Web   ·   Wiki   ·   Activities   ·   Blog   ·   Lists   ·   Chat   ·   Meeting   ·   Bugs   ·   Git   ·   Translate   ·   Archive   ·   People   ·   Donate

#olpc-paraguay, 2011-06-03

 « Previous day | Index | Today | Next day »     Channels | Search | Join

All times shown according to UTC.

Time Nick Message
08:12 tch has left #olpc-paraguay
14:18 car|0s <car|0s!~carlos@mail.paraguayeduca.org> has joined #olpc-paraguay
14:59 tch <tch!~tch@> has joined #olpc-paraguay
14:59 car|0s has quit IRC
15:19 satellit__ has quit IRC
16:14 Ignacio <Ignacio!~webchat@jita.sugarlabs.org> has joined #olpc-paraguay
16:14 Ignacio hi!
16:18 Ignacio has left #olpc-paraguay
17:21 car|0s <car|0s!~carlos@mail.paraguayeduca.org> has joined #olpc-paraguay
17:23 car|0s has quit IRC
17:25 car|0s <car|0s!~carlos@mail.paraguayeduca.org> has joined #olpc-paraguay
18:13 crodas has quit IRC
18:21 crodas <crodas!~crodas@li68-113.members.linode.com> has joined #olpc-paraguay
18:23 crodas has quit IRC
18:23 crodas <crodas!~crodas@li68-113.members.linode.com> has joined #olpc-paraguay
18:28 car|0s has quit IRC
18:56 car|0s <car|0s!~carlos@mail.paraguayeduca.org> has joined #olpc-paraguay
19:15 car|0s has quit IRC
19:17 car|0s <car|0s!~carlos@mail.paraguayeduca.org> has joined #olpc-paraguay
21:29 car|0s has quit IRC
22:08 car|0s <car|0s!~carlos@host-15-236.a15.cmm.com.py> has joined #olpc-paraguay
22:19 car|0s alsroot, ping
22:19 alsroot car|0s: pong
22:19 car|0s tch, wanna work?
22:20 alsroot car|0s: sure
22:20 car|0s let me log in to servers
22:34 alsroot, sorry for the delay, i didnt have my keys here
22:36 tch car|0s: make you the client is properly authenticated , or if requires more than 1 authentication step
22:37 car|0s http://fpaste.org/fpZh/
22:38 alsroot car|0s: it is on the same client?
22:39 car|0s yes
22:39 thats part of the latest log
22:39 the one just before leaving the office
22:39 do you need full log?
22:40 alsroot car|0s: just grep it for "squid-xs.conf"
22:40 car|0s [cgaray@schoolserver ~]$ cat log3 | grep squid-xs.conf
22:40 debug: //Node[base]/squid/File[/etc/sq​uid/squid-xs.conf.in]/require: requires Package[squidGuard]
22:40 debug: //Node[base]/squid/Exec[/usr/local/bi​n/puppet-xs-squid-reconf]/subscribe: subscribes to File[/etc/squid/squid-xs.conf.in]
22:40 err: //Node[base]/squid/File[/et​c/squid/squid-xs.conf.in]: Failed to retrieve current state of resource: Could not find server puppet Could not describe /configs/squid-xs.conf.in: Could not find server puppet at /etc/puppet/manifests/site.pp:269
22:40 notice: //Node[base]/squid/Exec[/usr/loc​al/bin/puppet-xs-squid-reconf]: Dependency file[/etc/squid/squid-xs.conf.in] has 1 failures
22:40 debug: //Node[base]/squid/File[/etc/sq​uid/squid-xs.conf.in]/require: requires Package[squidGuard]
22:41 debug: //Node[base]/squid/Exec[/usr/local/bi​n/puppet-xs-squid-reconf]/subscribe: subscribes to File[/etc/squid/squid-xs.conf.in]
22:41 alsroot car|0s: it is after removing "server=" ?
22:41 car|0s yes
22:42 /usr/sbin/puppetd --no-daemonize --debug --verbose 2>&1 >log3
22:42 alsroot car|0s: so, you need to figure out why some clients either don't have resoling for "puppet" or don't have "server=" directives
22:43 car|0s i think is because when you run it not as a daemon, it doesnt take /etc/sysconfig/puppet where server= mothership is
22:44 alsroot car|0s: yeah, then you can recheck it
22:44 car|0s can you pass as a parameter a specific conf file?
22:45 alsroot car|0s: dunno, check `puppet --help`
22:46 car|0s /usr/sbin/puppetd --server mothership.caacupe.paraguayeduca.org --no-daemonize --debug --verbose 2>&1 >log3
22:47 you can specify puppetmaster
22:52 debug: Using cached node for schoolserver.escuela484.caacupe.paraguayeduca.org
22:52 debug: mount[configs]: Listing /configs/oruga/5memoria.swf for schoolserver.escuela484.caacupe.paraguayeduca.org
22:52 debug: Allowing authenticated client schoolserver.escuela484.caacupe.p​araguayeduca.org( access to fileserver.describe
22:52 now it seems to be going
22:52 <bernie> sorry, not around
22:52 <bernie> savannah.gnu.org is down
22:52 jajaja
22:52 he is also busy
22:52 beer mode: enable
22:52 cat log4 | grep squid-xs.conf
22:52 debug: mount[configs]: Describing /configs/squid-xs.conf.in for schoolserver.escuela484.caacupe.paraguayeduca.org
22:52 client side
22:53 cat log3 | grep squid-xs.conf
22:53 debug: //Node[base]/squid/Exec[/usr/local/bi​n/puppet-xs-squid-reconf]/subscribe: subscribes to File[/etc/squid/squid-xs.conf.in]
22:53 debug: //Node[base]/squid/File[/etc/sq​uid/squid-xs.conf.in]/require: requires Package[squidGuard]
22:53 server side
22:53 Package squidGuard-1.4-2.fc9.i386 already installed and latest version
22:54 alsroot car|0s: ok, then master crash is suspected only. you need to get the core
22:55 car|0s yes, right now is running fine
22:56 debug: //Node[base]/squid/File[/var/squidGuard/​blacklists/blacklists/porn/expressions]: Autorequiring File[/var/squidGuard/blacklists/blacklists/porn]
22:56 notice: Finished catalog run in 273.98 seconds
22:58 # added for Paraguay
22:58 url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
22:58 /etc/squid/squid-xs.conf.in
22:58 it did get the line that is needed but is not yet applied to conf
22:59 alsroot puppet client finished its work?
22:59 car|0s yep
22:59 Finished catalog run in 273.98 seconds
23:01 alsroot car|0s: try to add noise to /etc/squid/squid-xs.conf.in on client and run pupet once more. maybe you aborted puppet somewhere (or due to crash) and it didn't finish its work (though I'm not sure)
23:01 car|0s debug: Allowing authenticated client schoolserver.escuela484.caacupe.p​araguayeduca.org( access to puppetmaster.getconfig
23:01 debug: Our client is remote
23:01 info: Expiring the node cache of schoolserver.escuela484.caacupe.paraguayeduca.org
23:01 info: Not using expired node for schoolserver.escuela484.caacupe.paraguayeduca.org from cache; expired at Fri Jun 03 19:11:15 -0400 2011
23:01 info: Caching node for schoolserver.escuela484.caacupe.paraguayeduca.org
23:01 debug: Puppet::Type::Package::ProviderRpm: Executing '/bin/rpm --version'
23:01 debug: Puppet::Type::Package::ProviderAptrpm: Executing '/bin/rpm -ql rpm'
23:01 debug: Puppet::Type::Package::ProviderYum: Executing '/bin/rpm --version'
23:01 debug: Puppet::Type::Package::ProviderUrpmi: Executing '/bin/rpm -ql rpm'
23:01 debug: Class 'base' already evaluated; not evaluating again
23:01 do you think is posible that a "base" class is in cache and says that it did run somethings already
23:01 ?
23:02 alsroot car|0s: it just caching puppet code and it does not relate to resources
23:03 car|0s so, if i remove a package, it should install it again?
23:04 alsroot car|0s: if puppet code is checking that package, then yes
23:04 car|0s would it be useful if i give you access to client?
23:06 alsroot car|0s: actually there is no need, it might be just puppet intermediate glitches. just change /etc/squid/squid-xs.conf.in contnet so puppet will have to update it, and run puppet client
23:06 car|0s ok
23:09 debug: //Node[base]/squid/Package[squidGuard]: Changing ensure
23:09 debug: //Node[base]/squid/Package[squidGuard]: 1 change(s)
23:09 debug: Package[squidGuard](provider=yum): Ensuring => present
23:09 debug: Puppet::Type::Package::ProviderYum: Executing '/usr/bin/yum -d 0 -e 0 -y install squidGuard'
23:09 i also removed the package
23:10 i think i know why master crashes
23:10 too many clients runs at the same time
23:11 right now it received request from many schools
23:11 debug: //Node[base]/squid/File[/et​c/squid/squid-xs.conf.in]: File does not exist
23:11 debug: Calling fileserver.describe
23:11 debug: //Node[base]/squid/File[/et​c/squid/squid-xs.conf.in]: Changing ensure
23:11 debug: //Node[base]/squid/File[/et​c/squid/squid-xs.conf.in]: 1 change(s)
23:11 debug: Calling fileserver.retrieve
23:11 notice: //Node[base]/squid/File[/etc/s​quid/squid-xs.conf.in]/ensure: created
23:11 info: //Node[base]/squid/File[/et​c/squid/squid-xs.conf.in]: Scheduling refresh of Exec[/usr/local/bin/puppet-xs-squid-reconf]
23:12 now it trigger the reconf
23:12 yey, it worked
23:12 # added for Paraguay
23:12 url_rewrite_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
23:12 the line needed is now present
23:13 removing squidGuard.conf.in did the trick
23:13 alsroot car|0s: so it was just not completed client's work
23:14 car|0s some glitch in the middle made client think it was complete
23:14 need to check more xs
23:15 maybe reconf isnt triggered when .conf.in is updated, but rather when is createad
23:15 sorry, english isnt my native tongue
23:15 i guess you can relate
23:16 [root@schoolserver cgaray]# ps -e | grep squid
23:16 11796 ?        00:00:00 squid
23:16 11798 ?        00:00:01 squid
23:16 11800 ?        00:00:00 squidGuard
23:16 11801 ?        00:00:00 squidGuard
23:16 11802 ?        00:00:00 squidGuard
23:16 11803 ?        00:00:00 squidGuard
23:16 11804 ?        00:00:00 squidGuard
23:16 now is running
23:17 alsroot car|0s: dunno, I'm not aware how puppet works under the hood
23:17 car|0s but is something to keep in mind
23:17 if you are planning to use in other deployment
23:17 alsroot car|0s: for me, puppet is not the right tool for updating XSs in the field :)
23:18 car|0s what would you use?
23:18 this is dsd cooking
23:18 i was not around when they set this up
23:19 tch,^^
23:19 alsroot car|0s: I didn't yet thinking in particular (but will do), just having not reliable connectivity w/ XSs makes puppet too fragile
23:19 car|0s +1
23:21 would you like to check something on xs now?
23:22 alsroot car|0s: what do you mean?
23:22 car|0s i thought you would like to work on xs devel
23:22 maybe i can help
23:23 or do you have everything you needed from the wiki?
23:24 alsroot car|0s: in fact I'm interesting to know everying about current workflow regarding XS and mothership
23:24 car|0s im all yours
23:24 what do you need?
23:25 alsroot car|0s: whats you regular work for XS+mothership (except checking if puppet does its work properly :)
23:25 car|0s well.. its basically that
23:25 checking if everything is doing what is supossed to
23:26 plus, signing new certificates
23:26 when new xs are installed
23:26 for monday i have to reinstall 3 xs
23:26 hd died
23:27 hot + humidity + dust = not good for computers
23:27 xs should have a dust prove case
23:27 alsroot car|0s: for signing certs you do http://wiki.paraguayeduca.org/[…].php/Hacer_leases ?
23:28 car|0s rural schools doesnt treat them well
23:28 nope
23:28 thats for generating leases
23:28 whenever new laptops are added to "inventario"
23:28 then, they are updated
23:29 alsroot btw, is there any doc for what inventario does?
23:30 car|0s http://wiki.paraguayeduca.org/[…]p/Servidor#Puppet
23:30 Then on the mothership, sign the certificate for the new server
23:30 ssh mothership.caacupe.paraguayeduca.org
23:30 sudo su -
23:30 puppetca --list
23:30 puppetca --sign escuela40.caacupe.paraguayeduca.org
23:30 thats it for signing
23:31 http://wiki.paraguayeduca.org/[…]entario_manual/en
23:31 alsroot got it, I was thinking about OLPC stuff not about puppet
23:32 but what about leases, do you generate them by hands?
23:32 car|0s well, inventario and puppet are not a part of olpc stuff
23:32 1 time
23:33 you generate leases running a script on mothership
23:33 and then mthsp keep updating them
23:33 whenever they expire
23:33 checking with inventario is the laptop hasnt been reported as "stolen" or "lost"
23:35 <alsroot> car|0s: whats you regular work for XS+mothership (except checking if puppet does its work properly :)   >>>> it seem weird... doesnt have a closing )
23:35 alsroot car|0s: and after that you regenerate all leases?
23:36 car|0s nope.. mothership does
23:36 alsroot car|0s: where can I find mothership and inventario sources?
23:38 car|0s http://git.paraguayeduca.org/gitweb/
23:39 i dont think mothership is there ...
23:39 alsroot too
23:40 car|0s mothership is very hack.. i didnt find to much documentation on it
23:41 alsroot car|0s: is it just a bunch of scripts?
23:41 car|0s but is basically olpc-crypto + puppetmaster
23:41 i think so
23:41 i think i can make a image of the vm, delete our keys, and give it to you
23:42 alsroot car|0s: thanks, that will be useful
23:42 car|0s i have to do it anyways for backups purposes
23:43 its about 5g image
23:43 alsroot car|0s: ok, except mothership. how do you install new XSs at schools, do you just clonning it or do regular install from isos?
23:43 car|0s i was tempted to invite you over, but i have some construction work being done at home, so everything is a mess right now
23:44 iso install
23:44 point puppet to mothership and thats it
23:44 setting hostname and ip from isp
23:44 alsroot car|0s: are all XS the same or there are special conf for particular shools?
23:45 car|0s all the same
23:45 only users upload varies from xs to xs
23:46 i saw your input on xs-devel list..
23:46 the wishlist from olpc-nepal is halfway done in py
23:46 moving to fc15 is a must
23:47 alsroot in that case just trying to figure out what was done in all XS deployments
23:47 car|0s there was a lot of work done in several deployments, each has its own needs
23:48 but almost no work was push upstream
23:48 basic xs from olpc focus to much on moodle, we dont use it
23:48 alsroot car|0s: yeah, thats not useful at the end. though I guess the problem is in how it was orginized in upstream
23:49 car|0s and something i didnt see in other deployment
23:49 was squidguard..
23:49 porn is a big issue at schools
23:50 it can turn the community against a deployment
23:51 alsroot car|0s: btw are you happy w/ current content filter software?
23:51 car|0s an something i heard the other day at caacupe> four parents return the xo given to their children because it speaks to them
23:52 they were refering to robot activity> they tought it would make their children crazy by speaking to a machine
23:52 alsroot remember that bernie said at edujam about something different to what is being used here
23:52 car|0s about content filtering> is best effort policy
23:53 we use several list + list of our own
23:53 but you cannot filter everything
23:54 alsroot car|0s: how intensive the flow of new data is for mothership<->XSs?
23:54 car|0s if you filter some obvious sites, then children get the notion that content is being filtered and stop trying
23:54 mainly, new leases
23:54 only during new xs install is intensive
23:55 alsroot car|0s: new leases and filetering related updates?
23:55 car|0s not sure.. never tested if list are being updated
23:56 maybe when im not putting out fires will get to check
23:56 alsroot car|0s: np
23:57 car|0s isp related issues are everyday problems
23:57 teachers and children complain more heavily about not being able to use internet
23:57 alsroot car|0s: what do you mean?
23:57 car|0s disconnections, bandwith limit reached, etc
23:58 alsroot car|0s: and how do you fix problems, ssh to this particular server and tries to figure out what the problem is?
23:58 car|0s im planning on deploying munin trough puppet for monitoring
23:59 yep
23:59 right now you need minimal admin skills to diagnose
23:59 guess it would be a problem for non linux users

 « Previous day | Index | Today | Next day »     Channels | Search | Join

Powered by ilbot/Modified.