[03:16:33] hi, guys, how to install php on an instance? I tried configure->webserver::php5 but it does n't work. [03:48:46] hey jeremyb, you there? [03:49:25] * jeremyb is [03:49:32] kinda [03:49:56] can i take you up on your offer? i'd like to set up phabricator on labs [03:50:01] could you create a project for it? [03:50:16] i has no such powers [03:50:27] although i think such a project exists already [03:51:09] it does so in fact [03:51:15] !resource phabricator | ori-l [03:51:16] ori-l: https://labsconsole.wikimedia.org/wiki/Nova_Resource:phabricator [03:51:29] 20:47 (Eloquence) marktraceur, yeah johnduhart had it set up for testing a few months ago, but it may be easier to set it up from scratch at this point [19:32] [03:51:45] you should use the same project i think though [03:51:53] could you add me to the project? or is that something only ryan can do? [03:51:56] unless you want a semi-prod one and a staging one [03:52:44] ori-l: any current member can give you the same rights they already have (ryan/mutante/johnduhart). any wiki sysop can give you anything they want [03:52:57] ori-l: of course ryan and mutante are also sysops ;) [03:53:18] * ori-l winks salaciously at mutante [03:53:30] haha [03:54:00] ori-l: i have this periodic need for a way to query TZ from people ;) [03:54:09] currently i'm thinking mutante [03:54:27] i can't remember who's moved to SF or not (i know someone did recently) [03:54:28] i think there's a convention -- something like /ctcp mutante time [03:54:36] that doesn't do anything i think [03:54:50] my client uses UTC and i certainly don't live in UTC [03:54:56] or maybe i'm rare [03:55:36] hi, guys, how to install php on an instance? I tried configure->webserver::php5 but it does n't work. [03:55:47] MichaelShavlovsk: maybe tell us more? [03:56:05] what's your test for doesn't work? what's happening with puppet? are runs succeeding? [03:56:07] "http://www.irchelp.org/irchelp/rfc/ctcpspec.html" [03:56:29] "TIME - Gets the local date and time from other clients. " [03:56:36] so according to the specs, at least, it ought to be local [03:56:42] ori-l: it says CEST for mutante i think [03:56:45] i think lots of clients block it because ctcp was an attack vector [03:56:46] ori-l: right, it *is* local [03:57:28] ori-l: the local time configured on the box where my irssi is running is UTC. the box is a virtual server in new jersey (US) and I am in brooklyn (NY, US) [03:57:48] oh! where in brooklyn? [03:58:05] CTCP HOOD [03:58:21] * ori-l is an ex-new-yoker, miss the city terribly [03:59:43] ori-l: park slope. otto's relatively close too [04:00:12] jeremyb: after I created an instance I go to configur then I choose among other options webserver:php5, then I logging into the instance and on "php -version" it says that php is not installed. Is one suppose to install php though these puppets in configure of an instance? [04:00:54] MichaelShavlovsk: webserver::php5 doesn't mean php5-cli to me (just thinking about it) [04:01:13] a server need not have php on the path to be said to have php installed [04:01:51] MichaelShavlovsk: `dpkg -l 'php*'` says what? [04:02:01] jeremyb: cool [04:02:35] do you have any experience with puppet, btw? [04:03:32] me? no [04:04:00] sorry, that was at jeremyb [04:04:00] jeremyb: yes there is php-common [04:04:09] ori-l: some [04:04:18] MichaelShavlovsk: and php5-cli is what? [04:04:23] uninstalled? [04:04:42] jeremyb: i'm new to it, so i'm wondering which already-puppetized piece of software might be closest to phabricator so i could work off of its manifest [04:04:47] ori-l: no haifa for you right? [04:04:54] oooh [04:04:56] jeremyb: nope [04:05:03] well gerrit is the closest function obviously [04:05:05] jeremyb: there isn't line with php5-cli [04:05:07] but it's a php app [04:05:10] not java [04:06:13] MichaelShavlovsk: so that's your problem [04:06:52] MichaelShavlovsk: and it's perfectly reasonable (IMO as I just said) that webserver::php5 would not install php5-cli [04:07:27] jeremyb: okay, thank you. [04:08:22] MichaelShavlovsk: maybe you want apaches::packages or maybe you need to change a manifest. or just install without puppet [04:09:04] jeremyb: but it does not allow me to install packages [04:09:36] jeremyb: is there way to install packages using apt-get? [04:10:46] MichaelShavlovsk: huh? who doesn't? [04:13:35] jeremyb: in the server I got message that something like "you are not in sudo errs", then I went to "mange sudo policies" and created policy, after that I had " mshavlovsky is not allowed to run sudo on ..." [04:13:54] nah, don't deal with manage sudo policies [04:14:11] just make sure you're a sysadmin for whichever nova project that box is in [04:14:14] which box [04:14:16] ? [04:14:50] box? [04:16:24] do you mean an instance? it is i-0000039e.pmtpa.wmflabs [04:18:10] jeremyb: how can I add myself in sysadmin? I am in netadmin now [04:18:30] yes, instance [04:18:39] netadmin doesn't matter here [04:18:47] i don't think you can add yourself [04:19:17] i can't even see whether or not you're a sysadmin i think [04:19:36] okay, so I can use only avaliable puppets [04:20:57] it's hard to imagine you could change puppet without being sysadmin [04:20:57] that's a bug if you can IMO [04:20:57] I cannot [04:21:09] erm? [04:22:03] I meant I can use only avaliable puppets through configuration, right? [04:24:44] i think you don't know what puppet is maybe? [04:24:52] can you rephrase without saying puppet? [04:32:16] jeremyb:To install packages I can do next: in instance list I click configure on my instance. Then I see, "puppet information" and "global groups" and lots of check-boxes like "mysql::config", so I can check whatever configuration I needed and click submit. Is this the only way to get packages on the instance? Even though I have mysql-common package I cannot browse databases and I need it. [04:36:36] jeremyb: if I have mysql-common package does it mean that I have installed mysql database? [04:37:01] no [04:43:19] jeremyb: so I am trying to configure the instance for installation mediawiki, Do you know how can I install necessary parts like mysql and php on the instance? I found that I can like written here https://labsconsole.wikimedia.org/wiki/Help:Instances#Configuring_instance , but it does not work, I checked all thing with mysql and I have only mysql-common package instance. Whether configuration does not work or there is [04:43:19] other way to install mysql. [04:44:29] checking everything with mysql is likely to cause problems not solve them [04:46:29] okay, I did not find explanation what every part means but here they are : db::core; db::es::master; db::es:slave; mysql::conf; mysql::datadirs; mysql::mysqluser; role::labs-mysql-server [04:48:17] jeremyb: what of the about do I need, do you know? [04:48:32] i haven't a clue [04:49:10] there has been talk of making a class that just installs a complete+working mediawiki instance. afaik it's not been created yet [04:50:02] jeremyb: okay, thank you [04:53:01] MichaelShavlovsk: you're sure you're not a sysadmin right? checked [[special:novaproject]] ? [04:55:58] jeremyb: yep, it looks like I am sysadmin, but why I cannot add packages? do you know? [04:56:18] MichaelShavlovsk: what did you try to add them? [04:56:23] i think you still haven't told me [04:58:10] jeremyb: sorry, may be I undertood you, I want just install mediawiki on the instance, so I need apache, php and myslq, I cannot do it through sudo apt-get install. [04:58:26] MichaelShavlovsk: ohhh, sudo again [04:58:27] sorry [05:00:38] MichaelShavlovsk: so, what's the message exactly? can you try just `sudo echo foo` for me? [05:00:50] MichaelShavlovsk: what password do you give it when it prompts you? [05:00:59] should be the one you log in to labsconsole with [05:01:14] jeremyb: mshavlovsky is not allowed to run sudo on i-0000039e. This incident will be reported. [05:01:25] for sudo echo foo ? [05:01:32] yep [05:02:19] did you log out and back in to the box recently? [05:02:26] were you made sysadmin recently? [05:03:11] I did log out and back in to the box recently [05:03:57] ohhh, remove the sudo policy btw [05:03:57] what do you mean where I made sysadmin recently, I am listed as sysadmin in labsconsole.wikimedia.org/wiki/Special:NovaProject [05:04:01] okay [05:04:16] you're probably stopping yourself from echoing [05:04:55] it's not sysadmin that gives you sudo [05:05:02] it's the sudo policy that does [05:05:11] Ryan_Lane: but there's a default sudo policy, right? [05:05:13] no [05:05:22] Ryan_Lane: remember how i complained about not being able to see who's a sysadmin/netadmin for other people's projects? i found the right ldap incantations ;) [05:05:26] heh [05:05:29] huh [05:05:44] it might be a good idea to generate a default sudo policy [05:05:49] i guess there's just a reallllllly common sudo policy on labs [05:05:54] I'd need to add that to openstackmanager [05:05:57] !sudo [05:05:57] You have sudo in any project that you are a member of, excluding global projects (like bastion). Your sudo password is your labsconsole wiki password. [05:06:00] hm [05:06:04] @search sudo [05:06:04] Results (Found 1): sudo, [05:06:07] damn it [05:06:15] hah [05:06:22] @apropos sudo [05:06:32] !sudo-policy is https://labsconsole.wikimedia.org/wiki/Help:Sudo_Policies [05:06:32] Key was added [05:06:48] !sudo-policies alias sudo-policy [05:06:48] Created new alias for this key [05:07:16] could probably make that documentation a little better [05:07:23] hey Ryan_Lane, could you add mark traceur and i to the (seemingly abandoned) phabricator project on labs? [05:07:31] sure [05:07:31] we're in the process of puppetizing it [05:07:36] * Ryan_Lane nods [05:07:43] thanks! [05:07:52] obviously an external ip would be useful too :) [05:08:33] OrenBo: usernames? [05:08:35] Ryan_Lane: /me too for phab ? [05:08:49] I'll add one of you [05:08:51] we're collaborating at http://etherpad.wikimedia.org/phab, probably doing all sorts of horrible things since neither of us has any real experience with puppet. if you guys want to take a look, we'd welcome input [05:09:04] i'm "ori" [05:09:05] isn't it premature to puppetize it? :) [05:09:15] your wiki username is ori? [05:09:19] Ryan_Lane: there's a wikitech-l thread [05:09:28] it's Ori.livneh, but gerrit didn't like the dot and truncated the latter half [05:09:37] ori-l: gerrit ? [05:09:55] ugh, well it's Ori.livneh in labs [05:10:01] fucking gerrit [05:10:12] people need to tell me when there are username issues like that [05:10:19] i did, a while ago [05:10:21] I'll change the allowed characters in labsconsole [05:10:50] ori-l: I added you. you can add the others [05:11:03] cool will do -- jeremyb, username? [05:11:30] ori-l: ==nick [05:12:15] ori-l: huh, i think there's no indication that I can find that gerrit doesn't like the dot. (when searching for you or clicking on you etc.) [05:12:53] i don't remember precisely where and how it choked, but try it and you'll see [05:12:57] unless Ryan_Lane just fixed it [05:13:03] no [05:13:12] it's with the dot in labsconsole [05:13:12] no, he was going to just block new bad people from being created [05:13:14] which means in ldap [05:13:47] jeremyb: thank you, now I can do sudo [05:14:11] MichaelShavlovsk: cool [05:14:38] MichaelShavlovsk: i guess i just never encountered a project without that normal sudo policy before. [05:14:54] yeah, I'm usually nice and set it up manually [05:15:02] since it is often a point of confusion [05:15:02] =)) [05:15:17] I think it's more likely people want the default than to set up something custom [05:15:26] I'll just make openstackmanager make it by default [05:16:53] Ryan_Lane: what do you think would be a sensible instance size for phabricator? [05:17:17] i imagine it'll host between 2 and 5 projects during the eval [05:17:25] small [05:17:47] when we upgrade openstack, you'll be able to resize instances ;) [05:18:05] that's awesome [05:18:10] isn't *that* exciting? :) [05:18:11] heh [05:18:24] we'll have snapshot support too, but I don't know if I'm going to add that [05:18:30] I have a feeling that's going to end bad places [05:18:57] in terms of taking up lots of storage space? [05:18:59] !bug 39092 [05:18:59] https://bugzilla.wikimedia.org/39092 [05:19:10] ori-l: yeah, and people being lazy [05:19:23] snapshots require downtime, too [05:19:24] which availability zone is liklier to be stable in the next few weeks? [05:19:30] they are all the same [05:19:37] there's only pmtpa [05:20:06] and it'll have downtime for the upgrade [05:20:18] Ryan_Lane: can't it be more like security groups? there's a set of default policies and you can choose to use one of those or make your own? [05:20:18] that said, I think you can live with a day or so of downtime ;) [05:20:34] jeremyb: you can right now [05:20:34] hey guys, I want create a git repository and I did request at http://www.mediawiki.org/wiki/Git/New_repositories/Requests , but nothing happens since friday, is this the right way to obtain git repository for a project? [05:20:42] jeremyb: that's exactly how it works [05:20:53] MichaelShavlovsk: yeah [05:21:04] ori-l: where will the repos canonical homes be? i was thinking they can live on gerrit? [05:21:07] I'm not sure why it's taking so long [05:21:20] i wonder if there's a way to disable review in gerrit [05:21:28] or just disable push for review i guess [05:21:31] per repo [05:21:37] jeremyb: you can have push rights [05:21:40] you can do straight pushes to the repos [05:21:57] of course, that defeats the entire purpose [05:22:00] but that is illegal and nobody ever does that [05:22:08] Ryan_Lane: right. but some people will do push for review instead. i want to prohibit that [05:22:22] don't involve gerrit in the chain [05:22:33] Ryan_Lane: we can have push to personal sandbox with some convention and have phabricator watch for personal sanxboxes [05:22:36] if you are going to evaluate it, do so in a way we can actually use [05:22:54] hrmmmm [05:23:09] so, repos on same box with phabricator then... [05:23:11] which means no gerrit and no github [05:23:18] gitolite or something maybe [05:23:24] that said [05:23:25] +phabricator [05:23:30] I don't understand why we're looking at phabricator *at all* [05:23:35] heh [05:23:40] it doesn't do repo management, how is it even a replacement for gerrit!? [05:23:42] if you just want to try out the code review parts until it does repo hosting, have at it [05:23:45] paravoid: it's in the plans [05:24:00] same with ACLs and private repos [05:24:30] but at the same time noone gives a shit about gitlab which it does all that already [05:24:43] there's a pretty strong incentive to go with phabricator [05:24:55] yeah, I can see that, that's why I'm wondering. [05:25:08] the phabricator guy came to the office today and showed us the system [05:25:12] what's the incentive? [05:25:18] paravoid: so... c_rehash? [05:25:27] 1. It's in php [05:25:32] jeremyb: in a sec. [05:25:35] which means our devs can actually make changes [05:25:44] 2. it's code review was actually pretty damn nice [05:25:55] 3. it's not pull request based [05:26:15] 4. it supports post-commit review [05:26:25] Ryan_Lane: how is it based then? [05:26:36] gitlabs is basically a github clone. github does code review fairly poorly [05:26:43] jeremyb: eh? [05:26:45] based/ [05:26:47] I like pull request based to be frank :) [05:26:56] I hate pull requests [05:27:06] it would be a coup for evan priestly (chief author / maintainer) to list us as a user, and he seemed eager to implement various requirements we have [05:27:15] indeed [05:27:16] that should also be noted [05:27:28] much better than "have a million of different completely separate reviews" or "squash everything into a single commit" [05:27:29] that said, I think we'll be using gerrit for quite a while [05:27:36] paravoid: it does neither [05:27:55] gerrit fails miserably when you try the normal (in the git world) topic branch workflow [05:28:12] I disagree [05:28:13] not sure what phabricator does [05:28:43] btw if once of you have a sec maybe you can hit "submit" on https://rt.wikimedia.org/Ticket/Display.html?id=3325 / https://gerrit.wikimedia.org/r/#/c/17040/ -- all the approvals are in [05:28:45] when you use git review it abstracts that stuff away from you [05:28:47] *one [05:29:05] how does it abstract the fact that you lose information? [05:29:11] you don't [05:29:13] it's in the change [05:29:14] the feature was implemented in a topic branch, you lose this information forever. [05:29:23] Ryan_Lane: if not pull req based then what takes the place of pull reqs? is there a diagram? ;) [05:29:23] your entire history is in the change [05:29:32] jeremyb: you push a diff in [05:29:43] hrmmmm [05:29:46] afaik in gerrit you merge individual commits, not branches [05:30:00] paravoid: yes, so you end up with a clean master [05:30:08] the change is a full branch [05:30:09] will I see 'merge branch "puppet-module"' in the git history? [05:30:18] you can pull all of the history from it [05:30:19] if that was a local topic branch? [05:30:48] I like that fact that master isn't cluttered with a million mistakes people made [05:30:52] you lose merge info [05:30:57] who cares? [05:31:00] our master is /clean/!?! [05:31:12] it's full of completely useless merges [05:31:20] puppet's master isn't clean because we had to merge to test anything previously [05:31:20] * jeremyb chuckles [05:31:27] that's not gerrit's fault [05:31:37] that's not the reason [05:31:47] look at all of your recent commits [05:31:56] it's basically "commit foo; merge foo" for all of them [05:32:23] and dont' tell it's because you didn't pull before pushing, because I've seen it do that even if I do that... [05:32:38] * Ryan_Lane shrugs [05:32:50] but that's a separate issue from the "is not compatible with topic branches workflow" [05:33:00] we can turn ff-only on in our repo [05:33:07] but then you'd need to rebase more often [05:33:18] seriously, look at the past 10 commits of yours [05:33:28] the question is "is the HEAD at time of merge also the parent of your commit? if so then it's a fast forward and no merge commit. if not then merge commit" [05:33:28] I'm not using git-review [05:33:31] AFAICT [05:33:44] how's git-review relevant? [05:33:50] it rebases for ou [05:33:51] *you [05:34:02] i've not installed git-review myself [05:34:14] I've seen it do merges even if I was commiting on top of the latest head [05:34:24] paravoid: hard to believe [05:34:29] again, we can turn ff-only on, if you'd like [05:34:58] iirc, it was because I did +2 and submit in two different steps or something [05:35:17] ^demon has an open bug on this [05:35:23] oh heh. [05:36:20] so, we get useless merges and we also don't get useful merges, because it treats every branch merge as individual commits [05:36:56] that's my biggest complaint with gerrit. I didn't mind the colors or the pre-upgrade slowness or anything [05:37:08] I never find that to be a problem ;) [05:37:20] there's also workarounds for that in git log [05:37:30] there's threads about this on wikitech-l [05:38:07] what are your arguments against pull requests? [05:38:22] I've never found it to be a problem and I wonder [05:38:32] my problem is with forking [05:38:56] you mean the same software all over github under different usernames? [05:39:02] yes [05:39:03] oh I hate that too [05:39:07] totally hate it [05:39:10] which is a requirement of pull requests [05:39:23] is it? I haven't seen how gitlab does it [05:39:31] it doesn't /have/ to be [05:39:33] pull requests also put the burden of merging on the reviewer [05:39:41] ^ that part sucks [05:39:49] what do you mean? [05:40:08] you make a pull request. the reviewer has to actually merge it [05:40:25] oh you mean merge conflicts [05:40:27] yes [05:40:30] and that sucks [05:40:50] well, again, it doesn't have to be that way [05:41:06] you can say "doesn't merge cleanly, fix and resubmit the merge" [05:41:42] same with commits that conflict as we have it now [05:41:45] some labs instance is misbehaving [05:43:19] dumps-inc [05:43:26] where's hydriz? [05:43:26] heh [05:43:45] gitlab's graph thing is really cool [05:43:50] Ryan_Lane: it's that daily? [05:44:00] and it really shows how a nice git workflow would work [05:44:01] paravoid: like github's network? [05:44:10] yeah [05:44:19] jeremyb: more often than that http://ganglia.wikimedia.org/latest/?r=day&cs=&ce=&c=Virtualization+cluster+pmtpa&h=virt8.pmtpa.wmnet&tab=m&vn=&mc=2&z=medium&metric_group=ALLGROUPS [05:44:23] gitlab's basically a github ripoff, so... [05:44:45] I don't think github's model would work that well for us, honestly [05:45:04] Ryan_Lane: you mean if it were released DFSG free tomorrow? [05:45:08] yes [05:45:20] it's funny how github is a popular option [05:45:41] I'm betting it isn't very popular with orgs that have over a hundred repos [05:45:44] I should probably put work where my mouth is and set up a gitlab instance [05:46:01] I'll even do curl | sh! [05:46:15] * Ryan_Lane stabs [05:46:31] which wgets ruby and installs it [05:46:36] -_- [05:46:36] from source [05:46:42] * Ryan_Lane groans [05:46:44] paravoid: hydroxide and I will be at this talk thursday night. i'll see how fast we can get the video. http://nylug.org/home/index.shtml [05:46:52] and this is why I hate every fucking ruby app in existence [05:47:51] apt-get install curl sudo [05:47:51] # 3 steps in 1 command :) [05:47:52] curl https://raw.github.com/gitlabhq/gitlabhq/master/doc/debian_ubuntu.sh | sh [05:47:55] :-) [05:48:03] that's what it says I should do! [05:48:25] wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p194.tar.gz [05:48:25] tar xfvz ruby-1.9.3-p194.tar.gz [05:48:26] cd ruby-1.9.3-p194 [05:48:26] ./configure [05:48:26] make [05:48:28] sudo make install [05:48:31] paravoid: not `curl | sudo sh` ?? [05:48:37] make, make install. sigh [05:48:46] i guess maybe it prompts for password later [05:48:49] what year is it again? [05:48:51] jeremyb: nah, it does sudo multiple times in the script [05:49:16] this is another reason I like php apps [05:49:21] more seriously, there are people that have installed it with stock ubuntu ruby [05:49:34] and even stock ubuntu gitolite [05:49:42] you put the code in a directory, you install some debs from apt, and you set up apache [05:50:14] it's not like php is very popular among sysadmins though :) [05:50:24] I'm perfectly happy using php apps [05:50:31] but we've had that discussion before [05:50:38] I wouldn't use it to develop system stuff [05:51:04] well, I guess I should take that back, I did write OpenStackManager, and I guess that's at least a little system related :D [05:51:06] Ryan_Lane: i think this is your problem: http://i.imgur.com/zh4hG.png [05:51:15] ori-l: hahaha [05:51:32] oh, I'm nearly done with the OSM upgrade [05:51:33] you need to run before you jump [05:51:42] Ryan_Lane: yay! [05:51:56] paravoid: and it supports multiple regions now : [05:51:57] :) [05:52:15] one of you has to change names eventually [05:52:19] (OSM or OSM) [05:52:22] ;( [05:52:32] how are regions are zones different? [05:52:32] jeremyb: use your context detector :) [05:52:42] zones are within a region [05:52:42] aude: help? [05:52:51] they use the same services [05:52:51] but you said we won't have zones now? [05:52:59] no. just regions [05:53:21] in the folsom release we can do "cells" within a region for better separation [05:53:29] paravoid: ganeti has neither? just make a separate cluster if you need some isolation? [05:53:32] we can technically use zones, but they are limited usefulness [05:53:43] but i guess no cross cluster migration [05:53:47] regions actually better describe what we're doing [05:53:53] jeremyb: ganeti has nodegroups, but it's a different concept than zones [05:53:56] and offer the proper service separation [05:54:07] paravoid: does grnet use webmgr? [05:54:16] no, we made our own [05:54:18] paravoid: the new scheduler also allows "hints" [05:54:25] webmgr was actually forked from an early version of our webmgr [05:54:36] orly [05:54:37] so, you can pass a hint to the scheduler to tell it that it should run an instance on a particular set of hardware [05:55:45]