wdennis
2017-10-02 16:46
@greg If one has requests for future functionality, open an issue on GitHub?

shane
2017-10-02 16:48
@wdennis - yep - just open a new "issue" and `Label` it appropriately (eg "enhancement", "bug", etc) https://github.com/digitalrebar/provision/issues/new

wdennis
2017-10-02 16:51
I don't think this functionality exists, but - is there any flags / tags / indicators that a given node is undergoing a DRP reinstall (workflow), and/or event generated when the node re-registers with DRP and changes the bootparam to "local" when finished?

wdennis
2017-10-02 16:53
Use case is that I'm doing reinstalls to remote nodes where there is no remote console access, and I'd like confirmation that the node is undergoing reinstall by DRP (confirm the PXE boot and installer kickoff) and would like a notification when the process completes

wdennis
2017-10-02 17:04
@shane ^^^ do you know?

shane
2017-10-02 17:06
are you just looking for a visual clue ?

shane
2017-10-02 17:07
the UI shows the current BootEnv on the Machines page - you can also get this via the drpcli machines command for the given machine you want to reference

shane
2017-10-02 17:07
you can also use the events from the websockets - in the API this is the "Announce" bullhorn icon in upper left corner

praful
2017-10-02 17:17
has joined #community201710

shane
2017-10-02 17:18
welcome @praful

praful
2017-10-02 17:19
Thanks

shane
2017-10-02 17:26
@wdennis - you can get additional logging information from the `dr-provision` binary itself via a couple of ways (which would include the API calls you might be interested in): * in production mode - systemd logging of events will catch the API calls * in isolated mode - you have to redirect stdout to a file (as opposed to running `dr-provision` in foreground * the slack plugin can also catch the websocket events - and you can push them to specific slack channel

shane
2017-10-02 17:37
@wdennis - if you wanted to watch a given machine - you can use the 'drpcli machines wait ... ` drpcli to "wait" until a given field to change to a given value ... for example - if you wanted to watch for a "BootEnv" change to "local" (meaning it transitioned from a previous BootEnv), do something like: ```drp machines wait <machine_uuid> BootEnv local```

zehicle
2017-10-02 17:50
@wdennis that was the goal w/ the overview page w/ stages. That's what stages do. it's also subscribed to the websocket, so no refresh required

zehicle
2017-10-02 17:51
you're looking for a machine stage going back to "complete" or "complete-nowait"

zehicle
2017-10-02 17:51
I think we've been demoing this function 1x1 but there's no video yet

wdennis
2017-10-02 18:41
@shane Yes, I've been refreshing the machines page in the UI and waiting for the bootenv to change to 'local'...

wdennis
2017-10-02 18:42
But when I was doing the IPMI reboot, I was wishing for some visual indication that the node had started the PXE/reinstall process

wdennis
2017-10-02 18:43
(Anotherwords, had contacted the DRP server and PXE-booted from it)

wdennis
2017-10-02 18:43
Hard to know which no console access what is going on...

wdennis
2017-10-02 18:46
@zehicle I am very interested in docs / vid howtos on the new workflow / stages / tasks / jobs UX functionality

zehicle
2017-10-02 18:59
the terraform demo shows stages - not the primary part of the demo, but you'll see it there

zehicle
2017-10-02 18:59
it's on my short list to do

shane
2017-10-02 19:00
stages are also shown (again - indirectly) in the 5min-drp video as well

zehicle
2017-10-02 19:00
:slightly_smiling_face:

zehicle
2017-10-03 02:02
@wdennis I did a quick video (ok, it ended up being 20 minutes) of using the stages workflow.

zehicle
2017-10-03 02:02

wdennis
2017-10-03 02:09
Thanks, @zehicle !

zehicle
2017-10-03 02:11
the workflow requires the RackN stages/bootenvs because those include tasks.

wdennis
2017-10-03 02:12
BTW, on rebar.digital site, the Starting > Documentation (icon) > Documentation (link) is broken - goes to a readthedocs "pages does not exist yet" page...

wdennis
2017-10-03 02:12
And PDF docs is v3.0.1

wdennis
2017-10-03 02:41
So was trying to pick up the RackN "os-discovery" content pack, but when I try to transfer it, am getting this error:


shane
2017-10-03 02:42
```New layer violates key restrictions: keysCannotBeOverridden: sledgehammer is already in layer 0 keysCannotOverride: sledgehammer would be overridden by layer 0 keysCannotBeOverridden: discovery is already in layer 0 keysCannotOverride: discovery would be overridden by layer 0```

shane
2017-10-03 02:42
yep

wdennis
2017-10-03 02:42
I believe it's b/c I upgraded from v3.0 and already had s'hammer

shane
2017-10-03 02:42
it's a conflict with multiple content packs providing some of the same content types

wdennis
2017-10-03 02:43
Trying to follow @zehicle 's new vid, and I think I need that to get proper stages

shane
2017-10-03 02:43
yes - you do need it for stages

wdennis
2017-10-03 02:44
So, do I need to delete something(s) so I then can get the content pack?

shane
2017-10-03 02:45
I believe you have to destroy the existing content that conflicts - but this brings up a larger issue we need to sort out internally -- with the content packs and conflicting names

zehicle
2017-10-03 02:47
if you have pre-existing items with overlapping names, the content will not install.

zehicle
2017-10-03 02:47
unless it from the same content

wdennis
2017-10-03 02:48
I've been running DRP since v3.0.1 and have upgraded my way to v3.1

wdennis
2017-10-03 02:49
So any way to resolve at present?

wdennis
2017-10-03 02:51
Or, I only have two custom profiles that I use - can I export them, nuke my current DRP isolated tree, and re-install then import my profiles?

zehicle
2017-10-03 02:51
assuming you are taking a backup before trying anything....

zehicle
2017-10-03 02:52
you may be able to just delete the conflicting items

wdennis
2017-10-03 02:52
Oh sure

zehicle
2017-10-03 02:52
which are from community content anyway

wdennis
2017-10-03 02:55
Is it the s'hammer ISO and the discovery bootenv?

zehicle
2017-10-03 02:55
ISO should be fine. it's the bootenvs

zehicle
2017-10-03 02:55
discovery & sledgehammer. It's in the message you posted

wdennis
2017-10-03 02:56
Ah, I see there's a s'hammer bootenv as well

wdennis
2017-10-03 02:56
Ok

zehicle
2017-10-03 02:56
need to get that content preview page working.

wdennis
2017-10-03 02:57
The UX is really coming along nicely :)

wdennis
2017-10-03 02:57
It's fun to log in and see changes every day

zehicle
2017-10-03 03:01
thanks!

wdennis
2017-10-03 03:05
Hmmm, looks like trying to delete 'discovery' and 'sledgehammer' bootenvs from UX not working...



zehicle
2017-10-03 03:06
do you have machines using those bootenvs?

wdennis
2017-10-03 03:06
Ah, yes I do...

wdennis
2017-10-03 03:06
(No error thrown?)

zehicle
2017-10-03 03:07
it may eat the error incorrectly.

zehicle
2017-10-03 03:07
that would be a bug to log.

wdennis
2017-10-03 03:07
No wait, they are all right now set to 'local'

wdennis
2017-10-03 03:08
But the defaults in system prefs used them

wdennis
2017-10-03 03:09
I've changed this to other bootenv's temp, let's see now...

wdennis
2017-10-03 03:09
Yup, that was it

wdennis
2017-10-03 03:10
Ok, cool, got the updated ones from the content pack now

wdennis
2017-10-03 03:11
Along with the stages

wdennis
2017-10-03 03:13
Hmmm, but now the new bootenvs can't be selected in the Global Setup system pref's...

shane
2017-10-03 03:14
I believe you need to make sure the BootEnvs are fully functional first - eg make sure the ISOs are loaded

shane
2017-10-03 03:15
go to the BootEnvs page and make sure each bootenv is "check" (ok) - not X (bad)

wdennis
2017-10-03 03:15
Ah, they are "X"'d

wdennis
2017-10-03 03:17
So, have to move the sledgehammer-___.tar file into place in the file system?

shane
2017-10-03 03:17
if you're sure it's the latest - you can move it to the tftpboot/isos/ directory

shane
2017-10-03 03:17
or use the `drpcli bootenvs uploadiso sledgehammer` command

wdennis
2017-10-03 03:18
That will get it from the 'net?

shane
2017-10-03 03:18
that'll pull a fresh/latest copy from the rackn repo

shane
2017-10-03 03:19
yes - you can run it on your laptop to pull-from-net-to-your-laptop-then-push-to-your-endpoint

shane
2017-10-03 03:19
or you can run direct from endpoint if your DRP endpoint has inter-tubes access

wdennis
2017-10-03 03:19
It does, and am doing it now...

shane
2017-10-03 03:20
same thing for any of the other BootEnvs you may need/want to pull in - for example `drpcli bootenvs uploadiso centos-7.3.1611-install` (note the lack of the `ce-` prefix - making this a RackN distributed ISO image)

wdennis
2017-10-03 03:21
Yes, :+1::skin-tone-2:

wdennis
2017-10-04 01:23
DR folk, if I scp a ISO into tftpboot/isos/ then the DRP system will pick up on it and mark the bootenv as :white_check_mark:

wdennis
2017-10-04 01:24
??

wdennis
2017-10-04 01:24
My `drpcli bootenvs uploadiso ...` is timing out

shane
2017-10-04 01:27
do you have the endpoint/username/password set to point to your DRP Endpoint correctly ?

shane
2017-10-04 01:29
...but to answer your question ... yes, wget/curl/scp/rsync/whatever an ISO to the `tftpboot/isos/`

wdennis
2017-10-04 01:30
I mean it works (I see the bits being pulled if I do an `iftop`) but it eventually times out

shane
2017-10-04 01:30
directory - then kill w/ HUP signal the DRP server (eg `killall -s HUP dr-provision`)

shane
2017-10-04 01:30
this will force it to re-read directories and explode the iso

shane
2017-10-04 01:30
IPtables rules ... :wink:

wdennis
2017-10-04 01:31
It fails with the message `Error: Error uploading <foo>.iso: context deadline exceeded`

shane
2017-10-04 01:32
we have seen that - and it's an incorrect timing bug - if the DRP endpoint is just a tiny bit slow responding

shane
2017-10-04 01:32
@greg is aware of this one

wdennis
2017-10-04 01:32
It did it multiple times yesterday eve trying to get the ubuntu 16.04 ISO

shane
2017-10-04 01:33
you can avoid this by running the drpcli command directly on your Endpoint, or downloading the ISO via the URL and dropping it (with correct name) in to the tftpboot/isos/ directory

wdennis
2017-10-04 01:34
I did run the drpcli on the endpoint?

shane
2017-10-04 01:34
DRP does need a kick in the pants to re-read the isos directory to recognize the ISO showing up (eg the HUP signal)

shane
2017-10-04 01:34
ok - only solution I have for you right now is the DL into the isos directory - that will work

wdennis
2017-10-04 01:35
SO the correct path (on isolated) is `./drp-data/tftpboot/isos` correct?

shane
2017-10-04 01:35
yep exactly

wdennis
2017-10-04 01:35
Cool

shane
2017-10-04 01:36
you can pull the URL path from the bootenv spec if you need it

shane
2017-10-04 01:37
for example `drpcli bootenvs show ubuntu-16.04-install | jq '.OS.IsoUrl'`

shane
2017-10-04 01:37
```[root@5min-drp-ewr1-00 isos]# drpcli bootenvs show ubuntu-16.04-install | jq '.OS.IsoUrl' "http://mirrors.kernel.org/ubuntu-releases/16.04/ubuntu-16.04.3-server-amd64.iso"```

shane
2017-10-04 01:38
or .... `wget $(drpcli bootenvs show ubuntu-16.04-install | jq -r '.OS.IsoUrl') && killall -s HUP dr-provision`

wdennis
2017-10-04 01:38
nice :slightly_smiling_face:

wdennis
2017-10-04 01:38
UNIX FTW

shane
2017-10-04 01:38
hell yeah baby !!

shane
2017-10-04 01:39
if you're watching the dr-provision output, you'll see something like: ```dr-provision2017/10/04 01:39:02.048432 Reloading data stores... dr-provision2017/10/04 01:39:17.612217 Reload Complete```

shane
2017-10-04 01:39
the first step takes a short bit as it explodes the ISO and stages the bits

wdennis
2017-10-04 01:42
Just +1'd https://github.com/digitalrebar/provision/issues/437 ? need to clean out the older Ubuntu 16.04.2 ISO + tree now that DRP has moved up to using 16.04.3

shane
2017-10-04 01:43
oye! ...recognize that one... :slightly_smiling_face:

wdennis
2017-10-04 01:44
@shane Any idea if DRP will eventually do some sort of node hardware inventory via sledgehammer? (I think DRv2 did this)

shane
2017-10-04 01:44
what's your use case for that ? the short answer is quite probably ... but what exactly do you mean ?

shane
2017-10-04 01:44
inventory out to ... some 3rd party CMS/CMDB ?

wdennis
2017-10-04 01:46
I?d love it if, for instance, you have a pool of available hw in DRP that you could pass hardware requirements for a deployment, such as minimum node memory, # vCPUs, availability of GPUs, ?

wdennis
2017-10-04 01:47
I think of the ?facts? that something like Ansible `setup` module returns (more than DRP needs, but has most of the relevant hw details)

wdennis
2017-10-04 01:47
If they could be set as node properties

shane
2017-10-04 01:48
we have some nascent ansible inventory export capabilities that @zehicle has been momming along

wdennis
2017-10-04 01:48
Yes, have see that, very cool

wdennis
2017-10-04 01:49
But what I?m thinking of I don?t want to tie into Ansible (or Puppet/Chef/whatever)

shane
2017-10-04 01:49
this can also be done in a roll-your-own fashion by applying parameters to `machines` and then you can build your own DevOps/CfgMgmt tooling that can query the DRP API to get a list of ready-state machines ... but right now that is definitely possible only with a bit of hand polishing

shane
2017-10-04 01:50
(amending that to read: "ready-state machines with specific parameters ... ")

wdennis
2017-10-04 01:50
It would be cool if the post-install routine of s?hammer that registers the node in DRP could also set some parameters as to hardware characteristics

shane
2017-10-04 01:52
definitely possible with a little polish on your own with use of stages - you could write your own `stage` that calls a `task` to register a set of `parameters` back to DRP ... that's the nice thing about the stages/stage map solution

shane
2017-10-04 01:53
it's relatively easy to inject new steps in the process

wdennis
2017-10-04 01:53
Hmmm? interesting

shane
2017-10-04 01:53
the `task` would simply collect inventory for you, presumably right after the `discover` stage

shane
2017-10-04 01:54
it could report back to an External Node Classifier (ENC), or to register specific params to DRP (essentially making it a poor-mans ENC)

shane
2017-10-04 01:54
after discovery - you can do a wait .... or you could do a burn-in workload .... or you could do a full install ... just depends how you want to piece together the stage map

shane
2017-10-04 01:55
for your process and workflow

shane
2017-10-04 01:56
I'd suggest that an ENC is a better thing to use for collecting inventory and asset data for re-use, but once a `machine` is registered, there's nothing stopping you from applying `parameters` to that machine which future jobs can pick up on and utilize

shane
2017-10-04 01:57
it's certainly a valid use case to place discovered machines in to some sort of "ready-state" that shows they've been discovered, verified, and classified some how

wdennis
2017-10-04 01:57
ENC is a new concept to me ? found http://reclass.pantsfullofunix.net which is an interesting example which I shall explore?

shane
2017-10-04 01:57
yeah - reclass is really cool - but unfortunately, I think it's fallen out of maintenance in the last 2 years or so ...

shane
2017-10-04 01:58
I've pinged Martin (the author) of that recently to get a feel for the status of it, but so far, haven't gotten a response from him

shane
2017-10-04 01:58
though that was only a few days ago .... :slightly_smiling_face:

shane
2017-10-04 01:59
reclass is interesting because there are integrations for ansible/puppet/saltstack making it relatively ubuquitous

wdennis
2017-10-04 02:00
Yeah, I see what you mean from the GH insights graphs

wdennis
2017-10-04 02:09
OK, that worked :slightly_smiling_face:

shane
2017-10-04 02:09
woot !!

shane
2017-10-04 02:10
@wdennis...gotta roll, the Mrs. is home and we're going to go grab some chow - any other burning issues ?

wdennis
2017-10-04 02:10
Got the DR-provided `os-discovery` and `os-linux` content packs transferred and all objects :white_check_mark:

shane
2017-10-04 02:10
awesome

wdennis
2017-10-04 02:10
No, thx again for your assistance!

shane
2017-10-04 02:11
no prob - feel free to ping us if anything else comes up ... I'll take a look at it when I get back

wdennis
2017-10-04 02:11
Kewl - enjoy dinner

wdennis
2017-10-04 03:15
FYI, brought up a new DRP endpoint on Packet; transferred content packs, did `drpcli bootenvs uploadiso [discovery,ubuntu-16.04-install,centos-7.3.1611-install]`, all of the bootenvs uploaded were :white_check_mark:, but when I checked Stages, the stages depending on those bootenvs were still :x:

wdennis
2017-10-04 03:16
Had to HUP dr-provision to get them to go :white_check_mark:

shane
2017-10-04 03:58
:slightly_smiling_face: yep - stages has a small bug; the state of the bootenv/tasks/etc. they rely on do not get re-evaluated correctly ... so you have to HUP, or remove content/re-install content after installing the stages - known issue, and on the radar to get fixed ASAP

shane
2017-10-04 03:58
I believe @greg is on this one too

shane
2017-10-04 04:01
@wdennis - just checked with our feature plans; and it looks like we have inventory parameter feedback on the roadmap for pushing inventory items back during discover or similar stage. If there are specific elements you are looking for that would be useful, please share them in an enhancement ticket so we can consider capturing those as enhancements for 3.2 or 3.3

wdennis
2017-10-04 04:05
Will do

wdennis
2017-10-04 04:06
Replicated @zehicle?s Workflow vid using my Packet account, pretty damn cool?

shane
2017-10-04 04:06
yep - packet is nifty

wdennis
2017-10-04 04:07
Jealous of their bare metal speeds :flushed:

shane
2017-10-04 04:07
yeah, they have some really nice SSD hardware in them - I know the type2's are running the Samsung PRO models - super fast

wdennis
2017-10-04 04:09
I will open an enhancement issue on GH for the inventory parameter stuff - was thinking CPU type / family, RAM amount, NIC speed, GPU presence

greg
2017-10-04 04:18
Nic speed is a little tricky. Usually a range. Usually list max capable? Similar with GPU because of driver support. Lspci or lshw can report them. I?m still thinking

shane
2017-10-04 04:20
```[root@5min-drp-ewr1-00 tftpboot]# ethtool enp0s20f0 | grep Speed: Speed: 2500Mb/s```

shane
2017-10-04 04:21
`ethtool` will almost always reliably return the actual link speed, along with other things like supported speeds

greg
2017-10-04 04:21
I?ve found that isn?t always good because it relies on phy state

greg
2017-10-04 04:22
Better than nothing

shane
2017-10-04 04:22
true - but ...

shane
2017-10-04 04:22
exactly what I was going to say

greg
2017-10-04 04:24
In dr we had a ruby wrapper on some ioctls that got the max bits from the driver. It was fine until we got 40gb adapters and blew our code up. Moving targets and all that

shane
2017-10-04 04:25
...and it looks like http://packet.net is doing something interesting with BW on the NIC on the switch side to set it at 2.5 Gbps

shane
2017-10-04 04:25
maybe a single 10 GBps NIC shared via 4 nodes ? something goofy with the Atom hardware

shane
2017-10-04 04:25
(type0)

greg
2017-10-04 04:26
Yeah. Shared nic backplane?

shane
2017-10-04 04:26
something like that

zehicle
2017-10-04 20:29
ALL - we're officially starting the Beta program around the RackN UX and advanced content. If you've registered for the RackN site (it's NOT required to use the UX) then you're in the Beta.

zehicle
2017-10-04 20:30
We could use help spreading the word about the project and what we're doing to advance physical ops. If you are inclined, please tag @digitalrebar on social media and say good things about the project. It will help us build a community and sustain the project.

zehicle
2017-10-04 20:30
Thanks!

chermack
2017-10-04 21:13
advanced content or advanced packages?

zehicle
2017-10-04 21:17
Same thing.

wdennis
2017-10-05 03:27
@zehicle done

greg
2017-10-05 15:46
@wdennis - how do you check for and enumerate GPUs?

wdennis
2017-10-05 16:01
@greg Primitive, but? `lspci -Q | grep -i vga` then eyeball output?

wdennis
2017-10-05 16:01
example: ```root@ml17-pc04:~# lspci -Q | grep -i vga 05:00.0 VGA compatible controller: NVIDIA Corporation GP102 [GeForce GTX 1080 Ti] (rev a1) 06:00.0 VGA compatible controller: NVIDIA Corporation GP102 [GeForce GTX 1080 Ti] (rev a1) 09:00.0 VGA compatible controller: NVIDIA Corporation GP102 [GeForce GTX 1080 Ti] (rev a1)```

wdennis
2017-10-05 16:04
Another example (different GPUs): ```root@snake06:~# lspci -Q | grep -i vga 01:00.0 VGA compatible controller: NVIDIA Corporation GM200 [GeForce GTX TITAN X] (rev a1) 02:00.0 VGA compatible controller: NVIDIA Corporation GM200 [GeForce GTX TITAN X] (rev a1) 03:00.0 VGA compatible controller: NVIDIA Corporation GM200 [GeForce GTX TITAN X] (rev a1) 04:00.0 VGA compatible controller: NVIDIA Corporation GM200 [GeForce GTX TITAN X] (rev a1)```

greg
2017-10-05 16:05
okay - figured something like that but was wondering to be sure.

wdennis
2017-10-05 16:06
Of course, that still works on a system without GPUs? example: ```[root@ml53 ~]# lspci -Q | grep -i vga 06:01.0 VGA compatible controller: Matrox Electronics Systems Ltd. MGA G200eW WPCM450 (rev 0a)```

greg
2017-10-05 16:09
Yeah - but that may be sufficient as a hint and info. It might even be drivable.

greg
2017-10-05 16:09
Cool thanks

wdennis
2017-10-05 16:11
For NVIDIA GPUs only: ```root@ml17-pc04:~# nvidia-smi -L GPU 0: GeForce GTX 1080 Ti (UUID: GPU-04875823-43f4-f49e-2f5f-f6027ab4cabf) GPU 1: GeForce GTX 1080 Ti (UUID: GPU-451a1806-3b88-8ea4-73ba-6bffe562ade0) GPU 2: GeForce GTX 1080 Ti (UUID: GPU-aa755a59-d4f2-b8e6-124a-6a0f6a2cb5ed)```

wdennis
2017-10-05 16:13
of course, would not work on AMD / Intel? (we only use NVIDIA for GPU computing?)

greg
2017-10-05 16:15
sure - interesting - I?m hoping for more generic, but useful to know

greg
2017-10-05 17:45
Hi - updated tip content to include a new sledgehammer with some additional tools for disk manipulation. GPT partitions and the like. If you import new content, you will need to update sledgehammer. ```drpcli bootenvs uploadiso ce-discovery``` would fix it.

carl
2017-10-05 18:42
I still can't get sledgehammer to expand on `v3.1.0-0-b70cf8ee1f61844a6d64070a8b272c2bec512204`: looks like `explode_iso.sh` is still unhappy. I'm running on CentOS 7.4 and here is the error from the UI: ```Command output: Explode iso sledgehammer/b3c09ebd5a9c228c66d8a617b6f5d10ccbe1c273 /var/lib/dr-provision/tftpboot /var/lib/dr-provision/tftpboot/isos/sledgehammer-b3c09ebd5a9c228c66d8a617b6f5d10ccbe1c273.tar /var/lib/dr-provision/tftpboot/sledgehammer/b3c09ebd5a9c228c66d8a617b6f5d10ccbe1c273 Extracting /var/lib/dr-provision/tftpboot/isos/sledgehammer-b3c09ebd5a9c228c66d8a617b6f5d10ccbe1c273.tar for sledgehammer/b3c09ebd5a9c228c66d8a617b6f5d10ccbe1c273 vmlinuz0: OK stage1.img: OK stage2.img: OK /usr/sbin/selinuxenabled``` selinux is in permssive mode

carl
2017-10-05 18:47
The ce-ubuntu-16.04-install and the ce-centos-7.3.1611-install images worked fine after a SIGHUP to dr-provision those have a checkmark on boot environments. cd-sledgehammer and ce-discovery both still have exes.

shane
2017-10-05 18:48
hi carlp - I'm looking in to this right now

vlowther
2017-10-05 20:25
@carl based on that output from explode_iso for installing Sledgehammer, it looks like restorecon failed for some reason.

vlowther
2017-10-05 20:25
Can you run it against /var/lib/dr-provision/tftpboot and see what happend?

carl
2017-10-05 20:32
```[kumulus@koiab dr-provision-install]$ sudo restorecon /var/lib/dr-provision/tftpboot [sudo] password for kumulus: [kumulus@koiab dr-provision-install]$ echo $? 0 [kumulus@koiab dr-provision-install]$```

vlowther
2017-10-05 20:32
ok, that is as expected.

vlowther
2017-10-05 20:33
What do the last few lines of your explode_iso.sh look like?

vlowther
2017-10-05 20:33
(should be /var/lib/dr-provision/tftpboot/explode_iso.sh

carl
2017-10-05 20:34
```printf '%s' "$expected_sha" > "${os_install_dir}.extracting/.${os_name}.rebar_canary" [[ -d "${os_install_dir}" ]] && mv "${os_install_dir}" "${os_install_dir}.deleting" mv "${os_install_dir}.extracting" "${os_install_dir}" rm -rf "${os_install_dir}.deleting" if which selinuxenabled && selinuxenabled; then restorecon -R -F "$tftpboot" fi ```

carl
2017-10-05 20:37
Interestingly: ```[kumulus@koiab dr-provision-install]$ sudo selinuxenabled ; echo $? 0```

vlowther
2017-10-05 20:39
ya, even in permissive mode selinuxenabled will return 0

vlowther
2017-10-05 20:39
It only returns failure when selinux is disabled.

vlowther
2017-10-05 20:40
ya, you are affected by a bug that @shane fixed yesterday.

vlowther
2017-10-05 20:41
my amazing typo skills wrote $tftpboot instead of $tftproot :slightly_smiling_face:

vlowther
2017-10-05 20:44
The latest tip release should fix that issue.

carl
2017-10-05 22:25
awesome, that fixed it. Thanks!

shane
2017-10-05 23:01
We hope to see all of you at the next Meetup, scheduled for Tuesday October 10th at 11am PST. Agenda Doc: https://docs.google.com/document/d/1FRFI-vONJY9yje9UsBqCI8XhojJ0XARsFgs4jbm-VRk Also - vote if you'd like to see the meetup move to a weekly cadence: Poll: https://www.meetup.com/digitalrebar/polls/1255504/ Meetup page: https://www.meetup.com/digitalrebar/


lae
2017-10-06 11:30
the event log on the DRP web UI seems to be overflowing below the browser

lae
2017-10-06 11:31

greg
2017-10-06 13:22
I?ll add an issue for it. Thanks!

carl
2017-10-06 17:13
New day, new problems. I can't seem to get the default CentOS 7 install to work. Machine downloads the kernel and initrd and then seems to reboot

carl
2017-10-06 17:13
The default Ubuntu install seems to work

carl
2017-10-06 17:17
Nevermind - seems to be one particular machine just doesn't like me.

shane
2017-10-06 17:41
ok ... we aren't minding! :slightly_smiling_face: let us know if you need any help with anything

mfischer
2017-10-08 04:26
has joined #community201710

mfischer
2017-10-08 21:56
I seem to be missing a step in the directions. Did the quickstart but I'm not sure what I need to do in order to get my master node to reply to pxe requests. I get file not found

mfischer
2017-10-08 22:00
aha there's no default.ipxe installed in tftpdir

mfischer
2017-10-08 22:11
hmm discover-load.sh seems to be gone

greg
2017-10-08 22:42
Yeah - follow the output of install.sh.

greg
2017-10-08 22:42
Also, for pxe requests, make sure you set the defaultUknownBootEnv to discovery or ce-discovery.

greg
2017-10-08 22:42
This is what servers default.ipxe.

greg
2017-10-08 22:42
@mfischer - forgot to tag at the start.

mfischer
2017-10-08 22:43
I figured the part out about not ignoring after I posted the question

mfischer
2017-10-08 22:43
I think its doing something, but with packet who knows. I'l messing around with that kernel param

greg
2017-10-08 22:43
We have some doc updates coming. Just got ahead of ourselves.

greg
2017-10-08 22:43
Ah - okay . A couple of things.

greg
2017-10-08 22:44
Sign up for an RackN account (if yuo haven?t already.) Then you can get packet content and packet-ipmi.

mfischer
2017-10-08 22:44
yep I'm just now going to go play with packet IPMI so I dont have to use packet commands

mfischer
2017-10-08 22:44
is it a plugin?

greg
2017-10-08 22:44
Adding these and setting stage workflow will put the right kernel params in place.

greg
2017-10-08 22:44
It is two pieces.

greg
2017-10-08 22:45
packet content - this adds some tasks and stages.

mfischer
2017-10-08 22:45
I have that

greg
2017-10-08 22:45
packet ipmi plugin - this adds actions to ?packet discovered? nodes so that the system can issue reboot and on/off calls.

greg
2017-10-08 22:45
Okay - so you probably want to use a discover stage as the default stage.

mfischer
2017-10-08 22:45
when I click Add pluging its just spinning...

greg
2017-10-08 22:46
hmm it can take a little bit, but not too long.

mfischer
2017-10-08 22:46
default stage = packet-discover

greg
2017-10-08 22:46
let me check qucik

mfischer
2017-10-08 22:46
unknown default = discover

mfischer
2017-10-08 22:47
ok I'll give it 2-3 min

greg
2017-10-08 22:48
okay - packet-discover can not be the initial stage. I should probably change that.

mfischer
2017-10-08 22:48
ok will change, still no joy on loading plugins

greg
2017-10-08 22:48
You need to change discover to packet-discover.

greg
2017-10-08 22:48
If possible can you check the console of your browser and see if there is an error.

mfischer
2017-10-08 22:48
wait do you mean change p-discover to discover?

greg
2017-10-08 22:49
It worked for me, but we keep tweaking the saas interface.

greg
2017-10-08 22:49
yeah

greg
2017-10-08 22:50
Okay - this is what I usually do for playing with packet.

greg
2017-10-08 22:51
1. unknownbootenv -> discovery

greg
2017-10-08 22:51
2. knownbootenv -> sledgehammer

mfischer
2017-10-08 22:51
I dont see any errors after clicking ad in the console

greg
2017-10-08 22:51
3. defaultStage -> discover

greg
2017-10-08 22:51
4. In the workflow pane, I set the following relations on the global profile.

greg
2017-10-08 22:51
a. discover -> packet-discover:Success

greg
2017-10-08 22:52
b. packet-discover->terraform-ready:success

greg
2017-10-08 22:52
c. centos-7.3.1611-install->packet-ssh-keys:success

greg
2017-10-08 22:52
d. packet-ssh-keys->complete-no-wait:success

mfischer
2017-10-08 22:52
let me install terraform too

greg
2017-10-08 22:53
I find terraform-ready to be a nice intermediate wait state.

greg
2017-10-08 22:53
You can ?auto? install things by changing the terraform-ready-state to `centos-7.3.1611-install:Reboot`

mfischer
2017-10-08 22:53
there's also plugin providers which shows packet IPMI

greg
2017-10-08 22:53
oh - so it seems to work, but you didn?t get UI confirmation.

mfischer
2017-10-08 22:53
clicking Transfer doesnt do anything

greg
2017-10-08 22:54
I also do in workflow.

mfischer
2017-10-08 22:54
shoudl I have some logs in my dr-p server?

greg
2017-10-08 22:54
e. ubuntu-16.05-install -> packet-ssh-keys:success

greg
2017-10-08 22:54
You may have some jobs.

greg
2017-10-08 22:55
jobs will accrue logs.

greg
2017-10-08 22:55
If you install drp in production mode, the drp?s log is in systemd/journalctl

mfischer
2017-10-08 22:55
yeah, I get it in stdout now

greg
2017-10-08 22:56
Now for IPMI packet to work, you will need to enable IPMI packet by creating a plugin.

greg
2017-10-08 22:56
You can click plugins, add button. It will ask which provider, choose packet-ipmi.

mfischer
2017-10-08 22:56
you know logging out and back in loses your Endpoint?

greg
2017-10-08 22:56
That will ask you for your API key. Set that in the parameter and click add.

greg
2017-10-08 22:57
okay - good to know. @zehicle is working on that.

mfischer
2017-10-08 22:57
I think I need to work out why I can't add any plugin providers

greg
2017-10-08 22:57
I think it should be getting saved on the org/user in the ?cloud?, but we?ve had some issues.

greg
2017-10-08 22:58
I thought you said you had one. I?m sorry.

mfischer
2017-10-08 22:58
they're available but not installed

mfischer
2017-10-08 22:58
wait nm

greg
2017-10-08 22:58
When all else fails, I hit the cli.


mfischer
2017-10-08 22:59
they're installed I think

mfischer
2017-10-08 22:59
unsure what transfer does, clicking it doesnt do much

greg
2017-10-08 22:59
```drpcli plugin_providers list```

greg
2017-10-08 22:59
ok - checking on my side.

mfischer
2017-10-08 22:59
I did top of tree

mfischer
2017-10-08 23:00
list is []

mfischer
2017-10-08 23:00
let me redo this w/o top of tree after a bio break

greg
2017-10-08 23:00
I see what is happening.

greg
2017-10-08 23:02
@zehicle - it looks like `http://rackn.github.io` and ` https://qww9e4paf1.execute-api.us-west-2.amazonaws.com/main/catalog/plugins/` are having cross-site scripting wars again.

greg
2017-10-08 23:02
@mfischer - here; I?m going to attach it here. Take the binary and drop it in drp-data/plugins directory. ok?

mfischer
2017-10-08 23:02
ok or just post a link

mfischer
2017-10-08 23:02
and I 'll curl it

mfischer
2017-10-08 23:02
wget I mena

greg
2017-10-08 23:03
okay - let me see.

mfischer
2017-10-08 23:03
pasting it works too

greg
2017-10-08 23:03
linux?

mfischer
2017-10-08 23:03
my master node is ubuntu


greg
2017-10-08 23:04
wait

greg
2017-10-08 23:04
ugh - wrong one.


greg
2017-10-08 23:04
almost the same, but this is the latest.

mfischer
2017-10-08 23:04
lol Fox just started a ticker for our Winter storm warning

greg
2017-10-08 23:05
where are you?

greg
2017-10-08 23:05
what does that mean, like 40s?

greg
2017-10-08 23:05
or is it real.

mfischer
2017-10-08 23:05
no 3-6" of snow and its real, i'm in colorado

mfischer
2017-10-08 23:05
beautiful now

greg
2017-10-08 23:05
wow - nice!

greg
2017-10-08 23:05
Just got home from daughter?s soccer game in the 90s

mfischer
2017-10-08 23:06
ok thats installed

mfischer
2017-10-08 23:06
./drpcli plugin_providers list --> []

mfischer
2017-10-08 23:06
chmod a+x?

greg
2017-10-08 23:06
yes

mfischer
2017-10-08 23:06
yep that fixed it

greg
2017-10-08 23:06
the upload path does that for you.

greg
2017-10-08 23:06
okay cool

greg
2017-10-08 23:07
now you can add the plugin

mfischer
2017-10-08 23:07
BTW the UX in here said "Choose undefined"

mfischer
2017-10-08 23:07
in the last field

greg
2017-10-08 23:08
yeah that is okay.

greg
2017-10-08 23:08
It should have a packet-api-key field first.

mfischer
2017-10-08 23:08
yep I added it

greg
2017-10-08 23:09
ok - good . now. Did you do the workflow changes.

mfischer
2017-10-08 23:09
need to go back and finish

greg
2017-10-08 23:09
ok cool

mfischer
2017-10-08 23:09
oh wait I need terraform

mfischer
2017-10-08 23:10
where does that come from again?

mfischer
2017-10-08 23:10
nm found it

mfischer
2017-10-08 23:10
costs me $$$

greg
2017-10-08 23:11
does it?

mfischer
2017-10-08 23:12
well it says $1 but you dont have my CC so ...

mfischer
2017-10-08 23:13
but maybe for real users

greg
2017-10-08 23:13
let me check - I can?t remember what we decided

mfischer
2017-10-08 23:13
os-other costs me $2

mfischer
2017-10-08 23:16
I still have a hard time with the machine menu, there's no reboot option for example

mfischer
2017-10-08 23:16
you can force and mark it runnable but its not the same

greg
2017-10-08 23:17
Yeah - those are support costs. Though at the current moment we should talk because I suspect that group licenses and support

greg
2017-10-08 23:17
Yeah you need to get the machine to have packet-uuid.

greg
2017-10-08 23:17
Set the machines stage to discover and manually reboot it.

mfischer
2017-10-08 23:17
rob said on the podcast the base costs are $1/node/mo

mfischer
2017-10-08 23:17
ok

greg
2017-10-08 23:19
For most parts - we are trying to figure out how to charge this sane. I think ipmi baremetal support is that way. We have ala carte prices listed. Bundling will be the better case most likely. Also, we?d love to know what your are trying to do . :slightly_smiling_face:

greg
2017-10-08 23:19
We can also take this to PM if need.

mfischer
2017-10-08 23:21
I wanted to try out some of the features beyond basic bare metal mgmt

mfischer
2017-10-08 23:22
no specific projects yet

zehicle
2017-10-08 23:23
@mfischer no CC required - billing is on committed use. We're not putting a paywall up yet, if you are using it, esp beta, then figure out the license $. $1/node/month is the base for support

mfischer
2017-10-08 23:25
yeah I didn't figure as much

mfischer
2017-10-08 23:25
at this point you'd have to hunt me down anyway since you don't have my CC :wink:

zehicle
2017-10-08 23:25
@greg I'll look in a minute and figure out.

greg
2017-10-08 23:25
np - I gave direct link and we are moved beyond.

mfischer
2017-10-08 23:26
is watching the packers/cowboys game while doing this

greg
2017-10-08 23:26
Yeah - me too.

mfischer
2017-10-08 23:27
I am not a cowboys fan

greg
2017-10-08 23:27
i am

mfischer
2017-10-08 23:27
I figured since you guys are in texas

greg
2017-10-08 23:27
all support is now cutoff

mfischer
2017-10-08 23:27
lol

greg
2017-10-08 23:27
j/k

mfischer
2017-10-08 23:27
HTTR

mfischer
2017-10-08 23:27
well now you can help again :disappointed:

greg
2017-10-08 23:27
lol - sigh

mfischer
2017-10-08 23:28
@greg my node made it to terraform-ready, I need to setup the ubuntu stage you mentioned

greg
2017-10-08 23:28
okay - so - did you upload the ubuntu iso already

mfischer
2017-10-08 23:28
yeah

greg
2017-10-08 23:29
okay - so os-linux content

greg
2017-10-08 23:29
needs to be loaded.

mfischer
2017-10-08 23:30
I think I loaded it, let me look

greg
2017-10-08 23:30
check stages

mfischer
2017-10-08 23:30
no, not there, let me add

mfischer
2017-10-08 23:31
should the WF be 100% connected? it seems like there's a hole

greg
2017-10-08 23:31
good catch

mfischer
2017-10-08 23:31
between terraform and an OS

greg
2017-10-08 23:31
That is dependent upon your choices.

mfischer
2017-10-08 23:32
rugby ending

greg
2017-10-08 23:32
Yeah -

greg
2017-10-08 23:33
Right now `terraform-ready` acts as a holding cell.

mfischer
2017-10-08 23:33
so, I deleted a stage that was in my WF and now WF won't load

greg
2017-10-08 23:33
You can then set the stage to which os you want and reboot the node.

greg
2017-10-08 23:33
awesome! or not.

greg
2017-10-08 23:34
```drpcli profiles show global```

mfischer
2017-10-08 23:34
can I just wipe the global?

mfischer
2017-10-08 23:34
destroy

greg
2017-10-08 23:34
please don?t do that.

mfischer
2017-10-08 23:35
done

mfischer
2017-10-08 23:35
oops

mfischer
2017-10-08 23:35
lol

greg
2017-10-08 23:35
lol

mfischer
2017-10-08 23:35
its fine now

greg
2017-10-08 23:35
```drpcli profiles create global```

mfischer
2017-10-08 23:35
just starting over

mfischer
2017-10-08 23:35
its back in the GUI

mfischer
2017-10-08 23:35
oh wait no its now

mfischer
2017-10-08 23:35
s/now/not/

greg
2017-10-08 23:35
Please put a global profile back. please.

mfischer
2017-10-08 23:35
yep done

greg
2017-10-08 23:36
I need to make that not delete able.

greg
2017-10-08 23:36
brb

mfischer
2017-10-08 23:36
hmmm GUI still wont load the workflow page, let me check console

mfischer
2017-10-08 23:37
jQuery.Deferred exception: Cannot read property 'change-stage/map' of null TypeError: Cannot read property 'change-stage/map' of null

mfischer
2017-10-08 23:37
I has an idea

greg
2017-10-08 23:38
```drpcli profiles set global param change-stage/map to '{}'```

mfischer
2017-10-08 23:38
I was going to throw in the old JSON values with the offending key removed

greg
2017-10-08 23:38
that works too

mfischer
2017-10-08 23:39
that fixed it ^

mfischer
2017-10-08 23:41
okay so last q for a bit

mfischer
2017-10-08 23:41
do unknown machines default in to the global work flow?

greg
2017-10-08 23:41
Yeah - so the flow is

greg
2017-10-08 23:41
unknown machine gets the unknown boot env.

greg
2017-10-08 23:43
discovery adds the node to the system and when the node is created, it gets the default stage and/or default known bootenv. The default stage of discover adds some tasks that start processing the change-map/stages. This will drive it through the stage chains which run the tasks.

greg
2017-10-08 23:43
Now, you asked about the ?hole? in the flow between `terraform-ready` and `centos-7.3.1611-install`.

greg
2017-10-08 23:43
This is a starting point to make sure flow is mostly right.

greg
2017-10-08 23:45
You could just as well change `packet-discover->terraform-ready:success` to `packet-discover->centos-7.3.1611-install:Reboot` and it will just flow straight through to an installed node.

greg
2017-10-08 23:45
Depends upon what your goal and usage is.

mfischer
2017-10-08 23:45
yep

greg
2017-10-08 23:45
In terraform-ready, the node can be grabbed by the terraform provider and driven through an OS install.

mfischer
2017-10-08 23:45
makes sense

greg
2017-10-08 23:47
The terraform content creates a single ?pool? like effect. The drp terraform provider uses API atomic ops to ensure that a single provider gets/reserves the machine and takes it out of the pool.

greg
2017-10-08 23:47
The model and flow could be extended to have named pools and other things. future enhancements and the like.

mfischer
2017-10-08 23:49
so minor q

greg
2017-10-08 23:49
okay - :slightly_smiling_face:

mfischer
2017-10-08 23:49
above you said Ubuntu:Reboot

mfischer
2017-10-08 23:49
doesnt it reboot after an OS install anyway?

greg
2017-10-08 23:50
okay so the reboot is the transition from the terraform-ready stage.

mfischer
2017-10-08 23:50
ah I see

greg
2017-10-08 23:50
The reboot is to escape the sledgehammer image and go to the os install image.

greg
2017-10-08 23:50
Yes, that is why the last stage `complete-no-wait:Success` doesn?t need a reboot.

greg
2017-10-08 23:50
The os install script finish and reboot the node.

greg
2017-10-08 23:51
If you want post-install actions that run in the newly booted OS, a new task/stage would need to be added to make sure that that that calls back into DRP would be run.

greg
2017-10-08 23:53
There are already examples of post-install actions that run in the install environment. ```packet-ssh-keys``` or ```ssh-access``` are examples of stages without boot environments that can be run in just about any bootenvironment to do their job.

greg
2017-10-08 23:53
So, you can chain them into the sequence to make sure keys are in place.

greg
2017-10-08 23:54
There is a lot of ?power? in the pieces as you start writing your own tasks and stages. Or leveraging our growing libraries of tasks/stages.

mfischer
2017-10-08 23:55
that makes sense

greg
2017-10-08 23:55
IPMI BMC configuration is already a stage/content that can be added to manage your BMCs on real hardware (setting users, configure ips, setting remote control).

greg
2017-10-08 23:56
Some that are close and should show up soon are inventory, classification, hw raid configuration, bios configuration, and component update.

mfischer
2017-10-08 23:56
I need to step away for a bit

mfischer
2017-10-08 23:56
back in 10

greg
2017-10-08 23:56
We are even toying around with image-based installs to skip the kickstart styles as an option. All things on road map.

greg
2017-10-08 23:57
Cool - I too am wondering off. I?l be around some.

zehicle
2017-10-09 00:04
I've duplicated the plugins issue... working on it

zehicle
2017-10-09 00:09
The plugin issue has been resolved - it was a backend issue - no updates required. I will patch the UX to make to protect in this case.

zehicle
2017-10-09 00:09
there is apparently another issue w/ the system...plugins. looking at that

zehicle
2017-10-09 00:14
I've found the issue w/ the providers too... will take more time to fix. Basically, it does not find them if you've already loaded them.

mfischer
2017-10-09 15:05
@greg do you have a recommended video/URL/etc that would explain more of the concepts to me? For example, stages/workflow/jobs/plugins etc.

mfischer
2017-10-09 15:10
I'm going to redo the setup but this time instead of hacking I'd like to get a working process down and feel like I'm lacking some of the concepts that might make me successful

greg
2017-10-09 15:26
We need to build some of those. We are going to be talking about them a little tomorrow on the community call. We have some plans to do those shortly. I need to do some videos about that.

mfischer
2017-10-09 15:27
ok thanks

mfischer
2017-10-09 15:27
I'm going to go back through some of the process again today and try to learn a bit more. I'm especially interested in some of the post install stuff you have like kubespray

mfischer
2017-10-09 16:41
@greg remind me what magic is needed to get packet IPMI working? I installed it and added my API key

greg
2017-10-09 16:42
That is all from the plugin side.

greg
2017-10-09 16:42
The content side needs to have the `packet-discover` stage chained after the `discover` stage.

mfischer
2017-10-09 16:42
ok

mfischer
2017-10-09 16:43
so packet discover is how rackn knows I have a http://packet.net box

greg
2017-10-09 16:43
yes - the tasks in the stage do two things

greg
2017-10-09 16:43
1. test to see if the machine is a packet machine and set the packet uuid as a parameter on the node.

greg
2017-10-09 16:43
2. put hte packet ssh keys into the discovery environment so that ssh access to the discovered nodes is allowed.

mfischer
2017-10-09 16:44
discover -> packet-disc:Success is what I will set

greg
2017-10-09 16:44
yes

greg
2017-10-09 16:44
then I do: packet-discover->terraform-ready:Success - this creates a hang env for a node.

mfischer
2017-10-09 16:45
I'm going to skip that and install ubuntu but concepts making more sense now

greg
2017-10-09 16:47
okay - cool

greg
2017-10-09 16:48
full disclosure, if you are watching the ssh console for a machine, you won?t see log output until the machine reboots again. The running of packet-discover adds the serial console parameters for boot environs. That doesn?t take effect until the next reboot.

wdennis
2017-10-09 16:58
@shane Upgraded the os-discovery Content, now see that sledgehammer needs upgrade - refresh my memory on how to upload?

greg
2017-10-09 17:02
```drpcli bootenvs uploadiso ce-sledgehammer```

greg
2017-10-09 17:02
is one of the ways.

greg
2017-10-09 17:02
UX can also do it.

wdennis
2017-10-09 17:11
Thx @greg

greg
2017-10-09 17:12
np

wdennis
2017-10-09 17:16
@greg - did param names change sometime lately?

greg
2017-10-09 17:16
a few, but you should have had it already.

wdennis
2017-10-09 17:17
For instance I have ?access_keys? type object, but I now see ?access-keys? type object...

greg
2017-10-09 17:17
yeah - we tried to normalize everything from `_` to `-`

greg
2017-10-09 17:17
we were all over the map.

wdennis
2017-10-09 17:18
Ah, OK - so should reset those...

greg
2017-10-09 17:18
yes

wdennis
2017-10-09 17:21
Ok. Also, a ?Profile? seems to not be just a collection of Params, but now is a class of machines, as used in Workflows?

greg
2017-10-09 17:22
I?ll have to handle describe in a bit. have to step away.

wdennis
2017-10-09 17:23
Ok

mfischer
2017-10-09 19:46
@greg when I apply a profile to a machine does it need to re-pxe to get it applied? for example kube-master

mfischer
2017-10-09 19:50
ah /me finds the docs

mfischer
2017-10-09 21:28
where do I report bugs?


mfischer
2017-10-09 21:29
I think this is a RackN UI issue specifically

shane
2017-10-09 21:29
please use the labels related to UX appropriately (enhancement or bug) :slightly_smiling_face:

mfischer
2017-10-09 21:30
ok

mfischer
2017-10-09 21:36
just need to figrue out how to label it

mfischer
2017-10-09 21:36
or maybe I cant?

shane
2017-10-09 21:37
when you create a new issues, there should be a "Label" pull down on the right - if not, you can go ahead and create it without a label, and apply label after you create

mfischer
2017-10-09 21:38
I think I need write access ... okay let me look again


mfischer
2017-10-09 21:38
I lack the cog wheel


shane
2017-10-09 21:38
hmm - will look in to that - plz go ahead an file issue, I'll label it

mfischer
2017-10-09 21:39
"Assign labels to issues and pull requests to help organize your projects. You can do this in repositories to which you have write access."

mfischer
2017-10-09 21:39
done


wdennis
2017-10-09 21:49
Running into a problem with my Ubuntu install...


wdennis
2017-10-09 21:50
How can I see generated preseed?

lae
2017-10-09 22:32

lae
2017-10-09 22:33
`{{.Machine.Path}}` will typically be http://$drphost:8091/machines/$uuid

lae
2017-10-09 22:34
so for that bootenv, the preseed can be fetched from e.g. http://provision.local:8091/machines/ffa946f1-d4fa-4b3d-a347-1e018904dd8e/seed

lae
2017-10-09 22:37
also I'd check the screen on alt+f8 (iirc) for any relevant error messages too

lae
2017-10-09 22:38
(or esc esc esc all the way until you can get back to the main menu prompt and open a shell/start a web server to view logs from somewhere else)

wdennis
2017-10-10 01:46
Thanks @lae

wdennis
2017-10-10 01:46
The URL seems to be: `url={{.Machine.Url}}/seed`

wdennis
2017-10-10 01:47
What does `{{.Machine.Url}}` translate into?

wdennis
2017-10-10 12:26
aha, figured it out? it?s: `http://<endpoint_ip>:8091/machines/<machine_uuid>/seed`

wdennis
2017-10-10 12:28
So I think I see the problem here?

wdennis
2017-10-10 12:28
`d-i partman-auto/disk string /dev//dev/sda`

wdennis
2017-10-10 12:30
I have the `operating-system-disk` param in the profile I?m using set to `/dev/sda` - maybe should just be `sda` now? Did that change somewhere along the way recently?

wdennis
2017-10-10 12:32
Yes, setting that value to just `sda` corrects the generated `partman-auto/disk` line

greg
2017-10-10 14:18
Yes - sigh - you are finding all the tweaks from 3.0.1 to 3.1.0 - most of those happened from v3.0.1 - > v3.0.3

greg
2017-10-10 14:20
I noticed that we were inconsistently using `operating-system-disk` across the different OSes . `sda` can work for both ubuntu and centos

wdennis
2017-10-10 16:38
@greg beta, baby! Bits in flight ;)

pton
2017-10-10 17:08
has joined #community201710

shane
2017-10-10 18:02
- meetup is starting now: https://zoom.us/j/3403934274

lae
2017-10-11 00:12
btw these are the changes I made in our content regarding debian/ubuntu, I guess some of this (particularly partitioning templates) might be useful upstream? I can open a PR containing some of these if you want https://gist.github.com/lae/1da54fd1abd2a56fa51f57fdd27de370

lae
2017-10-11 00:12
ugh wrong host

shane
2017-10-11 00:13
Hey @lae - we'd definitely be interested in incorporating some more capable partitioning template capabilities in to the Community Content - that's awesome - we'll look for the PR and review it with you - thanks !

lae
2017-10-11 00:14
ok, added gh link

shane
2017-10-11 00:14
(and any other enhancements you have :slightly_smiling_face: )

lae
2017-10-11 00:14
kk

2017-10-11 02:30
This message was deleted.

wdennis
2017-10-11 02:31
It puts the line `echo "PermitRootLogin yes" >> /etc/ssh/sshd_config` in the post-install.sh file

wdennis
2017-10-11 02:32
This does not work on Ubuntu (but I think it does on CentOS/RHEL)

shane
2017-10-11 02:32
why not on ubuntu ?

wdennis
2017-10-11 02:33
Ubuntu already has a line `PermitRootLogin without-password` in the distro-provided sshd_config file in

shane
2017-10-11 02:33
ah - that would be an idempotency fail then

wdennis
2017-10-11 02:34
So you end up with two PermitRootLogin stanzas

wdennis
2017-10-11 02:34
It only takes the first

wdennis
2017-10-11 02:35
Here?s the fix: `sed --in-place -r -e '/PermitRootLogin/ s/^#//' -e '/PermitRootLogin/ s/without-password/yes/' /etc/ssh/sshd_config`

wdennis
2017-10-11 02:36
That line works for both CentOS and Ubuntu

shane
2017-10-11 02:36
that won't work on Mac; (in place requires backup filename extension) - but something along those lines is exactly what I was just working on for you

wdennis
2017-10-11 02:36
Apple knows Best(tm)

shane
2017-10-11 02:36
Apple knows BSD ... which ... well ... never mind ...

wdennis
2017-10-11 02:37
I swear I had Greg change this in v3.0.x ?

wdennis
2017-10-11 02:37
(ran into the same problem)

greg
2017-10-11 02:38
in this case, the line would work but needs to be parameterized. Since those script really on run the linux context, the mac issue is less problematic.

shane
2017-10-11 02:39
also fails with two existing PermitRootLogin entries already

greg
2017-10-11 02:39
@wdennis - I think I wanted to, but didn?t get to it. We should open an issue to make sure it gets in.

shane
2017-10-11 02:39
or a commented out #PermitRootLogin and a valid entry

wdennis
2017-10-11 02:39
I think the stock CentOS sshd_config has the line `#PermitRootLogin yes` and Ubuntu has `PermitRootLogin without-password`

shane
2017-10-11 02:39
```vagrant@drp:/tmp$ cat foobar #PermitRootLogin PermitRootLogin without-password vagrant@drp:/tmp$ cat foobar | sed -r -e '/PermitRootLogin/ s/^#//' -e '/PermitRootLogin/ s/without-password/yes/' PermitRootLogin PermitRootLogin yes```

greg
2017-10-11 02:40
yeah - @shane - really need to cut out all PermitRootLogin and put one in place.

zehicle
2017-10-11 02:40
That's not a valid value for that param

wdennis
2017-10-11 02:41
I have been using that value for a while with v3.0.x

wdennis
2017-10-11 02:41
When did it change?

greg
2017-10-11 02:41
Yes is a valid value.

zehicle
2017-10-11 02:41
Sorry... listen to Greg and Shane. I didn't have context

wdennis
2017-10-11 02:42
n/p

greg
2017-10-11 02:42
The valid ones are: ?without-password|yes|no|forced-commands-only?

greg
2017-10-11 02:42
just not root

zehicle
2017-10-11 02:43
Oh!! The ONE bad choice and that's what I picked. Sigh. That's beyond luck

shane
2017-10-11 02:43
oh god no - not stupid threading in slack ...

wdennis
2017-10-11 02:43
lol

greg
2017-10-11 02:43
yeah :wink:

wdennis
2017-10-11 02:44
2 - 2 - 2 conversations in one!

wdennis
2017-10-11 02:44
I know this was working back in v3.0 for me?.

wdennis
2017-10-11 02:46
I know we?re bad for wanting root logins with passwords in SSH, but? ?that?s the way it?s always been?

lae
2017-10-11 02:51
I uh, actually use this in our post-install.sh template: ``` grep -q '^PasswordAuthentication ' /etc/ssh/sshd_config && sed -r -i 's/^(PasswordAuthentication).*/\1 no/' /etc/ssh/sshd_config || (echo 'PasswordAuthentication no' >> /etc/ssh/sshd_config) grep -q '^PermitEmptyPasswords ' /etc/ssh/sshd_config && sed -r -i 's/^(PermitEmptyPasswords).*/\1 no/' /etc/ssh/sshd_config || (echo 'PermitEmptyPasswords no' >> /etc/ssh/sshd_config) grep -q '^PubkeyAuthentication ' /etc/ssh/sshd_config && sed -r -i 's/^(PubkeyAuthentication).*/\1 yes/' /etc/ssh/sshd_config || (echo 'PubkeyAuthentication yes' >> /etc/ssh/sshd_config) grep -q '^PermitRootLogin ' /etc/ssh/sshd_config && sed -r -i 's/^(PermitRootLogin).*/\1 no/' /etc/ssh/sshd_config || (echo 'PermitRootLogin no' >> /etc/ssh/sshd_config) ```

shane
2017-10-11 03:03
`sed -i.bak '/^PermitRootLogin /{h;s/ .*/ yes/};${x;/^$/{s//PermitRootLogin yes/;H};x}' /etc/ssh/sshd_config`

wdennis
2017-10-11 03:05
@greg I feel stupid opening an issue for this, but? here ya go: https://github.com/digitalrebar/provision/issues/480

shane
2017-10-11 03:09
my sed scriptlet doesn't address duplicate lines - but in sshd_config context - it would be valid to simply chuck a `| sort -u` after the sed runs

shane
2017-10-11 03:10
@wdennis and @lae - I'll address fixing/patching for both of your issues/suggestions (respectively) tmw morning ... going to have an evening with my family now ... :slightly_smiling_face:

wdennis
2017-10-11 03:11
I?m out too, nite!

lae
2017-10-11 03:13
@shane night! however I will mention that a `sort -u`, while probably not an issue in this case, would break any sshd_config files that have `Match` lines

greg
2017-10-11 03:13
Yeah

greg
2017-10-11 03:14
@lae adds some additional parameters for the sshd file.

greg
2017-10-11 03:14
We should also add a fail on the task-based versions if sshd doesn?t start.

2017-10-11 12:44
hi there! can i ask some question as user, not dev? I try to use rebar in the 'home lab' and something wrong with arp tables

2017-10-11 12:44
https://pastebin.com/HWfinPLW

shane
2017-10-11 13:17
@kolomnitcki - you are definitely welcome to ask questions here as an operator - DRP is FOR operators. :slightly_smiling_face: What specifically is the issue you are seeing ?

2017-10-11 13:24
@rackneng well, i'm using a router as DHCP server with settings `next-server=192.168.10.14` where 192.168.10.14 is rebar vm ip address and `boot-file-name=lpxelinux.0`

2017-10-11 13:25
in `drpcli leases list` you can see two IP on one MAC `"00:0c:29:a4:f2:e1"`

2017-10-11 13:26
``` "Addr": "192.168.10.10", "Token": "00:0c:29:a4:f2:e1", ... "Addr": "192.168.10.11", "Token": "00:0c:29:a4:f2:e1", ```

2017-10-11 13:28
but in fact `00:0c:29:a4:f2:e1` has `192.168.10.16` IP

shane
2017-10-11 13:30
Can you please provide the start up options for "dr-provision", and output of "drpcli subnets list"

2017-10-11 13:34
`drpcli subnets list` - https://pastebin.com/JrSJbjMh (its ok what i'm using pastebin?)

shane
2017-10-11 13:35
sure no problem

shane
2017-10-11 13:36
and also "ps -ef | grep dr-provision", please

2017-10-11 13:37
``` [root@rebar ~]# ps -ef | grep dr-provision root 1279 1 0 Oct10 ? 00:01:16 /usr/local/bin/dr-provision ``` i'm using dr-provision.service

shane
2017-10-11 13:39
Ah - so you have not disabled the DHCP service within `dr-provision` - so you have 2 DHCP servers handing out leases - that will cause lots of grief

shane
2017-10-11 13:41
you need to disable the DHCP service within `dr-provision` - please add `--disable-dhcp` to your service start

shane
2017-10-11 13:42
(that should be in `/etc/systemd/services/dr-provision.service`

2017-10-11 13:47
@rackneng thanks

shane
2017-10-11 13:48
presumably that's sorting out the issues for you ? :slightly_smiling_face:

2017-10-11 13:55
i'm turning off dhcp via rackn UI for now

shane
2017-10-11 13:58
presumably you're doing that through disabling the Subnet ...

ctrees
2017-10-11 14:30
So, I signed up for http://packet.net and got flagged (maybe because I used my google account as phone ?)... anyway... I was wondering how to get some test credit AND I've attempted to take Rob's demo (where he's using packet for the k8s)

ctrees
2017-10-11 14:32
I had done this in the past (standing up DR and just provision) a few months ago so went back to a CentOS7 vm on VBOX ran into some cert issues...

ctrees
2017-10-11 14:35
My 'long term' is to create an OpenAFS 'community' package that can be used at some of the local universities... were a deploy to packet OR to a 'pile of old stuff' is the same for the prof

shane
2017-10-11 14:35
@ctrees - yeah, I got flagged by packet when I signed up w/ a rackn account, too ... so ... they aren't just singling you out :slightly_smiling_face:

shane
2017-10-11 14:35
not sure what their heuristics are .... but a bit overly aggressive, is my guess

shane
2017-10-11 14:36
possibly if you've used packet previously, they're trying to reduce duplicate accounts ? I had been a previous packet user at another company

ctrees
2017-10-11 14:36
Oh I sort of figured that... I think is that they just want a human in the loop when they take a CC

ctrees
2017-10-11 15:28
OK.. so went through Shane new video (Thanks, very helpful 4me).

shane
2017-10-11 15:29
for reference - that's the new Community Content video, at: http://bit.ly/2z029lo

ctrees
2017-10-11 15:36
A few questions: 1. - Ansible vs 'Local Shell Scripts'. So the package is more about local scripts template expansion ? 2. - Duplicating 'packet ipxe setup locally' Seems like a good idea esp for a test lab is to duplicate how DR-P works within packet (pattern wise).. ?? agree ??

ctrees
2017-10-11 15:38
I know DR-P works well with ansible / kubespray via Rob's demo, just wondering when is using template expansion on shell scripts becomes a preferred method.

shane
2017-10-11 15:40
@ctrees we believe firmly that you should use whatever Cfg Mgmt/DevOps tooling you prefer - ansible, saltstack, chef, puppet ... etc. so we are not pushing/using either technology for basic provisioning

shane
2017-10-11 15:41
the Demo that @zehicle has is related to enabling applications placement on top of DRP - more as a demo of utilizing a DRP provisioned cluster

shane
2017-10-11 15:41
it just happens he chose Ansible Kubespray as the deployment mechanism

shane
2017-10-11 15:42
we also have Virtualbox plugin for interoperating a little better with VB for a local lab setup on your own laptop

shane
2017-10-11 15:42
though - to be honest, I haven't yet played with it much - I do use VirtualBox on my Mac - without the plugin, and it works fine - you just have to "work around" the VirtualBox peculiarities of trying desperately to own DHCP all the time

shane
2017-10-11 15:43
I'm going to put together a video on Virtualbox as a lab setup here shortly - as a few of us at rackn use it too

ctrees
2017-10-11 15:44
Oh... wow... that's just what I was doing (setting up a VirtualBox again)

ctrees
2017-10-11 15:45
I was running into https algo issues: [root@provision ~]# curl https://192.168.88.9:8092 curl: (35) Cannot communicate securely with peer: no common encryption algorithm(s). [root@provision ~]# curl http://192.168.88.9:8091 <pre> <a href="ALL-LICENSE">ALL-LICENSE</a>

ctrees
2017-10-11 15:47
yea... Vbox vnet has always been ?? iffy ?? combined with MACOSX can really make you want to force feed Debian to everyone :wink:

ctrees
2017-10-11 15:49
I do run mac myself basically because 'best popular' setup... I like to tell the mac people with issues "well OBVIOUSLY your HOLDING IT WRONG" when they have issues...

shane
2017-10-11 15:50
exactly

shane
2017-10-11 15:50
curl --insecure ...

ctrees
2017-10-11 15:50
OH... thanks... how do I get the webbrowser to poke through ?

shane
2017-10-11 15:51

shane
2017-10-11 15:51
example API usage to set Preferences

shane
2017-10-11 15:51
note the "--insecure" in the curl output

shane
2017-10-11 15:51
not sure what you mean by "poke through" ?

ctrees
2017-10-11 15:52
I was hitting the UI on the IP with a browser (like Rob did in his setup demo)

ctrees
2017-10-11 15:55
I couldnt' tell where it was getting blocked.... I 'suspect' maybe FW or SE... was just digging into it... but when Rob used a 'new machine' from packet... I figured.... well heck, I should just login to a new packet machine and figure out the starting env... then got to thinking... heck, this should be captured in a ks or ce-digital-rebar-baseline ??

ctrees
2017-10-11 15:56
need DR-P to setup a machine for DR-P :wink:

ctrees
2017-10-11 15:56
quick get your 'spinning inception top'

greg
2017-10-11 15:57
:slightly_smiling_face:

shane
2017-10-11 15:57
the web browser is a CORS application (cross origin resource sharing - https://en.wikipedia.org/wiki/Cross-origin_resource_sharing ) - so from your browser, you need outbound HTTPS to http://rackn.github.io (Portal), and then port 8092 access from your browser to your DRP Endpoint

shane
2017-10-11 15:58
actually ... I used the 5min-drp demo setup to spin up 10 http://Packet.net centos nodes - which I used to deploy DRP on one of them for the Community Content video .... :slightly_smiling_face:


shane
2017-10-11 16:00
I _believe_ the terraform-provider-packet plugin necessary is NOW available with the "always_pxe" option - and doesn't require additional compile to build it from the Beta release (i.e. it JUST released yesterday afternoon)

shane
2017-10-11 16:00
that demo requires the RackN registered (free) content be downloaded/available for the demo to work, since it uses some of the advanced Packet plugins and content to operate correctly

ctrees
2017-10-11 16:13
yea... I had stuff working months ago but the outbound to the portal is new, so that may be it... I was attempting to figure out just the servers were up (eliminate the UI thing)... which basically made me want to drop into an ansible script and do some register checks so I can 'knowledge transfer' abit easier..

ctrees
2017-10-11 16:20
which is why I like the idea of capturing the packet pattern in ansible as I should be able to produce vagrantfile that mucks it all into a 'laptop test-lab' setup (basically use the kubesray structure) I started to put a pfsense vm into the mix so I could use all vnet 'local only' and capture the SDN in ansible also...

ctrees
2017-10-11 16:52
needed one other switch for curl

ctrees
2017-10-11 16:52
[root@provision ~]# curl --ciphers ecdhe_ecdsa_aes_256_sha --insecure https://127.0.0.1:8092/ui <a href="https://rackn.github.io/provision-ux/#/e/127.0.0.1:8092">Moved Permanently</a>. [root@provision ~]# curl --ciphers ecdhe_ecdsa_aes_256_sha --insecure https://192.168.88.9:8092/ui <a href="https://rackn.github.io/provision-ux/#/e/192.168.88.9:8092">Moved Permanently</a>.

shane
2017-10-11 16:53
hmm - ok - your curl version must be .... odd ....

ctrees
2017-10-11 16:54
yea, which was why I was attempting to figure out what exactly is that 'base line' code 'ya-all' install on

shane
2017-10-11 16:54
"all y'alls"

ctrees
2017-10-11 16:54
but this is 'refreshing' my memory of the networking which I need

shane
2017-10-11 16:54
(though I'm in California ... so .... )

ctrees
2017-10-11 16:55
mt.view or ?

shane
2017-10-11 16:55
yep

shane
2017-10-11 16:55
hence meetup address

ctrees
2017-10-11 16:56
pretty shinny ceiling... so I doubt your in any old buildings I worked in...

shane
2017-10-11 17:09
(shhh ... I work from home ... )

ctrees
2017-10-11 17:10
oh is that a bad word now in silly valley (post yahoo)

ctrees
2017-10-11 17:12
so... if you were to guess... my web problems probably I don't have updated crypto on my vm.... so... 'yum update'... woops... apt-get update ? or ya think I have a more fundamental config issues ?

ctrees
2017-10-11 17:13
... I had this working but MONTHS ago...

ctrees
2017-10-11 17:15
I'm good with blowing everything away... but if that's the case, I'd like to know what to pull in as a baseline... I did attempt to follow: http://packet.rebar.digital/default.ipxe to figure out that ks setup...

shane
2017-10-11 17:16
are you looking to do all of this in packet ?

ctrees
2017-10-11 17:16
or could wait for packet to get back to me... or wait till you do vagrant ... either way

shane
2017-10-11 17:17
what is the user/account you registered under? I know the packet guys, and I can get them to fix that for you asap

ctrees
2017-10-11 17:17
ultimately it'll be setup as a CI for normal dev-ops... so laptop -> test -> pre-pro -> pro

shane
2017-10-11 17:17
I'd suggest restarting w/ the 5min-drp demo stuff in Packet - from scratch

ctrees
2017-10-11 17:17
but for sure I want to give them the option of 'well... just go test with packet'

ctrees
2017-10-11 17:18
ok... that's what I'll do...

shane
2017-10-11 17:18
the virtualbox stuff is a bit fragile ... mostly because of virtualbox itself

ctrees
2017-10-11 17:18
just a sec, let me check email... maybe they've gotten to me... it's

shane
2017-10-11 17:18
we need more time to polish those pieces up

ctrees
2017-10-11 17:20
I agree with vbox... and I've got lots of 'work-arounds' as the timer slips cause havoc with OpenAFS (kerbos) you shouldn't have as much issues with that... but for sure the vnet crap is a pita...

shane
2017-10-11 17:21
I'm also working on some Vagrant based solutions - but again, I'm using VirtualBox as provider for vagrant .... so ....

ctrees
2017-10-11 17:21
but I for sure would use kubespray as a model... those guys have 'lots of eyes and hands'...

wdennis
2017-10-11 17:24
@shane What is the generated URL for a kickstart? (as opposed to a preseed) `{{.Machine.Url}}`/???

wdennis
2017-10-11 17:41
^^^ or @greg - like to be able to take a look at it while my install is happening here

shane
2017-10-11 17:49
@wdennis not sure off hand - checking

shane
2017-10-11 18:10
@wdennis I'm guessing it's something like: curl --insecure http://127.0.0.1:8091/machines/<MACHINE_UUID>/ks.cfg

shane
2017-10-11 18:11
but only because "ks.cfg" is the defacto standard for kickstart filename - not confirmed yet

shane
2017-10-11 18:11
also - once a job has been run fully, the file appears to be removed from the tftpboot tree (which is where this is served from)

shane
2017-10-11 18:12
so - you can't grab a successfully finished/installed version to review - it would only be during machine build (or potentially failed to build) stage you can grab it

lae
2017-10-11 18:22

lae
2017-10-11 18:31
@wdennis `drpcli bootenvs show $BOOTENVNAME | jq '.Templates'` should show you the templates for a bootenv, and you can probably derive the correct Path from it. `ce-centos-7.3.1611-install` has `Path: "{{.Machine.Path}}/compute.ks"` (https://github.com/digitalrebar/provision-content/blob/master/bootenvs/ce-centos-7.3.1611.yml#L27) which should turn into something like `http://drp.local:8091/machines/<MACHINE_UUID>/compute.ks`

wdennis
2017-10-11 18:48
Yes, I knew you could only see it while the bootenv is set to the -install and before it gets changed back to ?local?

greg
2017-10-11 19:01
@lae is correct

wdennis
2017-10-11 19:02
@lae @greg @shane Thanks

wdennis
2017-10-11 19:08
@greg No `post-install.sh` used (needed) on the RHEL/CentOS install (b/c have `%post` in kickstart, right?)

greg
2017-10-11 19:08
centos has all in kickstart - ubuntu uses both preseed and post-install.sh

wdennis
2017-10-11 19:09
OK, what I figured

wdennis
2017-10-11 19:46
Does os-discovery Package `v1.0.0-tip-30` require a new sledgehammer ISO to be downloaded?

wdennis
2017-10-11 19:47
All my *discovery and *sledgehammer Bootenvs are ?X? now having updated to that?

shane
2017-10-11 19:48
your current sledgehammer/discovery image you want can be listed as: ```[root@5min-drp-ewr1-00 ~]# ./drpcli contents show os-discovery | jq '.sections.bootenvs.discovery.OS.IsoFile' "sledgehammer-b689ed6b5e0dd74677acc3ffe9b8cafc5b7c8357.tar"```

shane
2017-10-11 19:49
kind of a long JSON parameter to get - you could just `| grep IsoFile`

shane
2017-10-11 19:49
compare the sledgehammer SHA sum to the one you have

wdennis
2017-10-11 19:52
Another q - is the ?assets? subdir in isolated DRP still a thing? Or is everything that?s used living in ?drp-data? now?

shane
2017-10-11 19:53
everything is in drp-data/ in isolated mode

shane
2017-10-11 19:53
production pushes to /var/lib/dr-provision as a base with "digitalrebar" and "tftpboot" being subdirs in both cases

wdennis
2017-10-11 19:54
So the ISOs in use live in `drp-data/tftpboot/isos/` then?

shane
2017-10-11 19:54
yes - that's where the drpcli command will push them to

shane
2017-10-11 19:55
and where the 'explode' function finds them to explode them out in to your tftpboot/ directory appropriately

shane
2017-10-11 19:55
you can technically just copy the ISO to that directory - and just 'kill -HUP' the dr-provision service

wdennis
2017-10-11 19:55
OK

shane
2017-10-11 19:55
it'll see the new ISO and explode it out

wdennis
2017-10-11 19:56
Then this is my discovery problem: ```[dradmin@dr-admin drp]$ tree drp-data/tftpboot/isos/ drp-data/tftpboot/isos/ ??? CentOS-7-x86_64-Minimal-1611.iso ??? sledgehammer-80d6b866edba30a81fce1783b9f745ce9a003e13.tar ??? sledgehammer-b689ed6b5e0dd74677acc3ffe9b8cafc5b7c8357.tar ??? ubuntu-16.04.2-server-amd64.iso ??? ubuntu-16.04.3-server-amd64.iso 0 directories, 5 files [dradmin@dr-admin drp]$ ./drpcli contents show os-discovery | jq '.sections.bootenvs.discovery.OS.IsoFile' "sledgehammer-f5ffd3ed10ba403ffff40c3621f1e31ada0c7e15.tar"```

shane
2017-10-11 19:57
if your DRP endpoint has internet access you can just run 'drpcli bootenvs uploadiso FOO' (iso name) and it'll download based on the bootenv specified HTTP location; stage it in to the isos directory, and tickle the explode function to do it's thing

wdennis
2017-10-11 19:57
Yup, doing that now

shane
2017-10-11 19:57
we definitely need to do a little more around (at least) notifying on content update that a new ISO image version is required

wdennis
2017-10-11 19:58
Request: when Content Packs are updatable, warn end user if dependencies will need to be updated as well (like the ISOs)

wdennis
2017-10-11 19:58
Ah, beat me to it :slightly_smiling_face:

2017-10-11 20:02
hello all - i need a little bit of clarification.. when running the curl command that should be executed as root or as a sudo user?

shane
2017-10-11 20:03
hi @iamjes - Shane here w/ RackN, pleased to meet you

shane
2017-10-11 20:04
the curl command does not need to be run as root

shane
2017-10-11 20:04
the DRP endpoint needs access to bind to port 67 and 69 for DHCP and TFTP if you are not using your own services

shane
2017-10-11 20:05
you can either run DRP as root, or you can use the setcap capabilities to allow dr-provision binary to bind to those low ports as a non-root user - keeping it completely contained to an unprivileged user account

2017-10-11 20:05
I have a machine with two nic's and the isolated install is the best way to run and then configure the dhcp and pxe after network interfaces have been updated with the internal ip address?

shane
2017-10-11 20:06
it's probably easier to run in isolated mode - there is very little difference; other than where the local installed content gets put

shane
2017-10-11 20:07
if you do - all content will be located in `~/drp-data` of the user account you install as

shane
2017-10-11 20:09
and, yes - you can add "Subnets" to your DRP endpoint after install - once you enable the subnet, that will turn on the DHCP services for that Subnet

shane
2017-10-11 20:10
so you can exclude (by NOT configuring) a subnet - and no DHCP services will run there

wdennis
2017-10-11 20:10
@IAMJES If it helps plan, I am running in isolated mode, here?s the disk usage & directory structure: ```[dradmin@dr-admin drp]$ du -h -d 2 . 99M ./bin/linux 98M ./bin/darwin 99M ./bin/windows 295M ./bin 20K ./tools 5.6G ./drp-data/tftpboot 212K ./drp-data/digitalrebar 100K ./drp-data/saas-content 0 ./drp-data/plugins 0 ./drp-data/job-logs 5.6G ./drp-data 7.7G .```

2017-10-11 20:11
ok thanks

wdennis
2017-10-11 20:12
That?s with CentOS 7, Ubuntu 16.04 and discovery ISO images

shane
2017-10-11 20:12
@iamjes - you can also specify that you require "Reservations" for DHCP leases; and you can be very prescriptive about which systems in a given subnet will receive a DHCP lease, and subsequently provision against the DRP endpoint

shane
2017-10-11 20:12
you have the option of specify Reservations are required or optional

shane
2017-10-11 20:13
if optional; then any system that PXE boots and requests DHCP will be answered; if required, only systems with a Reservation will be responded to

2017-10-11 20:15
thats nice - this is for a small network and i guess once they are provisioned in 'sledgehammer' then id like them to move into a permanent ip address allocation

shane
2017-10-11 20:19
you can do that by specifying via a Reservation; in which case, the Reservation assigned IP address would become the final IP address of the host

shane
2017-10-11 20:20
the alternative method is to add a post-provisioning `task` that re-IPs the host after initial provisioning activity is complete

greg
2017-10-11 20:20
or have that task convert the lease to a reservation (maybe that is what you meant as well).

2017-10-11 20:21
or that :)

greg
2017-10-11 20:21
both are doable.

2017-10-11 20:22
how long does it take for the API server to start?

shane
2017-10-11 20:23
if you have no content in the system - just a few seconds

wdennis
2017-10-11 20:23
@wdennis uploaded a file: https://rackn.slack.com/files/U416T0AAX/F7GU3ADNE/pxe_install_os_options.pdf and commented: @shane @greg Another longer-term question ? take a look at the attached file; my question is what options does DRP support today, which may it support in future, which are unsupported (possibly b/c underlying install answer file format does not have the capability?)

2017-10-11 20:26
and i can install apache2 and put in my ssl before running the install

2017-10-11 20:43
looks like it accepted just fine

2017-10-11 20:54
while i am waiting for the last of it to come which page should i use first?

greg
2017-10-11 21:02
@IAMJES - not sure which page you mean? Which UI page to start with?

greg
2017-10-11 21:03
https://<IP>:8092/

2017-10-11 21:03
thanks

greg
2017-10-11 21:03
accept the self-signed cert (or your own) and then look for info/proferences

2017-10-11 21:07
i have my own cert so if you go to https://rebar.010101.info it comes up with the apache test page and good lock - now it isnt and im redirected to rackn

greg
2017-10-11 21:07
cool

greg
2017-10-11 21:08
hmm

greg
2017-10-11 21:08
need to think about that for a moment.

2017-10-11 21:08
https://rackn.github.io/provision-ux/#/e/rebar.010101.info:8092/system

greg
2017-10-11 21:08
oh cool - does that work?

greg
2017-10-11 21:08
I guess it does.

greg
2017-10-11 21:09
Probably will.

greg
2017-10-11 21:09
yeah should. Nice.

greg
2017-10-11 21:09
You can also alter the port if you want.

2017-10-11 21:14
i dont care about the port - just wondering why i was redirected

greg
2017-10-11 21:15
The UI is served from cloud resources.

greg
2017-10-11 21:15
It then attaches to the API endpoint you started with.

greg
2017-10-11 21:16
That lets the UI update faster and more responsively than DRP

2017-10-11 21:16
will that redirect ever go away?

greg
2017-10-11 21:16
The intent is no. DRP may grow the ability to serve the UI locally, but it isn?t currently packaged that way.

greg
2017-10-11 21:17
What is the concern?

2017-10-11 21:18
how can i make this all secure?

shane
2017-10-11 21:20
@iamjes - the DRP Endpoint never reaches out to the RackN Portal, the only way it is "managed" is via your web browser, which sits between the DRP Endpoint and the RackN Portal

shane
2017-10-11 21:21
your DRP Endpoint can be 100% isolated from the outside - and it'll operate fully

2017-10-11 21:21
ok

shane
2017-10-11 21:23
your web browser acts as an intermediary - techinically via CORS connections (cross origin resource sharing - https://en.wikipedia.org/wiki/Cross-origin_resource_sharing ) to connect **from** your browser to your DRP Endpoint - and **from** your browser to the RackN Portal

shane
2017-10-11 21:24
if you do not use/do that - then there is no UI to manipulate/manage the DRP Endpoint with - but it's still 100% operable via the Command Line (drpcli) or API access within your local environment

shane
2017-10-11 21:25
you can further secure your DRP Endpoint so you do not need to run it as Root; via the `setcap` capabilities

shane
2017-10-11 21:27
@shane uploaded a file: https://rackn.slack.com/files/U6QFVRJNB/F7GSXMDT5/using__setcap__to_run_as_non-privileged_user.yaml and commented: Beginnings of my write up on how to secure the DRP Endpoint (dr-provision daemon).

shane
2017-10-11 21:28
All API (and subsequently CLI) requests are authenticated via either a username/password pair, or you can create Tokens with limited scope to reduce the permissions and time that a given API call can execute

shane
2017-10-11 21:28
it is advisable to change the default username/password pair for the DRP Endpoint

shane
2017-10-11 21:29
and if you are concerned about other people accessing the API endpoint, further secure the API Ports (67, 69, 8091 and 8092) to JUST the hosts being provisioned and your admin access points; via the use of a local Firewall and policies on the DRP Endpoint - or intermediate firewall between the DRP Endpoint and your other networks

2017-10-11 21:35
thats fine, as long as i understand why I am all good

lae
2017-10-11 21:38
now, if only I had time to cleanup my ansible role for deploying DRP in that manner

lae
2017-10-11 21:39
(and publishing it lol)

shane
2017-10-11 21:39
it doesn't count if it isn't published ... !

lae
2017-10-11 21:39
!

greg
2017-10-11 21:39
theoretically at best :slightly_smiling_face:

2017-10-11 21:41
as long as it gets in there thats ok

2017-10-11 21:47
when signing up for an account on rackn beta it is looking for my name and not my domain name in the family name?

2017-10-11 21:49
nevermind i got it

2017-10-11 22:23
last question for the day - when i reboot the server and i want it to execute silently what is the command i should run?

shane
2017-10-11 22:24
the DRP endpoint ?

2017-10-11 22:24
the install on my side

shane
2017-10-11 22:25
`./dr-provision --base-root=$HOME/drp-data --local-content= --default-content= > drp-local.log 2>&1 &`

2017-10-11 22:26
ok and i can put that into a sh file - thank you

shane
2017-10-11 22:26
that will log to file "drp-local.log", and send both stdout and stderr to that file, and put dr-provision in the background

2017-10-11 22:26
fantastic

shane
2017-10-11 22:26
you may need the `--static-ip=<IP_ADDRESS>` of your DRP Endpoint

shane
2017-10-11 22:27
option

2017-10-11 22:27
ok

2017-10-11 22:41
i had a small power surge here and when i go back to run i do this and get ... rebar@rebar:~$ sudo ./dr-provision --static-ip=192.168.1.188 --base-root=/home/rebar/drp-data --local-content="" --default-content="" & [9] 1488

2017-10-11 22:41
i dont care if it has to all start over

greg
2017-10-11 22:43
If you do sudo, don?t add the &. It is probably asking you for password. Once started background it

2017-10-11 22:43
i thought that was the job of the &

shane
2017-10-11 22:44
do this instead: ```sudo date sudo ./dr-provision --base-root=$HOME/drp-data --local-content= --default-content= > drp-local.log 2>&1 &```

greg
2017-10-11 22:45
Yeah but sudo might ask for a password and the backgroundinv by & will cause the sudo to stop all execution

shane
2017-10-11 22:45
sudo is asking for your password - if you issue "sudo date" first, it'll ask for your password, then authenticate you

greg
2017-10-11 22:45
Yeah that

shane
2017-10-11 22:45
you can temporarily run other sudo commands without being challenged for a password

shane
2017-10-11 22:46
the problem is putting dr-provision in the background, doesn't allow you to authenticate your sudo request - your TTY is disconnected from stdin

shane
2017-10-11 22:46
you could also change sudo to allow you to run "dr-provision" binary without password challenge

2017-10-11 22:48
where do i go to remove everything - now i get this...

2017-10-11 22:48
rebar@rebar:~$ sudo date ./dr-provision --base-root=$HOME/drp-data --local-content= --static-ip=192.168.1.188 --default-content= > drp-local.log 2>&1 & [17] 1634 [16] Exit 1

shane
2017-10-11 22:49
`sudo date` should be run by itself first .... *then* run the `sudo ./dr-provision...` after you've authenticated with `sudo date`

2017-10-11 22:50
[13] 1643 is all i get

2017-10-11 22:51
where do i remove everything to start over - or should i just re-image the server

2017-10-11 22:58
i got it

shane
2017-10-11 23:11
:slightly_smiling_face:

wdennis
2017-10-12 03:19
O noes! A ?barclamp? reference in the `burnin` Content pack?

wdennis
2017-10-12 03:19
`Automatically generated from the burnin barclamp`

wdennis
2017-10-12 03:19
shudders

2017-10-12 12:31
Looks like i am missing out on the 'ux' - how do i get those tools

wdennis
2017-10-12 12:34
@IAMJES The ?UX? (techno term for ?user experience?) is the RackN portal website (the one you redirect to when you hit `https://<drp_server_ip>:8092`)

wdennis
2017-10-12 12:35
Also, if you are using Gitter, you should request a Slack invite to http://rackn.slack.com

2017-10-12 12:35
my page looks nothing like what i am seeing in the videos

2017-10-12 12:36
I am in Gitter

2017-10-12 12:37
:worried: i guess i need that

wdennis
2017-10-12 12:41
@wdennis uploaded a file: https://rackn.slack.com/files/U416T0AAX/F7GJZ0AUQ/drp_ux.png and commented: DRP UX screen

wdennis
2017-10-12 12:41
You aren?t getting this?

2017-10-12 12:44
thats the one i get but thats not the one you see in the youtube videos

wdennis
2017-10-12 12:44
YouTube link?

wdennis
2017-10-12 12:44
Is the webpage color green?

2017-10-12 12:45
https://www.youtube.com/watch?v=6xuVm9PJ2ck

wdennis
2017-10-12 12:46
Ah yes, that?s the prior version (v2) of what was then called just ?Digital Rebar?

2017-10-12 12:47
those wizards were slick! where did they go?

wdennis
2017-10-12 12:47
Now they?ve moved to v3 (current ver 3.1.0) of what?s now called ?Digital Rebar Provision?

2017-10-12 12:48
deploying openstack on k8 is the goal

wdennis
2017-10-12 12:48
They refactored the ?product? into DRP ? greatly simplified it

wdennis
2017-10-12 12:51
You should speak with @zehicle about how to get O?stack on K8s ? DRP can provide the K8s (via Ansible ?Kubespray? integration with DRP) but how to then get O?stack running on K8s, I?m not too sure of?

2017-10-12 12:51
in this video he made it look to easy

wdennis
2017-10-12 12:52
Yes, YMMV though ? I found DR v2 to be a twisty maze, all passages looking alike :slightly_smiling_face:

wdennis
2017-10-12 12:52
(my opinion/experience only)

2017-10-12 12:56
I will take your word for it

zehicle
2017-10-12 12:58
@IAMJES that integration broke when they moved into big tent and started to vertically integrate the install. Happy to talk 1x1 on what it would take. I'm still excited about the approach, but...

zehicle
2017-10-12 12:59
It's going to take some investment

2017-10-12 13:03
@zehicle I am still working through some of the other options to get them working the way i need them. I really liked the wizards you all were showing in the videos. My long term goal is to either deploy openstack using your tool or making it so people can login and launch environments as needed

2017-10-12 13:29
I am getting a little turned around in the profiles, templates, etc... I am trying to make it so a machine goes through sledgehammer, and then is deployed ubuntu 16.04 with 32gb swap

2017-10-12 13:29
I am thinking it is a operator error

shane
2017-10-12 13:30
have you successfully deployed Ubuntu with the stock templates first ?

2017-10-12 13:31
thats also part of my confusion.. i created a new template i thought from ubuntu drp... and made START. in start the contents are the IP addresses of the machines that have been through sledgehammer

shane
2017-10-12 13:36
I'd suggest you do things in very small steps - first deploy the stock Ubuntu to a single node.

shane
2017-10-12 13:37
Then make a small change to inject new Root PW and SSH Keys - get comfortable with that

shane
2017-10-12 13:38
then clone a template (say ce-net-post-install.sh.tmpl) make a few tweaks, and see how it operates

shane
2017-10-12 13:38
from there you can clone ce-net-seed.tmpl - and start making hacks to reflect your requirements

2017-10-12 13:38
i cloned the ubuntu drp to START

shane
2017-10-12 13:39
do you mean you cloned the "boot environment" ?

2017-10-12 13:40
no - templates right below boot environments

shane
2017-10-12 13:40
which was the source template you cloned ?

2017-10-12 13:41
ubuntu-drp-only-repos.tmpl

2017-10-12 13:42
my portal is acting odd and i little locks...

2017-10-12 13:42
i have*

2017-10-12 13:47
ill be back and go through more of the tutorials

shane
2017-10-12 13:49
@iamjes - the UI is definitely still a Beta version - it's only a couple of weeks old at this point - there are a few places when the UI will "hang" (like after cloning a template) - you need to reload the page, and that fixes it ...

2017-10-12 14:07
how do i put a png in here

shane
2017-10-12 14:08
what do you mean by a png?

2017-10-12 14:09
This is the error i am getting ... I have cloned the template and nothing not even the defaults appear - png is a file type for pictures https://imgur.com/a/UIKf8

shane
2017-10-12 14:09
ah - you mean a png in the conversation ? :slightly_smiling_face:

shane
2017-10-12 14:10
do you have Slack ? It's easier to add snippets of text, images, etc via the Slack app - not sure how to do it through the gateway you're coming in from

2017-10-12 14:10
im just using the web page - anyway the link i put in there is the error i am getting

2017-10-12 14:11
or lack thereof

shane
2017-10-12 14:11
can you point me to the web page you're using ?

shane
2017-10-12 14:11
if you choose to use slack, you can request a Slack invite from: http://www.rackn.com/support/slack/

shane
2017-10-12 14:13
is your goal to simple use a local repo for your installs ?

2017-10-12 14:22
@rackneng yes it is i sent a PM to rackneng

2017-10-12 14:27
@rackneng here is the url https://rackn.github.io/provision-ux/#/e/rebar.010101.info:8092/stages/

shane
2017-10-12 14:35
@iamjes - if you are just trying to change the Repo mirror you use, it's simple to add a few Params with the right names, to change the mirror. You don't need to clone/modify the Template file

shane
2017-10-12 14:36
would again ask - what is your goal you are trying to achieve - and lets help you get there, best if we take it slow steps as you get used to the system

2017-10-12 14:41
OK - step one provision a machine with ubuntu

shane
2017-10-12 14:41
:slightly_smiling_face:

shane
2017-10-12 14:41
we recommend doing things iteratively - first make sure a stock ubuntu deploy works happily ...

shane
2017-10-12 14:42
then lets start sorting out how to hack it make it your own

2017-10-12 14:46
Ok

greg
2017-10-12 15:15
For those building DRP directly, you will now need go 1.9 for tip builds. We are using some new testing features so that we can get better stack traces on test failures.

vlowther
2017-10-12 15:16
Specifically, some of the test helpers have been marked with the new t.Helper() method

2017-10-12 15:29
hi there! can you discuss few minutes around built-in iso\images on next meetup? i'm interesting about the level of support, is this a community feature or you have some plan on it? for example - my opinion: sledgehammer build script has too many hardcore URL with blobs, and the only proper way to use it - download already built tar archive, or build own discovery image\reinvent the wheel.

shane
2017-10-12 15:33
@kolomnitcki - we'd be happy to have you post a comment in the Agenda document requesting this - we are planning to have a community feedback discussion as part of next meetup - you're input would be appreciated: https://docs.google.com/document/d/1DGuqkjM-oZQ37GLcpwkSIzyTKpPZknTgqjQBS5uusoY/edit#heading=h.ifc9tve9wbk4


shane
2017-10-12 15:34
if you'd add a Comment to the "Community Feedback" section ...

2017-10-12 15:37
ok

2017-10-12 15:38
@rackneng - Greg - 1.9 ?

2017-10-12 15:40
The other question i have is how do i make it so docker is part of the initial build

greg
2017-10-12 15:41
golang 1.9

greg
2017-10-12 15:41
sorry - most people aren?t building DRP directly.

greg
2017-10-12 15:41
just a warning. And really it is only required for running the tests, but run the tests please if you build it.

2017-10-12 15:42
also in this url http://provision.readthedocs.io/en/stable/doc/install.html - talks about the user experience 'ux' still being available - is it not gone?

greg
2017-10-12 15:43
it is now /ui or /. The redirect is the new way.

2017-10-12 15:44
which drp has the wizards that i saw in the youtube videos.. once i get to where i am going how hard is it to upgrade drp

2017-10-12 15:45
sorry if i didnt say that right - still learning the language here

2017-10-12 15:48
I knew i worked on this before... back in the day...

2017-10-12 15:48
cd ~ mkdir digitalrebar git clone https://github.com/rackn/digitalrebar-deploy digitalrebar/deploy ln -s digitalrebar/ digitalrebar/deploy/compose/digitalrebar cd digitalrebar/deploy ./run-in-system.sh --deploy-admin=local --wl-docker --access=HOST --con-provisioner --con-dhcp --admin-ip=192.168.99.1/24

ctrees
2017-10-12 18:09
are these moved ?



ctrees
2017-10-12 18:12
aka rackn >sb> digitalrebar

ctrees
2017-10-12 18:13
* download RackN "drp-rack-plugin", which is available at:

shane
2017-10-12 18:22
hey chris - I'm updating that code to work correctly - but in generaly the "VER_PLUGINS", "DRP_OS", and "DRP_ARCH" variables needs to be set correctly

ctrees
2017-10-12 18:23

ctrees
2017-10-12 18:24
so I just figured it's moving ?

ctrees
2017-10-12 18:24
... unless your doing github 'magic'

ctrees
2017-10-12 18:25
Or that's private repo stuff...

shane
2017-10-12 18:29
private repo stuff - (most) all of the public content has moved to the digitalrebar repo

ctrees
2017-10-12 18:36
so... how would I actually get that OR is the script going to do that ?

shane
2017-10-12 18:38
I'm working on those details right now for you - and that'll be updated either in the README or the script - depending on how automated I can make it - it requires authentication since it's registered (free) use content from RackN that makes it work in the http://packet.net environment

ctrees
2017-10-12 18:39
OK... I'm about done for day anyway, should I just check the git readme tomorrow ?

ctrees
2017-10-12 18:40
I did register myself for beta rackn... got the email back

ctrees
2017-10-12 18:41
OH... I just saw if [[ "$USER" == "shane" ]]

ctrees
2017-10-12 18:41
:wink:

shane
2017-10-12 18:41
excellent - yes, I'll update the git repo README today when I sort it out - and I'll drop you a DM here to let you know

ctrees
2017-10-12 18:42
ok... thanks

shane
2017-10-12 18:42
yeah ... make it easy-peasy for me to grab my pre-staged secrets/content :slightly_smiling_face:

2017-10-12 18:43
how do i pay for the rackn add-ons?

shane
2017-10-12 18:44
um

ctrees
2017-10-12 18:44
I could go do it manually... but you had the terraform going AND the guys here think they want to go terraform too... so figure I'd sort of force-feed your pattern... if Doc Gray accepts then at least 3 user groups and companies will follow...

2017-10-12 19:03
just a fyi - i am not able to add providers

shane
2017-10-12 19:09
@iamjes - are you getting an error? how are you trying to add a Provider ?

2017-10-12 19:10
@rackneng - no errors nothing happens

shane
2017-10-12 19:15
it looks like the 3 plugin providers are installed correctly - "slack", "ipmi", and "packet-ipmi"

shane
2017-10-12 19:15
you don't need "packet-ipmi" if you aren't provisioning in the http://packet.net environment

shane
2017-10-12 19:16
once you add the "Plugin Provider", you have to create System --> "Plugin" of the type you want to use

shane
2017-10-12 19:16
for example - Add a plugin of type "IPMI" to enable IPMI (power on/off/reset) actions

2017-10-12 19:17
when i go to systems -> plugins and click on IPMI nothing happens

shane
2017-10-12 19:18
Did you do "Add", then "Use Provider" ??

2017-10-12 19:19
yes - when i do that i get a box in the middle of the screen to click on 'Add'

2017-10-12 20:11
@rackneng - nice youtube video on how to use packet for using community content - is there any that shows how to deploy ubuntu machines on premise?

2017-10-12 20:47
@rackneng - maybe its just me the UI has some catching up to do of how things are done at CLI

shane
2017-10-12 20:57
@iamjes ... UI is BETA - it was only released about 2 weeks ago tops - so, yes, it has some catching up to do - but it's leaps and bounds better than the green UI in the 3.0.x versions !! :wink:

2017-10-12 20:59
@rackneng - Shane ill take your word for it once i see all the lines of code in json i get lost so fast trying to keep with the video

shane
2017-10-12 21:00
JSON makes any sane persons eyes go crossed ....

shane
2017-10-12 21:00
anyone that likes JSON has something slightly wrong with them ... but goodness help me ... it's a MILLION times better than XML !!!

2017-10-12 21:01
all i want for is to learn how to 'hammer' the ubuntu deployment

shane
2017-10-12 21:02
you can do that without any of the advanced plugins - with purely the Community Content - the "ce-discovery", "ce-sledgehammer", and the "ce-ubuntu-16.04-install" content - but you won't get the IPMI reboot capabilities and the advanced Workflows of the Stages and Tasks stuff - which is pretty cool stuff

shane
2017-10-12 21:03
but the UI isn't 100% nailed yet, and so some of the things may need to be finished at CLI ... I'm happy to help you with those things

2017-10-12 21:05
i have all the other groundwork done i think

2017-10-12 21:05
rebooting server

2017-10-12 21:08
done and online

2017-10-12 21:09
there was another template video in march and the paths were different and i couldnt find my way around - hence my emphasis on the UI

shane
2017-10-12 21:10
There are 3 main versions of the product that you are going to find videos for .... the older Digital Rebar version 2 solution which was based on containerized system, Digital Rebar Provision (DRP) ver 3.0.x, and the current DRP 3.1 version

shane
2017-10-12 21:11
any videos for DRver2 should be ignored ... half of the content in the DRP 3.0.x videos is ... probably ... not right ...

2017-10-12 21:11
:worried:

shane
2017-10-12 21:11
you want to focus on any videos for DRP ver 3.1

shane
2017-10-12 21:12
the product went through a very large metamorphosis between DRver2 and DRP ver 3 ...

shane
2017-10-12 21:12
from 3.0.x to 3.1 there was a huge amount of new features and capabilities added - and that was released only a month ago

shane
2017-10-12 21:13
in addition, the UI was completely reworked/rebuilt/rewritten from scratch along with that

2017-10-12 21:13
is version 3 the wizards?

shane
2017-10-12 21:14
I think the "wizards" you are referring to is the older DRver2 product

2017-10-12 21:14
once i get this figured out i dont mind working on some training word documents for dummies

shane
2017-10-12 21:14
none of those work/relate/pertain to the DRPv3 line

shane
2017-10-12 21:14
DRP is a community open source project, and we'd definitely welcome any additions/help with the documentation as it is... we know it's pretty rough

2017-10-12 21:16
once i am able to understand this again and be able to do it over again i dont mind documenting my steps screen for screen and any commands done in the terminal

2017-10-12 21:16
then you all can wordsmith and then publish however you like

shane
2017-10-12 21:17
sounds good !

2017-10-12 21:18
so here is where i am now .. https://rackn.github.io/provision-ux/#/e/rebar.010101.info:8092/system

2017-10-12 21:18
i have grabbed all the boot environments i think i need and uploaded them to the server, the preferences are correct i think

shane
2017-10-12 21:20
you're not operating in the http://packet.net environment - I don't think ... right ?

2017-10-12 21:20
so reading the panes i am led to believe that we work our way down from templates -> params -> profiles? or am i working backwards

shane
2017-10-12 21:20
so no need for anything labeled with "packet"

2017-10-12 21:20
No i have all my servers here

shane
2017-10-12 21:20
future note; you can delete all content/plugins related to packet and you'll be fine

shane
2017-10-12 21:21
those are just helper pieces that do reboots and help inject SSH keys through packet's metadata services to add to a provisioned server

shane
2017-10-12 21:21
the ordering of setting things up doesn't matter - just that "all the things get set up"

shane
2017-10-12 21:21
before you try to provision

2017-10-12 21:23
ok i found the packet item and removed it

shane
2017-10-12 21:23
also - if you are using the RackN content, you do not need the "drp-community-content" Contents

shane
2017-10-12 21:23
and - the associated BootEnvs of ce-* (eg ce-discovery, ce-sledgehammer, ce-ubuntu...)

2017-10-12 21:23
this was what i used curl -fsSL https://raw.githubusercontent.com/digitalrebar/provision/stable/tools/install.sh | bash -s -- --isolated install

shane
2017-10-12 21:23
it'll just confuse things if you try and mix-n-match them inappropriately

shane
2017-10-12 21:24
when you do the install - if you know you are going to use RackN content - and not drp-community-content, you can add a `--nocontent` flag to the install

shane
2017-10-12 21:24
and it won't be installed

shane
2017-10-12 21:24
should you decide to add it back in - you can just add the "drp-community-content" Contents back, along w/ the associated BootEnvs

2017-10-12 21:25
you are talking about the content packages? the default items never downloaded so i did it myself for the files

shane
2017-10-12 21:25
right - there are 2 types of "Content"

shane
2017-10-12 21:26
"community content" == drp-community-content in the Contents screen, and associated BootEnvs with ce-* names

shane
2017-10-12 21:26
that stuff is all 100% open/free to community use and input/modifications/etc

shane
2017-10-12 21:27
RackN also distributes more advanced content ... which we just refer to as "RackN Content" - you must register for the use of that content, and a lot of it's free for use, as long as you register

2017-10-12 21:27
i am registered

shane
2017-10-12 21:27
there is some content you can purchase, which is even more advanced and customized pieces that are pay for content

shane
2017-10-12 21:27
:slightly_smiling_face: yep

shane
2017-10-12 21:27
with the use of the RackN registered/free content - you do NOT need the Community Content

shane
2017-10-12 21:27
and in your case, since you are not operating in http://packet.net - you do not need any "packet" stuff

2017-10-12 21:28
i think i removed all the packet stuff

shane
2017-10-12 21:28
now - "Content" is a number of things

shane
2017-10-12 21:28
"Contents" are just bundles of similarly grouped things

shane
2017-10-12 21:28
"Plugin Providers" are add-on features - which need to be configured as a "Plugin" (you saw that earlier)

shane
2017-10-12 21:29
"BootEnvs" are individual install pieces (eg Centos or Ubuntu) operating systems

2017-10-12 21:29
i have both ubuntu iso's there

shane
2017-10-12 21:29
yep

2017-10-12 21:30
so it is easier to make a new profile

2017-10-12 21:31
call it plain-ubuntu-16

2017-10-12 21:33
*^%$! - profile isnt responding through the UI

shane
2017-10-12 21:34
I've noticed that your Endpoint seems to pause occasionally

2017-10-12 21:34
i am on 150/150 fiber - so i dont know

shane
2017-10-12 21:34
is it a VM on a busy hypervisor or something? it feels like either I/O blocking on hypervisor (eg "noisy neighbor"), or a network connection issue

shane
2017-10-12 21:35
the DRP Endpoint - is it running as a Virtual Machine ?

2017-10-12 21:35
it is not on a vm

shane
2017-10-12 21:35
the DRP 3.1 binary is pretty stable, and doesn't block - unless you are "exploding" ISO content - it will block API calls temporarily as it writes to disk to protect any concurrent access to the written content

2017-10-12 21:36
i dont know

shane
2017-10-12 21:37
our binary is pretty light weight (29 mbyte in size on disk) ... and only requires a few 100 mbyte memory in general

2017-10-12 21:37
there's more than enough for it to run

2017-10-12 21:38
provisioning a machine on pxe is done in about 30 seconds

2017-10-12 21:38
(the start process anyways)

2017-10-12 21:43
so whats the next step

shane
2017-10-12 21:44
we can either drive provisioning manually - or create a stagemap to automate the stepping through of each stage

2017-10-12 21:45
automate!

shane
2017-10-12 21:46
ok - easiest thing to do is create the stagemap with our good old friend JSON

shane
2017-10-12 21:46
```{ "Available": true, "Description": "Global Ubuntu Stage Map", "Name": "global", "Params": { "change-stage/map": { "discover": "ubuntu-16.04-install:Reboot", "ssh-access": "complete-nowait:Success", "ubuntu-16.04-install": "ssh-access:Success" } } }```

shane
2017-10-12 21:47
assuming you want to Provision Ubuntu 16.04

2017-10-12 21:47
yes

shane
2017-10-12 21:47
write that to something like "stagemap-ubuntu.json" on your DRP endpoint

2017-10-12 21:48
let me find that directory

shane
2017-10-12 21:49
doesn't matter where - we'll inject it with CLI

2017-10-12 21:49
so just put the file anywhere

shane
2017-10-12 21:50
yes - but change the "Name" value to "ubuntu-16.04" lets not override with the "global" name

shane
2017-10-12 21:50
we'll apply this profile to Machines - otherwise, all machines will get the profile (that's what "global" means)

2017-10-12 21:52
i remember some of this from back in the day - when you needed a minimum of 8gb ram to run the install

2017-10-12 21:52
file made

shane
2017-10-12 21:52
on the DRP endpoint, lets run: ``` drpcli profiles create - < stagemap-ubuntu.json ```

shane
2017-10-12 21:52
(substitute "stagemap-ubuntu.json" with whatever you named your json file on disk)

2017-10-12 21:53
thats what i used

shane
2017-10-12 21:53
:slightly_smiling_face:

shane
2017-10-12 21:54
nice - I see it there in Profiles now

shane
2017-10-12 21:54
so - that "stagemap" is the Workflow that system will go through:

shane
2017-10-12 21:55
discover node will be put in to "ubuntu-16.04-install" bootenv and installed according to that boot environment

2017-10-12 21:55
so then i bring in a new node and use the stagemap after the sledhammer process?

2017-10-12 21:56
sledgehammer*

2017-10-12 21:58
i dont see that in the system preferences

shane
2017-10-12 21:59
correct - we boot the Machine - and assuming the hardware is set up to PXE Boot - and we have it in the same Layer 2 network - or you have "ip helper" on your switch/router to pass DHCP through to your DRP endpoint

2017-10-12 22:00
just a second

shane
2017-10-12 22:00
the Machine will be initially "discovered" according to the "unknown" BootEnv (discovery)

2017-10-12 22:00
node booted

shane
2017-10-12 22:00
once it's been discovered - we should see it in Machines

shane
2017-10-12 22:01
(assuming your "Subnets" specification is also correct for the machine network)

2017-10-12 22:01
stage 2 almost done

2017-10-12 22:01
were done

shane
2017-10-12 22:01
boom !

shane
2017-10-12 22:01
now you want to edit the machine - and add the new stagemap profile we created

2017-10-12 22:02
almost every time i do that the page never finishes for me to edit

2017-10-12 22:02
cant edit

shane
2017-10-12 22:03
change the Profile to "Ubuntu-16.04" and set it "runnable"

2017-10-12 22:05
i went to overview and clicked the + for ubuntu 1604

2017-10-12 22:05
or was i to take a different path

shane
2017-10-12 22:06
Um ... I've never used the "overview" screen :slightly_smiling_face:

shane
2017-10-12 22:07
I'd make the change in the Machines screen and edit the machine - I'm not certain what "things" overview will twiddle for us

shane
2017-10-12 22:08
also - your IPMI plugin isn't actually created (under System) - so you'd have to manually reboot your node for now - until you add your IPMI user/pass credentials

2017-10-12 22:08
went to system -> machines and clicked the name but the screen just says loading

shane
2017-10-12 22:09
try again

2017-10-12 22:09
no luck

2017-10-12 22:10
i broke it

2017-10-12 22:12
i have been using chrome ...

2017-10-12 22:14
its chrome - i switched to edge and it worked no problem

shane
2017-10-12 22:21
ok - if you edit the Machine - you want to change it to: Runnable (enabled / true) Stage set to "ubuntu-16.04-install" Profiles - add "Ubuntu-16.04"

shane
2017-10-12 22:21
but we also want to fix your IPMI plugin

wdennis
2017-10-12 22:24
@shane Can one change a name of an existing profile?

2017-10-12 22:29
changed it but i am not seeing it refresh

shane
2017-10-12 22:29
@wdennis nope - you can destroy and recreate pretty easily - which is "sort of" a rename function :slightly_smiling_face:

2017-10-12 22:30
ok it updated

2017-10-12 22:36
for now to get through the exercise i rebooted the node and it is installing ubuntu 16.04

2017-10-12 22:36
uh-oh bad archive mirror

shane
2017-10-12 22:36
ok - that's a good start !

shane
2017-10-12 22:37
dang, I got happy too soon

2017-10-12 22:37
did i miss something in the subnet?

2017-10-12 22:39
it looks fine

2017-10-12 22:43
i removed the next server value as there is no other server

2017-10-12 22:44
it still hangs up on the mirror

2017-10-12 22:44
i need to stop for now

2017-10-12 22:45
need brain fuel - maybe come back to this tonight or in the morning - also need some place to help tell you enter IPMI details here

shane
2017-10-12 22:49
is 10.0.0.2 your valid DNS server ?

shane
2017-10-12 22:51
@iamjes - if you sign up for a Slack account ... we can direct message

wdennis
2017-10-12 22:51
@shane There?s a drpcli command to dump the JSON of the profile?

shane
2017-10-12 22:51
yes

shane
2017-10-12 22:51
drpcli profiles show <profile-name>

wdennis
2017-10-12 22:52
And there?s bash-completion for drpcli right?

shane
2017-10-12 22:53
you can do `drpcli profiles list | jq '.[].Name'`

shane
2017-10-12 22:53
that'll show the list of Named

shane
2017-10-12 22:53
profiles


shane
2017-10-12 22:54
you have to install the autocompletion

wdennis
2017-10-12 23:02
OK, failed to delete my profile that I want to rename? ```[dradmin@dr-admin drp]$ drpcli profiles destroy os-install-necla-defaults Error: Unable to destroy profile os-install-necla-defaults: unknown error (status 422): {resp:0xc42010c000}```

wdennis
2017-10-12 23:05
Ah, it cannot be referenced anywhere?

wdennis
2017-10-12 23:05
Needs a better error message :wink:

wdennis
2017-10-12 23:05
Once I deleted the references, the destroy worked

shane
2017-10-12 23:05
api/cli == less warm and fuzzy ...

wdennis
2017-10-12 23:06
Now to re-add it?

wdennis
2017-10-12 23:07
OK, worked

shane
2017-10-12 23:08
woot !

wdennis
2017-10-12 23:08
Hmmm, still in the UX as the old name?

shane
2017-10-12 23:08
"refresh"

shane
2017-10-12 23:08
if not that - try Shift-Reload

wdennis
2017-10-12 23:10
Yes, was a PEBKAC problem? Didn?t rename the ?Name? attrib in the JSON :stuck_out_tongue_winking_eye:

shane
2017-10-12 23:42
ah yes ... AI is going to solve the worlds PEBKAC issues !!

greg
2017-10-12 23:47
Need an issues for @wdennis issue. That is a swagger annotation error with delete of a profile.

wdennis
2017-10-12 23:48
Will open one

wdennis
2017-10-12 23:59
Now about the bash completion?

shane
2017-10-13 00:00
??


wdennis
2017-10-13 00:02
Running CentOS 7.3 - I see both `/etc/bash_completion.d/` and `/etc/profile.d/` - where is the correct target dir to put the bash completion into?

shane
2017-10-13 00:02
```. /etc/bash_completion # On Ubuntu . /etc/profile.d/bash_completion.sh # On Centos . /usr/local/etc/bash_completion # On OS X with bash 4 installed.```

wdennis
2017-10-13 00:03
Wonder what `/etc/bash_completion.d/` is for then?

shane
2017-10-13 00:04
if your linux version has that - create it as drp.bash in that directory

shane
2017-10-13 00:05
```[root@5min-drp-ewr1-00 ~]# drpcli autocomplete /etc/bash_completion.d/drp.bash [root@5min-drp-ewr1-00 ~]# exit logout Connection to 147.75.65.3 closed. shane@gala:~/5min-drp$ ssh -x -i 5min-nodes-ssh-key root@147.75.65.3 Last login: Thu Oct 12 22:12:40 2017 from http://c-69-181-139-202.hsd1.ca.comcast.net [root@5min-drp-ewr1-00 ~]# drpcli autocomplete events interfaces leases plugin_providers profiles subnets users bootenvs files isos machines plugins reservations tasks version contents info jobs params prefs stages templates```

wdennis
2017-10-13 00:27
Tried `drp.bash` as well as `drpcli` in that dir - no dice?

wdennis
2017-10-13 00:37
Ah, need to install support pkgs on CentOS/RHEL? `yum install bash-completion bash-completion-extras`

wdennis
2017-10-13 00:39
So it ended up being `sudo ./drpcli autocomplete /etc/bash_completion.d/drpcli` that worked

wdennis
2017-10-13 00:59
Have a workflow question?

wdennis
2017-10-13 01:00
How can one send existing machines into a profile?s workflow?

wdennis
2017-10-13 01:03
Say it exists in machine inventory with the ?local? bootenv? How to get it when rebooted into PXE to invoke another profile?s workflow?

2017-10-13 01:09
@rackneng wdennis - have the slack app installed

wdennis
2017-10-13 01:10
Using Slack is so much better than Gitter for this

2017-10-13 01:12
never used it -only ever used chrome

wdennis
2017-10-13 01:13
you mean Gitter in Chrome (the browser?)

2017-10-13 01:13
yes

wdennis
2017-10-13 01:14
Did you request an invite to the community channel?

2017-10-13 01:15
ive been a member here for a long time just inactive

2017-10-13 01:22
@rackneng -wdennis to answer the first question 10.0.0.x is the network for nodes

2017-10-13 01:22
10.0.0.x is on eth1 and 192.168.1.x is on eth0

2017-10-13 01:24
now that i think about there can only be one gateway when there is two cards

shane
2017-10-13 01:25
@IAMJES - you need to have a valid DNS server passed in via the DHCP Options (option 6) to resolve the default Ubuntu Mirror

2017-10-13 01:26
can i have more than one?

shane
2017-10-13 01:26
the mirror used by default (unless you override it with a parameter) is: http://us.debian.org

wdennis
2017-10-13 01:27
@shane in System > Plugins, if I click ?Add?, I see the IPMI provider; but when I click ?Use Provider?, nothing happens?

shane
2017-10-13 01:27
I think eet eez a bugz in duh seeestem

shane
2017-10-13 01:27
(beta UI)

wdennis
2017-10-13 01:28
yeah yeah yeah ? :beetle:

shane
2017-10-13 01:28
I can provide you the CLI JSON equiv.

wdennis
2017-10-13 01:29
Let?s have it

shane
2017-10-13 01:30
System --> Info & Preferences (that menu item was recently renamed)

shane
2017-10-13 01:30
DHCP options are comma separated, but haven't validated if we input and pass through that way

shane
2017-10-13 01:31
so for DHCP Option 6, in theory, you'd do: 8.8.8.8,8.8.4.4 (for example using google dns)

shane
2017-10-13 01:33
hmm ... grubbing through the Go code, I can't find a definitive answer for you offhand - but I suspect comma separated

shane
2017-10-13 01:33
if @greg is awake, he might know off the top of his head

greg
2017-10-13 01:34
I think it is but let me check

shane
2017-10-13 01:35
rfc spec is comma - and I only find models/dhcpOptions.go specifying "Multiple IP address" in the comment, but no parsing code to verify

wdennis
2017-10-13 01:37
(reposted)

greg
2017-10-13 01:39
rfc spec is comma for string specified items. The problem is that Multiple IP address are byte encoded (no comma separated). But you found the right code, @shane.

shane
2017-10-13 01:39
@wdennis edit the Machines change stage/profile and enable Runnable

wdennis
2017-10-13 01:40
OK - not sure I?m doing this workflows thang right?

greg
2017-10-13 01:40
Yeah - we need a video/docs/discussion about stages and workflows.

2017-10-13 01:40
@rackneng - no luck on the dns option

wdennis
2017-10-13 01:41
@greg Your lips to God?s ears

2017-10-13 01:41
i can ping the 10.0.0.x ip address

shane
2017-10-13 01:42
@iamjes - set your DNS option to just a single DNS for now (just in case) - and make sure you can reach it (eg from DRP Endpoint - do "host http://www.google.com") to make sure you have access to it

wdennis
2017-10-13 01:43
@shane what is the ?not runnable? (runnable not selected) state mean?

2017-10-13 01:44
shane - sorry i am not familiar with all the end points

greg
2017-10-13 01:45
@IAMJES - do your machines have one interface or two? Does the PXE booting interface have internet access?

greg
2017-10-13 01:46
I think @shane meant DRP machine you are going to install.

greg
2017-10-13 01:47
@wdennis - ?not runnable? means that the task system tried to run something and it failed. This could be because of a task error or it could be because of a bad stage map/profile setup. You can check jobs to see if there is a failed job in the list.

2017-10-13 01:47
@rackneng greg - PXE / DHCP is on eth1 for the 10.0.0.x net

greg
2017-10-13 01:47
Okay - does 10.0.0.x route out to the internet?

2017-10-13 01:49
checking

wdennis
2017-10-13 01:50
@greg So in the UX, in Systems > Machines, there is a ?State? column, with either a green :white_check_mark: or a black ?power switch? symbol

wdennis
2017-10-13 01:50
If I edit a node, I see a slider switch widget, that sets the node to Runnable (or not)

wdennis
2017-10-13 01:51
If ?runnable? is set ?off?, what does that do/mean?

greg
2017-10-13 01:52
runnable off turns the black power switch on in the UX. it means that something in the task system needs to be examined.

greg
2017-10-13 01:54
The runnable flag is set to true by users or if the node runs `drpcli machines processjobs`. This is usually done as part of a bootenv (like sledgehammer or the install bootenvs).

greg
2017-10-13 01:54
It is meant to be an indicator that something might be amiss.

greg
2017-10-13 01:54
If a job fails, process jobs will wait until it becomes runnable again and retry the jobs.

wdennis
2017-10-13 01:55
OK? It seems that when I?ve installed a node, and the bootenv goes to ?local?, then the ?runnable? switch is off

wdennis
2017-10-13 01:57
What I?m trying to do is take a node that?s in a ?local? bootenv (i.e., was previously installed), and set it to reinstall and trigger a workflow for the profile that I?ve assigned to it

greg
2017-10-13 01:57
okay - so apply the profile to the machine that as the workflow in it.

greg
2017-10-13 01:58
Set the machine?s stage to the first stage in your workflow (like discover).

greg
2017-10-13 01:58
Reboot the node (so it PXE boots).

wdennis
2017-10-13 01:58
What I?ve done is edit the node, set the bootenv to (for example) `ubuntu-16.04-install`, set the profile to the desired one, and then set the stage to the first stage in the workflow

greg
2017-10-13 01:59
If you are using stages, you don?t need to deal with bootenvs directly. Stages imply bootenvs.

greg
2017-10-13 02:00
That should work assuming you have a starting stage of like `ubuntu-16.04-install`

wdennis
2017-10-13 02:01
Yes, I see that now - if I select a stage of `ubuntu-16.04-install`, the bootenv is set to the same and not edittable

greg
2017-10-13 02:01
This is good to see you guys use this and ask questions. I?m tweaking in now for 3.2. I?m going to try and make this more explicit.

wdennis
2017-10-13 02:01
Yes, the workflow has a starting stage of `ubuntu-16.04-install`

greg
2017-10-13 02:02
So, set the machine?s stage to that. Make sure the machine has a profile with a `change-stage/map` parameter (or in global). Then PXE boot the machine.

wdennis
2017-10-13 02:03
I will check the profile

wdennis
2017-10-13 02:03
BTW, what?s the IPMI plugin for (do)?

wdennis
2017-10-13 02:04
I activated it, but then in UX System > Plugins, can?t seem to Add > Use Provider

greg
2017-10-13 02:05
IPMI plug does IPMI calls to manage the bare metal machines.

greg
2017-10-13 02:05
It needs a node to have a couple of parameters to function.

wdennis
2017-10-13 02:06
Love to be able to use it?

wdennis
2017-10-13 02:06
Yes, my node?s profile does have the stage map: ``` "change-stage/map": { "ssh-access": "complete-nowait:Success", "ubuntu-16.04-install": "ssh-access:Success" }, ```

greg
2017-10-13 02:07
okay - looks good.

wdennis
2017-10-13 02:08
I?m using some old Dell PE 860's to test with, so they tend to take a while to PXE -> install

2017-10-13 02:08
Time to feed the :bear:!

wdennis
2017-10-13 02:08
I?m not on site now, so hard to know what?s going on with them once I set to PXE next boot & restart via IPMI?

greg
2017-10-13 02:10
yeah ?.

wdennis
2017-10-13 02:10
So was hoping that the IPMI plugin would let me set the nodes to PXE next boot and restart?

greg
2017-10-13 02:10
It can

greg
2017-10-13 02:11
THere is a content package that goes with it.

greg
2017-10-13 02:11
It can be used to configure the BMC.

wdennis
2017-10-13 02:11
Currently doing it by: ```[dradmin@dr-admin ~]$ ipmitool -I lan -H testnode01-ipmi -U root -a chassis bootparam set bootflag force_pxe Password: Set Boot Device to force_pxe [dradmin@dr-admin ~]$ ipmitool -I lan -H testnode01-ipmi -U root -a chassis power cycle Password: Chassis Power Control: Cycle```

greg
2017-10-13 02:11
and set the parameters needed by the plugin.

greg
2017-10-13 02:12
it does those commands - well we use a slightly different one for the top one.

greg
2017-10-13 02:13
```drpcli plugin_providers list``` I think will show you the actions that will get added to a machine whtn the plug provider is configured with a plugin and the machine has the required parameters.

greg
2017-10-13 02:14
```{ "AvailableActions": [ { "Command": "poweron", "OptionalParams": null, "Provider": "ipmi", "RequiredParams": [ "ipmi/username", "ipmi/password", "ipmi/address" ] }, { "Command": "poweroff", "OptionalParams": null, "Provider": "ipmi", "RequiredParams": [ "ipmi/username", "ipmi/password", "ipmi/address" ] }, { "Command": "powercycle", "OptionalParams": null, "Provider": "ipmi", "RequiredParams": [ "ipmi/username", "ipmi/password", "ipmi/address" ] }, { "Command": "nextbootpxe", "OptionalParams": null, "Provider": "ipmi", "RequiredParams": [ "ipmi/username", "ipmi/password", "ipmi/address" ] }, { "Command": "nextbootdisk", "OptionalParams": null, "Provider": "ipmi", "RequiredParams": [ "ipmi/username", "ipmi/password", "ipmi/address" ] }, { "Command": "identify", "OptionalParams": [ "ipmi/identify-duration" ], "Provider": "ipmi", "RequiredParams": [ "ipmi/username", "ipmi/password", "ipmi/address" ] } ], "Name": "ipmi", "OptionalParams": null, "Parameters": [ { "Available": true, "Description": "IP Address of the BMC", "Documentation": "This parameter is used by the IPMI Plugin to access the BMC", "Errors": [], "Meta": { "color": "blue", "icon": "address card outline", "title": "RackN Content" }, "Name": "ipmi/address", "ReadOnly": false, "Schema": { "type": "string" }, "Validated": true }, { "Available": true, "Description": "Username to access the BMC", "Documentation": "This parameter is used by the IPMI Plugin to access the BMC", "Errors": [], "Meta": { "color": "blue", "icon": "user circle", "title": "RackN Content" }, "Name": "ipmi/username", "ReadOnly": false, "Schema": { "type": "string" }, "Validated": true }, { "Available": true, "Description": "Password to access the BMC", "Documentation": "This parameter is used by the IPMI Plugin to access the BMC", "Errors": [], "Meta": { "color": "blue", "icon": "lock", "password": "hideme", "title": "RackN Content" }, "Name": "ipmi/password", "ReadOnly": false, "Schema": { "type": "string" }, "Validated": true }, { "Available": true, "Description": "Duration in seconds to leave the identify light on", "Documentation": "Duration in seconds to leave the identify light on", "Errors": [], "Meta": { "color": "blue", "icon": "podcast", "title": "RackN Content" }, "Name": "ipmi/identify-duration", "ReadOnly": false, "Schema": { "type": "integer" }, "Validated": true } ], "RequiredParams": null, "Version": "v1.0.0-0-3c742d9c049e008ad86d3c1cf2b420e44318bc9f" }```

greg
2017-10-13 02:15
That monstrosity is the ipmi plugin provider?s definition. It shows the parameters that are needed to control it and the actions that machines get.

wdennis
2017-10-13 02:15
Yeah, will have to try the `nextbootpxe` and `powercycle` ones

greg
2017-10-13 02:16
For example, add `ipmi/address`, `ipmi/username`, `ipmi/password` to a machine as parameters (with good values) and the actions should show up in the UX and CLI. Then you can call them from the UX or CLI to drive those actions.

wdennis
2017-10-13 02:17
Do you know if the command should be `chassis bootparam set bootflag nextbootpxe`? Or something other?

wdennis
2017-10-13 02:18
Nope:

wdennis
2017-10-13 02:18
```[dradmin@dr-admin ~]$ ipmitool -I lan -H testnode02-ipmi -U root -a chassis bootparam set bootflag nextbootpxe Password: Invalid argument: nextbootpxe```

greg
2017-10-13 02:18
we use ```ipmitool <flags to connect> chassis bootdev pxe```

greg
2017-10-13 02:18
There are additional flags to make it persistent, but we are mostly just trying to get the next boot to be pxe.

wdennis
2017-10-13 02:19
Yup, that worked

wdennis
2017-10-13 02:19
What?s your reboot one?

wdennis
2017-10-13 02:20
`chassis power cycle`?

greg
2017-10-13 02:21
yes

wdennis
2017-10-13 02:21
Cool, thx

wdennis
2017-10-13 02:21
I don?t see any IPMI-related stuff in Content Packages?

wdennis
2017-10-13 02:25
Dude? I think I?m getting the workflow / stages thing now? :grinning:

greg
2017-10-13 02:26
Good - I?m about to change. :slightly_smiling_face:

wdennis
2017-10-13 02:27
First node is in Stage ?complete-nowait? and BootEnv ?local?

wdennis
2017-10-13 02:27
Let?s log in and take a look?

greg
2017-10-13 02:27
that looks good. That looks like a success.

wdennis
2017-10-13 02:28
So wait wat - you are going to change the way Stages work now?? :cry:

greg
2017-10-13 02:28
A little bit. There are some issue with stages and workflows that we should fix before we get to much further along. The concepts will be the same and names won?t change. The map is going to change a little.

greg
2017-10-13 02:29
I promise I?ll document it just as good as the current scheme. :slightly_smiling_face:

wdennis
2017-10-13 02:29
lol

wdennis
2017-10-13 02:29
What is the sound of one hand clapping?

greg
2017-10-13 02:30
:slightly_smiling_face:

greg
2017-10-13 02:30
These are the changes we talked about in the community meetup around stage changes.

wdennis
2017-10-13 02:31
Yes - t?would be great to have the Workflow stage map actually be graph-like?

wdennis
2017-10-13 02:31
Alpha-ordering the stages is a bit confusing

greg
2017-10-13 02:33
That is part, Differentiating different workflows in the same map space. Tracking the current workflow in process. These are nice usability changes that are coming. There are more subtle issues that we are addressing as well.

wdennis
2017-10-13 02:34
Tracking workflow in progress - W00T!

greg
2017-10-13 02:34
The success path and task failure paths through stages are fine and safe, but the random failure cases aren?t handled completely safe.

wdennis
2017-10-13 02:34
Kind of like the v2 checkmarks thing?

greg
2017-10-13 02:35
Kinda - in a very gross way, you could use stages as roles and workflows as deployments, but that isn?t really a completely accurate analogy.

greg
2017-10-13 02:36
The intent is to make workflows a parameter-based thing so it is all content driven.

wdennis
2017-10-13 02:36
I really can?t wait until you guys document this ? very powerful, but you gotta know how to use it?

greg
2017-10-13 02:36
The random failure cases are if machines randomly reboot (power outage, hurricane, ?) and catch machines mid cycle.

wdennis
2017-10-13 02:37
Yup, ?inconsistent state?

greg
2017-10-13 02:37
exactly. The stages can have issues recovering from that.

greg
2017-10-13 02:37
A couple of tweaks and a few more pieces of actions will allow both stages and workflows to handle those cases as well.

shane
2017-10-13 02:52
@ctrees - I've updated the examples/5min-drp/ stuff ... however I think it's broken a bit due to some terraform provider plugin breakage by either Terraform or http://Packet.net - I'm not sure at the moment ... and I'm toast for the evening. I'll pick it back up again tmw morning. Please check out the README though - as it's updated with the "new way" of getting things, and AUTHing to get content - you no longer have to stage the RackN DRP Plugin content ...

2017-10-13 12:40
Morning all, anyone have a sample interfaces i can look at? My ubuntu install keeps stopping and saying it cant reach the mirror

2017-10-13 12:40
# The primary network interface auto enp2s0 iface enp2s0 inet static address 192.168.1.188 netmask 255.255.255.0 gateway 192.168.1.204 dns-nameservers 10.0.0.2 192.168.1.204 # secondary eth auto enxd8eb97bf66bc iface enxd8eb97bf66bc inet static address 10.0.0.2 netmask 255.255.255.0

ctrees
2017-10-13 13:38
@shane - Thanks... I'll start with the README now!

shane
2017-10-13 13:46
@iamjes - secondary eth looks right - you have your DHCP Options set for Default Gateway (Option 3) to be the DRP server for your provisioned machines - is your DRP endpoint routing traffic for your provisioned nodes ?

ctrees
2017-10-13 14:05
@shane ? missing " ? export BASE=htttps://.." sb> export BASE="https:...download" ?? correct ??

2017-10-13 14:06
@rackneng - shane it isnt so i just finished working on bridges and see what happens

shane
2017-10-13 14:10
@ctrees the RACKN_AUTH variable is set w/ `?`: `RACKN_AUTH="?username=${RACKN_USENAME}"`

ctrees
2017-10-13 14:18
@shane my comment was about a missing " in the README... is the "Download RackN plugins content and state it in the private-contents' a 'manual prep' or in the demo-run.sh ?

shane
2017-10-13 14:20
ah - I see :slightly_smiling_face:

ctrees
2017-10-13 14:20
so is the RACKN_AUTH also an export that needs set ? ...

shane
2017-10-13 14:20
nope - that's internal to bin/control.sh

shane
2017-10-13 14:20
demo-run.sh drives most of the actions through bin/conrol.sh

ctrees
2017-10-13 14:22
ok... well what I was confused about is if the lines after the export BASE are really part of the serial blob or reference to how it gets expanded...

ctrees
2017-10-13 14:23
the " is sort of either in the middle or end or I am not following

shane
2017-10-13 14:25
hmm - sorry - let me double check things - you don't need to download the RackN plugin content - not sure how I left that over in the README - checking

shane
2017-10-13 14:26
ugh - I have a git fail somewhere - I don't seem to have pushed the right README version in place :disappointed:

2017-10-13 14:28
so for now i am still failing on the ubuntu install and i get this in the log ... dr-provision2017/10/13 14:23:12.866150 sending block 0: code=0, error: TFTP Aborted

2017-10-13 14:29
i am still getting the bad mirror error after i have redone my networking to bridge. this next part is a little long so the only other thing i can think of is make a new mapping using debian...

2017-10-13 14:29
# The loopback network interface auto lo iface lo inet loopback # The primary network interface auto enp2s0 iface enp2s0 inet manual # secondary network interface auto enxd8eb97bf66bc iface enxd8eb97bf66bc inet manual # now start to bridge primary auto br0 iface br0 inet static address 192.168.1.188 netmask 255.255.255.0 gateway 192.168.1.204 dns-nameservers 192.168.1.204 bridge_ports enp2s0 bridge_stp off bridge_fd 0 bridge_maxwait 0 # secondary bridge auto br1 iface br1 inet static address 10.0.0.2 netmask 255.255.255.0 broadcast 10.0.0.255 bridge_ports enxd8eb97bf66bc bridge_stp off bridge_fd 0 bridge_maxwait 0

shane
2017-10-13 14:31
@iamjes - isn't your goal just to route the Provisioned Machines _through_ your DRP Endpoint - making it your "default router" for those Machines ?

shane
2017-10-13 14:33
@ctrees - ignore the RackN README plugin download stuff - it's now all handled in bin/control.sh - I'm fixing readme now

shane
2017-10-13 14:33
some how I stomped over a README change last night

2017-10-13 14:34
@rackneng shane it is though i dont have any other ideas except to try debian

shane
2017-10-13 14:34
ok - you don't need bridges to do that

shane
2017-10-13 14:34
Linux will route for you

shane
2017-10-13 14:34
what Distro are you using for your DRP Endpoint ?

2017-10-13 14:35
ubuntu 16.04


2017-10-13 14:35
i just made a stagemap for debian and if it works then its the distro

shane
2017-10-13 14:36
basically - start at the "Enable IP forwarding" section in that web page (IP Forwarding)

shane
2017-10-13 14:37
if you have something else upstream that is NAT translating your 10.0.0.0/24 network for you - then you do not need the IP masquerading

2017-10-13 14:41
@rackneng - shane - i made a debian stagemap and i kept the bridging the same. debian7 is downloading now -

2017-10-13 14:46
it just quit the location of the mirrors changed i think

shane
2017-10-13 14:55
ok - @ctrees README is updated - and there were some fixes to the bin/control.sh earlier this morning - so I suggest you re-pull the entire content just to be safe

shane
2017-10-13 14:55
I'm walking through the process right now to validate it's all correct

2017-10-13 15:04
@rackneng shane- the way the his configuration reads enp2s0 would be eth0 and enxd8eb97bf66bc would be eth1 - then... i would have something like this?

2017-10-13 15:04
auto enp2s0 iface enp2s0 inet static address 192.168.1.188 netmask 255.255.255.0 gateway 192.168.1.204 dns-nameservers 192.168.1.204 # secondary inteface auto enxd8eb97bf66bc iface enxd8eb97bf66bc inet static address 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255 gateway 192.168.1.2

2017-10-13 15:06
and i removed the comment from the line it talks about for ipv4

ctrees
2017-10-13 16:05
-------------------------------------------------------------------------------- ACTION :: export DRP=bfaa26ef-8b14-450b-83ba-cc5421468a0f Run next step? [ <Enter> | No | Ctrl-C ] -------------------------------------------------------------------------------- Success... /Users/cat/CodeOps/5min-drp/bin/control.sh: line 456: jq: command not found -------------------------------------------------------------------------------- ACTION :: export ADDR= Run next step? [ <Enter> | No | Ctrl-C ]

shane
2017-10-13 16:05
um

shane
2017-10-13 16:05
I guess I assume you have `jq` installed locally :slightly_smiling_face:

ctrees
2017-10-13 16:05
Seems like the ADDR did not pick up ?

ctrees
2017-10-13 16:06
the script actually asked packet for the server... and it is 'on-line' now

ctrees
2017-10-13 16:06
Should I go export the ADDR (IP I assume) and let the script continue ?

ctrees
2017-10-13 16:07
... woop that session will not pick up the export...

shane
2017-10-13 16:07
you can cancel "demo-run.sh" any time - restart it, then just answer "N" to the previous items run already

shane
2017-10-13 16:07
correct

ctrees
2017-10-13 16:08
... should I just re-run.... it could be an aritfact of 'clean project' ??

shane
2017-10-13 16:08
I need to see why the "prereqs()" failed - it checks for `jq`

shane
2017-10-13 16:08
nope - I regularly run this as a "clean" project

ctrees
2017-10-13 16:09
not sure about jq ... it's on a macmini (my messy machine)

shane
2017-10-13 16:09
what does: `which jq` return ?

ctrees
2017-10-13 16:09
I was going to build it on a clean CentOS VM desktop... BUT I have fought the time synce with vbox...

ctrees
2017-10-13 16:10
your right, it's not installed

shane
2017-10-13 16:10
the tooling generally works very hard to keep your environment contained in the 5min-drp directory - the only caveat I can recall is the requirement to modify the `~/.terraformrc`

shane
2017-10-13 16:10
and my handling of that mod can get it in a confused stage - not enough "idempotency" around the mod/restore of that file

2017-10-13 16:11
@rackneng - shane - i made a new configuration and the install stills comes back as a bad mirror

shane
2017-10-13 16:11
@ctrees I'm guessing you ignore an earlier error message ?

shane
2017-10-13 16:11
``` case $_OS_FAMILY in rhel) sudo yum -y install $_pkgs; xit $? ;; debian) sudo apt -y install $_pkgs; xit $? ;; darwin) ;; *) xiterr 4 "unsupported _OS_FAMILY ('$_OS_FAMILY') in prereqs()" ;;```

shane
2017-10-13 16:11
you should have seen "unsupported..."

ctrees
2017-10-13 16:11
OH... on the terraform, I just put that bin into 5min-drp/bin/

2017-10-13 16:11
i ran a dig command and it looks like it worked rebar@rebar:~$ dig 192.168.0.10 google.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> 192.168.0.10 google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11420 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;192.168.0.10. IN A ;; ANSWER SECTION: 192.168.0.10. 86400 IN A 192.168.0.10 ;; Query time: 4 msec ;; SERVER: 192.168.1.204#53(192.168.1.204) ;; WHEN: Fri Oct 13 11:09:04 CDT 2017 ;; MSG SIZE rcvd: 57 ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62907 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 155 IN A 172.217.9.174 ;; Query time: 4 msec ;; SERVER: 192.168.1.204#53(192.168.1.204) ;; WHEN: Fri Oct 13 11:09:04 CDT 2017 ;; MSG SIZE rcvd: 55

2017-10-13 16:15
hi there guys!

2017-10-13 16:16
can some one show me how must look proper bootenv file with ssh-key

2017-10-13 16:17
```"OptionalParams": [ "access-keys", "kernel-console" ],```

2017-10-13 16:17
right?

2017-10-13 16:21
my goal is boot sledgehammer and able to access with pub key

2017-10-13 16:32
i'm reviewed the Digital Rebar Online Meetup 2 on youtube, but Victor show only installation part, and is too many dependency from control to profiles for me, witch looks like magic

shane
2017-10-13 16:39
@kolomnitcki - we're rolling up a short more concise vid in a little bit

shane
2017-10-13 16:39
the basic method is to modify the "global" profile

2017-10-13 16:48
ok ill try play with global and will not distract today =)

zehicle
2017-10-13 16:48
one sec... it's buried in a video

2017-10-13 16:53
@kolomnitcki here's the link https://youtu.be/pHp6cHF11IM?t=371

2017-10-13 16:54
I thought it was on the v3.1 playlist already but it was not. Corrected that

2017-10-13 16:55
that's exactly what you were asking about

2017-10-13 16:55
ty

2017-10-13 18:14
Afternoon, how or where do i go to sign up for some of the 'pay services' for DR / RackN ?

2017-10-13 18:15
@IAMJES I'll work with you 1x1 to get connected

2017-10-13 18:15
@IAMJES in general, we direct people to rackn.com/beta

2017-10-13 18:16
@zehicle - Ok thanks! I am working through a network issue at the moment so i am almost ready

2017-10-13 18:19
@zehicle is the quickstart script still valid?

2017-10-13 18:20
it should be - we keep it updated.

2017-10-13 18:21
the instructions inside the script are usually right if in doubt

2017-10-13 18:22
v3 (DRP) quickstart only. We (RackN) is not maintaining v2 for new users

johnsutten
2017-10-13 18:28
has joined #community201710

2017-10-13 18:43
Just curious, which os is most of you using to deploy DRP ?

shane
2017-10-13 19:05
@johnsutten - Linux :slightly_smiling_face:

johnsutten
2017-10-13 19:06
Centos / Ubuntu / Red Hat / Oracle Enterprise Linux ?

shane
2017-10-13 19:06
centos/ubuntu are the two most popular at RackN

shane
2017-10-13 19:07
I use centos/ubuntu equally - the Linux distro really doesn't matter much

shane
2017-10-13 19:07
we'd suggest a modern version (eg centos 7 or ubuntu 16) that uses systemd - but that's not really required

shane
2017-10-13 19:08
the DRP endpoint is a Go Lang binary - there are very very few external dependencies to operate DRP (by design)

2017-10-13 21:15
@kolomnitcki focused SSH key add video: https://youtu.be/StQql8Xn08c

johnsutten
2017-10-13 21:26
do we have any experts in here on networking? I have tried all kinds of things and I still am not able to get eth0 and eth1 to work together

2017-10-13 21:41
@zehicle thank you Rob, it works after you point me prev video. but now i'm powerup my VMs and got "Permission denied (publickey)" very strange thing.

shane
2017-10-13 21:56
@kolomnitcki - when you ssh to the provisioned machine - can you please add "-v" to your SSH options, and provide that output here ?

2017-10-13 21:59
https://pastebin.com/zM5GVLvF

2017-10-13 22:02
for now, i'm back to clear VM snapshot and will install drp again, maybe i broked something when play

shane
2017-10-13 22:08
first, the "-T" option says do not allocate a psuedo TTY - which means you can't log in ... though - that is not the problem here, if the command succeeded, you wouldn't get a shell

shane
2017-10-13 22:09
Please check that the SSH **private** key half to the public key has appropriate permissions (chmod 600 FILE) - second - please verify you are using the __correctly__ private key half when you connect to your provisioned host - the one that matches the public key half you put in the parameter

shane
2017-10-13 22:10
in this case - the private key half is `/home/stanislav/.ssh/id_rsa` - so you need to be using the public half in the Parameter (presumably it's the `/home/stanislav/.ssh/id_rsa.pub` file)

2017-10-13 22:16
its ok, its just ubuntu happen. clear vm dont want to connect too. fix after reboot

2017-10-13 22:27
now my goal is find way to boot FreeBSD live img, where i can read about ``explode_iso.sh``?

shane
2017-10-13 22:28
you can read the shell script - located in (isolated mode) in drp-data/tftpboot/explode_iso.sh, or production mode in /var/lib/dr-provision/tftpboot/explode_iso.sh

shane
2017-10-13 22:29
usage options are basically (as found in the script): ```echo "Explode iso $1 $2 $3 $4" os_name="$1" tftproot="$2" iso="$3" os_install_dir="$4" expected_sha="$5"```

shane
2017-10-13 22:30
here's an example I documented for exploding Centos 7 ```export ISO_DIR=/home/vagrant/drp-data/tftpboot sudo $ISO_DIR/explode_iso.sh \ ce-centos-7.3.1611-install \ $ISO_DIR \ $ISO_DIR/isos/CentOS-7-x86_64-Minimal-1611.iso \ $ISO_DIR/centos-7.3.1611/install```

2017-10-13 22:37
who call it? he execute when ``drpcli bootenvs uploadiso``?

shane
2017-10-13 22:38
yes, or if a new ISO exists in the tftpboot/isos/ directory - the dr-provision daemon will do it on restart, or on -HUP signal (eg `kill -1 PID` or `kill -HUP PID` process of dr-provision)

2017-10-13 22:42
ok, but for testing i need ``memdisk`` from ``syslinux-6.03`` and i dont want to create complicate arch like sledgehammer for now. can i just create some directoris and put files, when create bootenv.json without ``IsoUrl`` directive?

shane
2017-10-13 22:46
presumably - yes you can - but I haven't tested / tried this ... YMMV

2017-10-14 00:26
whell, i cant able to debug bootenv with FreeBSD img, ``sending block 0: code=0, error: TFTP Aborted`` - its maximum information what i got with ``--debug-bootenv=2``

wdennis
2017-10-14 01:52
@johnsutten I may be able to help - please describe your network topology- you have two private (RFC1918) networks I see, 192.168.1.0/24 and 10.0.0.0/24... which one has Internet connectivity?

johnsutten
2017-10-14 02:10
@wdennis may have it solved - will know in a moment

johnsutten
2017-10-14 02:14
Nope this was my latest attempt

johnsutten
2017-10-14 02:14
# The primary network interface auto eth0 iface eth0 inet static address 192.168.1.188 netmask 255.255.255.0 gateway 192.168.1.204 dns-nameservers 192.168.0.1 192.168.1.204 #secondary network auto eth1 iface eth1 inet static address 192.168.0.1 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.0 post-up route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.1.204

johnsutten
2017-10-14 02:15
@wdennis I will remove the post-up line

johnsutten
2017-10-14 02:17
eth0 is connected to the internet eth1 serves the nodes

wdennis
2017-10-14 14:52
@IAMJES Then two questions: 1) does the 192.168.1.0/24 network on eth0 have a router (should be the ?gateway? IP device) that does NAT? 192.168.x.x addresses aren?t routable on the Internet 2) Is the DRP node acting as the router between the nodes network (192.168.0.0/24 in your example above) and the Internet-connected network (192.168.1.0/24 in your example above) ?

wdennis
2017-10-14 15:00
If the DRP server can curl stuff from the DR repo, then #1 should be a ?yes? (i.e. the DRP server has working Internet connectivity and also working DNS (can resolve names into IP addresses)

wdennis
2017-10-14 15:01
If the above is *not* working, that?s step one to resolve and get working

wdennis
2017-10-14 15:18
If it *is* working, please run the following commands on the DRP server and post the output: 1) ip route show 2) sysctl net.ipv4.ip_forward

ctrees
2017-10-14 16:28
Say... I see: scientificlinux-6.8-install ... does anybody know if another (probably university IT geek) is working on OpenAFS server infrastructure scripts ? (That's my goal is to setup testing env for OpenAFS Disaster Recovery)

ctrees
2017-10-14 16:32
global 'interest' in OpenAFS has reduced since CERN is trans off... but I'm curious who was motivated to put scientificlinux-6.8-install in

2017-10-14 17:05
> *[ctrees]* Say... I see: scientificlinux-6.8-install ... does anybody know if another (probably university IT geek) is working on OpenAFS server infrastructure scripts ? (That's my goal is to setup testing env for OpenAFS Disaster Recovery) i know in https://en.wikipedia.org/wiki/Faculty_of_Biology_(Moscow_State_University) cluster use scintific linux, but they use ``Lustre`` file system

johnsutten
2017-10-15 00:38
@wdennis class@class:~$ ip route show default via 192.168.1.204 dev eth0 192.168.0.0/24 dev eth1 proto kernel scope link src 192.168.0.1 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.188

johnsutten
2017-10-15 00:38
class@class:~$ sudo sysctl net.ipv4.ip_forward net.ipv4.ip_forward = 1

wdennis
2017-10-15 01:07
@johnsutten OK, that looks fine - you have routing between interfaces turned on in the kernel, so the DRP box is acting as a router for the nodes network.

wdennis
2017-10-15 01:08
Routing table looks OK as well...

wdennis
2017-10-15 01:10
Is the upstream router at 192.168.1.204 doing NAT, or something beyond that?

wdennis
2017-10-15 01:11
Could you do show the output of this command: `traceroute 8.8.8.8`

wdennis
2017-10-15 01:11
(from the DRP server)

johnsutten
2017-10-15 01:51
traceroute 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 192.168.1.204 (192.168.1.204) 0.571 ms 0.623 ms 0.735 ms 2 47.187.64.1 (47.187.64.1) 6.802 ms 6.818 ms 6.829 ms 3 172.102.49.250 (172.102.49.250) 6.876 ms 6.839 ms 6.942 ms 4 http://ae7---0.scr01.dlls.tx.frontiernet.net (74.40.3.17) 6.939 ms http://ae8---0.scr02.dlls.tx.frontiernet.net (74.40.3.25) 6.485 ms 6.646 ms 5 http://ae1---0.cbr01.dlls.tx.frontiernet.net (74.40.1.82) 6.878 ms 7.765 ms http://ae0---0.cbr01.dlls.tx.frontiernet.net (74.40.4.14) 19.332 ms 6 74.40.26.234 (74.40.26.234) 8.335 ms 6.543 ms 6.604 ms 7 108.170.240.193 (108.170.240.193) 7.265 ms 3.002 ms 108.170.252.129 (108.170.252.129) 4.349 ms 8 209.85.248.171 (209.85.248.171) 3.306 ms 108.170.230.145 (108.170.230.145) 3.131 ms 216.239.62.77 ) 4.259 ms 9 http://google-public-dns-a.google.com (8.8.8.8) 4.580 ms 7.319 ms 7.354 ms

wdennis
2017-10-15 02:07
@johnsutten OK, assuming that the upstream router at 192.168.1.204 is doing NAT, since you are reaching things on the Internet

wdennis
2017-10-15 02:08
OK, now the big question is: Is the upstream router NAT-ing *all* private IPv4 addresses, or just the 192.168.1.0/24 ones?

wdennis
2017-10-15 02:09
Do you have any working nodes on 192.168.0.0/24 that we can test from? (other than the DRP server of course)

johnsutten
2017-10-15 13:20
@wdennis I can put a node on with sledgehammer I haven?t setup ssh yet I think...

johnsutten
2017-10-15 14:55
@wdennis I also have a spare router I can connect and make the network so the server owns 10.0.0.x

wdennis
2017-10-15 15:23
@johnsutten We need a device you can log into on the nodes network

johnsutten
2017-10-15 15:26
@wdennis I can do that here... Secondary router takes on a new network and connect a laptop to it and set the router. The router is connected directly to the internet and I can put the routers IP address as fixed and in DMZ

johnsutten
2017-10-15 15:28
this way 'class' only has to deal with one network and subnet instead of two

wdennis
2017-10-15 16:08
And then I guess the DR server (?class??) has a leg on both networks, but does not have to act as a router... right?

johnsutten
2017-10-15 16:29
@wdennis no it doesn't though i do like the idea of having refined control on this network

wdennis
2017-10-15 16:30
@wdennis uploaded a file: https://rackn.slack.com/files/U416T0AAX/F7JJB7DT6/image_uploaded_from_ios.png and commented: My understanding of your latest topology...

johnsutten
2017-10-15 16:43
@johnsutten uploaded a file: https://rackn.slack.com/files/U7J7U5DA9/F7HT27E4Q/network1.png and commented: Modified network layout

wdennis
2017-10-15 17:17
@johnsutten if you do something like that, make sure that the border router does NAT for both the 192.168.1.0/24 as well as the 10.0.0.0/24 networks

johnsutten
2017-10-15 17:19
my cell phone and this machine is in the 192.168.1.x network and no one has yelled at me yet

johnsutten
2017-10-15 17:22
ill reboot this machine and let you know if i see any issues

johnsutten
2017-10-15 17:26
@wdennis looks like everything is doing what it is supposed to do.

johnsutten
2017-10-15 17:30
node is installed, ill tighten up ports accordingly...

2017-10-15 20:30
is someone already wrote ansible role for drp delpoy?

2017-10-15 20:46
today i wrote only download logic and dont feel is right way ```1) absetn dr-provision.sha256 from /tmp 2) present dr-provision-releases directory 3) download dr-provision.sha256 to /tmp 4) check if dr-provision.zip exist 5) check sha256 dr-provision.zip when dr-provision.zip not exist of sha256sum mismatch -- need to update or this is new install``` too many checks only for start download

2017-10-15 20:49
@kolomnitcki check the Terraform that Shane did in https://github.com/digitalrebar/provision/tree/master/examples/5min-drp

2017-10-15 20:50
it already sounds like you are using the tools/install.sh script as a reference (which is what I'd recommmend)

2017-10-15 20:56
i have some issues with install.sh, like 7z in centos7 is - 7za

johnsutten
2017-10-15 22:02
@wdennis Thank you for all of your help!

wdennis
2017-10-15 22:15
@johnsutten n/p, glad it?s working for you now

johnsutten
2017-10-15 22:26
Not to worry I will need to find and update the ssh logins for the default Ubuntu instances and get into how to deploy openstack

zehicle
2017-10-15 22:28
likely @rstarmer and @carl have an opinion on that

johnsutten
2017-10-15 22:28
@zehicle ok thanks

zehicle
2017-10-15 22:28
FWIW, I'd recommend looking into the Ansible or Kolla work. You could feed the Ansible from the dynamic inventory integration

zehicle
2017-10-15 22:29
is heads down making a new UX feature for bulk editing

wdennis
2017-10-15 23:30
@zehicle Any plans on DRP supporting _running_ an Ansible playbook from the DRP endpoint?

wdennis
2017-10-15 23:30
(i.e. as a workflow stage?)

zehicle
2017-10-16 00:03
@wdennis like v2 used to do? would be possible as a plug-in. one missing concept is that DRP has no SSH user context at all.

zehicle
2017-10-16 00:04
to do it from DRP server, you'd need a plug-in. You could do it from a stage on a single node (aka Ansible local) basis. That would not cross nodes, but could use Ansible to do the node config. Would be the same for chef solo or puppet

wdennis
2017-10-16 13:28
single-node would work for now? It?s basically for post-install config for a given purpose which would be based on profile(s)

wdennis
2017-10-16 13:30
So would need the kickstart/preseed to prep for running Ansible I guess? Then the post-install stage would download a playbook from Git and run it locally

wdennis
2017-10-16 13:33
I?m aiming for a single-pass install process, instead of my current ?install the node (which is remote Ansible-ready) with one tool, then run Ansible from another system on the newly-installed node?

ctrees
2017-10-16 13:57
@wdennis @zehicle is what your talking about using the same process as the kubespay demos ? as another content package ?

ctrees
2017-10-16 14:04
your current process allows you to pass off the infrastructure to 'another node'... I was thinking of doing that sort of process to hand off to CI/CD... so I was curious of the 'motivation' for 'single-pass' install as I seem to be getting into that debate with our group right now... aka figuring out the best life-cycle pattern for H/W recycle, upgrade... blah blah...

ctrees
2017-10-16 14:09
I've been promoting a 'scorched earth' method just because that forces us to practice DR, but we have so much legacy custom code...

shane
2017-10-16 14:09
"immutable infrastructure" might be a better phrase ... :slightly_smiling_face:

shane
2017-10-16 14:10
DRP is designed to support that - particularly with the read-only layers of content - helps to prevent unintentional (or intentional) changes in the field to provisioning templates/etc. to help insure repeatable deployments without any drift

ctrees
2017-10-16 14:11
... naw, 'scorched earth' put's it into a good frame of mind for debate... if I had to 'sell', I'd use 'immutable infra' :wink:

shane
2017-10-16 14:12
the hard part of that is application data and state - you have to be able to support application data separation from the app itself ... or excruciatingly carefully planned templates/profiles/etc. to not destroy content on system when provisioning

wdennis
2017-10-16 14:13
@ctrees I want my OS installer to be able to trigger an Ansible run (either remote or local) against the node(s) it just installed.

ctrees
2017-10-16 14:15
@wdennis OH... how did rob trigger the kubespray stuff ? ... wait... he had a ui step in that... your going full auto ?

zehicle
2017-10-16 14:16
@ctrees I've been using "lather, rinse, repeat" but the scorched earth matches the "create, destroy, recreate" approach from cloud

zehicle
2017-10-16 14:17
@ctrees it's not triggered - it's a stand alone step. There is a DRPCLI wait for X step, so you could build a script

shane
2017-10-16 14:17

zehicle
2017-10-16 14:17
that would get machines ready then wait for them to hit a complete state and then run the ansible-playbook command

ctrees
2017-10-16 14:18
btw... I'm sure I can't do scorched earth in prod, but want to push the idea into CI/CD for sure...

ctrees
2017-10-16 14:19
Yup that's the demo I'm referring to

wdennis
2017-10-16 14:19
@ctrees I believe Rob ran it outboard like I do - excepting they have provided an Ansible dynamic inventory script that build the inventory from the DRP profiles the machines are in (correct if wrong @zehicle )

shane
2017-10-16 14:20
you got it right; @wdennis

wdennis
2017-10-16 14:21
Ok - all I?m wanting (:stuck_out_tongue_winking_eye:) is a way to trigger the Ansible run from a DRP stage

ctrees
2017-10-16 14:22
Oh... trigger from DRP not from < fill in blank external event >

greg
2017-10-16 14:23
@wdennis - couple of ways. @ctrees and @zehicle alluded to one. Let me get to a keyboard to elaborate.

ctrees
2017-10-16 14:36

ctrees
2017-10-16 14:37
The kubespray content pack ? name ? comes from


ctrees
2017-10-16 14:38
... eventually ?...

ctrees
2017-10-16 14:39
What I was going to do is use the kubespary model but build up an OpenAFS ansible deployment

greg
2017-10-16 14:39
There is a kubespray in the RackN content - login into the RackN portal and you should see it.

greg
2017-10-16 14:40
@wdennis - I can think of a couple of ways to do what you want.

ctrees
2017-10-16 14:40
I see now that Rob was using DRP to generate the dynamic inventory for kubespray... I get that now (thanks)

greg
2017-10-16 14:41
1. external event handler - using websocket interface (or drpcli wrapper for it), wait for an event (like machine update (stage == TRIGGER_ANSIBLE)), then call ansible script that would run on the system and change stage to ansible finished.

greg
2017-10-16 14:42
2. Write a plugin that does #1 for you. It would be a ?Publish? plugin that registers an event publisher and than the does the same processing.

greg
2017-10-16 14:43
3. Write a plugin that add a machine action to the node called ?RunAnsible? or something liek that. Use parameter injection to drive the playbook and vars you want. Evening calling out to the inventory script to help create the inventory file. Call the RunAnsible command from the stage/task that you want.

greg
2017-10-16 14:45
4. Write a content bundle that install ansible on the machine in question, gits/gets the playbook in question, and then runs ansible on the node with a custom inventory.

greg
2017-10-16 14:45
So - lots of options at various levels of coding.

greg
2017-10-16 14:47
One of the big differences around DRP and DRv2 is that DRP doesn?t have a built in dependency system. So, sequencing tasks across nodes is not as easy. I?m keeping that in the back of my mind, but currently we don?t have plans to pull in that dependency model.

greg
2017-10-16 14:47
And I mean cross-node dependency system. Inside a node, we do with task lists and stages.

greg
2017-10-16 14:48
node == machine - Greg?s brain is slow.

wdennis
2017-10-16 15:00
@greg Thanks - good to know where the design boundries are

greg
2017-10-16 15:02
The sync points are now up to you. With the fact that the API can operate atomically on parameters, you can create your own sync points. Like choose a profile for your ?cluster? and tweak params as need to create sync points. I?m not sure if we?ll move that into a first order feature.

wdennis
2017-10-16 15:04
Looks like one could make a call to either Jenkins or maybe AWX ( https://www.jeffgeerling.com/blog/2017/ansible-open-sources-ansible-tower-awx ) to run a given playbook on a node - would need the dynamic inventory functionality to define the target(s)

zehicle
2017-10-16 15:07
I've looked at a tower integration using the API. would be possible to do as a plugin to register nodes

johnsutten
2017-10-16 15:10
Morning all, why is it in the Ubuntu installs there are LVM groups and ext2 used?

greg
2017-10-16 15:19
History more than anything else, @johnsutten. The initial ubuntu preseed was written around 9.04 or so. We?ve been minimally changing and it it was used across the board for ubuntus and debians. We could probably update it.

johnsutten
2017-10-16 15:29
@greg This morning installs are moving a whole lot better until about the 3rd phase on 16.04 and it hangs on Running dpkg

wdennis
2017-10-16 15:33
@zehicle That would be cool, but would love to not have a whole ?nother software stack to manitain just to do the Ansible runs? But I do get having product design limits. Just would be cool to have DRP be able to ?do it all? :slightly_smiling_face:

johnsutten
2017-10-16 15:35
Why is there an easter egg in my UI?

johnsutten
2017-10-16 15:59
Whenever I attempt to provision a new machine starting with the preferences I still get this error "dr-provision2017/10/16 15:57:39.156842 sending block 0: code=0, error: TFTP Aborted"

zehicle
2017-10-16 16:13
@johnsutten we needed to fill that space w something

johnsutten
2017-10-16 16:39
@zehicle @greg I am working on my documentation for installations and upgrades. Over the weekend here I documented what I had to do to get the installs completed. The first thing I did was a 14.04 LTS install and was able to make 14.04 (Ubuntu) node installs. I upgraded my Ubuntu 14.04 to 16.04 where the DRP resides and now I am not able to complete any Ubuntu node installations regardless if i use the 'tip' or 'stable' install

johnsutten
2017-10-16 16:43
Also, in your documentation please update it so it reads that certain OS releases are mandatory for DRP. Once i reach 10 Ubuntu nodes I will be buying Canonical support and I am not excited about having this experience again when i upgrade. Has there been any testing to see how DRP works with deploying nodes and the like after upgrading from 16.04 to 17.10?

wdennis
2017-10-16 16:58
UX want: When the auth token for the endpoint access expires, please display a message that ?Login time exceeded? or the like - I go to do a screen refresh, and just get the ?endless spinner?? Have to do a browser refresh, and then I get the endpoint login prompt.

shane
2017-10-16 17:03
@wdennis - I have an issue open on this

wdennis
2017-10-16 17:03
@shane cool

wdennis
2017-10-16 17:03
Run into that one every day :wink:

johnsutten
2017-10-16 17:05
If i use the 'tip' install, will it eventually be stable ?

zehicle
2017-10-16 17:11
tip is always tracks "stable" active dev for the new release and keeps moving

zehicle
2017-10-16 17:12
when we cut v3.2, stable will move to that

zehicle
2017-10-16 17:12
we try to keep tip working so it's usable

zehicle
2017-10-16 17:12
it's _not_ just the master branch

johnsutten
2017-10-16 17:13
@zehicle Moving to a production environment with DRP then I should stay with the stable install?

johnsutten
2017-10-16 17:59
As I begin a test environment with a stable install on Ubuntu 16.04 I do not have any content packages to add. The two that installed is the backing store and the Digital Rebar Provision Community Content. All of the other 'new content' is only for a 'tip' install.

greg
2017-10-16 17:59
They will work in the stable build.

greg
2017-10-16 17:59
We are working on a UI selector to let you choose stable vs tip content.

johnsutten
2017-10-16 18:01
@greg what are the recommended packages from a base install perspectve

greg
2017-10-16 18:05
For DRP, you need bsdtar, pzip, and 7z. Otherwise, DRP doesn?t care too much.

johnsutten
2017-10-16 18:12
Once in the DRP it seems that os-discovery and os-linux needs to be added to the Content packages to fill in the fields from the dropdowns in the Info and preferences

greg
2017-10-16 18:12
yes - that is true.

johnsutten
2017-10-16 18:13
what am i missing now to enable the default stage of the preferences? i am not able to select discover yet

greg
2017-10-16 18:13
You need to make sure that you have included the iso for sledgehammer.

greg
2017-10-16 18:14
You can check the discovery stage under stages.

johnsutten
2017-10-16 18:14
i have included both

greg
2017-10-16 18:14
Are you on tip or stable?

greg
2017-10-16 18:14
if you are stable, you need to restart the service.

johnsutten
2017-10-16 18:14
stable

johnsutten
2017-10-16 18:14
ok

johnsutten
2017-10-16 18:19
ok - discover came in

johnsutten
2017-10-16 18:37
I have been getting this error as well. Machine d3d3bc6b-9543-4f99-870e-d2f7b926f891 wants Stage ubuntu-16.04-install, which is not available


johnsutten
2017-10-16 18:38
I am not able to change the boot environment from sledgehammer to anything else. Perhaps i am in error, that all three was to be set to ubuntu 16 install ?

johnsutten
2017-10-16 18:39
(boot, stage, profile ?)

zehicle
2017-10-16 19:01
Docs patches welcome!

johnsutten
2017-10-16 19:04
To start my ubuntu deployment i have the following ... boot env local, stage ssh-access and profile ubuntu 16.04

johnsutten
2017-10-16 19:17
never mind - i had to upload the iso again

johnsutten
2017-10-16 20:20
why am i getting these errors in stable? Machine d3d3bc6b-9543-4f99-870e-d2f7b926f891 wants Stage ubuntu-14.04-install, which is not available

johnsutten
2017-10-16 20:20
I made sure i have a global map and the iso exists

johnsutten
2017-10-16 20:21
{ "Available": true, "Description": "Global Ubuntu14 Stage Map", "Name": "UBUNTU14", "Params": { "change-stage/map": { "discover": "ubuntu-14.04-install:Reboot", "ssh-access": "complete-nowait:Success", "ubuntu-14.04-install": "ssh-access:Success" } } }

johnsutten
2017-10-16 20:27
I don't have to restart services every time i add a workflow do i?

greg
2017-10-16 20:29
When adding isos with stable, yes. There is a bug fixed in tip about iso importing.

johnsutten
2017-10-16 20:31
soon as i restart maybe ubuntu 16 will install without issue

johnsutten
2017-10-16 20:33
@greg - at what part do i modify the install to use ext4 and create a swap and not to use LVM groups etc

greg
2017-10-16 20:34
You would need to create a custom bootenv, stage, and preseed template.

greg
2017-10-16 20:34
You would need to recreate the preseed template that does the partitioning how you like, you would need to create a custom bootenv that references that preseed, and a custom stage that uses that bootenv.

johnsutten
2017-10-16 20:35
Ok - I haven't a clue where to start to change that, do we have any documentation?

greg
2017-10-16 20:35
read the docs has parts on bootenvs and templates.

greg
2017-10-16 20:35
Not much on stages yet.

johnsutten
2017-10-16 20:47
@greg Everything else is great I am just looking to change the partition layout

johnsutten
2017-10-16 20:47
ill see what i can come up with and get a nod if it looks ok

johnsutten
2017-10-16 23:14
top

johnsutten
2017-10-16 23:14
wrong window

johnsutten
2017-10-16 23:16
Ok Ubuntu 16.04 won't install at all... 14.04 however appears that it might make it all the way though it has been stuck on the last 'preseed' at 18% for some time and has finished the grub2 package and language installation

zehicle
2017-10-17 01:05
sadly, there is no "just" when talking about partition layouts in preseed.

shane
2017-10-17 03:39
- I've updated the "5min-drp" demo tooling to support unique "cluster name prefixes" - this means you can use the tool to deploy multiple DRP clusters in http://packet.net - in the same PROJECT. https://github.com/digitalrebar/provision/tree/master/examples/5min-drp

shane
2017-10-17 03:40
(note to modify the `http://vars.tf` parameter named `cluster_name` - documented in README)

2017-10-17 14:10
cool!

wdennis
2017-10-17 16:51
repost: https://rackn.slack.com/files/U416T0AAX/F7GU3ADNE/pxe_install_os_options.pdf I had asked: take a look at the attached file; my question is what options does DRP support today, which may it support in future, which are unsupported (possibly b/c underlying install answer file format does not have the capability?) cc: @greg

wdennis
2017-10-17 16:51

zehicle
2017-10-17 17:09
NEW SCREEN in UX - we've added a page (RackN registration required) that allows bulk editing of nodes to set profiles, stages, bootenvs and take plugin actions

vlowther
2017-10-17 17:26
@wdennisThe only one that is tricky is 1, as that involves DRP being able to inventory the system and report what disks are available, which is not something we support right now (but which is on the roadmap), unless you want to do some %pre magic and its equivalent in Debian seed files.

vlowther
2017-10-17 17:30
3 is easily refactorable to something involving a package-list parameter, setting that parameter appropriately (in a profile or on a machine directly), and modifying the relavent bootenvs and kickstart/seed templates to expand that parameter if it is set -- the text.template language we write templates in can handle that task easily.

vlowther
2017-10-17 17:31
How 4 and 5 would be handle is different depending on whether you are using tasks

vlowther
2017-10-17 17:32
in the community content I would handle them as optionally-included tenmplates to be expanded if accompanying parameters are set

vlowther
2017-10-17 17:33
in much the same way the extra templates are expanded in the current centos7 kickstart template: https://github.com/digitalrebar/provision-content/blob/master/templates/ce-centos-7.ks.tmpl

vlowther
2017-10-17 17:34
if you are using rackn licensed content and have access to tasks I would write those as tasks.

vlowther
2017-10-17 17:37
and depending on how complex your partitioning requirements are, 2 can also be handled by making a template for each partition scheme you want and then conditionally including the appropriate one based on a parameter

vlowther
2017-10-17 17:39
as for when we would update the current content to operate as I have outlined, well, Greg and I only have so much bandwidth. :confused:

wdennis
2017-10-17 18:24
@vlowther understood

vlowther
2017-10-17 18:29
Of course, of someone from the community were to step in and undertake this work... :slightly_smiling_face:

wdennis
2017-10-17 19:18
starts reading The Go Programming Language :stuck_out_tongue_winking_eye:

shane
2017-10-17 19:18
@wdennis all of that is completely accomplishable via tasks/templates/profiles work

wdennis
2017-10-17 19:21
@shane Given Time, sounds achievable then...

shane
2017-10-17 19:22
to develop a fully flexible and generically usable set of Seed/KS files - maybe - but to generate custom configs required for your use case - that's not something that will take very long to do

vlowther
2017-10-17 20:16
@wdennis unless you want to start hacking on the core or the CLI, https://godoc.org/text/template is probably the best read.

wdennis
2017-10-17 20:17
@shane @vlowther cool, let?s see what I can come up with...

johnsutten
2017-10-17 21:36
Are the resident openstack people on?

johnsutten
2017-10-17 21:36
expert*

greg
2017-10-17 22:28
: Question - is it reasonable for those wanting to use TIP content to be required to use a TIP DRP?

greg
2017-10-17 22:31
I?m working through some of the upgrade and update and replace issues. The features flags we are adding work for tracking content expectations, but I?ve been wanting to prevent trying to avoid bi-directional feature flags between content and DRP. Content objects include flags which allow content to express their requirements. I?d like to avoid the other way if possible. To have content tasks smart enough to know which version of DRP (through feature flags) if possible.

greg
2017-10-17 22:34
Well - in looking around, I can make it work. Sorry for the noise.

shane
2017-10-17 22:39
@greg In general - I'd expect that a given DRP release version should have a set of tested/validated Content that relates to that version. Any updates/enhancements may have potentially breaking changes - and as such, I'd think that "Stable" DRP and "Stable" Content should be expected to work - but "Stable DRP" and "TIP Content" is a "maybe it works" ... and "maybe it doesn't" ... prospect

chermack
2017-10-17 22:43
added the field

greg
2017-10-17 22:48
@shane - I?m planning for that to be the default position. My table is: Stable DRP + Stable Content = Works! Stable DRP + TIP Content = Could work if content pays attention to DRP Feature Flags TIP DRP + Stable Content = Works (except at major release boundaries, but hopefully then as well) TIP DRP + TIP Content = May work depending upon the features flags again.

shane
2017-10-17 22:49
Sounds like a sane strategy to me ... anyone else have any input on this policy ?

johnsutten
2017-10-17 23:05
Hi all, thought i had it and then i lost it... where is the default ssh username and pass stored for ubuntu 16.04

2017-10-17 23:06
@greg `work if` == `may work`, so _ Stable Content = `work` anyway _ TIP Content = `may work` anyway `may work` == *do not use it*

shane
2017-10-17 23:10
@johnsutten - it's defined in net-seed.tmpl (templates)

shane
2017-10-17 23:10
default username specified if no overridden by parameter is "rocketskates"

johnsutten
2017-10-17 23:46
@shane i went ssh rocketskates@10.0.0.11 and used the same password and it failed - permission denied

shane
2017-10-17 23:47
you have to enable SSH username/pasword support versus SSH Key based access - as some people consider user/pass pairs to be security vulnerability/risk

johnsutten
2017-10-17 23:48
your talking about the ssh root mode right?

wdennis
2017-10-18 02:25
Looks like when we can select multiple disks, in the preseed case, can do some interesting stuff? See https://anonscm.debian.org/cgit/d-i/debian-installer.git/tree/doc/devel/partman-auto-raid-recipe.txt for some examples


wdennis
2017-10-18 03:50
How to test a change to a forked repo (a template in ?provision-content?) before I submit a pull request? The template in question (`ce-root-remote-access.tmpl`) is ?locked? in my DRP

shane
2017-10-18 03:51
@wdennis - you can clone that template - then where it's being called from, change the call to use the newly cloned template ... there will likely be a "chain" of clones you need to create to make the changes ...

shane
2017-10-18 03:52
make changes in the clones - which will be r/w

wdennis
2017-10-18 03:54
@shane OK, thx

greg
2017-10-18 04:05
Okay - the way I test it. I used the `tools/package.sh` from the top directory. This builds a new yaml file.

greg
2017-10-18 04:07
YOu can then use ```drpcli contents update drp-community-content - < drp-community-content.yaml``` to update your local content and test. YOu can always reimport from the RackN Portal if you need to reset.

greg
2017-10-18 04:08
It depends upon how you like to edit the objects. The challenge with the clone method is that when you are done, you will need to translate those clones into the repo objects.

wdennis
2017-10-18 04:09
Just directly `vi` the relevant .tmpl file and then do the `tools/package.sh` thing?

greg
2017-10-18 04:09
yeah

wdennis
2017-10-18 04:09
Cool

greg
2017-10-18 04:10
it will yaml / object validate as part of the build process.

greg
2017-10-18 04:10
Then you update the content. IT should even generate a special version for you.

wdennis
2017-10-18 04:10
Especially b/c the UX ?Clone? function of templates does not seem to be working for me?

greg
2017-10-18 04:11
The clone method is the preferred method for building your own content.

greg
2017-10-18 04:11
though fixing the bugs would be good.

wdennis
2017-10-18 04:12
I select the stock template, click ?Clone?, then change the ID and Contents, but when I click ?Add?, it never returns?

wdennis
2017-10-18 04:13
If I do a browser refresh, it seems that it had worked, the new template is there with the ?unlocked? icon

greg
2017-10-18 04:13
okay - good to know.

greg
2017-10-18 04:14
Opened issue

greg
2017-10-18 04:14
#504

johnsutten
2017-10-18 14:09
Morning all, I deployed an Ubuntu 16 environment with the ssh access. I haven?t modified anything. I am not able to login with rocketskates. Can someone take a look at my environment? https://drclass.010101.info:8092

greg
2017-10-18 14:12
So - you need to create a clone of the `ce-root-access` profile and put YOUR public key in the map of `access-keys`. You currently have my Mac book public key as an example.

greg
2017-10-18 14:13
steps to move forward.

greg
2017-10-18 14:13
1. clone `ce-root-access`

greg
2017-10-18 14:13
2. add your public ssh keys to that map of `access-keys`

greg
2017-10-18 14:13
3. save that profile.

greg
2017-10-18 14:14
4. add cloned profile to machine

greg
2017-10-18 14:14
5 remove `ce-root-access` profile from machine.

johnsutten
2017-10-18 14:14
Thanks!

greg
2017-10-18 14:15
6. set stage of machine back to ubuntu-16.04-install

greg
2017-10-18 14:15
7. FIX WORKFLOW maps

greg
2017-10-18 14:15
8. reboot machine.

greg
2017-10-18 14:16
The workflow needs to be fix before you reboot the machine.

greg
2017-10-18 14:16
You don?t have one.

greg
2017-10-18 14:16
oh yeah- you do.

greg
2017-10-18 14:16
sorry - let me look at it

johnsutten
2017-10-18 14:17
As i get closer to the end of this I would like to have Digital Rebar as one of the first topics in the LMS / MOODLE environment for people to learn.

greg
2017-10-18 14:17
nvm - that looks good . assuming you put UBUNTU16 on the machine and it appears you did.

johnsutten
2017-10-18 14:17
Yes I did works great

greg
2017-10-18 14:18
The default access for ubuntu should be: rocketskates/RocketSkates

greg
2017-10-18 14:18
but only from a tty (not ssh by default).

johnsutten
2017-10-18 14:18
Still need to make those changes then

johnsutten
2017-10-18 14:18
Needs to be ssh

wdennis
2017-10-18 15:00
@greg Where are the template files in the DRP isolated-mode tree?

wdennis
2017-10-18 15:01
I?m finding `*tmpl.json` files in the `drp-data/digitalrebar/templates` path, but not the ?official? DR ones

wdennis
2017-10-18 15:02
The stuff in there looks to be the ?unlocked? ones, including my clones of the official DR provided ones

shane
2017-10-18 15:03
content will be rolled up in the drp-data/saas-content/ directory

shane
2017-10-18 15:05
if you're looking to snag an existing template to modify via CLI - you can do something like: ```drpcli templates list | jq '.[].ID' # get list of ID names drpcli templates show net-seed.tmpl```

wdennis
2017-10-18 15:07
@shane I want to make a direct edit to the ?root-remote-access.tmpl? then run `tools/package.sh` as @greg had indicated

wdennis
2017-10-18 15:21
OK, have edited `./drp-data/saas-content/os-discovery-[...].yaml` with the fix I?m proposing

wdennis
2017-10-18 15:22
Now I find that there?s no `./tools/package.sh`

shane
2017-10-18 15:22
that's in the github repo - clone it locally

wdennis
2017-10-18 15:22
OK, did that

wdennis
2017-10-18 15:23
But now I?m getting an error `cp: cannot stat 'assets/startup': No such file or directory`

shane
2017-10-18 15:24
there are a lot of hardcoded dependencies in that script

shane
2017-10-18 15:24
it assumes you're using it a git checkout, and compiled

shane
2017-10-18 15:24
here's @greg to clear up how to use it now:

wdennis
2017-10-18 15:25
Looks like it?s choking on: ```+ cp -a assets/startup /tmp/rs-bundle-HVe8zmX6/assets cp: cannot stat 'assets/startup': No such file or directory```

greg
2017-10-18 15:25
yeah - sorry - my commentary was more for if you wanted to make a PR against the tree. You would need to run all the package commands from the content tree.

wdennis
2017-10-18 15:26
I?m trying to test a proposed template change before I submit

wdennis
2017-10-18 15:26
Don?t really need to build DRP, etc

greg
2017-10-18 15:27
Correct. You would just need to be able to package the content.

greg
2017-10-18 15:27
Give me two seconds - since I started us down this path.

greg
2017-10-18 15:32
Here are the steps: 1. install bsdtar (this could be just tar in the future) (the package.sh will force you to anyway). 2. git clone https://github.com/digitalrebar/provision-content 2.5 cd provision-content 3. edit templates as you like 4. tools/package.sh 5. upload built yaml file into DRP.

wdennis
2017-10-18 15:36
Cool, OK

greg
2017-10-18 15:36
I think you were building from the DRP directory and not a clone of the content directory.

wdennis
2017-10-18 15:37
No, I have a running isolated-install of DRP and just want to test that the proposed template change works before I submit a pull request for the change

wdennis
2017-10-18 15:38
Want to integrate the changed template into that

greg
2017-10-18 15:38
okay

greg
2017-10-18 15:39
I should still document the content development steps.

wdennis
2017-10-18 15:41
So I guess I?ll have to test with the ce-* templates (right now using the non-ce ones)

wdennis
2017-10-18 15:41
Shouldn?t be a problem I guess

greg
2017-10-18 15:43
Okay - for those. You can be hacky.

greg
2017-10-18 15:43
stop drp, edit the drp-data/saas-content/<file of choice>, start drp

greg
2017-10-18 15:44
actually, @shane is right. Clone is probably better and send an Issue with the object dump of the object to update from the cli.

shane
2017-10-18 15:45
only prob. with that is the Contents field is "escaped", making it hard to edit - need to unescape (explode out), then "repack" the content some how ... easily ...

greg
2017-10-18 15:46
oh that is possible.

shane
2017-10-18 15:46
sure it's possible - "easily" was thrown in there ... sed/awk'ing that wouldn't be very fun

greg
2017-10-18 15:46
no - drpcli unbundle

shane
2017-10-18 15:46
:slightly_smiling_face: nice

greg
2017-10-18 15:47
create a directory.

greg
2017-10-18 15:47
cd into directory

greg
2017-10-18 15:47
drpcli contents unbundle <saas content file> --format=yaml

greg
2017-10-18 15:48
yaml for sanity

wdennis
2017-10-18 15:48
Actually, for what I?m trying to test, ce-* templates should work?

shane
2017-10-18 15:49
nice - unbundle/bundle - like it

greg
2017-10-18 15:50
You can do all sorts of `bad` things with those commands and the API calls.

wdennis
2017-10-18 15:50
So I cloned the ?provision-content? repo, made the change to the relevant template, then in top level ran `./tools/package.sh`

wdennis
2017-10-18 15:51
Resulting in a new `drp-community-content.[yaml|sha256]` files

greg
2017-10-18 15:52
yep

greg
2017-10-18 15:52
YEAH!

wdennis
2017-10-18 15:52
Now can use those in existing DRP installation?

greg
2017-10-18 15:52
```drpcli contents update drp-community-content - < drp-community-content.yaml```

wdennis
2017-10-18 15:53
Need the `.sha256` in there as well?

greg
2017-10-18 15:53
```cat ._Version.meta``` should show you the version it decided to give you.

greg
2017-10-18 15:53
The sha is for us on download/upload to and from saas.

greg
2017-10-18 15:54
The UX and the installer us it to make sure nothing was messed up in transit.

wdennis
2017-10-18 15:55
no `._Version.meta` on the filesystem - or is that in a file?

wdennis
2017-10-18 15:55
I see this in the .yaml file: ```meta: Description: Digital Rebar Provision Community Content Name: drp-community-content Source: https://github.com/digitalrebar/provision-content Version: v1.0.0-tip-9-3cfc1b162a77010c6930ef7e65a5a746ad85a84```

greg
2017-10-18 15:56
yeah - for that content you get that.

greg
2017-10-18 15:56
So , you haven?t made a local commit yet.

greg
2017-10-18 15:56
If you have made a local commit for your change, the version should change to indicate it.

wdennis
2017-10-18 15:56
Right - not yet

wdennis
2017-10-18 15:56
Let me do that now

wdennis
2017-10-18 15:57
Commit then `package.sh`?

greg
2017-10-18 15:57
yes

wdennis
2017-10-18 16:01
OK, did that, now have: ```[dradmin@dr-admin provision-content]$ head -n5 drp-community-content.yaml meta: Description: Digital Rebar Provision Community Content Name: drp-community-content Source: https://github.com/digitalrebar/provision-content Version: v1.0.0-tip-dradmin-dev-10-5dc611603bba0352c887efed813e62ec8451f32f```

greg
2017-10-18 16:02
that way you can keep track of what you chaned.

greg
2017-10-18 16:02
dradmin user dev 10 commits ahead of tip.

wdennis
2017-10-18 16:03
OK

wdennis
2017-10-18 16:11
UX doesn?t show version of Content Packages any longer?

greg
2017-10-18 16:11
hover over tip

wdennis
2017-10-18 16:13
Oh that?s interesting - My ver is current, but UX syas there?s an ?Upgrade Available? to the (now-older) DR-provided one

greg
2017-10-18 16:13
Yeah - we are still working on that.

wdennis
2017-10-18 16:13
OK

wdennis
2017-10-18 16:14
Right - no UX edit an existing Stage Map?

wdennis
2017-10-18 16:17
Sorry, confused now - want to change my Stage Map (Workflow) to use the ?ce-ubuntu-16.04-install? instead of ?ubuntu-16.04-install? bootenv, which would (I?m guessing) pick up on my updated ce-* template

wdennis
2017-10-18 16:18
Do I have to create my own Stage that calls that bootenv?

shane
2017-10-18 16:20
you could clone that existing stage, edit it as you mention, then apply that stage to a specific Machine to test it

shane
2017-10-18 16:20
instead of using global and applying to all

wdennis
2017-10-18 16:22
Yes, I actually don?t use Global, created my own profile for installing Ubuntu

shane
2017-10-18 16:22
Good man !

wdennis
2017-10-18 16:22
Let?s see if it works now (really running out of time, but? so close!)

wdennis
2017-10-18 16:23
Hmmm, lots of UX button bugs (at least on OS X Safari?)

lae
2017-10-18 17:17
alright so

lae
2017-10-18 17:17
I've contributed some of the changes I've used in my own DRP environment to CE provision-content

greg
2017-10-18 17:51
Nice

greg
2017-10-18 18:45
@lae - I like the changes and adds. I?m thinking through the pull and add. The main issue I?m thinking through is the 7.3 and 7.4 change. The change is good. I?m debating about keeping it or not.

zehicle
2017-10-18 19:43
Keeping 7.3? Is there a way to archive older bootenvs so they don't clutter up the packs? Maybe a "historical" content on CE?

johnsutten
2017-10-18 19:49
@greg- can you take a look at my UBUNTU-remote-access template? i cloned it from the ce-root-remote-access template

johnsutten
2017-10-18 19:50
also made a corresponding param as well

johnsutten
2017-10-18 20:01
@greg when i try to put my ssh key into UBUNTU-ce-root-access it comes up blank

johnsutten
2017-10-18 20:01
after i save it

johnsutten
2017-10-18 20:10
modified it at the command line..

johnsutten
2017-10-18 20:11
now where is that restart command for the service?

johnsutten
2017-10-18 20:15

greg
2017-10-18 20:19
You shouldn?t have to restart the service, just the stage on the machine and the reboot the machine.

lae
2017-10-18 20:21
@zehicle technically, it would still be available in the git history

lae
2017-10-18 20:21
and git tags/releases

greg
2017-10-18 20:26
It is not a history problem; it is a use within existing users. For example, user is on stable and install c7.3. Updates to tip and all the c7.3 installs and workflows and stages that depend upon it are broken because it disappears.

greg
2017-10-18 20:27
You get warnings and such.

lae
2017-10-18 20:27
ah okay

lae
2017-10-18 20:27
Would it make sense to just make the CentOS 7 bootenv similar to the Ubuntu one and not specify subrelease?

greg
2017-10-18 20:27
My feeling now is to keep it. And deprecate it (add as a feature flag and remove in a few releases).

lae
2017-10-18 20:27
i.e. centos-7-install

greg
2017-10-18 20:28
Yeah - that is an interesting equivalent, but on different timescales.

greg
2017-10-18 20:28
May need to think about it.

greg
2017-10-18 20:29
Add a centos-install ,centos-7-install, centos-7.3.1608 install. And ref appropriately.

lae
2017-10-18 20:29
is that an ask?

greg
2017-10-18 20:30
no - sorry - thinking out loud.

greg
2017-10-18 20:30
similar for debian and ubuntu.

greg
2017-10-18 20:30
implicitly asking for thoughts.

lae
2017-10-18 20:33
I'm not sure having a `centos-install` bootenv (I assume you mean it would always point to latest, so when e.g. RHEL/CentOS 8 is out...) would actually be a good idea, since it might end up in people thinking it'll just be centOS 7 and start using it over `centos-7-install`...and then end up breaking things when CentOS 8 is out

lae
2017-10-18 20:33
I prefer to have the major version specified

greg
2017-10-18 20:33
yeah - wondering about levels. That is what centos pushes for its container bases.

greg
2017-10-18 20:36
for ubuntu XX.YY as releases.

greg
2017-10-18 20:36
Debian-X as releases

johnsutten
2017-10-18 21:56
how do i tell my DRP to look for updates.. my endpoint is no longer responding

johnsutten
2017-10-18 21:58
whether i try to connect via IP or FQDN

johnsutten
2017-10-18 22:12
is there any way to try and 'repair' my DRP?

johnsutten
2017-10-18 22:31
i had to reinstall DRP to get it working...

johnsutten
2017-10-18 22:56
Working through this checklist again....

johnsutten
2017-10-18 22:56
1. clone `ce-root-access` [9:13] 2. add your public ssh keys to that map of `access-keys` [9:13] 3. save that profile. [9:14] 4. add cloned profile to machine [9:14] 5 remove `ce-root-access` profile from machine.

johnsutten
2017-10-18 22:59
1 - cloned to UBUNTU-ce-root-access

johnsutten
2017-10-18 23:00
replaced old ssh key from gregs mac

johnsutten
2017-10-18 23:00
saved the clone

johnsutten
2017-10-19 00:07
looks like it worked ! now onto deploying openstack!

zehicle
2017-10-19 02:42
Cool

johnsutten
2017-10-19 12:19
still working through on issue... i have machines exactly the same and at times they never pick up dhcp when provisioning

zehicle
2017-10-19 12:41
Sometimes that means there is another DHCP server on your network.

johnsutten
2017-10-19 12:41
nope it is isolated

johnsutten
2017-10-19 12:44
i give a kudos to who ever optimized the code... my server is idle with DRP on and my load average is 0.0 0.00 and 0.0.5

johnsutten
2017-10-19 13:17
another item i noticed is when i stop the services and start them up after making changes at times i no longer get the messages of the services starting up anymore

wdennis
2017-10-20 00:19
@greg @shane Looks like I have an install loop going on with my latest workflow?

wdennis
2017-10-20 00:20
Any way to debug on the DRP side?

greg
2017-10-20 00:20
Nice! Unless you didn?t intend that

wdennis
2017-10-20 00:20
Looked at the machine console, and it is indeed in the Ubuntu installer doing things

greg
2017-10-20 00:21
You can jobs to see what is progressing.

wdennis
2017-10-20 00:21
I have a stage ?TEST-ubuntu-16.04-install? that goes to ssh-access:Success

wdennis
2017-10-20 00:22
then ssh-access to complete-nowait:Success

greg
2017-10-20 00:22
Did you machines start in TEST-* stage

wdennis
2017-10-20 00:23
yes

wdennis
2017-10-20 00:24

wdennis
2017-10-20 00:29

wdennis
2017-10-20 00:31
@greg are there logs? I don?t see the workflow stages in jobs?

greg
2017-10-20 00:33
You can look inside the the job at the top of the list to see its output

greg
2017-10-20 00:34
It looks like it had changed stage three times

wdennis
2017-10-20 00:35
Not the right machine?

wdennis
2017-10-20 00:36
I don?t see anything in the Jobs screen for this particular workflow

wdennis
2017-10-20 00:37
Trying to remember when I kicked it off? may have been this morning

wdennis
2017-10-20 00:37
Or last night

greg
2017-10-20 00:38
May need to restart the machine. If you restarted drp the tokens will be invalid

greg
2017-10-20 00:38
Or they timeout.

wdennis
2017-10-20 00:39
Which machine - the DRP host, or the target install server?

wdennis
2017-10-20 00:43
^^ @greg

greg
2017-10-20 00:49
The installing host

wdennis
2017-10-20 00:49
OK, guessed thats what you meant, so did so ?

wdennis
2017-10-20 00:53

wdennis
2017-10-20 00:53
Anything look wrong here to you? (Doesn?t to me?)

wdennis
2017-10-20 00:56
Using the ce-* bootenv in hopes that it will test my updated `ce-root-remote-access.tmpl` template

greg
2017-10-20 00:59
Don?t use the ce-* bootenvs with stages. They don?t run a runner

greg
2017-10-20 00:59
So the stages aren?t run

wdennis
2017-10-20 00:59
So I have to use the non-ce?

greg
2017-10-20 01:03
Yes. I thinking of changing this and getting rid of the ce-*. It is getting to confusing to separate the models. If you used the ce-* you are not using stages and task and need to let the bootenvs fall through

wdennis
2017-10-20 01:03
Did not know that?

wdennis
2017-10-20 01:04
Are workflows/stages DR-login only features?

greg
2017-10-20 01:10
Yes login and get access to them

wdennis
2017-10-20 01:12
@greg How can I test the proposed change to a template (cloned from the provision-content repo)

wdennis
2017-10-20 01:13
That?s all ce-* stuff, right?

greg
2017-10-20 01:15
Ues. Set the node to *none* stage. And the ce-*-install bootenvs. Reboot node and watch it install and move to local bootenvs

greg
2017-10-20 01:15
Hat should test it

wdennis
2017-10-20 01:15
OK

greg
2017-10-20 01:16
You can also put a PR out there and I?ll look at it. I need to work on @lae prs as well

wdennis
2017-10-20 01:16
Was going to test before submitting the PR :slightly_smiling_face:

wdennis
2017-10-20 01:18
Wait, there is no `none` stage in the drop list...

greg
2017-10-20 01:19
There will be.

greg
2017-10-20 01:19
Through drpcli set stage to ??

wdennis
2017-10-20 01:20
Can you give me the drpcli command syntax?

greg
2017-10-20 01:21
`drpcli machines stage <uuid> "" --force`

wdennis
2017-10-20 01:22
```[dradmin@dr-admin drp]$ drpcli machines stage 5fcbf69d-287e-4c2c-b085-5858665cd442 "" Error: Can not change stages with pending tasks unless forced```

greg
2017-10-20 01:22
sorry add the the `--force` flag

wdennis
2017-10-20 01:23
n/p, was guessing that a ?force? flag was needed

wdennis
2017-10-20 01:27
Here we go again?

johnsutten
2017-10-20 12:25
Morning all, sifting through the 'stuff' out there about Kubernetes (k8), Docker, mesosphere, cloudstack and openstack... In all the things i am seeing, what would be the leanest first run to show how DRP works in allowing people to create what they need... today on the front page of docker is they are putting k8 with their service...

johnsutten
2017-10-20 12:37
the other question i have is what tool could i use that give a dashboard of available resources and deploy a kvm / vm on top of ubuntu16?

shane
2017-10-20 13:15
@johnsutten you could try the Kibernetes integration we've done - via Kubespray: http://provision.readthedocs.io/en/tip/doc/integrations/ansible.html But in general - we don't do a lot of "Application Stack" integrations - simply because that isn't what the DRP solution is about - it's about building Bare Metal for YOUR environment, and you can put YOUR workloads on the metal

shane
2017-10-20 13:15
the Kubernetes stuff we have is a demonstration for that reason

shane
2017-10-20 13:16
what is your use case for KVM ? there are a LOT of "UI/Dashboard" based KVM controller solutions available out there ...

johnsutten
2017-10-20 13:35
@shane - this needs to show the dashboard can have a users with quotas and then show what is available to 'spin up' a vm / kvm or container

johnsutten
2017-10-20 13:36
whether that is handled all under kubernetes and openstack or docker or virtual box or vagrant

shane
2017-10-20 13:37
well - Digital Rebar is not really a provider for that sort of thing ... but Virtualization and Containerization management solutions are typically separate tools / things

johnsutten
2017-10-20 13:38
leveraging kubernetes is something that is a part of DR - so then what do most of the community / customers use when deploying DR with 'k8' ?

johnsutten
2017-10-20 13:49

shane
2017-10-20 13:49
nope

johnsutten
2017-10-20 13:52
from what i am reading about it I would use DR and deploy my ubuntu nodes and then run this kubernetes tool.

johnsutten
2017-10-20 13:58
@shane one other question, what is the most 'graceful' method to stopping DR on the server?

shane
2017-10-20 14:52
Just kill (not -9) of the dr-provision service is fine

johnsutten
2017-10-20 15:41
@shane thats a very good housekeeping note!

zehicle
2017-10-21 00:33
@zehicle uploaded a file: https://rackn.slack.com/files/U02DHRR2L/F7NKC925C/digital_rebar_runner_workflow.png and commented: sharing some early draft of stages/jobs/tasks graphics

wdennis
2017-10-21 02:12
Love it - moar docu!!! (Please and thanks)

wdennis
2017-10-21 02:17
Again (to clarify) - DRP runner mode is just for RackN-registered logins, right?

shane
2017-10-21 02:18
Correct - "stages" and "tasks" are advanced content

wdennis
2017-10-21 02:20
So, stages, their tasks and jobs need the runner mode to process them, correct?

shane
2017-10-21 02:20
You got it. Runner is in the RackN BootEnvs....

wdennis
2017-10-21 02:22
Ok, got it. Then, CE (i.e. open-source bits) just has BootEnvs without the runner invocation at the end?

shane
2017-10-21 02:23
Correct, there is no task flow, so no need for CE content to have runner

wdennis
2017-10-21 02:26
Now, RackN registration (login) is free, and stages/tasks/runners are all free functionality with registration, right? Or is it in the plans to charge for registration at some point?

wdennis
2017-10-21 02:28
Or is it that just some of the RackN-authored stages/other functionality (like plugins) that will be for-charge?

shane
2017-10-21 02:32
2 levels of RackN content, registered free, and registered pay. Stages/tasks/workflow are enabled in the free reg content ("os-linux" content pack for example ), and should remain free


wdennis
2017-10-21 02:33
Ok, cool, that was my understanding too...

wdennis
2017-10-21 02:34
Just wondering if I was right or not...

wdennis
2017-10-21 02:36
Goes without saying, these three levels (CE, RackN free, RackN paid) should be made very explicit on the website / mktg stuff / docu...

wdennis
2017-10-21 02:37
(Guess I just did say it!)

wdennis
2017-10-21 02:45

wdennis
2017-10-21 02:46
Running a container orchestration system on containers so you can run some containers on your containers

zehicle
2017-10-21 02:55
@wdennis I'm confirming Shane's statement that our expectation is that we are not planning to require payment (registration is free) for templates that use stages/runner. We expect that more advanced features will require payment.

wdennis
2017-10-21 14:29
Thanks, @zehicle - just want to be able to answer questions correctly :)

2017-10-22 02:12
Hey so when I say run `sudo ./dr-provision --static-ip=10.9.8.2 --file-root=/Users/gremlin/drb/drp-data/tftpboot --data-root=drp-data/digitalrebar`

2017-10-22 02:12
what are the docker commands happening?

2017-10-22 02:15
i'm wanting to run digitalrebar on http://rancher.com/rancher-os/

shane
2017-10-22 02:19
Hi @hadees, DRPv3 does not use/require docker. You can run/deploy the dr-provision binary in a container if you want, but not required.

2017-10-22 02:19
I thought it was running docker under the hood

shane
2017-10-22 02:20
If you insure the required supporting packages are installed, the dr-provision binary should run no problem, but we haven't tested it on RancherOS yet. 64 bit Linux is all that is needed for the binary.

shane
2017-10-22 02:21
Pkgs required are 7zip, unzip, and bsdtar.

shane
2017-10-22 02:21
DRv2 used to, version 3 is a complete rewrite

2017-10-22 19:26
@hadees here's the docker file that's included in the project - https://github.com/digitalrebar/provision/blob/master/Dockerfile

2017-10-22 19:27
it's not our primary testing path, so it may need to be updated.

wdennis
2017-10-23 16:39
Happy to see screen-sharing is a thing in Slack now ? may come in useful for those t?shoot sessions?

wdennis
2017-10-23 16:41
Q - is there any standard DR built-in user for Ubuntu installs? Doesn?t look like my key injection worked on the last server deploy?

wdennis
2017-10-23 16:44
Used `ce-ubuntu-16.04-install` if it matters

wdennis
2017-10-23 16:46
Also, is there such a thing in Slack as user aliases (or groups)? I?d love to be able to ping ?@support? and have it alert the relevant RackN folk?

zehicle
2017-10-23 16:47
does the trick

vlowther
2017-10-23 16:47
rocketskates is the fefault user.

vlowther
2017-10-23 16:47
should be the same password as the UX.

wdennis
2017-10-23 16:48
Injected by default, @vlowther?

wdennis
2017-10-23 16:48
@zehicle Wouldn?t ping all the non-DR folk too?

zehicle
2017-10-23 16:48
ah, yes

shane
2017-10-23 16:49
@wdennis see the net-seed.tmpl for default user injection

zehicle
2017-10-23 16:49
I'm not aware of group alias in Slack. would be handy feature

vlowther
2017-10-23 16:49
yep

shane
2017-10-23 16:50
The at here only alerts people signed in at the time - at channel sends alert to everyone in the channel regardless if they're logged in or not

wdennis
2017-10-23 16:51
I just don?t know if you all monitor Slack on an ongoing basis, or I have to alert folks to take a look

wdennis
2017-10-23 16:51
Time is sometimes of the essence :slightly_smiling_face:

zehicle
2017-10-23 16:53
this is the community channel, so nothing urgent - we do have 1x1 support channels that we monitor where a channel ping would only alert the relevant parties

wdennis
2017-10-23 16:57
@zehicle It?s just that I have limited time to work on the DR stuff during the day, and when I get a half-hour or hour to work on it, if I have questions, I?d need a timely answer or I run out of my window?

wdennis
2017-10-23 16:57
Most of the time it?s been no problem, but sometimes, I have to leave off before I can get an answer

wdennis
2017-10-23 16:59
I do understand ?best-effort response? is the SLA :slightly_smiling_face:

wdennis
2017-10-23 17:01
OK, looks like my custom template did not get executed?

wdennis
2017-10-23 17:03
Trying to test my changes to `ce-root-remote-access.tmpl`; I used the `ce-ubuntu-16.04-install` bootenv that I believe would use that when `access-ssh-root-mode` has a value set

wdennis
2017-10-23 17:04
Can anyone verify that the above would utilize my changed template?

greg
2017-10-23 17:04
Yes - ce-ubuntu will pull in the that template.

wdennis
2017-10-23 17:05
OK, the changed line didn?t work for some reason then?

lae
2017-10-23 17:06
@wdennis you need to reupload the template

lae
2017-10-23 17:06
`drpcli templates upload templates/ce-root-remote-access.tmpl as ce-root-remote-access.tmpl`

lae
2017-10-23 17:06
if you made the change after you've imported those templates previously (i.e. when importing a bootenv)

lae
2017-10-23 17:07
(updating a bootenv doesn't reimport templates I think)

wdennis
2017-10-23 17:09
I have set `access-ssh-root-mode` to ?yes?; Then replaced the `echo [...] >> /etc/ssh/sshd_config` with my `sed --in-place [...]` that I?m wanting to test in my version of the `ce-root-remote-access.tmpl`

wdennis
2017-10-23 17:09
@lae I did re-import that, @greg gave me instructions on how to do so that the DRP system uses my custom version

lae
2017-10-23 17:09
ah okay

wdennis
2017-10-23 17:23
Trying to change the stage map for my Ubuntu install profile, is not updating for some reason (UX)

wdennis
2017-10-23 17:31
How to manually edit the profile to delete the stage map? (Or does one just delete the stage map, which updates the profile??)

greg
2017-10-23 17:40
You can delete the parameter from the profile

greg
2017-10-23 17:40
Or set it to {}

wdennis
2017-10-23 17:49
Thanks @greg - don?t know why can?t delete it from UX? I do it (click Edit on profile, click Remove by change-stage/map(object) param, then click Save at bottom of pane) but when i pull it back up, it?s still there?

wdennis
2017-10-23 17:59
So the drpcli command `drpcli profiles set <my-profile-name> param "change-stage/map" to "{}"` seemed to work? But now when I try to use the UX Workflow screen to re-set-up the stage map and hit Save, it does not update the profile, or actually save the stage map?

greg
2017-10-23 18:01
set it to `null`

shane
2017-10-23 18:02
(`null` is a bare value - no quotes around it)

wdennis
2017-10-23 18:03
I did `drpcli profiles set <my-profile-name> param "change-stage/map" to ""` which returned `null` and now the param is gone

greg
2017-10-23 18:04
cool

wdennis
2017-10-23 18:05
So now I still cannot reset up the Workflow from the UX? Just doesn?t seem to save it?

greg
2017-10-23 18:21
hmm - Just did those steps and it seems to work for me. hard refresh the page to maek sure you are logged in.

wdennis
2017-10-23 21:10
@greg - OK. Different browser on other machine, ensured was logged into the endpoint & them DR Beta, went to Workflow, made a new stage map for my profile, saved it, clicked off to another window, clicked back to Workflow and dropped to my Profile, got nuthin.

wdennis
2017-10-23 21:11
Hard refreshed at the Workflow window, now I have a ?Login? button? Is the DR login working for me?

zehicle
2017-10-23 21:12
can you see/edit the workflow profile from the profile?

wdennis
2017-10-23 21:12
Clicked the ?Login? button, now am at an ?Security? page, has my RackN account details, and displays a ?Logout? button?

zehicle
2017-10-23 21:12
ultimately, that view is used editing that variable.

zehicle
2017-10-23 21:14
oh... I think I may know what happened

wdennis
2017-10-23 21:14
@zehicle, you mean edit the Profile, add an undefined param, choosing ?change-stage/map(object)??

zehicle
2017-10-23 21:14
yes

wdennis
2017-10-23 21:14
Yes, I can see/add it

zehicle
2017-10-23 21:15
I think that we updated the UX to rely on a fix to param names that you may not have in your deployed endpoint.

zehicle
2017-10-23 21:16
the / in the param name is making the API call for the UX unhappy. The UX does change behavior for endpoints with that bug.

wdennis
2017-10-23 21:16
?does?? or ?doesn?t?

wdennis
2017-10-23 21:21
Tried adding the param to the Profile, and even tho I click Save, it does not add?

wdennis
2017-10-23 21:24
OK, about ready to give up on this admittedly very pretty UX?

zehicle
2017-10-23 21:24
the UX does NOT detect if the API has the / defect or not

zehicle
2017-10-23 21:25
it would not be hard to add back the old behavior for older API

wdennis
2017-10-23 21:25
How to update the API to match the UX?

zehicle
2017-10-23 21:25
update the DRP endpoint

wdennis
2017-10-23 21:25
Are the API / UX versioned so they stay matched as to functionality?

zehicle
2017-10-23 21:26
the API is. The UX is not versioned but would need to detect API versions. You've found a version bridging bug

zehicle
2017-10-23 21:27
that came in when we switched to using PATCH instead of PUT (which fixed a different set of bugs)

wdennis
2017-10-23 21:27
So, do I have to go to ?tip? to get to working again?

zehicle
2017-10-23 21:28
checking w/ @greg

wdennis
2017-10-23 21:28
I believe my API is latest stable?

wdennis
2017-10-23 21:29
```[dradmin@dr-admin drp]$ ./dr-provision --version dr-provision2017/10/23 17:12:16.261448 Version: v3.1.0-0-b70cf8ee1f61844a6d64070a8b272c2bec512204```

zehicle
2017-10-23 21:32

zehicle
2017-10-23 21:33
patching API is the fast solution... I can also fix the version detection thing pretty fast too

zehicle
2017-10-23 21:34
that issue was in the v3.1 stable code with params that had / in the name.

zehicle
2017-10-23 21:34
really, anything that had / in the name

zehicle
2017-10-23 21:51
I will add version detection into UX to address stable vs tip

wdennis
2017-10-23 23:23
@zehicle OK, how to patch the API?

wdennis
2017-10-23 23:24
My problem is trying to use this in-dev system as a part of my production workflow?

wdennis
2017-10-23 23:28
Sorry, frustrated - Haven?t had correct installs since I went to 3.1

zehicle
2017-10-23 23:29
workflow is the new hotness - we're working on adding feature flags and other things to protect stable builds as we move forward

wdennis
2017-10-23 23:29
Sounds like a good plan?

zehicle
2017-10-23 23:30
one idea to help w/ production vs testing.... you can run two versions side by side if you change the API / IPXE ports. Then use API to turn subnets on or off

zehicle
2017-10-23 23:31
that way you could keep them both running and use the subnet active to direct traffic

zehicle
2017-10-23 23:31
they can't share data, but you'd have a fall back

zehicle
2017-10-23 23:32
in the mean time, I'm looking at the UX API version thing

wdennis
2017-10-24 00:10
Interested in patching what I have going now - how to do that?

zehicle
2017-10-24 03:41
@shane and @lae had tested some upgrade patterns. I'm not sure what's required between 3.1.0 and tip

wdennis
2017-10-24 12:16
Testing ?tip? to see if UX functions better?

wdennis
2017-10-24 12:16
Running: ```[dradmin@dr-admin drp-tip]$ ./dr-provision --version dr-provision2017/10/24 07:59:08.371285 Version: origin/master.travis.16-tip-strange-02f22e8dddac467f6e46279aa8d39cc5c89731d6```

wdennis
2017-10-24 12:16
Tried to add param to a new profile I created, got this error:


wdennis
2017-10-24 12:21
And from the stdout of dr-provision: ```[GIN] 2017/10/24 - 03:56:03 | 200 | 13.657Ás | 192.168.100.158 | OPTIONS /api/v3/profiles/necla-default-ubuntu [GIN] 2017/10/24 - 03:56:03 | 406 | 5.922018ms | 192.168.100.158 | PATCH /api/v3/profiles/necla-default-ubuntu [GIN] 2017/10/24 - 03:56:28 | 200 | 6.168Ás | 192.168.100.158 | OPTIONS /api/v3/profiles/necla-default-ubuntu [GIN] 2017/10/24 - 03:56:28 | 406 | 5.855957ms | 192.168.100.158 | PATCH /api/v3/profiles/necla-default-ubuntu [GIN] 2017/10/24 - 03:56:29 | 406 | 259.399Ás | 192.168.100.158 | PATCH /api/v3/profiles/necla-default-ubuntu [GIN] 2017/10/24 - 03:56:29 | 406 | 268.972Ás | 192.168.100.158 | PATCH /api/v3/profiles/necla-default-ubuntu [GIN] 2017/10/24 - 03:57:09 | 200 | 8.079Ás | 192.168.100.158 | OPTIONS /api/v3/profiles/necla-default-ubuntu [GIN] 2017/10/24 - 03:57:09 | 406 | 275.049Ás | 192.168.100.158 | PATCH /api/v3/profiles/necla-default-ubuntu```

ctrees
2017-10-24 12:42
@wdennis question: This is still your 'quest' for "a way to trigger the Ansible run from a DRP stage" ?

ctrees
2017-10-24 12:44
if so... I've got allocated more time on a 'greenfield' project at work and they greenlighted Ansible and 'what-ever' PXE/KS thing I want...

ctrees
2017-10-24 12:48
thinking that I could follow your path to reproduce issues you're seeing (are you joining the meetup today) ?

wdennis
2017-10-24 12:49
@ctrees I should be able to...

ctrees
2017-10-24 12:50
seems like most the issues are more UI/UX talking to API ?? right ??

wdennis
2017-10-24 12:52
I suppose so... don?t mind using drpcli for the more simple things, but writing then passing it big blobs of JSON to set up stuff isn?t how I want to spend my day...

ctrees
2017-10-24 12:53
Oh... for me to 'sell' this path, got to make the 'pretty work'....

wdennis
2017-10-24 12:53
I was using ?stable? for just that reason, but it seems the UX is always ?tip?.... and now current UX no longer works with v3.1 stable API...

wdennis
2017-10-24 12:54
Me as well - CLI-only tool no go for my team...

ctrees
2017-10-24 12:56
plus I'll need to make the ansible and ce-_putpackagehere_ then explain the guts... BUT the 'pretty' always seals the deal ... aka worth my time debugguing UX for sure...

wdennis
2017-10-24 12:57
So did you know that ce-* stuff can not use the workflow/stages subsystem?

wdennis
2017-10-24 12:57
(Found that out a few days ago)

ctrees
2017-10-24 12:57
I've got to do a timed 'DR' (Disaster Recover)... so went I talk DR they sort of 'oh cool'...

wdennis
2017-10-24 12:58
Only RackN login unlocks that functionality

wdennis
2017-10-24 12:59
Which is fine as long as it remains free to use...

ctrees
2017-10-24 12:59
Yea, I know and I sort of like that... basically because they know the support boundary...

ctrees
2017-10-24 13:02
I'm hoping that also gives a version control of the api which you guys were talking about too...

wdennis
2017-10-24 13:02
At this early stage I wouldn?t be able to convince folks here to buck up for support... have to show them a fully-functional ?wow? demo before that ever could happen...

wdennis
2017-10-24 13:03
The API *is* versioned; the UX is not

ctrees
2017-10-24 13:10
no, but I think that's possible and what ?? greg ?? is thinking... and I've got the same sort of demo path ahead... the dev side will be making sure they can test everything in the open, but the ops side will need to lock-down customer specific things... which they'll want custom support... so basically I'll need to write 'ce-' packages for dev... so they approve the stack...

shane
2017-10-24 13:24
The Endpoint/UX side issue with version and feature skew is being addressed via the use of "feature tags". The endpoint will have a set of "things it supports and features is can service", and the UX will behave accordingly.

shane
2017-10-24 13:25
Note that this is ... even newer ... than the UX itself. As we've mentioned - the UX itself is Beta release, and believe me - we are working as quickly as we can to stabilize it and sort out all of the details between the Endpoint and UX.

shane
2017-10-24 13:26
We greatly appreciate your frustration in dealing with the fine grained details and issues with this ... and it is very helpful to have your input and feedback on issues.

shane
2017-10-24 13:27
@wdennis - I understand that modifying/managing a lot of JSON isn't very "sexy" - but it is reliable. :slightly_smiling_face: One pattern that I use a lot ... and I really like ... the ability to completely rebuild a DRP Endpoint from scratch in almost zero time at all ...

shane
2017-10-24 13:28
is by dumping the JSON content to disk - and reloading a new DRP endpoint from scratch. This way - you can spin up an Endpoint extremely quickly ... which is very good practice for a modern CI/CD like pipeline - or a "Dev/Test/Stage/Prod" pipeline, if you will ...

shane
2017-10-24 14:00
if that pattern becomes common practice for you - you can very quickly accelerate making changes by modification to the JSON (or YAML if you prefer) blobs ...

shane
2017-10-24 14:00
totally understand that the UX is the sales piece for a lot of the other team members and mgmt

shane
2017-10-24 14:01
...and it's certainly a LOT easier to digest "things" in a visual format from text blobs

snesbitt
2017-10-24 15:53
has joined #community201710

wdennis
2017-10-24 16:37
@shane Understand that stuff is undergoing active dev, but frustrating when a previously-working system breaks, when I?m running ?stable?

wdennis
2017-10-24 16:38
As well, have had some regressions to things (mainly templates) that were working in v3.0 that are not in v3.1

shane
2017-10-24 16:39
@wdennis totally understand the frustration on the UX side - and we're aware of that and addressing the issues - we amended the meetup agenda for today - to include that very issue

shane
2017-10-24 16:40
@snesbitt - welcome

wdennis
2017-10-24 16:41
So putting the UX issues aside - can someone assist me in getting my Profiles / Workflows issues sorted so that my installs are back to expected functionality?

shane
2017-10-24 16:42
sure - I'm happy to help with that - I don't have historical context/experience w/ the 3.0 stuff, but we should be able to work through it - can we focus on that after meetup?

wdennis
2017-10-24 16:42
Sure, and thanks :slightly_smiling_face:

wdennis
2017-10-24 16:44
Remind me when meetup kickoff is again?

shane
2017-10-24 16:44
11am PST

shane
2017-10-24 16:44
1 hr 15 mins

wdennis
2017-10-24 16:44
OK, thought so, thanks

shane
2017-10-24 16:46
quick reminder ... our 3rd online Digital Rebar meetup starts in a short bit (11 am PST) - we hope you can join us - details: https://www.meetup.com/digitalrebar/

snesbitt
2017-10-24 18:43
HI All. I'm struggling to provision a kvm guest with a centos 7 system without any luck. Could someone walk me through the necessary steps?

shane
2017-10-24 18:44
hey @snesbitt happy to help out - right now we're running the community meetup

shane
2017-10-24 18:44
can we touch base in 20 or 30 mins ?

snesbitt
2017-10-24 18:44
No problem. Catch you then.

shane
2017-10-24 18:44
thx

shane
2017-10-24 19:03
@snesbitt - at the moment - we do not have a "plugin" that supports "machine actions" with KVM - that means "rebooting" a KVM guest instance isn't possible directly in Digital Rebar Provision

shane
2017-10-24 19:03
so in a KVM environment, you need to do 2 things:

shane
2017-10-24 19:03
1. manually walk your VM through reboot cycles

shane
2017-10-24 19:04
2. make sure you advance the Machines "profile" through the "discovery" and "OS install" stages you need

snesbitt
2017-10-24 19:06
Couple of questions here. First, do I need a global (or other workflow) and what should it look like? What is the process for advancing the machines profile? And can it be done using the cli or just the gui?

shane
2017-10-24 19:07
you can change/advance the profiles either via the UX (GUI) or the CLI (or directly via API if you choose)

shane
2017-10-24 19:08
that's up to you how you want to do it - easiest way is probably just through the UX - via the "Machines" left panel menu item, then "Edit" machine

shane
2017-10-24 19:08
you can also do it via the "Bulk Actions" page

snesbitt
2017-10-24 19:08
I'm guessing that I need to get the KVM into a stage of Boot LocalEnv and the apply the profile?

shane
2017-10-24 19:09
By default - when a Machine (KVM guest) boots, and it DHCPs against the DRP endpoint - you need a "Subnet" definition to enable that DHCP interaction - unless you're using an external DHCP server, and you have the DHCP server in DRP disabled

shane
2017-10-24 19:10
any "Unknown" Machine action will be set based on the "Info & Preferences" UX page - for "Unknonw BootEnv"

snesbitt
2017-10-24 19:10
I am successfully getting it to boot from pxe and into sledgehammer (I think it's sledgehammer - a centos system of some sort).

snesbitt
2017-10-24 19:11
Final question is there a log than I can access to watch the process?

shane
2017-10-24 19:11
in this case - you'd want to set it to either "ce-discovery" (if you are using only the drp-community-content), or you'd set it to "discovery" if you are using the RackN advance content (free but requires registration and login of the RackN account)

shane
2017-10-24 19:11
in the UX - you can use the "bullhhorn" icon in the upper left, next to the "Endpoint" - that's the "Announce" icon that opens a websocket event stream window

shane
2017-10-24 19:11
you'll see the calls against the DRP endpoint

shane
2017-10-24 19:12
once you've done "discovery" via the Unknown BootEnv - the Default BootEnv becomes the next step in the process

shane
2017-10-24 19:12
in this case - it sounds like you have it set to "Sledgehammer"

shane
2017-10-24 19:12
(or "ce-sledgehammer")

snesbitt
2017-10-24 19:13
Yes. And after that I need to apply a profile as you indicated above?

shane
2017-10-24 19:13
this is what you'd change - switch the profiile of the Machine to either "ce-centos..." or "centos..." BootEnv - then reboot the VM

snesbitt
2017-10-24 19:13
Ok, I'll give it a try. Thx!!

shane
2017-10-24 19:13
exactly !

shane
2017-10-24 19:14
the advanced RackN content (free - requires registration) ... has "Stages" and "Workflow" that can advance Machines through this process ...

snesbitt
2017-10-24 19:14
I am signed up so I have this.

shane
2017-10-24 19:14
but as I mentioned - we don't at the moment have a Plugin to support "Machine Actions" on the KVM side - we'll have to add that plugin type (it's fairly highly requested, so it'll get there)

shane
2017-10-24 19:14
right ... but we don't have a plugin for you right now :slightly_smiling_face:

snesbitt
2017-10-24 19:14
Lots of promise here so best of luck!

shane
2017-10-24 19:15
you can do some massaging of the actual tasks/bootenvs flow - so if you __know__ how you want your Machines to advance, you can inject those actions inside of the Tasks themselves

snesbitt
2017-10-24 19:15
One step at a time!

shane
2017-10-24 19:16
but our design by default is to handle that externally with allowing DRP Endpoint to push a Machine through changes via IPMI or "IPMI-like" (i prefer "Machine Actions") changes

snesbitt
2017-10-24 19:17
Oh, one last question. After I boot from a localenv and then reboot kvm, how does kvm reattach to the end point. I've kinda tried this and get a kvm boot failure with no bootable disk

shane
2017-10-24 19:29
you have to make sure any disks you have set for your VM Guest are set to "persist" across restarts of the VM and KVM host

shane
2017-10-24 19:29
that's a standard "KVM thingy"

wdennis
2017-10-24 21:03
any idea of what this DRP startup error means?


shane
2017-10-24 21:04
that's awfully blurry and hard to read - but it looks like it was looking for json or yaml and didn't find a validly formed file/contents

shane
2017-10-24 21:05
ah - blew up the pix - invalid character "m"

wdennis
2017-10-24 21:05
In what?

shane
2017-10-24 21:06
(jeesh - you've got some dust on that monitor ... :slightly_smiling_face: )

wdennis
2017-10-24 21:06
It?s a lab, what can I say...

shane
2017-10-24 21:06
some file - unfortunately that error isn't giving us the file name that's causing it to barf

wdennis
2017-10-24 21:06
So that was my prior running DRP ?stable?

wdennis
2017-10-24 21:07
I had stopped it, created another directory, and installed latest ?tip? in that

wdennis
2017-10-24 21:08
Fired that up, hit UX problems (see above) and decided to go back to using my old stable

wdennis
2017-10-24 21:08
Which now does not start...

greg
2017-10-24 21:09
That is one of the files in drp-data/saas-content

greg
2017-10-24 21:09
It appears to be invalid yaml.

wdennis
2017-10-24 21:11
Any cli-based YAML linters out there?

shane
2017-10-24 21:11
yes

wdennis
2017-10-24 21:11
Don?t know what changed, was running with those files before

vlowther
2017-10-24 21:12
More to the point, did you back up your backing store when you moved from stable -> tip?


shane
2017-10-24 21:12
it interprets yaml and will barf if it's not right ... so "sorta linter"

shane
2017-10-24 21:12
I use it in the "5min-drp" example demo stuff I use

vlowther
2017-10-24 21:13
as an upgrade from stable to tip can (and does, in this case) change the internal format of some of the backing store objects.

wdennis
2017-10-24 21:13
Was not an in-place upgrade, installed tip as isolated in another dir

shane
2017-10-24 21:14
right - but did you point the "tip" version at the "stable" version content directory ?

wdennis
2017-10-24 21:14
No

shane
2017-10-24 21:14
good man

vlowther
2017-10-24 21:15
ok -- can you tar up your stable content directory and send it to me in a PM?

shane
2017-10-24 21:17
@wdennis...there's a online yaml linter ... : http://www.yamllint.com/

shane
2017-10-24 21:18
`sudo dnf install yamllint` `sudo apt-get install yamllint` from: https://github.com/adrienverge/yamllint

wdennis
2017-10-24 21:23
@shane thx, using yamllint - all files check out (excepting pedantic ?line too long? and ?wrong indentation? errors)


greg
2017-10-24 21:26
Okay - so that may mean that you have tip content with the stable drp.

greg
2017-10-24 21:27
`ls -al drp-data/saas-content`

greg
2017-10-24 21:27
nvm - I see it

greg
2017-10-24 21:28
That might do it too. tip content.

greg
2017-10-24 21:29
Can you send us those four files, please?

wdennis
2017-10-24 21:30
Sending to @vlowther now

wdennis
2017-10-24 21:35
Or should I just bite the bullet and start running with ?tip? and rebuild my DRP world?

vlowther
2017-10-24 21:37
so the tarball has 6 files

vlowther
2017-10-24 21:37
drp-community-content-v1.0.0-tip-dradmin-dev-10-5dc611603bba0352c887efed813e62ec8451f32f.yaml kubespray-v1.0.0-tip-36-ce4ecc6205224c8cb6144ff35fc82c59e0301183.yaml os-discovery-v1.0.0-tip-30-df57b2959b32fd674ed749dd430b0e823658d4bc.yaml.bak os-discovery-v1.0.0-tip-36-ce4ecc6205224c8cb6144ff35fc82c59e0301183.yaml os-linux-v1.0.0-tip-travis-dev-33-a5f9ea9af72b14eb8c02e60ee5b1eb11485d7b3e.yaml yq

vlowther
2017-10-24 21:37
Where did the yq and .bak file come from?

vlowther
2017-10-24 21:39
Either way, the store implementation assumes that anything that isn't .yaml or .yml is JSON

vlowther
2017-10-24 21:39
so the presence of extra files in the saas-contents directory will cause load failures.

wdennis
2017-10-24 21:40
Well - the .bak is a backup of prior os-discovery and yq is a YAML linter that @shane recommended

wdennis
2017-10-24 21:41
Can delete and retry

vlowther
2017-10-24 21:41
please do.

wdennis
2017-10-24 21:42
Live and learn

wdennis
2017-10-24 21:43
So takeaway is only valid DRP yaml or json files in saas-content - :white_check_mark:

vlowther
2017-10-24 21:43
Yep.

vlowther
2017-10-24 21:44
Although we will add a check for obviously-bad files.

wdennis
2017-10-24 21:44
Silly users

vlowther
2017-10-24 21:44
breaking my Perfect (TM) code!

wdennis
2017-10-24 21:45
Now with BugFree(tm) !!!1!

vlowther
2017-10-24 21:46
Either way, time to head out.

wdennis
2017-10-24 21:46
Thanks

wdennis
2017-10-24 21:49
So @shane ? can we work on the drpcli way of setting up the workflow I want against my profile?

shane
2017-10-24 21:50
sure - give me 10 mins

wdennis
2017-10-24 21:50
Ack

shane
2017-10-24 21:59
ok

wdennis
2017-10-24 22:00
So, I have a custom profile with the param settings i want for the install templates

shane
2017-10-24 22:01
ok - with existing content - it's pretty easy to dump all the things - and save them out for reload

shane
2017-10-24 22:02
you might want to install a new DRP endpoint just for this testing ? to shovel content in to - and see how it looks

shane
2017-10-24 22:02
if you don't provision against it - you can disable dhcp/tftp - and set the API port to an alternate number - and you can then hit it via UX IP:alt_port_number

shane
2017-10-24 22:02
to both watch it being built, and see that it's "right" the way you want it

wdennis
2017-10-24 22:03
Trying to set up a workflow to install U16.04, then move to ssh-access, then done

shane
2017-10-24 22:03
the whole process is "codified" in bash - via the 5min-drp stuff in git: https://github.com/digitalrebar/provision/tree/master/examples/5min-drp

shane
2017-10-24 22:04
basically - the "demo-run.sh" is a driver to the bin/control.sh script - which does the main work

wdennis
2017-10-24 22:04
So I should look at that and see if I can do it?

shane
2017-10-24 22:05
you can - it's designed to spin up a http://packet.net instance, use terraform, and plumb up a DRP endpoint with the RackN registered content ... then provision nodes in http://packet.net

shane
2017-10-24 22:05
that's a bunch of stuff you don't really need (http://packet.net and terraform) (presumably)

shane
2017-10-24 22:06
so what we want to do more than anything else, is just observe the patterns of how I did that there

wdennis
2017-10-24 22:06
OK, fair enough

wdennis
2017-10-24 22:06
Let me take a look and see what I can get done

shane
2017-10-24 22:06
the drp-install stuff is boring - you're probably pretty good at spinning up an Endpoint, by now :slightly_smiling_face:

shane
2017-10-24 22:07
if you look at the bin/control.sh usage statement, you get: ```USAGE: $0 [arguments] WHERE: arguments are as follows: help | usage this help statement install-terraform installs terraform locally install-secrets installs API and PROJECT secrets for Terraform files ssh-keys generates new ssh keys, REMOVES existing keys first set-drp-endpoint <ID> sets the http://drp-machines.tf endpoint information for Terraform get-drp-local installs DRP locally get-drp-cc installs DRP *community* content get-drp-plugins installs DRP Packet Plugins drp-install <ID> install DRP and basic content as identified by <ID> remote-content <ID> do 'get-drp-cc' and 'get-drp-plugins' on remote <ID> drp-setup <ID> perform content and plugins setup on <ID> endpoint get-drp-id get the DRP endpoint server ID get-address <ID> get the IP address of new DRP server identified by <ID> ssh <ID> [COMMANDS] ssh to the IP address of DRP server identified by <ID> scp <ID> [FILES] ssh to the IP address of DRP server identified by <ID> cleanup WARNING WARNING WARNING ```

wdennis
2017-10-24 22:08
So what I really need is to set up the workflow (stage maps)

shane
2017-10-24 22:08
the interesting bits for you are the `drp-install` (contents bits), `get-drp-plugins` (may or may not apply depending on what you need), and `drp-setup`

shane
2017-10-24 22:09
each of those three steps are just case statements in bash - so you can search to them via `drp-install)` (note the closing parenthesis)

shane
2017-10-24 22:09
when searching

shane
2017-10-24 22:09
in each of the steps - I'm being pedantic about deleting any content if it exists first, and then loading it again ...

shane
2017-10-24 22:10
it allows me to re-iterate the process over-and-over against an existing endpoint cleanly, and insuring I wipe content clean and reinstall with new (possibly the same, or possibly updated/modified content)

shane
2017-10-24 22:10
that's just a general pattern

shane
2017-10-24 22:10
if you know you start from scratch every time - you can stip the test/wipe/upload and just "upload" (eg "create") steps

shane
2017-10-24 22:11
does that make sense ?

wdennis
2017-10-24 22:11
Let?s see :slightly_smiling_face:

wdennis
2017-10-24 22:11
Gotta run now - but will pick this up later tonight

shane
2017-10-24 22:11
cool

wdennis
2017-10-24 22:11
Thx for help, we?ll see what I can figure out?

shane
2017-10-24 22:12
hmm - skip `drp-install` altogether

shane
2017-10-24 22:12
I restructured it to put everything in `drp-setup` (install just "installs"; as the name suggests, now)

wdennis
2017-10-24 22:12
OK

ejk
2017-10-25 16:45
has joined #community201710

zehicle
2017-10-25 18:30
Welcome @ejk!

zehicle
2017-10-25 18:34
coming change for UX (as per call yesterday) will be to start respecting feature flags from the endpoint. First impact will be that the Workflow page requires being on tip (or a very recent build of the endpoint that supports Features flag).

wdennis
2017-10-25 21:58
So @shane looks like the relevant section of 5min-drp `bin/control.sh` for my needs (creating stage map for a profile) are lines 520-539

wdennis
2017-10-25 21:58
correct?

shane
2017-10-25 21:59
In mtg now until 5pm

wdennis
2017-10-25 22:00
OK, catch ya later

shane
2017-10-25 22:07
the `drp-setup)` case stanza should be the majority of what you need

shane
2017-10-26 00:00
@wdennis - back online - you still need some help ?

shane
2017-10-26 00:01
@ejk - welcome to our little #community here ... :slightly_smiling_face:

wdennis
2017-10-26 01:38
@shane you still around?

shane
2017-10-26 01:39
for a couple minutes ... I have a huge hunk of marinated tri-tip on the barbie ...

wdennis
2017-10-26 01:39
Got the profile reestablished with the stage map, but now when I put it against the machine I want to re-roll, it isn?t setting the bootenv like it was before?

wdennis
2017-10-26 01:43
I set it manually thru the UX, so now it looks like: ```[dradmin@dr-admin drp]$ drpcli machines show 5fcbf69d-287e-4c2c-b085-5858665cd442 { "Address": "192.168.1.143", "Available": true, "BootEnv": "ubuntu-16.04-install", "CurrentTask": 0, "Description": "Dell PE 860", "Errors": [], "Name": "testnode01", "Profile": { "Available": false, "Errors": null, "Name": "", "ReadOnly": false, "Validated": false }, "Profiles": [ "necla-default-ubuntu" ], "ReadOnly": false, "Runnable": true, "Tasks": [], "Uuid": "5fcbf69d-287e-4c2c-b085-5858665cd442", "Validated": true }```

2017-10-26 01:43
Time to feed the :bear:!

shane
2017-10-26 01:43
what does your stage map look like ?

wdennis
2017-10-26 01:44
```[dradmin@dr-admin drp]$ drpcli profiles show necla-default-ubuntu { "Available": true, "Description": "NECLA Default Stage-map", "Errors": [], "Name": "necla-default-ubuntu", "Params": { "change-stage/map": { "ssh-access": "complete-nowait:Success", "ubuntu-16.04-install": "ssh-access:Success" } }, "ReadOnly": false, "Validated": true }```

wdennis
2017-10-26 01:47
looks OK? (or not?)

shane
2017-10-26 01:48
I'm not sure about the "ssh-access" piece ... did Greg provide that for you ? I'm used to manipulating from "discover" forward

wdennis
2017-10-26 01:49
It?s one of the RackN-provided stages, yes?

shane
2017-10-26 01:50
yes it is - but you have to have a Machine enter the "right stage" to kick off the stage workflow

wdennis
2017-10-26 01:50
The order is supposed to be: ubuntu-16.04-install --> ssh-access --> done

wdennis
2017-10-26 01:50
So in the JSON, the order matters?

wdennis
2017-10-26 01:51
Here?s the JSON file I wrote: ```[dradmin@dr-admin drp]$ cat necla-default.json { "Available": true, "Description": "NECLA Default Stage-map", "Name": "necla-default-ubuntu", "Params": { "change-stage/map": { "ubuntu-16.04-install": "ssh-access:Success", "ssh-access": "complete-nowait:Success" } } }```

wdennis
2017-10-26 01:53
And then (after deleting the old `necla-default-ubuntu` profile first) I did: `drpcli profiles create - < necla-default.json`

wdennis
2017-10-26 01:54
DRP seemingly reordered it to: ``` "Params": { "change-stage/map": { "ssh-access": "complete-nowait:Success", "ubuntu-16.04-install": "ssh-access:Success" } },```

shane
2017-10-26 01:55
the process is right - I think it's just a matter of the stage map being right to match where your Machine is at currently - and where you want it to get to

shane
2017-10-26 01:55
TBH - I'm not sure about that flow - and we'd need greg to weigh in on that

wdennis
2017-10-26 01:57
I think the machine?s bootenv needs to be set to a stage in the stage map, which it is

wdennis
2017-10-26 01:59
n/m? The *stage* needs to be set, not the bootenv

wdennis
2017-10-26 02:00
What confuses me is that the bootenv and the stage are named the same

wdennis
2017-10-26 02:04
Set the stage appropriately, and now the bootenv is set to the same automatically? which is right

wdennis
2017-10-26 02:04
Now I have: ```[dradmin@dr-admin drp]$ drpcli machines show 5fcbf69d-287e-4c2c-b085-5858665cd442 { "Address": "192.168.1.143", "Available": true, "BootEnv": "ubuntu-16.04-install", "CurrentTask": -1, "Description": "Dell PE 860", "Errors": [], "Name": "testnode01", "Profile": { "Available": false, "Errors": null, "Name": "", "ReadOnly": false, "Validated": false }, "Profiles": [ "necla-default-ubuntu" ], "ReadOnly": false, "Runnable": true, "Stage": "ubuntu-16.04-install", "Tasks": [ "change-stage" ], "Uuid": "5fcbf69d-287e-4c2c-b085-5858665cd442", "Validated": true }```

2017-10-26 02:04
Time to feed the :bear:!

wdennis
2017-10-26 02:07
PXE-booted the node, let?s see what I get?

shane
2017-10-26 02:11
Might WiFi capped out, and dinner is on table - need input on stage map transitions, the Ubuntu install is successfully completed, right?

wdennis
2017-10-26 02:13
enjoy dinner, talk to you tomorrow ? installs on these old Dells take a while, and no remote console :cry:

wdennis
2017-10-26 12:53
Good morning? The node did install, but still not picking up my ssh-access param?s?

wdennis
2017-10-26 12:53
I see these job log outputs from the run: ```Log for Job: 4353e00c-5ece-4035-a58e-a7ee44a37790 Starting Content Execution for: change-stage.sh.tmpl Error: Failed to fetch info info: [GET /info][403] getInfoForbidden DRP does NOT support 'sane-exit-codes' using old codes ...Machine's current stage: ubuntu-16.04-installChecking for data: ubuntu-16.04-install from ssh-access:SuccessAttempting to test Stage to ssh-access and return 0{ "Address": "192.168.1.143", "Available": true, "BootEnv": "ubuntu-16.04-install", "CurrentJob": "4353e00c-5ece-4035-a58e-a7ee44a37790", "CurrentTask": -1, "Description": "Dell PE 860", "Errors": [], "Name": "testnode01", "Profile": { "Available": false, "Errors": null, "Name": "", "ReadOnly": false, "Validated": false }, "Profiles": [ "necla-default-ubuntu" ], "ReadOnly": false, "Runnable": true, "Stage": "ssh-access", "Tasks": [ "ssh-access", "change-stage" ], "Uuid": "5fcbf69d-287e-4c2c-b085-5858665cd442", "Validated": true}\nChanged stage successfully: Returning 0Command change-stage.sh.tmpl succeeded Log for Job: d1e496aa-999f-48ab-9901-b87709656593 Starting Content Execution for: access-keys.sh.tmpl Updating SSHD default valuesRestarting ssh * Restarting OpenBSD Secure Shell server sshd ...done.Finished updating access keys successfullyCommand access-keys.sh.tmpl succeeded Log for Job: e29e9a2f-58d2-4ffa-99a2-d366b949387d Starting Content Execution for: change-stage.sh.tmpl Error: Failed to fetch info info: [GET /info][403] getInfoForbidden DRP does NOT support 'sane-exit-codes' using old codes ...Machine's current stage: ssh-accessChecking for data: ssh-access from complete-nowait:SuccessAttempting to test Stage to complete-nowait and return 0{ "Address": "192.168.1.143", "Available": true, "BootEnv": "local", "CurrentJob": "e29e9a2f-58d2-4ffa-99a2-d366b949387d", "CurrentTask": 0, "Description": "Dell PE 860", "Errors": [], "Name": "testnode01", "Profile": { "Available": false, "Errors": null, "Name": "", "ReadOnly": false, "Validated": false }, "Profiles": [ "necla-default-ubuntu" ], "ReadOnly": false, "Runnable": true, "Stage": "complete-nowait", "Tasks": [], "Uuid": "5fcbf69d-287e-4c2c-b085-5858665cd442", "Validated": true}\nChanged stage successfully: Returning 0Command change-stage.sh.tmpl succeeded ```

2017-10-26 12:53
Time to feed the :bear:!

greg
2017-10-26 13:08
The log entry before that one is the one we need I think

greg
2017-10-26 13:08
Nvm

wdennis
2017-10-26 13:22
Ah, I see the problem - I didn?t include the SSH-related params in the recreated profile!

wdennis
2017-10-26 13:24
so now then, here?s the new JSON to recreate the profile: ```[dradmin@dr-admin drp]$ cat necla-default.json { "Available": true, "Description": "NECLA Default Stage-map for Ubuntu installs", "Name": "necla-default-ubuntu", "Params": { "change-stage/map": { "ubuntu-16.04-install": "ssh-access:Success", "ssh-access": "complete-nowait:Success" }, "access-keys": { "root": "ssh-rsa <redacted> will@Wills-MacBook-Air" }, "access-ssh-root-mode": "yes" } }```

wdennis
2017-10-26 13:25
And then? ```[dradmin@dr-admin drp]$ drpcli profiles destroy necla-default-ubuntu Deleted profile necla-default-ubuntu [dradmin@dr-admin drp]$ drpcli profiles create - < necla-default.json { "Available": true, "Description": "NECLA Default Stage-map for Ubuntu installs", "Errors": [], "Name": "necla-default-ubuntu", "Params": { "access-keys": { "root": "ssh-rsa <redacted> will@Wills-MacBook-Air" }, "access-ssh-root-mode": "yes", "change-stage/map": { "ssh-access": "complete-nowait:Success", "ubuntu-16.04-install": "ssh-access:Success" } }, "ReadOnly": false, "Validated": true }```

wdennis
2017-10-26 13:26
Applied the updated profile to the test host, let?s PXE and see what I get this time?

greg
2017-10-26 14:20
Well we need to make sure that the machine has ssh keys.

greg
2017-10-26 14:21
The stages and tasks ran

greg
2017-10-26 14:22
drpcli machines params uuid ?aggregate.

greg
2017-10-26 14:22
You should see an access keys parameter wth the keys you want installed

wdennis
2017-10-26 14:37
OK, install is complete; did the above and this is what I see: ```[dradmin@dr-admin drp]$ drpcli machines params 5fcbf69d-287e-4c2c-b085-5858665cd442 --aggregate { "access-keys": { "root": "ssh-rsa <redacted> will@Wills-MacBook-Air" }, "access-ssh-root-mode": "yes", "change-stage/map": { "ssh-access": "complete-nowait:Success", "ubuntu-16.04-install": "ssh-access:Success" } }```

wdennis
2017-10-26 14:37
So I do have the correct access key injected

wdennis
2017-10-26 14:38
However? It did not perform the correct action as regards `access-ssh-root-mode`

wdennis
2017-10-26 14:41
The `access-ssh-root-mode` param should utilize the `root-remote-access.tmpl` correct? ```[dradmin@dr-admin drp]$ drpcli templates show root-remote-access.tmpl { "Available": true, "Contents": "#\n# This template populates the root's authorized keys file\n# and makes sure that the sshd config for PermitRootLogin is populated.\n#\n# Runs as part of a shell script for kickstart or net-post-install\n# The template does nothing if proxy-servers is undefined\n#\n# Required Parameters: access_keys\n# Optional Parameters: access_ssh_root_mode\n#\n# Parameter YAML format:\n#\n# access_keys:\n# greg: ssh-rsa key\n# greg2: ssh-rsa key\n# access_ssh_root_mode: \"without-password|yes|no|forced-commands-only\"\n#\n# Defaults:\n# access_keys - empty\n# access_ssh_root_mode - defaults to \"without-password\" if unspecified\n#\n\n{{if .ParamExists \"access_keys\"}}\nmkdir -p /root/.ssh\ncat \u003e/root/.ssh/authorized_keys \u003c\u003cEOFSSHACCESS\n### BEGIN GENERATED CONTENT\n{{ range $key := .Param \"access_keys\" }}\n{{$key}}\n{{ end }}\n### END GENERATED CONTENT\nEOFSSHACCESS\n{{end}}\n\nsed --in-place -re '/^PermitRootLogin/ s/prohibit-password/{{if .ParamExists \"access_ssh_root_mode\"}}{{.Param \"access_ssh_root_mode\"}}{{else}}without-password{{end}}/' /etc/ssh/sshd_config\n\necho \"AcceptEnv http_proxy https_proxy no_proxy\" \u003e\u003e /etc/ssh/sshd_config\n", "Errors": null, "ID": "root-remote-access.tmpl", "ReadOnly": false, "Validated": true }```

greg
2017-10-26 14:41
Okay. So the issue is around the root mode.

greg
2017-10-26 14:42
We are missing a service restart. I think.

wdennis
2017-10-26 14:42
Trying to test the ?sed? in the above, which proposes to replace the `echo "PermitRootLogin yes" >> /etc/ssh/sshd_config` in the current RackN version

greg
2017-10-26 14:54
Something seems amiss; This is my template: ```#!/bin/bash {{if .ParamExists "access-keys"}} echo "Putting ssh access keys for root in place" mkdir -p /root/.ssh cat >>/root/.ssh/authorized_keys <<EOFSSHACCESS ### BEGIN Access Keys GENERATED CONTENT {{range $key := .Param "access-keys"}} {{$key}} {{end}} ### END Access Keys GENERATED CONTENT EOFSSHACCESS chmod 600 /root/.ssh/authorized_keys {{end}} echo "Updating SSHD default values" echo "PermitRootLogin {{if .ParamExists "access-ssh-root-mode"}}{{.Param "access-ssh-root-mode"}}{{else}}without-password{{end}}" >> /etc/ssh/sshd_config echo "AcceptEnv http_proxy https_proxy no_proxy" >> /etc/ssh/sshd_config # Restart sshd but os badness. . /etc/os-release # Ignore error because we may run in a place that doesn't have ssh installed if [[ "$ID" == "ubuntu" || "$ID" == "debian" ]] ; then echo "Restarting ssh" service ssh restart || true else echo "Restarting sshd" service sshd restart || true fi echo "Finished updating access keys successfully" exit 0 ```

greg
2017-10-26 14:55
It has the busted echo injection. Needs the sed replacement.

wdennis
2017-10-26 15:16
So I?m missing the sshd restart bit?

greg
2017-10-26 15:20
yes

wdennis
2017-10-26 15:27
So, I made my own custom community content (cloned the `provision-content` repo, make changes, built per your instructions), and copied this file over to my DRP installation and put it in place?

wdennis
2017-10-26 15:27
@wdennis uploaded a file: https://rackn.slack.com/files/U416T0AAX/F7QBKKQFM/drp-community-content.yaml and commented: custom community content

greg
2017-10-26 15:29
The community template different than the RackN template.

wdennis
2017-10-26 15:29
That?s how I got my changed `root-remote-access.tmpl` (it seems to be the same as the `ce-root-remote-access.tmpl` in what I built)

greg
2017-10-26 15:29
sigh - I?m trying to fix this.

wdennis
2017-10-26 15:29
?sigh? too?

greg
2017-10-26 15:29
Okay - so here is what is coming hopefully in the next day or two.

wdennis
2017-10-26 15:29
Lay it on me

greg
2017-10-26 15:30
To address this issue.

greg
2017-10-26 15:30
1. Pull in @lae?s patches to community content.

greg
2017-10-26 15:31
2. Rework community content and rackn content to provide stage/task based system that will work without a change-map (similar to exisitng functions).

greg
2017-10-26 15:32
Community content will be in two parts core and contrib. We will put a basic set of things in core and contrib will be where we put things that are less supported from the community.

wdennis
2017-10-26 15:32
^^^ sounds reasonable

greg
2017-10-26 15:32
RackN content will loose the os-linux and os-discovery. They will be come core.

greg
2017-10-26 15:33
Some of the os-linux items will move into contrib or os-other. Depending upon support requirements.

greg
2017-10-26 15:33
There will be task library content pack that will be RackN content that will have additional stages and tasks that do special functions. Like post-post-install runners and other thigns.

greg
2017-10-26 15:34
Content packs associated with plugins will move into the plugins to allow for proper version tracking and consistency (this change just went in).

wdennis
2017-10-26 15:34
So, this all in 3.2?

greg
2017-10-26 15:34
Oh - I stopped numbering my bad.

greg
2017-10-26 15:35
Well - into tip in steps and completed for v3.2

wdennis
2017-10-26 15:35
OK, that?s what I meant

greg
2017-10-26 15:35
feature flags are going to be used to mark feature breaking things.

greg
2017-10-26 15:35
as we go.

wdennis
2017-10-26 15:36
Sounds like a reinstall rather than upgrade from v3.1 to v3.2? a lot of architectural changes coming down the pike?

greg
2017-10-26 15:37
actually, You don?t have to reinstall, but you do have to tweak a couple of things around your read-only content.

greg
2017-10-26 15:37
Let me do that real quick: - updating to tip requires a couple of changes. And should follow this sequence.

greg
2017-10-26 15:38
1. Update drp to tip and restart. Previous plugins will work.

greg
2017-10-26 15:38
2. Remove plugin-providers using UX.

greg
2017-10-26 15:38
3. Remove `packet`, `virtualbox`, and `ipmi` content bundles if installed.

greg
2017-10-26 15:39
4. Re-add latest tip plugins as needed. This will add the previously removed content packs back. None of the object have been changed.

greg
2017-10-26 15:40
5. Optionally update other content packs to latest tip.

greg
2017-10-26 15:41
6. IMPORTANT: Always check `stages`, `bootenvs` to make sure that your used objects are available. A likely change will be a new sledgehammer update. Update this by using the ISO upload feature in the UX or `drpcli bootenvs uploadiso sledgehammer`

greg
2017-10-26 15:42
The goal of these coming changes is to allow for stage-based operations to be the default everywhere for everyone to reduce confusion.

greg
2017-10-26 15:48
@lae - I?m pulling your changes but I?m not going to move tip on that tree until I get so of the other changes stablized.

wdennis
2017-10-26 15:58
So @greg - with all the changes to UX, etc - should I do the upgrade to ?tip?? (Is it stable enough for day-to-day work?)

wdennis
2017-10-26 15:59
I?m not getting usable installs with what I have now?

greg
2017-10-26 16:00
I think so. I?d like to go through a few more installs.

greg
2017-10-26 16:00
I would like that ssh sed line to test though. Can I pull that in

wdennis
2017-10-26 16:01
Was trying to test it first, but that?s not been successful? Let me go ahead and send the pull request I have started for it

wdennis
2017-10-26 16:04
done

greg
2017-10-26 16:04
cool thanks. I?ll lift into the merged pieces.

wdennis
2017-10-26 16:05
It?ll have to be ported over to the ?official? RackN `root-remote-access.tmpl` as well

greg
2017-10-26 16:06
yeah - I?m merging those as we speak.

wdennis
2017-10-27 00:26
OK, think I dug the hole I?m in a bit deeper?

wdennis
2017-10-27 00:29
Updated Content to latest, now I get this on the ubuntu-16.04-install bootenv?

wdennis
2017-10-27 00:29

shane
2017-10-27 00:53
@wdennis do you have the RackN "os-linux" content pack installed ?? those are all artifacts from that content pack

wdennis
2017-10-27 00:54
Have v1.0.0.-tip-39-?

wdennis
2017-10-27 00:55
Running on DRP v3.1.0 (stable) - that may be the issue?

wdennis
2017-10-27 00:55
So much has changed since then?

shane
2017-10-27 00:55
yeah - you can't mix tip content and stable right now

shane
2017-10-27 00:55
:slightly_smiling_face: yes - thanks to feedback and input from our community and users

wdennis
2017-10-27 00:56
I think I need to update to tip?

2017-10-27 00:56
We're working on UX patch that will allow you to pick content versions.... hopefully in review tonight

wdennis
2017-10-27 01:40
Updated DRP to ?tip? (hopefully) - can anyone confirm this is latest tip version? ```[dradmin@dr-admin drp]$ ./dr-provision --version dr-provision2017/10/26 21:22:07.330924 Version: v3.1.0-0-b70cf8ee1f61844a6d64070a8b272c2bec512204```

shane
2017-10-27 01:41
um ... well ... if you wait 10 mins, it'll probably be out of date ... :slightly_smiling_face: `tip` is moving really fast right now

wdennis
2017-10-27 01:46
OK, think that?s still 3.1 stable? Looks like the tip install didn?t work

wdennis
2017-10-27 01:47
Let me create a new directory (?drp-tip?) and install into there?

shane
2017-10-27 01:49
did you install with `... install --drp-version=tip --isolated` ??

wdennis
2017-10-27 01:50
yes

wdennis
2017-10-27 01:50
Doesn?t look like it overwrites existing binaries

shane
2017-10-27 01:50
only if you force it to

shane
2017-10-27 01:50
by default it tries to "be safe"

shane
2017-10-27 01:51
you can `curl` the `install.sh` script by itself without passing it through pipe to `bash` - then run `bash ./install.sh --help` to get help info

wdennis
2017-10-27 02:37
Running `bash ./install.sh --upgrade=true --isolated install --drp-version=tip` in my prior DRP stable isolated top-level directory, wish me luck?

wdennis
2017-10-27 02:40
Well, once that got done installing, tried to start up, and got this: ```[dradmin@dr-admin drp]$ sudo ./dr-provision --static-ip=192.168.1.148 --base-root=/home/dradmin/drp/drp-data --local-content="" --default-content="" --disable-dhcp [sudo] password for dradmin: dr-provision2017/10/26 22:22:45.919405 Version: v3.1.0-tip-173-92a761a0c2f910dc8dda1459345b525962d3c2af dr-provision2017/10/26 22:22:45.919515 Extracting Default Assets dr-provision2017/10/26 22:22:46.908363 Unable to create DataStack: fixBasic: cannot replace bootenvs:local: item in writable store not equal to static version map[Description: OptionalParams:<nil> Errors:<nil> OnlyUnknown:false Name:local Templates:[map[Path:pxelinux.cfg/{{.Machine.HexAddress}} ID:local-pxelinux.tmpl Contents: Name:pxelinux] map[Name:elilo Path:{{.Machine.HexAddress}}.conf ID:local-elilo.tmpl Contents:] map[Name:ipxe Path:{{.Machine.Address}}.ipxe ID:local-ipxe.tmpl Contents:]] Kernel: Initrds:<nil> BootParams: RequiredParams:<nil> Available:true OS:map[Codename: Version: IsoFile: IsoSha256: IsoUrl: Name:local Family:]] map[Name:local Initrds:[] RequiredParams:[] Available:false OptionalParams:[] Validated:false ReadOnly:false Meta:map[] OS:map[Family: Codename: Version: IsoFile: IsoSha256: IsoUrl: Name:local] Templates:[map[Name:pxelinux Path:pxelinux.cfg/{{.Machine.HexAddress}} ID: Contents:DEFAULT local PROMPT 0 TIMEOUT 10 LABEL local localboot 0 ] map[ID: Contents:exit Name:elilo Path:{{.Machine.HexAddress}}.conf] map[Name:ipxe Path:{{.Machine.Address}}.ipxe ID: Contents:#!ipxe exit ]] Kernel: Errors:[] Description:The boot environment you should use to have known machines boot off their local hard drive BootParams: OnlyUnknown:false]```

greg
2017-10-27 04:00
Okay we tried to be cool

greg
2017-10-27 04:01
`cd drp-data/digitalrebar/bootenvs`

greg
2017-10-27 04:01
`sudo rm local.json ignore.json`

greg
2017-10-27 04:03
We moved the required bootenvs into DRP itself as a content layer, but try to do a safety check. We think something has changed so we don?t allow it. I suspect you haven?t changed local and ignore bootenvs.

greg
2017-10-27 04:04
then try to restart.

wdennis
2017-10-27 13:27
Thanks @greg that did the trick

wdennis
2017-10-27 13:36

wdennis
2017-10-27 13:37
However, I still have the exact same errors on the Ubuntu bootenvs as before?

wdennis
2017-10-27 13:37

wdennis
2017-10-27 13:38
tried removing / re-adding the os-linux content via the UX, no change

wdennis
2017-10-27 13:46
, let me ask this question? If I start over with a fresh new DRP tip install, can I move my machines over from my existing DRP install? (Obvs I?d install new tip in another directory, running isolated)

greg
2017-10-27 13:48
You could move the machines directory over.

greg
2017-10-27 13:49
I?ll try and see about the stuff.

wdennis
2017-10-27 13:52
My existing install directory has been existent since v3.0; upgraded from 3.0 --> 3.1 stable --> 3.1 tip, may have a lot of cruft built up by now?

greg
2017-10-27 13:52
Could be - I? trying to make sure that content is working.

wdennis
2017-10-27 13:58
@greg - just copy the *.json files in drp-data/digitalrebar/machines/ over to new?

greg
2017-10-27 13:58
yes

shane
2017-10-27 13:58
stop DRP first

shane
2017-10-27 13:58
then copy

shane
2017-10-27 13:58
then start

wdennis
2017-10-27 14:12
OK, did all that, *still* getting the bootenv errors for Ubuntu (`ubuntu-[14,16].04-install`) as well as CentOS (`centos-7.3.1611-install`)

shane
2017-10-27 14:13
@wdennis - we're investigating it ... plz standby

greg
2017-10-27 14:17
Oversight in the template naming convention. Will be a content update.

greg
2017-10-27 14:25
@wdennis - remove os-linux and os-discovery content and re-add it.

ctrees
2017-10-27 14:42
Quick question... CheCat keep appearing in my user directory... I think it's associated with the Go compile when I followed shane's 5min-dr... is that right ?

shane
2017-10-27 14:43
"CheCat" ??

ctrees
2017-10-27 14:44
yea... I'm on a mac... it looks like it's some sort of go thing but can't figure out what it is... it may be something else...

ctrees
2017-10-27 14:44
the only go thing I did was for the terraform packet

ctrees
2017-10-27 14:47
BUT who knows... it might be an artifact from Che (https://www.eclipse.org/che/)

shane
2017-10-27 14:48
I don't do anything with 'Che' in it ...

shane
2017-10-27 14:48
you also do not need to do the "go get..." business anymore

shane
2017-10-27 14:48
note the README has been update (that stuff has been removed)

shane
2017-10-27 14:49
the `terraform init` piece will correctly pull down the terraform-provider-packet plugin without go compile - the Packet folks got an updated/fixed version in to the Terraform repo finally

ctrees
2017-10-27 14:56
Cool... (no go compile)... and 'in theory' I should be able to morph you 5min to setup greg's 'vbox' demo also ? correct ? putting a dev on laptop then pushing that out to packet is sort of the 'golden stack push demo' I'm going for mailservices

shane
2017-10-27 14:57
virtualbox is fairly different - and for now ... the two (5min + vbox) shall remain separate

shane
2017-10-27 14:57
5min is designed heavily to orchestrate/control http://packet.net via terraform

ctrees
2017-10-27 14:59
ok... so greg was ansible to talk to vbox ? or was that just IPMI

ctrees
2017-10-27 14:59
guess I'll go look at the video... thanks...

shane
2017-10-27 14:59
no - we use a DRP plugin that talks to vbox for "Machine Power Actions" (eg "ipmi-like" capabilities)

shane
2017-10-27 15:00
for vbox you have to do a little set up in advance because of vbox's limitations

ctrees
2017-10-27 15:02
the DRP plugin is v3.2 tip beta ?

shane
2017-10-27 15:03
3.2 doesn't exist yet - we're closing in on cutting that release soon

greg
2017-10-27 15:06
@ctrees - I didn?t automate or create script calls to vbox to make the machines like the system is doing in packet.

greg
2017-10-27 15:06
Also, I started with an ?installed? DRP where 5min builds its own.

ctrees
2017-10-27 15:08
got it, it was a demo of the 'ipmi-like' plugin

greg
2017-10-27 15:08
Yeah - the scripts that drive through drpcli should function the same.

ctrees
2017-10-27 20:19
@shane what did I miss (looks like an env thing)

ctrees
2017-10-27 20:20
-------------------------------------------------------------------------------- ACTION :: terraform apply -target=packet_ssh_key.drp-ssh-key Run next step? [ <Enter> | No | Ctrl-C ] -------------------------------------------------------------------------------- Plugin reinitialization required. Please run "terraform init". Reason: Could not satisfy plugin requirements. Plugins are external binaries that Terraform uses to access and manipulate resources. The configuration provided requires plugins which can't be located, don't satisfy the version constraints, or are otherwise incompatible. 1 error(s) occurred: * provider.packet: no suitable version installed version requirements: "~> 1.0" versions installed: "0.0.0" Terraform automatically discovers provider requirements from your configuration, including providers used in child modules. To see the requirements and constraints from each module, run "terraform providers". Error: error satisfying plugin requirements FAILED -------------------------------------------------------------------------------- ACTION :: terraform apply -target=packet_ssh_key.machines-ssh-key Run next step? [ <Enter> | No | Ctrl-C ]

shane
2017-10-27 20:21
`terraform init` is run via `demo-run.sh`, during the `terraform-install` stage

ctrees
2017-10-27 20:22
You want the full log in a snippet ?

shane
2017-10-27 20:22
check your `~/.terraformrc` file to make sure there aren't a whole bunch of incorrect plugin configs to non-existent plugin location for the `terraform-provider-packet`

ctrees
2017-10-27 20:23
catmini:5min-drp cat$ vi ~/.terraformrc providers { packet = "/Users/cat/CodeOps/5min-drp/bin/terraform-provider-packet" } providers { packet = "/Users/cat/CodeOps/5min-drp/bin/terraform-provider-packet" } providers { packet = "/Users/cat/CodeOps/5min-drp/bin/terraform-provider-packet" }

shane
2017-10-27 20:23
after that - the `terraform-provider-packet` should have been installed in something like `./.terraform/plugins/darwin_amd64/` (substitute darwin... for correct OS/arch)

shane
2017-10-27 20:23
yeah - that's left over cruft from your previous runs

ctrees
2017-10-27 20:24
should I just nuke .terraformrc ?

shane
2017-10-27 20:24
remove those - and if you have nothing else in that file - you can nuke it

shane
2017-10-27 20:24
it's poor idempotency handling on my part with multiple runs of the tool - and the .terraformrc file

ctrees
2017-10-27 20:25
running now...

shane
2017-10-27 20:25
that left over was required because the v0.10.0 plugin didn't have the right http://packet.net API call capabilities in it - so you had to go compile a version - since terraform does not maintain plugins for beta/non-release - so `terraform init` won't get the right version

shane
2017-10-27 20:26
make sure after the `terraform-install` stage completes - that you get the plugin as mentioned above

wdennis
2017-10-27 20:37
@greg Removed it thru UX, but then when went to re-add, got this error: ```Content Upload Failed: ValidationError New layer violates key restrictions: keysCannotBeOverridden: runner.tmpl is already in layer 1 keysCannotBeOverridden: access-keys.sh.tmpl is already in layer 1 keysCannotBeOverridden: change-stage.sh.tmpl is already in layer 1```

wdennis
2017-10-27 20:37
Sorry, that was on `os-discovery`

wdennis
2017-10-27 20:39
And got: ```Content Upload Failed: ValidationError New layer violates key restrictions: keysCannotBeOverridden: ubuntu-16.04-install is already in layer 1 keysCannotBeOverridden: debian-8-install is already in layer 1```

greg
2017-10-27 20:39
not sure.

wdennis
2017-10-27 20:39
when tried to transfer `os-linux`

greg
2017-10-27 20:39
Let me finish content.

wdennis
2017-10-27 20:45
Any ETA? How will I know when available?

greg
2017-10-27 20:47
I?m going to announce. Because I don?t understand what you have.

greg
2017-10-27 20:48
You may need to start over, but I?m not sure.

wdennis
2017-10-27 20:50
Let me know when to nuke & repave?

greg
2017-10-27 20:53
ok

ctrees
2017-10-27 21:06
so does the machine in the demo script stay at sledghammer ? Or the centOS image didn't go into the endpoint

ctrees
2017-10-27 21:06
147.75.64.7

ctrees
2017-10-27 21:06
is the endpoint

shane
2017-10-27 21:07
the work flow should take the Machine through to OS installed - what OS type did you set it to ?

ctrees
2017-10-27 21:07
all defaults

shane
2017-10-27 21:08
ah

ctrees
2017-10-27 21:08
just a sec... I can look up in the script... I just saw that...

shane
2017-10-27 21:08
it probably failed CentOS install

shane
2017-10-27 21:08
the centos folks yanked the 7.3.1611 ISOs off of the repos

shane
2017-10-27 21:08
we're working on a 7.4 content update to fix the issue

ctrees
2017-10-27 21:08
ah... so it makes sense...

ctrees
2017-10-27 21:09
I'm just happy I'm following enough to notice...

shane
2017-10-27 21:09
if you take a look at Profiles --> Global

shane
2017-10-27 21:09
you'll see the stagemap that gets installed - and it's specifying the centos install

shane
2017-10-27 21:09
:slightly_smiling_face:

shane
2017-10-27 21:10
so - you can use this as a "learning" exercise now ... :slightly_smiling_face:

shane
2017-10-27 21:10
you'd need to upload an Ubuntu 16 ISO

shane
2017-10-27 21:10
you can either do that via "drpcli" from your laptop - setting your Endpoint correctly - or you can do it locally on the DPR Endpoint itself

shane
2017-10-27 21:11
the `drpcli` binary will point to 127.0.0.1:8092 by default - so you have to change who it talks to

shane
2017-10-27 21:12
from your laptop you can do: `drpcli -E "https://147.75.64.7:8092" bootenvs list`

shane
2017-10-27 21:12
to list the bootenvs

shane
2017-10-27 21:12
(json blob) - you can amend `| jq ` to get pretty print

shane
2017-10-27 21:12
if you have jq on your local laptop

shane
2017-10-27 21:12
now do: `drpcli -E "https://147.75.64.7:8092" bootenvs show centos-7.3.1611-install`

shane
2017-10-27 21:13
to see *just* the centos bootenv

shane
2017-10-27 21:13
```shane@gala:~/5min-drp$ drpcli -E "https://147.75.64.7:8092" bootenvs show centos-7.3.1611-install | jq '.OS.IsoUrl' "http://mirrors.kernel.org/centos/7.3.1611/isos/x86_64/CentOS-7-x86_64-Minimal-1611.iso"```

shane
2017-10-27 21:14
to use `jq` to grab JUST the IsoUrl location ... now of we go (manually) check out the mirror HTTP location - we see that it's been yanked and a bare `readme` dropped in place, telling us it's been yanked ( we have to "walk" up the HTTP path to find the readme ... thankyou ... centos team ...

shane
2017-10-27 21:14
now - you want to upload the Ubuntu ISO for now if you don't care which OS we hit it with

shane
2017-10-27 21:15
`drpcli -E "https://147.75.64.7:8092" bootenvs uploadiso ubuntu-16.04-install`

shane
2017-10-27 21:17
NOTE: you can do `export RS_ENDPOINT="https://147.75.64.7:8092"` then you don't have to specify the `-E` or equivalent `--endpoint` flag)

ctrees
2017-10-27 21:17
and that's the iso defined by the boot environment which points to http://mirrors.kernel.org/ubuntu-releases/16.04/ubuntu-16.04.3-server-amd64.iso

shane
2017-10-27 21:17
exactly

shane
2017-10-27 21:18
the "uploadiso" is just a helper function to help download and inject the ISO in to the tftpboot structure (it'll call `explode_iso.sh` on the local DRP Endpoint to ... explode out ... the ISO contents appropriately)

shane
2017-10-27 21:19
if you have an appropriately named ISO file - you can copy it in to the `~/drp-data/tftpboot/isos/` directory on Endpoint

shane
2017-10-27 21:19
and either restart, or `kill -HUP <pid>` of the dr-provision service

shane
2017-10-27 21:19
that will trigger an `explode_iso.sh` on the endpoint

shane
2017-10-27 21:20
also - we probably need to ... either re-run the 5min stuff and use `tip` version - or you need to do an inplace upgrade of the current 5min endpoint

ctrees
2017-10-27 21:20
does the drpcli bootenvs uploadiso trigger the explode ?

shane
2017-10-27 21:20
yep ... well, technically ... no ... but yes

shane
2017-10-27 21:20
:slightly_smiling_face:

shane
2017-10-27 21:21
the uploadiso pushes the ISO in place, and then the dr-provision endpoint calls the explode_iso.sh - so indirectly it happens because of the uploadiso run

shane
2017-10-27 21:21
but technically ... "drpcli bootenvs uploadiso ..." doesn't actually call the "explode_iso.sh"

ctrees
2017-10-27 21:22
but it restarts drp ?

ctrees
2017-10-27 21:22
dr-provision service

shane
2017-10-27 21:22
it signals dr-provision appropriately

shane
2017-10-27 21:22
it doesn't restart it

shane
2017-10-27 21:23
if you take a look at your "bootenvs" page on the UX

ctrees
2017-10-27 21:23
got it... and then it shows up in the UX

shane
2017-10-27 21:23
you'll see that the "ubuntu..." bootenv is marked "good" now

shane
2017-10-27 21:23
the blue check mark means good

shane
2017-10-27 21:24
now we have to modify the stagemap to use Ubuntu instead of Centos

shane
2017-10-27 21:24
you can do i via UX - or I can walk you through the CLI

ctrees
2017-10-27 21:25
so is that the 'copy' in the UX (cause the States are locked) thing ?

shane
2017-10-27 21:27
if stages are locked - you need to log in with a RackN account (upper Right)

shane
2017-10-27 21:27
that unlocks stages/workflow

shane
2017-10-27 21:27
however - the stagemap itself is in "profiles" --> "global"

shane
2017-10-27 21:27
in this case I just (lazily) inject the stagemap in to the "global" profile - so every Machine will be subject to it

ctrees
2017-10-27 21:28
I did (I think) login

shane
2017-10-27 21:28
in a "proper" setup, you'd create a new profile ... maybe "global-ubuntu" or something - that has the stagemap configuration

shane
2017-10-27 21:28
then apply that Profile to the machines you want to get Ubuntu installed

ctrees
2017-10-27 21:28
lets do the CLI (and I'll look at the UX) :wink:

shane
2017-10-27 21:29
you could "clone" the "global" Profile as "global-centos", then make the changes to the current "global" to use the Ubuntu BootEnv (ubuntu-16.04-install)

shane
2017-10-27 21:29
sure easy enough - and the right answer :slightly_smiling_face:

ctrees
2017-10-27 21:30
yea... and if your busy... I can figure it out... but appreciate the CLI command guidance if you not... :wink:

shane
2017-10-27 21:30
create a JSON blob (maybe call it "global-ubuntu-stagemap.json" or something) - with the following: ``` { "Available": true, "Description": "packet-map", "Name": "global", "Params": { "change-stage/map": { "discover": "packet-discover:Success", "packet-discover": "${MACHINES_OS}:Reboot", "packet-ssh-keys": "complete-nowait:Success", "${MACHINES_OS}": "packet-ssh-keys:Success" } } }```

shane
2017-10-27 21:31
replace the BASH variables (MACHINE_OS) with "ubuntu-16.04-install"

shane
2017-10-27 21:31
I'm going to assume you run "drpcli" locally on Endpoint, or you set the RS_ENDPOINT variable

shane
2017-10-27 21:32
`drpcli profiles show global` # dump the current global profile

shane
2017-10-27 21:32
you can redirect that to a JSON file, and modify that ... or just save it "as a backup"

shane
2017-10-27 21:32
the easiest solution ... path of least resistance for now

shane
2017-10-27 21:32
is to just "destroy" the profile named "global"

shane
2017-10-27 21:33
then recreate it with the new JSON blob definition

shane
2017-10-27 21:33
`drpcli profiles destroy global` `drpcli profiles create - < global-ubuntu-stagemap.json`

shane
2017-10-27 21:34
now if you do the "show" again - it should be "changed"

shane
2017-10-27 21:36
Note that the "Name" key in the JSON defines the Profile ... ahem ... name

shane
2017-10-27 21:36
so in this case you want to make sure you don't change it from "global"

shane
2017-10-27 21:36
(unless you mean to :slightly_smiling_face: )

shane
2017-10-27 21:38
@ctrees you've got an error in your JSON ... :slightly_smiling_face:

ctrees
2017-10-27 21:38
woops..


ctrees
2017-10-27 21:39
I don't want the var redirect...

ctrees
2017-10-27 21:39
?

shane
2017-10-27 21:39
no ... that was just a construct from the BASH script in 5min-drp

shane
2017-10-27 21:39
remove the dollar and curly braces

ctrees
2017-10-27 21:39
and I though I was being 'smart'

shane
2017-10-27 21:40
see the existing "centos" stagemap

ctrees
2017-10-27 21:40
yea.. saw it when I uploaded...

ctrees
2017-10-27 21:42
now... I have to activate the stage (ubuntu-16.04-install) correct ?

shane
2017-10-27 21:42
nope

shane
2017-10-27 21:42
"global" profile is "activated" ... by default ... globally ...

shane
2017-10-27 21:44
if you take a look at the Machine in the UX

ctrees
2017-10-27 21:44
OH...

shane
2017-10-27 21:44
click on your single Machine there - you'll see the "centos" error message about the BootEnv not being available in the "Stage"

ctrees
2017-10-27 21:44
yup... saw that... so now enable ?

shane
2017-10-27 21:45
but - you see the "gohai" inventory - so sledghammer ran fine, and got the Inventory report

shane
2017-10-27 21:45
then it failed to transition to "centos"

shane
2017-10-27 21:45
you can do a couple things ... delete the "Machine" from DRP itself, and restart it - it'll re-PXE and start over, and go with Ubuntu now

shane
2017-10-27 21:47
or you can "Edit" the Machine - and put it back in to "discover" stage

shane
2017-10-27 21:47
set it to "Runnable", then save it

shane
2017-10-27 21:47
once done, reboot it

shane
2017-10-27 21:48
either via the Packet UX, or via the DRP Machines panel - "reboot" action

shane
2017-10-28 02:39
Too late.... I saw it!

wdennis
2017-10-28 02:39
wrong screen! trying to change tmux panes, wondering why not working?

wdennis
2017-10-28 02:42
But while I have you? does this look right (doing a install just via a stage) ```[GIN] 2017/10/27 - 18:24:26 | 204 | 290.217Ás | 192.168.1.143 | POST /api/v3/jobs [GIN] 2017/10/27 - 18:24:26 | 200 | 383.925Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:26 | 200 | 349.233Ás | 192.168.1.143 | GET /api/v3/stages/debian-9-install [GIN] 2017/10/27 - 18:24:31 | 200 | 444.117Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:31 | 200 | 4.006366ms | 192.168.1.143 | GET /api/v3/ws [GIN] 2017/10/27 - 18:24:31 | 204 | 378.599Ás | 192.168.1.143 | POST /api/v3/jobs [GIN] 2017/10/27 - 18:24:31 | 200 | 382.419Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:31 | 200 | 360.142Ás | 192.168.1.143 | GET /api/v3/stages/debian-9-install [GIN] 2017/10/27 - 18:24:36 | 200 | 449.955Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:36 | 200 | 2.224572ms | 192.168.1.143 | GET /api/v3/ws [GIN] 2017/10/27 - 18:24:36 | 204 | 459.116Ás | 192.168.1.143 | POST /api/v3/jobs [GIN] 2017/10/27 - 18:24:36 | 200 | 583.233Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:36 | 200 | 348.412Ás | 192.168.1.143 | GET /api/v3/stages/debian-9-install [GIN] 2017/10/27 - 18:24:41 | 200 | 445.652Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:41 | 200 | 2.135051ms | 192.168.1.143 | GET /api/v3/ws [GIN] 2017/10/27 - 18:24:41 | 204 | 295.203Ás | 192.168.1.143 | POST /api/v3/jobs [GIN] 2017/10/27 - 18:24:41 | 200 | 646.374Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:41 | 200 | 402.289Ás | 192.168.1.143 | GET /api/v3/stages/debian-9-install [GIN] 2017/10/27 - 18:24:46 | 200 | 489.889Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:46 | 200 | 2.295319ms | 192.168.1.143 | GET /api/v3/ws [GIN] 2017/10/27 - 18:24:46 | 204 | 297.802Ás | 192.168.1.143 | POST /api/v3/jobs [GIN] 2017/10/27 - 18:24:46 | 200 | 402.409Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:46 | 200 | 380.674Ás | 192.168.1.143 | GET /api/v3/stages/debian-9-install [GIN] 2017/10/27 - 18:24:51 | 200 | 468.003Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:51 | 200 | 2.199664ms | 192.168.1.143 | GET /api/v3/ws [GIN] 2017/10/27 - 18:24:51 | 204 | 388.935Ás | 192.168.1.143 | POST /api/v3/jobs [GIN] 2017/10/27 - 18:24:51 | 200 | 387.637Ás | 192.168.1.143 | GET /api/v3/machines/5fcbf69d-287e-4c2c-b085-5858665cd442 [GIN] 2017/10/27 - 18:24:51 | 200 | 382.491Ás | 192.168.1.143 | GET /api/v3/stages/debian-9-install```

wdennis
2017-10-28 02:42
looks like some sort of loop?

shane
2017-10-28 02:43
Stupid technology.... Should know what you _meant_ to do...

wdennis
2017-10-28 02:46

2017-10-28 02:46
@wdennis commented on @wdennis?s file https://rackn.slack.com/files/U416T0AAX/F7S83CMSA/Status_: nothing I?ve done for days is working?

shane
2017-10-28 02:56
looks like a loop

shane
2017-10-28 02:56
what's your stagemap look like ?

greg
2017-10-28 03:05
That is the pattern of a loop of the runner waiting for more jobs.

ctrees
2017-10-31 14:44
So... I'm attempting @greg VBox setup and noticed that route is sending ALL broadcast to the vboxnet0 virtual IP (192.168.100.1 in gregs case) ?? correct ?? (so I need to remove my existing broadcast route to my eth0 IP) ?? correct ??

greg
2017-10-31 14:49
Yes.

greg
2017-10-31 14:50
The Mac OSx kernel is a little strange about it. It uses routes over IP out-bound. Strange to my thinking, but okay.

ctrees
2017-10-31 14:52
oh apple always sucks at networking AND they don't follow an established pattern

ctrees
2017-10-31 14:53
but they 'think' they know

ctrees
2017-10-31 14:54
... at least it's some form of nx now...

greg
2017-10-31 14:56
I think they are a little hamstrung by their stack choice. They are using the BSD-based from FreeBSD.

ctrees
2017-10-31 14:56
where's the grummpy old man icon anyway...

greg
2017-10-31 14:56
Yeah- get off my lawn and use a common stack. :slightly_smiling_face:

greg
2017-10-31 14:57
I know I know FreeBSD is the original networking stack. it has some niceties but also some pains.

zehicle
2017-10-31 14:57
you could be using Linux on the Laptop like us crazy people

zehicle
2017-10-31 14:57
speaks for @vlowther too

ctrees
2017-10-31 14:58
oh sure... take the easy way out (networking wise)

vlowther
2017-10-31 14:58
Been my primary OS since the nineties.

vlowther
2017-10-31 14:59
On laptops since the mid 2000s.

vlowther
2017-10-31 15:01
I remember the sk_buff vs. mbuff wars we used to have with the bsdites...

vlowther
2017-10-31 15:02
Heck, these days I don't even have to exhaustively research whether a piece of kit is Linux compatible!

wdennis
2017-10-31 15:33
grants @vlowther his neckbeard badge

vlowther
2017-10-31 15:33
Alas, the men of my family have a hard time growing neckbeards. :slightly_smiling_face:

vlowther
2017-10-31 15:34
I doubt I will be able to grow a proper unix wizard beard until my 70's

lae
2017-10-31 15:53
i'm a millenial so I didn't start using Linux as my primary OS until mid 2000s :sweat_smile:

lae
2017-10-31 16:13
@greg how do I build my own content bundle?

greg
2017-10-31 16:13
magic

greg
2017-10-31 16:13
oh and drpcli

greg
2017-10-31 16:13
or drbundle

lae
2017-10-31 16:14
drbundle?

greg
2017-10-31 16:14
yeah - the build env has a new tool that can be built without using swagger.

greg
2017-10-31 16:14
you need go 1.9 and the like.

greg
2017-10-31 16:14
Or you can get tip and use drpcli contents bundle ?

greg
2017-10-31 16:14
I?m trying to push out a content rework.

lae
2017-10-31 16:15
so I have a similar repo as `digitalrebar/provision-content`, but I'm not sure if I need to set any metadata or anything before using drpcli

greg
2017-10-31 16:15
It will be unspecified if you don?t the cloned tree has some values in ._<key>.meta files

lae
2017-10-31 16:15
(as of now I've just been updating bootenvs/templates by hand for each change)

greg
2017-10-31 16:16
A cleaner way is to build a content bundle with a changed version file and upload it.

greg
2017-10-31 16:16
._Version.meta is the version file.

greg
2017-10-31 16:16
I need to finish a test and there should be new tip content with better examples of all this shortly.

lae
2017-10-31 16:18
oh, the content-reorg branch

greg
2017-10-31 16:18
yes

greg
2017-10-31 16:19
most of os-linux and os-discovery are coming into the community with stages and task.

greg
2017-10-31 16:19
The ce-* is going way. It was just plan silly and confusing.

greg
2017-10-31 16:19
Your changes are integrated in.

lae
2017-10-31 16:20
mhm, noticed

greg
2017-10-31 16:21
tracking stages and bootenvs are added for updates. I?ve tried to make the stages work like the bootenvs of ce-*

greg
2017-10-31 16:21
ssh-access and local-repos are in the stages by default.

greg
2017-10-31 16:21
Using the stages should work like the bootenvs did.

ctrees
2017-10-31 16:21
SO... I went through @shane DRPv3 Training: Installation and DRP Training: Configuration then attempting to get to @greg VBOX demo (aka the network question)... now I'm attempting to use the 'store' to load up the things missing from DRPv3 Training: Install / Config.... that I saw in greg's demo

greg
2017-10-31 16:22
One change will be that the bootenvs won?t do things automagically for you. Stages will need to be used to pull inthe default tasks.

greg
2017-10-31 16:22
you can chain stages if you had added custom tasks before.

greg
2017-10-31 16:23
@ctrees - sounds good, what is your question?

lae
2017-10-31 16:23
`drpcli machines processjobs UUID` is this what runs the stages?

greg
2017-10-31 16:23
It runs the tasks

greg
2017-10-31 16:23
as set by the stages.

ctrees
2017-10-31 16:24
@ctrees uploaded a file: https://rackn.slack.com/files/U62R1805P/F7TK9CZHC/freshdrponmac.png and commented: No Default Stage

lae
2017-10-31 16:24
ah ok

ctrees
2017-10-31 16:24
Is that correct ?

greg
2017-10-31 16:24
creating jobs as the manifestion of the run.

ctrees
2017-10-31 16:24
No default stages... should I add all that from 'the store' ?

greg
2017-10-31 16:24
@ctrees - you need to set either the discover stage or the sledgehammer default bootenv.

ctrees
2017-10-31 16:24
or is that because of centos moving the iso link ?

greg
2017-10-31 16:25
You also need discovery unknown bootenv to start the whole process.

greg
2017-10-31 16:25
If you look at the bootenvs screen, you should checks or exes for the available bootenvs.

greg
2017-10-31 16:25
You may need to update the sledgehammer ISO.

greg
2017-10-31 16:26
Also you are on stable with tip content I suspect. YMMV.

ctrees
2017-10-31 16:26
I did the sledge update (yesterday)

greg
2017-10-31 16:26
depends upon from which content. i need a better way for this.

greg
2017-10-31 16:26
check the sledgehammer or ce-sledgehammer bootenvs for errors.

greg
2017-10-31 16:26
If you updated cotent, you pick up a new requirement.

ctrees
2017-10-31 16:28
@ctrees uploaded a file: https://rackn.slack.com/files/U62R1805P/F7TKCPCKG/boot_environments.png and commented: Boot Envs (centos failed due to mirror move)

greg
2017-10-31 16:28
@lae - what do you think about the reorg?

greg
2017-10-31 16:29
@ctrees - you will need the os-discovery and os-linux content packs. And the virtualbox-ipmi plugin. Log into the RackN portal to get access to them.

ctrees
2017-10-31 16:31
yea I was doing that when I decided I should check-in... I'll go load those now...

greg
2017-10-31 16:31
okay - cool

ctrees
2017-10-31 16:39
so... what 'magically' loaded the stages (I had no stages in the GUI... now there is lots)...

lae
2017-10-31 16:39
@greg better

ctrees
2017-10-31 16:39
? part of packages ?

greg
2017-10-31 16:40
The UX goes to the RackN portal to get content bundles and then uses the API to inject them into the DRP instance.

lae
2017-10-31 16:40
I need to look into it more but it looks like it'll work in our favour for less duplication

greg
2017-10-31 16:40
@ctrees - content packages or bundles are just collections of related objects that imported to DRP as read-only content.

lae
2017-10-31 16:40
(i.e. I have a template that configures a local user's SSH and sudo rather than root user to use in our ubuntu/etc bootenvs, which are theirselves separate bootenvs)

greg
2017-10-31 16:41
@lae that is the hope. I realize it will have some impact if you have a bootenv with a lot of custom templates injected, but the hope is to move those to tasks and stages to get chained together for reuse.

greg
2017-10-31 16:41
Makes sense.

greg
2017-10-31 16:47
There is now a contrib content tree for those kinda things as well.

ctrees
2017-10-31 16:48
@ctrees uploaded a file: https://rackn.slack.com/files/U62R1805P/F7STB8YUV/workflow_cannotaccess.png and commented: What did I do wrong ?

zehicle
2017-10-31 16:48
Refresh

ctrees
2017-10-31 16:49
OH... thanks...

ctrees
2017-10-31 16:49
nope

zehicle
2017-10-31 16:49
AND, it now checks feature flags

zehicle
2017-10-31 16:50
May be a bug that's hiding it for older versions.

zehicle
2017-10-31 16:50
What version?

ctrees
2017-10-31 16:50
tip I though.... but how should I confirm ?

zehicle
2017-10-31 16:51
System config tools will show you

ctrees
2017-10-31 16:52
3.1.... guess I'll update

greg
2017-10-31 16:52
yeah - make sure to run --force on the install script to get the latest tip.

ctrees
2017-10-31 16:52
ok thanks...

greg
2017-10-31 16:52
and --drp-version=tip too

ctrees
2017-10-31 16:53
so is it really better to pull the repo and run that install.sh or ??

ctrees
2017-10-31 16:53
let the install pull based on cmd line

ctrees
2017-10-31 16:54
... guessing it does not matter other than I used the curl .../stable from the slides... ?? right ??

ctrees
2017-10-31 16:54
... I'll keep doing the curl just to test that process...

greg
2017-10-31 16:55
okay - note that tip install.sh still installs stable unless you give it `--drp-version=tip`

ctrees
2017-10-31 16:56
yea... I know I did that one of the times... but obviously I didn't do it my last run... confirmed in my bash history too...

greg
2017-10-31 16:57
okay - @shane has been making the install.sh safer and so `--force` is required to make the override of an already installed environment.

ctrees
2017-10-31 16:59
and shane is gatekeeper of get.rebar.digital/stable ?? correct ?? so best to use that for 'dev setup'

ctrees
2017-10-31 17:00
dev setup demos that is (stuff going to dev to mod and verify deploy configs)

greg
2017-10-31 17:02
That should point to the `stable` release in github. We move the `stable` branch as we release new versioned releases and let tip float head on the tip of `master`

greg
2017-10-31 17:02
So, when we release `v3.2.0`, we?ll reset `stable` to that.

ctrees
2017-10-31 17:03
Oh... so I shouldn't use that

greg
2017-10-31 17:03
you can also do `--drp-version=v3.1.0` for a specific release if you wish.

ctrees
2017-10-31 17:05
catmini:CodeOps cat$ curl -s get.rebar.digital/stable | bash -s -- --isolated --dpr-version=tip --force install

greg
2017-10-31 17:05
checking real quick

shane
2017-10-31 17:06
you can also specify "tip" instead of "stable" on the trailing curl call

shane
2017-10-31 17:06
so: `curl -s get.rebar.digital/tip | ... `

greg
2017-10-31 17:06
cool safer

shane
2017-10-31 17:06
that gets the latest installer - the "stable" installer doesn't have the newer updated safety checks

ctrees
2017-10-31 17:06
ok so catmini:CodeOps cat$ curl -s get.rebar.digital/tip | bash -s -- --isolated --dpr-version=tip --force install

ctrees
2017-10-31 17:07
(probably don't need the --drp-version=tip)

shane
2017-10-31 17:07
you do still need it

ctrees
2017-10-31 17:07
ok... thanks

shane
2017-10-31 17:07
default is stable - the "installer" is separate from "what gets installed"

ctrees
2017-10-31 17:15
humm... seems like I got 3.1

johnsutten
2017-10-31 17:15
Is there a way to install DR and then connect other nodes via command line and not use pxe ?

greg
2017-10-31 17:17
@johnsutten - The short answer is no. But really, yes and no. We are working on that now. There is a content pack that is coming to set up some of that, but we aren?t quit there yet. You can do by creating a machine, setting the machines IP in the machine object, setting the bootenv to local and the stage to none or complete-wait. You can then get the drpcli and run the runner. It then functions like a node that was installed and sitting in a runner.

greg
2017-10-31 17:17
@ctrees - what does `./dr-provision --version` show

ctrees
2017-10-31 17:18
Oh... I think I typoed... did /stable again... redoing

greg
2017-10-31 17:18
oh - stupid eyes. you did `dpr-version`

greg
2017-10-31 17:18
I missed it

ctrees
2017-10-31 17:19
hum....

ctrees
2017-10-31 17:19
catmini:~ cat$ mkdir CodeOps catmini:~ cat$ cd CodeOps/ catmini:CodeOps cat$ curl -s get.rebar.digital/tip | bash -s -- --isolated --dpr-version=tip --force install Overriding DPR_VERSION with tip 'dr-provision' service is not running, beginning install process ... Ensuring required tools are installed Installing Version stable of Digital Rebar Provision dr-provision.zip: OK ./bin/linux/amd64/incrementer: OK ./bin/linux/amd64/dr-provision: OK ./bin/linux/amd64/drpcli: OK ./bin/darwin/amd64/incrementer: OK ./bin/darwin/amd64/dr-provision: OK ./bin/darwin/amd64/drpcli: OK ./bin/windows/amd64/incrementer: OK ./bin/windows/amd64/dr-provision: OK ./bin/windows/amd64/drpcli: OK ./assets/startup/dr-provision.service: OK ./assets/startup/dr-provision.sysv: OK ./assets/startup/dr-provision.unit: OK ./tools/install.sh: OK Installing Version stable of Digital Rebar Provision Community Content drp-community-content.yaml: OK # Run the following commands to start up dr-provision in a local isolated way. # The server will store information and serve files from the drp-data directory. sudo ./dr-provision --static-ip=192.168.1.200 --base-root=/Users/cat/CodeOps/drp-data --local-content="" --default-content="" & # Once dr-provision is started, these commands will install the isos for the community defaults ./drpcli bootenvs uploadiso ubuntu-16.04-install ./drpcli bootenvs uploadiso centos-7-install ./drpcli bootenvs uploadiso sledgehammer catmini:CodeOps cat$ ./dr-provision --version dr-provision2017/10/31 17:18:58.575268 Version: v3.1.0-0-b70cf8ee1f61844a6d64070a8b272c2bec512204 catmini:CodeOps cat$

greg
2017-10-31 17:20
hmmm

greg
2017-10-31 17:20
checking

greg
2017-10-31 17:21
change `--dpr-version=tip` to `--drp-version=tip`

ctrees
2017-10-31 17:21
:stuck_out_tongue_winking_eye:

greg
2017-10-31 17:21
I know testing me.

ctrees
2017-10-31 17:23
no... my brain just puts everything 'right' cause internally I have to be perfect... the world stays in chaos...

ctrees
2017-10-31 17:23
... stupid reality anyway...

lae
2017-10-31 17:24
@greg so we also actually have a modified discovery bootenv too where we do a DNS lookup as fallback (since in our env hostname isn't passed over DHCP), I'm guessing we still need to use that since the start-up.sh script is still part of the discovery bootenv?

greg
2017-10-31 17:25
Yeah - interestingly enough, we?ve had similar thoughts from other customers as well.

greg
2017-10-31 17:26
I?d be fine with adding that into the tree in start-up.sh.

lae
2017-10-31 17:26
hmm

greg
2017-10-31 17:26
Though I?ve also thought about adding it as a stage/task that could be put into a discovery flow.

greg
2017-10-31 17:27
All start-up.sh was intended to be was a create machine step. That gets us to control.sh and a runner.


greg
2017-10-31 17:28
A machine must be created with a name, but that name can be change later.

lae
2017-10-31 17:28
so lines 39 and 47-53

greg
2017-10-31 17:29
yeah - looks good

greg
2017-10-31 17:29
Let me see about including them.

greg
2017-10-31 17:29
and I?ll fix the bootparams I missed some apparaently.

greg
2017-10-31 17:29
:slightly_smiling_face:

ctrees
2017-10-31 17:30
humm.... check me again as I got the same result

ctrees
2017-10-31 17:31
@ctrees uploaded a file: https://rackn.slack.com/files/U62R1805P/F7S4ZAWP2/install_tip_3_2.txt and commented: Install tip 3.2 but got 3.1 I think

greg
2017-10-31 17:31
that is right.

greg
2017-10-31 17:31
Versions don?t work that way

greg
2017-10-31 17:32
Let me explain.

greg
2017-10-31 17:32
v3.1.0-0 is the stable release version.

ctrees
2017-10-31 17:32
ok... I get it ... v3.2 is not tagged...

greg
2017-10-31 17:32
v.3.1.0-tip-183 is means tip with closest release being v3.1.0 and 183 commits

ctrees
2017-10-31 17:33
so I'm at the right hash ?? correct ??

greg
2017-10-31 17:33
yes

greg
2017-10-31 17:41
@lae - added to content reorg changes.

ctrees
2017-10-31 17:53
@ctrees uploaded a file: https://rackn.slack.com/files/U62R1805P/F7TT5D28P/install.txt and commented: The iso upload names changed in install script output but not in endpoint (I'm sure it's just version issues)

ctrees
2017-10-31 17:54
ce-<name> vs <name>

greg
2017-10-31 17:54
may need to reload content.

greg
2017-10-31 17:56
stepping a way for a while you crazies - back in a bit

i.grischott
2017-10-31 19:49
has joined #community201710

lae
2017-10-31 19:54
``` Log for Job: 52637be3-9137-4de7-a3f4-0a2db0183416 Error loading task content: json: cannot unmarshal object into Go value of type []*genmodels.JobAction, continuing ``` is this a known issue? happening on the change-stage task in discovery

greg
2017-10-31 19:55
What version of DRP are you running?

lae
2017-10-31 19:55
v3.1.0-tip-183-24e9aaa6360a28547eb65e292c773acefb50aad6

greg
2017-10-31 19:55
Do you have a change-stage/map variable defined?

lae
2017-10-31 19:55
hm

greg
2017-10-31 19:55
It shouldn?t matter.

lae
2017-10-31 19:56
did you mean Parameter, or?

greg
2017-10-31 19:56
change-stage job is running and gives you that.

greg
2017-10-31 19:56
parameter

greg
2017-10-31 19:56
yes

greg
2017-10-31 19:57
what stage was this running in? what bootenv?

lae
2017-10-31 19:58
discover and discovery

greg
2017-10-31 19:58
basically, booted discover and got that in the change-stage log

lae
2017-10-31 19:58
I removed all my bootenvs/profiles and added community-content earlier

lae
2017-10-31 19:58
yeah

greg
2017-10-31 19:58
okay let me check.

lae
2017-10-31 19:59
although, I see there's an update to community-content, I guess let me try that?

greg
2017-10-31 19:59
wait

lae
2017-10-31 19:59
ok

greg
2017-10-31 19:59
I think this is a bug.

greg
2017-10-31 19:59
in the UX, go to workflows

lae
2017-10-31 19:59
change-stage/map isn't defined, but I'm not sure what it should be defined to

greg
2017-10-31 19:59
It should work with nothing and that is the bug.

greg
2017-10-31 20:00
For now, you can go into the workflow section.

greg
2017-10-31 20:00
Create a global change-stage/map with `discover`->`sledeghammer-wait`:`Success`

greg
2017-10-31 20:00
then go to the node and mark it runnable.

greg
2017-10-31 20:00
bulk actions, select the machine and clik play.

lae
2017-10-31 20:02
bulk actions?

greg
2017-10-31 20:02
You must not be logged into the saas.

lae
2017-10-31 20:03
ah, yeah

greg
2017-10-31 20:03
You can edit the machine, there is a runnable toggle in the machine edit page.

greg
2017-10-31 20:03
set it to runnable and then it should rerun and complete.

lae
2017-10-31 20:03
I marked it as runnable, though that was an vertical ellipse

lae
2017-10-31 20:04
``` root 1977 0.0 0.0 115256 1516 ? Ss 19:42 0:00 /bin/bash /tmp/control.sh root 2246 0.0 0.0 817788 18740 ? Sl 19:42 0:00 \_ /usr/local/bin/drpcli machines processjobs ea914aa8-ae33-4cde-a397-d2d58341e9a5 root 2405 0.0 0.0 115252 1452 ? S 19:58 0:00 \_ /bin/bash ./script root 2406 0.0 0.0 115252 644 ? S 19:58 0:00 \_ /bin/bash ./script root 2408 0.0 0.0 180760 3024 ? S 19:58 0:00 \_ curl -s -f -L -o jq http://192.168.124.11:8091/files/jq ``` noticed this change in the process list of the machine

lae
2017-10-31 20:04
aaaand that IP is incorrect

greg
2017-10-31 20:04
okay - that is a problem

greg
2017-10-31 20:05
What is your --static-ip on DRP set to?

lae
2017-10-31 20:05
change-stage worked though

lae
2017-10-31 20:05
it's not set :sweat_smile:

greg
2017-10-31 20:06
okay - so it should attempt to figure out the best value, but sometimes it can?t. That is why I usually set it to the interface of the DRP machine that I expect default traffic to use.

lae
2017-10-31 20:06
alright, hold on, let me update some things to get that set

greg
2017-10-31 20:07
Can you post the first 20 lines or so of the change-stage.sh.tmpl file

greg
2017-10-31 20:07
I may have already fixed this bug.

lae
2017-10-31 20:08
``` ~$ drpcli templates show change-stage.sh.tmpl | jq -r '.Contents' | head -20 #!/bin/bash # This will contain a token appropriate for the path being # used below. Either a create or update/show token export RS_UUID="{{.Machine.UUID}}" export RS_TOKEN="{{.GenerateToken}}" # Make sure we have a drpcli and jq somewhere ProvURL="{{.ProvisionerURL}}" (mkdir -p /usr/local/bin; cd /usr/local/bin; curl -s -f -L -o jq "$ProvURL/files/jq"; chmod 755 jq) PATH=$PATH:/usr/local/bin drpcli info get | jq .features | grep -q '"sane-exit-codes"' if [[ $? == 0 ]] ; then echo "DRP supports 'sane-exit-codes' using them ..." SUCCESS_CODE=0 FAIL_CODE=1 REBOOT_CODE=64 STOP_CODE=16 else ```

greg
2017-10-31 20:08
hmm - okay - it shouldn?t matter if change-stage/map is set or not.

greg
2017-10-31 20:08
Unless, the requiredparams is still set.

greg
2017-10-31 20:09
okay - that is it. Fixed in the next update to tip.

greg
2017-10-31 20:09
the render failed because params didn?t match. Need to fix that error message though.

greg
2017-10-31 20:19
okay - have a fix for the error message as well.

ctrees
2017-10-31 20:25
@ctrees uploaded a file: https://rackn.slack.com/files/U62R1805P/F7TQ8181L/contentuploadfailed.png and commented: Is that the same issue (change-state)

ctrees
2017-10-31 20:27
I was attempting to refresh packages and add os-discovery os-linux

lae
2017-10-31 20:31

greg
2017-10-31 20:33
Yes - in my testing the stretch dists didn?t have a security repo yet.

greg
2017-10-31 20:34
maybe it does now.

greg
2017-10-31 20:34
it didn?t 4 days ago when I started testing.

lae
2017-10-31 20:35
weird, I've been using it fine for quite a while now :<

greg
2017-10-31 20:35
I?ll put it back and try it.

greg
2017-10-31 20:44
trying all 4 debian-based with the change now.

lae
2017-10-31 20:45
there were 4 debian bootenvs?

lae
2017-10-31 20:45
oh ubuntu

lae
2017-10-31 20:46
I recall security_host and security_path being split at some point but don't remember if that was pre ubuntu-14 or after

greg
2017-10-31 20:54
Yeah - I get this for debian 9 without the change: ``` ????????????????? [!!] Configure the package manager ?????????????????? ? ? ??? Cannot access repository ? ? ? ? The repository on http://security.debian.org/debian-security couldn't be ? ? ? ? accessed, so its updates will not be made available to you at this ? ? ? ? time. You should investigate this later. ? ? ? ? ? ? ? ? Commented out entries for http://security.debian.org/debian-security have ? ? ? ? been added to the /etc/apt/sources.list file. ? ? -b3a4c755a305@ ? ? ? ? ??? <Go Back> <Continue> ? ? -d6e8b6d719cd@ ? ? ??????????????????????????????????????????????????????????????????????? <Tab> moves; <Space> selects; <Enter> activates buttons ```

greg
2017-10-31 20:55
@lae - any ideas?

greg
2017-10-31 20:58
it seems like it should be there, but it doesn?t seem to work for me.

greg
2017-10-31 21:00
If I continue, it will finish and work.

lae
2017-10-31 21:01
yeah it'll continue but it skips configuring the security repo in that case

lae
2017-10-31 21:01
hold on

lae
2017-10-31 21:17
Possible it's an IPv6 issue?

lae
2017-10-31 21:18
``` lae@laura:~$ curl --connect-timeout 3 -v -6 http://security.debian.org * Rebuilt URL to: http://security.debian.org/ * Hostname was NOT found in DNS cache * Trying 2607:ea00:101:3c0b::1deb:215... * After 1486ms connect time, move on! * connect to 2607:ea00:101:3c0b::1deb:215 port 80 failed: Connection timed out * Trying 2610:148:1f10:3::73... * Connected to http://security.debian.org (2610:148:1f10:3::73) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.38.0 > Host: http://security.debian.org > Accept: */* > < HTTP/1.1 302 Found < Date: Tue, 31 Oct 2017 21:17:45 GMT * Server Apache is not blacklisted < Server: Apache < X-Content-Type-Options: nosniff < X-Frame-Options: sameorigin < Referrer-Policy: no-referrer < X-Xss-Protection: 1 < Location: https://www.debian.org/security/ < Cache-Control: max-age=120 < Expires: Tue, 31 Oct 2017 21:19:45 GMT < Content-Length: 285 < Content-Type: text/html; charset=iso-8859-1 < <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>302 Found</title> </head><body> <h1>Found</h1> <p>The document has moved <a href="https://www.debian.org/security/">here</a>.</p> <hr> <address>Apache Server at http://security.debian.org Port 80</address> </body></html> * Connection #0 to host http://security.debian.org left intact ``` 2607:ea00:101:3c0b::1deb:215 seems to be unresponsive

lae
2017-10-31 21:18
:<

greg
2017-10-31 21:21
I get this: ```W: The repository 'http://security.debian.org/debian-security/debian-security stretch/updates Release' does not have a Release file. N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use. N: See apt-secure(8) manpage for repository creation and user configuration details. E: Failed to fetch http://security.debian.org/debian-security/debian-security/dists/stretch/updates/main/source/Sources 404 Not Found [IP: 128.61.240.73 80] E: Some index files failed to download. They have been ignored, or old ones used instead.```

greg
2017-10-31 21:21
I put the lines back into the sources.list

lae
2017-10-31 21:21
debian-security is there twice

greg
2017-10-31 21:21
and apt-get updated

lae
2017-10-31 21:22
`/debian-security/debian-security`

greg
2017-10-31 21:23
likes that better

greg
2017-10-31 21:23
this is the line in the preseed: ``` d-i apt-setup/security_host string http://security.debian.org/debian-security ```

greg
2017-10-31 21:24
hmm it works for deb8 but not deb9.

greg
2017-10-31 21:25
the lines get built differently.

lae
2017-10-31 21:25
ok so in our environment, we have a packages mirror that currently proxies to http://security.debian.org and well I'm seeing a bunch of these lines in the access log: ` [30/Oct/2017:13:33:41 -0700] "GET /debian-security/debian-security/dists/stretch/updates/InRelease HTTP/1.1" 302 160 "-" "Debian APT-HTTP/1.3 (1.4.8)"`

lae
2017-10-31 21:26
the proxy basically redirects that to /debian-security though, so that probably explains why they don't 404

lae
2017-10-31 21:26

lae
2017-10-31 21:26
so I guess it should be fine to leave out /debian-security from the preseed?

greg
2017-10-31 21:26
I can try it

greg
2017-10-31 21:27
this : ```+d-i apt-setup/security_host string http://security.debian.org ```

greg
2017-10-31 21:27
without the +

greg
2017-10-31 21:40
okay that works.

greg
2017-10-31 21:42
With that, I think my reorg is done.

greg
2017-10-31 21:43
@lae - thanks,.

greg
2017-10-31 21:44
- I?m going to move tip on all the repos and push out new content. I?m going to also update the RackN Saas content tables to reflect the repo changes.

greg
2017-10-31 21:44
During the baseball game.

greg
2017-10-31 21:44
I?ll send out a new message on how to update your content.

greg
2017-10-31 21:45
The big thing will be to remove your existing read-only content and replace it with new content.


lae
2017-10-31 21:55
can you pull that in before you push out new content

greg
2017-10-31 21:55
Yes - I noticed that too and thought to fix it later, but cool.

greg
2017-10-31 21:59
@lae - I?m going to tweak it a little more.

lae
2017-10-31 21:59
mm ok

greg
2017-10-31 21:59
The remote access won?t work with the local-repo.

greg
2017-10-31 21:59
local-repo is intend to be really off-line mode.

greg
2017-10-31 21:59
For things that don?t have inet access.

lae
2017-10-31 21:59
remote access?


lae
2017-10-31 22:00
ah yeah

greg
2017-10-31 22:00
if local-repo is true - those won?t resolve.

greg
2017-10-31 22:00
generally.

lae
2017-10-31 22:00
locally we set that to our own internal hosts :stuck_out_tongue:

greg
2017-10-31 22:01
in which case, you won?t use local-repo anyway. :wink:

greg
2017-10-31 22:05
@lae check now. Also added the else if not exists case.

lae
2017-10-31 22:09
do you think you could also specify another variable for local security repo?

greg
2017-11-01 00:06
Are you using local-repo? And need them separate?

greg
2017-11-01 00:06
@lae