Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2013-06-08

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:02 rdeweerd joined #salt
00:05 jkleckner joined #salt
00:12 jacksontj joined #salt
00:17 kmwhite joined #salt
00:24 DanGarthwaite joined #salt
00:24 DanGarthwaite http://debian.saltstack.org/ seems to be unreachable.  :(
00:24 DanGarthwaite http://debian.saltstack.com/ :)
00:29 efixit joined #salt
00:33 DanGarthwaite I'm getting failures to bootstrap.sh on fresh ubuntu 10.04 64bit
00:37 DanGarthwaite Hrm.  Could be my apt cache.   Disregard.
00:38 jeddi joined #salt
00:39 ogrisel_ joined #salt
00:40 efixit joined #salt
00:42 DanGarthwaite left #salt
00:46 mgw DanGarthwaite: are you behind a proxy?
00:46 s0undt3ch joined #salt
00:49 rdeweerd joined #salt
01:06 echos joined #salt
01:07 echos joined #salt
01:10 auser joined #salt
01:16 Corey joined #salt
01:19 echos joined #salt
01:23 jacksontj joined #salt
01:27 bhosmer joined #salt
01:28 Nexpro1 joined #salt
01:36 danielbachhuber joined #salt
01:36 jefferai joined #salt
01:46 jkleckner joined #salt
01:51 maxleonca joined #salt
01:53 danielbachhuber joined #salt
02:04 ska joined #salt
02:09 jefferai joined #salt
02:10 danielbachhuber joined #salt
02:12 rdeweerd joined #salt
02:14 s0undt3ch__ joined #salt
02:16 rdeweerd joined #salt
02:29 mgw joined #salt
02:31 20WACKKN7 joined #salt
02:41 soukihei joined #salt
02:47 jkleckner1 joined #salt
02:47 rdeweerd joined #salt
02:51 lvicks joined #salt
03:00 kmwhite joined #salt
04:00 MasterNayru joined #salt
04:05 Ryan_Lane joined #salt
04:17 kmwhite joined #salt
04:20 whit joined #salt
04:26 dthom91 joined #salt
04:35 efixit joined #salt
04:51 mgw joined #salt
04:54 alexl joined #salt
05:10 zooz joined #salt
05:26 logix812 joined #salt
05:45 danielbachhuber joined #salt
06:08 rawlbot joined #salt
06:19 druonysus joined #salt
06:32 druonysus joined #salt
06:35 onewheelskyward joined #salt
06:42 onewheelskyward left #salt
07:03 efixit joined #salt
07:05 carmony Think 10 servers will be enough for my salt demo? :P
07:11 danielbachhuber joined #salt
07:17 carmony we need to salt vagrant so it can deploy in parallel
07:39 Nexpro joined #salt
07:50 mikedawson joined #salt
07:55 ogrisel_ joined #salt
08:11 danielbachhuber joined #salt
08:13 s4muel joined #salt
08:30 Charatna joined #salt
08:30 Charatna left #salt
08:38 dhgbrg joined #salt
08:45 efixit joined #salt
08:46 dhgbrg hey guys. new salt user since a couple of days back here. like it very much so far. however i have a problem i can't solve. trying to match grains but it doesn't work.
08:46 dhgbrg in /etc/salt/minion i have
08:46 dhgbrg grains:
08:46 dhgbrg roles:
08:46 dhgbrg - webserver
08:46 dhgbrg - memcache
08:46 dhgbrg - test
08:46 dhgbrg and in my top.sls
08:46 dhgbrg base:
08:46 dhgbrg '*':
08:46 dhgbrg - core
08:46 dhgbrg 'G@roles:webserver':
08:46 dhgbrg - nginx
08:46 dhgbrg - php
08:46 dhgbrg - sites.default
08:46 dhgbrg 'G@roles:memcache':
08:46 dhgbrg - memcache
08:46 dhgbrg this works: sudo salt -G 'roles:webserver' test.ping
08:47 dhgbrg but when running salt '*' state.highstate only core is matched
08:47 dhgbrg any tips or hints would be much appreciated
08:50 EugeneKay You need to have  "- match: grain"
08:50 EugeneKay At least, that's what made it work for me.
08:52 dhgbrg hm
08:52 dhgbrg ah
08:52 dhgbrg this seems to work
08:52 dhgbrg 'roles:webserver':
08:52 dhgbrg - match: grain
08:52 EugeneKay Ya
08:53 dhgbrg thanks a ton
08:53 EugeneKay Took me a half-hour of head scratching to find too
08:57 dhgbrg so you always need the "- match: <type>", and the @-style is only possible with compound matching?
08:58 EugeneKay I have no idea.
09:02 alexl joined #salt
09:07 efixit joined #salt
09:07 zooz joined #salt
09:09 ogrisel_ joined #salt
09:12 danielbachhuber joined #salt
09:18 elasticdog joined #salt
09:58 efixit joined #salt
10:06 pacosani joined #salt
10:07 pacosani Hello
10:07 pacosani Few wustions
10:07 pacosani Questions
10:25 joehh pacosani: just ask- maybe someone will know
10:25 bhosmer joined #salt
10:26 joehh either that or wait for morning us time when thec hannel livena up
10:26 heewa joined #salt
10:30 pacosani Im curious about ldap tie ins\
10:47 aranhoide joined #salt
10:51 rdeweerd joined #salt
11:12 danielbachhuber joined #salt
11:17 backjlack joined #salt
11:19 karlp pacosani: it's really best to just _ask_
11:20 karlp I can read the backlog, but all I knwo about you is you want to ask about ldap.
11:20 karlp if you'd asked the question already, I could possibly already be answering.
11:21 efixit joined #salt
11:43 niki If I change file_roots in the master conf, do I  also have to change it on the minions ?
11:46 Nexpro joined #salt
11:49 Charatna joined #salt
11:49 Charatna left #salt
11:55 hhtp joined #salt
12:01 aranhoide joined #salt
12:12 karlp niki: do minions even have a setting for file_roots? (I can't see why they would care where on the master salt:// points to)
12:13 dhgbrg joined #salt
12:13 danielbachhuber joined #salt
12:14 niki karlp: there is on in the minion conf, but it seems like I have some other issue :-/
12:24 efixit joined #salt
12:27 jslatts joined #salt
12:31 niki anyone see an issue where something like 'file_roots = pillar_roots' happens, no matter what I assign file_roots to, it gets replaced with the content of pillar_roots ?
12:35 __gotcha joined #salt
12:35 __gotcha joined #salt
12:42 dhgbrg joined #salt
12:43 bhosmer joined #salt
12:46 azbarcea joined #salt
12:56 lvicks joined #salt
13:10 DredTiger joined #salt
13:39 heewa joined #salt
13:45 luminous what are we supposed to do about sensitive data ending up in salt's logs?
13:46 luminous niki: sounds like a config error
13:50 fivethreeo joined #salt
13:52 Furao_ joined #salt
13:55 luminous Furao: do you have a way to deal with sensitive data in salt's logs?
14:01 Furao which kind? debug output of template?
14:01 niki luminous: I have tried a diff against the master conf from the git repo, and it only showed changes to the file_roots and pillar_roots parts
14:02 luminous Furao: passwords, ssl keys, enc key, etc. stuff you put in pillar or pass in through a module and which ends up going into a file or what not
14:02 luminous niki: what's the salt log say?
14:02 luminous comon, dig and see what's up :)
14:02 luminous try restarting the services?
14:04 martineg_ joined #salt
14:15 niki nothing interesting, other than loading modules and such, both master an minions have been restarted several times
14:17 ogrisel joined #salt
14:18 luminous niki: maybe you can paste some more details to a dpaste.de or something to show what you have setup, what you are trying, and what the results are?
14:19 alexl joined #salt
14:21 niki sure, atm. I'm trying to get the minions to run the top.sls, but the can't fetch it, because files_root point to the wrong dir, but I'll paste the configs in a minute
14:21 aat joined #salt
14:22 luminous niki: it's not just the configs, it's also what you run and what you see
14:22 luminous it's hard to see the problem
14:22 baniir joined #salt
14:27 DigitalHermit1 joined #salt
14:30 dennisdegreef joined #salt
14:31 niki luminous: http://ur1.ca/e8rwg <-- master and minion configs
14:33 niki luminous: http://ur1.ca/e8ry7 <--- a run of "salt '*' pillar.data" which shows that the files_root and pilar_root has the same content, but onfigured differently in the master conf
14:37 luminous - /srv/salt/states
14:37 luminous why do you have this in pillar_roots?
14:37 saltnewb joined #salt
14:38 luminous niki: ^^
14:39 niki just to try to get a bit further (fully on purpose)...
14:39 onewheelskyward joined #salt
14:40 saltnewb Is there a known issue with the salt PPA? In Ubunto, I'm getting the following error when running "apt-get install salt-master":  E: Unable to locate package salt-master
14:41 luminous niki: but that's incorrect
14:41 niki but I have tried just to rename the base: to base1: in the pillar_roots section, and it was renamed in file_roots too...
14:41 luminous saltnewb: use salt-bootstrap and love life again
14:41 luminous niki: I don't think I can help.. you are taking pot shots instead of thinking about this logically and starting simple
14:42 luminous I suggest a clear salt install and retrying
14:42 luminous sorry I can't help much more than that
14:42 luminous s/clear/clean
14:43 niki luminous: I know it's incorrect, just had to sow that what ever is in pillar_roots, gets coppied to file_roots....
14:43 * luminous is hands off at this point
14:44 luminous my recommendation is to start clean
14:44 niki I have tried to upgrade to 0.15.3, but get the same, and reinstalled 0.15.1
14:44 luminous with all the futzing, who knows what you have in there. I'd be wasting my time
14:44 luminous start fresh
14:44 luminous use salt-bootstrap
14:44 luminous use a clean config and states
14:44 luminous start over
14:44 luminous then work up
14:45 luminous until it breaks, then back off
14:45 luminous debug it properly :)
14:45 niki both dirs (/srv/salt/{states,pillar}) are both empty atm
14:46 fivethreeo joined #salt
14:46 luminous so what
14:46 danielbachhuber joined #salt
14:46 luminous that doesn't change anything I would recommend at this point
14:46 DigitalHermit joined #salt
14:47 niki restarting i am then, see if that brings any luck ;-)
14:47 luminous :)
14:47 luminous try a clean vm if you can
14:48 luminous adn I highly recommend using salt-bootstrap to install salt
14:48 backjlack joined #salt
14:48 niki this is physical machines i'm working on ;-)
14:52 luminous can you (easily) do a clean install of the OS if you have to?
14:52 luminous you might want to dev with salt in such an env
14:53 luminous using vms/etc, if even locally with virtual box
14:55 niki My plan was to use salt to help manage openstack, on other machines.
14:56 niki but a reinstall of this machine isn't an option atm
14:56 luminous so install salt somewhere else to be sure you have your head on right
14:56 luminous a vagrant image or vbox or what have you might be a good idea
14:57 luminous and yea, managing openstack is a great idea
15:00 * luminous out
15:03 aat joined #salt
15:04 UtahDave joined #salt
15:05 saltnewb When using salt-bootstrap, I can't seem to get upstart to work correctly. Any ideas?
15:12 Nexpro1 joined #salt
15:12 niki Okay, still get the same issue after a clean install of salt-master/minion, "salt '*' pillar.data" still shows that the content of pillar_roots is copies to file_roots (file_roots content is replaced/lost)
15:18 onewheelskyward left #salt
15:19 DigitalHermit joined #salt
15:31 halfss joined #salt
15:36 saltnewb I was able to resolve my issue but just installing salt via the documented way (not salt-bootstrap) and substituting "sudo apt-get install software-properties-common" with "sudo apt-get install python-software-properties" on ubuntu 12.04 LTS.
15:41 UtahDave saltnewb: could you open an issue on the salt-bootstrap repo with this issue?
15:41 UtahDave niki: let me try that here
15:45 UtahDave niki: yep, confirmed here.
15:45 UtahDave niki: could you open an issue on the salt github repo for this?
15:46 niki Sure UtahDave, and thanks, was starting to wonder if I was getting mad ;-)
15:46 UtahDave :)  nah.
15:47 UtahDave thanks for opening that issue.  That's really helpful
15:47 niki And salt.config.master_config('/etc/salt/master') returns the correct content
15:48 niki Sure, Will take a couple of seconds, have to figure out what my account name and password was ;-)
15:48 UtahDave :)
15:50 niki What info do you want me to include ?
15:52 UtahDave what version of Salt you saw this on, your OS, the output that you're seeing and what you expected the output to be.
15:53 niki ok, just the standard basic stuff then ;-)
15:55 UtahDave yep!
15:58 logix812 joined #salt
15:59 saltnewb So I seem to have salt up and running, but some commands work intermittently or not at all, while others work fine. "sudo salt '*' test.ping" worked like a charm the first time, but on successive tries, it seems to time out and nothing happens. The odd thing is that other commands seem to work consistently, such as "sudo salt '*' test.providers" and "sudo salt '*' sys.doc", but some commands like "sudo salt '*' test.version" don't see
15:59 SpX joined #salt
16:00 saltnewb I am running master and minion on the same box, with minion's master pointed to 127.0.0.1
16:00 Dekkers left #salt
16:01 saltnewb Just tried "sudo salt '*' test.ping" again and it worked, but trying it again after that results in no output :/
16:06 saltnewb Do I simply need to wait a minute or two before running commands? I'm on a pretty decent machine, so I'd like to think that I should be able to run these commands ever few seconds or so
16:11 baijum joined #salt
16:11 baijum left #salt
16:12 UtahDave joined #salt
16:12 niki UtahDave: It's issue #5449
16:13 UtahDave saltnewb: what OS?  what version of salt are you on?
16:13 UtahDave thanks, niki!
16:13 UtahDave my internet is being flaky at home this morning
16:16 UtahDave :(
16:28 dcrouch joined #salt
16:35 heewa joined #salt
16:35 UtahDave joined #salt
16:37 DigitalHermit joined #salt
16:46 bhosmer joined #salt
16:47 saltnewb UtahDave: Ubuntu 12.04 with Salt version 0.15.3
16:48 UtahDave how did you install?  from the ppa?
16:54 saltnewb Yes
16:54 saltnewb After further testing, it seems that all commands will work, but in some cases I have to wait a minute or so.
16:55 saltnewb Or I end up running the risk of not getting any output from the commands
16:57 saltnewb For instance, just now I was able to run "sudo salt '*' test.version"  3 times back to back without issue, but on the forth time, it gave no output, and successive runs will give no output unless I wait a noticable while before trying to run the command again.
16:59 saltnewb I would think it is a system issue, except I am able to run some commands such as "sudo salt '*' test.providers" repeatedly without it failing
17:02 premera joined #salt
17:03 s0undt3ch joined #salt
17:26 niki UtahDave: Yay, I'm back in bussiness, now the minion(s) can fetch from the master again...
17:28 saltnewb niki: Congrats!
17:29 UtahDave cool!
17:32 niki utahcon: a little temporary hack, but needs fixing in the code, see line 97 of salt/parsers/__init__py there is a line with opts['file_roots'] = opts['pillar_roots'], I commented that out, and now it seems to work again
17:33 niki UtahDave: ^
17:36 UtahDave niki: Would you mind sending in a pull request with that?  That would be awesome
17:36 UtahDave Time for me to go spend some offline time with my daughters.    :)
17:38 niki Well, I don't think it's the correct fix, don't know why it's there, but I'll have a look, and see if I can figure out the purpose of that :-)
17:40 aranhoide joined #salt
17:40 UtahDave ok
17:50 logix812 joined #salt
18:18 raydeo joined #salt
18:23 dhgbrg joined #salt
18:24 DigitalHermit joined #salt
18:29 Shell joined #salt
18:31 terminalmage joined #salt
18:46 premera_b joined #salt
18:49 mgw joined #salt
18:50 mgw joined #salt
18:57 zooz joined #salt
18:57 dhgbrg joined #salt
19:12 heewa left #salt
19:17 iMil hi there
19:17 iMil I don't understand what am I doing wrong here:
19:17 iMil https://gist.github.com/iMilnb/839b22d88c815ace4c17
19:17 iMil nevertheless:
19:18 iMil Changes:   pid: 25285
19:18 iMil retcode: 127
19:18 iMil stderr: /bin/sh: /etc/init.d/mysql-autoconf: No such file or directory
19:19 iMil "/etc/init.d/mysql-autoconf" is marked as required for mysql_autoconf, I don't see where I did a mistake
19:21 it_dude joined #salt
19:41 DredTiger joined #salt
19:48 ogrisel_ joined #salt
19:55 sarkis joined #salt
19:58 marcinkuzminski_ joined #salt
19:58 andrewclegg_ joined #salt
19:58 nkuttler_ joined #salt
19:59 Mrono_ joined #salt
20:00 luminous niki: awesome! so you were able to reproduce and find the bug! :D
20:01 Sacro_ joined #salt
20:01 bawnzai_ joined #salt
20:02 Viaken_ joined #salt
20:03 utahcon_ joined #salt
20:04 bhosmer joined #salt
20:04 andyshinn` joined #salt
20:05 nrub joined #salt
20:06 danielbachhuber joined #salt
20:06 basepi joined #salt
20:07 svx joined #salt
20:07 niki_ joined #salt
20:08 satshabad joined #salt
20:08 mgw joined #salt
20:08 18WADO01V joined #salt
20:08 godog joined #salt
20:08 goodbytes joined #salt
20:08 lyddonb joined #salt
20:09 niki_ joined #salt
20:09 mephx joined #salt
20:09 Shell joined #salt
20:09 Shell joined #salt
20:10 cwright joined #salt
20:10 a7p joined #salt
20:10 niki joined #salt
20:10 ogrisel joined #salt
20:11 chesty joined #salt
20:12 cluther joined #salt
20:12 terminalmage joined #salt
20:12 s0undt3ch joined #salt
20:12 davidone joined #salt
20:13 seubert joined #salt
20:14 Valda joined #salt
20:15 evax joined #salt
20:15 martineg_ joined #salt
20:16 blast_hardcheese joined #salt
20:18 stephen__ joined #salt
20:24 nrub_ joined #salt
20:28 nielsbusch joined #salt
20:31 ChanServ joined #salt
20:31 zz_shocm joined #salt
20:32 ChanServ left #salt
20:32 sebgoa joined #salt
20:34 marcinkuzminski joined #salt
20:34 marcinkuzminski joined #salt
20:34 marcinkuzminski joined #salt
20:34 marcinkuzminski joined #salt
20:34 marcinkuzminski joined #salt
20:34 marcinkuzminski joined #salt
20:35 marcinkuzminski joined #salt
20:40 iMil now working, I've cleaned up a bit the state file
20:40 iMil slses can sometimes be misleading
20:43 logix812 joined #salt
20:48 nouveaux joined #salt
20:52 luminous iMil: the errors especially
20:52 luminous funny enough, these are WAY better than puppet..
20:52 iMil oh I've absolutely no doubt about it :)
20:52 iMil I gave up puppet a while ago
20:56 luminous ;)
21:20 Ivoz joined #salt
21:37 aat joined #salt
21:38 sarkis joined #salt
21:39 milind joined #salt
21:52 zooz joined #salt
21:52 nouveaux how do i require a salt module as a requisite?
22:06 danielbachhuber joined #salt
22:19 dave_den joined #salt
22:20 dthom91 joined #salt
22:27 aat joined #salt
22:30 aat joined #salt
22:52 cleeming[foxx] joined #salt
22:58 rdeweerd joined #salt
23:05 efixit joined #salt
23:06 aat joined #salt
23:08 jacksontj joined #salt
23:20 jacksontj joined #salt
23:33 ogrisel_ joined #salt
23:46 sgviking joined #salt
23:52 EugeneKay What sort of protections should I put in place for the link between a Minion and a Master?
23:53 nouveaux hi there.  i have an issue i'm trying to include an sls file and its being executed at the end instead of the beginning.  how do i ensure the include happens first?
23:53 EugeneKay The docs say the protocol is "AES encrypted", but I'm wondering if I might as well run it over openvpn
23:54 jeddi joined #salt
23:55 Shell EugeneKay: it's probably best to run it over OpenVPN or secure it with IPsec or something of the sort, the same as you would with an SSH port. publishing management ports to the Internet is never a good idea.
23:57 EugeneKay I rank SSH a bit higher in security than openvpn :-p
23:58 Shell security in layers :)
23:58 EugeneKay A related question is what sort of data access does a compromised Minion have? I suspect the entire /srv/salt/ on the master, and then the Pillar data sent to it?
23:59 danielbachhuber- joined #salt
23:59 nouveaux is there a way to requisite an sls file?
23:59 Shell a compromised minion can do anything - someone who compromises one could tell it to run the cmd.run module and install a backdoor, or anything. same as every other management system.

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary