#chef

beandip JasonF: thanks 00:11
I'd been using nova client 00:11
but I wanted to keep the workflow relatively unchanged for my team 00:12
hoover_damm beandip, nova client works with v2? 00:25
nice 00:25
beandip hoover_damm: 00:56
$ sudo pip install rackspace-novaclient 00:56
$ sudo pip install --upgrade rackspace-novaclient 00:56
$ sudo pip install os_networksv2_python_novaclient_ext 00:56
hoover_damm ahh rackspaces 00:56
nm 00:56
beandip $ sudo pip install --upgrade os_networksv2_python_novaclient_ext 00:56
abetterlie is there any way to force chef-client to never use server side cached values in attributes? 01:20
or to run chef-server in a way that it never caches the values? 01:20
PRK_nz I'm getting a recipe compile error "No such file or directory - handle .....", but I have a directory resource before the failing line that should ensure that the directory exists. 01:21
Any ideas? 01:21
abetterlife: My understanding is that it doesn't, only the ones you see when editing then node. 01:22
abetterlie it definitely does use cached values, because if you change something or override it in a json file, chef will use the previous value 01:23
PRK_nz Are you making sure you've got your attribute hierarchy right? http://wiki.opscode.com/display/chef/Attributes 01:23
if the attributes show up in "knife node show <insert_fqdn_here> -Fj", then they'll be part of the run. 01:24
abetterlie right, but what I really want is for the default value to be used insetead of the value from the previous run 01:25
PRK_nz That's my understanding any way. If you look at Chef server webui though, under the 'show' tab on a node, you'll see a lot more. 01:25
yfeldblum abetterlie, if you use normal-level attributes, those are saved and like you are seeing; if you use default-level or override-level attributes, those are done fresh on each chef-client run 01:26
PRK_nz Are you setting the attribute on the node? e.g. node.set['some_attribute'] during the run? 01:26
I see what yfeldblum means "This means that any normal attribute set in a recipe or cookbook attribute file will remain even after the cookbook or role has been removed from the node's run list." - From wiki 01:27
abetterlie so how can I remove the previous run's value and ensure that the default is always used? 01:29
I'm not using node.set anywhere 01:29
yfeldblum abetterlie, `knife node edit` 01:29
PRK_nz how about your attribute files? are there any normal attributes in them? 01:30
"normal or set attributes applied in an attributes file 01:31
normal or set attributes applied on a node directly in a recipe" 01:31
abetterlie damn. I don't have write access with knife. 01:31
evilsushi rBEL_: yo do you run the rbel repo? 01:42
scalability-junk hey I have some issues setting up the chef server with the bootstrap way. 01:52
I get a gcc error when compiling the event machine. anything to fix that without manually changing server stuff? 01:52
I'm trying that on ubuntu 12.04 01:53
bluepojo scalability-junk: you probably are missing a header package that event machine depends on 01:54
scalability-junk strange thing, after rerunning the script a few times it seems to work... 01:54
bluepojo maybe there was an install hiccup 01:54
that worked the second time 01:54
=/ 01:54
scalability-junk bluepojo, yeah probably. thanks anyway 01:54
abetterlie evilsushi: fag 02:00
gchristensen wow 02:01
evilsushi abetterlie: haha you traitor 02:01
josephholsten really? really? https://gist.github.com/3998211 02:05
C:\Program' is not recognized as an internal or external command 02:05
I thought we'd learned how to actually quote things on windows. 02:06
gchristensen windows has very difficult "quoting" rules 02:07
josephholsten gchristensen: BS. I've lived through portable shell in M4 in autotools. that has difficult quoting rules, and is in almost every gnu/fsf project. 02:15
hoover_damm C:\\\\Program Files (x86)\\\\Ruby193\\\\bin\\\\gem 02:17
? 02:17
like that gchristensen ? 02:17
gchristensen hah 02:22
hoover_damm i've been dealing with markdown 02:23
so it's the first thing that i pulled outa my butt 02:23
yfeldblum here's how to quote things on windows: s/windows/linux/g 02:23
beandip JasonF: well, knife-openstack does not seem to work with rackspace cloud 02:51
:( 02:51
JasonF beandip: if you drop me an email with your problem, I'll help you find an answer tomorrow. 02:53
beandip I'll /msg you here 02:55
have a great night 02:55
hoover_damm beandip, no it doesn't 02:57
beandip, https://github.com/mattray/knife-rackspace/tree/KNIFE_RACKSPACE-39 02:58
beandip hoover_damm: yeah 02:58
I tried that 02:59
ERROR: Fog::Compute::RackspaceV2::BadRequest: Fog::Compute::RackspaceV2::BadRequest 02:59
hoover_damm beandip, and basically that's already in master 02:59
so provided your running 0.6.2 it should work 02:59
beandip, toss a couple more -V's in there... 02:59
beandip hoover_damm: I did 02:59
hoover_damm beandip, also what version of fog do you have? 02:59
beandip http://pastebin.com/RYH0rduF 03:00
hoover latest fog gem 03:00
the one installed when I gem install the latest knife-rackspace wich supports v2 03:00
hoover_damm and can you use that fog gem and do v2 stuff fine? 03:01
and you may not need to specify the endpoint 03:02
if you don't specify the endpoint does it work? 03:02
beandip, fwiw you should delete that and generate a new api key (change your password?) 03:03
that paste 03:03
unless the api key was fake in that, you should cycle that 03:03
beandip hoover_damm: That was a random key sequency I put in place of my real key 03:04
I'm not a tool 03:04
:P 03:04
lol 03:04
that's good you don't 03:04
;) 03:04
hoover_damm beandip, basically based on everything i see provided you have the right spot it should work 03:06
don't see any open tickets in the knife rackspace slot 03:07
and sadly i didn't sign up for v2 so i can't test 03:07
beandip yarp 03:07
hoover_damm doing so would annoy $client 03:07
beandip I'm pretty sure it's an issue with fog 03:07
rather the fog gem 03:08
not being current 03:08
:/ 03:08
not a big deal 03:08
just wondering if anyone has it working or rand into the same specific errpr 03:08
hoover_damm https://github.com/fog/fog/issues/1191 03:08
https://github.com/fog/fog/pull/1241 03:09
beandip, err i thought you said you had the latest fog? 03:09
although getting that fog loaded sometimes is more 03:10
beandip i have the latest fog gem 03:15
kevmo Recently started installing some 10.16.2 clients. Everything seems to work but I am receiving the following error when I run chef-client. Anyone seen this before? INFO: HTTP Request Returned 404 Not Found: No routes match the request: /reports/nodes/NODENAME/runs 03:20
Full Run https://gist.github.com/86b7acb52e6bd53d9504 03:20
KevMo Recently started installing some 10.16.2 clients. Everything seems to work but I am receiving the following error when I run chef-client. Anyone seen this before? INFO: HTTP Request Returned 404 Not Found: No routes match the request: /reports/nodes/NODENAME/runs Full Run output https://gist.github.com/86b7acb52e6bd53d9504 03:24
hoover_damm KevMo, sounds like your chef-server is older? 03:25
than 10.16.2 03:25
beandip aaaaah 03:25
I found the issue 03:25
hoover_damm KevMo, there's a report handler now that sends up stuff to the chef-server and if your chef-server is old enough it might not know how to grok this 03:25
beandip nothing in the docs for this 03:25
hoover_damm should work for hosted 03:26
beandip but knife-rackspace has the following flag: -rackspace-api-auth-url URL 03:26
KevMo It was and I was getting this error than as well. So I upgraded the server, but am still getting the same error. 03:26
beandip I added the following to my knife.rb 03:26
knife[:rackspace_api_auth_url] = "https://dfw.identity.api.rackspacecloud.com&quot; 03:26
hoover_damm beandip, be a good citizen and create a ticket for documentaiton on that 03:26
beandip now it should call the proper auth url so it can interact with the server api 03:26
hoover_damm beandip, i'm sure others will be just as baffled 03:27
KevMo hoover_damm: is there a specific gem that I need to install to ensure that the report handler is there? My server and my clients match now but am still getting the error 03:28
beandip oh, wait 03:28
fucksticks 03:28
that didn't fix it 03:28
hoover_damm KevMo, nope that should be it 03:29
KevMo damn... 03:30
BryanWB_ ohai chefs! 07:24
jensofsweden Mornings =) 07:25
jensofsweden I have a chef question, bare in mind that this is my fourth day working with chef. I plan to deploy alot of apache + tomcat servers. Apache as frontend and tomcat as backend. Now with every deployment all apaches should have a default.conf and ajp-proxy-ssl.conf file in the apache directory, but i need them to have some dynamic values into the files depending on what app i deploy them with. I plan of doing a cookbook for each app 07:36
i want to deploy but instead of adding the default.conf and ajp-proxy-ssl template in each of these cookbooks can i make a generic cookbook, call on that in my app cookbook and just have a variable in the app recipe that puts the value into the default.conf and ajp-proxy-ssl.conf templates from the other cookbook? 07:36
BryanWB_ jensofsweden: y 07:36
jensofsweden Then I have some reseach and testing to do =) 07:38
BryanWB_ just use attributes to set those variables 07:47
i also highly recommend this tutotail http://vialstudios.com/guide-authoring-cookbooks.html 07:47
flaccid_ hey guys. if i do say log("oh no") { level :fatal } will that exit chef with a non zero? or is there some other method i should do to raise error/exception? 08:03
spheromak you can just raise im not sure if a fatal log call will dump 08:04
flaccid_ kk thanks spheromak 08:05
whats the recommended method to raise ? 08:05
spheromak depends on your issue 08:06
https://github.com/opscode/chef/blob/master/lib/chef/exceptions.rb 08:06
for the exceptions that are defined 08:06
flaccid_ ty 08:08
spheromak looking at mixlib log, i dont' think it raises on fatal 08:08
flaccid_ say in an execute resource can you do something like command { foo_ruby or raise ::Chef::Exceptions::Application, "Error foo." } 08:09
spheromak I don't see why you shouldn't be able too 08:10
but try it in shef ;) 08:10
flaccid_ kk danke! 08:11
spheromak but thinking about it you prob want a ruby block if you are trying to eval some ruby 08:15
flaccid_ spheromak: thanks its looking that way 08:33
jensofsweden How come when I type default['jenkins']['servername'] = "jenkins.schibsted.se" in the attributes file and ServerName <%= node.set[:httpd][:servername] %> in the template file it works? what does the ['jenkins'] in the attributes file do? and what does the ['httpd '] in the template file do? Still just 4 days of chef experience so real newbe here =) 08:41
spheromak jensofsweden: you got a jist of what your talking about ? 08:46
or what cooks your using here ? 08:47
doing a node.set in a template is fundamentally probably not what you want to do 08:47
;) 08:47
jensofsweden Im still in the learning process =) 08:47
spheromak yup you do much programming ? 08:47
jensofsweden Nope 08:48
spheromak yea so got a bit of a curve, but the basic idea is that you have data logic and presentation 08:48
attributes/bags are data, recipes are logic, and templates are presentation 08:49
you read the just enough ruby for chef ? 08:50
http://wiki.opscode.com/display/chef/Just+Enough+Ruby+for+Chef 08:50
might help a bit. 08:50
jensofsweden Just once, then i experiment to see what stuff does =) 08:51
spheromak thats great 08:51
shef/irb/pry are all verry good tools to use when learning 08:51
so going back to what you first said default['jenkins']['servername'] 08:51
in the attribs file everything is assumed to have the node prepended on it. ex: in recipe code node.default['jenkins']['servername'] is the same as that attrib entry 08:52
make sense ? 08:53
jensofsweden Yea i think i got that 08:53
spheromak so your default['jenkins'] in attributes is simply setting an attribute at the "default" level. 08:54
http://wiki.opscode.com/display/chef/Attributes for info on levels and how they merge 08:54
jensofsweden Yea, tried to understand that, kinda got it. 08:55
spheromak yea its a bit to digest early on 08:55
so wheres the confusion, and i can try to clarify 08:56
jensofsweden i guess the default['jenkins']['servername'] is a place where i put my data about my servername right? 08:56
spheromak right 08:57
and in the template you acces this to write it out 08:58
node['jenkins']['servername'] 08:58
jensofsweden yea that i understand 08:58
spheromak k 08:58
jensofsweden but when i forgot to change the node['httpd']['servername'] to jenkins instead of httpd it still got the data from the node 08:59
i was just woundering how thats connected =) 08:59
spheromak would need to see a gist 09:00
to get a more clear picture 09:00
emanuelez hello all! is it possible for a chef server to connect to a chef client wich is only reachable with after an openvpn connection? 09:03
jensofsweden gist? 09:04
specialsauce emanuelez, the chef client contacts the chef server not vice versa 09:05
spheromak https://gist.github.com/ or pastie or pastebin 09:05
or w/e 09:05
jensofsweden ahh =) 09:06
emanuelez specialsauce: ah, i see, so as long as the firewall allows it, then it should be fine 09:10
specialsauce emanuelez, in theory yes :-) 09:10
jensofsweden spheromak: http://pastebin.com/uJ4WLjK5 09:11
emanuelez specialsauce: cool, thank you. I'll try that out. hmmm... does the client continuosly check the server if anything needs to be done? or every few minutes/hours? 09:11
specialsauce emanuelez, the client can run manually (you run it), via cron (scheduled every X interval) or daemonised (where it checks in on interval) 09:12
so it depends how you have it set up 09:12
spheromak jensofsweden: so lookin at it yea the default['jenkins'] entry in attribs should have nothing to do with the templates call to node[:httpd][:servername], but there may be someting in recipe that is finding and assigning the node['jenkins']['servername'] to node[:http][:servername] 09:14
in the recipe or attrib code in whatever is in the run_list 09:14
emanuelez specialsauce: thanks again 09:17
specialsauce np dude 09:17
gokr Hmmm, trying to decide how to best install chef-server into a Ubuntu VM using vagrant... so many options. 09:32
There is the bootstrap route using chef-solo, then there are debs from opscode, then there is a chef-server recipe on the community site. Any advice? 09:32
aruntomar is it possible to automate the mysql master slave replication via chef? 10:07
masterkorp personally i dont advice that 10:19
i like to do those by hand 10:19
specialsauce (but it is perfectly possible) 10:23
aruntomar masterkorp: it's a requirement to automate mysql master slave config :( 10:24
specialsauce: my confusion is that normally chef-client runs on 1 node, but if i've to do master slave config, my code/recipe will have to simultaneously operate on say mysql master and mysql slave server. how to do that? 10:26
specialsauce aruntomar: why do you need to run them simultaneously? 10:27
aruntomar specialsauce: well, when i configure the replication manually, i have to login to master, freeze rows, dump the db, copy dump to the slave and configure slave, then start slave and unfreeze the master. so i've to work on both master and slave servers. 10:29
masterkorp holy shit my logic sniffer just arrived 10:41
specialsauce aruntomar, i'm with you, yeah not a simple task. dont know if there's a cookbook out there that does this or if you'd be looking at cooking your own 10:41
aruntomar specialsauce: i can cook on my own. i only need direction, how to achieve this :) 10:43
soko I am trying to use postgresql::server and I come across the following: If I set node['postgresql']['password']['postgres'] *before* include_recipe "postgresql::server" then I get an error FATAL: NoMethodError: undefined method `[]=' for nil:NilClass. If I set it after, it all works fine. The same error occurs if I set this in attributes/default.rb. Any ideas why this happens? 12:40
This is with chef-solo by the way. 12:40
(In contrast mysql::server recipe requires the passwords to be set *before* the recipe.) 12:42
masterkorp soko:can you give the full run log 12:48
soko masterkorp: I am really sorry but I can't, I don't have access to it right now :-/ 12:51
masterkorp https://github.com/opscode-cookbooks/postgresql/blob/master/recipes/server.rb 12:51
well, for starters sub include_recipes are not worked on 12:52
soko masterkorp: please bear in mind I am a newbie :-) I am setting this because the recipe README says: "If you're using chef-solo, you'll need to set the attribute node['postgresql']['password']['postgres'] in your node's json_attribs file or in a role." 12:53
masterkorp: so what are we looking at at the server.rb recipe? 12:53
masterkorp postgres::client is not run 12:53
soko masterkorp: why not? It is on line 24... 12:54
masterkorp soko: http://wiki.opscode.com/display/chef/Recipes#Recipes-IncludingRecipes 12:55
soko masterkorp: maybe I have not explained fully. All I have is a simple recipe that has two lines. 1. node['postgresql']['password']['postgres'] = "foo" 2. include_recipe "postgresql::server". 12:56
If I run it like that I get the error. If I swap the lines everything works fine. 12:56
masterkorp soko: how are you runing chef-solo ? 12:56
soko masterkorp: Vagrant runs it 12:57
masterkorp soko: ok, you dont need to create a recipe for that 12:57
soko masterkorp: but I do 12:57
masterkorp can you paste your vagrantfile ? 12:57
soko masterkorp: my problem is not how to get this to work because I have already a couple of different ways of getting it to work. 12:57
masterkorp: my question is why the order of these two lines matters 12:58
masterkorp soko: isn't that obvious ? because postres set that on server installation 12:58
soko masterkorp: ok, then my next question is, why does it work OK for the mysql::server recipe? 12:59
clexmond chef is working great for me for deploying prod, but I'd like to use it for deploying to staging as well from branches named like release-1.1, hotfix-1.0.1, etc. is there a good way to do this without having to edit cookbook attributes everytime? 13:00
masterkorp soko: that works on a 2nd run 13:00
clexmond: have diferent roles for staging and productiion, and set the attributes there 13:00
soko masterkorp: with that I have to set node['mysql']['server_root_password'] = "foo" *before* include_recipe "mysql::server" 13:00
masterkorp then there you go 13:01
soko masterkorp: with the postgresql recipe it is exactly the opposite 13:01
masterkorp: do you know why this happens? 13:01
masterkorp node.save unless Chef::Config[:solo] 13:03
soko masterkorp: Sorry but your answers are rather cryptic. I appreciate your time but I can't understand what you are trying to say by pasting the odd line of code or with answers like "there you go" :-) 13:04
clexmond masterkorp: I have roles, but my problem so far, is staging won't always be "release", it will be release-1.1, then release-1.2 the next time and so on 13:04
masterkorp clexmond: and you want that be choosen automatically ? 13:05
clexmond well, passing it in as a command line param would be ideal 13:06
unless it's possible to be selected automatically, which I doubt 13:06
masterkorp You could have some ruby logic on the recipe iterating by those branches and using the lastest 13:08
clexmond hmm, that's not a bad idea 13:08
i'll give that a shot 13:08
masterkorp what i wonder is why your team is not using tags instead of branches 13:15
clexmond well, we tag master, but I'd like to throw up staging servers on release branches before they're merged into master 13:16
masterkorp makes some sense 13:24
maruq hi guys, anyone know the syntax for conditional check based on a role being in a run_list ? 13:25
eg. only_if node['run_list'].include?("role[myrole]") 13:25
CharlieSu Can anyone help me figure out why the RVM cookbook is no longer working on my box? https://gist.github.com/9628e7b2d918ca38415a 13:33
CharlieSu Any RVM users? I'm trying ot find out what the proper RVM cookbooks is.. I was using fnichol's cookbook but it is no longer working.. 13:50
yfeldblum maruq, this is ruby, so ... http://pastie.org/private/abxb0obrkyspzyyau6wenq 13:51
maruq yfeldblum: thanks. I was checking run_list, not roles. does the only_if need the braces on line 12. In theory it shouldn't, but everything I'm trying is failing 13:54
CharlieSu: I was using https://github.com/fnichol/chef-rvm 13:55
m 13:55
bougyman CharlieSu: ask in #rvm about that RVM::CommandIncomplete thing 13:56
i've seen it before can't remember what the solution was though 13:56
maruq yfeldblum: just asked a ruby colleague I was wrong, need to do things in a block 13:56
CharlieSu I'm in #rvm and they're saying that there is an issue. It crept up about a week ago 13:57
maruq: I'm using the same one. The system recipe is what is breaking on me. 13:57
geekbri I found rvm systme installs never really worked like they were supposed to so I stopped using them 13:57
I only use the per user rvm installs now. Those have never given me an issue 13:58
yfeldblum maruq, why check run-list and not roles? 13:58
xdissent CharlieSu: there's a fix 13:58
CharlieSu: https://github.com/fnichol/chef-rvm/issues/133#issuecomment-9794260 13:59
CharlieSu xdissent: ? 13:59
xdissent you have to stick with rvm 1.16.16 for now 13:59
CharlieSu xdissent: nice! thanks so much.. I'll try this 13:59
xdissent there's a few commits in rvm HEAD that deal with the gem path removal. I *think* it should be fixed next rvm release 14:00
CharlieSu xdissent: you're a lifesaver.. thanks !!! 14:01
xdissent np. pretty sure there are a lot of people hitting that wall this week 14:02
CharlieSu xdissent: yeah. I just quit installing RVM the past few days.. 14:04
maruq yfeldblum: well, roles work at the moment I guess. was thinking of checking riotgames cookbook approach 14:05
xdissent I wish I could have! It's an integral part of our production deployment system =/ 14:05
CharlieSu I can confirm that this fixed my issues.. :) very happy 14:07
vaskas i ended up rewriting the rvm cookbook in a simplistic manner 14:07
maruq yfeldblum: I found a work around though, check if I set a var that I only set for that node type 14:07
vaskas also had trouble with chef-rvm this week 14:07
xdissent yeah, rvm wrappers are STILL broken for me. using a rvm_shell resource to just `rvm alias create` manually. bummerz 14:11
chef-rvm is just suuuuper slow too. it tears down and rebuilds the entire shell env like 5 times just to check for what ruby versions are installed 14:12
behemphi I find myself in a place where I need a chef run to wait for another machine to come up first. Is there a good example of this in a cookbook somewhere? 14:49
masterkorp that queue'ing stuff is interesting i should do something with zookeeper for that 14:50
gokr I am trying to make a recipe that configures knife but... I am not figuring out how to do "knife configure -i blablabla" without going interactive. There doesn't seem to be an option for the validation.pem file. 14:56
masterkorp because -i means interactive 15:01
gokr No, it means "initial" 15:02
blitzrage btm: ping 15:02
btm: per the code review stuff you posted on the wiki, you don't *have* to be in the google hangout either. You can also broadcast via youtube for those that don't need to directly talk/speak, especially if you're going to use #chef-hacking for text, etc 15:03
masterkorp gokr: why dont you just place a knife.rb ? 15:03
gokr I think I found a way around it, by temporarily making /etc/chef/*.pem readable. 15:03
Well, the "knife configure" also produces a new pem file in there. 15:04
I don't really understand this stuff yet - the different pem files, and why I am supposed to copy them into ~/.chef etc. 15:05
masterkorp Can i ask why are configuring knife with chef ? 15:05
erikh gokr: this is how knife-server does it: https://github.com/fnichol/knife-server/blob/master/lib/knife/server/credentials.rb 15:05
gokr masterkorp: I am building a tool around chef and want to be able to have that tool use knife. 15:06
masterkorp makes sense 15:06
gokr erikh: Ah, thanks! Darnit, I should use that stuff I guess... 15:08
Chef and all is really col stuff but... so ... much stuff... :) 15:08
erikh fwiw, I'm working on a tool that let's you control knife programmatically.. 15:08
it's pretty crude right now though 15:08
gokr erikh: Hehe. 15:08
erikh http://github.com/erikh/knife-dsl 15:08
so you can throw it in rakefiles and so forth, without a ton of shelling out... just to run ruby again 15:09
masterkorp https://github.com/erikh 15:10
love you pic 15:10
gokr I am basically building a tool meant to remote control a rather large system in cloud setups. Auto scaling etc. And using Chef + knife seems obvious - but it also means I want to do it all "programmatically". 15:10
masterkorp https://github.com/erikh/fart 15:10
also this is LOL 15:10
erikh oh, whipped that up @ seattle.rb while I was at the summit 15:12
I was sitting there with drbrain, explaining what I wanted to do and said "I don't know what to call this thing" 15:12
he said "well maybe once it fleshes out a bit it'll come to you" 15:12
so I used my patent-pending metasyntactic variable naming system 15:12
masterkorp heh 15:14
gotta love summits 15:14
erikh gokr: we're doing something similar fwiw (that's actually what that fart tool is for) 15:14
masterkorp sadly i live on the midle of nohere 15:14
erikh it's definitely not done yet. 15:14
masterkorp (well i like it, but it has its bad sides) 15:15
mattray fwiw, spiceweasel takes a simple yaml dsl and spits out knife commands 15:15
someday it'll run the commands for you 15:15
erikh haha, I wouldn't use it at this point. I just committed it to keep it somewhere central 15:16
gokr Yeah, yeah, just sneaking a peek. 15:16
erikh yeah; take a look at the example.rb in lib/ -- it's where I want to be, an orchestration of a proper autoscaling-based deploy 15:16
gokr Yup, saw it. 15:17
erikh the parallelism isn't there yet though; it'll be much more useful at that point. 15:17
but it's just topo-sort + events + parallelism more or less 15:17
btm blitzrage: yeah, we used the broadcast for yesterdays Chef Hangout, but at the moment we're still trying out the software as a solution and waiting to see what kind of uptake there is. 15:20
meh 15:20
masterkorp btm: pure voip. freeswitch with sipml5 15:21
i will make a freeswitch and sipml5 soon 15:21
after finishing icinga 15:21
leifmadsen freeswitch. gross :) 15:22
masterkorp why ? 15:23
love it 15:23
leifmadsen because I'm an Asterisk guy :) 15:23
masterkorp pfft 15:23
people still use that thing :P 15:23
leifmadsen yes they do 15:23
my book still sells well :) 15:23
btm: btw I was blitzrage too (xchat issue) thanks for the follow up 15:24
erikh gokr: anyhow I hope to return to it in a few weeks, if this seems like something you'd want to work together on to solve similar problems, we should chat 15:24
hcentelles hello I have a question about the execute provider 15:25
gokr Yeah, although I am not building it in ruby. 15:26
erikh: But definitely interested in solving problems. Right now I am setting up a Vagrant box with recipes in order to eventually deliver it all as an appliance. 15:26
hcentelles Exist a way to interact with a program asking for command line input in a recipe? 15:29
masterkorp hcentelles: can you pass the input to him on sheell ? 15:31
*shell 15:31
hcentelles masterkorp: yes 15:31
masterkorp: is a program asking for several inputs to make a binary config file 15:32
masterkorp: something like a wizard 15:33
masterkorp: I'm looking the execute resource but it seems like there's no support for that case 15:34
masterkorp Can you scipt it with bash 15:36
? 15:36
erikh gokr: cool 15:37
go would be a good fit here, but bootstrapping go just for this when Celluloid solves the problem acceptably well seems like a waste of effort 15:37
hcentelles masterkorpo: Yes, I'm think so, my bash suck, I'm wondering if there is a way to do it with chef without developing a bash script 15:38
btm masterkorp: screen share is a requirement, and video is optional but nice. 15:41
video conferencing is an unsolved problem. 15:41
kryptek sup all 15:42
aruntomar has anybody tried to automate mysql master slave replication using chef? 15:44
masterkorp btm: screen share is also doable too 15:45
s/too// 15:45
Nopik hi.. if i'm starting ec2 server, and assigning him name in tags, can i somehow access this name from a recipe? i see that ohai doesn't read instance tags, unfortunately :( 15:45
btm masterkorp: the 'make' in 'i will make a freeswitch and sipml5 soon' also is a problem. it's hard to justify the time for making things. I looked at the apapche thing and thought about it, but didn't want to do any work. 15:46
masterkorp btm: i will do it because i use it personally, i also have some unexpected free time lately 15:48
better do something useful with it :) 15:48
aruntomar Nopik: i've not used it by try this one http://cookbooks.opscode.com/api/v1/cookbooks/AmazonEC2Tag 15:49
http://community.opscode.com/cookbooks/AmazonEC2Tag 15:50
Nopik: its made for setting ec2tags but may be you can modify it for your requirement 15:50
Nopik aruntomar: yeah, accessing aws api directly is some kind of choice, definitely, thanks 15:52
masterkorp Crap Am I the only one in here who prefers rackspace ? 15:53
JasonF masterkorp: no :) 16:35
masterkorp uff 16:37
bradgignac beandip: i hear you're having issues with knife-rackspace. i might be able to help. 16:40
rainers hello 16:45
I'm having an issue bootstrapping chef-server with solo on rhel6 and having an issue with the rabbitmq port 16:46
it's allready in use 16:46
mattray rainers: while this is for Private Chef, I bet it's applicable in your case: http://private-chef-docs.opscode.com/installation/prereqs.html#configuring-the-operating-system 16:48
rainers: Qpid? 16:48
beandip bradgignac: I am 16:49
bradgignac what are you seeing? 16:49
beandip I'm trying to get the current knife-rackspace gem to work with the v2 cloud 16:49
bradgignac okay 16:49
rainers mattray: yeah, that's what I figured out. Is there a way to specify an other port? 16:49
bradgignac beandip: what error do you get? 16:50
beandip ERROR: Fog::Compute::RackspaceV2::BadRequest: Fog::Compute::RackspaceV2::BadRequest 16:50
let me get you my conf settings from knife.rb 16:50
mattray rainers: probably somewhere. I'm not really familiar with setting up the server though. 16:50
beandip one sec 16:50
rainers ok, so I'll give it a try 16:50
bradgignac beandip: switching to PM so we don't spam the channel 16:50
davidmz How can I rerun a node's runlist with knife 16:50
rainers mattray: thx 16:51
beandip knife[:rackspace_api_auth_url] = "https://identity.api.rackspacecloud.com&quot; 16:51
knife[:rackspace_endpoint] = "https://dfw.servers.api.rackspacecloud.com/v2&quot; 16:51
knife[:rackspace_version] = 'v2' 16:51
mattray beandip: run with -VV for more verbose debugging when using knife rackspace 16:51
beandip davidmz: one the node, run chef-client as root 16:51
masterkorp rainers: why just no use the repos ? way simpler 16:51
beandip @mattray I've done so 16:51
http://pastebin.com/RYH0rduF 16:51
rainers masterkorp: what repos do you mean? 16:52
beandip (it's a dummy key I replaced my key with. Just FYI) 16:52
davidmz beandip: I know that, but I want to control this from a centralized location, I am developing a system on many servers, I want to redeploy often and on demand, and I want to do this without logging on each node, can this be done? 16:52
rainers i trying to bootstrap the latest chef-server 16:52
bradgignac beandip: wrong auth url 16:53
actually 16:53
that should work okay 16:53
beandip bradgignac: I've tried a few 16:54
bradgignac beandip: try using https://identity.api.rackspacecloud.com/v2.0/ as the auth url 16:54
masterkorp rainers: oh i forgot opscode does not make rpm packages, sorry 16:55
bradgignac beandip: also, i don't believe that is a valid image 16:55
beandip lol 16:56
nice 16:56
bradgignac beandip: V2 images are UUIDs, not integers 16:56
beandip thanks for that 16:56
It looks like it auths now 16:56
or something 16:56
hmmm 16:56
noe, it doesn't 16:57
/Users/benattar/.rvm/gems/ruby-1.9.3-p194@global/gems/fog-1.6.0/lib/fog/rackspace/compute_v2.rb:117:in `authenticate': undefined method `match' for nil:NilClass (NoMethodError) 16:57
bradgignac i would actually flip back to the other auth URL 16:57
and try fixing the image 16:57
beandip yeah, old auth url worksrackspace_flavor_list.rb:40:in `block in run': undefined method `bits' for #<Fog::Compute::RackspaceV2::Flavor:0x007fd7d63661d0> (NoMethodError) 16:58
old auth url works now 16:58
but can't pull a flavor list 16:58
erikh hmm 16:58
beandip rackspace_server_list.rb:43:in `block in run': undefined method `public_ip_address' for #<Fog::Compute::RackspaceV2::Server:0x007fa01acb9c58> (NoMethodError) 16:58
erikh anyone know how to express NOT properly in chef search? 16:58
beandip or a server list 16:58
erikh the lucene docs are so bad 16:59
beandip I can pull an image list though 16:59
erikh I've tried my_field NOT true, my_field:[NOT true], and I'm just failing here. 16:59
beandip shows my saved images as well. So, definitely authenticating 17:00
bradgignac beandip: okay, i'll do a little digging. if you'll be in the room later in the day, i'll ping you. otherwise, i can should you an email 17:00
beandip I'm always around 17:00
;) 17:00
bradgignac okay 17:00
btm erikh: knife search node NOT myfield:true 17:00
erikh btm: <3 17:01
thanks. 17:01
beandip bradgignac: Even though server list and flavor list are broken, if I could get valid flavor values, maybe I could kick off a build from knife 17:02
erikh hmm... that doesn't seem to be working either. sec, let me paste the whole query 17:02
bradgignac beandip: try flavor of 2 17:03
beandip: 1 was 256mb servers, and they were discontinued 17:03
erikh [2012-11-02T10:03:20-07:00] INFO: HTTP Request Returned 400 Bad Request: invalid search query: 'bind_domain_name:a-domain.com AND NOT bind_domain_master:true AND chef_environment:vagrant' Parse error at offset: 65 Reason: Expected one of \ at line 1, column 69 (byte 69) after AND 17:04
bradgignac beandip: i'll investigate the flavor and server listing. it will probably be a few hours before i can get to it. if there's a bug, i'll throw up a pull request. 17:04
erikh btm: is the AND interfering there? 17:04
beandip with flavor 2 I get ERROR: Fog::Compute::RackspaceV2::BadRequest: Fog::Compute::RackspaceV2::BadRequest 17:05
nothing telling with -VV 17:06
yfeldblum beandip, what about the image? 17:12
beandip, does it happen for flavor 3? 17:12
beandip yup 17:14
probably not the flavor value causing the issue 17:15
does anyone have knife-rackspace working with v2? 17:15
mattray beandip: It was working fine for me, lemme go test 17:15
sunil__ question about a apache2 cookbook..can I pass an attributeribute to apache to where to look for virtualhost file to be used for sites available/enable? 17:16
btm erikh: I think you just drop the first AND 17:16
beandip mattray: can you scrub your conf and share with me? 17:16
mattray 'knife rackspace server list --rackspace-version v2' works for me 17:18
https://gist.github.com/4002873 17:18
beandip what version of fog and what version of knife-racksace are you on? 17:19
mattray 0.6.2 17:20
do you have previous versions of the knife-rackspace gem installed? 17:20
bdemers I've seen a couple people asking a similar question, but no real answer to this. Say I have a default attribute file that contains: default['foo'][ 17:21
btm erikh: this is less than awesome. 17:21
bdemers 'version'] = "123" 17:21
mhalligan I'm rewriting a few cookbooks to make every template and link to an external package source an attribute. does that seem silly? It doesn't seem to me that there's another way to override those bits, but am I missing some class inheritance-fu there? 17:21
btm erikh: use quotes and put the not last, e.g. knife search node 'platform:ubuntu AND name:i-* NOT name:i-09aaec72' 17:21
bdemers default['foo']['other'] = "some-string#{node['foo']['version']}" 17:22
erikh eww. 17:22
bdemers if i override the version in a role, should my node[:foo][:other] reflect this change ? 17:22
erikh good to know, but I actually just spent the last 5 or so restructuring the meta for a few reasons 17:23
btm: thanks man, legend as usual 17:23
beandip oh... goddamn RVM 17:25
bdemers formatted better her: https://gist.github.com/4002942 17:26
mattray beandip: I use rvm gemsets, help a bit 17:26
bdemers should the value of node['foo']['other'] reflect the overridden 'version' attribute ? 17:27
an actual example is here: https://github.com/opscode-cookbooks/mysql/blob/master/attributes/server.rb#L64 17:28
beandip turned out that I had mutliple versions of fog installed 17:31
rvm sometimes has issues 17:32
le sigh.... 17:32
well, that was a time waste 17:32
:) 17:32
thanks for y'alls patience 17:32
mattray beandip: been there, done that :/ 17:33
bradgignac beandip: so everything is working as expected? i dropped out of IRC for a bit 17:35
beandip yeah 17:38
turned out i had multiple fog gems 17:38
fucksticks 17:38
I hate when I have a PEBKAC issue 17:38
leifmadsen layer 8 problems suck 17:38
qhartman Even more fun though are layer 9 17:41
(management) 17:41
leifmadsen I have a firewall at that layer 17:41
qhartman oh man, I wish 17:41
beandip leifmadsen: :D nice 17:43
Litex Me too, but I don't have access to manage the ruleset. 17:43
beandip So now I've got another question 17:45
since rackspace now released cloud networks, is there anyone working on adding that ability to specify a cloud network to attach a node to with knife rackspace? 17:46
I should probably ask in the fog mailing list 17:47
gyre008 is there a way how I can chown files recursivey in a directory ? I tried https://gist.github.com/4003117 but it doesn't seem to work... 17:50
there's gotta be a way Chef way 17:51
mattray beandip: it was discussed at the OpenStack summit 17:53
beandip: my take was that whoever wanted it in Fog would add it 17:53
beandip: once it goes into knife-OpenStack via Fog, knife-HP and knife-Rackspace would pick it up pretty easily 17:54
qhartman gyre007, The only way I know of is to shell out to a command line 17:54
btm gyre008: what's hard with that is knowing when to trigger it. Do we walk the whole tree and look for problems? or just chown when the top level directory is wrong? 17:55
gyre008 well btm I want to chown recursivelylike chown -R...simples 17:56
i can do it in execute resource though... 17:56
btm gyre008: it isn't simple because to make the resource idempotent you have to know when it needs to be done. 17:56
gyre008 once its convergedpretty much on every chef-client run 17:58
bradgignac beandip, mattray: i've written most of the rackspace fog code recently, and i'll get around to networks eventually. of course, pull requests are always welcome 17:59
mattray bradgignac: yeah, wherever it shows up first will migrate to the other providers. Too bad they don't extend each other 18:00
btm gyre008: yeah, that's not idempotent. If you want chef to do something every run regardless of state you should just use the execute resource. 18:00
bradgignac mattray: there's been a fair amount of discussion about it, and i hope it will happen eventually. there's some concerns around versioning that need to be addressed. 18:01
mattray cool 18:01
that's the right thing to do, it's just a matter of someone taking the time to do it 18:02
bradgignac yeah 18:02
beandip bradgignac: thanks 18:04
mattray: I might be able to spare some cycles to tackle networks 18:04
not this wek or next 18:04
mattray beandip: for Rackspace or OpenStack? 18:04
beandip rackspace 18:04
mattray :) 18:04
beandip I'll see what I can budget 18:05
mattray knife-openstack is probably the most complicated of the knife plugins, too many configurations to support 18:05
beandip My whole purpose for moving to next-gen servers is to get my backend services off the servicenet 18:05
mattray makes sense 18:05
ssd7 Ohai Chefs 18:09
KevMo Using *** Chef 10.16.2 *** and getting "HTTP Request Returned 404 Not Found: No routes match the request: /reports/nodes/NODENAME/runs" when I run chef-client. Can anyone give me a fix for this. Seems to be a chef-client bug. At first I thought that it was because I had an earlier version of chef server. Upgraded the server, same thing. Built an entirely new server from scratch, same thing. Earlier clients (ex; *** Chef 10.12.0 ***) does not have this issue. 18:09
ssd7 KevMo, isn't a bug. Just some ground work for some features that might be upcomming soon. I think there might be a config option you can set though to avoid that failure. One sec. 18:10
KevMo ssd7: saweet. Thanks. Been driving me nuts. 18:10
ssd7 KevMo: Try `enable_reporting false` in your client.rb 18:11
KevMo ssd7: oh man, that's all it was. "enable_reporting false" in the client.rb worked. Can this be added to chef server common errors @ http://wiki.opscode.com/display/chef/Common+Errors 18:14
ssd7: thank you! 18:14
ssd7 KevMo: No problem! We should definitely get some information up about some of the new output people may encounter somewhere. 18:17
mhalligan is there an equivalent of install.sh for os x? 18:39
gem install chef seems to have left me in dependency hell 18:39
nevermind, install.sh works 18:43
mattray beandip: did the rackspace stuff start working for you? 19:19
I'm having issues now 19:19
wassy121 Hey all. Are there any good "data bag management" scripts out there? For instance, to auto-regenerate a whole bunch of passwords for a set of users, or disable a bunch of databags if environment == production 19:24
Or any other fanciful stuff like that? We need to separate out our internal databags from live, production implementation. Stronger password requirements, etc. 19:25
JasonF wassy121: I've taken to namespacing some of my data bags: like somedatabag_#{node.chef_environment} or similar 19:27
wassy121 JasonF: that's a reasonable idea 19:29
Let me think through that a bit 19:29
yfeldblum wassy121, it's just data in a database ... 19:30
JasonF, you don't do that with any of your applications ... 19:31
JasonF yfeldblum: what do you mean? 19:31
wassy121 yfeldblum, yes, but it's data in N databases, across N chefmasters, each with M environments 19:31
So, when the schema of a data bag changes in DEV, and it needs to change passwords before it pushes to LIVE, it needs to be handled appropriately 19:32
yfeldblum JasonF, if you have a rails app and you have 3 instances of that app (one for qa, one for external testers, one for production), you don't deploy a single database but then name each table like "users_qa", "users_exttest", "users_prod" ... 19:33
JasonF, you make 3 databases, and in each database you have a "users" table 19:33
JasonF yfeldblum: In that case; I'd use separate database servers. Which roughly translates into separate data bags. 19:33
yfeldblum JasonF, no, a data-bag is like a table 19:33
JasonF yfeldblum: I didn't say to namespace data bag *items*, I said to namespace the data bag 19:34
wassy121 JasonF: ahh, that makes even more sense. So you have data_bags/admins_live/blah.json and data_bags/admins_dev/blah.json 19:34
yfeldblum JasonF, each data-bag item being like a single record in the table 19:34
JasonF wassy121: not exactly in that example, but yes, that's the general idea. Not even trying to say it's a good solution, but it's just a solution :) 19:35
wassy121 Fair enough. I tried looking for other examples of what to do in cases like mine, but couldn't find anything in particular 19:35
MattJ The attributes that I see under 'default' when I run 'knife node edit' - any idea why they might get overwritten after a chef-client run on the node? 19:41
awgross MattJ: Overrides? 19:42
wassy121 MattJ, recipes can set those attributes via "node.set[:foo]=:bar" 19:42
MattJ Hmm, I wrote the only code that should be touching these attributes 19:43
and I didn't know about node.set, so I doubt I'm calling it... 19:43
wassy121 You're saying that after "knife node edit", then run chef-client on the node, now "knife node edit" shows new/different values? 19:43
MattJ Exactly 19:43
It shows the previous values in fact (before my edit) 19:43
wassy121 In current chef, you can also do "node[:foo] = :bar", and set that value, maybe you did that in an if statment? 19:44
MattJ I'm not using overrides anywhere 19:44
Hmm, let me check 19:44
awgross wassy121: what is your setup, chef solo/client? using Vagrant etc? 19:45
wassy121 awgross, chef server per datacenter, multiple environments per DC. No Vagrant, but VMs that call chef upon initial bootstrap 19:46
awgross hmm ok 19:46
not the issue I was thinking of 19:46
relates to Chef-Solo 19:46
wassy121 no worries. 19:46
beandip mattray: yes 19:55
mattray beandip: I'm getting the same issues you were 19:56
beandip everyting was working for me after I realized I was calling out to the wrong damn fog version 19:56
mattray 'gem list | grep fog' 19:56
mattray you were able to create servers? 19:56
beandip yeah, I was an hour ago 19:56
let me try spinning up another node 19:56
mattray 1.6.0 19:56
beandip one sec 19:56
what error are you getting? 19:57
Yeah, knife just kicked off a v2 server build for me 19:57
looks like it's processing 19:57
I'm at waiting for server..... 19:57
mattray https://gist.github.com/4003966 19:58
yfeldblum beandip, might think about using bundler 19:59
beandip yfeldblum: yeah, I do for my cookbook developement 20:00
mattray: you aren't providing a --server-name or --node-name 20:01
mattray beandip: don't need that anymore 20:02
beandip knife rackspace server create --server-name foo --node-name foo -f2 -I5cebb13a-f783-4f8c-8058-c4182c724ccd -VV --rackspace-version v2 20:02
mattray: try that for shits and giggles 20:02
mattray nope 20:03
with 0.6.0, I added automatic node naming for v2, since it was in v1 20:03
beandip nice 20:04
mattray testing with fog 20:04
beandip well it looks like fog isn't happy with what you're sending it 20:04
try specifying the server-name anyhow 20:05
see if that fixes it for you 20:05
ssd7 densone1: 20:05
gra 20:06
tab completion ftl 20:06
beandip mattray: I'm looking at your code 20:06
mattray beandip: I'm just running opscode/knife-rackspace trunk with a patch to push something in via the personality 20:07
works directly from fog 20:07
let me roll the patch back 20:08
beandip you create a random node-name but not server name 20:08
mattray it's the patch 20:08
beandip https://github.com/opscode/knife-rackspace/blob/master/lib/chef/knife/rackspace_server_create.rb 20:08
mattray not sure what's broken, but something in knife-rackspace trunk ain't right 20:08
beandip line 252 20:08
Majost is it possible to tell remote_file to use a sha1 checksum opposed to a sha256? 20:08
beandip you create the node_name 20:09
The easy solve would be to set server_name to the same thing as chef_node_name 20:09
because what gets passed to fog is the server_name, not chef-Node_name 20:09
mattray beandip: https://github.com/opscode/knife-rackspace/blob/master/lib/chef/knife/rackspace_server_create.rb#L161 20:10
beandip oh 20:11
hmm.... 20:11
mattray it only creates a random name if the chef_node_name or the server_name are empty 20:11
beandip I stand corrected 20:12
hmm 20:12
not sure 20:12
I need to step into a meeting 20:12
after which I'll look closer with you 20:12
mattray I'm pretty sure someone has broken knife-rackspace trunk 20:12
I'll piece through it later 20:13
beandip kk 20:17
Majost let met rephrase -- does the checksum option or remote_file allow anything other than sha256? 20:21
I am trying to pull a sha1 or md5 sum from a nexus server as the source for the checksum to determine if the local copy is correct -- but nexus only generates sha1 and md5 sums 20:22
behemphi @ssd7, any word on the docs repo going public? 20:31
drewww when I need to make changes to a site cookbook, what's the right git strategy? do I make a branch and check my edits in? I don't totally get how chef wants to manage all the vendor branches in chef-repo 20:42
yfeldblum drewww, the only thing that touches or looks at your vendor branches is `knife cookbook site install`; everything else, such as `knife cookbook upload`, looks only at the contents of the directories you specify in your knife.rb 20:43
rhodee I've come across a node.json error due to a NoMethodError 'delete' any ideas on how to address this? http://stackoverflow.com/questions/13181226/chef-solo-run-list-error-with-json 20:43
drewww right, but if I have changes in site-cookbooks, knife cookbook site install freaks out 20:44
so I need to check those changes in so the directories aren't dirty 20:44
so just shove them into my own branches? 20:44
or check them into the vendor branch and resolve merge conflicts later if I need to pull later? 20:44
yfeldblum drewww, that's more a question of how to use git ... it's up to you ... 20:47
drewww, some people use librarian-chef to manage cookbooks (myself included, as i wrote it); some people use berkshelf to manage cookbooks; some people just download them from the browser, etc 20:47
masterkorp http://i.imgur.com/7f5zB.gif 20:48
jroberts newb question: if create roles/default.rb and call it default will it get assign to all new nodes created? 20:48
ls 20:49
sunil__ I have a very custom virtualhosts file for apache, whats the best way to add it to apache2 cookbook? thought of creating a web_app cookbook for it but its pretty beasty and wonder if I can just tell the cookbook to use a file for vhost configs? 20:49
bluepojo masterkorp: http://www.youtube.com/watch?v=1oHWvFrpocY 20:49
the whole fight 20:49
awgross wat... 20:50
sunil__ @jroberts no I don't think it will get assigned unless you explicitly tell it to add to those nodes.. 20:53
jroberts @sunil_ Yeah, that is what I am finding in my searches, but I just can't help but think there is another way. 20:54
yfeldblum jroberts, why do you think there's another way? 20:55
jroberts, remember that in lower-level tools like knife, it's much better for everything to be simple and explicit; then you can add your own sugar on top 20:55
jroberts because a default roll applied to all new nodes makes sense 20:56
hoover_damm jroberts, assign the data in environments? 20:56
jroberts, that environment could have a runlist that includes a specific role or recipe as your base 20:56
jroberts, basically you could have a default role... but no it doesn't work that way 20:56
jroberts hoover_damm: Ok. I was thinking about that. 20:56
hoover_damm jroberts, so work through the environments angle and see if that fits the model 20:57
yfeldblum jroberts, it seems to make sense, now ... but what happens when it turns out it's not such a great idea to do that all the time? 20:59
masterkorp bluepojo: ahah, yes 21:00
jroberts I here ya. 21:02
MattJ wassy121, JFYI I'm still stuck on this issue... it seems even when I set something in 'overrides' it gets removed after a chef-client run 21:02
jroberts The environment seems like a better place. 21:02
thanks 21:02
MattJ I'm starting to wonder if I'm completely misunderstanding how attributes are supposed to work 21:03
hoover_damm MattJ, that's possible 21:06
MattJ, people abuse attributes in awkward ways 21:06
breck Hello, is there a way to access the CHEF server API from .NET? Or do I need to do this over raw HTTP? 21:13
mattray breck: not aware of a library for .NET yet, there's Java, Ruby and Python 21:17
(that I'm aware of) 21:18
breck Interesting - if I wanted to right one... where would be the best place to start? 21:18
(Bearing in mind I'm new to chef... how much expertise is required to implement a full client?) 21:18
mattray well, if it was me I'd take a look at the other libraries and read up on the API 21:18
1 sec, lemme look for an API doc 21:19
breck: http://wiki.opscode.com/display/chef/Server+API 21:19
breck yeah - I was reading that. Unfortunately it doesn't discuss the mechanics of e.g. signing the request 21:20
mattray you might want to hit up the mailing list to see if anyone else has worked on something similar. 21:20
breck Ok - will do. Thanks for your help! 21:20
mattray and hit up coderanger for hints on auth, he wrote pychef 21:20
coderanger You raaaaaang 21:21
flaccid ring ring 21:21
hoover_damm breck, and if you make it... please publish it and make it available :) 21:21
breck, because windows users are growing so it would only help the windows lifecycle i imagine :) 21:22
mattray yeah, mention it on the mailing list because people will show up to help 21:22
hoover_damm indeed 21:22
coderanger breck: If you have access to OpenSSL, its pretty easy 21:22
breck cool 21:22
coderanger breck: https://github.com/coderanger/pychef/blob/master/chef/auth.py 21:22
breck Lovely - is that what Mixlib::Authentication uses? 21:23
coderanger Yeah, I just like to think thats a bit easier to read :) 21:23
JasonF I'm trying to test backup/restore of a chef-server, and now any attempt to sync cookbooks ends in EOFError while trying to get the http url for the first cookbook pulled. I've already attempted deleting+reuploading all cookbooks using knife, and that's not successful. Any thoughts as to places to check? 21:25
coderanger breck: Basically that + https://github.com/coderanger/pychef/blob/master/chef/api.py (notably the key loading and request and api_request) 21:25
breck: That will get you API access, after that making an OO thang is up to you :) 21:25
breck @coderanger: You're a hero. I can take it from there 21:26
btm breck: http://wiki.opscode.com/display/chef/Making+Authenticated+API+Requests 21:26
breck: if you make any grand discoveries please document them there. 21:26
coderanger breck: http://pychef.readthedocs.org/en/latest/auth.html exists too 21:26
Written as precisely as I could 21:27
breck @btm: You mean mention them in this channel? 21:27
btm breck: no, on that wiki page I just linked to. there are secions documented for making API requests in different languages / different tools there. 21:30
amerine Anyone here have enough SO rep to cast a reopen vote for http://stackoverflow.com/questions/13186989/how-do-you-make-a-chef-resource-optional so we can get 'ignore_failre true' some google foo? 21:31
I hate everything about that sentence, but I have a co-worker that needs help. 21:32
OlegYch|h hello 21:32
i'm following this guide http://wiki.opscode.com/display/chef/Installing+Chef+Server+on+Debian+or+Ubuntu+using+Packages 21:33
where do i get validation.pem? 21:33
for workstation 21:33
amerine OlegYch|h: Read the bottom of this: http://wiki.opscode.com/display/chef/Configuring+Chef+Client 21:34
OlegYch|h if i copy it from server and try to bootstrap a node i get "Chef encountered an error attempting to create the client "test21" Failed to authenticate. Ensure that your client key is valid." 21:34
yfeldblum amerine, http://stackoverflow.com/a/13203374/12349 21:36
OlegYch|h amerine: ok so I downloaded validation.pem to /etc/chef (after knife configure) but i get an error about failure to authenticate 21:37
MattJ hoover_damm, am I abusing attributes by using them to specify what version of software I want to deploy on a node? 21:43
and modifying that during the node's lifetime 21:43
OlegYch|h amerine: i'm sure that my-username.pem and validation.pem are the same on workstation and server 21:45
JasonF So I found a weird situation: After restoring my testing chef server, a server that had already been configured to use that chef-server continues to work properly, however, the chef server ITSELF can't sync cookbooks. 21:50
With the EOFError indicated above 21:51
I've removed the client.pem + the associated client from the chef-server, and had it re-authenticate using validation.pem to no avail 21:53
awgross i hate it when minitest cant find my files and I can't remember how I fixed the problem last time. 21:58
OlegYch|h amerine: same happens if i try to bootstrap client on workstation from server 22:00
JasonF Hm. The one succeeding server was succeeding only because it had the cookbooks cached. 22:06
So the only reason it's failing is an inability to sync cookbooks. 22:06
zuhaib Hey anyone runs chef-client with fork support? We are starting to see chef use up 35% of ram memory on our ec2 boxes and I guess before their is a fix to the issue we want to give fork a try 22:08
ale______ anyone know how to decrypt an encrypted data bag with the linux command openssl and the secret key? I have a data bag with two keys (id, name) name is "something" . I want to decrypt "something" with the openssl command. "openssl enc -in ./test.txt -out ./test-dec.txt -d -aes-256-cbc -kfile ./data_bag_key.pem (/test.txt has the value for key name). this gives me a bad magic number. 22:08
zuhaib in dev it looks good but wondering if anyone has ran in to any unexpected issues 22:08
spheromak zuhaib: fork is a good option. also running it on an interval instead of as a daemon 22:08
JasonF ale______: I use the knife-file plugin to do "knife file decrypt" when I need to get an enc db 22:09
ale______ @JasonF I have to decrypt the data bag from a server that doesn't have chef. I use the python client but it doesn't deal with encrypted data bag. I was hopping to figure out how to open it with openssl and then write it in python. 22:11
yfeldblum ale______, obviously you must know the encryption/decryption algorithms, and you can find them here: https://github.com/opscode/chef/blob/master/lib/chef/encrypted_data_bag_item.rb 22:17
ale______ @yfeldblum, yeah I know it's AES 256 CBC and base64 encoded 22:18
yfeldblum ale______, also YAML, and also only the top-level values apart from the id are individually encrypted 22:18
ale______ @yfeldblum, so far I'm following (https://github.com/opscode/chef/blob/master/lib/chef/encrypted_data_bag_item.rb) I extract the value for a key and try to decode that value with the secret key 22:19
yfeldblum right, so you base64decrypt, then you set up openssl aes-256-cbc with a key-and-iv derived from the key using the algorithm pkcs5_keyivgen, and then you use that cipher instance to decrypt, and then you yaml-parse 22:22
ale______, which you can find here: http://rxr.whitequark.org/mri/source/ext/openssl/ossl_cipher.c?v=1.9.3-p195#303 22:27
ale______ @yfeldblum thanks will look at this now. 22:29
OlegYch|h ok i tried this http://wiki.opscode.com/display/chef/Common+Errors#CommonErrors-401Unauthorized(usingvalidatorAPIclient) 22:46
now bootstrap fails with cookbook being not found 22:47
even after i upload that cookbook 22:47
OlegYch|h ah, that's because i doublequoted recipe name 22:53
that worked on windows.. 22:53
chef ubuntu package seems to is broken in so many ways.. 22:57
kindsol I have a LWP with almost everything I need, I just want to override one action in with my custom LWP. has anyone came up with a way to "inherit" actions from another LWP? 23:01
siezer hrm.. any ideas? https://gist.github.com/93fd05810591ff9f9680 (test-kitchen) 23:03
Axsuul Is a certain chef only supposed to work with ubuntu 12.04? 23:19
certain version* 23:19
gchristensen what do you mean, Axsuul? 23:21
Axsuul gchristensen: i.e. chef 0.10.16 isn't compatible with Ubuntu 10.04 23:22
doesn't appear to have the package ruby-mixlib-shellout 23:22
gchristensen so did you mean to ask: Is a certain version of chef only supposed to work with ubuntu 10.04? 23:24
otherwise just latest chef 23:24
Axsuul gchristensen: yep, sorry. 23:25
gchristensen gotcha 23:25
I don't actually know the answer to that problem, but now that it is clarified, maybe someone else can help 23:26
coderanger Axsuul: We test back to 10.04 and RHEL/CentOS 5 I think 23:42
Axsuul: As for packages, omnibus is the One True Way 23:42
We highly highly highly recommend not using system packages 23:43
gchristensen coderanger: will knife bootstrap -d ubuntu12.04-gems use the omnibus installer? 23:47
coderanger No, you told it to install from gems .. 23:48
Just use the default bootstrap template 23:48
gchristensen and it uses chef-full by default? 23:48
coderanger it is now smart and will figure out what platform you are on and get the correct package type automatically 23:48
gchristensen hrmmm good to know, thank you 23:49
coderanger (windows being an exception currently) 23:49
gchristensen usually is ;) 23:49
MattJ Beat me to it 23:50