=== luflores is now known as Caguax
themonkhi all01:15
themonkcan anyone tell me when i should use peer?01:16
josethemonk: afaik it's when the service will relate to itself01:20
lazypowerthemonk: whenever you ahve scale out situations. as in you go from a single node to 2+01:28
lazypowerthose nodes are by defintion peers of one another. this is handy for say exchanging cookie secrets in webapps01:28
themonkanother question if 2 charm require each other, do i use different name for same relation or same name?01:31
themonkhello lazypower :) how are you?01:31
themonkhello jose :)01:34
josehey themonk!01:34
joseit's the same relation I think01:35
* jose hasn't looked too much into peer relations01:35
themonkjose, forgate peer talking about normal relation :)01:36
themonkjose, forgate peer talking about normal relation  now:)01:36
josethemonk: what do you specifically mean by relation name?01:37
lazypowerthemonk: its all dependent on the interface you use. its dictated by the provides: and requires: directive in your metadata.yaml01:38
lazypowerand i'm doing well, thanks :)01:38
themonkjose, lazypower, charm1->provides->relname1->interface1 and charm2->requires->relname1->interface1  then charm2->provides->relname2->interface2 and charm1->requires->relname2->interface201:41
themonkthis is the case01:41
themonkor will i do it like this: charm1->provides->relname1->interface1 and charm2->requires->_relname1->interface1  then charm2->provides->relname2->interface2 and charm1->requires->_relname2->interface201:43
joseyeah, I think that's fine01:44
themonkjose, which one01:44
joseboth are the same, I don't see any difference01:45
lazypoweryou've got a circular reference in relationships01:45
lazypowerunless they need 2 specific defined interfaces01:45
lazypoweryou only need the provides/requires one way01:45
lazypowerits a bidi comunication interface01:45
lazypoweras in you can set on both sides, and receive on both sides. so you're good 2 go to exchange whatever data you need to send/receive across teh wire with just the singular interface01:45
lazypowerthese aren't governed by RFC's they are loosely coupled/typed relationships. arbitrary variables and values01:46
joseshould we do a charm school about relations?01:46
themonklazypower, hmm01:46
lazypowerjose: there are several already01:47
themonkjose, yes that will be great01:47
josethemonk: see ^01:47
themonkok thanks man :)01:47
lazypowerits not clearly labeled as "relationships"01:47
josewho could've done that? *cough* jcas *cough* tro *cough*01:48
lazypowerits in one of the getting started videos01:48
lazypowerso it encompases more than just relationships01:48
lazypoweri'm sorry i dont have a direct video link for you01:48
lazypoweri'll raise the issue at tomorrow's standup that we need to do a video over relationships01:48
lazypowerthemonk: there's also an open call to 'what should we do next' on the list - which we'd love to have your feedback if you've got grey areas that a charm school would help with01:49
lazypowerwe're always upping our game, one week at a time, on getting new videos out there for our user base to really grokk what we're doing with juju01:49
lazypowerso make sur eyou're subbed to juju@lists.ubuntu.com to get in on all the community voting action01:49
themonkhmm ok i will01:50
themonkAFK 15 min01:51
l1fequick question: i've been creating and destroying some juju environments03:48
l1fehowever after destroying an environment, juju-mongodb is leftover03:49
l1fewhen i try to purge/auto-remove it03:49
l1fean upstart script somewhere keeps on redownloading the package and reinstalling mongodb03:49
l1fehow the heck do i stop this?03:49
l1fei'm currently on juju 1.19.4 running on maas with trusty nodes all over03:51
l1fen/m...had to remove the upstart scripts in /etc/init and then purge03:58
lazypowerl1fe: sounds bugworthy. can you file a bug against juju-local about that?04:35
=== vladk|offline is now known as vladk
=== gmb is now known as breakum-binns
=== vladk is now known as vladk|offline
=== vladk|offline is now known as vladk
=== CyberJacob|Away is now known as CyberJacob
=== breakum-binns is now known as gmb
mwhudson237.872  + juju deploy --to 0 nova-compute237.873  ERROR cannot upload charm to provider storage: Head dial tcp connection refused08:06
mwhudsonwould this be a race condition?08:06
mwhudsonit's in a script that does more or less "juju bootstrap; juju deploy --to 0 nova-compute"08:06
mwhudson(manual provider)08:07
=== gmb is now known as breakum-binns
=== breakum-binns is now known as gmb
=== gmb is now known as breakum-binns
=== breakum-binns is now known as gmb
=== CyberJacob is now known as CyberJacob|Away
=== scuttlemonkey is now known as scuttle|afk
schegianyone here who could help with a cloud-init-nonet issue during boot??11:33
=== vladk is now known as vladk|offline
=== vladk|offline is now known as vladk
=== vladk is now known as vladk|offline
l1fesorry to be a bother, but i'm trying to deploy juju-gui on my juju environment, it every time i try, my node stays in pending status13:27
l1fei'm deploying on a MAAS controlled, 4 node environment13:27
l1febootstrap worked, relatively well, although i had to manually go in an create a /var/lib/juju/nonce.txt in order for it to not timeout13:28
l1fewhen i do a "juju deploy juju-gui" it kicks off the process fine, and in maas it shows the node as going from ready to "allocated to root"13:28
l1febut ultimately nothing is ever done on the node13:29
l1fealso, nothing really shows up in the all-machines.log in /var/log/juju13:30
=== urulama is now known as urulama-away
cory_fuSo, jose commented on my choice of using a juju run script for setting admin passwords in the Apache Allura charm (https://bugs.launchpad.net/charms/+bug/1314699), but I'm still not convinced that having a config option is the right approach for admin passwords.16:35
_mup_Bug #1314699: New charm - Apache Allura <Juju Charms Collection:Incomplete> <https://launchpad.net/bugs/1314699>16:35
josecory_fu: hey, I recommended that because juju set is the default for any options you can configure, I would personally not have it as a run script16:37
lazypowercory_fu: didn't you email the list about it?16:38
lazypowerwas there any traction from your list mailing that was pro/against?16:38
josehmm, i didn't see that one16:38
lazypoweri think its a unique approach - and it's definately work further investigation / discussion.16:39
cory_fuIt kind of went off on a tangent about password-typed config options16:39
cory_fuBut I'm not convinced that passwords make sense as options at all, regardless of whether there's a password type16:39
lazypowerif they're a salted hash in the database - whats the argument against that?16:40
cory_fuFor one thing, the passwords can be changed outside of Juju, leading to a mismatch between Juju's idea of the password value and the actual password value16:40
lazypowersarnold: ping16:40
cory_fuI think Juju options make sense for things that can't be configured from within the application, but trying to manage application settings from Juju seems incorrect to me.16:41
cory_fuHonestly, it would be better if the application in question handled the initial admin password itself, on first run.16:41
lazypowercory_fu: whys that? we have several charms that support application configuration.16:41
cory_fulazypower: So how do you handle the possibility of Juju resetting options that were changed from within the application due to Juju having an outdated idea of what the value should be?16:42
=== roadmr is now known as roadmr_afk
lazypowercory_fu: within the domain of what we're talking about, if juju has an idea of the application configuration, it makes sense to me to change those within juju and not the application.16:43
lazypowerwhat's being described is very much a smiliar problem that exists with all CM frameworks - if you deploy msyql and tweak your my.cnf by hand - its going to be lost on the next convergence.16:44
cory_fuAnd if Juju doesn't cover all of the settings, you end up in a weird place where you should use Juju to set some of the options, and the application others, even if those options are on the same page within the application.16:44
cory_fuIn Allura's case, there are three default users set up.  So you would presumably set the "root" user's password via Juju, but none of the others?16:44
joseyou can have three config options16:45
cory_fuThough that's not as bad as being in a situation where you have to remember "the 5th option down on the settings page shouldn't be touched, since it's handled by Juju"16:45
lazypowercory_fu: so a lot of this sounds like it would be well served by juju-actions when they land. Such as setting up username/passwords16:46
cory_fujose: That seems like config.yaml bloat.  :)  What about the other users that will later be added?  And what if the admin removes the default users and creates a new admin user?16:46
lazypowerthat prevents it from being a configuration option and exposed16:46
cory_fulazypower: +1 and that's what I was using the run script as a makeshift version of.  :)16:46
lazypowerand exposes an option for you to add/remove users with juju through an action.16:47
lazypowercory_fu: oh i'm pretty much for your implementation16:47
lazypowercory_fu: i'm playing devils advocate here so its being fleshed out in everybody's face so when we start doing more of this, i can point to the irc log and say "we talked about it on the list and here - i like this better +1 for participation"16:47
cory_fujose: Just to be clear, I'm not entirely averse to adding a "root-password" option to the Allura charm.  Just raising it for discussion.  :)16:47
cory_fulazypower: Good16:48
cory_fuThat's also why I raised it here.  I'm currently adding the option to the charm, anyway, though I'm going to leave the run scripts in (since I basically need them to set the password anyway)16:49
lazypowercory_fu: nah leave the run script16:49
lazypowerwhat you've got makes all the sense in terms of domain specific configuration16:49
lazypowerthe service doesn't expose a default password that can be hacked16:49
lazypoweri wont nack it for a missing password config value - especially since as you pointed out, there are 3 users with only 1 configuration option.16:50
lazypowerbcsaller: will you have a chance to review allura this week? Cory's got a really interesting implemenation that could set the model for charm security moving forward.16:50
cory_fuIt also uses the services framework (though it's probably not the best poster-child)16:51
lazypowerwell - i know that actions are going to land in the not so distant future16:51
lazypowerso this is a really good stop gap / prototype implementation until we get 'juju actions'16:51
lazypowerits the first charm that i'm aware of that will have a juju-run based config step too, which i like. its exposing more usefuleness to juju-run16:52
cory_fujose: What was that charm I gave you a +1 on recently?16:52
lazypowerHAHAHA cory_funo retroactive -1's!16:52
lazypowerj/k, nack away ;)16:52
josecory_fu: tracks I think?16:53
cory_fuNo, I think it started with a C?16:53
cory_fuI wish there was a way to see my past activity on Launchpad16:53
cory_fulazypower: That's the one.16:53
joseI've been working in many charms lately16:53
cory_fuThat would be awesome to convert to the services framework, since it would make all of the effort of having to maintain the dot-files go away16:54
lazypowercory_fu: services framework?16:54
cory_fujose: You're a charming monster.  :)16:54
lazypowerhe's Charmbot 500016:54
joseBTW, I do like the approach you have and believe it's worth a Discussion16:54
joseyeah, see my /nickserv info16:55
cory_fulazypower: The thing that we have proposed for merging into charmhelpers, and that I use in the Allura charm, that we developed while working on Cloud Foundry16:55
lazypowerAh, i saw teh inclusion of custom helpers16:55
lazypoweri didnt dive too deep into it, when i reviewed allura it was a pretty fresh cut16:55
lazypoweryou'e since remixed the charm haven't you?16:55
cory_fulazypower: Yeah, quite a bit16:56
lazypowerthat must be a post-review inclusion16:56
lazypowerif bcsaller doesn't ping back about being able to review allura, ping me tomorrow and i'll dive into it16:56
bcsallerI see the branch, but I don't see it in the review queue16:56
cory_fulazypower: The services framework, in a nutshell, is a system to automatically manage the complexity of dealing with figuring out at what point you have all the info you need to actually set up the software, which could come from disparate sources such as config, relation data, etc, and could end up being completed in any of a number of hook invocations16:57
lazypowerbcsaller: the bug is incomplete16:57
_mup_Bug #1314699: New charm - Apache Allura <Juju Charms Collection:Incomplete> <https://launchpad.net/bugs/1314699>16:57
cory_fubcsaller: I'm about to update said bug, as I've made some changes16:58
lazypowercory_fu: whoa. thats awesome16:58
lazypowerso you define the required params, and once everything in this dictionary is complete, we say "Ok return true and configure now"16:58
bcsallerlazypower: we did try to sell you all on this in Vegas :)16:58
lazypowerbcsaller: i probably said shut up and take my money, then forgot i voted for it.16:59
cory_fuHowever, jose, I wasn't able to reproduce that issue with the mongodb hook error, nor even see how it could have occurred, since it could only happen if the pymongo library was broken16:59
cory_fuAs in, not properly installed16:59
lazypowerbcsaller: you guys are like kickstarter - too many good ideas, me with too little money16:59
bcsallerjust waiting for fb to dump 19M on us17:00
lazypowercory_fu: moving forward, when you want reviews - make sure the bug is "Fix Comitted" or "new"17:00
lazypowerotherwise it gets scrubbed from teh queue17:00
cory_fulazypower: Yeah, I know.  I was still in the process of making fixes17:00
* lazypower flips tables17:00
cory_fuI literally *just* pushed up my last fix.  :)17:00
* lazypower puts it back17:00
cory_fulazypower: Where are the IRC logs posted at?17:02
josecory_fu: I'll have to check once I'm back home17:02
cory_fulazypower: http://imgur.com/gallery/5VDqD3L17:03
lazypowercory_fu: you sir, have taken it to the next level.17:04
=== revagomes__ is now known as revagomes
sarnoldlazypower: pong :)17:08
lazypowersarnold: we had abit of a discussion up above between cory, jose and myself. From a Sec Audit perspective, how do you feela bout charms using isolated scripts to perform user/password management in leu of a configuration option on a charm?17:09
sarnoldlazypower: heh, nice can of worms we've got here :)17:12
lazypowerisn't it though?17:12
lazypowerif you've got any input on the matter, i'd love to hear your opinions.17:13
sarnoldideally we wouldn't even have passwords -- they have to be stored somewhere, whether it is in mongo or a plain text file in ~/.juju/ somewhere. the danger of storing them in ~/.juju is that someone might check them into git as an easy way to 'distribute' juju control amongst a team..17:14
sarnoldso it'd be wonderful if services that support key-based authentication could use keys, instead, but that's unrealistic to hope for that; some services just require passwords.17:15
lazypowersarnold: this is about a service thats being deployed with juju - in the event of apache allura - it come swith a root, a git, and a reviewer user (paraphrasing) - and we need to set them up in the application. Key based auth is not an option unfortunately - its a webapp.17:15
sarnoldI would much prefer a centralized place to store them all, and using the juju set functionality is easily flexible enough to handle them all, but I further hope admins wouldn't actually need to set (or see) passwords as a regular part of business17:16
sarnoldlazypower: ah; I had expected something more like pgsl accounts for applications, these are users "within" an application.17:17
sarnoldlazypower: you just added some nuts to this can of worms :)17:17
lazypowercorrect. the 3 users are required to finalize a core installation.17:17
lazypowerhaha, well - i was thinking this was going a bit askew based on your answer17:17
lazypowerand i'm also known as the master of no-context17:18
sarnold.. and so firing up e.g. juju set just to change the reviewer password seems heavy-handed :)17:18
cory_fusarnold: Like I said above, ideally the application itself would manage the admin user / password and juju wouldn't have to get involved, but in this case (and others), the application needs a "bootstrap" user / password that can't be set up properly from within the application17:18
sarnoldlazypower: well, it's certainly my fault for not reading -all- of scrollback, just enough to jump to the wrong conclusion :)17:18
cory_fuReally, once the admin password is set, it should be managed from within Allura, which is another argument against having it as a config option, IMO17:19
sarnoldyeah, that makes sense17:19
cory_fuBut I can also see having Juju actions for managing admin users as a convenience option.17:21
sarnoldthough, if we think about e.g. apache httpd; it has a pluggable authentication and authorization mechanism, different kinds of authetication can be required, and user/passwords can be handled via e.g. htpasswd or ldap or gdbm or any other number of tools; I might expect a "protected filesharing with apache" charm to provide configuration switches for the different mechanisms, and perhaps even a pre-seeding mechanism for the htpasswd method..17:21
cory_fuExactly.  And Actions would seem like an ideal candidate for managing that.  Using a config option would seem wrong to me.17:23
sarnoldso I might also expect that an allura charm could provide a way to preseed the values with a plain text file -- when they eventually grow a pluggable auth system to use e.g. github users or something, it might not be necessary..17:23
cory_fuYeah.  Allura has some support for LDAP, so that's probably the right direction to go, long-term17:25
lazypowersarnold: that all feeds into actions being the path forward.17:25
lazypowerdo i take that as a vote pro script, nack on config?17:25
marcoceppicory_fu: lazypower this sounds like it's best used with juju actions17:33
marcoceppithe password stuff17:33
marcoceppiI'd support a juju run to set password17:33
* marcoceppi looks at charm17:33
marcoceppi's definitely not a blocker17:33
lazypoweri want to see more traction around this. i'm pretty sad that the conversation got derailed on the mailing list wrt a password field type. I think this warrants a follow up post to the thread17:34
cory_fuI can make a follow-up post.17:35
cory_fuAnd link to this discussion17:35
lazypowercory_fu: sounds good17:35
cory_fuRegarding the transient AttributeError, I was completely unable to reproduce it, nor come up with a reason why it might have happened or a way to prevent it in the future.  Would that be a blocker, or can we chalk it up to one of those things?17:36
lazypowerif its missing, it looks like maybe pypi had a hiccup?17:37
cory_fuBut how did the step that actually installed it not fail?  And how did it fix itself magically?17:37
cory_fuIt makes no sense to me17:37
lazypowerif it had a hiccup and pip install didn't exit 1 - it makes sense that retrying ti worked.17:37
lazypoweri dont know if pip exits > 1 if an install fails, do you?17:38
cory_fuRe-running the relation-changed hook would not have installed pymongo.  That only happens in the install hook17:38
lazypowerwell thats weird17:38
cory_fuAlso, pymongo itself imported ok, it was only when accessing the MongoClient attribute that it barfed17:38
=== roadmr_afk is now known as roadmr
cory_fuI even tried looking at the pymongo source to come with an idea, and see nothing obvious17:39
lazypoweri'm going to have to blame this one on khai17:39
lazypowermarco wrote an RFC about khai being the root of all problems17:40
cory_fuWhat does he have against some random village in Pakistan?17:40
marcoceppiKhai is a person not a village17:41
marcoceppithough I feel bad for everyone in that village now17:41
lazypowermarcoceppi: at some point you need to send me that RFC so i can mirror it and point people at it when i make that reference.17:42
marcoceppilazypower: https://github.com/marcoceppi/547-khai17:43
marcoceppiI need to update it, it's expired17:44
=== vladk|offline is now known as vladk
=== vladk is now known as vladk|offline
=== vladk|offline is now known as vladk
=== pindonga` is now known as pindonga
=== roadmr is now known as roadmr_afk
=== CyberJacob|Away is now known as CyberJacob
=== scuttle|afk is now known as scuttlemonkey
=== roadmr_afk is now known as roadmr
=== boci^ is now known as b0c1
tvansteenburgh1HTTP 547, "Use in an abundantly conservative manor" https://github.com/marcoceppi/547-khai/blob/master/draft-547-http-547.nroff#L6620:32
* tvansteenburgh1 imagines an abundantly conservative large country house, with much surrounding land.20:32
=== tvansteenburgh1 is now known as tvansteenburgh
=== vladk is now known as vladk|offline
alesagetrying to bootstrap a local env and finding that juju is trying to connect to mongodb at 37017 , my apt-get installed mongodb-server listening on 27017, something I'm doing wrong?21:26
sarnoldalesage: juju supplies its own mongo, no?21:27
alesagesarnold, so I'm told, but juju bootstrap seems to want me to install one: http://pastebin.ubuntu.com/773885621:29
sarnoldalesage: ah, then I'll return to the background :) good luck21:30
alesagesarnold, thanks you gave me hope :P21:31
sarnoldalesage: hooray! :)21:32
=== thumper is now known as thumper-afk
lazypoweralesage: did you have the mongodb package instaleld prior to installing juju-local?21:56
lazypowersinzui: are we still providing support for running mongo in paralell with an existing mongodb install? i know this was a pain point in the past - not sure if it ever got resolved.21:57
alesagelazypower, don't think so21:57
lazypoweralesage: initctl list | grep juju - can you pastebin the output of that command for me?21:57
alesagelazypower ok in process on another bootstrap attempt, one min21:58
alesagelazypower coming up blank fwiw21:59
lazypowerdpkg -l | grep juju-local21:59
alesagelazypower, blank again, sensing a theme22:00
lazypoweralesage: sudo apt-get install juju-local, then re-try the bootstrap with local provider22:00
alesagelazypower, attempting thx22:01
alesagelazypower, no errors thanks22:02
alesage"Starting Juju machine agent"22:02
lazypoweralesage: np. Glad we got it sorted :)22:02
lazypoweralesage: if you dont mind me asking, were you looking through the juju docs or did you just dive right into using juju?22:02
alesagelazypower, forgive the noobishness but I also have a 'local' env set up in .juju/environments, is this config 'parallel' to the local provider I've just installed??22:03
alesagelazypower, dove in with a howto from a colleague22:03
lazypoweralesage: yep. local is an environment that deploys locally using LXC on your workstation. its intended for rapid deployment prototyping / charm development22:04
lazypowerthe idea is that you can export a bundle from your local environment, and move that to any public cloud that we support, such as hp-cloud, aws, joyent, etc.22:04
alesagelazypower, makes sense--just trying to clarify if a 'local' env named in my config would require that juju-local package to be installed?22:04
lazypowerCorrect, unless you changed the environment type22:05
alesagelazypower, ok thanks again22:05
lazypoweras it were, if you feel like beign obscure between names that are meaningful to you - you could change it to type: ec222:05
lazypowerand plug in some AWS credentials22:05
lazypowerand your 'local' environment is now an AWS provider based environment.22:06
lazypowerwhich is a good point, i haven't asked about that in the past....22:06
alesageI see22:08
=== revagomes_ is now known as revagomes
=== CyberJacob is now known as CyberJacob|Away

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!