[05:19] <thatguyisjames> do we have any users that use/ have used docker?
[05:55] <honey21> i have installed cacti in my  ubuntu  but  i have get aproblem with snmp information error any help please?
[05:59] <honey21> i have installed cacti in my  ubuntu  but  i have get aproblem with snmp information error any help please?
[09:47] <lordievader> Good morning.
[10:45] <hackeron> hey there, is changelogs.ubuntu.com down at the moment? - I'm not able to do do-release-upgrade :(
[11:01] <hackeron> seems it is down :( - any ideas when http://changelogs.ubuntu.com/meta-release will be back?
[11:46] <haithar> Hi! I'm a ~noob sysadmin, managing 10+ squid proxies on VPSes. Right now it's a mixed set of different distributions and versions, about half of them is Ubuntu 10 LTS, and everything is managed manually over SSH. :( Can you recommend a remote system configuration management that can read (!) and write config files, restart services and show their s
[11:46] <haithar> tatus, install packages, playing well with existing machines? (For me Juju seems to be designed for something different. Also, I've found http://en.wikipedia.org/wiki/Comparison_of_open-source_configuration_management_software alright, but most of them don't care about existing installations etc. and their limitations are hm not really advertised.)
[11:59] <lordievader> haithar: Puppet, chef?
[12:00] <henkjan> haithar: ansible
[12:00] <haithar> lordievader: these don't seem to pick up existing configs, also seem to be exposing just the most important config variables. I've checked the squid plugin only TBH, because that's what I'd be using.
[12:01] <haithar> I've checked Chef-Puppet-Ansible-Salt, all of them are cool, they just not seem to be written for this kind of use.
[12:03] <lordievader> haithar: They can.
[12:04] <lordievader> Puppet can make sure stuff is present in config files.
[12:23] <haithar> lordievader: I've checked out the plugin and googled; it seems that puppet works with profiles imported or created. For all my different machines, squid versions and squid configs I'd have to create all these different profiles manually, which is an overkill. It'd be great if my machines were running the same versions, but they're not, and moving t
[12:23] <haithar> o a unified state will be a long process now. Hence for this use case I'm looking for something that can actually read and show me the config files themselves in their whole, without an abstraction layer.
[12:27] <haithar> Ie. my understanding is that Puppet is great if I wanted to create a Squid proxy server profile and apply it everywhere - but that's not what I'm looking for right now.
[12:28] <lordievader> The power of Puppet is that you write one config file, and it takes care of the OS particularities.
[12:58] <Odd_Bloke> haithar: If you know Python, http://www.fabfile.org/ might suit you.
[12:59] <Odd_Bloke> haithar: It doesn't do any squid-specific hand-holding, but it does ease automation.
[13:09] <haithar> Thanks for the tips!
[13:20] <ronator> anoyone ever had a problem with iptables on ubuntu 14 LTS? I have a VM which is notoriously loading "old iptables rules" which are no longer persistent on that system. I have no clue how this can happen. Found nothing certain in the logs. Anyone any idea?
[13:27] <haithar> iptables-persistent installed and kicking in? conflict with ufw?
[13:28] <haithar> (at least that's what I had issues with)
[13:44] <ronator> ufw is not installed, neither is iptables-persistent. doing it the oldschool way with iptables-save and iptables-restore in /etc/network/interfaces with pre-up ...
[13:44] <ronator> @haithar
[13:44] <ronator> I am now searching in /etc/rc?.d/* and everything under /etc/network/ - this is totally strange
[13:45] <ronator> I found the guilty one!
[13:46] <ronator> someone wrote the old rules to this: /etc/network/if-up.d/iptables
[13:46] <ronator> @haithar problem solved thx!
[14:42] <rbasak> jamespage: please could you subscribe ~ubuntu-server to awscli bugs? It's in universe but we should probably keep an eye on it.
[14:44] <jamespage> rbasak: done
[14:44] <rbasak> Thanks!
[15:18] <aryklein>  I am deploying an openstack cloud (one controller/network node with 4 compute nodes) in Ubuntu 14.04 LTS. It's a critical/production environment and I am not an Openstack guru. Rather I'm very new in Openstack. So I need a long term support Openstack version. According to https://wiki.ubuntu.com/ServerTeam/CloudArchive and my needs, is it correct to choose Icehouse instead of Juno?
[15:20] <aryklein> I don't understand what kind of support Ubuntu gives to Icehouse. I mean, what is the difference between Ubuntu support and Openstack support
[15:22] <rbasak> aryklein: during the Ubuntu supported period, security issues are pushed into the Ubuntu packages by Canonical's security team.
[15:23] <rbasak> Well, fixes to issues. Not issues :)
[15:23] <rbasak> You probably don't want to run Openstack without keeping it up to date with security fixes.
[15:34] <aryklein> rbasak: but if I decided to use Juno in a 14.04LTS what happen when Ubuntu stop maintaining Juno and I keep upgrading my 14.04?
[15:35] <aryklein> rbasak: new updetes could broke my openstack?
[15:36] <rbasak> aryklein: AIUI, you'll need to update to Kilo if you want to continue having a supported deployment.
[15:36] <rbasak> jamespage: ^^ are my statements accurate?
[15:37] <jamespage> aryklein, icehouse is supported for the full five years of the 14.04 release
[15:37] <jamespage> aryklein, juno only gets 18 months
[15:38] <aryklein> jamespage: but it is supported by Ubuntu, not by Openstack team
[15:38] <jamespage> so after that period no updates for juno
[15:38] <jamespage> aryklein, well its a bit of both - the first 15 months are supported upstream, the remaining time is done in Ubuntu only
[15:38] <jamespage> I think 15 months is right
[15:39] <jamespage> aryklein, if you choose the cloud-archive route, you'll have to upgrade to continue to get support
[15:40] <aryklein> jamespage: and if I decide to keep Juno (without support), can I continuing updating my Ubuntu 14.04 without breaking my Juno?
[15:40] <jamespage> aryklein, yes
[15:41] <jamespage> aryklein, well it should not break, but if it did you would be on your own....
[15:41] <jamespage> aryklein, the risk of a break increases post EOL Of the Juno cloud-archive as it won't be tested any longer
[15:41] <jamespage> we do alot of testing....
[15:42] <jamespage> but only of supported releases
[15:42] <aryklein> jamespage: My fear is that I am not a Openstack guru and I don't know how difficult is to migrate a running cloud from one openstack release to another
[15:42] <jamespage> aryklein, well.....
[15:43] <jamespage> aryklein, have you taken a look at the Ubuntu deployment offerings for OpenStack?
[15:43] <jamespage> aryklein, the openstack charms we have for deploying openstack with juju on ubuntu can deal with upgrade...
[15:44] <jamespage> aryklein, but we have other tooling ontop of that - see http://www.ubuntu.com/cloud for all the options
[15:45] <ivoks> rbasak: here's an easy one :)
[15:45] <ivoks> rbasak: https://bugs.launchpad.net/ubuntu/+source/squirrelmail/+bug/1425994
[15:45] <ivoks> oh, it's universe
[15:48] <aryklein> jamespage: thanks!
[15:49] <rbasak> ivoks: sounds like we should SRU that. Are you aware of https://wiki.ubuntu.com/StableReleaseUpdates#Procedure?
[15:49] <ivoks> rbasak: i've reported the bug as a user, not as a dev ;)
[15:50] <ivoks> rbasak: which means, i'll create sru procedure once i find some free time :)
[15:50] <rbasak> ivoks: OK no problem - as a user, thank you for caring :)
[18:23] <lhorace_> Hell, I am running Ubuntu 14.04.2LTS and it seems there is a new kernel update every week? Weekly reboot
[18:25] <sarnold> really? I thought they were done on roughly three-week cycles.
[18:25] <andol> lhorace_: Well, you can always read the USN security announcement, and decide whatever you need the reboot or not.
[18:29] <lhorace_> There was update on 2/17, 2/26
[18:30] <lhorace_> I like to keep my kernel as updated as possible but wouldn't it be nice to roll all updates in X period :|
[18:31] <pmatulis> lhorace_: yes, there is always a good reason for a kernel update but like andol said read up on what they are about and decide whether it is worth your while
[18:31] <pmatulis> lhorace_: all rolled up means keeping a possible vulnerability exposed
[18:32] <andol> lhorace_: When there are no urgent enough security issues the kernel upgrades are usually bundled like once a month, or something like that.
[18:33] <rberg_> I cant wait for the hot kernel patching that redhat an suse are working on.. ksplice was really nice until oracle bought it and took it away forom the rest of us :)
[18:33] <andol> lhorace_: Of course, not everything is an urgent security issue for everyone. For example a KVM weakness might either be really bad for you, or not matter at all.
[18:35] <lhorace_> Thats alternative it's just awful lot of work when not all your servers are running Ubuntu
[18:35] <coreycb> zul, should this get merged to revert revno 25?  https://code.launchpad.net/~corey.bryant/ubuntu/utopic/python-eventlet/0.13.0-1ubuntu3/+merge/250452
[18:36] <andol> lhorace_: What alternative, reading the security announcements and doing a decision based on them?
[18:37] <pmatulis> maybe he's not subscribed to ubuntu-security-announce
[18:38] <lhorace_> One, I would find if there's some RSS or Mailing list, second out 1000s of other security mail I get. I have sit and review Kernel Security stuff on top of it.... Anyway... I can figure something out..... Doh, I am assuming, whatever Kernel update Ubuntu LTS desktop users get. Is the same Ubuntu Server get
[18:38] <rberg_> you could also keep an eye on the oss security mailing list, those will apply to more distros.
[18:38] <zul> coreycb:  launchpad should be able to sync it
[18:39] <coreycb> zul, ok
[18:40] <andol> lhorace_: Well, you really do need to keep a close eye on your distribution's security announcementments anyway, to decide whatever an upgrade is something you need to patch for Right Away, or if it can be done later on in a more orderly fashion.
[18:40] <lhorace_> I guess it's a good thing that Ubuntu Security is keeping top on things..... just feels a bit excessive... I was thinking of writing some scriipt to do the job for me... As reboot only takes a 1 minute or so
[18:40] <sarnold> lhorace_: the easier thing to do is apt-get install unattended-upgrades and schedule a reboot every time you see "linux security" issues on the news :)
[18:41] <lhorace_> sarnold: another good idea :)
[19:07] <ayr-ton> Someone has worked with pptp? http://askubuntu.com/questions/269399/pptp-vpn-cant-connect
[19:09] <sarnold> ayr-ton: yikes, you should defnitely upgrade off of 12.10, that hasn't been supported for many months
[19:09] <ayr-ton> oops, wrong link, just a sec
[19:10] <ayr-ton> sarnold: http://askubuntu.com/questions/590114/pptp-client-doesnt-connect-by-command-line
[19:10] <ayr-ton> That is the right one. Sorry. Ahaha
[19:10] <sarnold> ahhh, much better :)
[19:10] <ayr-ton> ahaha
[19:32] <PXE-Guy> has any here ever done a PXE based install for Ubuntu Desktop? how do i tell it to install desktop instead of server? or get it to be in advanced mode?
[19:34] <ayr-ton> PXE-Guy: For desktop installs, I like this solution: https://help.ubuntu.com/community/PXEInstallMultiDistro
[19:34] <ayr-ton> PXE-Guy: If you want to make server based installs, I would recommend MASS.
[19:35] <sarnold> "maas"  :)
[19:36] <ayr-ton> PXE-Guy: I think you can provide desktop images on MASS too, but I never tried it.
[19:36] <ayr-ton> MAAS*
[19:37] <ayr-ton> I only tried for server based installs
[19:49] <haithar> Re all! (Disclaimer: I'm a noob.) I'm still after bug https://bugs.launchpad.net/ubuntu/+source/squid3/+bug/1336742 after I've checked out a bit older proxy of us and it seems that squid works well there! The proxy is 14.04 LTS, ie. the older 14 LTS.
[19:49] <haithar> 1) Can this bug be a regression between 14.04 (squid3 3.3.8-1ubuntu6) and 14.04.1 (squid3 3.3.8-1ubuntu6.2), affecting everyone upgrading their proxy OS?
[19:49] <haithar> 2) Do you think I can downgrade my squid3 on the newer machine to squid3 3.3.8-1ubuntu6? (Tried apt-install going for that version, seemed to do no actual downgrade.)
[19:49] <PXE-Guy> ayr-ton: i followed that guide but it doesnt say how to force the install of the desktop gui
[19:50] <haithar> 3) Even if that downgrade succeeded, is my understanding right that that version won't be supported and I'd have to wait until that bug gets fixed in 15 and then in 14?
[19:50] <PXE-Guy> it also fails installing software packages so it only gives me the base install
[19:59] <sarthor> HI, i have ubuntu-server 14.04 running how to install python-bibi on that?
[20:00] <sarthor> closing office.. later In Sha Allah.
[20:26] <coetry> Hello all, I have a ubuntu-server 14.04 running on a VPS and have a rails app serving on port 3000, but when i try to access the serverip:3000, I can't get anything
[20:27] <coetry> curl is also saying connections are refused, so is that port closed or something? I can't seem to get it working on anyport
[20:27] <lhorace_> coetry: What does 'netstat --tcp --lnp' say?
[20:28]  * lhorace_ assumed it was TCP
[20:28] <coetry> lhorace_ unrecognized option '--lnp'
[20:28] <coetry> :)
[20:28] <lhorace_> sorry
[20:29] <lhorace_> It's one '-'
[20:29] <lhorace_> 'netstat --tcp -lnp'
[20:29] <coetry> http://pastie.org/9985705
[20:30] <lhorace_> coetry: Run as root to see what PID/Program. Doh so far, nothing is listening on 3000 :)
[20:32] <coetry> lhorace_ but how can I open up a port thats closed? http://pastie.org/9985714
[20:32] <coetry> so far it seems only ssh, ftp, and my local mongodb is running
[20:33] <lhorace_> It's not that a port is closed, there are NO programs listening on port 3000 on the first post
[20:35] <lhorace_> You would see something like this, 'tcp        0      0 0.0.0.0:3000              0.0.0.0:*               LISTEN      531/<ruby program>', is the program running?
[20:35] <lhorace_> ps aux
[20:35] <lhorace_>  ps aux | grep <ruby program>. Just an example
[20:36] <coetry> tcp        0      0 127.0.0.1:3000          0.0.0.0:*               LISTEN      25409/ruby
[20:36] <coetry> got it
[20:36] <lhorace_> It's listening on a local interface
[20:36] <lhorace_> :)
[20:36] <coetry> ahh, so i just have to serve it publicly
[20:37] <coetry> my goal is 0.0.0.0:3000
[20:37] <coetry> or 0.0.0.0:*
[20:37] <lhorace_> No, 0.0.0.0:3000 or <public ip>:3000
[20:38] <lhorace_> However, is the program safe to be served to public interface?
[20:39] <coetry> lhorace, its in beta, but nothing sensitive on the hard drive just yet
[20:39] <coetry> There are no forms that leave room for arbitrary code exec though
[20:39] <coetry> so it should be cool
[20:50] <coetry> ok one last question, if I wanted to run a script that I wrote without having that script stop (its making network requests and storing stuff in a db), when i end my ssh session
[20:51] <coetry> how can i do that? So having a script take on the background proessing characteristics of a daemon
[20:51] <lhorace_> Umm, script and add '&' to become a background job. If you want to detach it from the console. '& disown'
[21:07] <coetry> lhorace_ im so sorry for my ignorance bro, so like this? rake db:seed &
[21:08] <sarnold> coetry: two more options (a) use nohup rake db:seed & -- so the output goes to nohup.out (b) use tmux or screen and attach / detach
[21:10] <lhorace_> screen is another option (uses tmux instead here)
[21:18] <coetry> i like the tmux option, but ive only used it to split windows and open new ones
[21:19] <coetry> if i run it in a tmux window, how can I reattach to it later to see the output?
[21:20] <sarnold> coetry: "tmux attach"
[21:20] <coetry> ohhh, let me try it now
[21:21] <lhorace_> You can name sessions too
[21:22] <coetry> ok so now my question is, ive run the script in a tmux window, but even if the session doesn't time out
[21:22] <coetry> and i wanna close my terminal, or shtudown my laptop, will that kill the tmux process?
[21:22] <sarnold> tmux should survive all those events
[21:23] <coetry> sarnold :)
[21:24] <sarnold> coetry: 'mosh' is a pretty excellent thing to mix in with tmux and ssh to remote hosts; if you're usually connected to a remote host, look into 'mosh'. it'll just keep working across shutting your laptop :)