=== ejat- is now known as ejat [04:29] imbrandon: thats fantastic news about newrelic! [04:47] SpamapS: what news? [04:56] lifeless: http://www.brandonholtsclaw.com/blog/2012/free-newrelic-for-aws-and-azure/ [05:08] dude, like tons of VIPs showing up tonight at the downtown ( smaller ) airport :) [05:08] * imbrandon forgot the All Star game is only a day away, heh [05:22] lifeless: newrelic is a really nice example of a perfect subordinate charm. Just piggy backs onto PHP and/or others and makes it better [05:23] well.. measures it better anyway :) [05:23] * SpamapS is biased since they gave him a t-shirt :) [05:23] * SpamapS is trying out install roundcube from EPEL on a CentOS 6 box just to see how much more annoying the old way is than juju deploy roundcube [05:23] heh i have a t-shirt AND a book :) heh [05:24] they gave away "the lean startup" too at one time [05:24] ugh rpms' [05:25] SpamapS: you see this ? http://cl.ly/Htjg [05:25] ^^ my next blog-post will be featuring that i think [05:34] SpamapS: I knew what it was, didn't know it was made into a subordinate yet ;) [05:34] ahh yea, that was like the firast sub i made, like the day they landed [05:34] first* [05:42] lifeless: both the generic system monitor and the php version are in the official list and maintained by imbrandon :) [05:42] imbrandon: VERY nice on the installer [05:43] :) [05:44] imbrandon: NICE [05:44] bah [05:44] nice. [05:44] ECAPSLOCK [05:44] nice and tidy too, at under 100k uncompressed [05:44] :) [05:45] https://github.com/downloads/jujutools/jujutools.github.com/Install%20juju.zip [05:46] Hrm ok why won't dovecot log my auth failures.. :-/ [05:50] its not in authlog ? [05:57] can go binarys be staticly linked ? [05:58] e.g. if i was to redo that installer ( less than 100 loc ) in go, could i staticly link the binary so that i dont need to ensure the go runtime is on the osx box ? [05:58] wrong question [05:59] 'can go use shared libraries' - yes, if you try hard. [05:59] hrm ok i'll bite [05:59] hum not sure i follow worded like that but ok /me digs a little [06:00] its modelled after Google deployment requirements, which is single monolithic blob with no floating dependencies, to permit fine grained 'what rev was involved' in diagnosing failures. [06:00] ahh i think i see now [06:02] opinions vary on whether this is a good thing or a bad thing. [06:02] yea i'm thinking before i unleash it on the masses that python or go will be the way , the main reason i had waited a few days is its in umm ... php now :) [06:02] Its certainly very different to the general move to shared everything in the Linux space over the last 20 years ;) [06:03] ya but very similar to the apple world [06:03] thats how all apps are on apple, well 90% of them [06:03] everything needed to run the app, even full ruby or python runtimes are in the .app [06:04] they CAN use the system version but to be included in like the App store, the app must include even the runtime [06:04] yah [06:04] even python apps etc, so its very normal there [06:04] the linux world has been building up the value of the distro [06:04] for security fixes etc [06:04] yea [06:04] app stores push that back on the vendor, not the distributor [06:05] i totaly see both sides, has ups and downs [06:05] I don't think any distro has really understood that yet, not at a deep level [06:05] yea [06:05] a .app like thing for linux would be kinda cool [06:05] infact i think the .app spec its self actually can work [06:05] ala gnustep [06:05] iirc [06:06] just not done much [06:07] on apple it really shows with MacRuby, as there are alot of app store apps that use it [06:08] nice thing is its lightning fast compared to the normal ruby runtime tho so its a nice target VS learning ObjectiveC + coca [06:08] but its like 100+mb added to the .app [06:08] heh [06:12] ok, so back to the go, your saying that is the norm ? [06:12] lifeless: ^ [06:12] yes [06:12] but not 100mb :P [06:12] ahh :) nice ok that will make it easy then [06:12] its a bit stronger than norm in fact [06:13] as far as I know there still aren't shared libraries for go components themselves. [06:13] cool, i like that idea [06:13] but IMBW, if you use gccgo for instance [06:14] yea i noticed there was a gccgo infatc the newest XCode ( preview version for 10.8 ) has support for it [06:14] not looked into it tho [06:15] well this might be a good dip my toe in go then, since its likely to be a) used by others so i'll get feedback and b) its less than 100 loc in PHP so its a small project [06:17] i could always go hipster and write it in node :) hahaha [06:17] * imbrandon sticks with go [06:31] so ... func add(x int, y int) int { ... [06:31] the last int is the returned type ? [06:34] wtf is := [06:34] oh wow, this si going to be intresting ... [06:41] mmm gobomb [06:41] func main() { for { } [06:41] } [06:48] Goose! I feel the need, the need for speed ... [06:48] deb https://region-a.geo-1.objects.hpcloudsvc.com/v1.0/73450381287323/mirror quantal main restricted universe multiverse [06:48] :) [06:58] holly crap golang is hard to read, i thought that was one of the goals was to make the source readable [07:00] jcastro: btw i'm fairly certain the disk io is crap ... [07:00] # time ./mnt/scripts/mirror.sh [07:00] real 95m45.364s [07:00] user 0m30.710s [07:00] sys 2m14.328s [07:54] yaaay selinux just wasted another hour of mine [07:54] * SpamapS wonders if its worth knowing how annoying it is to run his IMAP server on CentOS [07:55] heh apt-get purge selinux && apt-get purge apparmor [07:55] ? [07:55] CentOS [07:55] doh [07:55] rm -rf / [07:55] And I want to use it "as it is intended" [07:55] :) [07:55] more about learning than having a rocking IMAP server [07:56] i hear ya [07:56] still sux [07:56] heh [07:56] selinux is denying roundcube (apache) from connecting to port 143 on ::1 and 127.0.0.1 [07:57] nice, use a 192 class a on a diff interface ? [07:58] oh and yea go is nogo for the installer, i started the boilerplate code and its more than the whole app is currently [07:58] it has nothing to do with the IP [07:59] apache is not allowed connect() at all [07:59] oh nice [07:59] well I take that back, its allowed 3306 [07:59] nothing below 1024 likely [08:00] dude, btw you see the 95m real above ? [08:00] or it may be dovecot protecting itself.. I can't tell yet because I don't understand selinux [08:00] do people even bother leaving it on? [08:00] i dont [08:00] honestly [08:01] AppArmor is prety straight forward [08:01] i figure thats what firewals are for, if there is malicious code ON my box, i'm already hosed [08:01] it squawks, you edit /etc/apparmor.d/something .. you move on [08:01] imbrandon: well thats a weak security model you're talking about, but as long as you accept that its fine [08:01] imbrandon: defense in depth requires that there be something beyond firewalls [08:02] well yea, but i dont run un sandboxed code either [08:02] there is more to it, but i find selinux more a pita than a help [08:02] as long as the other bits are in place [08:02] imbrandon: Yeah, PITA security is no security because it gets turned off [08:02] which selinux is about to here [08:03] right, esp with mail servers, should be no running of code there anyhow [08:03] external that is [08:03] Its a webmail server [08:04] and procmail runs some gnarly stuff for me there too :) [08:04] php-fpm is designed to run as a user [08:04] unlike before mod_php [08:04] so the web part is safe(er) [08:04] now procmail hehe [08:04] hrm yeah [08:05] not realy tho [08:05] mod_php never runs as root [08:05] so that bit is equal [08:05] right but it runs as www-data [08:05] and alot of times thats got far more permissions that a dedicated php user [08:06] thats pretty weak [08:06] its the falling point of many shared php setups :) [08:06] I see your point, but its really not a big deal or a reason to use fpm [08:06] shared PHP is the failing point of many shared php setups [08:06] hahaha true [08:07] in this day and age with several container technologies available... [08:07] yea, seriously :) [08:08] i just learned today that you can embed perl code into the nginx.conf files ... my wheels been spining on that one [08:08] suprised its not uses/abused more [08:08] used* [08:12] well perl or lua, but i never really _got_ lua, maybe because thats what World of Warcraft UI and addon's are coded in ( lua ) [08:15] SpamapS: ok if you wanted to in the simplest but fairly foolproof way to execute a shell script , wait for it to exit, then goto 10 ( e.g. loop continusly ) , what comes to mind, a small python wrapper mainloop run my upstart or ... [08:15] * imbrandon is drawning a blank but seems like this should be fairly simple [08:15] huh? [08:16] i want to exe a shell script over and over [08:16] but not before the last exe stops [08:16] run , wait for exit, run wait for exit, etc etc etc [08:16] while script ; do true ; done [08:17] hrm, yea see told ya i was being dumb [08:17] maybe do sleep 0.1 to keep it from going berzerk [08:17] right in front of me [08:17] heh yea [08:17] oh man [08:17] berzerk [08:17] just had an atari flashbac [08:17] hahaha [08:17] i LOVE that game, demon attack too [08:17] i can hear the little dudes lazers [08:18] dont hit the walls :) [08:18] dude your old ... hahaha j/k [08:19] yeah I'm old and I need to go to bed [08:19] but this is pissing me off [08:19] :) [08:28] * SpamapS gives up and reboots with selinux disabled [08:31] well that fixes basically everything [08:31] hah [08:31] *arg* [08:32] damn, except roundcube [08:32] heh [08:32] helps if you start the imap service [08:32] find a rails webmail ? [08:32] lol [08:32] * imbrandon runs [08:33] roundcube is great [08:33] I found it a while ago [08:33] yea it actually is, i used it use it pre gmail [08:33] very slick ui [08:34] I need webmail about once every 6 months [08:34] damn google owns everything ... heh [08:34] sup takes care of me otherwise [08:35] yea i use Sparrow or gmail web ui , more sparrow than gmail until reciently [08:35] no sparrow for Ubuntu :( [08:36] Keeping email in console has kept me more focused with it [08:36] less shiny things [08:37] yea i tried mutt a while back, then quickly went to pine/alpine ... then back to sparrow [08:37] sparrow is like iOS mail for the desktop, so its real sparce but great for multi accounts/unified inbox [08:38] sup is what you'd get if you married mutt to gmail [08:38] hehe :) [08:39] i never got used to the keybindings, kept doing crap wrong when i just wanted to write a email [08:39] heh [08:39] ( in mutt ) [08:39] pine worked out well due to the same keybindings as pico/nano [08:39] already muscle memory [08:40] sup has the gmail keybindings [08:40] but [08:40] its author has bailed [08:40] but no inline attachments and such kinda sucked for me, i get alot of screenshots and ui mockups in email [08:40] and there's no fork/resurrection [08:41] yeah if I didn't anything visual I'd probably go insane w/ sup [08:41] its ok if there is like 1 per email, but that never works out in reality [08:42] wow finally I think I can turn off my old centos 5 Xen after 6 months of procrastinating [08:45] heh [08:46] SpamapS: http://cl.ly/HwVE sparrow [08:46] looks very busy [08:46] I liked apple's regular mail client actually [08:46] I feel like Thunderbird has just been driving more toward working like it for the last year [08:47] its not good at multi account unified inbox, but actually apples iOS client is [08:47] and sparrow takes after that [08:48] also the faces and color coding is nice, but thats avail in the gmail web ui too [08:49] SpamapS: yea , alot of that too is i get ALOT of email , so its hard not to be busy [08:49] looking [08:50] I have about 4000 unread, unkilled emails right now [08:50] and I intend to 0 it all by noon tomorrow :) [08:50] ouch [08:50] i try to keep my inbox at 0 , the rest 0 be weeks end or they get killed [08:53] Yeah I got way behind last week [08:53] but sup is pretty damn efficient [08:53] so I expect I'll kill 75% of those threads quickly [08:53] :) [08:57] ok, not sleeping now would be foolish [08:58] * SpamapS bids the internets adue [08:58] gnight [09:01] morning all! [09:01] mornin :P === sanderj_ is now known as Sander^work [10:35] jcastro, video of juju talk at europython now up - http://www.youtube.com/watch?v=HlGDP92dlfY [10:35] ohhh /me goes to peep it out [10:40] imbrandon, enjoy my accent :-) [10:42] :) cant be worse than mine when excited heh [10:42] jamespage: btw you may like this, looks similar to what your using http://bholtsclaw.github.com/html5slides/templates/ubuntu/index.html [10:43] hahaha and i wrote the php one ( just got to that part ) :P [10:44] imbrandon, nice [10:44] I know who to blame now :-) [10:44] :) [10:47] jamespage: http://bazaar.launchpad.net/~imbrandon/charms/precise/nginx/trunk/view/head:/hooks/lib/install [10:47] * jamespage shudders [10:47] lol [10:47] heh [10:47] :) [10:48] is quite nice once abstrated like that heh [10:48] reminds me - I'm mid review on that one [10:48] must complete this week [10:48] :) i just merged the only other thing that was in the queue [10:48] a few minutes ago [10:49] jamespage: btw if you did not see http://www.brandonholtsclaw.com/blog/2012/free-newrelic-for-aws-and-azure/ [10:49] imbrandon, just ready [10:50] cool, okies foooooood brb :) [14:53] adam_g: whoa cool, new incoming charm, RIAK! [14:53] adam_g: it's your week this week btw. [15:12] Mmmmm Riak [15:31] the riak charm looks nice; curiously in the juju tests, riak is the standard peer service we use there (all dummy of course) [15:42] I'd be willing to bet that juju's peer relations are not sufficient to do it fully automatic [15:43] without some kind of "leader" election ability, it just doesn't work. [15:43] SpamapS, agreed, really need to add that functionality [15:43] ceph suffers from this too [15:43] almost having it is sadly not sufficient [15:43] hmm.. not sure if riak needs that [15:44] the only answer is to deploy the first node as one service, and then a second service for all the rest [15:44] i ended up using riak in the tests for all peers, because its nice [15:44] hazmat: you're back at work this week? [15:44] jcastro, i am [15:44] hazmat: does it have its own ability to sort out which of the known nodes bootstraps the data store? [15:44] hazmat: excellent ... hey so .... openstack provider ... *whistles* [15:44] hazmat, riak does its own leader election (or otherwise just works)? [15:45] jcastro, its also our first upstream nosql charming [15:45] yep, I noticed that too [15:45] hopefully the review goes smooth and I can send them shirts soon. :) [15:45] looks like they don't have an https source either. :-/ [15:46] SpamapS, as long as they all agree on the ring name and know each others addresses [15:46] SpamapS, dunno [15:47] jcastro, my only concern when i looked at the codebase is that the readme.md was really just a stub [15:47] but i didn't do a full review [15:47] hazmat: the problem I've run into with a few of the services is that they need a few bootstrap things to happen only one time... [15:48] hazmat: the only answer has been to just not add-unit until that is done. [15:48] SpamapS, which is not a very good answer [15:49] agreed [15:49] with the MPI charm I tried to make, I just have a 'master' service and 'slave' service. [15:50] and I think I'll do the same w/ ceph [15:50] it works, but it sucks because it makes that one special === zyga is now known as zyga-afk [16:06] hazmat: hey so ... openstack provider. :) === salgado is now known as salgado-lunch [16:18] jcastro, virtual sprint atm [16:18] jcastro, but noted [16:18] hazmat: ah ok, no worries then [16:26] jimbaker: looking forward to your talk next week :) [16:39] bkerensa, thanks :) [16:40] are you a jython user by chance? or simply curious about the capabilities of the jvm? [16:42] jimbaker: simply curious :) [16:43] bkerensa, sounds good to me! [16:44] 'morning all [16:47] negronjl, good morning! [16:47] jimbaker: 'morning === salgado-lunch is now known as salgado [17:06] hey so is the verbosity of the ec2 and s3 api calls being not authenticated necessary? [17:15] jamespage: etherpad-lite works great, thanks for the look. [17:15] I think I'm going to demo this one [17:26] Hey all. I found the "ubuntu" charm very helpful for a project I'm working on, but not having it available in the charm store is a bummer. Any chance of getting it back in there? [17:27] benji: it's a problem with the store, someone is investigating, but yeah, I find that I would love to use it more and more [17:27] jcastro: its a bit more verbose than it should be. There's an open bug to resolve that.. [17:27] benji: it's like a great "I need an ubuntu server now" command [17:29] jcastro: exactly; we're using it to run integration tests for some software that wants to make system changes and it is great to be able to conjure up a fresh box to run them on [17:29] jcastro: bug 1012497 [17:29] <_mup_> Bug #1012497: Juju should only give security warnings on bootstrap < https://launchpad.net/bugs/1012497 > [17:29] SpamapS: taa [17:29] SpamapS: yeah I am just concerned during demos it spams the console [17:30] jcastro: it only does that when you're doing things unsafely [17:31] I am doing things default-y [17:31] jcastro: and I hope in the Go version we'll change the default of ssl-hostname-verification from false to true. [17:31] unless I am missing something in my config? [17:31] perhaps even in pyju since we're moving toward "0.6" [17:31] jcastro: if you create a new environments.yaml, it adds 'ssl-hostname-verification: true' [17:32] jcastro: and yes you have forgotten to specify ssl-hostname-verification. :) [17:33] wow, you sent the mail in april [17:33] I've been bad [17:33] jcastro: it should have been accompanied by a docs update. I don't know that the docs even have ssl-hostname-verification mentioned [17:34] nope [17:34] it does not according to a google search [17:35] and not in docs source [17:35] yes, that definitely would be a good thing to add [18:43] jcastro: done. r53 :) [19:15] and fixed formatting, r54 ;) [19:30] ok so I made a new juju video [19:30] that is easy and explains what we are [19:30] chopping it up now and editing it .... [19:30] we [19:30] are [19:30] SPARTA!!!!!!! [19:32] that's quite the image i now have for the new juju video ;) [19:52] hi all, am I the only one with issues with the css on juju.ubuntu.com? [19:53] http://d.pr/i/B4zv http://d.pr/i/iove [19:53] no [19:53] its under investigation [19:54] cereal_bars: ^ [19:55] aok, great :) === salgado is now known as salgado-afk [21:38] SpamapS: hazmat: so with jitsu+juju+maas, is it possible to deploy a service to the bootstrap node...or does that cause a paradox thrusting me back in time [21:43] robbiew: I think the deploy-to command hazmat wrote can do that [21:43] SpamapS: yeah, I mean I used it already...just wasn't sure if the bootstrap node was "special" [21:43] guess there's one good way to find out! :P [21:44] its only special because zookeeper runs there [21:44] yeah [21:44] so just don't deploy zookeeper to it ;) [21:44] lol [22:03] robbiew, its not [22:04] er. 'local' or deploy-to works for that case [22:04] coolio [22:55] SpamapS: how did the nginx-proxy relations look ? had a chance ? [22:56] imbrandon: I did not. Looking now. [22:56] cool cool [22:57] imbrandon: they look simple enough. What is http-proxy though? [22:57] imbrandon: shouldn't that also just be http ? [22:58] well i guess, thats kinda what was messing me up [22:58] so the website relation should only fire when new lets say wordpress to make this easy [22:58] imbrandon: proxies will almost always require/provide the same thing unless they are a translating proxy [22:58] get related [22:59] so my upstream loop will add wordpresses pub ip's the way its setup and ignore other nginx-proxies [22:59] right [22:59] ? [22:59] imbrandon: yeah, you probably want to use just changed/departed/broken there btw, joined is a bit irrelevant since you're not doing any relation-set's [22:59] yea gonan symlink them [22:59] gonna* [22:59] imbrandon: also broken is tricky because relation-get doesn't work anymore [22:59] oh [23:00] imbrandon: the trick is to name any state files using $JUJU_RELATION_ID [23:00] so you can rm -f /etc/nginx/conf.d/$JUJU_RELATION_ID* on broken [23:00] well relation id is set in common [23:00] and service name [23:00] relation-list also doesn't work in broken [23:01] and broken is what is called when somebody does 'remove-relation' or 'destroy-service' [23:01] doh, so much for symlinking then [23:01] imbrandon: you can do the symlink thing if you do a full-regen every time, which you appear to do [23:01] yea [23:01] based on the template [23:01] imbrandon: you just need to loop over all the relation-ids too [23:02] since in theory you might want to proxy to multiple backends [23:02] right, well thats what the units do [23:02] i thought [23:02] (this is where we need some new fields in the http interface so you can identify a frontend hostname, btw) [23:02] or did i miss something [23:02] you can have multiple collections of units related to one relation [23:03] ohh [23:03] well not really [23:03] they would serve diffrent content [23:03] that cant happen [23:03] for relation in `relation-ids` ; do for unit in `relation-list -r $relation` ; do relation-get -r $relation - unit ; done ; done [23:03] They might serve different content.. [23:04] but how would you select it without knowing the Host: header to choose? [23:04] hence my point.. http needs a new field [23:04] roght thats why there is only one block [23:04] right, so you can just say "behavior is undefined with multiple relations to website" [23:04] it needs to assume that they all serv same [23:05] right [23:05] well that was my thinking , adding something like that to the readme [23:05] that all relations need to serve the same content [23:06] so you could stick say 4 instances of summit behind it [23:06] or whatever [23:06] So yeah, in that case, since you're writing everything to the default site, you need to regen all relations, not just all units [23:06] I do think at some point relations will need a 'max relationships' spec of some kind so you can say 1 or many. [23:07] not sure i see what you mean then [23:07] since it makes no sense to give wordpress two dbs [23:07] what does all relations give me vvs all unity [23:07]