[00:00:12] <paravoid>	 and why didn't nagios catch this already?
[00:00:23] <paravoid>	 it's 3am and I'm getting seriously grumpy :)
[00:02:50] <paravoid>	 can I just get rid of logs?
[00:06:55] <paravoid>	 woosters: around?
[00:08:39] <Ryan_Lane>	 paravoid: on the ssls?
[00:08:40] <Ryan_Lane>	 yes
[00:08:42] <paravoid>	 !log esams SSL outage, working on it
[00:08:43] <Ryan_Lane>	 kill the logs with fire
[00:08:47] <morebots>	 Logged the message, Master
[00:08:54] <paravoid>	 I just created a new 50G LV and moving them on it
[00:08:58] <Krinkle>	 SSL just went down?
[00:09:04] <nagios-wm>	 PROBLEM - HTTPS on ssl3001 is CRITICAL: Connection refused
[00:09:07] <Krinkle>	 yep
[00:09:18] <Ryan_Lane>	 I could have sworn I disabled the logs ages ago
[00:09:25] <Ryan_Lane>	 was it access or error?
[00:09:30] <Ryan_Lane>	 both?
[00:09:38] <paravoid>	 access is what filled it up
[00:09:43] <Ryan_Lane>	 damn it
[00:09:49] <Ryan_Lane>	 they should be disabled
[00:09:49] <woosters>	 ya?
[00:09:54] <paravoid>	 woosters: see above, jfyi
[00:09:58] <Ryan_Lane>	 lemme look in puppet
[00:10:16] <paravoid>	 Ryan_Lane: I'm putting logs in LVs, no worries
[00:10:21] <paravoid>	 Ryan_Lane: btw, any idea why ssl3004 is down?
[00:10:25] <Ryan_Lane>	 lemme see
[00:10:25] <nagios-wm>	 RECOVERY - HTTPS on ssl3001 is OK: OK - Certificate will expire on 07/19/2016 16:14.
[00:10:39] <Ryan_Lane>	 yes
[00:10:40] <Ryan_Lane>	 hardware
[00:10:41] <paravoid>	 Ryan_Lane: also, if you want to do something while I'm working on the rest of them, check why nagios didn't pick up a thing
[00:10:43] <Ryan_Lane>	 it's depooled
[00:10:52] <woosters>	 no pages
[00:10:55] <paravoid>	 don't we have df output?
[00:11:01] <paravoid>	 er, checks?
[00:11:05] <Ryan_Lane>	 wow. wtf
[00:11:08] <Ryan_Lane>	 it's like it just died
[00:11:24] <Ryan_Lane>	 and why didn't ssl3001 just get depooled?
[00:11:36] <paravoid>	 I stopped it to move the logs
[00:11:44] <Ryan_Lane>	 I know why nagios didn't alert
[00:11:45] <paravoid>	 and now I just stopped ssl3002 and ssl3003
[00:11:52] <Ryan_Lane>	 because we're using the sh scheduler
[00:12:09] <paravoid>	 ah shit
[00:12:12] <Ryan_Lane>	 yep
[00:12:20] <Ryan_Lane>	 shared ssl cache would rock
[00:15:23] <Ryan_Lane>	 either way, a single downed node shouldn't cause an outage
[00:15:28] <paravoid>	 all of them are full
[00:15:40] <Ryan_Lane>	 100%?
[00:16:01] <paravoid>	 97%, which I presume is the reserved for root
[00:16:14] <Ryan_Lane>	 nginx died on all of them?
[00:16:31] <paravoid>	 I didn't check but it doesn't die, it just returns 500s
[00:16:42] <paravoid>	 didn't check all of them
[00:16:46] <paravoid>	 that was at least the ssl3001 behavior
[00:17:00] <Ryan_Lane>	 I think only ssl3001 actually died
[00:17:03] <Ryan_Lane>	 but...
[00:17:06] <Ryan_Lane>	 that *will* cause a small outage
[00:17:13] <Ryan_Lane>	 since we're using sh
[00:17:32] <Ryan_Lane>	 failover isn't immediate, when using that scheduler
[00:17:47] <paravoid>	 note how these servers are also IPv6
[00:17:53] <paravoid>	 which uses wrr
[00:17:56] <Ryan_Lane>	 it's less of a problem for ipv6
[00:18:03] <Ryan_Lane>	 that's a separate service
[00:18:09] <paravoid>	 yes
[00:18:12] <Ryan_Lane>	 it'll get depooled separately
[00:18:20] <Ryan_Lane>	 so, ipv6 will switch immediately
[00:18:22] <Ryan_Lane>	 ssl will not
[00:18:34] <paravoid>	 I know
[00:18:48] <Ryan_Lane>	 are the access logs only for ipv6?
[00:18:54] <Ryan_Lane>	 or are they also for ipv4?
[00:19:10] <Ryan_Lane>	 error logs are enabled, but access logs should be disbled
[00:19:15] <paravoid>	 both
[00:19:19] <Ryan_Lane>	 they aren't explicitly disabled for ipv6
[00:19:23] <Ryan_Lane>	 well, that's a problem
[00:19:36] <Ryan_Lane>	         error_log   /var/log/nginx/<%= name %>.error.log;
[00:19:36] <Ryan_Lane>	         access_log   off;
[00:19:40] <paravoid>	 oh hm, no
[00:19:44] <paravoid>	 just ipv6 error logs
[00:19:56] <paravoid>	 sorry, it's getting late :)
[00:19:57] <Ryan_Lane>	 no access logs?
[00:20:13] <paravoid>	 no ipv6 access
[00:20:15] <Ryan_Lane>	 it's ok. I can also just look myself :)
[00:20:18] <paravoid>	 they do have ssl access
[00:20:27] <Ryan_Lane>	 well, wtf
[00:20:28] <paravoid>	 and have both ssl & ipv6 error
[00:20:30] <Ryan_Lane>	 they are disabled
[00:20:36] <Ryan_Lane>	 yeah. error log makes sense
[00:20:49] <paravoid>	 oh
[00:20:52] <paravoid>	 again, wrong
[00:21:01] <paravoid>	 there's just an "access.log"
[00:21:04] <Ryan_Lane>	 access is only ipv6
[00:21:08] <Ryan_Lane>	 damn it
[00:21:08] <paravoid>	 which has ipv6 addresses
[00:21:09] <paravoid>	 right
[00:21:16] <Ryan_Lane>	 how did I miss that?
[00:21:20] <Ryan_Lane>	 oh
[00:21:22] <Ryan_Lane>	 I know why
[00:21:31] <Ryan_Lane>	 we had access logs enabled for IPv6 on purpose before
[00:21:36] <Ryan_Lane>	 because we had stats for it
[00:21:58] <paravoid>	 I'm fixing it
[00:22:03] <Ryan_Lane>	 I got it
[00:22:33] <gerrit-wm>	 New patchset: Ryan Lane; "Disable access logs for ipv6 nginx" [operations/puppet] (production) - https://gerrit.wikimedia.org/r/11721
[00:22:38] <paravoid>	 ah, I had it too
[00:23:02] <gerrit-wm>	 New review: Faidon; "(no comment)" [operations/puppet] (production); V: 0 C: 2;  - https://gerrit.wikimedia.org/r/11721
[00:23:02] <gerrit-wm>	 New review: gerrit2; "Lint check passed." [operations/puppet] (production); V: 1 - https://gerrit.wikimedia.org/r/11721
[00:23:13] <gerrit-wm>	 Change merged: Faidon; [operations/puppet] (production) - https://gerrit.wikimedia.org/r/11721
[00:23:24] <Ryan_Lane>	 so...
[00:23:32] <Ryan_Lane>	 we don't have notify set for this
[00:23:37] <paravoid>	 err
[00:23:41] <paravoid>	 wait
[00:23:43] <Ryan_Lane>	 ?
[00:24:15] <paravoid>	 what's "ipv6and4"?
[00:24:18] <paravoid>	 it still has access logs
[00:24:27] <Ryan_Lane>	 yes
[00:24:32] <Ryan_Lane>	 that was what we had the stats running on
[00:24:41] <Ryan_Lane>	 let's not mess with that just yet
[00:24:49] <Ryan_Lane>	 it's small
[00:24:56] <paravoid>	 okay
[00:25:01] <paravoid>	 force-running puppet on the servers
[00:25:11] <Ryan_Lane>	 puppet won't restart nginx
[00:25:19] <paravoid>	 !log SSL ipv6 access logs disabled; force running puppet and rm'ing access.logs on esams
[00:25:24] <morebots>	 Logged the message, Master
[00:25:25] <Ryan_Lane>	 it does for the main config, but not the sub-configs
[00:25:33] <paravoid>	 will do
[00:25:37] <paravoid>	 I'm logged in all of them anyway
[00:25:41] * Ryan_Lane  nods

[00:25:55] <Ryan_Lane>	 I did that in the past because I was worried of puppet bringing them all down :)
[00:26:15] <Ryan_Lane>	 we can likely change that now
[00:26:33] <Ryan_Lane>	 woosters: renew ssl on ssl3001  - Certificate will expire on 07/19/2016 16:14.
[00:26:35] <Ryan_Lane>	 .....
[00:26:39] <Ryan_Lane>	 that's 3 years from now
[00:26:54] <Ryan_Lane>	 probably don't need a ticket for that ;)
[00:27:04] <Ryan_Lane>	 the message sent by nagios is normal for when a server comes back up
[00:27:33] <RoanKattouw>	 lo
[00:27:35] <RoanKattouw>	 l
[00:28:33] <woosters>	 yea
[00:28:43] <woosters>	 i noticed that and cancelled that ticket ;-P
[00:28:46] <Ryan_Lane>	 heh
[00:28:59] <woosters>	 thought it was 2012
[00:29:06] <Ryan_Lane>	 :D
[00:31:05] <paravoid>	 why do we use 250GB disks and allocate 9GB for /
[00:31:08] <paravoid>	 how stupid is that?!?!
[00:31:22] <Ryan_Lane>	 it was some fucked up partmap recipie
[00:31:29] <RoanKattouw>	 Dude, don't get me started, hume has a 5GB partition for /usr/local/apache
[00:31:51] <Ryan_Lane>	 also, the logs were supposed to be disabled ;)
[00:32:11] <RoanKattouw>	 Even though we've made a point of putting it on a separate partition on all app servers so we could grow it from ~7GB to ~100GB
[00:32:20] <Ryan_Lane>	 it matters on the app servers
[00:32:29] <Ryan_Lane>	 it shouldn't matter at all on reverse proxies
[00:32:52] <Ryan_Lane>	 we likely would have had the same result, but a few weeks from now
[00:33:32] <Ryan_Lane>	 I'd be perfectly happy having those be diskless
[00:34:00] <paravoid>	 !log esams SSL should be back up
[00:34:05] <morebots>	 Logged the message, Master
[00:34:13] <paravoid>	 now let's force run puppet and cleanup on pmtpa and eqiad :)
[00:34:26] <Ryan_Lane>	 yes, indeed
[00:34:46] <Ryan_Lane>	 I blame ipv6
[00:34:47] <Ryan_Lane>	 :)
[00:34:51] <paravoid>	 hahaha
[00:35:01] <Ryan_Lane>	 oh
[00:35:02] <Ryan_Lane>	 right
[00:35:08] <Ryan_Lane>	 I get all the blame for that anyways
[00:35:10] <paravoid>	 do we not have df checks?
[00:35:25] <Ryan_Lane>	 I have no clue why we wouldn't
[00:35:36] <Ryan_Lane>	 maybe we don't have a standard set of checks for all nodes?
[00:36:45] <Ryan_Lane>	 you doing the puppet force run>
[00:36:49] <paravoid>	 yes
[00:36:51] <Ryan_Lane>	 ok
[00:36:52] <paravoid>	 and rm access.log
[00:36:59] <Ryan_Lane>	 we have an ssl dsh group, btw
[00:36:59] <paravoid>	 and restart nginx
[00:37:22] <paravoid>	 and rolling back the separate LV for logs that I had began deploying :)
[00:37:57] <paravoid>	 Thehelpfulone: thanks for noticing and notifying us
[00:38:03] <Ryan_Lane>	 indeed
[00:38:10] <paravoid>	 Thehelpfulone: it would have probably gone undetected for hours if it weren't for you
[00:38:15] <Ryan_Lane>	 he was probably one of the unlucky 1/3 that was affected
[00:38:28] <Thehelpfulone>	 no problem :)
[00:38:35] <Ryan_Lane>	 well, it would have failed over to the other nodes, which would have then died quickly, then we'd have been paged :)
[00:38:44] <Ryan_Lane>	 while we were sleeping
[00:38:49] <Ryan_Lane>	 so indeed, thank you :)
[00:38:50] <paravoid>	 why would it?
[00:38:56] <paravoid>	 does pybal check for 500s too?
[00:39:00] <Ryan_Lane>	 yes
[00:39:04] <paravoid>	 on random URLs?
[00:39:14] <Ryan_Lane>	 no, but it would get a 500
[00:39:17] <paravoid>	 not everything was failing, just URLs with contents
[00:39:21] <paravoid>	 I'm not sure if / would fail
[00:39:27] <Ryan_Lane>	 it would have content
[00:39:31] <Ryan_Lane>	 wait.
[00:39:40] <Ryan_Lane>	 do we do more than a connection check there?
[00:39:42] <Ryan_Lane>	 we don't :(
[00:39:48] <Ryan_Lane>	 but
[00:39:53] <Ryan_Lane>	 the ssh check would have failed
[00:39:56] <paravoid>	 so, undetected :)
[00:39:58] <paravoid>	 why?
[00:40:03] <Ryan_Lane>	 it tries to write
[00:40:13] <paravoid>	 oh, nice
[00:40:13] <Ryan_Lane>	 if it can't it fails
[00:40:15] <Ryan_Lane>	 yes
[00:40:19] <paravoid>	 you mean our check?
[00:40:20] <paravoid>	 or sshd?
[00:40:23] <Ryan_Lane>	 ours
[00:40:26] <paravoid>	 oh, coool
[00:40:32] <paravoid>	 why didn't it fail already though?
[00:40:38] <Ryan_Lane>	 of course, that's assuming we have the same check on that one
[00:40:51] <paravoid>	 3001 was full when I started troubleshooting
[00:40:55] <Ryan_Lane>	 what we really need is a content check via ssh
[00:41:04] <Ryan_Lane>	 did you see if it was pooled or not?
[00:41:09] <Ryan_Lane>	 I'm betting it was depooled
[00:41:33] <Ryan_Lane>	 but, just because it's depooled doesn't mean much
[00:41:36] <paravoid>	 if it was, how would Thehelpfulone getting 500s? :-)
[00:41:37] <Ryan_Lane>	 it'll still have connections open
[00:41:42] <Ryan_Lane>	 sh scheduler
[00:41:52] <Ryan_Lane>	 read about its failure mode
[00:41:59] <paravoid>	 oh, right
[00:42:01] <paravoid>	 dammit
[00:42:10] <Ryan_Lane>	 it takes a bit longer
[00:42:22] <Ryan_Lane>	 we need to work on getting stud :)
[00:42:31] <paravoid>	 nginx just released SPDY support :)
[00:42:34] <paravoid>	 like, hours ago
[00:42:35] <Ryan_Lane>	 \o/
[00:42:42] <Ryan_Lane>	 wait.
[00:42:43] <Ryan_Lane>	 no
[00:42:47] <paravoid>	 no?
[00:42:48] <paravoid>	 http://nginx.org/patches/spdy/ :)
[00:42:51] <Ryan_Lane>	 that actually makes me less willing to switch :(
[00:42:58] <paravoid>	 exactly :)
[00:43:00] <Ryan_Lane>	 that and the 1.1 support
[00:43:06] <paravoid>	 there's a SSL memcached patch for nginx floating around
[00:43:12] <Ryan_Lane>	 yeah
[00:43:16] <Ryan_Lane>	 it needs a shit-ton of work
[00:43:23] <paravoid>	 yep
[00:43:27] <paravoid>	 and the guy who wrote it
[00:43:34] <Ryan_Lane>	 but it might be worth the effort
[00:43:34] <paravoid>	 switched from an IT career
[00:43:38] <Ryan_Lane>	 yeah
[00:43:40] <paravoid>	 to being a train driver
[00:43:43] <Ryan_Lane>	 we'd need to maintain it ourselves
[00:43:46] <paravoid>	 wtf is up with that :)
[00:43:51] <Ryan_Lane>	 they make more money
[00:43:57] <Ryan_Lane>	 and it's less stressful
[00:44:39] <Ryan_Lane>	 and come on, you get to drive a train, that sounds fun to me :)
[00:44:54] <Ryan_Lane>	 (actually, it sounds incredibly boring)
[00:45:53] <binasher>	 i've looked for that patch!
[00:46:10] <Ryan_Lane>	 it's not very good :(
[00:46:19] <Ryan_Lane>	 but. we can fix it
[00:46:22] * Ryan_Lane  shrugs

[00:46:52] <Ryan_Lane>	 this is the kind of magazine I'd expect to find in "The good hotel" http://25.media.tumblr.com/tumblr_m5myygZnf01r2fm6fo1_500.jpg
[00:46:54] <binasher>	 i'm surprised that stud broadcasts ssl session data to all other instances instead of using memcached
[00:47:02] <woosters>	 the train driver gets to blow his horn ;-P
[00:47:08] <Ryan_Lane>	 binasher: yeah, same
[00:47:35] <Ryan_Lane>	 binasher: what happens when one of the ssl servers dies, and its memcache goes away?
[00:47:59] <Ryan_Lane>	 the hashing algorithm stores the cache info on another?
[00:48:44] <binasher>	 1/nth of clients would have to re-negotiate
[00:48:56] <Ryan_Lane>	 until the node came back up?
[00:49:03] <Ryan_Lane>	 or just once?
[00:49:04] <binasher>	 no, that wouldn't work
[00:49:09] <paravoid>	 binasher: there was some explanation on the bug tracker that I don't remember
[00:49:13] <paravoid>	 let me find it
[00:49:32] <Ryan_Lane>	 broadcasting means there's no renegotiation necessary in case of failure
[00:50:26] <paravoid>	 "Storing a new session is done asynchronously. However, getting a session from memcached is done synchronously. Therefore, there is a major performance drawback. Unfortunately, there is no way to register an asynchronous callback with OpenSSL. Either we could use some threads (eeek) or insert remote sessions into the local cache. I don't know if memcached allows something like this. We may switch to something that would broadcast insertions
[00:50:33] <paravoid>	 from https://github.com/bumptech/stud/pull/29
[00:50:36] <paravoid>	 binasher: ^^^
[00:50:41] <Ryan_Lane>	 ah
[00:50:50] <binasher>	 that makes sense
[00:52:48] <Ryan_Lane>	 are the licenses compatible? can we just repurpose stud's implementation?
[00:53:27] <binasher>	 lets make stud+varnish appliances and call it studly
[00:53:31] <Ryan_Lane>	 :D
[00:53:41] <Ryan_Lane>	 binasher: I want the SPDY support in nginx :(
[00:54:20] <paravoid>	 there's a spedey thing too
[00:54:28] <paravoid>	 which is inspired by stud but is a spdy proxy
[00:54:32] <paravoid>	 also has X-F-F
[00:54:39] <paravoid>	 no SSL session cache though :)
[00:54:44] <Ryan_Lane>	 bleh
[00:54:47] <paravoid>	 also, I think that SPDY also has some session information
[00:54:53] <paravoid>	 i.e. keeps state
[00:55:02] <Ryan_Lane>	 yes, of course it does
[00:55:05] <binasher>	 https://github.com/pquerna/spedye
[00:55:16] <binasher>	 oh paravoid already mentioned
[00:55:31] <Ryan_Lane>	 no ssl session cache would be the fail
[00:55:38] <binasher>	 "based upon the ideas of stud"
[00:55:40] <binasher>	 uh huh
[00:56:44] <paravoid>	 Ryan_Lane: i.e. if we do spdy, we need more than shared ssl session cache to get rid of sh
[00:56:49] <paravoid>	 we need shared spdy state too
[00:56:52] <paravoid>	 good luck with that
[00:57:20] <binasher>	 or we could give up and hash on client ip
[00:57:20] <Ryan_Lane>	 true
[00:57:34] <Ryan_Lane>	 binasher: that's what sh does
[00:57:55] <binasher>	 ah, source hash?
[00:57:59] <Ryan_Lane>	 which is what we're using now
[00:58:00] <Ryan_Lane>	 yeah
[00:58:10] <Ryan_Lane>	 we're like to switch to wrr
[00:58:22] <Ryan_Lane>	 *we'd
[00:58:30] <Ryan_Lane>	 (it's late :) )
[01:00:49] <Ryan_Lane>	 ah. spdy support in nginx isn't really usable right now anyway
[01:00:59] <Ryan_Lane>	 it's draft 2 implementation
[01:03:57] <paravoid>	 yes
[01:04:17] <paravoid>	 but we have to take its development into account :)
[01:04:26] <Ryan_Lane>	 yes. true
[01:04:29] <paravoid>	 before deciding into switching to stud (which we can't right now anyway)
[01:04:35] <Ryan_Lane>	 yep
[01:04:56] <Ryan_Lane>	 we should figure out if it makes more sense to spend dev time on one or the other
[01:04:56] <paravoid>	 also,
[01:05:10] <paravoid>	 with chrome + firefox 13+ supporting spdy by default
[01:05:18] <paravoid>	 the 4*3 servers won't be nearly enough
[01:05:47] <Ryan_Lane>	 we'd want it on every server
[01:05:51] <paravoid>	 which also means that we'd need "sh" for half of our traffic
[01:06:03] <Ryan_Lane>	 we've thought about it in the past
[01:06:13] <Ryan_Lane>	 we wanted to make sure ssl wouldn't eat up too much memory
[01:06:41] <Ryan_Lane>	 though we could always patch openssl for that anwyay
[01:06:55] <Ryan_Lane>	 (I wanted to avoid patching openssl, if possible)
[01:07:02] <paravoid>	 patch it for what?
[01:07:22] <Ryan_Lane>	 there's a patch google made that dramatically lowers the amount of memory used
[01:07:48] <Ryan_Lane>	 I think it's upstreamed, but it's in a much, much newer version of openssl from what I remember
[01:08:08] <paravoid>	 much newer than precise too?
[01:08:19] <Ryan_Lane>	 I believe so. lemme see
[01:09:00] <paravoid>	 hmm, apparently you can do SPDY without SSL too
[01:09:07] <Ryan_Lane>	 oh
[01:09:12] <Ryan_Lane>	 it's in precise
[01:09:33] <paravoid>	 :-)
[01:09:46] <Ryan_Lane>	 it's SSL_MODE_RELEASE_BUFFERS
[01:11:19] <Ryan_Lane>	 we need to upgrade the ssl servers :)
[01:11:44] <Ryan_Lane>	 it'll get us that and HTTP 1.1 support
[01:12:17] <Ryan_Lane>	 anyway, I need to go to bed
[01:12:26] <paravoid>	 twitter does spdy already
[01:12:28] <paravoid>	 damn them :)
[01:12:35] <Ryan_Lane>	 fuckers
[01:12:43] <Ryan_Lane>	 well, we beat them to ipv6 anyway
[01:12:47] <paravoid>	 hahaha
[01:12:53] <paravoid>	 it's 2-1 though
[01:12:59] <paravoid>	 ssl, spdy vs. ipv6
[01:13:11] <Ryan_Lane>	 ipv6 is more important
[01:13:43] <Ryan_Lane>	 ok. off to bed
[01:13:44] * Ryan_Lane  waves

[01:13:46] <paravoid>	 night
[01:13:53] <paravoid>	 that was an intense day...
[01:41:36] <nagios-wm>	 PROBLEM - MySQL Slave Delay on db1025 is CRITICAL: CRIT replication delay 288 seconds
[01:42:12] <nagios-wm>	 PROBLEM - MySQL Slave Delay on storage3 is CRITICAL: CRIT replication delay 235 seconds
[01:47:18] <nagios-wm>	 RECOVERY - MySQL Slave Delay on db1025 is OK: OK replication delay 10 seconds
[01:49:06] <nagios-wm>	 PROBLEM - Misc_Db_Lag on storage3 is CRITICAL: CHECK MySQL REPLICATION - lag - CRITICAL -  Seconds_Behind_Master : 650s
[01:51:57] <nagios-wm>	 RECOVERY - Misc_Db_Lag on storage3 is OK: CHECK MySQL REPLICATION - lag - OK -  Seconds_Behind_Master : 11s
[01:52:33] <nagios-wm>	 RECOVERY - MySQL Slave Delay on storage3 is OK: OK replication delay 17 seconds
[01:58:06] <nagios-wm>	 PROBLEM - Puppet freshness on maerlant is CRITICAL: Puppet has not run in the last 10 hours
[01:58:07] <nagios-wm>	 PROBLEM - Puppet freshness on professor is CRITICAL: Puppet has not run in the last 10 hours
[02:13:42] <nagios-wm>	 PROBLEM - MySQL Slave Delay on db26 is CRITICAL: CRIT replication delay 192 seconds
[02:13:42] <nagios-wm>	 PROBLEM - MySQL Replication Heartbeat on db26 is CRITICAL: CRIT replication delay 193 seconds
[02:41:28] <gerrit-wm>	 New patchset: Dereckson; "(bug 37644) Enable subpages on be.wikimedia.org for NS 0 and 4" [operations/mediawiki-config] (master) - https://gerrit.wikimedia.org/r/11723
[02:41:34] <gerrit-wm>	 New review: jenkins-bot; "Build Successful " [operations/mediawiki-config] (master); V: 1 C: 0;  - https://gerrit.wikimedia.org/r/11723
[02:43:27] <gerrit-wm>	 New review: SPQRobin; "(no comment)" [operations/mediawiki-config] (master) C: 1;  - https://gerrit.wikimedia.org/r/11723
[02:55:36] <gerrit-wm>	 New patchset: Dereckson; "(bug 37644) Enable subpages on be.wikimedia.org for NS 0 and 4" [operations/mediawiki-config] (master) - https://gerrit.wikimedia.org/r/11723
[02:55:43] <gerrit-wm>	 New review: jenkins-bot; "Build Successful " [operations/mediawiki-config] (master); V: 1 C: 0;  - https://gerrit.wikimedia.org/r/11723
[02:56:18] <gerrit-wm>	 New review: Dereckson; "Trailing space missing." [operations/mediawiki-config] (master) - https://gerrit.wikimedia.org/r/11723
[02:57:09] <gerrit-wm>	 New review: Dereckson; "Added trailing space." [operations/mediawiki-config] (master) C: 0;  - https://gerrit.wikimedia.org/r/11723
[02:59:46] <nagios-wm>	 RECOVERY - MySQL Slave Delay on db26 is OK: OK replication delay 28 seconds
[03:00:49] <nagios-wm>	 RECOVERY - MySQL Replication Heartbeat on db26 is OK: OK replication delay 20 seconds
[03:00:49] <nagios-wm>	 PROBLEM - Puppet freshness on db29 is CRITICAL: Puppet has not run in the last 10 hours
[03:41:36] <gerrit-wm>	 New review: SPQRobin; "(no comment)" [operations/mediawiki-config] (master) C: 1;  - https://gerrit.wikimedia.org/r/11723
[03:58:27] <gerrit-wm>	 New patchset: SPQRobin; "Bug 37614 - Change project talk namespace for bjnwiki" [operations/mediawiki-config] (master) - https://gerrit.wikimedia.org/r/11583
[03:58:34] <gerrit-wm>	 New review: jenkins-bot; "Build Successful " [operations/mediawiki-config] (master); V: 1 C: 0;  - https://gerrit.wikimedia.org/r/11583
[03:59:47] <gerrit-wm>	 New patchset: SPQRobin; "Bug 37614 - Change project talk namespace for bjnwiki" [operations/mediawiki-config] (master) - https://gerrit.wikimedia.org/r/11583
[03:59:53] <gerrit-wm>	 New review: jenkins-bot; "Build Successful " [operations/mediawiki-config] (master); V: 1 C: 0;  - https://gerrit.wikimedia.org/r/11583
[04:03:17] <gerrit-wm>	 New review: SPQRobin; "* Good idea, I have done that now" [operations/mediawiki-config] (master) C: 0;  - https://gerrit.wikimedia.org/r/11583
[04:07:59] <gerrit-wm>	 New review: SPQRobin; "(I was thinking though, if the sitename is changed, then it will also affect the project talk namesp..." [operations/mediawiki-config] (master) C: 0;  - https://gerrit.wikimedia.org/r/11583
[04:09:29] <nagios-wm>	 RECOVERY - Puppet freshness on professor is OK: puppet ran at Sat Jun 16 04:09:19 UTC 2012
[04:46:14] <nagios-wm>	 PROBLEM - Puppet freshness on virt0 is CRITICAL: Puppet has not run in the last 10 hours
[05:58:16] <nagios-wm>	 PROBLEM - Puppet freshness on ocg3 is CRITICAL: Puppet has not run in the last 10 hours
[06:49:41] <nagios-wm>	 PROBLEM - Puppet freshness on searchidx2 is CRITICAL: Puppet has not run in the last 10 hours
[11:59:26] <nagios-wm>	 PROBLEM - Puppet freshness on maerlant is CRITICAL: Puppet has not run in the last 10 hours
[12:11:17] <Ryan_Lane1>	 paravoid: still no change
[12:11:45] <Ryan_Lane>	 so, I'm going to change it to labs-ns0/1
[12:12:00] <Ryan_Lane>	 or should we just keep operating like now and wait till monday?
[12:12:18] <Ryan_Lane>	 nothing is currently broken, so it may be better to only need to make a single change
[13:01:59] <nagios-wm>	 PROBLEM - Puppet freshness on db29 is CRITICAL: Puppet has not run in the last 10 hours
[13:41:53] <nagios-wm>	 PROBLEM - MySQL Idle Transactions on db52 is CRITICAL: CHECK_NRPE: Socket timeout after 10 seconds.
[13:47:44] <nagios-wm>	 RECOVERY - MySQL Idle Transactions on db52 is OK: OK longest blocking idle transaction sleeps for 0 seconds
[14:46:56] <nagios-wm>	 PROBLEM - Puppet freshness on virt0 is CRITICAL: Puppet has not run in the last 10 hours
[15:23:14] <nagios-wm>	 PROBLEM - Host niobium is DOWN: PING CRITICAL - Packet loss = 100%
[15:59:39] <nagios-wm>	 PROBLEM - Puppet freshness on ocg3 is CRITICAL: Puppet has not run in the last 10 hours
[16:50:39] <nagios-wm>	 PROBLEM - Puppet freshness on searchidx2 is CRITICAL: Puppet has not run in the last 10 hours
[18:12:01] <gerrit-wm>	 New patchset: Ryan Lane; "Initial commit of adminbot" [operations/debs/adminbot] (master) - https://gerrit.wikimedia.org/r/11732
[18:12:29] <gerrit-wm>	 New review: Ryan Lane; "(no comment)" [operations/debs/adminbot] (master); V: 1 C: 2;  - https://gerrit.wikimedia.org/r/11732
[18:12:32] <gerrit-wm>	 Change merged: Ryan Lane; [operations/debs/adminbot] (master) - https://gerrit.wikimedia.org/r/11732
[22:00:39] <nagios-wm>	 PROBLEM - Puppet freshness on maerlant is CRITICAL: Puppet has not run in the last 10 hours
[23:02:37] <nagios-wm>	 PROBLEM - Puppet freshness on db29 is CRITICAL: Puppet has not run in the last 10 hours