| 00:10.01 | *** join/#gllug slaker (~slaker@cpc3-seve13-0-0-cust106.popl.cable.ntl.com) |
| 00:20.50 | *** join/#gllug londo (~georgiou@82.133.49.59) |
| 00:23.41 | *** join/#gllug eye69 (~magnus@yoshi.upcore.net) |
| 01:39.47 | *** join/#gllug Leeds (~richardc@www.scorefive.com) |
| 08:00.47 | hali | morning |
| 08:35.28 | *** join/#gllug flips_and_rails (~stu@dyn1241-34.vpn.ic.ac.uk) |
| 08:45.27 | *** join/#gllug DiscordianUK (~ch@fedora/DiscordianUK) |
| 09:08.48 | Mohan | morning |
| 09:24.25 | DiscordianUK | Morning |
| 09:51.03 | hali | hm, looks like it's time to jump ship and abandon nagios |
| 09:51.18 | hali | the nagios.org website does it best to get you to sign up to nagios.com |
| 09:52.26 | cpufreak | hali: if you want a nagios based solution |
| 09:52.28 | cpufreak | www.opsview.org |
| 09:57.26 | bilarh | opsview for the win, actually... |
| 09:57.33 | bilarh | i was sceptical at first, but it's actually a very good product |
| 09:57.46 | z00dax | hali: move to icanga for a nice sidegrade ? |
| 10:20.22 | hali | z00dax: yes, most likely, just waiting for the web ui to be final |
| 10:38.07 | Mohan | what is icanga ? google doesnt show any valid results related to network monitoring. |
| 10:38.46 | hali | icinga |
| 10:38.48 | hali | it's a fork of nagios |
| 10:39.04 | hali | proper DB support, improved web ui (not written as CGI in C) |
| 10:39.23 | hali | you can more or less move your old nagios conf over seamlessly |
| 10:39.48 | Mohan | sounds cool. let me have a look at it. |
| 10:48.31 | hali | bilarh: do you use the ent version or the free version? |
| 10:54.59 | bilarh | hali: of what? |
| 10:57.23 | gregj | hali: you mean it supports postgresql, and not mysql ? (as in, it does proper db support) |
| 11:02.38 | ChoHag | Capgemini have sent around an email to all contractors here asking us what we're doing and who we're doing it for. |
| 11:10.07 | hali | gregj: not sure of all flavors, it's got very good oracle support at least |
| 11:10.44 | *** join/#gllug Leeds (~richardc@pcd424250.netvigator.com) |
| 11:11.32 | gregj | who cares about oracle. expensive, and not much value above free postgresql. |
| 11:11.49 | hali | depends what you do |
| 11:11.57 | hali | postgres replication is sort of shit |
| 11:12.18 | hali | the partitioning implementation is so so |
| 11:12.33 | hali | analytics / window functions are getting there but not great |
| 11:12.57 | hali | it's years ahead of mysql in most terms, don't get me wrong, im a big postgres fan |
| 11:13.54 | ChoHag | But does buying Oracle for those features cost more or less than the cost of a postgres admin who can work around the lack? |
| 11:15.45 | wethrin | Oracle has the reputation for being rock solid, fast, and Just Damn Well Working (if you pay enough for Orrible consultants to tickle it right) |
| 11:15.56 | wethrin | there's a reason it's still used a lot |
| 11:16.55 | hali | a postgres admin can work around the lack of some features, far from all |
| 11:17.01 | hali | plus oracle rac scability can't be beaten |
| 11:17.06 | hali | at least not on x86 kit |
| 11:18.10 | hali | ChoHag: aren't you temping on one of the biggest oracle installations in europe? :) |
| 11:18.23 | ChoHag | I think so. |
| 11:18.31 | ChoHag | Doesn't increase my love for Oracle any. |
| 11:18.50 | hali | oracle is pretty good for setups that require any type of regulatory control |
| 11:19.20 | hali | sarbanes oxley etc |
| 11:19.56 | hali | and i can't even start thinking how to backup a 5Tb postgres install |
| 11:21.05 | wethrin | zfs snapshot |
| 11:21.05 | wethrin | hth |
| 11:21.22 | hali | can you get that consistant? |
| 11:21.26 | hali | plus zfs is crap for most db loads |
| 11:21.34 | hali | but yes, storage level snapshots is probably the way togo |
| 11:21.43 | wethrin | For most DBs, just give it a raw disk and say "Have fun" |
| 11:32.33 | bilarh | this made me lol: http://news.bbc.co.uk/1/hi/business/8535374.stm |
| 11:40.53 | *** join/#gllug flips_and_rails (~stu@cv-kraken.cv.ic.ac.uk) |
| 12:02.56 | *** join/#gllug dick_turpin (~sales@2001:0:53aa:64c:c8e:25c:26dd:5ce1) |
| 12:03.31 | dick_turpin | Afternoon all |
| 12:08.23 | boudiccas | good afternoon dick_turpin |
| 12:09.01 | dick_turpin | boudiccas: Hi gorgeous :-* and "Up yours antiphase :P |
| 12:09.27 | wethrin | Play nicely! |
| 12:10.37 | dick_turpin | wethrin: Oi I'm the victim here |
| 12:12.34 | wethrin | oh no you're not! |
| 12:15.22 | dick_turpin | Oh yes I am (Do I get to say Eeze behind you next?) |
| 12:15.30 | *** join/#gllug gregj (~gj@pointblue.com.pl) |
| 12:15.46 | *** join/#gllug z00dax (~kbsingh@chakra.karan.org) |
| 12:15.54 | *** join/#gllug zeroXten (~zeroXten@0x10.co.uk) |
| 12:21.49 | dick_turpin | Has anyone used that Skimp http://sites.google.com/site/jeromeboismartel/news/ssh-key-management-with-skimp as per the post on the mailing list? I liked the screenshots couldn't find any for Puppet |
| 12:25.22 | AndyMillar | dick_turpin: surely the right solution is ldap? |
| 12:27.07 | AndyMillar | as you're encouraging users to log in as root |
| 12:27.24 | dick_turpin | AndyMillar: Shock Horror, I have no idea or experience. I just like databases be they CRM, CMS or whatever. |
| 12:27.30 | AndyMillar | which means you have root logins enabled |
| 12:27.39 | AndyMillar | which is bad (oh so bad (oh so very bad)) |
| 12:27.46 | dick_turpin | Yeah I thought root logins was discouraged? |
| 12:29.30 | AndyMillar | it is |
| 12:30.30 | z00dax | dick_turpin: you want screenshots for puppet ? |
| 12:30.43 | dick_turpin | I only have one possibly two boxes I ssh to I always login as normal user then su - |
| 12:30.50 | dick_turpin | z00dax: Please |
| 12:30.58 | z00dax | ponders |
| 12:31.31 | dick_turpin | z00dax: Just want to know what it looks like I'll never be in a position to use it |
| 12:31.41 | z00dax | let me try |
| 12:33.12 | dick_turpin | z00dax: Cheers |
| 12:33.29 | dick_turpin | wethrin: See z00dax can play nice :-P |
| 12:34.42 | *** join/#gllug gregj (~gj@pdpc/supporter/student/gregj) |
| 12:35.06 | AndyMillar | dick_turpin: you su -? that's also bad, sudo su ftw |
| 12:35.43 | dick_turpin | AndyMillar: Noooo I hate sudo big girls workaround ;-) |
| 12:42.56 | z00dax | dick_turpin: this is how one would 'manage' that authorized_keys file in puppet |
| 12:42.58 | z00dax | http://gist.github.com/314511 |
| 12:44.49 | z00dax | but rather than manage the 'file' one would in most cases, manage the key with something like this |
| 12:45.03 | z00dax | http://gist.github.com/314515 |
| 12:47.19 | z00dax | using this ( http://gist.github.com/314515 ) you can add and manage things in the .ssh/config file as well, its just a case of adding a snippet. |
| 12:47.22 | dick_turpin | z00dax: So is that a sort of 'Note' entry or can it 'do' anything? (Man this is hard over IRC) |
| 12:47.22 | z00dax | let me do one |
| 12:49.37 | z00dax | http://gist.github.com/314515 < -- now check |
| 12:50.25 | z00dax | dick_turpin: ok, so how this works is that you would write notes ( your word ) or manifests ( what puppet calls them ), to define various things. it would / could be services, what rpms or deb's are to be installed, what users should exist etc |
| 12:50.43 | dick_turpin | K |
| 12:50.44 | z00dax | once they are done - a 'puppet' client on the machine would pull its manifests from a server, and apply them |
| 12:50.57 | dick_turpin | Aha K |
| 12:51.34 | dick_turpin | Yeah I see now, manifests is a better term |
| 12:52.33 | dick_turpin | So do you set the 'Clients' to check at regular intervals to see if the manifests have changed then? |
| 12:54.30 | z00dax | http://gist.github.com/314524 |
| 12:54.48 | z00dax | take a look at that - its not the best way to achieve the same result, but i think its the clearest way to understand what is going on |
| 12:55.20 | z00dax | the dick_turpin.pp is the manifest, which defines the user, the users' homedirectory, the .ssh dir under there and then the authorized_keys file. |
| 12:55.40 | z00dax | i then run puppet for that file, and you can see what all it does |
| 12:55.43 | dick_turpin | K |
| 12:56.20 | z00dax | in terms of updates to manifests, I tend to run puppet from cron checking from the puppetmaster every 3 hrs for changes. if i need to run it more frequently, just login and run by hand |
| 12:56.39 | dick_turpin | Does it create all of that then? From notice: //User[dick_turpin]/ensure: created onwards? |
| 12:57.07 | z00dax | yes, its done all this the notice: is just to let you know :) |
| 12:57.11 | dick_turpin | K (Cron ect) |
| 12:57.34 | z00dax | lunches |
| 12:57.42 | dick_turpin | z00dax: Cheers |
| 12:59.59 | antiphase | Chef > puppet |
| 13:15.42 | dick_turpin | Hm, cfengine? looks a little bit like Nagios? I take it its a complete management tool as opposed to a single role management application |
| 13:18.54 | ChoHag | There's a protestor outside with a placard saying "Beware Betfair" |
| 13:19.28 | dick_turpin | ? |
| 13:21.37 | ChoHag | There's only one of him. |
| 13:24.27 | dick_turpin | Betfair - fraud hell-hole, beware! http://forums.moneysavingexpert.com/showthread.html?t=234974 |
| 13:28.06 | z00dax | antiphase: in some cases, but for many puppet > chef. but to be honest, chef does not solve enough issues to merit a migration from puppet |
| 13:28.29 | z00dax | new people starting out now, have the choice. Also bcfg2 and cfengine3 are still fairly decent options. |
| 13:29.42 | z00dax | wonder what the state of kokki is |
| 13:32.27 | dick_turpin | Please no more cant keep looking at all these solutions :-) |
| 13:32.54 | londo | z00dax: I have a feeling that your authorized_keys solution has TOCTTOU issues |
| 13:35.40 | z00dax | possible, i was doing something that would result in verbose puppet output, without --debug,which would explain what was going on |
| 14:35.18 | *** join/#gllug DiscordianUK (~ch@fedora/DiscordianUK) |
| 14:46.19 | dick_turpin | See you moan about people then your boss (Not CYB) comes in and hands you a CD "Is it porn?" no its a David Bowie live cd which I'm now listening to! \0/ |
| 14:49.16 | *** join/#gllug Armand (~me@host86-147-194-89.range86-147.btcentralplus.com) |
| 15:00.36 | *** join/#gllug gethoper (~asdf@119.212.8.100) |
| 16:17.34 | kjs | hi |
| 16:58.10 | *** part/#gllug dick_turpin (~sales@2001:0:53aa:64c:c8e:25c:26dd:5ce1) |
| 18:07.21 | *** join/#gllug Armand|Laptop (~me@host86-134-39-198.range86-134.btcentralplus.com) |
| 19:10.10 | *** join/#gllug DiscordianUK (~ch@fedora/DiscordianUK) |
| 19:42.21 | *** join/#gllug Armand|Laptop (~me@host86-137-209-228.range86-137.btcentralplus.com) |
| 20:14.26 | *** join/#gllug Armand (~me@host86-137-209-228.range86-137.btcentralplus.com) |
| 20:48.11 | *** join/#gllug londo__ (~georgiou@georgiou-1-pt.tunnel.tserv5.lon1.ipv6.he.net) |
| 21:22.48 | *** join/#gllug londo (~georgiou@82.133.49.59) |
| 21:25.05 | *** join/#gllug DiscordianUK (~ch@fedora/DiscordianUK) |
| 21:38.56 | *** join/#gllug stu_ (~stu@dyn1241-34.vpn.ic.ac.uk) |
| 21:46.09 | *** join/#gllug DiscordianUK (~ch@fedora/DiscordianUK) |
| 23:35.19 | *** join/#gllug DiscordianUK (~ch@fedora/DiscordianUK) |
| 23:46.19 | *** join/#gllug Leeds (~richardc@pcd424250.netvigator.com) |