/srv/irclogs.ubuntu.com/2014/10/26/#juju.txt

=== CyberJacob|Away is now known as CyberJacob
ktosiekok, so I'm starting my first charm - are there any good examples of charms written with Ansible?11:46
ktosiekand BTW do I have to use bzr?11:48
ktosiekshould charm's service start with the system (especially if it's basicaly stateless), or should it be started in config-changed?12:00
ktosiekoh, I see it should (at least after "start")12:09
=== freeflying__ is now known as freeflying
ktosieknow, an architectural question: I want to make a Sentry charm that actually uses relation (the one in store now is pretty simple). Sentry is a server that aggregates errors from other services - the errors are provided by a dedicated (HTTP-based AFAIK) protocol, assigned to an app, and then grouped etc.14:19
ktosiekhow should I provide the application name for a given relation?14:19
ktosiekshould I make it one of relation's options, and make the consumer set it?14:20
=== mup_ is now known as mup
jrwren_plz consider: https://github.com/juju/juju/pull/96617:03
ktosiekhmm, what should I do about internal app's secrets that users might or might not care about? Like Django's secret key?17:23
ktosiekPut them on a peer relation?17:27
ktosiekI have re-added a service after removing it, and now the machine is stuck in "agent-state: pending". What can I do about it? What should I look at?20:19
ktosiekhmm, and it looks like destroying that machine outside juju didn't help at all... I'll just redo that environment20:23
=== CyberJacob is now known as CyberJacob|Away
=== CyberJacob|Away is now known as CyberJacob
lazyPowerktosiek: Good questions - which service was stuck in agent state pending? As that should only happen during the provisioning of a machine23:08
lazyPowertypically it means the machien never fully came online23:08
lazyPowerktosiek: looks like you've had a day full of juju23:08
ktosiekyeah, it looks pretty promising. But it would be much easier with more active people here ;-)23:09
ktosiekit was a service I'm trying to write, and I didn't know about "resolved" or looking at error in "status" when I was asking about that23:10
ktosiekturned out to be a combination of low RAM and slow HDD (and watching movies from said HDD)23:11
ktosieklazyPower: do you use Juju in production?23:12
lazyPowerktosiek: i sure do23:12
lazyPowerktosiek: we're usually active mon-fri from ~ 4am EDT to ~ 8pm EDT23:13
ktosiekhow do you store secrets? I mean things like Django's secret key, or SSL keys23:13
lazyPowerwe've got a mix of people from Europe and the US working on the project.23:13
lazyPowerktosiek: using the RAILS charm as an example, there is an ENVIRONMENT export config option23:13
lazyPowernow, that relies on foreman23:13
lazyPowernot sure how its used in the django charm - i dont have extensive hands on experience with it.23:14
ktosiekoh, so you have foreman next to juju23:14
lazyPowernegative23:14
lazyPowerforeman the ruby gem, puts the exports in teh upstart job it builds.23:14
lazyPowerthats how heroku does it23:14
lazyPowerwhich i know i know, so many projects with the name foreman its difficult to keep them straight.23:14
lazyPowerhowever, you can use whatever config management framework you with with juju - so long as you write the underlying scripts in alignment with juju's event driven system, and they are idempotent.23:15
lazyPowerktosiek: re-using rails as an example, it wraps chef-solo to do the heavy lifting.23:15
ktosiekhmm, but how do you provide the secrets to new units?23:15
lazyPowerktosiek: and you asked about a solid ansible charm example - i suggest taking a look at our ElasticSearch charm - its written 100% in ansible23:16
lazyPowerktosiek: once you set it on the service, and you juju add-unit 'service' - they are distributed amongst the units.23:16
lazyPowereg: i set the SECRET_KEY_BASE environment variable for my rails app, and every new unit i spin up in that service cluster, automatically receives that SECRET_KEY_BASE23:17
ktosiekok, so you set it in service's configuration. Then it's stored in juju state server?23:18
lazyPowerbasically23:18
lazyPowerhttp://i.imgur.com/9dc2jpr.png  -- also you asked about me using juju in production - there's my prodstack23:18
ktosiekis there a way to impersonate a unit (to peek at some other unit's secrets)? (state server looks like a pretty lucrative attack target...)23:19
lazyPowerjust juju debug-hooks on that unit23:19
lazyPowerthen you can inspect the data being sent over the wire with relation-get23:19
lazyPoweror config-get23:19
lazyPowerktosiek: https://juju.ubuntu.com/docs/authors-hook-debug.html23:19
ktosiekoh, I mean as another unit (like when someone breaks into one of the world-facing servers)23:20
ktosieknot as an admin23:20
lazyPowernope23:20
lazyPoweryou have to be within the context of juju to query juju information23:20
ktosiekcool ^_^23:21
lazyPoweri mean its probably possible - if you work hard enough at it. I dont know what would be involved. thats a question better suited for #juju-dev when the core devs are around23:21
lazyPowermuch like trying to interrogate a chef-controlled unit, it can be done remotely but takes an unwholly amount of efffort23:21
ktosiekand about that screenshot... what are those heartbeat icons?23:22
lazyPowerthey signify a subordinate service23:22
lazyPowersubordinates are deployed into an existing service machine - they occupy scope: container - so if its in an lxc container ona  node, it lives in that lxc container23:22
lazyPowerif its on the host, it lives on the host23:22
ktosiekoh, ok. Haven't played with those yet, but I've read that part of manual23:23
lazyPowerhey so you've read docs all day23:23
lazyPowerhow do you feel about our documentation - as you've viewed it today. was it helpful?23:23
ktosiekwell...23:23
lazyPowerhonesty points count ;)23:23
ktosiekfirst thing - navigation is awful. I have to find current site in the menu before I can go to the next one23:25
* lazyPower nods23:25
lazyPowergood feedback - keep it comin23:25
ktosiekhaving next/prev links with titles at the bottom would be great :-)23:26
lazyPowerDid anything leap out at you as overly complex in explanation? or anything you had to re-read to understand?23:26
ktosieknot really, but I had some expectations about the overall workflow already (I've seen a talk about Juju on pycon pl)23:27
lazyPowerAwesome. Thanks for the feedback ktosiek23:28
=== CyberJacob is now known as CyberJacob|Away
ktosiekbut there's a lot of info I either missed or hadn't found yet - like how do I destroy things, what's the difference between {remove,destroy}-* commands, any info on resolved --retry23:29
lazyPowerah, well - lets break it down23:29
lazyPowerremove-relation simply un-relates services. It doesnt' do anything destructive (unless the charm is implicit about how it hands that removal of relation - which depends on the context of the relationship - most subordinates will remove application binaries on relation-removed)23:30
ktosiekand I'm still not sure what "Added charm "local:trusty/sentry-7" to the environment." means (I mean, "added"? not "replaced ...-6 with ...-7"?)23:30
lazyPowerdestroy-service will remove teh service from teh machine, but the machine will be left in your environment23:30
lazyPowerdestroy-machine will terminate the machine at the cloud host (or lxc supervisor)23:30
lazyPowerjuju resolved is a YOLO brand of "who cares what happened, just go green" - juju resolved --retry will attempt to re-run the failed hook - and will continue to error if the hook exits with a code greater than 023:31
lazyPowerwhen it says added, that just means that it was submit to the state server - as it handles pushing the new blob to the agent(s)23:32
lazyPowerat one point and time we used git to do this delivery, but that was problematic when users would edit something on the machine and basically trip git up, so we went to all or nothing blob delivery23:33
ktosiekoh, ok23:33
lazyPowerbut would it be more useful to you to know that instead of 'added' - if we had an existing charm, to say "updated" "upgraded" or "replaced"?23:34
ktosiekactually, "submitted for redistribution" would be pretty nice (as it would also tell me something about what really happens :-))23:35
lazyPoweri can see how that would be confusing to other users though since the charm store is the primary delivery mechanism for charms23:35
lazyPowerthey might think the just inadvertantly published a charm23:35
ktosiekhmm, that's a good point too23:36
lazyPowerbut its good feedback to have regardless (i'm capturing this input to bring up at the next standup i attend)23:36
lazyPowerI just happened by IRC before I sat down to do some more charming of my own network of services :) I'm off on Monday halleluja23:36
ktosiekhaha23:37
ktosiekthanks for all the info, I'd like to pick your brain a little more but I've got to go to sleep now (it's already past midnight for me)23:38
lazyPoweri'm usually around, feel free to ping me direct if i'm listed as present.23:38
lazyPowergood to meet you ktosiek23:38
ktosieksee you tomorrow then ;-)23:38

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!