/srv/irclogs.ubuntu.com/2012/09/26/#maas.txt

smoserbigjools, roaksoax were you discussing the api creds for commissioning environment?00:36
smoseror how we should make ipmi calls home00:36
smoser?00:36
bigjoolssmoser: we didn't, just talked about packaging00:37
bigjoolsAFAIK commissioning already posts back to the metadata service, so is there any reason we can't extend that api to handle power details?00:37
smoserit just seems like a patch to me00:38
smoserbut, no. other than that no reason.00:38
smoserie, a simple fix for "here, you can update *this* token of information"00:39
smoserwhich will later be extended with "and *this* token too"...00:39
smoserbut i do agree that it is the simplist "right now" fix00:39
bigjoolsindeed00:53
=== matsubara is now known as matsubara-afk
smoserbigjools, is htat something you can have soon ish ?01:11
smoserie, like so that roaksoax and i can bang on fleshing it out tomrrow?01:11
bigjoolssmoser: sure, I'll get it done in a few hours01:12
smoserthank you. you rock.01:12
bigjoolssmoser: any special requirements?01:12
bigjoolsother than "I want to set power parameters"01:12
smosernah. we just need to be able to call home with that info from the commissioning envrionment.01:12
smoseri'll probably just extend the hackish client tha tis sent down in user-data right now.01:12
bigjoolssmoser: is it ok to do it in the existing "signal" call? or do you want a separate one?01:13
smoserwell, signal is easier01:13
smoserbut just seems more hackish :)01:13
bigjoolsyeah :)01:13
bigjoolsalso, what's the plan for powering up enlisted nodes?01:13
smoserwell, dont know.01:14
smoserDavieys' idea was reasonable.01:14
smoserin enlistment you'd (at least in an otion) sit and wait for "ready"01:14
smoserie, poll on the server "am i ready for commission?"01:14
smoser...01:14
smoserand then when you are, reboot01:14
bigjoolsit was, but it wasn't liked by a certain person01:14
smoseroh.01:15
smoserhm..01:15
smoserwell, then.01:15
bigjoolsyeah01:15
smoserth eonloyy other hting is to call home in enlistment01:15
smoseronly other thing01:15
smoserwhat other options do we have?01:15
smosereither a.) not power off01:15
bigjoolscan existing power params be discovered without changing anything in enlistment?01:15
smosermaybe01:15
smoserroaksoax, would know more01:15
smoserwe can poke01:15
smoseri really have to run01:15
bigjoolsthat's what I always assumed would happen01:15
bigjoolsok, cya01:15
roaksoaxbigjools: during enlistment we can't01:56
bigjoolsroaksoax: :(01:56
roaksoaxbigjools: unless you give that unauth access :)01:56
bigjoolsroaksoax: why doesn't the enlistment env have the creds?01:57
roaksoaxbigjools: the power settings are under a NodeAdminForm validation,01:57
bigjoolsit's the same env as commissioning AFAIK?01:57
roaksoaxbigjools: I don't think it would make sense to send admin creds during enlistment01:57
bigjoolstrue01:57
bigjoolsso two things:01:57
bigjools1. you *can* detect existing power params in enlistment?01:58
bigjools2. we can change the enlistment api to take power params01:58
roaksoaxbigjools: i can do that and I always wanted that01:58
bigjoolsso, let's do it :)01:58
roaksoaxthat's my personal preference01:58
roaksoaxbigjools: however, Daviey and smoser saw better usage of those in commissioning rather than enlistment01:59
roaksoaxsmoser: ^^01:59
bigjoolsthat will complicated the existing setup01:59
bigjoolscomplicate*01:59
roaksoaxah he is gone01:59
bigjoolsDaviey wanted to leave the node powered up and poll02:00
roaksoaxbigjools: you'll have to talk to Daviey on that regards02:00
bigjoolsbut that was disliked...02:00
roaksoaxyeah well02:00
roaksoaxbigjools: the idea behind doing it during commissioning is that commissioning is the step were all the configuration is being made02:00
roaksoaxenlistment is all about discovery02:00
roaksoaxso while auto-detecting IPMI is also discovery, we also might need to do setup02:01
roaksoaxso that's why it was preferred to be in commissioning rather than enlistment02:01
bigjoolssure02:01
bigjoolsso does this mean that we can't reliably auto detect power params in enlistment?02:02
roaksoaxneedless to say, my personal preference has always been in enlistment due to the fact that once we click on "Accept&Commission" the nodewill be turned on automatically02:02
roaksoaxbigjools: *personally* I'd love it to have it done during enlistment02:02
bigjoolswell if it can be done, I don't see why we don;t just do it02:03
roaksoaxbigjools: that's why I explained the reasons above02:03
roaksoaxbigjools: you should really discuss this with Daviey :)02:03
bigjoolsit will be the minority use case because most people will use some sort of discovery module to poke in new nodes on the api02:03
bigjoolsroaksoax: I will!02:03
bigjoolsI did already in fact but I'll revisit02:03
bigjoolsso roaksoax, do you have more time to talk packaging?02:04
roaksoaxbigjools: so if we are going to have unauth access for enlistment, we might aswell have an aunauth mehotd for power settings on an update02:04
roaksoaxso we can do it in commissioning02:04
roaksoax(at least that's what could be argued)02:04
roaksoaxbigjools: and yes... I'm taking a break from homework :)02:04
bigjoolsheh, ok02:05
* bigjools back in 2 mins02:05
roaksoaxk02:05
bigjoolsback02:08
roaksoaxbigjools: ok, shoot :)02:09
bigjoolsroaksoax: so the upgrade scenario02:10
bigjoolsI moved the massive postinst from maas to maas-region-controller02:10
bigjoolsthat will probably break it02:11
roaksoaxbigjools: ok, that needs to be cleaned up, and i think some stuff should be passed to maas-cluster-controller02:11
roaksoaxyeah02:11
bigjoolswell I imagine post if it heads back to maas?02:11
bigjoolsmost of*02:12
roaksoaxwell there's upgrade stuff that i think it is not longer needed02:13
bigjoolsok02:13
roaksoaxi need to evaluate that though02:13
roaksoaxbigjools: btw: I think this is missing, though I don;t like having to symlink that config in maas-common http://paste.ubuntu.com/1227767/02:13
bigjoolsall the stuff comparing versions will fail02:13
roaksoaxbigjools: not really02:14
bigjoolswell maas-region-controller won't have ancestry02:14
bigjoolshow can it compare?02:14
roaksoaxbigjools: it won't be run02:15
roaksoaxbigjools: becuase it is a first install of that binary package02:15
roaksoaxso it enters as a new install02:15
roaksoaxnot an upgrade02:15
bigjoolsexactly my point :)(02:15
roaksoaxbigjools: so when we install, it will run this: if [ "$1" = "configure" ] && [ -z "$2" ]; then02:16
roaksoaxright?02:16
roaksoaxso it will do initial configuration of everything02:16
bigjoolsyep02:16
roaksoaxbigjools: when we upgra maas-region-controller, it will run this: elif [ "$1" = "configure" ] && dpkg --compare-versions "$2" gt 0.1+bzr266+dfsg-0ubuntu1; then02:16
roaksoaxbigjools: which is where the comparing version stands02:17
roaksoaxso big part of that I think might no longer be needed02:17
roaksoaxi just need to make sure it's not before I drop it completely02:17
roaksoaxi had in mind dropping most of it anyway02:17
bigjoolswill this break:02:20
bigjoolselif [ "$1" = "configure" ] && dpkg --compare-versions "$2" gt 0.1+bzr266+dfsg-0ubuntu1; then02:20
bigjoolsah should be ok02:21
bigjoolshowever02:21
roaksoaxit will be ok02:22
bigjoolsI still think upgrading from 12.04 will break since it'll think it's installing from scratch02:22
bigjools(pushed up your last diff)02:22
roaksoaxbigjools: no wont break, it will simply install everything as if it was new02:22
bigjoolsso why are there postinst sections comparing versions then?02:23
bigjoolsie a special upgrade case02:23
bigjoolsor are you saying that install from scratch will work even if there's an existing DB etc?02:24
roaksoaxbigjools: cause for example, we were upgrading from package XYZ to ABC, and ABC needed W to be configured, but since XYC didn't have it, we need to configure it in upgrade02:24
roaksoaxbut we don't need it if we are upgrading from ABC02:24
roaksoaxbigjools: yeah it won't install a new DB, i think it will just change the password02:25
bigjoolsthat's not useful :(02:25
roaksoaxbigjools: it will change the psasword and update the config files02:25
roaksoaxbigjools: so it should be good02:25
roaksoaxbigjools: i'll have to test it TBH02:26
roaksoaxbigjools: if you wnat, do this. Push a package to a PPA< fire up a cnaonistack instance. install maas and upgrade from that PPA02:26
roaksoaxand see what happens :)02:26
bigjoolsroaksoax: ok :)02:26
bigjoolsI'll build something in the testing PPA02:27
bigjoolscould do with a cow image with maas installed on 12.04, would speed things up02:27
roaksoaxbigjools: not maas-maintainers/testing please :)02:27
bigjoolsroaksoax: bah spoilsport :)02:27
bigjoolsmaas-maintainers/experimental then02:28
roaksoaxbigjools: i have sabdlf's lab using MAAS from maas-maintainers/testing02:28
bigjools!02:28
bigjools /o\02:28
bigjoolsroaksoax: I'd be tempted to make a ppa called sabdfl-garage!02:28
roaksoaxhe wnaqted to test the quantal stuff I think02:28
roaksoaxlol02:29
bigjoolsdeadly serious02:29
roaksoaxhehe but that's simplyt latest trunk02:30
roaksoaxpre-package split02:30
roaksoaxalright i'm off for the night02:38
roaksoaxnigth02:38
bigjoolsroaksoax: ok thanks for the help02:39
bigjoolsI'll test and let you know results02:39
bigjoolsroaksoax: oh if you are still there ...02:39
bigjoolsis there an easy hack to make get-orig-source automatically use my local trunk instead of lp:maas ?02:40
roaksoaxbigjools: uhmmm you could simply package your local branch02:41
bigjoolsI just hacked rules for now but it'd be nice if you could set an override02:41
roaksoaxbigjools: I don't know TBH how to override it easily02:42
bigjoolsno worries02:42
bigjoolsgo to bed :)02:42
roaksoaxbigjools: i wish I could go to bed02:42
* roaksoax doing homework02:42
bigjoolsah those days ...02:43
roaksoaxyeah!! can't wait them to be over :)02:43
jam_rvba, allenap: (when you wake up) I'd like to add a test that if you update a tag with invalid data, the transaction is properly aborted, and the data stays consistent.07:25
jamI was able to manually do transactions in a test by inheriting TransactionTestCase07:26
jamhowever, for an API test, the transactions are done by the middleware07:26
jam(which seems to handle everything is committed or nothing on a single API request.)07:26
jamis it reasonable to just skip that test and assume the transaction works properly?07:26
jammaybe jtv ^^07:26
jtvhi jam07:27
jtvBy "invalid data" here you mean malformed data?07:27
jamjtv: the Tag definition field needs to be a proper XPATH string.07:28
jamwe currently validate that at the point where we go around updating the nodes that match the tag07:28
jtvBy the way, the regular test case turns commit() into a no-op and probably abort() as well.  I guess there are probably other ways to establish that changes have been aborted.07:28
jamand I want to make sure that we don't mutate any nodes => tag associations.07:28
jtvYou're keeping the tags as a field on the node?07:29
jamjtv: in test_api.py if I do a POST with invalid data, I either: get an uncaught DatabaseError, or I catch that in my TagHandler, and raise ValidationError. If I raise VE, then I can't 'reload_object()' because the DB is in 'I want you to rollback' state.07:29
jamjtv: we have a node_tags table07:29
jam(many to many)07:29
jtvAh good07:30
jtvjam: by "invalid data" here, you mean malformed data?07:30
jamjtv: right, the user tries to update a tag to a definition that is improperly formed.07:30
jamsyntactically invalid, I guess.07:30
jtvYeah, malformed.07:30
jam'/node/foo' is valid XPATH, 'node@id=bar' is not.07:30
jamnode[@id=bar] is the proper syntax, etc.07:31
jtvI'm asking just because I'm not too familiar with the details, so there might conceivably be other notions of validity.07:31
jamSo I *could* do LBYL and do a check that the syntax is valid before I do any further work.07:31
jamBut it feels YAGNI, vs just doing the work and assuming if there is a problem it will get rolled back.07:31
jtvLBYL?07:31
jtvAh07:31
jtvnm07:31
jamLook Before You Leap07:31
jtvAgreed -- the database does exactly what you want here, might as well build on that.07:32
jam(Right now to update the node <=> tag association on new definition, I delete all the old values, and then repopulate with new values)07:32
jamjtv: so the question is, the testing infrastructure doesn't have TransactionMiddleware running (that I can tell)07:32
jamwhich is where the real API is getting transaction + rollback.07:32
jam(AFAICT)07:33
jtvNasty idea for a test: store some malformed data, attempt trivial database access, verify that it fails.07:33
jamjtv: self.assertRaises(DatabaseError, reload_object, tag) ?07:33
jtvFor example!  Just as long as there is no doubt whatsoever that the test won't have affected the object.07:33
jtvYou could also assert that Node.objects.all().count() fails.07:34
jamjtv: well, I have *another* test which goes directly to the Tag attributes, and does the transaction logic itself.07:34
jamthe real key is if somone removes TransactionMiddleware, I don't have a failing test.07:34
jamand potentially get inconsistent data in the DB on posting invalid definitions.07:34
jtvAnd the test does remove the middleware, because it stubs out commit/abort and runs its own transaction.  Gotcha.07:35
jtvHmm.07:35
jamI don't know if we have any tests at a higher level (Selenium-ish) that runs the real server and we can poke at.07:36
jamLike maybe something for diogo?07:36
jtvActually, isn't it enough to test that malformed data raises a database error?07:36
jtvOf course if somebody makes database changes prior to the insertion _and_ someone takes away the transaction management, YASEF.07:37
jamjtv: well, we already mutate the db before we find the error07:38
jtv:(07:38
jamtag.node_set.clear()07:38
jamfor node in raw("""xpath_query""): tag.node_set.add(node)07:38
jamjtv: hence the 'I could LBYL' and issue a semi-bogus query07:39
jamlike 'raw("""xpath_query(%s, <dummy />)""")'07:39
jtvOr document in big letters that nobody should take away transaction management.  It seems a silly thing to do at any rate.07:39
jamjtv: I agree it would be silly to switch to autocommit.07:40
jtvSo testing for this does feel a bit like checking your car for seatbelts: it's sort of a static shared assumption.07:41
jamjtv: well, it is a bit of "I'm definitely assuming X, can I test that X is still present"?07:46
jamjtv: and as for seatbelts, there are lots of places I've been that don't have them (taxis tend to tuck them under the seat in many countries I've visited)07:46
jtvThe way django is designed, I see neither a good way of setting it in stone nor a good way of testing it.07:46
jtvI deliberately spoke of "your" car, not a taxi -- some drivers here cut them off.  :)07:47
jtv(And yes, I'm making some guesses there)07:47
jam:)07:47
jamjtv: I imagine pull it down so the bell doesn't ring, and then cut it off?07:48
jtvDon't know.  It's not something you ask about, or try for yourself.07:48
jtvThey may point out that you don't need them, since they have all the proper talismans and statuettes.07:48
jtvLeading cause of blindness resulting from vehicle accidents, apparently.07:49
jtvIf you do get one of those in your eye, people will probably tell you how lucky you are -- without the Ganesh statue you'd probably have been killed in the accident.07:49
jamInterestingly, this last year in the US, suicide overcame car accidents as the leading cause of accidental death (not counting health issues, etc)07:50
jtvSuicide is counted as accidental death?  I had no idea the country's problems ran _that_ deep.07:51
jtvI mean, no wonder the financial system collapses with that kind of accounting.07:52
jamjtv: 'injury related death'07:52
jamhttp://vitals.nbcnews.com/_news/2012/09/25/14101794-suicide-now-kills-more-americans-than-car-crashes?lite07:52
jtvJokes aside, it's shocking.07:52
jamnot 'accidental'07:52
jamsure, though car accidents killed something like 40,000 people, but heart disease kills about 600,00007:54
jtvI guess nobody there worries much about terrorism any more then, if more Americans get killed by themselves than by terrorism?07:54
jamjtv: I've read a lot of Schneier, and worrying about terrorism is stupid (but publicly funded) in the US.07:54
jamI think more people die to pigs than to terrorism.07:55
jtvIs that the little table at the beginning of the book?07:55
jamjtv: something like that I think. I know more people die to pigs than to sharks, which was in that table.07:55
jamThe bit I read was that the US has an official policy that if a death rate is more than 1:1Million, then it is worth doing something about it. And even in 2001 it didn't reach 1:1M death rates due to terrorism.07:56
jambut we sure spent a lot of money on it.07:57
jammorning mgz08:05
jammgz: I'm guessing you missed the cat with myself and j-t-v about testing the transaction logic. Want to do a quick standup on Mumble before we join red squad?08:08
melmothstoopid question of the day: when i pxe boot a node, what is the difference between the "enlist" and the "local" choice ?08:15
dannfenlist will register it into maas' database - local will tell it to boot from the local disk08:26
dannfmelmoth: ^08:26
melmothok. thanks.08:27
melmothi felt it was this, but was surprise to see my node enlisted when choosing local (but this is because there was nothing on the drive, so it pxe boot anyway)08:27
mgzjam: sorry, missed the poke, will read log later08:34
jamnp08:35
jamwe can chat after the standup, too08:35
jammgz: I'm back on mumble when you get back to your machine :)08:43
mgzmigration complete :)08:45
mgz's one way of getting exercise in the morning...08:45
melmothgrumble.. hitting one problem i had lots of time.. once a node has booted, its name is note resolbable08:49
melmothand the entry in /var/lib/misc/dnsmasq.leases for its mac mention "ubuntu" instead of its name08:50
melmothany idea what to do when one is experiencing this ?08:50
melmothohh, this time, restarting dnsmasq and rebooting the node seems to have "fixed it".08:52
jammgz: so what did you think about the tests I put up? (I imagine you are currently away at lunch?)11:54
mgznearly but not quite11:57
jammgz: https://code.launchpad.net/~jameinel/maas/tags-exposing-nodes/+merge/12643812:11
rbasakDaviey, roaksoax: ping. I've just realised that maas-enlist is going to need to send MAAS the subarchitecture for ARM support, eg. armhf/highbank instead of armhf. This will need an SRU to 12.04. Currently it uses architecture=armhf, but changing this would break old MAAS installs. So I think I need to add architecture=armhf&subarchitecture=generic, which should work. MAAS doesn't seem to complain about extra fields. Thoughts?12:18
rbasaker, architecture=armhf&subarchitecture=highbank, or architecture=amd64&subarchitecture=generic12:18
rbasakFor backwards compatibility new MAAS can just assume subarchitecture=generic if it is not specified12:18
Davieyrbasak: I actually thought we were sending the subarch!12:19
Davieyrbasak: so i agree with that direction, and thought it was done12:19
rbasakOddly, no. archdetect returns the exact string we need ("$arch/$subarch")12:19
rbasakIt's a shame maas-enlist filters out the second component!12:19
Davieyyeah12:20
rbasakIt currently does arch=`archdetect | cut -d'/' -f1`12:20
rbasakAnd I can't cut that out, since then older MAAS installs will use a more recent SRU'd maas-enlist and then break12:20
rbasakI'll just have to add a whole other field12:20
rbasakDaviey: will the SRU be OK?12:21
Davieyrbasak: ideally... we do this IMO.. If it doesn't post the subarch, server-side assumes generic12:22
Davieyand SRU in conjunction.12:22
rbasakDaviey: and to confirm, you mean subarch in a separate field?12:22
Davieyrbasak: I don't know.12:23
rbasakok12:23
* rbasak has filed https://bugs.launchpad.net/ubuntu/+source/maas-enlist/+bug/105681612:26
ubot5Ubuntu bug 1056816 in maas-enlist (Ubuntu) "maas-enlist does not post subarch" [Undecided,In progress]12:26
=== matsubara-afk is now known as matsubara
smoserrbasak, dailies should show up in the next hour or so12:57
rbasaksmoser: awesome. Thank you!12:57
smoserboth quantal and precise.12:57
smoserqemu-arm-static is freaking slow.12:59
smoseramazing.12:59
smoserbut slow13:00
smoserhttps://maas.ubuntu.com/images/ephemeral/daily/precise/20120924/13:21
rbasakrvba: having some piston trouble with the subarch stuff. I'm trying to add a subarchitecture= field to the api that maas-enlist calls. Except that it doesn't seem to work because it's tied a model so ignores any extra fields. http://paste.ubuntu.com/1228451/13:28
rbasak(or at least I think it's why)13:28
rbasakany ideas?13:29
mgzrbasak: is your subarch branch up anywhere yet? just want to see what you've changed for the constraint13:32
rbasakmgz: I haven't touched the constraint yet13:34
rbasakstill figuring out how the whole thing will work13:35
rbasakI think I've got most of the pieces except this problem with maas-enlist13:35
mgzrbasak: I can do that then if you tell me what the architecture field will contain13:35
rbasakmgz: it'll be armhf/highbank, armhf/armadaxp, i386/generic or amd64/generic13:35
rbasakand these strings shoudl be available as ARCHITECTURE.i386, ARCHITECTURE.amd64, ARCHITECTURE.armhf_highbank, etc13:36
rbasak(from maasserver.enum)13:36
mgzrbasak: thanks, I'll put sometime like that up for consideration13:36
rbasakbut maas-enlist is usingi an API that is heavily tied to the node model13:36
rbasakAnd since I'm not adding a subarchitecture field to node, this is being a massive pain for me13:37
rbasakpiston doesn't seem to support additional fields that aren't in the model, unless I'm missing something13:37
rbasak(I hope I am)13:37
_rvbarbasak: Looks like you're manually changing query_data['architecture'] so it should be ok… what's the error exactly?13:53
rbasakPiston/0.2.3rc1 (Django 1.4.1) crash report: Method signature does not match. Resource does not expect any parameters.13:54
rbasak(across multiple lines)13:54
rbasakcreate_node never gets called13:54
rbasakBut only if I have a subarchitecture key in the POST data13:54
rbasakWIthout it, everything works normally13:54
rbasakTHe only place that seems to define allowed fields is the fields tuple, and I've added subarchitecture to that13:54
_rvbaLooks like the request does not get properly routed if subarchitecture is there.  Which is weird.13:54
rbasakSo the only other thing I can think of is that it's tied to the Node model, and that doesn't define subarchitecture13:54
_rvbacreate_node should be called even if the form has a problem with what's in request.data.13:55
rbasakI don't think it's the form with the problem13:55
rbasakI think it's piston13:55
_rvbaPiston does not do much.  I don't see how it can get in the way.  I think it's simply hiding the error.13:56
rbasakI raised a ValidationError in create_node to check13:57
rbasakIt gets raised and I get its output over HTTP if I don't use subarchitecture13:57
rbasakWHen I use subarchitecture I get this other error instead13:57
rbasakSo I'm certain that create_node never gets called if subarchitecture is set13:57
rbasakTHe problem has to be in the new method or in piston13:57
_rvbaCan you paste the result of 'bzr diff'?  I'll have a look.13:58
rbasakI'm working on top of my highbank patchset13:58
rbasak_rvba: https://pastebin.canonical.com/75335/ should bring you up to where I am, but it does include other patches14:02
rbasak_rvba: they shouldn't affect this issue though14:02
_rvbarbasak: sorry to be thick but how can I apply that kind of patch to my tree?14:07
rbasakrvba: sorry. Use patch -p114:07
* rbasak finds it a bit bizarre that bzr uses -p014:07
_rvbaThanks.14:08
_rvbarbasak: what's the failing test?14:08
rbasak_rvba: I don't have one / haven't tried tests14:08
rbasak_rvba: the problem occurs when I actually fire MAAS up and try and enlist with a patched maas-enlist14:09
rbasak_rvba: I'll see if I can add an appropriate test. Looks like it shouldn't be too ahrd14:10
_rvbarbasak: ok, let's see if I can recreate your problem by modifying an existing test.14:11
smoserjtv, around ?14:13
jtvhi smoser14:13
smosermaas daily ppa yesterday successfully wrote a dhcpd.cofn file.14:13
smoserbut that seems broken now.14:13
jtvYeah, Julian and I went over some problems earlier14:14
smoserso it was knowingly broken?14:15
smoserit worked yesterday14:15
jtvNot knowingly, but we saw breakage and fixed it.14:15
jtvAlthough...14:15
_rvbarbasak: '/'.join('b','a') is not correct.  '/'.join(['b','a'])14:15
jtvAh yes, smoser: I remember now -- the dhcpd.conf wasn't being written for a very different reason than the other problems.14:15
smoserbut it was being written yesterday.14:16
smoseri'm almost certain.14:16
jtvThe task to do so never arrived at the cluster controller, because of changes in routing.14:16
jtvThose routing changes are very recent.14:16
jtvAnd difficult to get entirely right without some trial and error.14:16
_rvbarbasak: that's in http://paste.ubuntu.com/1228526/.  Also, if '/' in given_subarch blows up if given_subarch is None.14:16
rbasak_rvba: ok, I'll fix that and retest14:17
rbasak_rvba: but I don't think it's getting that far anyway. Let me see...14:17
rbasak_rvba: urgh. Looks like it is14:18
rbasak_rvba: sorry14:18
mgzmy new api test case if failing with a 400 response and this text:14:26
mgzPiston/0.2.3rc1 (Django 1.4.1) crash report:14:26
mgzMethod signature does not match.14:26
mgzResource does not expect any parameters.14:26
mgzwhat is it really trying to tell me?14:26
mgzallenap: ^ any ideas?14:26
allenapmgz: diff?14:28
allenapmgz: I'll be back in ~10 minutes.14:29
mgzallenap: <http://pastebin.ubuntu.com/1228548/>14:30
mgzthe other tests are fine, just writing this at the api level weirded up14:30
mgzgah, nose I hate you.14:37
allenapmgz: How very odd.14:49
mgzso, it's an error from inside acquire.. just not a useful one14:50
mgzis there some way to make tests show the traceback in that case?14:50
allenapGah! 2FA just to download the plain text. I hate you Ubuntu pastebin.14:50
mgz...and how do I run *just one* test with nose... ;_;14:50
allenapmgz: bin/test.maas <path-or-module>:TestClass.test_method14:51
allenapmgz: nose is stupid enough to output test IDs that can't be used as input.14:51
mgzah, the colon is the magic I forgot14:52
mgzokay, this will make tdd on this much less painful14:52
mgz(well, where the last d is 'debugging' not 'development', was bad and wrote all the code first)14:53
allenapmgz: Do you want me to hack at it too?14:59
mgzokay, seems I can do filter(a_manytomany_field=obj), using filter(a_manytomany_field__contains=obj) was wrong14:59
mgzI shall now continue writing tests....15:00
_rvbasmoser: the recent problem with dhcp is due to the change we made to how tasks are routed.  I image it's frustrating for you but here is the explanation: we are working towards having the tasks routed correctly when multiple cluster controllers are connected but this will obviously require some changes to the packaging.  And splitting up the existing package into 2 (one for the region controller and one for the15:43
_rvbacluster controller) is still WIP.  Hence the routing problem.15:43
smoserwhen you break something like that you cost lots of people time.15:44
_rvbasmoser: not sure if you're interested in that kind of solution but this: http://paste.ubuntu.com/1228681/ should fix the problem.15:44
_rvbaAnd I could say that not having the proper package structure is costing us a lot of time too.15:45
smoserreally?15:45
smoserso you're complaining that you broke somethign that worked (in the packaging)15:45
smoserand it no longer works15:46
smoserok15:46
_rvbaI'm not complaining.  I'm trying to explain to you why that mistake was made.15:46
_rvba smoser: I did not touch the packaging precisely because the whole structure is being changed (from one package to two packages).  That's exactly why there is friction.15:49
smoser_rvba, sorry for ranting. its just frustrating when i'm trying to test something and the daily ppa regresses.15:53
_rvbasmoser: I understand… and I think I'm used to you being grumpy now.  Well, sort of :).15:54
=== matsubara is now known as matsubara-lunch
smoserwell, i wanted to find a link for grumpy old man15:57
smoserbut the best i could find was http://www.hulu.com/watch/27189615:57
smoserand you probably can't see that.15:57
_rvbaIndeed, I can't.15:57
_rvbaroaksoax: may I ask how it the packaging work going?  I'm asking because I'm making changes upstream that will require some packaging changes but I can't do that while you're refactoring the whole structure (at least I think I can't).15:58
_rvbas/how it/how is/15:58
roaksoax_rvba: we are working on it with bigjools15:59
roaksoaxwhat type of changes are you making?15:59
_rvbaTasks are now routed to the queue named after nodegroup.uuid.  So the invocation of celeryd needs to be done with "-Q name-of-the-queue".16:00
_rvbaBut this means that the script Jeroen has done needs to be started in an upstart job, that a proper UUID needs to be generated, etc.16:01
_rvbasmoser: http://craigmcn.ca/wp-content/uploads/2012/09/old-man.jpg maybe?16:02
smoserhttps://www.google.com/search?q=dana+carvey+grumpy+old+man&hl=en&safe=off&tbm=isch&prmd=imvnso&source=lnms&sa=X&ei=LCdjUIffM_K70QGRooDADw&ved=0CAcQ_AUoAQ&biw=1259&bih=79916:03
_rvbaroaksoax: do you have an ETA for a first version?  I'm trying to figure out if I need to do something to cope with the current package (something I would have to undo when the new structure will be in place) or not.16:05
roaksoax_rvba: hoping that this friday we have sometihng16:06
_rvbaroaksoax: all right, thanks.16:06
roaksoaxallenap: ping16:07
roaksoaxallenap: https://pastebin.canonical.com/75364/16:07
roaksoaxallenap: let me know when you see it, it's kinda critical to resolve :)16:09
roaksoax_rvba: how does the templating work for if statements?16:14
roaksoax_rvba: such as {{ if node.distro_series >= {'quantal' }}16:15
roaksoaxcan i use variables?16:16
_rvbaYes you can :).  I'll see if I can find an example but the doc is here: http://pythonpaste.org/tempita/.16:16
roaksoaxthanks )16:18
roaksoax:)16:18
_rvbaroaksoax: here is a completely stupid example I just wrote: http://paste.ubuntu.com/1228724/16:19
_rvbaroaksoax: that template language is very permissive, any python syntax variable.field, dict['element'] should work all right.16:20
roaksoax_rvba: cool thanks16:20
roaksoax_rvba: http://paste.ubuntu.com/1228732/16:22
_rvbaroaksoax: I think you want to use {{server_url}} instead of http://{{server_host}}.16:24
_rvbaThe server_url should contain http or https.16:24
_rvbaWe don't want to hardcode 'http' anywhere.16:25
roaksoax_rvba: ok cool, though if the error above gets fixed we will use tftp instead16:25
_rvbaright16:26
_rvbaroaksoax: that's not valid : {{if node.distro_series in {'quantal'} }}16:27
_rvbaroaksoax: hold on, I'll find the correct syntax.16:28
roaksoax_rvba: it is, just tested it16:28
_rvbaroaksoax: ah indeed, you're right, my mistake.16:29
mgzso, these get_blah_or_404 methods seem like a bad idea to me16:53
mgzat least using the django helper does, because the user just gets, as the response body "Not Found"... with no indicaton of *what* wasn't found or why16:54
mgzshouldn't there be at least an ObjectNotFound exception class with code httplib.NOT_FOUND but takes (type, field=None, value=None) so we can give errors like "Tag with name 'foo' is not found" instead?16:56
smoserrbasak, the images tested ok for me on intel and daily ppa17:09
smoserwait. for quantal they did.17:10
smoseri just uploaded the precise fix.17:10
rbasaksmoser: \o/17:25
rbasaksmoser: thank you!17:25
smoseri'll rebuild precise17:25
smoserbut you should test also17:25
smoserroaksoax, do you know how i could convince maas to boot quantal ephemeral images?17:25
roaksoaxsmoser: yes17:26
roaksoaxsmoser: src/maasserver/models/config.py set it there17:26
roaksoaxsmoser: i need to add an option to modify that in "Settings" view17:27
rbasaksmoser: I'll test tomorrow morning17:29
rbasaksmoser: so where do I need to test from? maas.ubuntu.com daily?17:30
rbasaksmoser: and for precise? or would you like the result of a quantal test first?17:30
smoserprecise will fail17:31
smoserwell, actually might pass. i'm not sure how it worked.17:31
smoserbut resolvconf didn't get written17:31
smoseri'll start a new precise build right now17:32
roaksoaxsmoser: ok so for ipmi, we want to create a new user and a random pass right?17:32
smoserhm..17:34
smoserwell i would suggest that is oen path.17:34
smoserand that collecting is another17:34
roaksoaxhuh?17:35
smoserroaksoax, so in the "let maas do it all" case, you would then assume access to the ipmi and you'd want to set up a user, pass, and then tell maas about that.17:36
smoserbut there is also the case where you would just want that collected and reported to maas.17:36
smoserbut not changed.17:36
smoser(i think)17:36
roaksoaxsmoser: right, so I had that in mind at first, though Daviey mentioned that we should simply assume that every time we commission, we should configure it as if it was unconfiguraed17:38
smoseri guess that is not unreasonable.17:39
roaksoaxsmoser: what could be done is simple "If maas use already exists, then collect info"17:40
smoserwarning: grave ignorance about to be exposed17:41
smoserso.. if we boot, collect/set ipmi password and user and IP and such17:41
smoserthen we give the system to a potentially malicous user17:42
smoserwhy would that not be granting them access to the same credentials17:42
smoserand thus the ability to not be nice17:42
roaksoaxright but we are with the assumption that the credentials are set by the administrator and is a random password that should be hidden on the WebUI17:43
smoserroaksoax, i'm confused.17:44
smoseri'm saying the occupant of the system17:44
smosercan then just read them from the system17:44
smoseror create new ones17:44
roaksoaxsmoser: right, but that's the same case when an admin manually creates ipmi credentials17:45
smoserwell, yes.17:45
smoserexcept for i would suspect that after doing so the admin would then disallow access17:46
roaksoaxor when no other than the defalt ones have been created17:46
smoserbut if we disallow access, then your "redeploy" scenario requires some sort of manual intervention.17:46
roaksoaxsmoser: right, so this is tricky to resolve17:47
smoserwould this work ?17:47
smoserfor our deployment/re-deployment systems.17:48
smoserwe create one se of credeitians with 'ubuntu:ubuntu' that is admin17:48
smoserwith those credentials, you can open up access from the system itself17:48
smoserthen enlist/commission with maas (which will disallow access from the system)17:48
=== matsubara-lunch is now known as matsubara
smoserthen you can reset to "ready" with the 'ubuntu:ubuntu' creds17:49
smoser(from the network interface, rather than from the system itself)17:49
roaksoaxsmoser: right, but that means that we would have to pre-configure ipmi17:49
smoserright. but in our test labs we would have to do that.17:50
roaksoaxand i thought, or so I was told, that the idea here is to simply plug in a server, detect ipmi, configure it and that's it17:50
smoserhm..17:50
roaksoaxso we cannot rely on having someone pre-configuring IPMI17:51
roaksoaxsmoser: but either way, IPMI cards have a default user/password17:51
roaksoaxwhich is supposed to be enabled17:51
roaksoaxby default always17:51
roaksoaxso the idea is to create a user/pass for maas:XYZ17:51
roaksoaxand tell that to MAAS so it can start/stop machines17:52
roaksoaxsmoser: btw.. I can't see an option to disable BMC access of a machine itself17:54
roaksoaxthere's only lan channel17:54
smoserdoesn't that seem broken?17:56
roaksoaxsmoser: well, that's IPMI settings themselves17:56
roaksoaxthere's no option ot disable local BMC access17:56
smoserdoesn't that seem broken?17:57
smoserand our entire system based on the fact that we could do that?17:57
roaksoaxyeah17:57
roaksoaxwell, we can maybe restrict access to such tools on sudoers to the ubuntu user?17:58
roaksoaxsmoser: but to me... the root user is the one who has access to every piece of hardware17:59
roaksoaxsmoser: and it is the same case with the BMC17:59
roaksoaxsmoser: so in reality, if we argue that it is broken, we can argue the same thing with every piece of hardware attached to the system18:00
roaksoaxrestricting local bmc access would be as restricting access to a HD for a root admin18:00
roaksoaxs/admin/user18:00
smoserwell, thats not really true.18:01
smosergenerally you can disbale access to the bios from the OS18:02
smoserwhich would stop the OS from changing boot-order or such things18:02
smoserwhich is essentially what we want to do here.18:02
smoserif my OS is compromised, i'd still like to be able to use my hardware.18:02
roaksoaxsmoser: right, but an ipmi card is a piece of hardware18:04
roaksoaxnot a BIOS18:04
roaksoaxsmoser: so if your OS is compromised, i'd still like to be able to use IPMI18:04
roaksoaxor access the BMC18:05
roaksoaxsmoser: lp:~andreserl/+junk/autodetect-ipmi18:33
roaksoaxsmoser: ok so instead of doing most of the --commit stuff by commands, a template can be used and written as a file, so we just do 1 commit18:34
smoserrbasak, precise image daily image should be good now.18:38
rbasaksmoser: thank you!18:38
smoserroaksoax, bug 1: /bin/python18:41
ubot5Launchpad bug 1 in Ubuntu "Microsoft has a majority desktop market share" [Critical,In progress] https://launchpad.net/bugs/118:41
smoserroaksoax,18:57
smoseryou said /usr/share/pyshared/maasserver/models/config.py and change DISTRO_SERIES.precise to DISTRO_SERIES.quantal, right?18:58
smoserand then i sudo restart maas.pserv18:58
smoserbut it still gives me precise18:58
roaksoaxsmoser: restart apache218:58
smoserroaksoax, https://code.launchpad.net/~smoser/maas/trunk.import-ephem-fix/+merge/12654320:34
roaksoaxsmoser: done20:37
smoserthanks20:45
smoserverified that i can boot quantal ephenmeral20:45
roaksoaxsmoser: awesome!20:45
smoserbigjools, 'https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1055935' works for you?23:59
ubot5Ubuntu bug 1055935 in MAAS "dhcpd.conf is not updated after package install" [Critical,Fix released]23:59
smoseri have failed on several attempts23:59
bigjoolssmoser: yes I had it working yesterday after I fixed the upstart file23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!