/srv/irclogs.ubuntu.com/2013/06/17/#juju-dev.txt

mrammsnow!00:00
mrammfortunately, that does not happen here in panama00:00
wallyworld_thumper: so far, no feedback on my containers email. i might go ahead and implement the new assignment policies (but just do the new code, still retain the hard wiring to AssignNew)00:12
thumperwallyworld_: yeah, sorry about that, I didn't even read it fully00:12
thumperif you give me a few minutes, I'll do that, then we can chat?00:13
wallyworld_it more more others i was hoping to hear from00:13
* thumper nods00:13
wallyworld_ok00:13
wallyworld_thumper: i reproposed the watchers branch too00:13
wallyworld_it was a sad tale of things which didn't work00:14
thumper:)00:18
thumperwallyworld_: https://plus.google.com/hangouts/_/c13964bb956b545d4b70115743cd124bebf19c19?hl=en00:19
* thumper considers lunch00:48
thumperhi davecheney00:48
thumperdavecheney: good holiday00:48
thumper?00:48
davecheneythumper: yessir!00:53
* thumper rages a little02:32
thumperwallyworld_, davecheney: I just want to write a test that assumes that I have some environment running...02:32
jamthumper: did davecheney take you away from lunch?02:32
jam(reading the backlog)02:33
thumperjam: nah, made myself pizza02:33
jamI thought that might be why you were raging.02:33
thumperfollowed up with a nice flat white and home made ginger kisses02:33
thumperlit a fire earlier02:33
thumperno...02:33
* thumper sighs02:33
jamsounds pretty good02:33
thumperjust testing blues02:33
* thumper feels like this test should be easier to write02:34
thumperhmm...02:36
jamwallyworld_: so after a bit more digging, it turns out we can't "just wait longer". The issue is that when it happens, the new Connected socket will never get Close called on it, because it missed the server.Close call02:36
jamthumper: JujuConnSuite has lots of stuff set up for you :) (though I'm told it has too much and we should avoid it)02:36
thumperjam: yeah, I'm avoiding it :)02:36
thumperwondering whether to actually bootstrap my dummy environment02:37
jamthumper: and congrats on most of your patches just landing without needing to be resubmitted due to the connection timing bug.02:37
thumperor just fake the state and api info02:37
thumperjam: didn't hit the connecting timing bug02:37
jamthumper: TBH I'd probably go with bootstrap a dummy enviroment.02:37
thumperbut did hit some spurious test failures a couple of times02:37
* thumper bootstraps02:37
jamthumper: that is the connection timing bug02:37
thumperoh...02:38
thumperI did hit it a few times02:38
jammore of your patches have landed without failing than anyone elses.02:38
jameven if you have hit it.02:38
jamI've tracked it down to a race condition inside mgo.02:38
jamIt is starting a new connection when Close is called.02:38
jamso the new conn routine is blocked in a conn request, and hasn't registered the new conn with the list of liveconns02:38
jamserver 'closes' all of its conns,02:38
jamroutine comes back and adds one more.02:39
jamthumper: anyway, just checking email before taking my son to school, good luck, and hopefully I'll have a patch for the conn thing early today.02:39
thumperawesome02:40
* thumper sighs...02:41
* thumper works out what is needed for a valid cloudinit02:55
thumperanyone know off the top of their head how to get the tools from environs that were used to bootstrap?02:56
thumperusing: err = environs.Bootstrap(environ, constraints.Value{})02:56
thumperwith a dummy environment02:56
* thumper goes to collect the girls02:58
wallyworld_jam: i was wondering about that03:14
wallyworld_hence maybe a mutex is needed03:14
wallyworld_thumper: want to bikeshed a name for the method on instance.Instance which returns the "characteristics". i'm thinking just Metadata()03:36
thumperwallyworld_: you mean, cores, power, memory etc?03:37
wallyworld_yeah03:37
wallyworld_Characteristics() doesn't do it for me03:37
thumperhmm...03:39
thumperMetadata works for me03:39
wallyworld_cool03:44
wallyworld_jam: did you get the meeting invite for later today?03:45
arosaleswallyworld_, I do and I accepted it :-)03:48
wallyworld_arosales: thanks, the acceptance hasn't come up in my calendar event03:49
wallyworld_but it did insist on a gapps.canonical email address03:50
wallyworld_maybe that confused it03:50
arosaleswallyworld_, hrm. well I indeed did accept and will be there @ 23:00 UTC03:54
arosalestomorrow for me03:55
wallyworld_arosales: thank you, just wanted to doule chec03:55
thumperwallyworld_: the way you were talking it was 11pm for you03:55
thumpernot 11pm utc03:55
arosalessure np03:55
bigjoolswallyworld_: do you use simplestreams to manage images for openstack?03:55
wallyworld_thumper: it is 11pm for me03:56
* thumper keeps out of it03:56
wallyworld_arosales: the meeting is 11pm GMT+10, or is supposed to be. so should be morning for you03:56
arosaleswallyworld_, that is the juju api discussion, right?03:57
wallyworld_arosales: no, the simplestreams stuff03:57
arosalesoh03:57
arosalesgood thing you confirmed :-)03:57
wallyworld_yeah :-)03:57
arosalesaccepted that one as well03:57
wallyworld_thanks!03:57
arosalesthank you for setting it up and confirming :-)03:58
wallyworld_arosales: so to check the time, it is 11pm for me and maybe 8 or 9am for you03:58
wallyworld_np03:58
wallyworld_i think i made it after the api one, not sure now03:58
wallyworld_bigjools: yes, there are simplestreams metadata files which list the available images03:59
wallyworld_juju uses these t figure out the image id to ask for when telling openstack/ec2 to start an image03:59
wallyworld_instance i mean03:59
bigjoolswallyworld_: I am wondering if that stuff will work with the provider we're working on04:06
bigjoolsI guess time will tell04:06
thumperwallyworld_: please don't add extra import dependencies to the instance package04:07
thumperwallyworld_: I'm trying to remove them all04:07
wallyworld_bigjools: it might work so long as your provider can have the concept of a caller passing in an image id and there's some sort of lookup the provider does to then figure out what image to start04:07
wallyworld_thumper: i don't plan on it04:07
thumpercoolio04:07
bigjoolswallyworld_: I don't know if this provider allows custom images yet04:09
wallyworld_bigjools: they don't have to be custom - juju just wants to be able to say "give me an instance for amd64/precise". there's a mapping in simplestreams from those constraints to an image id. so the provider just has to do the right thing when given an image id04:12
bigjoolswallyworld_: if the constraints contain the amd64/precise info we can just ignore the image id, right?04:13
* thumper afk for kid sports and shopping, back later tonight to talk to fwereade04:14
=== thumper is now known as thumper-afk
bigjoolsoh we can do custom images04:14
wallyworld_bigjools: yes, the provider can ignore the simplestreams stuff if it wants and just look at the constraints04:15
=== tasdomas_afk is now known as tasdomas
wallyworld_fwereade: if you are around, i'd love a quick catchup04:47
fwereadethumper-afk, wallyworld: sorry, I'm going to a school thing for laura for at least a couple of hours -- you're best off emailing me, I think05:54
rogpeppemornin' all05:56
jamwallyworld_: yay, you're back06:04
wallyworld_jam: sorry, power was cut06:05
jamwallyworld_: I was pretty sure you're just hiding from your 1:1 :)06:05
jamrogpeppe: I'm just poking at tarmac right now to make the test suite more reliable (bug #1191487). So I'm going to bump your proposal while I'm testing it, and then I'll set it back to Approved when I'm done.06:52
_mup_Bug #1191487: mgo sockets in a dirty state <tarmac> <test> <juju-core:Triaged by jameinel> <mgo:Confirmed> <https://launchpad.net/bugs/1191487>06:52
rogpeppejam: what do you mean by "bump"?06:52
rogpeppejam: put on hold?06:53
jamrogpeppe: I'm going to stop the test suite running, which will probably mark your proposal as Needs Review with a test suite failure.06:53
jamso ignore that failure06:53
rogpeppejam: ok. darn. i thought i was early enough to get it merged.06:53
rogpeppejam: thanks for letting me know06:54
jamrogpeppe: well, you had a 75% chance that it would have failed anyway because of bug #119148706:54
_mup_Bug #1191487: mgo sockets in a dirty state <tarmac> <test> <juju-core:Triaged by jameinel> <mgo:Confirmed> <https://launchpad.net/bugs/1191487>06:54
jamthat test has been *very* unreliable on the tarmac machine06:54
rogpeppejam: i, i saw that this morning and thought it was because i was running against go tip06:54
rogpeppes/i/ah/06:54
jamrogpeppe: nope, I have a whole bunch of stuff that sorts out *why* it is happening. Ends up as a race condition in Close that can leave a new connection Alive but abandoned06:55
rogpeppejam: i can't believe how slow the cmd/juju tests have become. 3 minutes makes it the slowest of all.06:55
rogpeppejam: cool. i wasn't looking forward to diving into that stuff again.07:00
rogpeppejam: what was the basic problem?07:00
jamrogpeppe: we have a lock on the server object, we release it during Connect07:01
jamwhen we return we grab the lock again and add the connection to active connections07:01
jambut Close() can be called while connect is waiting07:01
jamand then we get an object that will never have Closed called on it.07:01
rogpeppejam: which server object?07:01
jamrogpeppe: all of this is in mgo07:01
rogpeppejam: ah!07:01
jamrogpeppe: details are in the bug now07:01
rogpeppejam: that's a great bug to have found, thanks!07:02
jamrogpeppe: I requeued your patch with a local fix for mgo07:02
rogpeppejam: thanks a lot07:03
jamrogpeppe: If you want to review my changes on the bug, I'd love to get someone else to see if it is a reasonable patch to land in mgo trunk07:03
rogpeppejam: i'll take a look07:03
* jam makes a run to the grocery store07:03
rogpeppejam: it's funny that the trigger for the problem is that a single test takes more than 10 seconds...07:07
rogpeppejam: i'm pretty sure that the second of your suggested patches (make AcquireSocket return an error if the server is closed) is the correct one07:14
rogpeppejam: and would it be that much more invasive, given that AcquireSocket already returns an error?07:16
TheMuemorning07:52
=== danilos_ is now known as danilos
=== thumper-afk is now known as thumper
thumperTheMue: morning08:11
thumperTheMue: I decided to continue using golxc because it was nice and self-contained08:11
thumperTheMue: didn't seem like any value copying that code into juju-core08:12
thumperTheMue: can you merge my branch into trunk?08:12
thumperTheMue: also... do you want to change the owner of the trunk branch?08:12
thumperTheMue: we could get jam to add it to the go-bot maybe08:12
TheMuethumper: shouldn't be a problem, only have to look how to do it08:15
TheMuethumper: never played that much with lp08:15
thumperTheMue: well, to merge it in, do the following08:15
jamthumper: it must pass my extensive review process :)08:15
thumperTheMue: go to your version of trunk08:15
thumperTheMue: follow the instructions from the merge proposal - bzr merge lp:~thumper/golxc/my-branch-name-that-I-cant-remember08:16
thumperbzr commit --author="Tim Penhey <tim.penhey@canonical.com>" -m "Add mocking ability"08:16
thumperbzr push08:16
thumperand you're done08:16
thumperto change the owner of the branch08:16
thumperthere is an edit link on the top right menu collection for the branch page08:17
thumperthere the owner of the branch is shown as a select box08:17
thumperwith all the teams you are a member of08:17
TheMuethumper: fine, but your really named it "my-branch-name-that-I-cant-remember"? *scnr*08:17
jamrogpeppe: so if you return an error, by default the loop will go back into 'sleep for 10s' mode rather than exiting because the server has closed.08:17
thumperyou could change it to juju-core now, and we could change it again to go-bot later08:17
jamit turns out that may not get *noticed* because the socket has already been marked closed (even though there are active goroutines running)08:17
TheMuethumper: ok, will do. nice to see this young lady growing08:18
thumper:)08:18
thumperTheMue: I have another branch to add shortly08:18
thumperTheMue: which changes the wait conditions based on new-learning08:18
thumperTheMue: but not today :)08:18
TheMuethumper: yeah, your today is almost done while mine has just started08:19
thumperalmost?08:19
thumperit is 8:20pm...08:19
thumpergame of thrones starts in like 10 minutes08:19
jamrogpeppe: https://code.launchpad.net/~rogpeppe/juju-core/317-rpc-dynamic-serve/+merge/16972508:20
jamyou have a go-1.1ism in the code.08:20
rogpeppejam: oops08:21
rogpeppejam: where can i see the compiler failure in that merge proposal?08:22
rogpeppejam: oh, i see08:22
jamrogpeppe: https://code.launchpad.net/~rogpeppe/juju-core/317-rpc-dynamic-serve/+merge/169725/comments/37752408:22
jam# launchpad.net/juju-core/rpc_test08:22
jamrpc/rpc_test.go:168: function ends without a return statement08:22
jamFAILlaunchpad.net/juju-core/rpc [build failed]08:22
TheMuethumper: almost in the sense of "you're still here"08:22
rogpeppejam: yeah, i just saw it08:22
thumperTheMue: heh, just back, not still here :)08:22
TheMuethumper: enjoy GoT08:22
jamthumper, TheMue: if you want me to manage the golxc trunk with tarmac, it should be pretty easy to set up, but obviously you need to make sure you have a passing test suite, etc first08:26
rogpeppejam: yes, the pinger loop would have to check for errServerClosed or whatever08:27
rogpeppejam: but i think that explicitness would make the code more obvious08:28
rogpeppejam: it seems wrong to me to return a socket that we know is bad08:29
rogpeppei've just discovered that it's only the graphics freezing up when my computer crashes - i can still ssh in08:39
rogpeppei wonder if there's a way to reboot all the graphics while leaving everything else running08:40
thumperjam: the test suite passes, however, as it is lxc, part of the test suite requires sudo08:44
thumperjam: but running that in a clean environment *shouldn't* be too hard, right?08:44
thumperjam: expecting mgz?08:44
jamthumper: define "clean environment" :)08:45
jamthe bot doesn't currently have sudo rights, though it could be adde08:45
jamadded08:45
thumperjam: something where you can run the tests with sudo and not feel violated :)08:45
jamthumper: running tests with sudo... not sure I can avoid violation :)08:45
thumperjam: perhaps we should create an lxc container to run the tests in08:45
jamthumper: I would expect mgz to show up some time soon.08:45
thumperbut that needs sudo too08:45
thumperhmm, may just email08:46
thumpernight all08:46
jamthumper: I don't feel too bad about giving the bot sudo over just this stuff.08:46
jamrogpeppe1: so the issue go bot just brought up is that it had not refreshed the MP page when you marked it approved (you Approved it before you pushed)09:12
jamyou can just go back and approve it again.09:12
rogpeppe1jam: heh09:12
rogpeppe1jam: so i can't just push then approove09:12
rogpeppe1approve09:12
jamyou should be able to push, then refresh the page, then approve.09:13
jamThe diff doesn't have to finish updating, LP just needs to notice there are new revisions.09:13
rogpeppe1jam: ah, it's a client-side issue?09:13
jamrogpeppe1: when you load the page, it tracks the revision that you approve.09:13
rogpeppe1jam: ah09:13
rogpeppe1jam: thanks09:13
jamso that you don't approve X, then someone pushes something completely different, and that lands.09:13
jamit makes more sense when you are landing stuff proposed by 3rd parties.09:14
rogpeppe1once more into the breach09:15
rogpeppe1"The application Startup Disk Creator has closed unexpectedly".09:41
rogpeppe1sigh09:42
TheMueanyone able to show me where in LP i can change the ownership of a trunk?10:02
jamTheMue: you go to the branch, and then change owner.10:08
jamrogpeppe1: on the plus side, your patch landed :)10:08
rogpeppe1jam: that's good10:08
rogpeppe1jam: i'm currently working towards reinstalling from scratch on my laptop10:08
rogpeppe1jam: hoping that it'll fix my increasingly frequent freeze-ups10:09
rogpeppe1jam: i'm bringing up my old mac up as a backup in case the laptop really is hosed.10:10
TheMuejam: exactly that is the question: where there? i only see "change details" and there's no owner on the following page.10:11
* TheMue always like the LP usability10:12
jamTheMue: if I go to a branch I own, such as: https://code.launchpad.net/~jameinel/bzr/2.4-client-reconnect-819604/ there is a Change Details link in the upper right, which takes you to .../+edit10:13
jamwhich you can then select a dropdown to set the owner.10:13
jamTheMue: are you the owner of the current branch?10:13
jamyou can point me to the branch, and I'll help as I can10:14
TheMuejam: yes, I am10:14
TheMuejam: but let me check something, I changed my lp profile after registering this project10:14
TheMuejam: ah, my profile says I don't own or drive any projects10:16
rogpeppe1aargh, dynamic libraries10:16
TheMuejam: strange, take a look at https://launchpad.net/golxc10:17
rogpeppe1Fatal Python error: pycurl: libcurl link-time version is older than compile-time version10:17
jamTheMue: so on this page: https://code.launchpad.net/~themue/golxc/trunk10:17
jamthere should be a Change Details lnk10:17
jamwhich you can use to change the owner10:18
jamif it isn't there10:18
TheMuejam: oh, there it is, so i navigated a wrong way (also with a Change details link)10:18
TheMuejam: i'll change the ownership to "juju hackers" first. the current testing needs to run a script as root and then only does live testing. the test suite needs mocks for the lxc commands.10:26
jammgz, wallyworld, danilos_: coming to join me? https://plus.google.com/hangouts/_/8868e66b07fa02bdc903be4601200d470dae9ee311:31
wallyworldi was on the one in the calendar11:31
mgzI;m there11:31
=== danilos_ is now known as danilos
fwereadewallyworld, sorry I wasn't around earlier -- you might like to take a quick look at lp:~fwereade/juju-core/watch-containers-alternative, which does what I originally suggested; at first glance, though, your LifecycleWatcher changes look good and are worth landing regardless11:53
* wallyworld looks11:54
fwereadewallyworld, I copied your test but the rest is soppy+ untested, and hasn't had the UnitsWatchername replaced11:54
wallyworldfwereade: i made a generic collection watcher but backed out the changes11:54
fwereadewallyworld, if I read you correctly, the problem was just that you were watching the wrong document to get notified of containers-changed11:57
fwereadewallyworld, hmm, if I were to press ahead with that I'd need a test for what happens if we upgrade from pre-containers-docs code11:59
fwereadewallyworld, should probably have those anyway in general11:59
wallyworldfwereade: the way i read the units watcher code, and my reworking to a generic watcher of collections, was that the collection being watched had to be an attribute of the parent entity's doc, but seems like that's not the case12:00
fwereadewallyworld, I think that was just a coincidental feature of the existing ones12:01
wallyworldright, so it seems. the watcher stuff i found hard to follow, and there's so much almost duplicated code. all those loops that do the same thing. there's got to be a way to consolidate all that12:02
wallyworldi think we don't use interfaces enough in our Go code12:02
wallyworldwe use structs all the time, so hard to generisise stuff12:03
fwereadewallyworld, agreed in general12:04
fwereadewallyworld, I think there is definitely fertile ground for more consolidation there12:04
wallyworldfwereade: so my reworking of units watcher seems similar to yours at first glance (from memory and all that). i also introduced a new interface with a Changes() method like you did. but my current code also works. what's your preference for moving forward?12:05
fwereadewallyworld, at least all the ids are the same type ;p12:05
fwereadewallyworld, keep going with what you have12:05
wallyworldok, will land that then12:05
wallyworldfwereade: i wish we had aliased the core entity id type12:06
fwereadewallyworld, I'll review it properly later today, and would expect you to land it tonight; I'll fix UnitsWatcher independently and switch the implementation when it's ready12:06
wallyworldok, sounds like a plan12:06
* fwereade is hungry, goes looking for lunch12:07
* wallyworld is thirsty for a beer but has a meeting soon :-(12:07
=== BradCrittenden is now known as bac
=== teknico1 is now known as tekNico
wallyworldarosales: you ok for meeting now?13:04
TheMuefwereade: ping13:25
fwereadeTheMue, heyhey13:25
TheMuefwereade: heya13:25
fwereadeTheMue, rog was ofc quite right to point out that the Resumer could be better tested13:25
TheMuefwereade: the pure http access to the store is really pretty simple, I've tested it with real world data (our tool url)13:26
fwereadeTheMue, oh! fantastic13:26
rvbaHi guys, could you please have a look at https://code.launchpad.net/~rvb/juju-core/az-config-items2/+merge/169759 / https://codereview.appspot.com/10338043/ when you get a chance?13:26
TheMuefwereade: now I want to change the synctools test. as this access to the tools is used only there, is it ok to try to keep the testbed as small as possible13:27
TheMuefwereade: today we use a faked environment and the tool are uploaded for test UploadFakeTolsVersion()13:27
fwereadervba, ack13:28
rvbata13:28
TheMuefwereade: I would create a small server, delivering the correct data here as I don't have to provide full storage functionality (e.g. put tools).13:28
fwereadeTheMue, if that's simplest, go for it13:29
TheMuefwereade: fine13:29
TheMuefwereade: and regarding the resumer I'll see how I can evaluate that it's running each minute13:30
fwereadeTheMue, left a couple of comments on https://codereview.appspot.com/10266043/13:31
TheMuefwereade: nice idea with the interface +113:32
jamniemeyer: I'm trying to do a patch to mgo, but I'm unable to get the suite to pass. I assume you run 'make startdb' in one window and then 'go test' in another. But mid way through startdb fails with "addUser succeded, but cannot wait for replication since we no longer have auth".13:34
jamAny idea?13:34
niemeyerjam: "make startdb" returns after it's done13:34
niemeyerjam: So you shouldn't run them in parallel13:34
jamniemeyer: ah, k13:34
jamit just runs for a long time13:35
niemeyerjam: Right.. and that's why it's setup like that13:35
jamI thought it ran something that the test suite connected to.13:35
niemeyerjam: You run it once, and then do as many runs as you want13:35
jamk, thanks13:35
niemeyerjam: You probably want to use go test -fast -gocheck.v13:35
niemeyerjam: To get a feeling if your change is okay13:35
niemeyerjam: There are tests that put databases down and wait for them to resync, etc13:35
niemeyerjam: Which really take a while to get run13:36
niemeyerjam: I usually run these only after I'm comfortable with the change13:36
jamniemeyer: also, 'go fmt' reports lots of files to change. Shall I just submit that one first?13:36
niemeyerjam: Ouch.. I have to add something to prevent commits without fmt13:37
niemeyerjam: Please pull it13:38
jamwill do13:38
=== wedgwood_away is now known as wedgwood
TheMuefwereade: hangout?14:04
fwereadeTheMue, oo thanks sorry14:04
TheMuemramm: hangout14:04
mrammsorry, lost track of time14:05
fwereadervba, reviewed; I'm just in a meeting, but ping me in 20 mins if you'd like a quick chat about it14:07
jamdanilos_: you marked your proposal Approved, but forgot to set the commit message (which is why it wasn't trying to land)14:57
rogpeppe1fwereade: am just doing the state/api/machineagent tests. they have lots in common with the machiner tests. three possibilities: 1) merge machiner into machineagent (rationale: all the APIs for a given agent live in the same package); 2) factor out the testing code into a new testing package (possible name state/apiserver/machineagent/testing); 3) duplicate the testing infrastructure.15:28
FunnyLookinHatOk guys - do any of you know if there's a way to dump the requests being made with juju-core?  I _really_ need to see what the distance is between JuJu and Rackspace... they're bought in to getting things working, but they need debug information to explain the 411 Content Length errors keeping me from auth'ing15:29
fwereaderogpeppe1, I would favour (2) if that works for you15:29
rogpeppe1fwereade: i'm slightly reluctant to go for 2, which i suspect is your preferred approach, as our packages are breeding like rabbits15:29
FunnyLookinHatI'm not seeing any issues with what's in goose - everything seems to be correct..... but that's why I need to debug the requests :)15:29
fwereadeFunnyLookinHat, I'm not a goose expert, but I think there's a debug switch somewhere in there, isn't there? mgz/jam?15:30
rogpeppe1our --debug switch should really turn on request logging in goose actually15:31
fwereaderogpeppe1, agreed15:32
rogpeppe1universal use of loggo (and judicious changing of command-line options) should make this story better15:32
fwereaderogpeppe1, +115:32
rogpeppe1fwereade: is there a particular reason it's not a good idea to put the machiner and machine agent APIs together in the same package?15:34
fwereaderogpeppe1, it feels a bit like the wrong granularity... I think the association of workers with particular agent types is generally speaking coincidental rather than fundamental15:37
fwereadeFunnyLookinHat, ah! it looks as though you can pass a logger in place of the nil in environs/openstack/provider.go:46015:40
rogpeppe1fwereade: the testing seems to me to be oriented around the currently logged in entity. if we moved a worker from one agent to another, we'd not be able to share the testing infrastructure any more and we'd have to change a fair amount of the code. that seems to me to be a reasonable rationale for keeping them together. moving them will probably be no harder if they're in separate packages than if they're together in one.15:41
rogpeppe1fwereade: "moving them will probably be no harder if they're in one package than if they're in separate packages" of course15:41
fwereadeFunnyLookinHat, and you *might* be able to pass in `loggo.GetLogger("goose")`15:42
fwereadeFunnyLookinHat, you can import "launchpad.net/loggo" at the top of the file15:42
FunnyLookinHatfwereade, Ah ok - let me fork and try a build to see if manually patching would be easy for testing :)15:43
fwereadeFunnyLookinHat, but I have not used loggo in anger yet and don't quite remember for sure15:43
fwereadeFunnyLookinHat, so long as you --upload-tools for now, it should be fine15:43
FunnyLookinHatfwereade, well that helps anyways - thanks for the direction... pretty sure we're on the goal-line for Rackspace support.15:43
FunnyLookinHat--upload-tools ?15:43
* FunnyLookinHat is completely new to building juju15:44
fwereadeFunnyLookinHat, if you have source available in your GOPATH, it builds and uploads it, rather than trying to bootstrap with released tools15:44
fwereadeFunnyLookinHat, we messed up and trunk is incompatible with the bootstrap tools at the moment; I'm on it15:44
FunnyLookinHatah15:44
rogpeppe1fwereade: if there's already a bootstrapped environment, it shouldn't matter, should it?15:45
rogpeppe1fwereade: FunnyLookinHat could just build the local tools and use them against the existing environment, with logging turned on15:45
fwereaderogpeppe1, (btw: ok, that seems fair)15:45
FunnyLookinHatI don't have ANY existing environment... so there's nothing to save there15:46
FunnyLookinHatwell , nothing worth saving I mean.15:46
fwereaderogpeppe1, maybe, but even then, at some stage he'd try an env-set and everything would be borken ;p15:46
FunnyLookinHatheh15:46
rogpeppe1FunnyLookinHat: don't do that :-)15:46
FunnyLookinHatrogpeppe1, don't do what? build it?15:47
rogpeppe1FunnyLookinHat: use env-set (when you've built the tools locally but haven't used --upload-tools)15:47
=== BradCrittenden is now known as bac
rogpeppe1mramm: your link to the security bug didn't take me anywhere16:34
rogpeppe1mramm: what issue are you referring to?16:34
rogpeppe1mramm: if it's the "hard coded salt" issue, this is absolutely not critical16:35
fwereaderogpeppe1, you may not be logged in ;p16:35
rogpeppe1fwereade: i'm logged in16:35
fwereadeah, ok, sorry16:35
* fwereade goes off to supper16:35
mrammhow is it not critical?16:36
rogpeppe1mramm: my original design used a random salt, but gustavo persuaded me that it's not necessary. and i think he's probably right too.16:36
mrammok16:36
mrammpersuade me16:36
rogpeppe1mramm: what is the security vulnerability here?16:36
mrammand add a copy16:36
mrammso, what does salt do for you in general?16:37
mrammit makes it so that the password itself is not the only data that goes into creating the hash16:37
niemeyer_rogpeppe1: I don't think I ever said anything like that16:37
rogpeppe1mramm: if someone gets hold of the hashed password, it makes a rainbow-table attack harder16:37
niemeyer_Oct 05 14:49:34 <niemeyer>      rogpeppe: Why the big salt?16:38
niemeyer_Oct 05 14:49:43 <rogpeppe>      niemeyer: why not?16:38
niemeyer_Oct 05 14:49:47 <niemeyer>      rogpeppe: Because two bytes should be enough16:38
niemeyer_Oct 05 14:50:03 <rogpeppe>      niemeyer: ok, i'll use a smaller slat16:38
niemeyer_Oct 05 14:50:05 <rogpeppe>      salt16:38
rogpeppe1niemeyer_: i think it was later than that that you persuaded me a fixed salt would be fine16:38
* rogpeppe1 goes to look in the loges16:39
rogpeppe1logs16:39
mrammok, if you know the salt you have a leg up on all kinds of attacks (common password hash searches become trivial, for example)16:39
rogpeppe1[Friday 05 October 2012] [16:16:27] <rogpeppe>niemeyer: alternatively16:40
rogpeppe1[Friday 05 October 2012] [16:16:45] <rogpeppe>niemeyer: we could not use a salted password at all and just say "use a long random password"16:40
rogpeppe1[Friday 05 October 2012] [16:17:20] <niemeyer>rogpeppe: Just use a well known salt for now16:40
rogpeppe1[Friday 05 October 2012] [16:17:28] <rogpeppe>niemeyer: what's the point?16:40
rogpeppe1[Friday 05 October 2012] [16:17:58] <rogpeppe>niemeyer: well, i guess we can add salt later :-)16:40
rogpeppe1[Friday 05 October 2012] [16:18:19] <rogpeppe>niemeyer: the changes are fairly small actually16:40
rogpeppe1[Friday 05 October 2012] [16:18:30] <niemeyer>rogpeppe: The point is the same of having a salt16:40
rogpeppe1[Friday 05 October 2012] [16:18:58] <niemeyer>rogpeppe: You can't attack a juju environment with a pre-made dictionary unless that dictionary was built specifically to attack a juju environment16:40
rogpeppe1[Friday 05 October 2012] [16:18:59] <rogpeppe>niemeyer: there's no point in having a constant salt - it's equivalent to having no salt at all16:40
rogpeppe1[Friday 05 October 2012] [16:19:08] <rogpeppe>niemeyer: i guess so16:40
rogpeppe1[Friday 05 October 2012] [16:19:14] <niemeyer>rogpeppe: No, it's not equivalent16:40
rogpeppe1[Friday 05 October 2012] [16:19:19] <rogpeppe>niemeyer: yeah, i see your point16:40
rogpeppe1[Friday 05 October 2012] [16:19:24] <niemeyer>rogpeppe: If you use a salt, you force people to start building that dictionary today16:40
rogpeppe1[Friday 05 October 2012] [16:19:48] <rogpeppe>niemeyer: ok, constant salt it is16:40
rogpeppe1[Friday 05 October 2012] [16:20:09] <niemeyer>rogpeppe: If you use an algorithm that takes 1 second to compute the hash on a modern computer, even a short password will take many years to break16:40
niemeyer_rogpeppe1: Well, yes?16:41
niemeyer_rogpeppe1: So the idea is to *have* a salt, plus using costly hashing16:41
niemeyer_rogpeppe1: ?16:41
rogpeppe1niemeyer_: so do you think that the fact that we're using a constant salt today deserves to be designated a critical bug?16:42
mrammhttp://stackoverflow.com/questions/9195692/does-salt-need-to-be-random-to-secure-a-password-hash16:42
niemeyer_rogpeppe1: So the idea is to *have* a salt, plus using costly hashing?16:42
rogpeppe1niemeyer_: a random salt? or a well-known salt?16:42
niemeyer_mramm: You don't need to convince me that salting is important.. that's why I've raised a flag given the blank statement I've heard from Roger16:43
mrammright16:43
mrammI was trying to convince roger ;)16:43
mrammideally we'd have random salt for each password, not for the whole environment16:43
rogpeppe1niemeyer_: so you now think it's wrong to use a well known salt?16:44
rogpeppe1mramm: i agree. that's what i did originally.16:44
niemeyer_rogpeppe1: I think it has security implications for sure, and I believe you know that16:44
niemeyer_rogpeppe1: The question is the size of the trade off16:44
niemeyer_rogpeppe1: How long does it take to compute 100.000 hashes? More than the time the software is out? Then yes, it's an issue16:45
niemeyer_s/more/less16:45
mrammwell, there is also the "users use the same password" issue16:45
mrammwhich if all of the salt is the same, makes it easy to just find matching salt16:46
mrammI mean matching hashes16:46
niemeyer_mramm: I don't think you need to explain how salt works, or why salting is important16:46
mrammsure16:46
niemeyer_rogpeppe1: The question is purely one of trade off16:46
niemeyer_SOrry16:46
niemeyer_mramm: The question is purely one of trade off16:46
rogpeppe1niemeyer_: what's the trade off?16:46
niemeyer_rogpeppe1: Do you want a more resilient system today, or do you want to implement X?16:47
rogpeppe1niemeyer_: ?16:47
rogpeppe1niemeyer_: resilient to what?16:47
niemeyer_rogpeppe1: Okay, maybe you do not understand salting!?16:47
niemeyer_rogpeppe1: The only reason I suggested postponing the random salting is so you could get stuff done.16:48
mrammresilient vs password attack16:48
rogpeppe1niemeyer_: ah, good point; i've just reminded myself.16:48
rogpeppe1mramm: it's a good point actually - where do we store the salt?16:48
mrammyou can store it in mongo16:48
rogpeppe1mramm: how?16:49
rogpeppe1mramm: hmm, actually, maybe...16:49
* rogpeppe1 thinks16:49
mrammhappy to talk about the how if you want16:49
FunnyLookinHatOk - say I just added logs to environs/openstack/provider.go - how do I build that to use it locally?16:50
rogpeppe1mramm: i don't think we can do it until we have API everywhere16:50
FunnyLookinHatoh never mind - found doc16:50
niemeyer_Lunch time.. biab16:52
FunnyLookinHatErr - $ go install      can't load package: package .: no Go source files in /home/funnylookinhat/source/juju-core16:54
FunnyLookinHatAh - will just use go to grab source and deps16:59
=== tasdomas is now known as tasdomas_afk
FunnyLookinHatAh geez - it looks like I can't import "log" because it's redeclared in the package?17:29
FunnyLookinHatfwereade, having trouble figuring out the syntax since juju-core has it's own "Log" package...  any suggestions?  I just want the most simple dump possible17:48
* rogpeppe1 has reached end of day18:17
rogpeppe1FunnyLookinHat: i'd just put some fmt.Printf statements inside goose18:18
rogpeppe1FunnyLookinHat: you don't necessarily need to use the log package18:18
FunnyLookinHatrogpeppe1, Yeah that's what I'm trying... having trouble tracing where specific requests are made18:18
FunnyLookinHatAnd I'm randomly adding Content-Length 0 headers to requests to find out which one it is :D18:19
rogpeppe1FunnyLookinHat: do you need to see just the requests, or the replies as well?18:20
FunnyLookinHatrogpeppe1, Just requests right now18:20
FunnyLookinHatnearly there I think...18:20
rogpeppe1FunnyLookinHat: looks like sendRateLimitedRequest is the place18:20
rogpeppe1FunnyLookinHat: just before resp, err = c.Do(req)18:21
FunnyLookinHatrogpeppe1, which file ?18:21
FunnyLookinHatoh client.go18:21
rogpeppe1FunnyLookinHat: yeah18:21
rogpeppe1FunnyLookinHat: something like this might do the trick:18:22
rogpeppe1fmt.Printf("%s %s; headers: %+v\n", method, URL, req.Header)18:22
rogpeppe1FunnyLookinHat: i have to go. good luck! ping me tomorrow if you're still having issues.18:23
FunnyLookinHatrogpeppe1, That helps a lot actually - thanks for the help18:23
FunnyLookinHatJust getting used to syntax mostly  :)18:23
rogpeppe1FunnyLookinHat: it's always a steep learning curve18:23
rogpeppe1FunnyLookinHat: ttfn18:24
FunnyLookinHatWell crap.  It looks like the core go library isn't sending a Content-Length header19:31
FunnyLookinHatBut - as luck would have it - it also prevents you from adding one because it wants to do it itself.19:31
FunnyLookinHatOr something...  but as far as I can tell, either Goose or Go isn't working as it should.19:32
FunnyLookinHatSeems to be the same issue though: https://bugs.launchpad.net/goose/+bug/112456119:32
_mup_Bug #1124561: the Content-Length header is missing <Go OpenStack Exchange:Invalid> <https://launchpad.net/bugs/1124561>19:32
FunnyLookinHatDoes anyone here know ~patrick-hetu ?19:39
jcastroI do19:43
jcastrowhat's up19:43
FunnyLookinHatjcastro, Not sure who I should be pushing on - Goose or Go - but it appears that one of the major hurdles to getting RS to work with Juju is that Content-Length isn't being sent correclty in headers19:52
FunnyLookinHatHowever - I think I just narrowed it down to a core go issue19:52
FunnyLookinHatWhich - ultimately - is worse news... slower, etc.19:52
FunnyLookinHatjcastro, it's a bit of a fiasco within the Go world it seems... I've managed to find a solution and posted to the above linked bug... I guess we'll see what Patrick thinks.  :)20:21
argeshi. why does ppa:juju/devel not have saucy packages?20:33
FunnyLookinHatGetting closer it seems - any ideas on this one ? http://hastebin.com/jehukavoye.bash20:49
FunnyLookinHatarges, could have to do with juju-core being current dev?  https://launchpad.net/juju-core has saucy packages I believe20:57
argesthose are 1.10.0 when i installed20:57
argeson sauncy20:57
argessaucy20:57
FunnyLookinHatYeah? I'm confused. :)21:04
FunnyLookinHatHmm - so I'm confused as to exactly what Juju is looking for in this JSON Auth response to find object-store: http://jsonblob.com/51bf7a2ee4b04ed0983b284521:06
thumpermorning21:13
FunnyLookinHathowdy thumper21:14
thumperhi FunnyLookinHat21:14
FunnyLookinHatmind if I pick your brain real quick before you do REAL work ?21:15
FunnyLookinHatI've managed to get juju to authenticate to rackspace with a minor patch to Goose - but it's now complaining with this error: http://hastebin.com/jehukavoye.bash - trying to narrow down what it's looking for in this auth response to see object-store http://jsonblob.com/51bf7a2ee4b04ed0983b284521:16
* thumper looks21:20
thumperFunnyLookinHat: unfortunately I know next to nothing about openstack or goose, but wallyworld, who does, should be online in an hour or two21:22
FunnyLookinHatAh I'll try to stick around :)21:22
FunnyLookinHatThanks though!21:22
wallyworldFunnyLookinHat: thumper: hi, i'll look at it soon, after breakfast21:23
thumperfwereade: was hoping to have some magic answers from you this morning :)21:27
wallyworldFunnyLookinHat: your keystone does not define an object-store endpoint for the DFW region21:31
FunnyLookinHatwallyworld, Do you have an example of what that response would look like so I can pass it on to rackspace?21:32
FunnyLookinHatfrom some other provider, et.c21:32
wallyworldi'll pastebin one, just a sec21:32
FunnyLookinHatThat'd be awesome - thanks21:33
=== gary_poster is now known as gary_poster|away
hallynhazmat: heya.  I'm having a weird issue with (py) juju.  All my clients currently are raring, stock.21:34
hallynI'm using ec2 provider.21:35
wallyworldFunnyLookinHat: https://pastebin.canonical.com/92973/21:35
hallynwhen i use default-series precise, juju bootstrap works21:35
hallynwhen i use default-series raring, juju bootstrap results in a bootstrap node which is useless until i manually log in and reboot it (after setup is completed)21:35
hallynthen it proceeds21:35
FunnyLookinHatwallyworld, You do not currently have access to the pastebin.21:35
hallynany nodes i bootstrap are the same - i have to lo gin manually and reboot before they are registered with juju21:35
FunnyLookinHatI logged in w/ launchpad creds...21:36
wallyworldFunnyLookinHat: ah sorry, i'll post to the public one21:36
FunnyLookinHatno worries :D21:36
hallynhazmat: I"ll email the juju dev list laster tonight when my cable company deems fit to give me internet, but thought i'd ask here first.21:36
thumperhallyn: weird...21:36
hallynthumper: it's 100% reproduccible so i figured it must be a known bug, but noone seems to think it is, so... :)21:36
* thumper is pleased it is pyjuju21:36
wallyworldFunnyLookinHat: http://pastebin.ubuntu.com/5775344/21:36
FunnyLookinHatwallyworld, great thanks - and Rackspace was curious as to what the object-store is used for...  just geek interest I think, but it piqued my own21:37
hallynthumper: does pyjuju do different things on the target nodes?21:37
wallyworldFunnyLookinHat: juju uses the openstack swift APIs for storage21:37
thumperhallyn: almost certainly21:38
wallyworldFunnyLookinHat: there needs to be a world readable, "public" swift container for the tools21:38
FunnyLookinHatwallyworld, Ah ok - I believe RS is pushing "swift compatible" API end points... just need to be put in that auth response21:38
wallyworldFunnyLookinHat: and a "private" container is created for you when juju starts up21:38
FunnyLookinHatThanks21:38
wallyworldnp, goodl luck and ask again if you need to21:39
=== gary_poster|away is now known as gary_poster
mrammhey wallyworld you around?21:40
wallyworldmramm: yes21:40
mrammgot time for a quick hangout, or you in the middle of stuff>21:40
mramm?21:41
wallyworldnah got time, you got a url?21:41
wallyworldor want me to start one?21:41
mrammi got it21:42
mrammsent to you21:42
wallyworldright, got it21:42
thumperwallyworld: https://codereview.appspot.com/9824047/ when you have a moment :) lbox sucks at dealing with merging trunk in the middle, just look at the LP diff21:47
thumperwallyworld: ah... it is proposed against old trunk21:48
wallyworldthumper: on a call with mramm21:49
* thumper nods21:49
fwereadethumper, sorry, I didn't even look at your test failure :(21:59
hazmathallyn, that is quite strange, if you log in manually it would be useful to see the content of  /var/log/cloud-init-output.log22:00
thumperfwereade: ok, I'll try to stumble through it22:01
hallynhazmat: will do that later tonight, thanks.  you're saying you can't reproduce?22:06
fwereadethumper, I did get as far as briefly peering at the branch and wondering a bit about all the work you do in TestContainerCreate22:06
fwereadethumper, what is it that requires all the infrastructure?22:07
thumperfwereade: cloud-init creation22:07
fwereadethumper, ok, I guess you want a real environ config, but can't you just use faked-up data for all the rest?22:07
thumperpossibly22:08
fwereadethumper, even the environ config only needs to be good enough to get through New22:08
thumperfwereade: can you point me at some similar type tests22:08
thumperand I'll try to reduce the overhead22:08
fwereadethumper, testing.InvalidStateInfo and .InvalidApiInfo for example22:12
thumperfwereade: ta22:12
thumperfwereade: don't stress, I'll work it out :)22:12
fwereadethumper, and I don't think there's any need to touch state at all22:12
fwereadethumper, the provisioner extracts the necessary info from state and passes it into StartInstance, and I think that's well enough tested already22:13
fwereadethumper, you can just make up whatever you like and check that the generated cloud-init is consistent with what you expect22:13
thumperfwereade: yeah, but I'm needing this to test the lxc container creation bits...22:13
thumperI don't care what is in cloud-init22:14
thumpernot really22:14
thumperI'm not looking inside22:14
thumperthat is tested in the cloud init tests22:14
thumperI just want something valid to be written out22:14
fwereadethumper, valid enough to actually run inside the container? surely not?22:14
thumperit doesn't need to actually run22:15
thumperas the lxc stuff is mocked out22:15
thumperI'm testing the creation of the files in the right place22:15
fwereadethumper, so, no need for the information you use to actually be backed in state, I think22:15
thumperit seems that somewhere inside the cloud init, it is accessing state with the wrong password22:16
thumpersomehow22:16
thumpercausing mgo to reconnect22:16
thumperwhich causes testing errors22:16
* fwereade gets nervous22:16
thumperso I'm probably passing the wrong password info through to cloud init22:16
thumperI may try reverse engineering the problem22:17
thumperinstead of poking from the top down22:17
fwereadethumper, I don't think we should try to connect to state at all in order to generate a cloud-init22:17
thumper*this* is why we should have interfaces around everything22:17
thumperso we can mock it all out22:17
thumperhmm... I'll dig some more22:17
fwereadethumper, sure, I understand that just fine -- but in this particular case it may be a little bit gnarlier, because we *know* we usually generate cloud-init files without state access... at bootstrap time22:18
thumperhmm...22:18
thumperlet me poke some more22:18
fwereadethumper, what fails if you disable the home-fakery/22:20
thumperstill in start-up mode, haven't got to poking the test yet this morning22:20
thumpermerging the two dependent branches22:21
thumperone is in, one is landing now (I believe)22:21
fwereadethumper, ah, NewConnFromName I guess22:21
thumperthen I'm all over it like a rash22:21
thumperfwereade: I need some valid stateInfo and apiInfo for the cloud-init22:21
fwereadethumper, np, sorry to hassle, just kinda thinking aloud22:21
thumperis that just to write out?22:21
thumperI could fake those, right?22:21
fwereadethumper, yeah, that's basically what Invalid*Info are for AIUI22:22
thumperkk22:22
fwereadethumper, "Fake" would be a better prefix22:22
thumper:)22:22
* thumper reads his own code again...22:23
thumperperhaps this is all bollocks...22:24
* thumper getting too concerned22:24
* thumper hacks22:24
fwereadethumper, in particular, forget the Conn creation... that will probably be trying to do passwordy-hackery-bollocks22:26
* thumper nods22:26
thumperI'm going to create a branch that renames the Invalid*State methods to Fake*State, and moves them from juju/testing into testing22:27
thumperless dependencies22:27
thumper\o/ two more branches landed22:28
* fwereade cheers22:30
fwereadethumper, it seems we don't have standard code for the creation of a valid dummy Config for testing22:31
fwereadethumper, except via home-hackery and yaml-juggling22:31
thumperfwereade: point me to a good example, and I'll move one into juju-core/testing22:31
* fwereade counts 21 /"type": *"dummy"/ and has a bit of a sad22:33
fwereadethumper, hmm, wait22:34
thumperwait what?22:35
fwereadethumper, all it needs is a *config.Config... you can create them pretty minimally, and they don;t even have to have a registered provider type iirc22:35
thumperumm... wat?22:36
thumperstate/multiwatcher depends on testing?22:37
* thumper has an import cycle22:37
fwereadethumper, ouch, grr22:37
thumperhmm22:37
thumperstate/export_test.go22:37
thumperseems to have a lot of stuff that shouldn't be there22:38
fwereadethumper, that TestingEnvironConfig is indeed a good candidate to move elsewhere22:38
* thumper nods22:39
thumperi have a file now22:39
thumpertesting/state.go22:39
thumperI'm attempting to move22:39
fwereadethumper, possibly TestingInitialize as well actually22:39
thumpertesting.Charms is another dep there22:40
* thumper digs22:40
fwereadethumper, ok, yeah, best keep Initialize out22:41
* thumper moves some shit around22:41
thumperfwereade: Initialize out of what?22:43
fwereadethumper, I was thinking "testing"22:44
fwereadethumper, but I guess cutting export_test down would have helped quite a lot?22:44
* thumper nods22:44
thumperdoing that now22:44
fwereadethumper, as long as there are no internal tests using bits of it ofc22:44
* thumper nods22:45
wallyworldthumper: off call now, did you need to repropose that branch?22:47
thumperwallyworld: I resubmitted it22:47
wallyworldok22:47
thumpergrrr22:48
thumperfwereade: state/settings_test.go is an internal test22:48
thumperthat using testing22:48
* thumper wonder how far to pull on this thread22:49
* fwereade wishes Settings just didn't exist, it's misused more than it's used22:49
mrammfwereade: hahaha22:49
mrammthumper: time box that thread pulling ;)22:50
* thumper will stop at noon22:50
thumperthread pulling that is22:50
thumpernot work22:50
mramm:)22:50
mrammwhat time is it there now?22:51
thumper10:5122:51
mrammcool22:51
thumperI strongly hold the opinion that state should not depend on testing22:51
thumperand we should be able to have testing provide state functions22:51
* thumper hits megawatcher_internal_test22:55
thumpertempted to stop now...22:56
thumperthis is just getting stupid22:56
* thumper reverts, uncommits, and reverts again22:58
thumperwallyworld: ta23:04
wallyworldnp23:05
=== wedgwood is now known as wedgwood_away
thumper\o/ create test passes with all fake inputs23:25
fwereadethumper, sweet23:28
fwereadethumper, be forewarned, in case you ever hit it: the environs/dummy is used inappropriately by something or other, and has similar tentacles23:29
thumperfwereade: simple refactoring  https://codereview.appspot.com/10344044/23:30
=== niemeyer__ is now known as niemeyer

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!