[09:24:07] <petan>	 andrewbogott: hey
[09:32:27] <j^>	 hm, calling log on web4 should show up here?
[09:32:37] <j^>	 it returned that my message was logged
[09:34:41] <petan>	 ah, let me fix that
[09:37:00] <labs-logs-bottie>	 !log deployment-prep petrb: this is a test
[09:38:01] <petan>	 try now
[09:38:15] <petan>	 it was misconfigured on it
[09:38:19] <petan>	 anyway the log bot is down :P
[09:38:25] <petan>	 so it doesn't get to sal
[09:40:44] <labs-logs-bottie>	 !log deployment-prep j: make sure all web instances have the same upload_max_filesize value in php.ini (100M)
[09:42:21] <petan>	 j^: I am just setting up web6
[09:43:23] <j^>	 ah, make sure to set upload_max_filesize to 100M, and call /home/j/tmh-deployment-web.sh
[09:46:29] <j^>	 petan: can you sync /etc/php5/apache2/php.ini between all web instances?
[09:46:45] <j^>	 right now they all have not quite the same setup
[09:48:12] <j^>	 i.e. web1 has larger max_execution_time,max_input_time,memory_limit compared to web4
[09:55:09] <petan>	 yes it would be better if it was somewhere on nfs
[09:55:20] <petan>	 or project store
[10:01:45] <petan>	 ok done
[10:01:57] <Damianz>	 Or you could use puppet :D
[10:02:01] <petan>	 now it's all in one folder which is mounted to all vm's
[10:02:10] <petan>	 Damianz: if we had any control over it
[10:02:22] <petan>	 I don't like waiting month to my patch to be merged
[10:02:46] <petan>	 puppet is good for ops maybe
[10:02:50] <Damianz>	 Only a month?
[10:04:02] <petan>	 what's wrong on nagios
[10:05:21] <petan>	 really I feel like creating a proper bot written in c would be a good idea
[10:05:58] <petan>	 j^: all machines are 100% same now
[10:18:13] <labs-nagios-wm>	 RECOVERY dpkg-check is now: OK on deployment-web6 deployment-web6 output: All packages OK
[10:18:53] <labs-nagios-wm>	 RECOVERY Current Load is now: OK on deployment-web6 deployment-web6 output: OK - load average: 0.61, 0.41, 0.23
[10:20:13] <labs-nagios-wm>	 RECOVERY Disk Space is now: OK on deployment-web6 deployment-web6 output: DISK OK
[10:21:03] <labs-nagios-wm>	 RECOVERY Free ram is now: OK on deployment-web6 deployment-web6 output: OK: 90% free memory
[10:22:23] <labs-nagios-wm>	 RECOVERY Total Processes is now: OK on deployment-web6 deployment-web6 output: PROCS OK: 104 processes
[10:24:33] <labs-nagios-wm>	 RECOVERY Current Users is now: OK on deployment-web6 deployment-web6 output: USERS OK - 0 users currently logged in
[11:25:08] <j^>	 http://commons.wikimedia.beta.wmflabs.org/robots.txt still allows google to index the lab instance and google is the most active user
[12:25:08] <petan>	 j^: do we know why it is?
[12:26:06] <j^>	 petan: not sure but noticed a lot of google bot requests in errors.log
[12:26:14] <^demon>	 I don't see any reason for any crawler to index it
[12:28:03] <petan>	 j^: inserted Disallow: /wiki/
[12:28:08] <petan>	 just now
[12:28:16] <petan>	 ^demon: neither I do
[12:28:30] <^demon>	 What about /w/index.php?
[12:28:33] <petan>	 if there is a line telling go the fuck out of this site, I will insert it
[12:28:37] <^demon>	 I'd just disallow: /
[12:28:42] <petan>	 ok
[12:28:43] <petan>	 done
[12:53:43] <labs-nagios-wm>	 PROBLEM Disk Space is now: WARNING on wikistream-1 wikistream-1 output: DISK WARNING - free space: / 78 MB (5% inode=47%):
[13:03:43] <labs-nagios-wm>	 RECOVERY Disk Space is now: OK on wikistream-1 wikistream-1 output: DISK OK
[13:10:37] <petan>	 !ping
[13:10:37] <wm-bot>	 pong
[13:21:24] <labs-nagios-wm>	 PROBLEM HTTP is now: CRITICAL on deployment-web6 deployment-web6 output: Connection refused
[13:26:44] <labs-nagios-wm>	 PROBLEM Disk Space is now: WARNING on wikistream-1 wikistream-1 output: DISK WARNING - free space: / 78 MB (5% inode=47%):
[13:29:21] <petan>	 I think it's time to set some rules for nagios and I do it now. Anyone who will not handle the problem reported by nagios within 2 hours will have the check disabled
[13:29:47] <petan>	 you can request an account there so that you can reenable
[13:30:25] <petan>	 we are getting spammer by errors reported from instances no one cares of
[13:31:14] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on aggregator1 aggregator1 output: Puppet has not run in the last 10 hours
[13:31:14] <labs-nagios-wm>	 ACKNOWLEDGEMENT Disk Space is now: WARNING on wikistream-1 wikistream-1 output: DISK WARNING - free space: / 78 MB (5% inode=47%):
[13:31:14] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on analytics analytics output: Puppet has not run in the last 10 hours
[13:31:14] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on asher1 asher1 output: Puppet has not run in the last 10 hours
[13:31:14] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on backport backport output: Puppet has not run in the last 10 hours
[13:33:34] <labs-nagios-wm>	 ACKNOWLEDGEMENT Current Load is now: CRITICAL on kripke kripke output: Connection refused by host
[13:33:49] <labs-nagios-wm>	 ACKNOWLEDGEMENT dpkg-check is now: CRITICAL on orgcharts-dev orgcharts-dev output: DPKG CRITICAL dpkg reports broken packages
[13:34:19] <labs-nagios-wm>	 ACKNOWLEDGEMENT dpkg-check is now: CRITICAL on puppet-lucid puppet-lucid output: DPKG CRITICAL dpkg reports broken packages
[13:34:34] <labs-nagios-wm>	 ACKNOWLEDGEMENT dpkg-check is now: CRITICAL on test-oneiric test-oneiric output: DPKG CRITICAL dpkg reports broken packages
[13:34:49] <labs-nagios-wm>	 ACKNOWLEDGEMENT dpkg-check is now: CRITICAL on utils-abogott utils-abogott output: DPKG CRITICAL dpkg reports broken packages
[13:35:10] <petan>	 mutante: you here?
[13:35:31] <petan>	 or andrewbogott
[13:38:06] <mutante>	 yep
[13:38:14] <petan>	 you have a time to look in puppet issue?
[13:38:17] <petan>	 re nagios
[13:38:49] <petan>	 it's been few days and nagios mark it all as critical
[13:38:49] <mutante>	 ok, I'll give it another try
[13:39:00] <petan>	 just check how it is done on prod
[13:39:05] <petan>	 I don't have access there to do that
[13:39:37] <mutante>	 yea,i just couldnt find it either last time
[13:39:45] <petan>	 it must be in puppet config
[13:39:57] <petan>	 probably in some initialisation script
[13:40:43] <petan>	 if there is any editable script which is run on start
[13:40:46] <petan>	 we could use it
[13:41:01] <petan>	 I don't know how this passive check really works, but netcat could probably do that
[13:41:08] <petan>	 if we knew which port we need to send data to
[13:41:22] <petan>	 we could just echo "blah" | nc it
[13:41:28] <petan>	 in puppet script
[13:45:45] <petan>	 how is puppet run
[13:45:52] <petan>	 in cron?
[13:46:30] <petan>	 you must know who configured it on prod
[13:46:47] <petan>	 or either we could use the my check I pushed to gerrit
[13:52:35] <mutante>	 got it
[13:52:42] <mutante>	 its in base.pp
[13:52:50] <mutante>	 public puppet config
[13:53:10] <mutante>	 command => "snmptrap -v 1 -c public nagios.wikimedia.org
[13:53:35] <petan>	 ok, can we change it so that it sends it to nagios
[13:53:35] <mutante>	 that answers your question where the IP / hostname is configured
[13:53:44] <petan>	 -c public nagios.wikimedia.org
[13:53:48] <petan>	 ok, how do we change it
[13:53:50] <mutante>	 yes
[13:54:01] <mutante>	 "public" is the community string / password
[13:54:32] <mutante>	 so public = default = public
[13:54:38] <petan>	 ok
[13:54:47] <petan>	 can we create a template so that it's different in labs
[13:54:58] <petan>	 hostname would be just nagios
[13:56:40] <petan>	 it would be cool if someone removed all instances which aren't being used
[13:56:52] <mutante>	 create a template would be puttin it in puppet
[13:57:00] <petan>	 it seems to me that someone created a bunch of instances they don't need and just left them running there
[13:57:20] <petan>	 mutante: we need to put it to puppet
[13:57:46] <mutante>	 yes, but is it running on labs nagios again?
[13:58:33] <petan>	 !nagios
[13:58:33] <wm-bot>	 http://nagios.wmflabs.org/nagios3
[13:58:40] <petan>	 there is a passive check on all instances
[13:58:45] <petan>	 yes snmp is
[13:58:48] <petan>	 running 
[13:59:08] <mutante>	 i mean if the puppet agent is running succesfully and it has selected monitoring classes via labs console
[13:59:26] <mutante>	 because there was an issue with the selected classes 
[13:59:41] <petan>	 puppet surely isn't running well
[13:59:46] <petan>	 that's why we create this check
[13:59:58] <petan>	 there is bunch of instances where it's broken
[14:00:11] <petan>	 I hope this check help us to find it
[14:00:20] <petan>	 that' why I want to make it
[14:00:32] <mutante>	 of course, just saying to apply the fix to labs nagios we need to run the agent
[14:00:44] <mutante>	 and make sure which classes we can select
[14:00:55] <petan>	 we don't need to apply any patch to nagios in labs, we need to apply it to all instances we have
[14:01:01] <petan>	 nagios on labs was alredy updated by hand
[14:01:25] <petan>	 snmp is running there and waiting for message from puppet
[14:01:58] <petan>	 I can't fix nagios for that I need to have command line
[14:02:10] <petan>	 there is a class which doesn't exist and I can't remove it
[14:02:18] <petan>	 but that's a minor issue
[14:02:26] <mutante>	 ok
[14:02:54] <petan>	 what we need is to update puppet so that it sends the message to nagios
[14:02:59] <petan>	 everytime when it finish run
[14:03:22] <mutante>	 right, for now let's fix base.pp
[14:03:41] <petan>	 I understand it that now it send the data to production nagios
[14:03:42] <mutante>	 so are the labs instances really using that 
[14:03:44] <petan>	 even from lab
[14:04:01] <petan>	 if there isn't any realm I am pretty sure they are using this
[14:05:41] <petan>	 I don't really know how does it work, I am pretty bad with puppet
[14:08:13] <mutante>	 ok, see, give me some time for fresh coffee and i'll come up with a gerrit change, just expect it to sit a little bit in review before its merged
[14:08:26] <petan>	 ok
[14:18:34] <andrewbogott>	 petan:  sorry, I was sleeping... catching up on the backscroll now
[14:24:18] <andrewbogott>	 petan, j^:  If beta is still getting crawled, maybe add 'User-agent: *' to robots.txt.
[14:42:22] <mutante>	 petan: i have the change now was just wondering for a little if this should be in test or production branch and found i have a messed up git repo when swithcing to test
[14:49:28] <andrewbogott>	 mutante:  Labs machines get their puppet files from the test branch.
[14:49:50] <andrewbogott>	 Did you switch to test by doing a pull, a rebase, or a checkout?
[14:50:05] <mutante>	 checkout
[14:50:20] <andrewbogott>	 Hm... that should work fine.
[14:50:46] <andrewbogott>	 (I was just thinking that maybe you'd accidentally tried to merge test + production which does not work fine.)
[14:51:24] <mutante>	 ok, lets try again, to test
[14:51:38] <mutante>	 stashing my changes first
[14:53:08] <andrewbogott>	 Hm... I never use 'stash' when I'm switching branches.  Which is not to say that it won't work...
[14:53:26] <andrewbogott>	 Is there a stash per branch or just a global stash?  (I've always assumed the latter.)
[14:55:26] <mutante>	 git checkout test was:, error: Your local changes to the following files, then i used "git stash", then repeated git checkout test to switch
[14:55:33] <Damianz>	 As stash returns to HEAD I think per branch but no idae
[14:56:13] <Damianz>	 You could totally take a stash from branch a and unstash it in master though I guess as they are just in a ref called statsh.
[14:56:39] <andrewbogott>	 Yeah, so that suggests that it's global...
[14:57:02] <andrewbogott>	 Dunno... I'm scatterbrained enough that I think I would lose track of/forget what's in my stash.  So I usually commit before switching branches.
[14:59:49] <petan>	 mutante: I also find it much more simpler to create patch compared to submitting it to gerrit
[15:00:35] <petan>	 I mean, getting it merged is much harder than creating it
[15:02:35] <andrewbogott>	 At the moment, any puppet change in test is applied to /all/ labs machines, so the bar is pretty high for getting changes in.  Someday soon each project will have its own git branch, and the bar will be much lower.
[15:03:34] <petan>	 this is supposed to be applied to all machines
[15:03:57] <petan>	 it would be nice if puppet run was enforced on machines where it never run
[15:04:56] <mutante>	 ok, i had lost the push-fore-review-test alias as well
[15:05:02] <mutante>	  git config alias.push-for-review-test "push puppet HEAD:refs/for/test"
[15:05:11] <mutante>	 git push-for-review-test
[15:05:37] <mutante>	 fatal: 'puppet' does not appear to be a git repository
[15:05:45] <Damianz>	 It makes puppetizing/packaing stuff hard until we have branches but I think we're heading that way soon... just need to break the current puppetmaster first though.
[15:05:49] <andrewbogott>	 I think you can just use 'git review'
[15:06:00] <mutante>	 i stopped using that after i heard there would be issues 
[15:06:08] <Damianz>	 git review is nicer than the hook stuff
[15:06:13] <andrewbogott>	 Oh, ok.  *shrug*  It's what I use, seems to work so far.
[15:06:19] <andrewbogott>	 Maybe you have newer info than I.
[15:08:18] <Reedy>	 Dear Labs, YUNOLETMELOGIN!?
[15:08:38] <petan>	 !access | Reedy
[15:08:38] <wm-bot>	 Reedy: https://labsconsole.wikimedia.org/wiki/Access#Accessing_public_and_private_instances
[15:08:46] <petan>	 hehe
[15:08:46] <Reedy>	 I know
[15:08:54] <petan>	 @search login
[15:08:54] <wm-bot>	 Results (found 1): newgrp, 
[15:08:59] <petan>	 o.o
[15:09:01] <petan>	 !newgrp
[15:09:01] <wm-bot>	 newgrp can be used to change your current group ID for a login session.
[15:09:02] <Reedy>	 I get errors with a ssh key that works fine on gerrit
[15:09:18] <petan>	 ok, which kind of error, on bastion or machine behind
[15:09:23] <Reedy>	 bastion
[15:09:29] <Reedy>	 can't even get onto the network
[15:09:33] <andrewbogott>	 Reedy:  Do you have access to a linux box anyplace?  Or a shell account on a different WMF machine that actually works?
[15:09:39] <Reedy>	 Yes
[15:09:40] <petan>	 sec
[15:09:41] <Reedy>	 To any WMF site
[15:09:45] <Reedy>	 to any of my other servers
[15:09:46] <Reedy>	 to svn
[15:09:48] <Reedy>	 to gerrit/git
[15:09:54] <mutante>	 Reedy: you need to use bastion-restricted i think
[15:09:57] <Reedy>	 oh
[15:10:05] <andrewbogott>	 Reedy:  Howsabout we see if you can log into labs from one of those machines.  Get putty/whatever out of the equation?
[15:10:07] <Damianz>	 Reedy: Gerrit keys != ldap keys.
[15:10:13] <labs-home-wm>	 03/30/2012 - 15:10:13 - Creating a home directory for reedy at /export/home/bastion/reedy
[15:10:16] <andrewbogott>	 Oh, yeah, or that :)
[15:10:21] <petan>	 !log bastion gave access to Reedy
[15:10:25] <petan>	 meh
[15:10:30] <petan>	 Reedy: I inserted you to bastion project
[15:10:32] <petan>	 try now
[15:10:39] <mutante>	 uh? you didnt have that ?
[15:10:43] <Reedy>	 Apparently not
[15:10:44] <petan>	 he didn't
[15:10:49] * Reedy  blames Ryan

[15:10:56] * Damianz  thionks petan should for SALbot

[15:10:56] <Reedy>	 Yup, that works
[15:11:06] <Reedy>	 Though, per mutante, I should probably be using bastion-restricted
[15:11:09] <petan>	 Damianz: I thought you administer it
[15:11:13] <labs-home-wm>	 03/30/2012 - 15:11:13 - Updating keys for reedy
[15:11:14] <mutante>	 so you never logged on there before?
[15:11:16] <petan>	 !hyperon
[15:11:16] <wm-bot>	 admin of logs
[15:11:18] <petan>	 ah
[15:11:18] <andrewbogott>	 I wonder if I've been making that mistake for the 12 or so accounts I created this week...
[15:11:19] <petan>	 that's it
[15:11:27] <petan>	 hyperon is master of botlogs
[15:11:34] <Damianz>	 petan: No that I know of :P
[15:11:41] <Damianz>	 s/No/Not/
[15:11:42] <petan>	 !damianz is some weirdo around here
[15:11:43] <wm-bot>	 Key was added!
[15:11:46] <Reedy>	 mutante: lol, nope
[15:11:55] * Damianz  tells cluebot to remove petan from wikipedia :D

[15:12:11] <petan>	 ok
[15:12:15] <petan>	 there is no petan on wikipedia
[15:12:17] <petan>	 :P
[15:12:24] <petan>	 I use different user name
[15:12:28] <mutante>	 Reedy: then dont worry about what i said about -restricted :p
[15:12:30] <petan>	 !wiki petan
[15:12:30] <wm-bot>	 http://en.wikipedia.org/wiki/petan
[15:12:56] <petan>	 Damianz: you can remove that XD
[15:12:57] <Damianz>	 Totally should make an article on petan :D
[15:13:00] <petan>	 hehe
[15:13:15] <Damianz>	 Though hmmm
[15:13:24] <Reedy>	 Ah, only ops/roots have been moved
[15:13:26] <Reedy>	 "Soon I'll also add in everyone else who has shell access. I'll send a follow-up email when that happens."
[15:13:29] <petan>	 have cluebot create it no one is going to be brave enough to remove it
[15:13:40] <Damianz>	 See wikipedia is silly because anyone starting an article probably has a COI with what they are writing about so nothing gets made
[15:13:52] <mutante>	 Reedy: exactly
[15:14:24] <Reedy>	 Righto :)
[15:14:47] <petan>	 !ryanland
[15:14:47] <wm-bot>	 in case you want to get to wonderfull land of labs use portal we call bastion, you will see amazing world where vm's runs happily and nfs friends with ntfs, puppets are fresh and gerrit is ugly :O
[15:15:06] <Reedy>	 I should probably generate a seperate key for labs though anyway ;)
[15:15:12] <petan>	 yeh
[15:15:17] <petan>	 that's what I recommend to everyone
[15:15:29] <Reedy>	 thanks petan
[15:15:33] <Reedy>	 At least I can logon now ;)
[15:15:42] <Damianz>	 I should setup sshproxy stuff but I hate typing full hostnames.
[15:21:47] <petan>	 see you in few hours
[15:21:48] <petan>	 :P
[15:37:32] <andrewbogott>	 Reedy:  I just now tried to document your recent problem... mind checking my work?  https://labsconsole.wikimedia.org/wiki/Help:Access#Accessing_public_and_private_instances
[15:37:47] <andrewbogott>	 Just the first P at the top there.  Clear enough?
[15:41:11] <Reedy>	 Looks good
[15:43:03] <andrewbogott>	 ok, thanks.
[16:25:57] <gerrit-wm>	 New patchset: Dzahn; "set a different nagios hostname for snmp traps in labs realm / fix puppet freshness monitoring in labs nagios" [operations/puppet] (test) - https://gerrit.wikimedia.org/r/3988
[16:26:10] <gerrit-wm>	 New review: gerrit2; "Lint check passed." [operations/puppet] (test); V: 1 - https://gerrit.wikimedia.org/r/3988
[16:27:09] <gerrit-wm>	 New patchset: Dzahn; "set a different nagios hostname for snmp traps in labs realm / fix puppet freshness monitoring in labs nagios" [operations/puppet] (test) - https://gerrit.wikimedia.org/r/3988
[16:27:21] <gerrit-wm>	 New review: gerrit2; "Lint check passed." [operations/puppet] (test); V: 1 - https://gerrit.wikimedia.org/r/3988
[16:34:29] <gerrit-wm>	 New review: Dzahn; "(no comment)" [operations/puppet] (test); V: 1 C: 2;  - https://gerrit.wikimedia.org/r/3988
[16:34:31] <gerrit-wm>	 Change merged: Dzahn; [operations/puppet] (test) - https://gerrit.wikimedia.org/r/3988
[16:45:32] <gerrit-wm>	 New review: Dzahn; "Stage[main]/Base::Puppet/Exec[puppet snmp trap]/returns: executed successfully" [operations/puppet] (test) - https://gerrit.wikimedia.org/r/3988
[16:54:42] <gerrit-wm>	 New review: Dzahn; "tcpdump port 162 on labs nagios shows them now" [operations/puppet] (test) - https://gerrit.wikimedia.org/r/3988
[17:15:03] <labs-nagios-wm>	 RECOVERY Puppet freshness is now: OK on venus venus output: puppet ran at Fri Mar 30 17:14:49 UTC 2012
[17:15:27] <mutante>	 <-manual test using submit_check_result which needed add. fix
[17:18:54] <mutante>	 !log nagios fixed path to nagios.cmd CommandFile in ./eventhandlers/submit_check_result which is called by snmp traps (/var/log/nagios in prod vs. /var/lib/nagios3 in labs), i would prefer to just change it on labs to be like prod
[17:24:53] <labs-nagios-wm>	 RECOVERY Puppet freshness is now: OK on wikistats-01 wikistats-01 output: puppet ran at Fri Mar 30 17:24:35 UTC 2012
[17:50:59] <mutante>	 !log nagios started snmptrapd with the options as used in production, now just the hostnames don't match nagios hostnames
[17:56:39] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on shop-analytics-main1 shop-analytics-main1 output: Puppet has not run in the last 10 hours
[17:56:39] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on swift-fe1 swift-fe1 output: Puppet has not run in the last 10 hours
[18:11:07] <methecooldude>	 petan: Poke :D
[18:12:39] * Damianz  questions methecooldude's motives in poking random guys on the internet

[18:14:27] <methecooldude>	 Damianz:  :P
[18:15:00] <methecooldude>	 Damianz: Do you happen to know how one create a public_html directory for themselfs on bots?
[18:15:09] <methecooldude>	 creates*
[18:17:22] <methecooldude>	 Damianz: (It's for alejrb)
[18:18:43] <mutante>	 I'd need a shell command that i can execute on any labs instance, that returns the "instance_name" / the "nice" name , and replaces something that just works as `hostname` in prod. like on labs instances the hostnames are the resource names, but not the instance names
[18:18:47] <mutante>	 can a nova instance find out it's own instance_name ? as opposed to asking the controller
[18:20:00] <mutante>	 or labs nagios would have to be changed to use resource names (e.g. i-00000000123) as the host_names from Nagios' point of view
[18:20:50] <mutante>	 cause now, after other issues, the only reason left those puppet freshness passive checks still fail is that hostname mismatch
[18:21:39] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on contenthandler-demo contenthandler-demo output: Puppet has not run in the last 10 hours
[18:22:25] <Damianz>	 methecooldude: yeah
[18:23:22] <methecooldude>	 Damianz: Ok... how...
[18:25:58] <Damianz>	 ssh bots-nfs; cd /export/public/; mkdir alejrb
[18:26:14] <Damianz>	 Just done it.
[18:26:24] <Damianz>	 Oh also chown to user.www-data for access.
[18:26:57] <methecooldude>	 Damianz: Ahh, bots-nfs... ok
[18:26:58] <Damianz>	 methecooldude: You're useless at writing code, right?
[18:27:07] <methecooldude>	 Ch'yea
[18:27:23] <Damianz>	 Sadtimes
[18:27:30] <alejrb>	 awesome, cheers
[18:27:34] <methecooldude>	 Why, what'cha doing
[18:27:37] <Damianz>	 I want to write a new site for cb and have it more integrated for reports/issues etc
[18:27:50] <methecooldude>	 Ohh
[18:27:51] <Damianz>	 But my freetime is like non-existent, then I have a little for 2 weeks then back to none.
[18:28:09] <Damianz>	 Also need to fix the reports with bad data but that needs a shit load of logparsing doing.
[19:02:39] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on resourceloader2-apache resourceloader2-apache output: Puppet has not run in the last 10 hours
[19:13:16] <labs-home-wm>	 03/30/2012 - 19:13:16 - Creating a home directory for erik at /export/home/deployment-prep/erik
[19:14:16] <labs-home-wm>	 03/30/2012 - 19:14:16 - Updating keys for erik
[19:18:29] <andrewbogott>	 mutante:  I haven't done this myself, but this page roughly describes how an instance can learn information about its vm-ness:  http://aws.amazon.com/code/1825
[19:18:48] <andrewbogott>	 Let me know if that's not what you actually wanted :)
[19:19:49] <andrewbogott>	 (Background info:  labs runs on openstack which is theoretically API-compatible with Amazon's EC2.  Hence that being an amazon page.)
[20:53:18] <LeslieCarr>	 hexmode: you can make your own instance :)
[20:53:48] <maplebed>	 hexmode: but but but ...  you're already here!
[20:53:51] * hexmode  starts to figure it out

[20:53:55] <hexmode>	 :)
[20:54:05] <RobH>	 im willin to help ya hexmode if ya need it
[20:54:10] <RobH>	 mostly cuz you doing this saves me having to do it.
[20:54:12] <maplebed>	 hexmode: this might help: https://labsconsole.wikimedia.org/wiki/User:Bhartshorne/Path_to_a_New_Project
[20:54:13] <RobH>	 ;]
[20:54:22] <maplebed>	 that's what I wrote up after having to figure all this shit out last week.
[20:54:28] <maplebed>	 err..   earlier this week.
[20:54:46] <hexmode>	 RobH: I'm all about making your job easier :)
[20:55:14] <LeslieCarr>	 hexmode: wrong answer!
[20:55:19] <LeslieCarr>	 ;)
[20:56:37] <hexmode>	 hrm... have to add it under deployment-prep
[21:24:05] <hexmode>	 LeslieCarr: so, if I set up a instance w/o any global groups, it should just use the standard puppet config, right?
[21:24:34] <LeslieCarr>	 yeah, just set up an instance without clicking anything and it'll be the basic config :)
[21:24:58] * hexmode  clicks

[21:27:19] * hexmode  reads console output

[21:27:21] <hexmode>	 fun
[21:27:25] <hexmode>	 next step!
[21:33:44] <labs-nagios-wm>	 PROBLEM Current Load is now: CRITICAL on bugzilla bugzilla output: CHECK_NRPE: Error - Could not complete SSL handshake.
[21:34:24] <labs-nagios-wm>	 PROBLEM Current Users is now: CRITICAL on bugzilla bugzilla output: CHECK_NRPE: Error - Could not complete SSL handshake.
[21:35:04] <labs-nagios-wm>	 PROBLEM Disk Space is now: CRITICAL on bugzilla bugzilla output: CHECK_NRPE: Error - Could not complete SSL handshake.
[21:35:28] <maplebed>	 ^^^ that's normal until puppet runs once or twice.
[21:35:44] <labs-nagios-wm>	 PROBLEM Free ram is now: CRITICAL on bugzilla bugzilla output: CHECK_NRPE: Error - Could not complete SSL handshake.
[21:36:54] <labs-nagios-wm>	 PROBLEM Total Processes is now: CRITICAL on bugzilla bugzilla output: CHECK_NRPE: Error - Could not complete SSL handshake.
[21:37:34] <labs-nagios-wm>	 PROBLEM dpkg-check is now: CRITICAL on bugzilla bugzilla output: CHECK_NRPE: Error - Could not complete SSL handshake.
[21:40:52] <RobH>	 hexmode: i hope you applied the web security stuff to it
[21:41:01] <RobH>	 cuz afaik you only get to choose that crap once =P
[21:41:26] <maplebed>	 it's true that you must choose security groups before you launch the instance.
[21:41:35] <hexmode>	 web security?
[21:41:53] <RobH>	 yep
[21:42:02] <RobH>	 or else the ports for simple http are closed
[21:42:23] <RobH>	 hrmm, as the cloud admin whatever, i should see this in instance list right?
[21:42:27] <hexmode>	 group stuff, ports -- looks like it falls into the default for that group
[21:42:32] <hexmode>	 yep
[21:42:40] <RobH>	 i wonder why i dont...
[21:43:19] <maplebed>	 hexmode: if the instance is in the default group, that means that other instances in the same project can access it on all ports but no instances in any other project (or in the outside world if you give it a public IP) will be able to access it.
[21:43:38] <RobH>	 or you, via bastion proxy
[21:43:44] <RobH>	 i found that hard way =P
[21:44:01] <maplebed>	 hm.  you sure about that?
[21:44:11] <RobH>	 wouldnt work for me and smokeping
[21:44:12] <maplebed>	 you sholud still be able to access it via ssh.
[21:44:20] <RobH>	 not ssh, ssh passthrough for web interface
[21:44:27] <RobH>	 should work you say?
[21:44:28] <maplebed>	 (I think the default group says ssh from any project.)
[21:44:36] <maplebed>	 no, we're agreeing.
[21:44:40] <RobH>	 ok, cool
[21:44:55] <maplebed>	 you should not be able to hit it on port 80 from the bastion unless it's in an additional security group that specifically allows that.
[21:45:02] <maplebed>	 but you should be able to get to it via ssh.
[21:45:03] <RobH>	 yea
[21:45:05] <RobH>	 cool
[21:45:44] <RobH>	 now why cant i see an instance named bugzilla under manage instances =/
[21:45:58] <maplebed>	 are you a member of the deployment-prep project?
[21:46:09] <maplebed>	 you can only see instances in projects you belong to.
[21:46:28] <RobH>	 bah, i can add myself as admin, but view is restricted to projects...
[21:46:31] <RobH>	 annoying.
[21:46:39] <RobH>	 global admin should = can see all instances.
[21:47:04] <RobH>	 if an op needs to kill an instance due to whatever reason, we have to add ourself to the group to do so
[21:47:10] <RobH>	 that seems kinda mehj.
[21:47:12] <RobH>	 meh even
[21:47:15] <maplebed>	 yup.
[21:47:27] <maplebed>	 add it to the list.
[21:47:53] <RobH>	 you mean the novel?
[21:48:01] <maplebed>	 sorry, my bad.
[21:48:05] <RobH>	 ;]
[21:48:16] <labs-home-wm>	 03/30/2012 - 21:48:16 - Creating a home directory for robh at /export/home/deployment-prep/robh
[21:48:33] <RobH>	 hexmode: So your bugzilla instance is going to have to be deleted and redone
[21:48:40] <RobH>	 as you only have security group default
[21:48:42] <hexmode>	 :P
[21:48:44] <RobH>	 you need 'web'
[21:48:56] <hexmode>	 yeah, that bit is lame :(
[21:48:56] <RobH>	 also, dont name it the same thing, as the old dns will cache for another hour after deletion ;]
[21:49:04] <RobH>	 can you tell you did what i have done?
[21:49:05] <RobH>	 heh
[21:49:06] <hexmode>	 no problem
[21:49:16] <labs-home-wm>	 03/30/2012 - 21:49:16 - Updating keys for robh
[21:49:25] <RobH>	 so you may wanna call it bugzilla-dev or delete it and dont recreate it for an hour, or monday or whatever
[21:49:29] <RobH>	 if you want the same instance name
[21:49:53] <hexmode>	 RobH: is bz4 in prod installed from just using cpan?
[21:50:03] * hexmode  doesn't see a package for it

[21:50:13] <RobH>	 that is a good question, i have no idea =[  lemme see
[21:51:06] <RobH>	 hexmode: it must be, there is only ubuntu bugzilla3 package
[21:51:10] <RobH>	 well, that sucks =[
[21:51:17] <hexmode>	 bad
[21:51:22] <hexmode>	 I'll find one
[21:51:24] <RobH>	 i checked on kaulen, no bz package installed for it
[21:51:29] <hexmode>	 I'm sure I saw one for it
[21:51:42] <dschoon>	 hi all, question.
[21:51:43] <RobH>	 if its not in standard repos, we would have to import it into our repo
[21:51:57] <RobH>	 which still, is easier than doing a cpan install for ops standpoint.
[21:51:57] <dschoon>	 i'm attempting to restart a project i have running on a labs instance
[21:52:24] <dschoon>	 and all of a sudden i can't git pull from an external repo any more
[21:52:31] <dschoon>	 keys are still right
[21:52:36] <dschoon>	 repo is accessible from elsewhere
[21:53:01] <dschoon>	 but i get:
[21:53:03] <dschoon>	 dsc@reportcard1 srv $ git clone git@less.ly:kraken-ui.git
[21:53:04] <dschoon>	 Initialized empty Git repository in /srv/kraken-ui/.git/
[21:53:04] <dschoon>	 fatal: The remote end hung up unexpectedly
[21:53:08] <RobH>	 and you could do so at some point on that instance right?
[21:53:11] <dschoon>	 yes.
[21:53:27] <dschoon>	 i get the same thing when i attempt to pull from an extant copy of that repo
[21:53:36] <dschoon>	 but not from elsewhere (such as the office)
[21:55:00] <LeslieCarr>	 maybe ryan updated security groups ?
[21:55:30] <RobH>	 bah, i was gonna check said groups
[21:55:34] <labs-nagios-wm>	 PROBLEM host: bugzilla is DOWN address: bugzilla CRITICAL - Host Unreachable (bugzilla)
[21:55:37] <RobH>	 but i have to add myself to the project to see the groups applied
[21:55:37] <dschoon>	 explain?
[21:55:40] <RobH>	 soooo annoying.
[21:55:50] <dschoon>	 this sounds not worth it.
[21:55:58] <RobH>	 dschoon: perhaps the security group assigned to the project has since been updated to block those ports for git pulls
[21:56:02] <dschoon>	 so don't bother unless you are bored or desiring procrastination
[21:56:07] <dschoon>	 yes, that seems likely.
[21:56:12] <RobH>	 what port does git need?
[21:56:15] <dschoon>	 it last worked before the gluster meltdown
[21:56:21] <dschoon>	 it uses ssh, iirc
[21:56:38] <RobH>	 maplebed pointed out that the default group allows ssh
[21:56:45] <RobH>	 so if your pull is using ssh, i would think it would work
[21:56:59] <RobH>	 as instances are auto-natted for that stuff was my understanding
[21:57:05] <maplebed>	 RobH: the security groups are for inbound connections, not outbound (IIRC)
[21:57:21] <RobH>	 that makes sense but i was not certain so i didnt want to say 
[21:57:29] <dschoon>	 ugh.
[21:57:29] <dschoon>	 ok.
[21:57:31] <RobH>	 so security groups shouldnt be involved in this error
[21:57:34] <RobH>	 is what i think
[21:57:37] <dschoon>	 we can resume this some time that is not now.
[21:57:40] <dschoon>	 like next week.
[21:57:46] <maplebed>	 there are some outbound rules, but I'm pretty sure they're all in the network, not the interface.
[21:57:52] <maplebed>	 (like, routers and such)
[22:02:26] <hexmode>	 what is generic::tcptweaks? And is it needed?
[22:02:57] <LeslieCarr>	 it reduces the syn timeout by a lot and increases the initial window size to 10
[22:03:43] <labs-nagios-wm>	 PROBLEM Current Load is now: CRITICAL on bz-dev bz-dev output: CHECK_NRPE: Error - Could not complete SSL handshake.
[22:04:23] <labs-nagios-wm>	 PROBLEM Current Users is now: CRITICAL on bz-dev bz-dev output: CHECK_NRPE: Error - Could not complete SSL handshake.
[22:05:03] <labs-nagios-wm>	 PROBLEM Disk Space is now: CRITICAL on bz-dev bz-dev output: CHECK_NRPE: Error - Could not complete SSL handshake.
[22:05:24] <hexmode>	 "puppetd -tv" is failing now:  Error 400 on SERVER: Duplicate definition: Package[apache2] is already defined
[22:05:43] <labs-nagios-wm>	 PROBLEM Free ram is now: CRITICAL on bz-dev bz-dev output: CHECK_NRPE: Error - Could not complete SSL handshake.
[22:06:53] <labs-nagios-wm>	 PROBLEM Total Processes is now: CRITICAL on bz-dev bz-dev output: CHECK_NRPE: Error - Could not complete SSL handshake.
[22:07:21] <hexmode>	 LeslieCarr: got a sec to help me with this error?
[22:07:33] <labs-nagios-wm>	 PROBLEM dpkg-check is now: CRITICAL on bz-dev bz-dev output: CHECK_NRPE: Error - Could not complete SSL handshake.
[22:10:36] * hexmode  adds nagios

[22:13:44] <labs-nagios-wm>	 PROBLEM HTTP is now: CRITICAL on bz-dev bz-dev output: Connection refused
[22:13:47] <maplebed>	 hexmode: wait 30s and do it again.
[22:14:17] <hexmode>	 maplebed: looks like it was checkbox confusion
[22:14:33] <hexmode>	 there should be more sanity checking in the checkboxes
[22:14:50] <maplebed>	 there probably won't be any sanity checking on the check boxes.
[22:15:03] <maplebed>	 it's up to you to choose a working puppet config
[22:15:10] <maplebed>	 (or to create one...)
[22:15:23] <maplebed>	 given that labs isn't a puppet parser, it'd be impossible to actually tell what a checkbox will do.
[22:15:50] <hexmode>	 yeah, I see...
[22:16:06] <hexmode>	 just finished a more-sucessful run
[22:16:19] <hexmode>	 still need moar memory
[22:25:44] <labs-nagios-wm>	 RECOVERY Free ram is now: OK on bz-dev bz-dev output: OK: 72% free memory
[22:25:44] <labs-nagios-wm>	 RECOVERY Disk Space is now: OK on bz-dev bz-dev output: DISK OK
[22:26:55] <labs-nagios-wm>	 RECOVERY Total Processes is now: OK on bz-dev bz-dev output: PROCS OK: 94 processes
[22:27:34] <labs-nagios-wm>	 RECOVERY dpkg-check is now: OK on bz-dev bz-dev output: All packages OK
[22:28:44] <labs-nagios-wm>	 RECOVERY Current Load is now: OK on bz-dev bz-dev output: OK - load average: 0.12, 0.35, 0.39
[22:28:44] <labs-nagios-wm>	 RECOVERY HTTP is now: OK on bz-dev bz-dev output: HTTP OK: HTTP/1.1 200 OK - 452 bytes in 0.004 second response time
[22:29:24] <labs-nagios-wm>	 RECOVERY Current Users is now: OK on bz-dev bz-dev output: USERS OK - 2 users currently logged in
[22:35:33] <RobH>	 yea second the 'there wont be sanity checking on puppet checkboxes'
[22:35:48] <RobH>	 it relies on the user to download the git puppet stuff and read them before applying
[22:36:20] <RobH>	 cuz there will always be overlapping puppet classes that rely on you to just not apply both =/
[22:37:11] <RobH>	 hexmode: even if you dont get the puppetization of bz working, but instead use labs to make a customization of the templates for the needed change
[22:37:28] <RobH>	 it will allow me to read your labs templates for bz and copy them over to production =]
[22:37:47] <RobH>	 since i can see said changes, confirm they dont break things, and do the root level copy for you
[22:38:26] <RobH>	 ideally we puppetize it all but if you hit wals with puppet and skip right to template hacking and documenting, its ok.
[22:38:34] <RobH>	 s/wals/walls
[23:32:12] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on aggregator1 aggregator1 output: Puppet has not run in the last 10 hours
[23:32:12] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on analytics analytics output: Puppet has not run in the last 10 hours
[23:32:12] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on asher1 asher1 output: Puppet has not run in the last 10 hours
[23:32:12] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on backport backport output: Puppet has not run in the last 10 hours
[23:32:12] <labs-nagios-wm>	 PROBLEM Puppet freshness is now: CRITICAL on bastion-restricted1 bastion-restricted1 output: Puppet has not run in the last 10 hours
[23:44:34] * jeremyb  pokes maplebedd

[23:44:38] <jeremyb>	 s/d$//
[23:47:47] <kaldari>	 anyone have any idea if it would be feasible to set up a labs instance with a copy of the en.wiki database (or simple.wiki if en is too big)?
[23:48:11] <jeremyb>	 one already exists
[23:48:24] <jeremyb>	 (for simple... I think it might be one of the complete ones)
[23:48:33] <jeremyb>	 en is surely waaaay too big
[23:48:46] <jeremyb>	 project is deployment-prep
[23:48:53] <jeremyb>	 back from south america?
[23:51:20] <kaldari>	 yep
[23:52:32] <kaldari>	 cool, I'll send a request to the people in the basement
[23:52:49] <jeremyb>	 whom?
[23:54:04] <jeremyb>	 kaldari: johnduhart might be able to answer some about it tonight (if he's on). otherwise petan and I will be up in the europemorgen
[23:54:44] <jeremyb>	 maplebed: anyway, I'm collapsing soon (2am here) but I wanted to apply for the guinea pig job ;-) anything special I need to know? what project should the cluster live in? what's your TZ? (I'm Europe/Berlin for a few more days. which of course comes with it's own meatspace distractions so I might not be able to do it before someone else gets to it)
[23:55:09] <maplebed>	 jeremyb: sorry, the substitution didn't trigger my nick highlighting alert thingy.
[23:55:19] <jeremyb>	 haha
[23:55:34] <maplebed>	 fantastic!  I'm glad you're interested.
[23:55:51] <maplebed>	 I suggest creating a new project for it, but if you'd like I can add you to the existing swift project intsead.
[23:55:58] <maplebed>	 well, I'll do that anyways so you can look at what I've done.
[23:56:12] <jeremyb>	 your call
[23:56:32] <maplebed>	 spin up the cluster in a new project, and I'll also add you to the existing one so you can look.
[23:56:49] <maplebed>	 I'm in the SF office, so PST.
[23:56:50] <jeremyb>	 can you make the new project then?
[23:56:55] <jeremyb>	 PDT* !!!
[23:56:56] <maplebed>	 I think so.
[23:56:58] <maplebed>	 PDT.
[23:56:59] <maplebed>	 thank you.
[23:58:21] <maplebed>	 what's your labs name?
[23:58:24] <jeremyb>	 ok, so, maybe catch you at ~midnight your time or else when you wake up. or maybe the wifi is still flaky tomorrow and I don't get on
[23:58:29] <maplebed>	 labs wiki name?
[23:58:29] <jeremyb>	 =ircnick
[23:58:32] <labs-home-wm>	 03/30/2012 - 23:58:32 - Creating a project directory for swift2
[23:58:33] <labs-home-wm>	 03/30/2012 - 23:58:32 - Creating a home directory for jeremyb at /export/home/swift2/jeremyb
[23:58:33] <labs-home-wm>	 03/30/2012 - 23:58:32 - Creating a home directory for ben at /export/home/swift2/ben
[23:58:34] <maplebed>	 k.
[23:59:31] <labs-home-wm>	 03/30/2012 - 23:59:30 - Creating a home directory for jeremyb at /export/home/swift/jeremyb
[23:59:32] <labs-home-wm>	 03/30/2012 - 23:59:32 - Updating keys for ben
[23:59:32] <labs-home-wm>	 03/30/2012 - 23:59:32 - Updating keys for jeremyb