davecheneylucky(~) % juju status00:27
davecheneyWARNING discarding API open error: <nil>00:27
davecheneywut ?00:27
davecheneywallyworld_: http://paste.ubuntu.com/6789000/00:35
davecheneyi cannot bootstrap00:35
davecheneywhat is going on ?00:35
thumperdavecheney: wallyworld_ is not back from lunch yet00:43
thumperdavecheney: that is a shitty error00:44
thumpershould file a bug about that00:44
davecheneylooks like it's sending back a 404 error00:51
davecheney<hr /> smells of the apache 502 page00:51
davecheneyor something00:51
davecheneywhat is the URL it tries to hit ?00:51
davecheneyoh, hang on00:54
davecheneyi didn't use --upload tools00:54
thumperstill a shitty error00:54
davecheney<< PEBKAC00:55
davecheneyAttempting to connect to ec2-54-253-211-44.ap-southeast-2.compute.amazonaws.com:2200:56
davecheneyAttempting to connect to ip-10-249-43-61.ap-southeast-2.compute.internal:2200:56
davecheneyAttempting to connect to
davecheney^uh, the second will *NEVER* work00:56
davecheneyAttempting to connect to
davecheneyin fact, it could work00:56
davecheneybut connect you to something totally unexpected00:56
wallyworld_davecheney: that xml error thing is fixed in trunk - there was some old s3 bucket code still lurking in the system00:58
wallyworld_thumper: when you are bored or need a change from swearing at your keyboard https://codereview.appspot.com/54740043/01:02
axwdavecheney: bootstrap doesn't know which IP is the right one. it checks each one that the provider tells you about, and verifies the machine connected to is the one it started01:54
axwdepending on the provider, and where you're bootstrapping from, you may indeed want the private IP01:55
axw(think bootstrapping canonistack from within canonistack)01:55
davecheneytrue, but 10/0 may not be remote on your network02:17
davecheneyimagine what happened if a provider gave out 192.168/16 addresses02:17
davecheneythat is used by most modems02:17
davecheneysorry, private networks02:18
axwdavecheney: we verify the identity of the machine by confirming the nonce. so the random machine you get would (a) have to have your SSH public key in ~ubuntu/authorized_keys and (b) have the random nonce generated in a specific location02:21
davecheneysure, but if juju connets to the private address, say 10.x.x.x02:21
davecheneyand it gets refused02:21
davecheneyor more specifically, authn failed02:22
davecheneywill it try the public address ?02:22
axwit tries them all in parallel02:22
axwit blows that we need to check them all, but it covers all scenarios with zero user intervention02:23
davecheneyhow is the land of hobbits ?02:23
axw:)  nice and cool02:24
axwbetter than the ~35 degrees back in Perth02:24
davecheney^ can anyone confirm this gocheck breakage ?04:35
wallyworld_waigani: https://pastebin.canonical.com/103270/05:44
wallyworld_waigani: https://pastebin.canonical.com/103271/05:45
dimiternrogpeppe, I have a bunch of reviews up, if you can take a look at some of them? https://codereview.appspot.com/54620043/ https://codereview.appspot.com/54630043/ https://codereview.appspot.com/54640043/https://codereview.appspot.com/54650043/08:32
rogpeppedimitern: will do08:33
dimiternmgz, jam, others? ^^08:33
dimiternrogpeppe, review poke10:08
rogpeppedimitern: sorry, i've been trying to get tests passing cleanly before starting on reviews. hopefully not much more now.10:09
dimiternrogpeppe, ok10:10
eagles0513875morning dimitern :)10:11
dimiterneagles0513875, morning man :)10:12
eagles0513875dimitern: :) good news btw on start up the environment i setup on the local provider also came up10:12
eagles0513875but im not sure if i should be worried about one thing10:12
eagles0513875dimitern: im seeing this when i do juju status instance-state: missing10:12
dimiterngood news then10:12
dimiternhmm .. i'm not sure the local provider supports instance-state10:13
dimiternit's a cloud specific value that describes what state the vm is in (i.e. "building", "rebooting", "running")10:13
dimiternrogpeppe, and this is the last bit https://codereview.appspot.com/52550045/ (6/6)10:14
eagles0513875dimitern: i think it does this for the local provider as well10:14
dimiterneagles0513875, maybe it's a bug then - can you look for similar existing bugs and file one if none exists please?10:16
eagles0513875dimitern: i do know if i setup a new deployment it does show the pending etc10:17
eagles0513875but what i find interesting is that it doesnt seem to preserver or boot up any previous instances on the local provider after reboot10:17
eagles0513875fwereade: any idea about the above that im noticing?10:18
jameagles0513875: you should be able to use "sudo lxc-ls --fancy" and see what instances have been set up on your machine10:18
eagles0513875let me try that10:19
jameagles0513875: what series are you on ? (Precise, Saucy, T, etc) ?10:19
jamand then you can try "apt-cache madison lxc"10:19
eagles0513875ok well the laptop im testing out the local provider is 13.1010:19
eagles0513875the instances are precise10:19
eagles0513875ok the main bootstrapped environment is showing up and that is it10:20
eagles0513875let me pastebin10:20
eagles0513875http://paste.ubuntu.com/6790813/ jam dimitern10:20
jameagles0513875: I don't think instance-state: missing means something is wrong, as dimitern mentioned, I'm pretty sure it is empty for local instances today10:21
eagles0513875isnt 1 an instance of something i might have had setup?10:22
eagles0513875i did have an instance of the juju-gui there yesterday10:22
eagles0513875which i probably forgot to destroy before shutting down10:22
eagles0513875how can you start an instance?10:26
dimiterneagles0513875, by deploying something or using add-machine10:32
eagles0513875dimitern: ok lets say the host power cycles for some reason10:32
eagles0513875how can you bring up the instances you would have had deployed there.10:32
eagles0513875thats what happened i shut down my laptop http://paste.ubuntu.com/6790874/ this paste is after a new boot strap so for sure I had something deployed10:33
eagles0513875i think this is one serious flaw potentially in juju unless things are handled differently then what im thinking10:33
dimiterneagles0513875, i'm not well versed with the local provider, but if you can wait until late in the evening, you might ask thumper, when he's around, or perhaps better, send a question on the juju-dev mailing list10:35
eagles0513875where do i subscribe :)10:35
eagles0513875thank you :)10:36
dimiternnp :)10:36
jamfwereade: mgz: standup ?10:45
* fwereade stands up10:46
eagles0513875fwereade: :P you is in trouble :p10:46
jammgz: poke?10:47
eagles0513875fwereade: i think i found a very interesting use case this morning after running a test with the local provider that could be a big flaw with juju as it stands right now or im just not aware of the features10:47
* eagles0513875 pokes jam with a stick and it slides right through him/her10:47
eagles0513875dimitern: hope my thinking above isnt too outside the box10:54
mgzjam: wandered off, here now10:54
eagles0513875mgz: thats what happens when you leave jam out for too long lol it becomes a big sticky puddle :p10:55
dimiterneagles0513875, filing bugs or juju-dev discussions are most beneficial - for the record, etc.10:57
* eagles0513875 goes into lurking mode.10:57
dimiternrogpeppe, updated https://codereview.appspot.com/54620043/ as suggested11:17
rogpeppedimitern: the only config.Config field that is secret is admin-secret, and that's not required11:23
rogpeppedimitern: putting "not available" in secret attributes just seems like asking for trouble11:24
dimiternrogpeppe, please confirm with fwereade about this behavior11:42
fwereadedimitern, rogpeppe, ehhhhhh just a mo11:43
rogpeppefwereade: could you explain the reasoning behind filling out secret attributes with "not available" rather than deleting them?11:43
fwereaderogpeppe, the provisioner's all fucked up, and expects an environ config even if it's just a container provisioner11:44
rogpeppefwereade: but what if the environ config expects an integer-valued secret attribute?11:45
fwereaderogpeppe, it doesn't11:45
fwereaderogpeppe, we changed the interface11:45
fwereaderogpeppe, strings only11:45
rogpeppefwereade: the environment config can't contain anything except strings?11:45
fwereaderogpeppe, justthe secrets11:45
rogpeppefwereade: ah. i didn't see that. where's it documented?11:46
fwereaderogpeppe, EnvironProvider.SecretAttrs11:46
fwereaderogpeppe, dimitern: it would ofc be best to unfuck the provisioner rather than further promoting that hack11:47
rogpeppefwereade: and this is just to work around the provisioner bug11:47
dimiternfwereade, yes, hence the bug 123138411:47
_mup_Bug #1231384: Provisioner API's EnvironConfig() shouldn't allow non-manager nodes to call it <tech-debt> <juju-core:Triaged> <https://launchpad.net/bugs/1231384>11:47
fwereadedimitern, rogpeppe: OMG NO WAI it looks like someone may have done that11:48
* fwereade looks more closely11:48
rogpeppefwereade: given that the bug is in the provisioner, i'd be much happier if the workaround-hack was in the provisioner too11:49
dimiternrogpeppe, it is in the provisioner api11:49
rogpeppefwereade: rather than corrupting core interfaces for no good reason11:49
rogpeppedimitern: the bug is in the provisioner agent code11:49
rogpeppedimitern: which could easily add the required dummy secret attributes itself11:50
dimiternrogpeppe, yes, but without some less than trivial refactoring, it can't be fixed11:50
fwereaderogpeppe, dimitern: take a look at the provisioner, I don't think the container provisioner uses it any more11:50
rogpeppedimitern: sure it can. but even better if the container provisioner doesn't do it11:50
dimiternfwereade, I can see it uses it on line 173 in provisioner.go11:51
dimiternfwereade, ah, that's just the env. provisioner11:51
fwereadedimitern, yeah11:51
dimiternfwereade, cool! so we can get rid of the masking and mark the bug fix committed11:51
fwereadedimitern, I think we can11:52
fwereadedimitern, test it live please though -- you have access to a MAAS, right?11:52
dimiternfwereade, i don't think i do11:52
dimiternfwereade, even if i do, i've never used it11:52
dimiternfor live testing11:52
dimiternperhaps natefinch can help with that?11:53
dimiternfwereade, why maas exactly?11:54
fwereadedimitern, that has containers that work11:55
dimiternfwereade, so ec2/canonistack won't do?11:59
fwereadedimitern, I think probably not for verifying that container provisioners really really work properly11:59
dimiternfwereade, i'd appreciate any pointers on how to connect to maas and test it12:00
fwereadedimitern, yeah, I'm trying to find the email12:01
dimiternfwereade, I'll follow the wiki and ask on #is12:01
dimiternfwereade, it seems i'm not a member of any of the groups that have access to maas (iom-maas or qa-lab)12:11
dimiternfwereade, it seems I can't use the maas lab - it's booked for the next few weeks12:19
TheMueo/ <= I'm looking for help with API and authentication13:09
dimiternTheMue, hey, what do you need?13:10
TheMuemy debug-log command get's a "permission denied"13:10
dimiternTheMue, that's the client api13:10
dimiternTheMue, run it with --show-log and --debug and paste the output?13:11
TheMuedimitern: I'm using juju.NewAPIClientFromName und client has a method for calling my facade13:11
TheMuedimitern: ok, will do13:11
TheMuedimitern: tia13:11
dimiternTheMue, pasting some code can also help to see what you're trying to do13:11
TheMuedimitern: will put it all together, just have to bootstrap13:12
dimiternTheMue, ta13:13
dimiternrogpeppe1, hey13:16
rogpeppe1dimitern: yo13:17
dimiternrogpeppe1, since live testing  on maas of whether bug 1231384 is fixed13:17
rogpeppe1dimitern: sorry, i've been afk for a while 'cos a friend came around13:17
_mup_Bug #1231384: Provisioner API's EnvironConfig() shouldn't allow non-manager nodes to call it <tech-debt> <juju-core:Triaged> <https://launchpad.net/bugs/1231384>13:17
dimiternrogpeppe1, let's live with it for now, so I can land the firewaller api13:17
rogpeppe1dimitern: are you saying that the bug isn't fixed?13:18
dimiternrogpeppe1, once it's available, I'll look into it and remove the code as suggested, after successful live testing13:18
rogpeppe1dimitern: or that you don't know?13:18
dimiternrogpeppe1, i can't confirm it won't work for real without the workaround13:18
rogpeppe1dimitern: isn't it easy to test by live testing in ec2?13:19
dimiternrogpeppe1, ec2 does not use container provisioner apparently13:20
dimiternrogpeppe1, only maas does13:20
rogpeppe1dimitern: ah, of course.13:20
rogpeppe1dimitern: i suppose another way would be to run the container provisioner tests and check that the EnvironConfig API call is never made13:21
dimiternrogpeppe1, it doesn't beat live testing13:21
TheMuedimitern: log does not tell very much: http://paste.ubuntu.com/6791555/ , the implementation so far at https://codereview.appspot.com/44540043/ (the predecessor branch in review by fwereade)13:25
rogpeppe1dimitern: tbh i think a code inspection is good enough here. it's easy to verify that EnvironConfig is only called in an environProvisioner, and that NewEnvironProvisioner is only called if the machine has JobManageEnviron13:26
rogpeppe1dimitern: if that's not the case, it's not *too* bad.13:26
rogpeppe1dimitern: if it breaks trunk, just blame me :-)13:26
dimiternrogpeppe1, how about backwards compatibility?13:27
dimiternrogpeppe1, removing EnvironConfig() from the provisioner facade is a breaking change, and needs workarounds for 1.1613:27
rogpeppe1dimitern: that's a reasonable point.13:29
dimiternrogpeppe1, see - all the more reasons to dedicate a cl + time on it alone13:30
rogpeppe1dimitern: yeah - perhaps just put a comment saying "delete when 1.16 compatibility no longer required"13:31
dimiternrogpeppe1, sure13:31
dimiternrogpeppe1, updated https://codereview.appspot.com/54620043/ again - should be good to land now?13:59
dimiternTheMue, sorry, back to you13:59
dimiternTheMue, in DebugLogCommand.Init you need to call NewAPIClientFromName in Run(), not Init14:00
dimiterns/in Debug../looking at Debug../14:01
dimiternTheMue, see the other commands for examples14:01
TheMuedimitern: that's all? would be great. thx, I'll try14:03
rogpeppe1dimitern: LGTM14:03
dimiternTheMue, well, that bit is fishy, but might be something else14:03
dimiternrogpeppe1, ta!14:03
dimiternrogpeppe1, did you look at the others?14:04
rogpeppe1dimitern: am on them14:04
TheMuedimitern: the fishy one showed at least a first step of success http://paste.ubuntu.com/6791768/14:09
TheMuedimitern: but still no connection14:09
TheMueno permission14:09
dimiternTheMue, does any other command work?14:11
dimiternTheMue, I see the problem14:13
dimiternTheMue, https://codereview.appspot.com/44540043/diff/140001/state/apiserver/debugger/debugger.go - in NewDebuggerAPI you're checking for AuthEnvironManager14:13
=== gary_poster|away is now known as gary_poster
dimiternTheMue, that's not how it should be for a client api (it's used for the agent api only)14:13
TheMuedimitern: ic14:14
dimiternTheMue, the whole facade is written as if it's an agent api facade14:14
TheMuedimitern: yeah, only tried to follow what I found ;) but seems I didn't got the intention behind it (client and agent)14:15
dimiternTheMue, look at apiserver/client/client.go - you need AuthClient() in the Debugger(id string) call14:16
TheMuedimitern: hmm, don't have AuthClient() there, only AuthClient() bool in apiserver/root.go14:18
dimiternTheMue, the root is an authorizer14:20
TheMuedimitern: the debugger API is intended to be used from the CLI and the UI. we call both "client" opposite to "agent" for the agents on the machines?14:24
TheMuedimitern: I've got my standup now, but your hints already showed the way14:29
TheMuedimitern: maybe I'll come back with more questions later14:29
TheMuedimitern: thx so far14:29
dimiternTheMue, np14:41
rogpeppe1dimitern: all reviewed, i think14:46
dimiternrogpeppe1, tyvm14:47
dimiternrogpeppe1, except the firewaller api itself?14:47
rogpeppe1dimitern: ah, which one is that?14:47
dimiternrogpeppe1, https://codereview.appspot.com/52550045/14:47
rogpeppe1dimitern: ah, you didn't mention that in the list you pasted this morning...14:48
rogpeppe1dimitern: looking14:48
dimiternrogpeppe1, that's the last one14:48
dimiternrogpeppe1, ta14:48
rogpeppe1dimitern: i've got a meeting in 5 minutes - don't think i'll have done it before then, i'm afraid14:56
dimiternrogpeppe1, it's ok - later perhaps?14:57
rogpeppe1dimitern: yes14:57
TheMuedimitern: step by step, calling the command seems to work now, but it looks I'm using the watcher wrong. do we have an example of using the watcher from the client side?15:05
dimiternTheMue, only the AllWatcher is used by the client api so far15:06
TheMuedimitern: ok, will look how it is done there15:09
* fwereade away early, cath's birthday15:52
mgzhave fun!15:53
TheMuefwereade: enjoy and congrats from me16:05
gary_postersinzui: hi.  will 1.17.1 be made from trunk?  specifically, will it have the AddLocalCharm method http://bazaar.launchpad.net/~go-bot/juju-core/trunk/revision/2155 from dimiter?16:42
sinzuigary_poster, yes it will16:42
gary_posterawesome thanks sinzui16:42
rogpeppe1dimitern: reviewed16:52
dimiternrogpeppe1, thanks16:52
jamespagesinzui, will the 1.17.1 release include using juju-mongodb on trusty+ ?17:45
sinzuijamespage, It can. I can make that change  and start testing ittoday18:35
jamespagesinzui, please19:06
sinzuijamespage, ack19:07
natefinchinteresting, if I leave saturday night for London, I can get a direct flight for $500 less than a 1 stop flight leaving sunday morning at 5am.  Seems like a no brainer.19:09
natefinchman, flight prices are wacky19:09
rogpeppe1natefinch, fwereade, mgz: review anyone? https://codereview.appspot.com/5515004319:15
rogpeppe1EnsureAvailability finally :-)19:15
natefinchrogpeppe1: nice!  I'll check it out.19:18
rogpeppe1natefinch: thanks!19:18
wallyworldfwereade: you around?19:55
lazypowerDoes a variable exist indicating which node is the dying node? eg unit['status'] = dying?21:48
=== gary_poster is now known as gary_poster|away
axwwaigani: https://juju.ubuntu.com/docs/tools-charm-tools.html22:03
dpb1any trick to get relation-get --help text?  I get env variables not defined,  when I try to run it.22:23
fwereadewallyworld, hey, I need to be a bit brief, but I *am* herefor now22:32
wallyworldfwereade: we were only looking to see if you wanted to join in azure or upgrade discussion22:33
wallyworldup to you. but we do need to start talking even if you are not available. we were going to talk about azure this afternoon since you were not around earlier22:34
fwereadewallyworld, I don't think I've really got time for a deep discussion, I'm afraid :(22:35
wallyworldnp. we were pinging you cause you asked us to :-)22:35
fwereadewallyworld, re azure my gut wants to jam availability sets in as placement directives, but I'mnot sure if we can make that fly22:35
fwereadewallyworld, and I'd really appreciate an update of what you all discussed when you've discussed it22:36
wallyworldi think it needs to support auto generated as well / instead of22:36
fwereadewallyworld, yeah22:36
wallyworldie each service is placed in it's own availability set22:36
fwereadewallyworld, that's fine until we want density22:36
wallyworldwe can tweak it once density is considered22:37
fwereadewallyworld, and don't forget HA, juju itself needs one22:37
wallyworldhave a config for auto22:37
fwereadewallyworld, cheers22:37
wallyworldwe'll keep you in the loop22:37
wallyworldi'm thinking the avail set name would be mysql-<env uuid>22:37
wallyworldconfig for auto avail sets would default to true, would be turned off for density perhaps22:38
wallyworldor even no option, and if density directives used, don't do auto22:38
fwereadewallyworld, hard to switch over though22:39
fwereadewallyworld, anyway I must return to my other life22:39
fwereadewallyworld, cheers22:39
wallyworldsure, see ya22:39
wallyworldwhat, you have a life?22:39
marcoceppifwereade: are you around?22:56
marcoceppithumper: hey, just installed juju-core from source, boostraping local provider, but it's using 1.17.0 tools, --upload-tools doesnt' seem to work, how can I get 1.17.1 tools for local from compiled juju?23:54

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!