapS	400 http://archive.ubuntu.com/ubuntu/ precise-proposed/universe amd64 Packages	19:16
SpamapS	0.5+bzr531-0ubuntu1 0	19:16
SpamapS	500 http://mirrors.kernel.org/ubuntu/ precise/universe amd64 Packages	19:16
negronjl	SpamapS: this does appear to now be a juju issue	19:18
negronjl	SpamapS: I see that "juju status" is trying to connect to the node but, it just hangs there .	19:19
negronjl	SpamapS: on the node, I do see juju.agents.machine and juju.agents.provision running	19:19
negronjl	SpamapS: I am also able to ssh into the node ( ssh ubuntu@<node> )	19:20
negronjl	SpamapS: any thoughts?	19:20
SpamapS	negronjl: apt-cache policy juju	19:21
SpamapS	negronjl: wherever that 504 came from, thats your problem	19:21
SpamapS	negronjl: its well before constraints landed, and your client is incompatible with that version entirely	19:21
negronjl	SpamapS: damn ... that means that I have to refresh my mirror	19:22
SpamapS	perhaps a very out of date mirror on the node?	19:22
negronjl	SpamapS: I need help doing that	19:22
SpamapS	negronjl: yeah get that mirror up to date, OR point your machine at it, and use the same client version	19:22
negronjl	SpamapS: got it. apt-mirror correct ?	19:23
SpamapS	no idea	19:24
SpamapS	I mean, thats likely	19:24
negronjl	SpamapS: no worries ... I found a script that does it for me ....	19:24
SpamapS	Daviey: ^^ can you help negronjl get the mirror updated?	19:24
Daviey	cool	19:26
negronjl	Daviey: I found a create-mirror.sh script in the maas-server.	19:26
negronjl	it seems to create the mirror	19:26
Daviey	negronjl: that is the one we used, yes.	19:30
negronjl	Daviey: running it now ... it needs to downlod 5.5G of data so, it will take a while ...	19:33
Daviey	cool	19:34
SpamapS	5.5G? ugh	19:51
SpamapS	negronjl: hopefully you're not doing that on conference wifi ;)	19:51
negronjl	SpamapS: nope ... this is an isolated network	19:53
negronjl	SpamapS: I am downloading everything that I need into the maas server .	19:54
negronjl	SpamapS: and spoofing archive.ubuntu.com so I can server it all locally.	19:54
=== vibhav is now known as Guest7599

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!