[00:35:31] <ireas>	 I can’t access tools.wmflabs.org (ping / http / https) from tools-login.wmflabs.org at the moment.
[00:35:38] <ireas>	 anyone else having this problem?
[00:36:53] <sumanah>	 Coren: ^
[00:37:35] <incognitus>	 ireas: -eqiad ?
[00:37:39] <Coren>	 ireas: That's not so much a problem as a limitation of nova-network.  You can't reach external IPs from within, but you /can/ use the interal IP
[00:37:42] <incognitus>	 oh, that's the default
[00:37:56] <Coren>	 ireas: tools-webproxy, for that server.
[00:38:29] <Coren>	 (Yeah, it sucks.  I wish we could have upgraded to neutron during migration, but it would have delayed it too much)
[00:39:19] <ireas>	 hmm, okay … did this change recently? it used to work in tampa, and I think it also worked after the eqiad migration
[00:41:24] <ireas>	 Okay, tools-webproxy works.  So I’ll have to check if I’m on Labs or somewhere else in the world wide web … thanks for the quick reply!
[00:42:00] <Damianz>	 It never worked in pmtpa
[00:42:20] <Damianz>	 Stupid nat/nova issue
[00:43:29] <ireas>	 Damianz, I used that code for several weeks, and it did work ^^
[00:44:02] <Damianz>	 then something was very broken
[00:44:10] <Damianz>	 though interesting
[00:44:29] <ireas>	 :D
[00:44:39] <incognitus>	 https://meta.wikimedia.org/wiki/Meta:Requests_for_help_from_a_sysop_or_bureaucrat#Site-wide_links_to_https:.2F.2Ftools.wmflabs.org.2Fguc.2F
[00:44:53] <scfc_de>	 We had a host alias for tools.wmflabs.org in ptmpa.
[00:45:10] <incognitus>	 https://en.wikipedia.org/w/index.php?title=Wikipedia:Village_pump_(technical)&diff=600186951&oldid=600184390
[00:45:21] <incognitus>	 is this advice correct?
[00:47:24] * Coren  reads said advice.

[00:48:11] <incognitus>	 Coren: I only replied because I didn't expect anyone else to answer it... also here https://en.wikipedia.org/w/index.php?title=Wikipedia:Village_pump_(technical)&diff=600180348&oldid=600174944
[00:48:30] <Coren>	 incognitus: It's pretty much correct.  the trailing slash thing is my current config being overly by-the-book about URLs; but that's on my "this week" list to fix.
[00:48:53] <incognitus>	 yeah, it worked before (apache?)
[00:48:57] <Coren>	 But yeah, on the subtance, restarting the webservice is what to do.
[00:49:37] <Coren>	 incognitus: Yeah, the previous config did an implicit redirect from foo to foo/ as appropriate; currently it doesn't try (and fails correctly, but unhelpfully)
[00:57:03] <Magog_the_Ogre>	 My cron settings have not been carried over to the new Tool Labs
[00:57:26] <Magog_the_Ogre>	 actually, I will look into the labs-l mailing list to see if I can find something there before asking here.
[01:01:38] <incognitus>	 Coren: another question
[01:05:29] <Magog_the_Ogre>	 uh, does anyone who was subscribed to this list know what happened to our cron jobs? The archive is not functional.
[01:11:42] <ireas>	 Magog_the_Ogre, I already looked for that information but could not find in on the list :/
[01:12:20] <Magog_the_Ogre>	 I would open up another bug, but I don't know it is one yet...
[01:42:33] <scfc_de>	 Magog_the_Ogre: Coren said that there was a problem in reinstating crontabs after migration and that he wanted to fix it.  I'm not sure what's the status of that.
[01:43:48] <Magog_the_Ogre>	 thanks scfc_de 
[01:49:07] * Coren  is not really here, but suggests that people look in a file named ...DATA.crontab

[02:03:00] <Gloria>	 Magog_the_Ogre: Generally safest to put crontabs in a text file, BTW.
[02:03:11] <Magog_the_Ogre>	 yeah
[02:03:15] <Gloria>	 Then you can use "crontab /path/to/crontab.txt" .. yeah.
[02:03:17] <Magog_the_Ogre>	 I did so about a month ago
[02:03:22] <Magog_the_Ogre>	 ohhhhhhhh
[02:03:23] <Gloria>	 Put version control!
[02:03:26] <Magog_the_Ogre>	 never did that before
[02:03:29] <Gloria>	 Yeah.
[02:03:30] <Magog_the_Ogre>	 I HAVE VERSION CONTROL
[02:03:35] <Gloria>	 It's trivial to kill a crontab.
[02:03:37] <Gloria>	 You go girl!
[02:03:44] <Gloria>	 Put in *
[02:03:54] <Gloria>	 President Putin.
[02:04:01] <Magog_the_Ogre>	 but my Labs doesn't have write access to my repository
[02:04:08] <Gloria>	 Yeah, shit seems fucked.
[02:04:16] <Gloria>	 Or was yesterday when I poked.
[02:04:22] <Gloria>	 I'm sure things are improving.
[02:04:22] <Magog_the_Ogre>	 I have
[02:04:23] <Magog_the_Ogre>	 no idea
[02:04:26] <Magog_the_Ogre>	 what you're talking about
[02:04:37] <Magog_the_Ogre>	 Putin, yesterday being poked?
[02:04:57] <Gloria>	 Pretty much.
[02:05:02] <Gloria>	 Don't worry about it.
[02:05:05] <Magog_the_Ogre>	 ok
[02:05:37] <Magog_the_Ogre>	 hey I like my dictators petty, murderous, and part of the mob too.
[02:06:24] <Gloria>	 :-)
[02:06:55] <Gloria>	 "crontab -r" versus "crontab -e" is one of the more evil parts of Unix.
[02:07:33] <Gloria>	 I like talking about crontabs.
[02:07:38] <Gloria>	 I should eat.
[02:09:55] <Magog_the_Ogre>	 stop telling us to stuff beans up our nose (Google it)
[02:34:20] <mutante|away>	 one new English term per day from just reading Magog_the_Ogre 
[02:34:45] <Magog_the_Ogre>	 heh, the beans up your nose isn't an English-ism, it's a Wikipedia-ism :)
[02:34:53] <mutante|away>	 heh, ok
[02:35:31] <mutante|away>	 i'll have to catch up on world news by reading wikinews some time later i guess
[02:35:39] <Magog_the_Ogre>	 oh don't do that
[02:36:06] <Magog_the_Ogre>	 by paying attention to the news, I long ago realized that the Just World Fallacy is a beautiful fallacy to have, because you won't realize how fucked up the world is
[02:36:56] <Magog_the_Ogre>	 ignorance is bliss
[02:37:02] <Magog_the_Ogre>	 there's a new one :)
[02:37:10] <mutante|away>	 so, is Putin still alive?
[02:37:16] <mutante|away>	 or what did "poked" mean 
[02:37:31] <mutante|away>	 ok, don't tell me
[02:38:21] <Magog_the_Ogre>	 I haven't a clue what Gloria meant by poked
[02:39:01] <Magog_the_Ogre>	 maybe someone poked her with a bobby pin?
[02:39:06] <Magog_the_Ogre>	 >me keeps using complicated words
[02:39:14] <Magog_the_Ogre>	 */me
[02:39:33] <mutante|away>	 please do
[02:40:56] <mutante|away>	 Magog_the_Ogre: you should do sound recordings for en.wikt, can always use more .ogg
[02:41:16] <Magog_the_Ogre>	 that sounds like fun
[02:41:22] <Magog_the_Ogre>	 Commons is severely pissing me off
[02:41:38] <mutante|away>	 so you will be the voice when people click the little sound icon next to a word
[02:41:47] <Magog_the_Ogre>	 to the extent I'm ready to be the last sane member of the community to finally give up on it.
[02:42:28] <mutante|away>	 what's so insane there currently
[02:42:37] <mutante|away>	 wait, is that like watching the news?
[02:44:35] <Magog_the_Ogre>	 I have very strong political opinions
[02:45:22] <Magog_the_Ogre>	 and someone other than my favorite candidate is running the nation I live in. What's worse, I have very strong political opinions on foreign events, and IMO the world is going to hell in a handbasket 
[02:45:26] * Magog_the_Ogre  nudges mutante|away 

[02:46:05] <mutante|away>	 i meant Commons, heh
[02:46:11] <Magog_the_Ogre>	 oh 
[02:46:30] <Magog_the_Ogre>	 well the place is the dumping grounds for all the editors who got banned at en.wp because the people there are sane
[02:46:34] <mutante|away>	 and then i stopped myself, thinking if you tell me, then it's like i'm paying attention to the new
[02:46:41] <mutante|away>	 and you just told me not to
[02:46:49] <mutante|away>	 haha
[02:46:50] <Magog_the_Ogre>	 and they've come to form a plurality, so they can get people in trouble for doing things like *pointing out their copyvios*
[02:47:53] <mutante|away>	 this is why i like wiktionary
[02:48:25] <mutante|away>	 a small community, still a lot left to do, and since everything is templates, you don't have to argue about style either (unless you want to change templates, heh)
[02:49:01] <Krinkle>	 andrewbogott_afk: yes, and I have.
[02:49:05] <Krinkle>	 (depending on which page you mean)
[02:52:35] <mutante|away>	 Magog_the_Ogre: here's a fun project. grab a microphone, go to some place where you can expect people speaking multiple languages, then have them just read http://en.wiktionary.org/wiki/Category:Vulgarities_by_language into a mic and tell them how they really help a good cause by doing that:)
[02:53:33] <Gloria>	 I had switched subjects when I said poked.
[02:53:43] <Gloria>	 I poked [at Labs yesterday during the server maintenance].
[02:53:56] <Gloria>	 And it was pretty broken, of course. I think things have improved today.
[02:53:59] <Gloria>	 Though parts may still be down.
[02:54:40] <mutante|away>	 ah, i see
[03:39:41] <mutante|away>	 can't login to new eqiad instance, Unable to create and initialize directory
[03:40:19] <mutante|away>	 it says it's creating my home, then that it fails, then shows me motd, then closes connection. it sounds like known issue
[04:46:17] <andrewbogott>	 Krinkle: The note on the progress page says 'Do not break, actively used...'
[04:46:21] <andrewbogott>	 Is that out of date?
[04:46:29] <Krinkle>	 No, I added it last weekend
[04:47:01] <mutante|away>	 andrewbogott: i couldn't migrate because of home dir issue on eqiad 
[04:47:27] <Krinkle>	 me too
[04:48:12] <Krinkle>	 https://bugzilla.wikimedia.org/show_bug.cgi?id=62771
[04:50:10] <mutante|away>	 confirmed
[04:50:17] <andrewbogott>	 Krinkle: was cvn-app3 migrated from pmtpa or is it a newly-created instance?
[04:50:33] <Beetstra>	 the databases are still being moved ?
[04:50:45] <Beetstra>	 (I still don't see mine)
[04:51:33] <mutante|away>	 andrewbogott: i get it with newly created instances in eqiad
[04:51:38] <andrewbogott>	 ok
[04:51:44] <mutante|away>	 while i can login fine into the old pmtpa instance
[04:51:46] <mutante|away>	 in same project
[04:51:48] <mutante|away>	 using same key
[04:51:57] <mutante|away>	 just changing the bastion in ssh config
[04:52:12] <mutante|away>	 the reason is home dir not being mounted
[04:52:20] <mutante|away>	 i can see my project storage on labstore1001 
[04:52:27] <mutante|away>	 incl. my key
[04:53:23] <mutante|away>	 the instance says "Unable to create and initialize directory"
[04:53:29] <mutante|away>	 just like in Krinkle's report
[04:53:52] <Krinkle>	 andrewbogott: I don't know about the ability to migrate entire intances. I created it fresh
[04:54:13] <mutante|away>	 same
[04:55:51] <andrewbogott>	 Hm… this bug is squarely in Coren's area of influence.  I've seen it before but have never done anything smarter than just reboot a bunch of times :(
[04:56:15] <mutante|away>	 reboot the instances or reboot labstore1001:)
[04:56:28] <mutante|away>	 i saw this
[04:56:40] <mutante|away>	  service manage-nfs-volumes restart
[04:56:52] <mutante|away>	 but unsure if that is exactly the one he did last time
[04:57:54] <mutante|away>	 tries rebooting instances 
[04:58:12] <Krinkle>	 andrewbogott: Tell me more about the migration of entire instances? I don't plan on that but it's interesting to know. Also, more practically for me, is there migration for home or data storage of a project?
[04:58:24] <Krinkle>	 (assuming those aren't shared between eqiad and pmtpa)
[04:58:37] <andrewbogott>	 Krinkle: It's something that basically only I can do.  People that need instances migrated intact can open bugzilla bugs about it.
[04:58:47] <andrewbogott>	 Um… instance migration, that is.
[04:58:48] <Krinkle>	 k, nvm then :)
[04:58:52] <jeremyb>	 hah
[04:59:03] <andrewbogott>	 It usually works, but not so much if the instance is lucid or uses self-hosted puppet.
[04:59:07] <Krinkle>	 I mean, I dont' need it and there's no manual for me to get familiar with when helping others.
[04:59:44] <Krinkle>	 andrewbogott: I'll just recreate the instances. Good practice anyway to make sure everything is indeed properly put in storage and my instances shouldn't keep to much state anyway.
[05:00:07] <andrewbogott>	 I've migrated (I think) all of the old gluster storage.  It's in the equivalent directories in eqiad under 'glustercopy'
[05:00:11] <Krinkle>	 I'm interested in migrating the project store shared between instances though 
[05:00:23] <andrewbogott>	 nfs shared storage I haven't gotten to yet
[05:00:36] <Krinkle>	 so /home and /data/project/cvn basically
[05:00:58] <Krinkle>	 I assume that'll have to be initiated by a project admin to avoid it being copied at an arbitrary point in time.
[05:01:27] <Krinkle>	 It's being written to all the time, I won't need a copy until I'm ready to migrate the running processes. Otherwise they'll get out of date.
[05:01:40] <andrewbogott>	 Um… ": I've migrated (I think) all of the old gluster storage.  It's in the equivalent directories in eqiad under 'glustercopy'"
[05:01:45] <andrewbogott>	 Is that not the storage you're talking about?
[05:01:51] <Krinkle>	 so I'm preparing the new instance first, and then when its good and ready, kill pids, copy data, start new ones on the eqiad instances.
[05:02:00] <Krinkle>	 You tell me
[05:02:02] <andrewbogott>	 But, yeah, if you need a last-minute rsync after you set up the new instances, I can do that
[05:02:21] <mutante|away>	 it worked this time
[05:02:28] <mutante|away>	 dzahn@wikistats-willitblend:~$ 
[05:02:42] <mutante|away>	 so.. "have you tried turning it off..."
[05:02:48] <mutante|away>	 for reals.. 
[05:16:17] <Beetstra>	 andrewbogott - you say: "I've migrated (I think) all of the old gluster storage." <- does that include the databases, I still can't find the database that is being used by linkwatcher and coibot
[05:16:54] <andrewbogott>	 Beetstra: if you're talking about tools databases, then that's pretty much unrelated.
[05:17:02] <Beetstra>	 OK
[05:17:03] <Beetstra>	 :-(
[05:17:08] <Beetstra>	 it is indeed on tools-db
[05:24:22] <andrewbogott>	 Krinkle: you can see for yourself (if you're ever able to long in).  Just look in /data/projects/glustercopy and see if what you need is already there
[05:24:30] <andrewbogott>	 likewise /home/glustercopy
[05:24:51] <Krinkle>	 It won't because the data is changing every minute. (sqlite database among other things)
[05:25:20] <Krinkle>	 until the cvn bots are set up on cvn-app3 in eqiad (which I haven't been able to log into yet), the bots are still running in pmtpa and actively changing the dataset
[05:26:18] <Krinkle>	 as soon as all bots are running in cvn-app3 with empty data sets, I'll kill the dry-running ones in eqiad, kill the ones in pmtpa, ask for a data migration, and boot the eqiad ones as live instead of dryrun.
[05:26:44] <Krinkle>	 the migration of those bots will take a while, once I'm ready to flip the switch I'll need to do it with you standing by to migrate the data
[05:27:23] <andrewbogott>	 ok, that sounds about right.
[12:11:31] <Steinsplitter>	 replag
[12:11:34] <Steinsplitter>	 !replag
[12:11:37] <Steinsplitter>	 @replag
[12:11:37] <wm-bota>	 Replication lag is approximately 00:00:00.6288190
[12:24:59] <Coren>	 Almost done.
[12:30:44] <grrrit-wm>	 (03Abandoned) 10Hashar: grrrit: switch default channel [labs/tools/grrrit] - 10https://gerrit.wikimedia.org/r/117839 (owner: 10AzaToth)
[12:31:46] <hashar>	 Coren: good morning!  Thank you for the /mnt dependency  fix :]
[12:32:00] <hashar>	 I am happy my crazy dependency hack ends up being acceptable \O/
[12:32:47] <Coren>	 It's not hackish, really, require => Mount['foo'] is perfectly legitimate.  The conditional is annoying, but temporary.
[12:33:05] <hashar>	 indeed :]
[12:33:15] <Coren>	 (There's a lot of "if $::site" crap we had to add for migration that we'll be able to clean up soon)
[12:34:02] <hashar>	 hopefully I will remember to clean it up later on 
[12:34:39] <hashar>	 also someone asked to add the package joe (a text editor) on tools labs dev_environ : https://gerrit.wikimedia.org/r/#/c/118595/
[12:46:30] <hashar>	 it never ends :-(
[12:46:43] <hashar>	 I could use a reboot of  deployment-upload.pmtpa.wmflabs   ( which is I-00000793.pmtpa.wmflabs  )
[12:46:50] <hashar>	 can't reboot it via wikitech
[12:46:56] <hashar>	 and can't ssh either
[13:13:16] <hoo>	 Coren: ping
[13:13:29] <Coren>	 Heyo
[13:13:52] <hoo>	 Coren: Have you saved the crontabs from the old tools login somewhere?
[13:14:38] <Coren>	 Yes, they're all still there, but it should have been copied over already.  Did you do the finish-migration?
[13:15:25] <hoo>	 Coren: I didn't migrate per hand... but I ran finish-migration
[13:15:37] <hoo>	 nothing
[13:15:49] <Coren>	 Allright, that should have restored your crontab.  What's your tool name?
[13:16:42] <hoo>	 Those crons were just running from my main account "hoo"
[13:16:44] <hoo>	 not a tool
[13:18:13] <Coren>	 Ah!
[13:18:25] <Coren>	 Those /weren't/ copied, because you shouldn't have been doing that.
[13:19:17] <Coren>	 I can copy them for you into a tool of your choosing.
[13:19:19] <hoo>	 Great... neat that *nobody* said that
[13:19:42] <hoo>	 copy them into the hoo tool...
[13:19:45] <Coren>	 Dude, it's rule number 1:  https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools/Rules
[13:20:07] <Coren>	 Sure thing.  I'll put them in a file though so as to not mess with your current crontab.
[13:20:29] <hoo>	 There shouldn't be any. that project is for webhosting only
[13:20:31] <hoo>	 well, it was
[13:21:30] <mutante|away>	 hashar: stay strong, say no to more editors:)
[13:22:04] <Coren>	 hoo: I just copied it into tools.hoo's crontab (commented out)
[13:22:13] <Coren>	 hoo: By the way, you know you can do things like:
[13:22:37] <Coren>	 0,30 18,19,20 * * * jsub xxxxx
[13:22:55] <Coren>	 To avoid having to repeat a line in the crontab for different hours?
[13:22:58] <Coren>	 Just FYI
[13:23:00] <rxy>	 Coren: Hi, I can't modify or rm in my ToolLabs project, because "/data/project/rxy/public_html" and others owner UID is wrong. Could you please fixing it?  detail -->  http://pastebin.com/Zet4ccAp
[13:23:35] <hoo>	 Coren: Yeah, I know... but it's just a lot of jobs (one for every WMF wiki basically)... that's why I grouped those into bash files and have these run every whatever or so
[13:23:44] <hoo>	 so each thing is only running once a day
[13:24:25] <Coren>	 rxy: {{fixed}}
[13:24:41] <rxy>	 Coren: Thank you! :)
[13:26:46] <hoo>	 Coren: could you please run chown -R tools.hoo:tools.hoo /data/project/hoo/
[13:28:35] <Coren>	 hoo: {{done}}
[13:28:42] <hoo>	 thx
[13:31:58] <hashar>	 mutante: hey :-]
[13:44:41] <andrewbogott>	 hashar: I just logged in to  deployment-upload.pmtpa.wmflabs, does that mean all is well now?
[13:44:54] <fluff>	 sorry, how did i reach the pmtpa host?
[13:45:31] <andrewbogott>	 fluff, could you be more specific?
[13:45:46] <fluff>	 can I ssh to the pmtpa host?
[13:46:00] <fluff>	 looking for the crontab for my user
[13:46:35] <andrewbogott>	 fluff: Ah, I see.  I don't know :)
[13:46:42] <hashar>	 andrewbogott: yup came back ~55 minutes
[13:46:43] <hashar>	 ago
[13:46:59] <hashar>	 andrewbogott: the wikitech reboot might have ended up working
[13:47:08] <andrewbogott>	 ok
[13:47:17] <hashar>	 andrewbogott: while you are around can we clone that instance as is from pmtpa to eqiad albeit with a different IP address ? 
[13:47:35] <andrewbogott>	 hashar:  Sure.  Stay tuned...
[13:47:40] <fluff>	 thought i saw something like tools-login.pmtpa.wmflabs.org
[13:47:44] <hashar>	 deployment-upload is a huge hack created back in July 2013 to emulate the production media server we have been using before Swift
[13:47:52] <hashar>	 it is not in puppet of course :-]
[13:48:18] <andrewbogott>	 hashar: migrating requres a shutdown of the tampa instance...
[13:48:36] <andrewbogott>	 wow, you've been busy!  Lots of eqiad instances :)
[13:48:42] <hashar>	 yeah :-]
[13:48:55] <andrewbogott>	 ok, here goes...
[13:49:07] <hashar>	 would you have time now to copy paste the instance ? 
[13:49:22] <hashar>	 I will need to keep the one in pmtpa though or upload will end up broken :D
[13:49:41] <hashar>	 but we can get face an outage of upload on beta for some time (not too long though)
[13:52:42] <andrewbogott>	 it's copying now.  After it finishes I can restart the tampa instance as well.
[13:59:15] <scfc_de>	 hoo: On eqiad, you should now be able to run sudo chown -R tools.$TOOL:tools.$TOOL /data/project/$TOOL as the tool account.
[14:00:40] <scfc_de>	 hoo: Corrections: For new tools; we still need to fix LDAP for the old ones.  *argl*
[14:02:25] <hoo>	 mh...
[14:02:42] <Coren>	 The help page could probably benefit from a few collapse boxes.
[14:04:06] <Coren>	 fluff: I've just send an email to labs-l with information about crontabs et. al.  Chances are, you only need to "finish-migration  your_tool" to get your crontabs back.
[14:04:14] <andrewbogott>	 hashar:  Ok, you should now have two running deployment-uploads.  Want to check my work?
[14:04:21] <hashar>	 andrewbogott: you are awesome
[14:04:25] <Coren>	 (But the entries will be commented out by default)
[14:04:47] <Coren>	 hashar: He is, but we have to few of him.  :-)
[14:04:50] <hashar>	 andrewbogott:  the pmtpa one rebooted properly and I am logged on the eqiad one.  You are saving me a loooooot of time
[14:05:21] <hashar>	 for op in [coren,andrewboggot]: op.clone(name="random()")
[14:05:28] <hashar>	 ops.update(op)
[14:05:34] <andrewbogott>	 hashar:  Migrated instances throw some puppet errors due to an inability to mount some of Coren's fancy new shared volumes.  I don't know offhand how to fix but it should be easy (if you care)
[14:06:01] <hashar>	 I would need /data/project I guess I can figure it out
[14:06:12] <andrewbogott>	 that one works
[14:06:20] <andrewbogott>	 it's just new stuff like /scratch
[14:07:15] <Coren>	 andrewbogott: I'm working on the "first mount too fast" issue right now; I'm going to try a couple of ideas to force serialization.
[14:07:26] <andrewbogott>	 Coren:  thank you!
[14:07:33] <andrewbogott>	 Is it a race with manage-nfs-volumes?
[14:09:10] <fluff>	 Coren: yeah, i was looking for my users crontab, the tool's crontab are ok
[14:11:26] <Coren>	 andrewbogott: Basically.  If the mount happens before manage-nfs-volumes updated the exports, the NFS server caches the lack of access for ages.
[14:11:56] <andrewbogott>	 So, could be ameliorated (sp?) by reducing the refresh time...
[14:12:04] <Coren>	 fluff: User crontabs weren't copied over.  Mostly because you shouldn't /have/ user crontabs at all in the first place.  :-)
[14:12:06] <andrewbogott>	 Well, that's not a proper fix of course :)
[14:12:15] <hashar>	 andrewbogott: and I need the eqiad upload instances to be configured in the puppet lvs service_ip . I am not sure what is the process to get that conf updated though since it might impact production (thought he lvs config hash is namespaced with $::realm it should be a noop).  Pathc is https://gerrit.wikimedia.org/r/#/c/119478/
[14:14:10] * Coren  goes afk for a little bit.

[14:14:33] <fluff>	 Coren: Yeah, I know, so it's lost?
[14:14:33] <andrewbogott>	 hashar, I… cannot predict what that will do :)  You could mark it as labs only.
[14:16:01] <Coren>	 fluff: I'll make you a copy after lunch.  For use in a tool only.  :-)
[14:16:19] <fluff>	 Coren: Alright, I'll move my files meanwhile
[14:16:23] <fluff>	 Coren: Thanks
[14:17:20] <hashar>	 andrewbogott: would attempt to get Faidon/Mark to merge it in :]
[14:17:36] <hashar>	 the eqiad upload instance indeed complains about /data/scratch
[14:18:51] <hashar>	 http://paste.openstack.org/show/73826/  Permission denied - /data/scratch :D
[14:25:57] <hashar>	 is pmtpa labs infrastructure being shutdown on March 31st ? 
[14:29:44] <Crazy1880>	 Moin Moin zusammen, ich bekomme bei http://tools.wmflabs.org immer "Internal error".
[14:34:10] <mutante>	 Crazy1880: meinst du wirklich die Startseite oder ein bestimmtes Tool>
[14:35:32] <Crazy1880>	 Nein, nicht die Startseite, sorry. Tools, Koordinaten, Wikidata ToDo http://tools.wmflabs.org/wikidata-todo oder https://tools.wmflabs.org/geohack/geohack.php?pagename=Remlingen_(Niedersachsen)&language=de&params=52.116666666667_N_10.666666666667_E_region:DE-NI_type:city(1822)
[14:36:22] <mutante>	 Crazy1880: dir ist bekannt dass Tools gerade im Umzug ist zu einem neuen Rechenzentrum?
[14:37:00] <Crazy1880>	 Hatte man an mich herangetragen, aber den konkreten Zeitplan konnte mir keiner nennen.
[14:37:00] <mutante>	 also je nach Tool, ist es noch nicht migriert oder der maintainer muss mal schauen ob alles gestartet ist
[14:37:14] <mutante>	 nun ja, seit Montag so richtig
[14:37:42] <Crazy1880>	 Okai, dann weis ich Bescheid. Wollte da nur sicher gehen. Vielen Dank
[14:37:46] <andrewbogott>	 hashar:  Yes, or shortly thereafter.
[14:38:02] <mutante>	 Crazy1880: Weisst du wer dieses Tool normalerweise betreut?
[14:38:46] <Crazy1880>	 Bei den Koordinaten leider nicht, weil es ja jede Sprache betrifft. Bei den anderen Tools ist es Magnus'
[14:40:48] <mutante>	 Crazy1880: sieht so aus als wenn da jemand nur den Webserver starten muss, ich frag mal
[14:40:59] <mutante>	 is it easy for you guys to just start the webserver on 
[14:41:02] <mutante>	 http://tools.wmflabs.org/wikidata-todo
[14:41:12] <hoo>	 mutante: That tools is still copying over
[14:41:22] <hoo>	 according to a mail earlier today
[14:41:24] <mutante>	 Crazy1880: what Hoo said
[14:41:36] <Crazy1880>	 Yes, thanks.
[14:41:43] <mutante>	 :)
[14:44:10] <Crazy1880>	 Thanks and have a nice day.
[14:47:08] <dan-nl>	 !log glam released ip, 208.80.153.148, and domain name, gwtoolset.wmflabs.org, from i-00000962.pmtpa.wmflabs
[14:47:54] <labs-morebots>	 Logged the message, Master
[14:48:24] <dan-nl>	 !log glam started i-000001af.eqiad.wmflabs
[14:48:26] <labs-morebots>	 Logged the message, Master
[14:51:44] <dan-nl>	 !log glam created web proxy for i-000001af.eqiad.wmflabs. Successfully added gwtoolset entry for IP address 208.80.155.156. Successfully created new proxy gwtoolset.wmflabs.org for backend gwtoolset.eqiad.wmflabs:80.
[14:51:46] <labs-morebots>	 Logged the message, Master
[15:23:59] <a930913>	 Anyone who intercept the new ssh key, could surely intercept or change the wiki page?
[15:26:48] <scfc_de>	 Yes, but the history should show who changed that.  I'm going to protect the pages anyhow.
[15:28:44] <a930913>	 scfc_de: The main point about interception still stands.
[15:29:03] <a930913>	 If we're screwed, we're screwed.
[15:29:52] <scfc_de>	 a930913: Oh, you mean someone intercepts the user accessing the wiki page?  Yes, then the user is screwed.
[15:30:09] <scfc_de>	 Well, no, https would require a valid certificate.
[15:32:15] <andrewbogott>	 Coren, call?
[15:34:43] <dan-nl>	 hey tgr or bd808, if either of you have time this week. would you be able to review https://gerrit.wikimedia.org/r/#/c/119467/ ?
[15:35:04] * bd808  hides from dan-nl :)

[15:35:09] <bd808>	 I'll take a look
[15:35:21] <dan-nl>	 :)
[15:35:26] <dan-nl>	 thanks!
[15:41:14] <dan-nl>	 anyone happen to know how to add a host entry to bastion so that it knows about eqiad.wmflabs? i tried ssh gwtoolset.eqiad.wmflabs, but the host is unknown. had to ssh to the instance ip in order to get there
[15:44:28] <andrewbogott>	 dan-nl:  I tried to contact you yesterday about this.
[15:44:33] <andrewbogott>	 I take it you are not subscribed to labs-l?
[15:46:18] <hashar>	 bd808: good morning! I restarted logstash1.eqiad.wmflabs a few minutes ago, it is stalled still :-]  Also did a puppet tweak to have udp2log on beta to send its log to the eqiad instance  https://gerrit.wikimedia.org/r/119493 :]
[15:46:32] <hashar>	 bd808: and figured out the salt/puppetmaster you have setup on beta. It is nice!
[15:47:20] <bd808>	 hashar: It's stalled? Like not getting new log data recorded? Or something else?
[15:47:46] <hashar>	 bd808: na the instance itself is stalled. Waiting for it to reboot
[15:48:07] * bd808  logged in

[15:49:26] <hashar>	 !log deployment-prep deleted local user l10nupdate on deployment-bastion. It is in ldap now.
[15:49:27] <dan-nl>	 hey andrewbogott, yes, thanks for posting to my user page … as far as i understand it ii have things configured properly now using the eqiad instance you created for us
[15:49:29] <labs-morebots>	 Logged the message, Master
[15:49:46] <andrewbogott>	 dan-nl:  if you are not subscribed to labs-l, please do so right now
[15:49:52] <hashar>	  ssh logstash1.eqiad.wmflabs
[15:49:52] <hashar>	 channel 0: open failed: administratively prohibited: open failed
[15:49:52] <hashar>	 ssh_exchange_identification: Connection closed by remote host
[15:49:52] <hashar>	 :(
[15:49:53] <dan-nl>	 k, i will
[15:50:18] <hashar>	 !log deployment-prep fixed upd2log-mw daemon not starting on eqiad bastion ( /var/log/udp2log belonged to wrong UID/GID)
[15:50:20] <labs-morebots>	 Logged the message, Master
[15:50:21] <andrewbogott>	 dan-nl:  Also, you'll want to rearrange this page to indicate that your project is 'migrated' rather than 'mothballed' https://wikitech.wikimedia.org/wiki/Labs_Eqiad_Migration/Progress
[15:50:40] <andrewbogott>	 dan-nl:  You can't ssh to your instance because the firewall rule only permits access from tampa.  I'll fix that right now.
[15:52:01] <hashar>	 bd808: I was using the wrong hostname :]
[15:52:22] <bd808>	 hashar: ha. That's happened to me more than once.
[15:52:38] * bd808  sees the missing deployment-

[15:53:39] <bd808>	 hashar: I think it's all setup and ready for the udp2log feed. I was going to work on that this morning, but it looks like you are on it.
[15:53:55] <hashar>	 bd808: na just fixed udp2log-mw on the bastion :]
[15:54:00] <hashar>	 bd808: I havent looked at logstash.
[15:54:27] <andrewbogott>	 dan-nl:  OK, I've done some tune-up, the instance should be mostly OK now.
[15:54:37] <bd808>	 Ok. I'll see what that needs. I should be easy once you have logs showing up on the new bastion.
[15:55:36] <hashar>	 puppet change https://gerrit.wikimedia.org/r/119493 would point udp2log to the proper logstash instance :D
[15:55:54] <hashar>	 I harassed ops too much today, I think I have no more karma left to get that change merged in *grin*
[15:56:31] <bd808>	 Lets cherry pick it to the local puppetmaster and go from there :)
[15:56:39] <bd808>	 That's why we have it
[15:56:48] <hashar>	 ahh
[15:56:55] <bd808>	 I can start setting more of the hosts up to use it
[15:57:00] <hashar>	 now I understand what "Senior" means in your job title hehe
[15:57:28] <dan-nl>	 andrewbogott: thanks, added myself to the labs-l list and updated https://wikitech.wikimedia.org/wiki/Labs_Eqiad_Migration/Progress
[15:57:28] <bd808>	 senior == go around obstacles :)
[15:57:34] <hashar>	 I kind of hate the manual setup but I am not sure how we could point to our puppetmaster by default
[15:57:40] <hashar>	 probably use realm.pp or base
[15:57:45] <andrewbogott>	 dan-nl: thanks
[15:58:38] <hashar>	 bd808: also there is no traffic on the eqiad bastion cluster, so udp2log is probably doing nothing at all
[15:59:50] <bd808>	 I'll see if I can get something just to prove it works.
[16:00:08] <bd808>	 I'll start with manually switching the puppet/salt config and go from therem
[16:00:11] <bd808>	 *there
[16:00:27] <mutante>	 bd808: that changes is merged
[16:00:32] <mutante>	 re: logging
[16:00:42] <bd808>	 thanks mutante 
[16:04:25] <hashar>	 -pipe 1 /usr/bin/log2udp -h logstash.pmtpa.wmflabs -p 8324
[16:04:25] <hashar>	 +pipe 1 /usr/bin/log2udp -h deployment-logstash1.eqiad.wmflabs -p 8324
[16:04:25] <hashar>	 \O/
[16:04:38] <hashar>	 there is still deployment-fluoride.pmtpa.wmflabs  will have to figure it out
[16:06:54] <dan-nl>	 andrewbogott: anything else i should look at or does all seem well? only thing i noticed that seemed like it might be an issue is that the image id is ubuntu-12.04-precise (deprecated 12-16-2013)
[16:07:23] <andrewbogott>	 dan-nl: no need to worry about the image type -- that's just how we keep track of which is the very latest.
[16:07:35] <andrewbogott>	 If you're happy with the web service you're getting then I think you're done.
[16:07:51] <dan-nl>	 cool, excellent. thanks for your patience and help!
[16:07:56] <andrewbogott>	 dan-nl: if you had files in /home or /data/project that you care about… they are probably stashed in the 'glustercopy' subdir.
[16:08:05] <hashar>	 easy enough
[16:08:38] <dan-nl>	 no files were stored there so we should be all set
[16:12:13] <dan-nl>	 andrewbogott: sorry to bother … it looks like i can't ssh into the instance anymore
[16:12:15] <dan-nl>	 ssh -A gwtoolset.eqiad.wmflabs
[16:12:15] <dan-nl>	 ssh: Could not resolve hostname gwtoolset.eqiad.wmflabs: Name or service not known
[16:12:46] <dan-nl>	 and ssh 10.68.16.160 yields If you are having access problems, please see: https://wikitech.wikimedia.org/wiki/Access#Accessing_public_and_private_instances
[16:12:47] <dan-nl>	 Permission denied (publickey).
[16:15:26] <hashar>	 !log deployment-prep Applying role::logging::mediawiki::errors on deployment-fluoride.eqiad.wmflabs . It is not receiving anything yet though.
[16:15:28] <labs-morebots>	 Logged the message, Master
[16:18:07] <dan-nl>	 andrewbogott: was able to ssh into the instance about an hour ago without issue ...
[16:18:17] <andrewbogott>	 dan-nl, let me check
[16:18:57] <andrewbogott>	 dan-nl:  It… works for me?
[16:19:19] <andrewbogott>	 From where are you running that ssh -A command?
[16:20:06] <dan-nl>	 in terminal
[16:20:12] <dan-nl>	 ssh dan-nl@bastion.wmflabs.org -A
[16:20:19] <andrewbogott>	 your local system
[16:20:24] <andrewbogott>	 you have proxycommand set up and such?
[16:20:26] <dan-nl>	 then from dan-nl@bastion1:~$ ssh gwtoolset.eqiad.wmflabs
[16:20:32] <andrewbogott>	 oh, I see.
[16:20:37] <andrewbogott>	 ok, let me try it that way
[16:20:48] <mutante>	 you only need 1 of those options, ProxyCommand ..OR .. use -A to forward agent.. Proxy is better
[16:21:07] <dan-nl>	 unfortunately i don't have the proxy command available
[16:21:46] <andrewbogott>	 dan-nl: it works for me from tampa bastion as well :/
[16:22:20] <dan-nl>	 with pmta i ran the above with the second ssh being ssh gwtoolset.pmta.wmflabs 
[16:22:25] <dan-nl>	 hmm
[16:22:51] <andrewbogott>	 can you ping it?
[16:23:30] <dan-nl>	 very odd, now it works
[16:23:38] <andrewbogott>	 dan-nl, wait, just a second ago you said 'gwtoolset.pmta.wmflabs' which /definitely/ won't work
[16:23:43] <mutante>	 dan-nl: did it show you the MOTD but then disconnect you again?
[16:23:57] <mutante>	 a line about failing to create a /home dir maybe?
[16:24:15] <andrewbogott>	 mutante: no, he said it was a resolution failure
[16:24:24] <mutante>	 ah, intermittent DNS issue?
[16:24:44] <dan-nl>	 very strange, will try again
[16:25:21] <dan-nl>	 all is well, guess it's as mutante said, an intermittent DNS issue
[16:25:28] <dan-nl>	 thanks both
[16:26:03] <dan-nl>	 off to an appointment ...
[16:30:57] <hashar>	 !log deployment-prep Varnish caches in eqiad are failing puppet because there is no /dev/vdb. Will figure it out tomorrow :-]
[16:30:59] <labs-morebots>	 Logged the message, Master
[16:32:41] <hashar>	 bd808: I am disappearing for today :D
[16:33:22] <bd808>	 hashar: Bye. I know how to fix the /dev/vdb bit. It needs new puppet code
[16:33:32] <hashar>	 yup
[16:33:38] <bd808>	 Or actually andrewbogott may have made a role for it last night
[16:33:47] <hashar>	 bd808: andrew wrote a role class to mount a lvm
[16:33:57] * bd808  nods

[16:34:09] <hashar>	 also mark proposed to use XFS on the labs instane to match production
[16:34:15] <hashar>	 the pmtpa ones are using ext3 iirc
[16:34:17] <andrewbogott>	 yeah, there should be a checkbox on your labs configure page somethingsomethingmnt
[16:34:39] <hashar>	 https://gerrit.wikimedia.org/r/#/c/119483/ :-]
[16:34:47] <hashar>	 role::labs::lvm::mnt
[16:34:51] <bd808>	 hashar: I'm going to work on migrating all the eqiad nodes to our puppetmaster. I'll log to sal as they are done
[16:34:54] <hashar>	 thought that mount the lvm on /mnt
[16:35:04] <hashar>	 varnish might be using /srv/vdb
[16:35:13] <hashar>	 awesome!
[16:35:26] <hashar>	 would the puppetmaster point to itself as well?
[16:35:26] <bd808>	 It would be easy to update the role to change the mount point
[16:35:36] <bd808>	 somebody should file a bug :)
[16:35:43] <Arnaugir>	 hi! do you know how to disable cron emails? since yesterday I'm receiving a mail every time my cron tasks run every hour...
[16:35:48] <bd808>	 hashar: Yes it points to itself
[16:36:01] <hashar>	 great
[16:36:13] <hashar>	 I have applied the role class on all varnishes
[16:36:23] <mutante>	 Arnaugir: append to your cron command line:  > /dev/null 2>&1
[16:36:26] <hashar>	 all are failing cause of /dev/vdb beside the bits one
[16:36:36] <bd808>	 hashar: And I'll setup the salt master link too so we can `salt '*' cmd.run 'something'`
[16:36:46] <Arnaugir>	 thanks mlitn
[16:36:50] <Arnaugir>	 mutante *
[16:37:19] <hashar>	 bd808: so we can salt apt-get dist-upgrade \O/
[16:37:28] <bd808>	 yup!
[16:37:39] <bd808>	 And salt apache restart
[16:38:08] <mutante>	 wait
[16:38:16] <mutante>	 if you do salt * apt-get dist-upgrade
[16:38:23] <mutante>	 you'll likely kill the service
[16:38:42] <bd808>	 mutante: yeah I'm not sure about that one
[16:38:45] <hashar>	 dieing for now, see you all tomorrow!
[16:39:01] <bd808>	 but apache restart across beta with one command will be sweet
[16:39:04] <mutante>	 cya hashar 
[16:39:11] * bd808  waves to hashar 

[16:39:25] <mutante>	 bd808: apache-graceful-all = bad?
[16:39:51] <bd808>	 mutante: It requires ssh-agent forwarding
[16:39:58] <mutante>	 it does sanity checks and stuff
[16:40:04] <mutante>	 i see
[16:40:27] <mutante>	 we should replace it in prod
[16:40:31] <mutante>	 with salt then
[16:40:36] <mutante>	 and move it away from fenari
[16:40:37] <mutante>	 cough
[16:40:41] <bd808>	 yeah that would be nice
[16:40:56] <bd808>	 soooo many things to fix up a bit
[16:41:00] <mutante>	 are you aware of apache-fast-test?
[16:41:11] <mutante>	 because if you really want to get to the point
[16:41:18] <mutante>	 where apache config changes can be tested on labs
[16:41:34] <mutante>	 that would be awesome.. but it also shouldn't be too different from prod or it's not a real test i suppose
[16:42:51] <bd808>	 I/we want to get to the point that beta is a "real" test of prod code and config changes. It's going to take a while but I think we can get there.
[16:43:20] <bd808>	 I shudder to write out the list of things that need to happen at this point :)
[16:44:12] <mutante>	 yes please, i know it's a lot but it was the whole point of making labs on the other hand, wasnt it
[16:44:24] * bd808  nods

[16:46:08] <Earwig>	 Coren: hi again, sorry - despite running finish-migration, I still don't see any dbs on tools-db for my tools (one on the replicas was fine and I could access it, but that's all)
[16:49:01] <bd808>	 !log deployment-prep Converted deployment-apache01 to use local puppet & salt masters
[16:49:03] <labs-morebots>	 Logged the message, Master
[16:49:34] <Cyberpower678>	 Coren, is there a set webserver limit?
[16:57:08] <Cyberpower678>	 Coren, ping
[17:00:40] <bd808>	 !log deployment-prep Converted deployment-apache02 to use local puppet & salt masters
[17:00:42] <labs-morebots>	 Logged the message, Master
[17:22:03] <bd808>	 !log deployment-prep Converted deployment-cache-bits01 to use local puppet & salt masters; puppet:///volatile/GeoIP not found on deployment-salt puppetmaster
[17:22:05] <labs-morebots>	 Logged the message, Master
[17:22:33] <Coren>	 I'm back; sorry.  Short lunch took a bit longer.
[17:22:51] <Coren>	 Earwig|away: What tool is that?
[17:37:37] <Cyberpower678>	 Coren, ping
[17:37:46] <Coren>	 Poing
[17:40:23] <Cyberpower678>	 Coren, Do the webservers have a set max memory limit for each tool?
[17:41:03] <Coren>	 Yes, albeit I don't think anyone hit /that/ yet (it's fairly generous since everyone is running the same executable so overcommit is mostly safe).
[17:42:04] <Cyberpower678>	 Coren, what is it, because I successfully performed and ini_set('memory_limit', '-1' );
[17:42:49] <Cyberpower678>	 And it returned -1.
[17:42:54] <Coren>	 Cyberpower678: It's enforced by the grid itself; your lighttpd won't let you break the bank.
[17:43:22] <Coren>	 Cyberpower678: But I would recommend you limit your PHP itself though, so that you don't hit the grid limit because that just kills your process.
[17:44:38] <Cyberpower678>	 Coren, I've designed my new tool to work within the limits, provided it's given the correct limit.  The more memory, the more edits it can handle, but it does stop itself if it knows what the limit is.
[17:45:26] <Cyberpower678>	 Coren, so how much memory can I use before I hit the grid limit? :-)
[17:45:27] <Coren>	 I'd recommend keeping your php usage to ~500M or so if you want to play it safe
[17:45:55] <Coren>	 The grid works with vmem, so it's not 1:1 with actual PHP memory; but you can expect to near the wall around 1G
[17:46:39] <Coren>	 (Also, 1G is a really big chunk of a shared resource.  The usual "use as little as you need to play nice" idea always apply)
[17:46:45] <Cyberpower678>	 Coren, awesome.  I've set the tool to 900M then.  The tool already provides a margin of safety.
[17:51:08] <bd808>	 !log deployment-prep Converted deployment-eventlogging02 to use local puppet & salt masters
[17:51:11] <labs-morebots>	 Logged the message, Master
[17:58:09] <bd808>	 !log deployment-prep Converted deployment-parsoid04 to use local puppet & salt masters
[17:58:11] <labs-morebots>	 Logged the message, Master
[18:47:06] <milimetric>	 hey guys
[18:47:11] <milimetric>	 and gals
[18:47:18] <milimetric>	 on a new instance in labs, I get this:
[18:47:19] <milimetric>	 Creating directory '/home/milimetric'.
[18:47:19] <milimetric>	 Unable to create and initialize directory '/home/milimetric'.
[18:47:29] <milimetric>	 (it's in eqiad, the instance is reportcard1)
[18:48:08] <hedonil>	 milimetric: you are late to the party ;)
[18:48:20] <milimetric>	 :) oh no! fashionably late?
[18:48:26] <mutante>	 milimetric: reboot instance a couple times
[18:48:28] <milimetric>	 or like, cleanup crew late
[18:48:29] <bd808>	 milimetric: There are intermittent problems with nfs permissions caching. Either a) wait aobut 15 minutes and it usually clears up or b) reboot and hope you win the race
[18:48:29] <mutante>	 no kidding:)
[18:48:35] <milimetric>	 oh ok, cool
[18:48:46] <milimetric>	 thanks mutante / bd808 / hedonil
[18:53:33] <hedonil>	 milimetric: mutante: bd808: once there was a saying: Windows reboot, Linux be root.  Pepperidge farms remembers :P
[18:55:41] * hedonil  assumes that Coren is silently preparing the next migration to: ... Windows 9

[18:57:15] <Coren>	 ... how about no?  :-)
[18:57:23] <YuviPanda>	 yeah, 8.1 is where it is at
[18:57:31] <hedonil>	 Coren: hehe
[18:57:56] <milimetric>	 Windows 2003 Enterprise Server dudes, last good operating system ever
[18:58:04] <Coren>	 And yes, right now I'm working on testing some solutions to that issue with the NFS thing and cached ACLs
[18:58:09] <hedonil>	 milimetric: yeah!
[18:58:43] <Coren>	 milimetric: Hmph.  If you're going to be using VMS, you might as well use the real thing and not the cheap half-assed reimplementation.
[18:59:00] <YuviPanda>	 hehe
[18:59:28] * YuviPanda  migrates everyone to SysV

[18:59:32] <hedonil>	 Coren: I feel a kinfd of compassion with Earwig|away: His only tool is earwigbot and he's missing his database so badly
[19:00:48] <Betacommand>	 Coren: oddball question, is there a way to submit a jsub and only have it run if the if the previous request was at least X ago?
[19:02:19] <Coren>	 Betacommand: Huh.  You know, I don't think there is.  What I'd probably do is stuff a timestamp in a file and check that first thing.
[19:02:58] <Coren>	 hedonil: I don't see a database for his tool at all in the first place.
[19:03:08] * Coren  checks for early-style databases.

[19:03:13] <Betacommand>	 Coren: was trying to avoid that due to how unreliable it is
[19:03:22] <hedonil>	 Betacommand: or you can query done jobs with $qacct -j <jobname>
[19:04:31] <Coren>	 Betacommand: Unreliable how?  If you 'date +%s >sometimestamp' then you can just 'if [ $[$(cat sometimestamp)" + many_seconds] -gt $(date +%s) ]' or somesuch.
[19:04:47] <Coren>	 Without the stray "
[19:05:21] <Betacommand>	 Coren: you forget who you are talking to, I discover all the new bugs
[19:05:58] <Coren>	 Betacommand: I'm pretty sure that 'date', 'if' and 'bash' are fairly well debugged.  :-)
[19:06:31] <Betacommand>	 Coren: what about issues between webservers, filesystem, and exct nodes?
[19:06:44] <Coren>	 hedonil: qacct works, but is horribly slow.  The accounting file is flat.
[19:07:03] <Coren>	 Betacommand: That wouldn't be an issue so long as the timestamp file is in /data/project
[19:07:38] <Betacommand>	 Coren: .... I find all the bugs, even the ones that shouldnt exist
[19:08:11] <valhallasw>	 Betacommand: still, the 'date' method has the least amount of obvious bugs
[19:08:15] <Coren>	 hedonil: I don't know what database earwig things he has in pmtpa, but I certainly can't find any in tools-db at least.
[19:08:23] <valhallasw>	 I mean, if a method has obvious issues, then you'll clearly find some more.
[19:09:00] <hedonil>	 Coren: ptiy for earwig
[19:10:27] <hedonil>	 Coren: talking about bugs: the myterious trailing / thing has a new variant. 
[19:10:31] <hedonil>	 works with https https://tools.wmflabs.org/tools-info
[19:11:00] <hedonil>	 still fails with http   http://tools.wmflabs.org/tools-info
[19:11:51] <hedonil>	 just saying ... ;)
[19:13:34] <Coren>	 hedonil: Hm.  Waitaminit.  He does have one, but it /has/ been migrated.
[19:13:42] <Coren>	 MariaDB [(none)]> show databases like 's51329%';
[19:13:42] <Coren>	 +----------------------+
[19:13:42] <Coren>	 | Database (s51329%)   |
[19:13:42] <Coren>	 +----------------------+
[19:13:43] <Coren>	 | s51329__drn_clerkbot |
[19:13:44] <Coren>	 +----------------------+
[19:13:45] <Coren>	 1 row in set (0.00 sec)
[19:14:08] <hedonil>	 Coren: I'm sure this will make him happy
[19:14:41] <Coren>	 hedonil: Oh, and no; nothing mysterious about this -- that's on my todo list but I haven't  gotten to it yet.
[19:14:53] <Coren>	 hedonil: Unless he's talking about some other database.
[19:15:32] <hedonil>	 Coren: Where's your list? Can we add something to it?  ;)
[19:15:37] <milimetric>	 hm, guys I'm still getting the same error trying to login to my new box, I tried rebooting several times and waiting 15 minutes in between logins / reboots
[19:17:56] * Damianz  grumbles about people making pointless changes that cause more confusion and work while misunderstanding their impact

[19:18:43] <Coren>	 hedonil: Bet bet: open a bugzilla.
[19:19:05] <hedonil>	 Coren: hehe
[19:19:32] <Coren>	 milimetric: The problem is, if you try again too soon you sometimes refresh the cache entry.  I haven't found a specific pattern yet; I'm currently working on it not happening in the first place.
[19:19:38] * hedonil  remebers the 'stream of con

[19:19:44] <hedonil>	 f*ck
[19:19:51] <Coren>	 Damianz: What pointless change?
[19:20:19] <Coren>	 milimetric: What instance and project is this?
[19:20:32] <Damianz>	 Coren: Users getting wiki admins to change urls to be proto-relevant because tools happens to have an ssl cert (while ignoring ALL the issues relating to doing that).
[19:20:49] <milimetric>	 Coren: reportcard1.eqiad in the reportcard project
[19:21:51] <Coren>	 Damianz: Well, it's not necessarily /pointless/, but it can be unnecessary and there can be side effects for sure.  But I think that 'SSL by default' is becoming a mantra.
[19:23:30] <Damianz>	 When it breaks things, to access data that is entirly open while ignoring bigger issues like moving from passwords to oauth it's pointless.... and ssl by default isn't secure necessary, just means 'look for the padlock' becomes the norm and people dummer
[19:24:16] * Damianz  will fix it in about a week when he has about 30 messages asking him why the page is broken, but has time

[19:25:15] <Coren>	 Damianz: There are privacy concerns some people feel are important even when the data they access is open, mind you; such as even knowing /whether/ you've looked at it.  But yeah, the change itself can be annoying.
[19:28:13] <Damianz>	 SSL doesn't really help with privacy - if I'm close enough to sniff your requests, then I can still tell what your traffic patterns are and profile you. If you give me your data, expect no privacy should be the mantra imo... 
[19:28:24] <Damianz>	 Though I'm one of the people who think wiki user data should be more open and the arguments about 'oh the datas there but people might get upset if we use it for reports and dashboards' is total bs
[19:40:34] <milimetric>	 Damianz: I tend to be like you - not care if people use my data.  But what Coren is saying is not bs, it's a fact rooted in reality.  Some people actually have actively expressed to us (the analytics team) that if *any* data about them is used in analysis, they would like to opt-in to that analysis.  Even if said data is aggregated and anonymized, mind you.  Some people are really concerned about privacy.  And I think since that data 
[19:40:34] <milimetric>	 belongs to them, they have the right to have whatever opinion they wish about it.
[19:41:50] <milimetric>	 Coren: hm, I give up for now to try and migrate this reportcard instance.  When is the absolute drop dead deadline when it will be killed completely?
[19:42:00] <milimetric>	 I can set it up a different way for now, if needed
[19:42:13] <Damianz>	 If the data is open then I don't agree with opt in - if the accept the terms of use and those terms ditict the data is open and I write apps against terms that say I can use it then why opt in? If the data isn't open, then yes, opt in
[19:42:29] <Coren>	 milimetric: Ostensibly, pmtpa gets turned off end of April.
[19:42:37] <milimetric>	 ok, so then there's time
[19:42:38] <Damianz>	 By not opting in, they end up being the anomoly anyway... or potentially anyway
[19:42:45] <Coren>	 milimetric: But give me a minute.
[19:42:45] <milimetric>	 I'll let you figure out what's up with that issue and check back tomorrow
[19:42:53] <milimetric>	 no pressure Coren, thanks very much
[19:43:19] <milimetric>	 Damianz: the terms of use are pretty complicated, but they don't say what I think you think they say :)
[19:43:55] <milimetric>	 more importantly than that, our editor community is relatively fragile compared to other projects (like facebook, stackoverflow, etc.)
[19:43:55] <Damianz>	 Well yes... all documents like that don't actually say, what they say... but that's another argument
[19:44:17] <milimetric>	 so doing things that actively piss off a fragile community is bad
[19:44:30] <Damianz>	 The editing community is alarming fragile and small and not good for the furture really
[19:44:45] <Damianz>	 Though wiki is open to anyway, don't login and use tor :D
[19:45:06] <Damianz>	 I see your point, but I don't see why people care so much... makes no sense to me at all.
[19:45:24] <milimetric>	 i agree
[19:45:24] <milimetric>	 this makes 0 sense to me
[19:45:30] <milimetric>	 and I come from communist romania, you'd think I'd be the one to care about privacy
[19:46:00] <milimetric>	 but to me, a reasonable amount of control over my data is perfectly fine.  To others, it's not, and I can respect that even if it totally blows my mind :)
[19:46:41] <Coren>	 FWIW, Damianz, my own position is that editing a wiki is an inherently public activity; and I'm the one at the Foundation who coordinated the 'no-opt-in-requirement' position.  Take from that what you want.  :-)
[19:47:18] <milimetric>	 yeah, opt-in kills any analysis you try to do, it biases the results beyond repair
[19:47:41] <milimetric>	 we've been trying to think out of the box on this - like opt-in if you have cookies disabled, opt-out otherwise
[19:47:56] <milimetric>	 (this is in the context of eventlogging tracking)
[19:48:06] <milimetric>	 and we're still trying to figure out the right approach
[19:48:29] <milimetric>	 but arguably, we need some of this data and to analyze it in order to improve the health / size of the community, so it's a bit of a catch 22
[19:48:35] <Damianz>	 I'd be willing, under a lot of circumstances to extend editing a wiki is public to be no opt out... especially in this context, since the entire IDEA is being open
[19:49:22] <milimetric>	 open knowledge is not the same as open "tracking one's usage and contributions to open knowledge"
[19:49:23] <hashar>	 and reeuu
[19:49:26] <milimetric>	 but to me - it is
[19:49:28] <mutante>	 maybe people would care less if they could edit anonymously (TOR discussion, cough)
[19:50:30] <YuviPanda>	 milimetric: you're agreeing to CC BY SA, doesn't the 'BY' say something about that?
[19:50:37] <Damianz>	 open knowledge without contributing to open knowledge though anylitics to make knowledge better and more open makes no sense to me, once again :)
[19:51:14] <fluff>	 Coren: did you have a chance to look at my crontab?
[19:51:26] <fluff>	 don't know which timezone you're in :)
[19:52:19] <Damianz>	 est
[19:52:55] <Coren>	 fluff: Not yet, I'm in the middle of trying to track another issue down.
[19:54:13] <fluff>	 Coren: no worries
[19:54:22] <fluff>	 and good hunt
[19:55:49] <Cyberpower678>	 Coren, ping
[19:55:54] <Coren>	 Ah-HA!
[19:56:03] <Coren>	 milimetric: I think I found a workaround.
[19:56:03] <Cyberpower678>	 :O
[19:56:17] <Cyberpower678>	 :p
[19:56:21] <Cyberpower678>	 Coren, can you do me a favor?
[19:56:22] <Coren>	 milimetric: Your instance, at least, should work.
[19:56:25] <Coren>	 Cyberpower678: What?
[19:56:48] <Cyberpower678>	 Coren, can you look what's clogging xtools?
[19:57:03] <Cyberpower678>	 I tried restarting the webserver, but no effect.
[19:57:20] <milimetric>	 woo! it does, thanks Coren.  Does the workaround prevent me from making this a self-hosted puppetmaster?
[19:57:48] <Coren>	 milimetric: No; it's one-time and on the server.
[19:57:56] <milimetric>	 cool, thx
[19:58:52] <Coren>	 Cyberpower678: I really don't have the time to do individual tool debugging right now, sorry.  I'll try to give you a hand next time I've a little free time but, honestly, this week isn't very likely.  I'm sure others could help though.
[19:59:08] <Cyberpower678>	 scfc_de, ^
[19:59:21] <Sanyi4>	 hi! im having problems with winscp access. could anybody help?
[20:00:37] <CP678>	 Stupid internet connection.
[20:03:22] <hedonil>	 Sanyi4: shoot! what's the problem
[20:03:46] <CP678>	 hedonil, can you look into xtools' webserver clog?
[20:04:27] <hedonil>	 hedonil: no. unfortunately not.
[20:07:21] <Sanyi4>	 hedonil: im doing it the first time. host is tools-login.wmflabs.org, user is my username on wikitech, sanyi4. i set up the keys, properly, im hoping. 
[20:08:41] <hedonil>	 Sanyi4: did you succeed logging in with plain PuTTy?
[20:09:11] <Cyberpower678>	 hedonil, can you look into xtools' webserver clog?
[20:09:40] <hedonil>	 Cyberpower678: I can have a look into yout huge access-log, yes
[20:10:48] <CP678>	 hedonil, I mean can you reset xtools' webserver so it 's no longer clogged?
[20:11:15] <hedonil>	 Cyberpower678: : no, sorry.
[20:11:21] <Cyberpower678>	 :(
[20:14:14] <Sanyi4>	 hedonil: oh, i tried it one more time, and it seems to be functioning. im in my folder now. but how can i upload a tool and access it on the web? i dont have a clue.
[20:14:21] <hedonil>	 Cyberpower678: it seems the 'articleinfo' part of xtools is being spidered
[20:15:32] <hedonil>	 Sanyi4: in winscp move up the parent directory untill you are in /data/project/ then select your tool's directory
[20:16:18] <CP678>	 Coren, xtools is being spidered again.
[20:18:10] <Coren>	 CP678: You should probably look into some countermeasures or rate limiting of some kind to avoid that possibility.
[20:18:16] <Sanyi4>	 hedonil: im in! thank you very much! (i may have some other questions later)
[20:18:47] <CP678>	 Coren, I'm implementing that in the new tool.
[20:20:49] <hedonil>	 Sanyi4: np
[20:21:17] <WTF_Cyberghost>	 Coren, but any chance of being able to kill the spiders right now.
[20:21:56] <hashar>	 !log deployment-prep migrating eqiad varnish caches to use xfs
[20:21:58] <labs-morebots>	 Logged the message, Master
[20:24:39] <hashar>	 The disk drive for /srv/vdb is not ready yet or not present.
[20:24:40] <hashar>	 Continue to wait, or Press S to skip mounting or M for manual recovery
[20:24:43] <hashar>	 bd808: we are screwed :-]
[20:25:45] <bd808>	 Do we just need to blow the instance away and start over?
[20:26:06] <mutante>	 S ?
[20:26:20] <hashar>	 I can't press the key via wikitech log console interface :-]
[20:26:38] <bd808>	 Ah. Blerg
[20:26:59] <hashar>	 I am pretty sure Ryan knows how to access the console though :D
[20:27:16] <hashar>	 ideally we should skip such mount entirely
[20:28:21] <mutante>	  /last storage
[20:28:57] <hashar>	 https://wikitech.wikimedia.org/wiki/OpenStack#Get_an_interactive_console_to_an_instance_from_a_host  !!
[20:29:46] <hashar>	 virsh console --devname serial1 i-00000080.eqiad.wmflabs
[20:29:48] <hashar>	 that might do it
[20:33:02] * hashar  looks for root :-]

[20:33:31] <andrewbogott>	 hashar: Can you give me the background as to how you got in to this state?
[20:33:37] <mutante>	 hashar: on virt1001?
[20:33:42] <mutante>	 tries
[20:33:54] <hashar>	 and another instance blocked is   i-00000103.eqiad.wmflabs	
[20:34:02] <mutante>	 error: Domain not found: no domain with matching name 'i-00000080.eqiad.wmflabs'
[20:34:20] <hedonil>	 Sanyi4: copy your webfiles to  public_html. that's the right place
[20:34:25] <hashar>	 andrewbogott: on beta we now have our own puppet master, we got some patch that uses labs_lvm to create a /srv/vdb  mount of /dev/mapper/srv--vdb or something similar
[20:34:41] <hashar>	 andrewbogott: the lvm volume creation might have failed
[20:34:56] <hashar>	 mutante: try out with out eqiad.wmflabs maybe?
[20:35:03] <mutante>	 hashar: did, not yet
[20:35:46] <hashar>	 hm
[20:35:49] <mutante>	 virt0 The program 'virsh' is currently not installed.
[20:35:58] <andrewbogott>	 virt0?
[20:36:08] <andrewbogott>	 You should run that command on whatever compute node the instance is hosted on.
[20:36:17] <andrewbogott>	 Which you can learn by looking at the instance's resource page
[20:36:19] <mutante>	 that's what i tried above
[20:36:22] <Sanyi4>	 hedonil: done, but nothing happens, see: http://tools.wmflabs.org/lonelylinks/
[20:36:23] <mutante>	 ok
[20:36:41] <hedonil>	 Sanyi4: yep . 1.) login to console with PuTTY
[20:36:53] <hashar>	 mutante: virt1004   for i-00000103.eqiad.wmflabs
[20:36:58] <mutante>	 hashar: andrew said to look at the resource..thanks, that
[20:37:30] <hashar>	 mutante: and virt1002  for i-00000080.eqiad.wmflabs
[20:37:31] <mutante>	 error: failed to get domain 'i-00000080.eqiad.wmflabs'
[20:37:36] <hashar>	 hehe
[20:37:47] <mutante>	 error: failed to get domain 'i-00000080'
[20:38:16] <hedonil>	 Sanyi4: you have to start your tool's webserver to work. Are you logged in already?
[20:38:27] <hashar>	 mutante: I am not sure what <instance> refers to
[20:38:28] <mutante>	 hashar: same on virt1002
[20:39:27] <andrewbogott>	 you can look in /var/lib/libvirt/whatever and see what kind of IDs it's using
[20:39:28] <andrewbogott>	 I think
[20:39:37] <hashar>	 mutante: mate the instance id?  on virt1002 : aa3c3550-96a7-4f20-a1ab-c88c01a8e5e9
[20:40:01] <mutante>	 hashar: that's it
[20:40:07] <mutante>	 virsh console --devname serial1 aa3c3550-96a7-4f20-a1ab-c88c01a8e5e9
[20:40:07] <mutante>	 Connected to domain i-00000080
[20:40:22] * hashar  updates doc

[20:42:22] <mutante>	 hashar: now i just need to be able to input stuff:)
[20:43:03] <hashar>	 seems the console is not that much interactive so
[20:46:07] <hashar>	 mutante: nothing shown at all so ?
[20:46:13] <hashar>	 maybe drop --devname serial1
[20:46:20] <mutante>	 Escape character is ^]
[20:46:31] <hashar>	 try S
[20:46:35] <hashar>	 for skip mounting :D
[20:46:40] <mutante>	 i did :p
[20:46:44] <hashar>	 :-(
[20:46:47] <mutante>	 and when dropping --devname i get
[20:46:48] <mutante>	 error: internal error: character device (null) is not using a PTY
[20:47:04] <hashar>	 great
[20:47:29] <mutante>	 hashar: how about you reboot the instance while i am connected
[20:47:34] <mutante>	 i wanna see if i get stuff then
[20:47:34] <hashar>	 sure
[20:47:41] <mutante>	 i'm on 00000080
[20:47:47] <hoo|away>	 what... /usr/bin/sql is no longer on the exec hosts? -.-
[20:48:05] <hashar>	 mutante pressed reboot
[20:48:35] <hashar>	 mutante: if you get access on the project : https://wikitech.wikimedia.org/w/index.php?title=Special:NovaInstance&action=consoleoutput&project=deployment-prep&instanceid=aa3c3550-96a7-4f20-a1ab-c88c01a8e5e9&region=eqiad
[20:48:39] <hashar>	 same
[20:49:23] <jorm>	 andrewbogott: ping
[20:49:32] <andrewbogott>	 what's up?
[20:49:40] <hashar>	 mutante: apparently it did not reboot
[20:49:47] <mutante>	 hashar: i saw nothing happening
[20:49:49] <jorm>	 i have this unicorn thinger, and i ssh into it.
[20:49:57] <jorm>	 i want to allow others in the design team to do so as well.
[20:49:59] <mutante>	 well,now i got disconnected
[20:50:15] <hedonil>	 Sanyi4: https://wikitech.wikimedia.org/wiki/Help:Access_to_ToolLabs_instances_with_PuTTY_and_WinSCP
[20:50:18] <jorm>	 should i just create accounts for them and get their keys installed on the instance, or is there other weird magick that must happen?
[20:50:41] <hashar>	 mutante: lets give up
[20:50:57] <andrewbogott>	 jorm:  If you add people to the project on this page:  https://wikitech.wikimedia.org/wiki/Special:NovaProject
[20:50:58] <hashar>	 mutante: will have to dish them out tomorrow and recreate them from scratch :/
[20:51:02] <andrewbogott>	 then they should get ssh access.
[20:51:32] <jorm>	 okay.  i'm gonna have to get her set up with the project (e.g., create an account and such).  i'll have to do that later.
[20:51:41] <andrewbogott>	 jorm:  That's presuming that they have accounts on wikitech already.
[20:51:47] <andrewbogott>	 But that's still probably the easiest.
[20:51:50] <mutante>	 hashar: agreed!
[20:51:54] <jorm>	 i'm nigh 100 percent certain they do not.
[20:52:06] <hashar>	 mutante: though I am going to waste half a day when we could just press S :/
[20:52:15] <hashar>	 mutante: I am filing a bug about it
[20:52:28] <mutante>	 hashar: RyanLane to the rescue or bug,yep
[20:52:41] <andrewbogott>	 jorm:  OK.  It should be easy, let me know if you hit any wrinkles.
[20:52:49] <Sanyi4>	 hedonil: im doing it the first time, it may take a while
[20:52:59] <jorm>	 will do.  i'll have to do this when we're at the same desk, i think.
[20:53:03] <mutante>	 Coren: have you used virsh console before?
[20:53:13] <mutante>	 we just need to send the letter S for hashar
[20:53:22] <mutante>	 and we could save him a bunch of time
[20:53:41] <hedonil>	 Sanyi4: just give a sign if you are logged in
[20:55:06] <milimetric>	 hm, one last problem for the day :)
[20:55:13] <milimetric>	 http://reportcard.wmflabs.org/ is not working due to gateway timeouts
[20:55:26] <milimetric>	 I just removed a hostname associated with an IP address that used to point to tampa
[20:55:37] <milimetric>	 and replaced it with a proxy entry pointing to the equivalent instance in eqiad
[20:55:50] <milimetric>	 I did this for another instance pair (limn0 -> limn1) with no issues
[20:56:00] <milimetric>	 but now I'm getting a 504 timeout on this address
[20:56:03] <milimetric>	 any help is appreciated
[20:57:26] <hashar>	 mutante: bug is https://bugzilla.wikimedia.org/show_bug.cgi?id=62847
[20:57:36] <YuviPanda>	 milimetric: security groups?
[20:57:51] <hashar>	 mutante: if one find out how to use the console I guess that will help other folks next time it happens :]
[20:58:01] <milimetric>	 hm, YuviPanda - not sure I know what you mean
[20:58:05] <YuviPanda>	 milimetric: it should allow port 80 access for 10.0.0.0/8 or some such, I think
[20:58:07] <hashar>	 mutante:  I will just create new instances
[20:58:21] <mutante>	 hashar: ok!
[20:58:27] <andrewbogott>	 milimetric: is 'reportcard' your project?  I don't see any indication of that on https://wikitech.wikimedia.org/wiki/Labs_Eqiad_Migration_Progress
[20:58:37] <andrewbogott>	 Which means it's in danger of me shutting it down at any minute.
[20:58:43] <milimetric>	 if that's set up at the project leve YuviPanda, that might explain the difference, reportcard1 is in a different project called also reportcard
[20:58:48] <milimetric>	 limn1 was in the analytics project
[20:58:59] <hashar>	 bd808: I will rebuild all the varnish caches tomorrow.  They are stalled at boot with vdb not being mountable :/
[20:59:11] <YuviPanda>	 milimetric: should be set at project level, yes :)
[20:59:28] <bd808>	 hashar: Ok. Hopefully I'll have a fix for the geoip library working by then
[20:59:37] <milimetric>	 k, i have 0 clue as of these things :) ... brb fiddling
[21:00:11] <YuviPanda>	 milimetric: :)
[21:00:21] <andrewbogott>	 milimetric: ?
[21:00:47] <milimetric>	 hm, the rules seem to be identical on pmtpa and eqiad
[21:01:09] <milimetric>	 andrewbogott: just having some problems with proxying to the migrated version of the reportcard.pmtpa.wmflabs instance
[21:01:15] <hoo|away>	 andrewbogott: https://gerrit.wikimedia.org/r/119634
[21:01:27] <milimetric>	 oh, so the rules being identical is probably the problem - the old version never needed the proxies
[21:01:45] <andrewbogott>	 milimetric: Did you see the part where I said 'Which means it's in danger of me shutting it down at any minute.'?
[21:01:46] <YuviPanda>	 milimetric: hah! yeah, that might explain things
[21:02:31] <milimetric>	 yes, andrewbogott, definitely, I've been migrating nonstop since you sent out your announcement
[21:02:42] <milimetric>	 (well non-stop besides taking care of other team things)
[21:02:49] <andrewbogott>	 milimetric: Please update https://wikitech.wikimedia.org/wiki/Labs_Eqiad_Migration_Progress
[21:02:54] <milimetric>	 I've definitely not been slacking, we just have a *lot* of crap in labs
[21:02:57] <andrewbogott>	 That's the only way I would know not to kill things.
[21:03:13] <andrewbogott>	 You need to claim ownership.  Projects that don't have a comment on that page will be shut down.
[21:03:18] <milimetric>	 it'd be fine if you killed it andrewbogott, we've got everything puppetized
[21:03:37] <milimetric>	 but wait, I'm confused now, you wouldn't shut stuff down from eqiad right?
[21:04:04] <milimetric>	 yeah, then we're ok, i've got everything migrated over except setting up this proxy
[21:04:53] <Sanyi4>	 hedonil: success!
[21:05:13] <hedonil>	 Sanyi4: Woo!
[21:05:48] <hedonil>	 Sanyi4: now type:   become lonelylinks
[21:05:49] <andrewbogott>	 milimetric: Sorry, I'm finding this difficult to communicate.
[21:06:00] <andrewbogott>	 Do you see the link that I keep pasting?   https://wikitech.wikimedia.org/wiki/Labs_Eqiad_Migration_Progress
[21:06:11] <andrewbogott>	 Have you updated that page to indicate which projects are 'yours' and what you are doing with them?
[21:07:02] <Sanyi4>	 hedonil: done.
[21:07:03] <milimetric>	 andrew otto updated it as soon as you talked about it I think, andrewbogott, but he may have missed the reportcard project.  I will take another look but right now I'm trying to troubleshoot this proxy thing and it's still being a bit of a b***
[21:07:30] <hedonil>	 Sanyi4: now type:  webservice start
[21:07:55] <andrewbogott>	 milimetric: I am alarmed because the deadline to prevent mothballing of projects has passed.  The fact that that project is running at all is a coincidence of it being late in the alphabet.
[21:07:57] <milimetric>	 so, andrewbogott, maybe you can help with this but it said "failed to add rule" when I tried to add a security group rule as per YuviPanda's instructions
[21:08:08] <Sanyi4>	 hedonil: done.
[21:08:10] <andrewbogott>	 milimetric: probably you didn't specify 'tcp'
[21:08:15] <milimetric>	 i did
[21:08:31] <milimetric>	 does the rule maybe need to be deleted from web before the same port range can be added to default or someting?
[21:09:07] <hedonil>	 Sanyi4: now type:  mv *.html *.php public_html/
[21:09:18] <milimetric>	 andrewbogott: no cause for alarm, we knew about the deadline and tried to comply, just missed it shortly and we knew the risks
[21:09:36] <andrewbogott>	 but… all you have to do is sign your name to a wiki page :(
[21:09:41] <andrewbogott>	 Anyway.  What rule are you trying to add?
[21:10:10] <milimetric>	 well, i don't know, i was just trying to copy the setup from analytics.limn1 to reportcard.reportcard1
[21:10:19] <milimetric>	 because analytics.limn1 is working properly with the proxy
[21:10:53] <andrewbogott>	 but, when you got the 'failed to add rule' message, what were you adding?
[21:10:55] <milimetric>	 no, andrewbogott, we signed our name, you're misunderstanding, the very first line on that lists what we own, we just missed the reportcard project because it's this weird thing that we don't think about until the first of every month
[21:11:02] <andrewbogott>	 ah, ok.
[21:11:13] <milimetric>	 i was adding 80-80, tcp, 0.0.0.0/0, default
[21:11:29] <Sanyi4>	 hedonil: done.
[21:11:38] <andrewbogott>	 milimetric: to the 'web' group?  It has that rule already...
[21:11:39] <hedonil>	 Sanyi4: enjoy!  http://tools.wmflabs.org/lonelylinks/
[21:11:48] <milimetric>	 no, to the default group
[21:11:53] <andrewbogott>	 ok, I will try
[21:12:38] <andrewbogott>	 hm… is that right?  Did it help?
[21:14:22] <milimetric>	 hm, it seemed to take the place of the other 22-22 rule there
[21:14:30] <milimetric>	 but yes, it helped
[21:14:51] <milimetric>	 I mean, I can load HTML from that address now
[21:14:54] <Sanyi4>	 hedonil: index.html does appear, but the links dont seem to function.
[21:15:43] <andrewbogott>	 milimetric: sorry to be grumpy.  I'm just very edgy about killing working projects.
[21:15:56] <hedonil>	 Sanyi4: Hmm. you need to modify at least this line   $db=mysqli_connect("localhost","root","Category00","wikidata");  to the right values
[21:15:59] <Sanyi4>	 hedonil: i mean http://tools.wmflabs.org/lonelylinks/lonelylinks.php doesnt function
[21:16:14] <milimetric>	 no problem andrewbogott, this would've been 100% my fault either way and I appreciate you being protective of our stuff, thank you for your help
[21:16:42] <milimetric>	 andrewbogott: could you also add the same rule but for 443?
[21:16:50] <andrewbogott>	 sure
[21:16:51] <milimetric>	 I have no idea why it fails when I do it...
[21:16:54] <YuviPanda>	 milimetric: with the proxy you don't need the rule for 443
[21:17:02] <milimetric>	 oh ok, sorry andrewbogott, then ignore
[21:17:05] <YuviPanda>	 milimetric: it functions as an ssl terminator itself.
[21:17:12] <milimetric>	 thanks YuviPanda / guardian IRC angel :)
[21:17:37] <YuviPanda>	 milimetric: :D <3
[21:18:06] <YuviPanda>	 milimetric: to counterbalance the help, I could talk terribly about Coco for a while if you want :P
[21:18:07] <milimetric>	 thanks all, everything is finally 100% migrated - labs rulez
[21:18:16] <milimetric>	 haha, dude, coco's dead
[21:18:32] <milimetric>	 nuria doesn't like it, and i always said the person hired to work with limn should decide
[21:18:34] <milimetric>	 so it's dead man
[21:18:39] <milimetric>	 i'll join you in ripping on it
[21:18:49] <YuviPanda>	 milimetric: hahahahaha :D <3 <3 WOOOT
[21:19:21] <milimetric>	 like, wtf coco, this works:
[21:19:22] <milimetric>	 x.0."1".(2).[3]
[21:19:30] <YuviPanda>	 milimetric: perl over ruby gives you that :P
[21:19:44] <milimetric>	 i think you have to sprinkle a bit of cocaine too, but yea
[21:20:00] <YuviPanda>	 milimetric: hehehe :D
[21:20:09] <milimetric>	 also, there's something called accessignment: .+=
[21:20:16] <milimetric>	 literally, .+= is an f-ing operator
[21:20:17] <milimetric>	 god
[21:20:22] <milimetric>	 for fun times: https://github.com/satyr/coco/wiki/additions
[21:21:12] <YuviPanda>	 milimetric: hahaha :D
[21:21:34] <YuviPanda>	 milimetric: well, when the limn rewrite does happen, do poke me to let me know
[21:21:59] <milimetric>	 sure thing, Vega JS is top on the list of options, I was thinking of doing something about it during Zurich YuviPanda
[21:22:54] <YuviPanda>	 milimetric: ah, looks promising :)
[21:23:20] <Sanyi4>	 hedonil: oh yeah, i forgot that. -- here come the other questions: (1) how do i acces a database (specific to the given tool) (2) as i know, one can access the databases of wikimedia projects, i.e. i want to acces one table that is regularly dumped from wikidata, but the always-up-to-date version, not the dump.
[21:23:36] <hedonil>	 Sanyi4:  https://tools.wmflabs.org/paste/view/3b9ec64c
[21:23:42] <bd808>	 !log deployment-prep Converted deployment-cache-text02 to use local puppet & salt masters
[21:23:45] <labs-morebots>	 Logged the message, Master
[21:23:50] <grrrit-wm>	 (03PS1) 10Adamw: notify EdProgram about Extension:Campaigns patches [labs/tools/grrrit] - 10https://gerrit.wikimedia.org/r/119638 
[21:26:47] <hedonil>	 Sanyi4: A very detailed guide on how to access the (wiki) databases can be found here -->  https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools/Shared_Resources/MySQL_queries
[21:28:26] <Sanyi4>	 hedonil: thanks! what is it exactly what you linked before?
[21:31:42] <hedonil>	 Sanyi4: 1) your account + password for the MySQL (replica) databases is different from your shell account, it's stored in  replica.my cnf   file.
[21:33:31] <grrrit-wm>	 (03CR) 10AndyRussG: [C: 032] notify EdProgram about Extension:Campaigns patches [labs/tools/grrrit] - 10https://gerrit.wikimedia.org/r/119638 (owner: 10Adamw)
[21:33:34] <grrrit-wm>	 (03Merged) 10jenkins-bot: notify EdProgram about Extension:Campaigns patches [labs/tools/grrrit] - 10https://gerrit.wikimedia.org/r/119638 (owner: 10Adamw)
[21:33:39] <hedonil>	 Sanyi4: 2) to query the databases you have to specify the matching  hostname  + database name (here wikidatawiki)
[21:33:55] <grrrit-wm>	 (03PS2) 10Adamw: Reformat using a more yaml-y style [labs/tools/grrrit] - 10https://gerrit.wikimedia.org/r/112311 
[21:33:58] <grrrit-wm>	 (03CR) 10jenkins-bot: [V: 04-1] Reformat using a more yaml-y style [labs/tools/grrrit] - 10https://gerrit.wikimedia.org/r/112311 (owner: 10Adamw)
[21:35:29] <Sanyi4>	 hedonil: how did you know, before i asked for wikidata? :)
[21:35:53] <grrrit-wm>	 (03PS3) 10Adamw: Reformat using a more yaml-y style [labs/tools/grrrit] - 10https://gerrit.wikimedia.org/r/112311 
[21:36:17] <hedonil>	 Sanyi4: I'm a wizard ;) 
[21:36:44] <hedonil>	 Sanyi4: just kiddin'. I took a look into your failing php script.
[21:39:58] <grrrit-wm>	 (03PS1) 10Adamw: add Extension:FundraisingChart; notify wikimedia-dev about FR commits [labs/tools/grrrit] - 10https://gerrit.wikimedia.org/r/119643 
[21:41:51] <Sanyi4>	 hedonil: thanks a lot for helping! -- enough for today. by!
[21:42:09] <hedonil>	 Sanyi4: yw
[21:43:15] <hedonil>	 Coren: Wow /one/ other tool has finished its migration yet  \o/.  ~10 hours or so.  https://tools.wmflabs.org/tools-info/migration-status.php
[21:49:31] <onetimenichname>	 is the toolslab still down? I'm getting "No webservice" when trying to access all tool pages. 
[21:50:27] <Damianz>	 not mine
[21:50:40] <Damianz>	 Have you `webservice start`'d after mass migration?
[21:50:41] <hedonil>	 onetimenichname: some tools may still be inactive after migration
[21:51:17] <onetimenichname>	 I just created a new tool today, and I can't access files stored in public_html. 
[21:51:32] <hedonil>	 onetimenichname: which tool?
[21:51:40] <onetimenichname>	 grantmaking
[21:54:09] <hedonil>	 onetimenichname: as Damianz pointed out
[21:54:30] <hedonil>	 onetimenichname: login to tools-login.wmflabs.org
[21:54:46] <hedonil>	 then: $become grantmaking
[21:54:56] <hedonil>	 then: $webservice start
[21:55:23] <Earwig>	 Coren: that's the one (and there's a two others under the copyvios tool that still seem missing)
[21:57:04] <onetimenichname>	 hedonil : it now works, awesome! Thanks!
[21:57:12] <hedonil>	 onetimenichname: yw
[21:58:32] <Krinkle>	 Hm.. Can't get https://tools.wmflabs.org/visualeditor/dirtydiffs/ to work
[21:58:36] <Krinkle>	 It was auto-migrated to eqiad
[21:58:43] <Krinkle>	 webservice start ran without errors
[21:58:48] <Krinkle>	 but it keeps being 503 or 404
[21:59:01] <Krinkle>	 (for tool=admin apparantly.. looks like a proxy failure)
[22:02:20] <hedonil>	 Krinkle: is this website intended to just list subdirectories? and did it run under apache with .htaccess in pmtpa?
[22:02:32] <Krinkle>	 Yes and yes.
[22:03:05] <hedonil>	 Krinkle: if so you have to modify the .lighttpd.conf file (for dirlisting)
[22:03:13] <hedonil>	 !newweb
[22:03:13] <wm-bot>	 https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools/Help/NewWeb
[22:03:50] <Krinkle>	 Does it not support htaccess?
[22:03:58] <hedonil>	 Krinkle: no
[22:05:48] <hedonil>	 Krinkle: but it's simple. create a file  .lighttpd.conf   in tools rootdir and add the 'Examples index files, directory listing' line. then webservice restart.
[22:06:47] <Krinkle>	 Done
[22:06:57] <Krinkle>	 It's weird though that it serves a 404 in that case https://tools.wmflabs.org/visualeditor/
[22:07:02] <Krinkle>	 and one with rather strange context
[22:07:03] <Krinkle>	 tool=admin
[22:07:08] <Krinkle>	 and relative paths to thigns that obviously don't exist
[22:07:30] <hedonil>	 Krinkle: Hmm.
[22:07:46] <Krinkle>	 Still broken after I added thar
[22:09:20] <hedonil>	 Krinkle: the full line is required:  $HTTP["url"] =~ "^/dirtydiffs($|/)" {      dir-listing.activate = "enable"     }
[22:09:22] <Cyberpower678>	 Coren, I have the new edit counter finished.
[22:09:33] <Krinkle>	 hedonil: Oh, it expands to the root, not my own directory
[22:09:51] <Cyberpower678>	 https://tools.wmflabs.org/supercount/index.php
[22:09:58] <Krinkle>	 I know the syntax, I intentionally ommitted it because I wanted it to apply globally
[22:10:05] <Krinkle>	 the conf syntax supports that, right?
[22:10:07] <hedonil>	 Krinkle: yep. it's for the whole visualeditor webservice
[22:10:56] <Krinkle>	 Wait, no it doesn't
[22:11:07] <Krinkle>	 it does apply relative to my tool, doesn't need /visualeditor in the pattern
[22:11:18] <Krinkle>	 I want the subdirectory to be discoverable as well, not just the files within, no need 
[22:11:27] <hedonil>	 Krinkle: yeah you're right
[22:13:24] <hedonil>	 Krinkle: seems the second single 'dir-listing' line brreaks the config
[22:14:57] <Coren>	 Earwig: That's the one what?  That DB is there.  Do you have permission problems?
[22:16:24] <Coren>	 Krenair: That's a bug (the error message).  I seem to have a mistake between my http and https config.
[22:16:33] <Krenair>	 Krinkle, ^
[22:16:38] <Earwig>	 Coren: no, tools.earwigbot seems fine now (and thank you); tools.copyvios (s51330) appears to be missing two databases
[22:16:39] <hedonil>	 Krinkle: error in regex ( is missing
[22:16:40] <Krinkle>	 hedonil: Is there no error if the config is broken?
[22:16:42] <Coren>	 Gah autocomplete.
[22:16:44] <Krenair>	 :)
[22:16:48] <Krinkle>	 I checked the error logs
[22:16:57] <Krinkle>	 oh, it's delayed I guess
[22:17:20] <Coren>	 Krinkle: Lighttpd buffers and flushes at interval.
[22:20:43] <Krinkle>	 Finally.
[22:20:48] <Krinkle>	 http://tools.wmflabs.org/visualeditor/
[22:21:02] <hedonil>	 Krinkle: yeah
[22:24:12] <Krinkle>	 Coren: It seems it also doesn't blacklist dotfiles by default
[22:24:25] <Krinkle>	 hedonil: Have a sample for that? (maybe add to the default)
[22:24:41] <Krinkle>	 e.g. .git/ and other . files
[22:26:11] <hedonil>	 Krinkle: there's an option 'dir-listing.exclude'  https://redmine.lighttpd.net/projects/1/wiki/Docs_ModDirlisting   . but haven't tested yet
[22:26:26] <Coren>	 Yeah: fixed bugs:  trailing / missing, and broken error pages in https.
[22:26:39] * hedonil  checks

[22:27:11] <hedonil>	 Coren: \o/ 
[22:27:12] <Coren>	 Dafu?
[22:27:39] <Coren>	 I just broke something, it seems.
[22:28:28] <Coren>	 Yeah, I broke the system site itself.  :-)
[22:28:58] <Coren>	 Redirect loop.
[22:29:24] <Coren>	 Ah, I see why.
[22:30:19] <Coren>	 Redirecting /.* to / <-- fail.
[22:31:08] <Krinkle>	 Added https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools/Help#lighttpd-conf-hidden
[22:31:26] <hedonil>	 Coren: / thingy can be swept from todo list.
[22:31:50] <hedonil>	 Can now be replaced by new item:  Ganglia ;)
[22:31:57] <Coren>	 hedonil: Yeah, turns out it was the same bug; there was a bit of confusion in my redirects of http vs. https
[22:32:14] <Coren>	 hedonil: Monitoring goes in the "once dust settles" phase.
[22:33:37] <hedonil>	 Krinkle: ahh. perfect. updated docs. always a source of joy ;)
[22:59:32] <Cyberpower678>	 Coren, ping
[22:59:37] <akoopal>	 hi Cyberpower678, thanks for fixing :-)
[23:02:56] <CP678>	 akoopal, np
[23:03:49] <Cyberpower678>	 Coren
[23:04:03] <Cyberpower678>	 tools.supercount@tools-login:~$ take $HOME/public_html
[23:04:18] <Cyberpower678>	  /data/project/supercount/public_html: you must own the containing directory
[23:04:23] <Cyberpower678>	 ???
[23:04:40] <Coren>	 Cyberpower678: you must own the containing directory
[23:04:57] <Cyberpower678>	 Coren, isn't that the point of take?
[23:05:08] <Coren>	 Cyberpower678: you must own the *containing* directory
[23:05:43] <Cyberpower678>	 Coren, well apparently supercount doesn't own anything.  Is this a bug.  It doesn't even own itself.
[23:05:58] <Coren>	 Oh, indeed.  How amusing.
[23:06:05] <Coren>	 When was this created?
[23:06:25] <Cyberpower678>	 About a week ago.
[23:06:46] <Cyberpower678>	 Apparently supercount does own that folder though.  So there must be a bug in take.
[23:06:49] <Coren>	 Hm.  New tool creation /during/ creation was never really tested.
[23:06:59] <Coren>	 No, I just chowned it.
[23:07:25] <hedonil>	 Cyberpower678: looks fantastic !
[23:07:37] <Cyberpower678>	 hedonil, thank you.
[23:11:36] <Cyberpower678>	 Coren, still not working.  It's a tool bug.
[23:12:09] <Cyberpower678>	 tools.supercount@tools-login:~$ take /data/project/supercount
[23:12:16] <Cyberpower678>	  /data/project/supercount: you must own the containing directory
[23:12:44] <Cyberpower678>	 Accoriding to ownership info, it does own it, so...
[23:12:49] <akoopal>	 Cyberpower678: forgot public_html ?
[23:13:15] <akoopal>	  /data/project you of course don't own
[23:13:49] <Cyberpower678>	 akoopal, no.  It's intentional.  I want to take ownership of all my files in the $HOME directory.
[23:14:38] <akoopal>	 Cyberpower678: for i in /data/project/supercount/* ; do ; take $i ; done
[23:14:59] <Cyberpower678>	 ??
[23:15:10] <Cyberpower678>	 take is a recursive tool
[23:15:32] <akoopal>	 Cyberpower678: if I see the error message you can't run it from your homedir
[23:16:01] <akoopal>	 as it checks permission on the 'containing folder'
[23:16:27] <Cyberpower678>	 ooooooooooooooooooooooooooooooooooooohhhhhhhh
[23:16:28] <akoopal>	 so my 'script' should be a workaround
[23:16:30] <Cyberpower678>	 Now I get it.
[23:20:05] <Cyberpower678>	 hedonil, also, it has a rate limiter, to stop spidering attempts.
[23:21:10] <hedonil>	 Cyberpower678: hehe. make a 301 from xtools and we'll see ... ;)
[23:22:12] <Cyberpower678>	 hedonil, no problem.  It also leaves no lingering connection behind, and is pretty much stable.
[23:23:20] <hedonil>	 Cyberpower678: I'll send a notice to baidu :P
[23:29:03] <hedonil>	 Coren: did you notice that  /usr/bin/sql  wrapper script is missing from exec nodes. hoo|away submitted a patch for that.
[23:44:19] <Cyberpower678>	 hedonil, 301 set up
[23:45:43] <hedonil>	 Cyberpower678: yeah. the show is about to begin 
[23:46:25] <hedonil>	 Cyberpower678: but unfortunately the get parameters are discarded :-(
[23:47:30] <Cyberpower678>	 Because the parameters are differetn.
[23:47:57] <Cyberpower678>	 Also let's the wikipedians know that it's time to change the link.
[23:48:42] <hedonil>	 Cyberpower678: do you have a list of full parameters, so that I can change my links to your tool too?
[23:49:04] <Cyberpower678>	 hedonil, at current the parameters are user and project
[23:49:26] <huh>	 What was different with pcount parameters?
[23:49:52] <Cyberpower678>	 hedonil, 2 additional parameters will be added completedata and nojs
[23:50:00] <Cyberpower678>	 it used 3.
[23:50:28] <Cyberpower678>	 The project was formatted differently.
[23:50:41] <Cyberpower678>	 Well I have to go for now.
[23:51:18] <huh>	 bye Cyberpower678 
[23:51:35] <Cyberpower678>	 bye