Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2013-06-26

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:02 jpeach joined #salt
00:04 auser joined #salt
00:04 twinshadow joined #salt
00:06 bluemoon joined #salt
00:06 auser back
00:07 bmorriso left #salt
00:13 jschadlick left #salt
00:17 Corey mgw: At the moment I'm speaking in purely theoretical terms, DNS is the source of truth here.
00:18 travisfischer if this is a dumb question feel free to flog me but... If I want to use salt to deploy a version of nginx compilied with one of the third party modules. Is it better to build nginx ahead of time and just use salt to deploy that binary or is there a way to use salt to do the build/install thing. Obviously, I could just issue a series of cmd.run but that feels less than optimal to me personally. Is that the best way to do it
00:18 travisfischer at the moment?
00:20 Gifflen joined #salt
00:21 Corey travisfischer: BUILD A BLOODY PACKAGE! :_)
00:21 Corey fpm builds a quick-n-dirty one, else use the spec or debian directory depending to build your own properly.
00:22 KyleG joined #salt
00:24 travisfischer ok, thanks. Will look into that. sincerely, a clueless developer
00:25 bruce-one joined #salt
00:28 Corey travisfischer: What're you patching about nginx?
00:28 Corey travisfischer: And what OS is this for?
00:29 cxz joined #salt
00:30 bruce-one joined #salt
00:30 travisfischer Corey: I want to use the auth request module and I am currently just building it for a salty-vagrant ubuntu box, eventually it will deployed but I'm not sure which OS our trusty sysadmins will be deploying it on. need to find that out
00:31 Corey travisfischer: I've heard of cart before horse, but it sounds to me that the horse is a foal and the cart is just a glint in the carpenter's eye.
00:31 dcrouch joined #salt
00:32 auser joined #salt
00:34 travisfischer haha Corey. I'm not totally sure I follow that but I swear what I'm trying to do needs to happen. I just don't know the wisest way to get there because I'm not so much a carpenter as a... some other unrelated occupation that is analogus for someone who spends most their time developing at the application layer
00:35 travisfischer We are currently designing a system that will depend on this nginx module. I want to salt-ify it just to be ahead of the game but yes actual real life deployment has to be worked out yet
00:35 travisfischer and cause I find salty-vagrant to be a great development tool for systems with multiple pieces like this
00:37 erasmas Corey: I'm working on this with travisfischer. the part we're hung up on is if you want to use a mod in nginx you need to build it from scratch
00:37 erasmas the salt module doesn't seem to have a generic configure/make module or an nginx module with build options
00:37 erasmas any ideas?
00:39 Corey erasmas: Right... as a general rule, "compiling things in place in production" is so far from a best practice that it's well into "OH GOD KILL IT WITH FIRE" territory.
00:40 Corey erasmas: I would compile it on a build server, package it accordingly, and then apt-get/yum install it into place.
00:40 Corey Y'know, a sane, repeatable process. :-)
00:40 travisfischer robawt: is giving us that lecture right now Corey. hehe. Thanks for the suggestion
00:40 erasmas Corey: ok, thanks
00:41 Corey robawt is correct. :-)
00:41 Corey erasmas: Is there a need for in-place compilation that I'm not seeing?
00:42 Furao joined #salt
00:43 erasmas Corey: probably not, though it's a fairly common approach for app developers (read: non devops)
00:45 bluemoon Is there an easy way to update multiple fields in a record simultaneously?
00:46 bluemoon whoops wrong room
00:46 elbaschid joined #salt
00:51 bruce-one joined #salt
00:53 jessep joined #salt
00:58 jpadilla joined #salt
01:00 bruce-one joined #salt
01:00 mgw joined #salt
01:00 Thiggy joined #salt
01:01 Thiggy I'm purging a pkg from my ubuntu boxen, and the highstate output says it succeeded, but says 'Invalid Changes Data': https://gist.github.com/jthigpen/19f18a5bb2c6fb5d6cf0   What's that all about?
01:04 aranhoide left #salt
01:05 Ryan_Lane joined #salt
01:12 Gwayne joined #salt
01:12 Gwayne joined #salt
01:20 bruce-one joined #salt
01:21 raydeo joined #salt
01:23 Nexpro1 joined #salt
01:30 bruce-one joined #salt
01:35 biobot joined #salt
01:39 bruce-one joined #salt
01:52 baniir joined #salt
01:55 bruce-one joined #salt
01:59 zonk1024_ joined #salt
02:01 bruce-one joined #salt
02:01 nrub joined #salt
02:05 dthom91 joined #salt
02:06 mikedawson_ joined #salt
02:07 Gifflen_ joined #salt
02:07 danielcharles joined #salt
02:08 jdaggett joined #salt
02:09 pt|Zool joined #salt
02:11 Gifflen joined #salt
02:12 kmwhite joined #salt
02:13 monokrome joined #salt
02:24 ShapeShiftr super noob question: what happens, if the salt master is nuked?
02:25 bruce-one joined #salt
02:28 abyss42 joined #salt
02:30 auser joined #salt
02:30 oz_akan_ joined #salt
02:30 baniir ShapeShiftr: only a few weeks experience here, but i think you aren't able to sync your minions, e.g. with highstate
02:30 bruce-one joined #salt
02:34 kenbolton joined #salt
02:35 EugeneKay Your minions lose their connections. If it is brought back up, they'll reconnect and things will keep on cooking(same as if you do a restart of it). If it's truly dead, you'll need/want to repopulate it, preferably with the same master keys(otherwise minions will need their pki cleared out).
02:36 EugeneKay There's this github issue on multi-master https://github.com/saltstack/salt/issues/409
02:38 bruce-one joined #salt
02:39 wendall911 joined #salt
02:40 oz_akan_ joined #salt
02:43 jdaggett joined #salt
02:45 Teknix joined #salt
02:52 jdenning joined #salt
02:59 QauntumRiff joined #salt
03:00 Teknix joined #salt
03:00 QauntumRiff Quick question about states.. I want to watch /etc/mail/sendmail.mc.. however, if that file changes, I need to execute "make -C /etc/mail/" before I reload sendmail..
03:00 QauntumRiff how would I go about that?
03:01 kmwhite left #salt
03:02 MK_FG joined #salt
03:03 Corey QauntumRiff: Have that happen as a part of the init script that's triggered to effect the reload, and have hte service watch /etc/mail/sendmailmc
03:04 QauntumRiff so modify /etc/init/sendmail to do that?
03:08 raydeo joined #salt
03:13 jaequery joined #salt
03:13 jdaggett joined #salt
03:14 dthom91 joined #salt
03:18 luminous quantumsummers|c: yea, Corey's suggestion would have you modify the init script. alternatively, you could add in another cmd.run which you put inbetween the two steps
03:19 luminous while you might not want to modify the init, it's a bit simpler/cleaner than taking care of the edge cases for the 3 states
03:19 EugeneKay quantumsummers|c - I would copy /etc/init/sendmail to /etc/init/sendmail-custom and change the name of the service I have enabled
03:19 jhujhiti joined #salt
03:19 EugeneKay yum/apt-get/etc WILL stomp on your init script changes
03:20 raydeo joined #salt
03:20 luminous EugeneKay: salt would keep that in check if you manage the pkg and file in salt, and have the correct requires
03:20 luminous this isn't puppet :P
03:21 EugeneKay True, file.managed yay
03:26 luminous joined #salt
03:27 sciyoshi1 joined #salt
03:31 bemehow joined #salt
03:31 bruce-one joined #salt
03:33 jpeach joined #salt
03:36 baniir joined #salt
03:39 auser man, the problem of launching and bootstrapping is still not a solved problem
03:41 baniir for an initial installation of mysql, i have mysql my.cnf as file.managed and mysql service.running with "watch file" but i need to restart mysql before the config is loaded; is there a watch combination or something else to do so the new my.cnf is used from the beginning
03:43 bluemoon joined #salt
03:44 jalbretsen joined #salt
03:45 bruce-one joined #salt
03:45 isomorphic joined #salt
03:47 isomorphic When a file is included in an SLS, is there any way to insert values, from a pillar or elsewhere?  Eg: serve templates?
03:47 axisys joined #salt
03:48 EugeneKay Templated sls? Should be able to just use Jinja format, though I've never tried it.
03:48 EugeneKay (with an include)
03:49 isomorphic EugeneKay:  No, not templated SLS.  I mean the SLS says "file:" in it somewhere, and I want that file to be based on a template.
03:50 EugeneKay Oh, that's pretty simple
03:50 isomorphic :)
03:50 EugeneKay Covered in the quickstart, I do believe.
03:50 nkuttler isomorphic: see the template parameter
03:50 isomorphic Thanks :)
03:50 nkuttler in the file module docs
03:53 LyndsySimon joined #salt
03:53 isomorphic Ah- I see file.managed in the sls maps to file.get_managed
03:53 EugeneKay Where would I file an issue to get a .mobi made of the Saltstack docs? Kindles don't speak epub.
03:53 isomorphic much appreciated, thanks :)
03:53 EugeneKay (yes, I could convert it. That process sucks)
03:54 baniir joined #salt
03:55 EugeneKay It looks like they're generated in the saltstack/salt repo
03:56 Katafalkas joined #salt
03:56 nkuttler EugeneKay: yeah, it's docutils
03:56 * EugeneKay files one there
04:00 inso joined #salt
04:03 bruce-one joined #salt
04:13 mianos joined #salt
04:15 bruce-one joined #salt
04:29 afx_hero joined #salt
04:29 afx_hero joined #salt
04:29 mianos hello all, I need some more advice, configuring postgres master slave, I want to use salt to generate the sync and recovovery.conf files
04:29 mianos I have 40 database machines, 20 master and 20 slave
04:29 wendall911 joined #salt
04:30 mianos the IP address that need to be jinjaed (jinjad?) into the scripts need to be the database peer's IP
04:31 mianos for example one pair, db01m and db02s have, say 10.0.0.1 and 10.0.0.2 so the sync on .1 needs to have 10.0.0.2 in the files and visa-versa
04:32 LyndsySimon joined #salt
04:33 mianos maybe a python script to generate a lot of config files and use the target grain to select the file?
04:35 efixit joined #salt
04:38 mianos the file.managed: /usr/lib/postgres/sync.sh: ...  - source: salt://postgres/sync_scripts/{{grains[id]}}_sync.sh
04:42 danoprey joined #salt
04:50 koolhead11|away joined #salt
04:59 Furao mianos: pillar
05:02 symb0l joined #salt
05:03 bruce-one joined #salt
05:07 LyndsySimon joined #salt
05:15 bruce-one joined #salt
05:16 axisys joined #salt
05:21 alazylearner joined #salt
05:24 mianos going with jinja and a dictionary
05:25 Furao keep dict in pillar!
05:25 mianos for lack of a configuration format I'm going with jinja 'set peers=' in an included sls
05:25 mianos I want one dict
05:25 mianos peers  = {'db1m': '131.84.1.121', 'db1s': '131.84.1.142'}
05:29 alazylearner joined #salt
05:35 Furao yes, that fit perfectly into pillars
05:35 Furao hardcode value in states isn't a good idea
05:36 bruce-one joined #salt
05:36 Furao the only thing I hardcode are packages version and checksum
05:37 Furao because my state is for a specific version of something, upgrade version might need upgrade some config files, or dependencies
05:46 bruce-one joined #salt
05:49 alazylearner joined #salt
05:51 jacksontj joined #salt
05:52 jefferai joined #salt
05:53 knightsamar joined #salt
05:54 agend joined #salt
05:54 knightsamar why would matching on a custom grain not work ?
05:55 knightsamar i mean, what can be the reasons for the matching to fail even when I am copy pasting the exact string from one of the minion's output
05:56 mianos -G
05:56 mianos like alt -G 'db*' state.highstate
05:57 knightsamar miaonos: I am doing salt -G 'server_build_string: Build 1012' ping.test
05:57 knightsamar as mentioned in the docs...
05:58 knightsamar and it works for the non-custom shipped-with-salt grains!
06:03 bruce-one joined #salt
06:06 knightsamar how does the salt master keep a list of the grains ? does it query every time or does it cache them ?
06:08 mianos try salt '*' grains.ls
06:09 mianos it caches them
06:09 mianos grains are static
06:11 knightsamar ah! it worked now...
06:11 knightsamar had to restart the salt minion
06:11 knightsamar where do i set the cache configuration ? timeout etc
06:12 mianos grains are static
06:13 mianos no timeout
06:13 mianos when I say cache, I mean, at startup it gathers the grains
06:13 mianos only way I have seen them refreshed is to restart the minions
06:14 mianos accdording to thomas
06:14 knightsamar miaons: so you mean, at the startup of the minions, they send the grains data to the master
06:14 mianos when the minions start up
06:14 mianos there was some discussion of this when talking about IP addresses
06:16 knightsamar ok...a discussion in this irc channel? where can i find the irc logs for this channel ?
06:17 bruce-one joined #salt
06:19 azbarcea joined #salt
06:20 az87c joined #salt
06:22 mianos logs are somewhere
06:22 mianos also in the doco I think
06:23 mianos http://docs.saltstack.com/topics/targeting/grains.html
06:23 dthom91 joined #salt
06:23 mianos "It is important to remember that grains are bits of information loaded when the salt minion starts, so this information is static. This means that the information in grains is unchanging, therefore the nature of the data is static. So grains information are things like the running kernel, or the operating system."
06:25 knightsamar mianos: yes i read that but then I thought that when I run saltutil.sync_grains and it goes and updates the grains code on the minions, it would also get the fresh data from that same grain on the minion to be put in it's cache.
06:25 knightsamar afterall it is showing the same data when running grains.items!
06:25 mianos maybe, that would be cool, never tried it
06:26 knightsamar but just matches don't work...
06:35 carlos joined #salt
06:35 afx_hero joined #salt
06:35 afx_hero joined #salt
06:39 LyndsySimon joined #salt
06:42 oz_akan_ joined #salt
06:45 salty007 joined #salt
06:45 linjan joined #salt
06:48 afx_hero joined #salt
06:48 afx_hero joined #salt
06:48 zonk1024 joined #salt
06:50 f4cl3y joined #salt
06:50 f4cl3y joined #salt
06:54 Ryan_Lane joined #salt
06:55 stiang joined #salt
06:56 mianos hmm, bug, if you use jinja to template a script in file.managed it does not set the file_mode:
06:58 stiang what do I need to do to enable a given module? when I do "salt -N web nginx.version" I get '"nginx.version" is not available.'
07:01 nkuttler mianos: seems to work for me.. but open a ticket i guess
07:02 nkuttler stiang: does your salt release include that module?
07:03 stiang nkuttler: I added the Ubuntu PPA and installed from there, so I assumed that I have the latest and greatest.
07:03 stiang 0.15.3.
07:04 stiang are there different packages, with different sets of modules?
07:04 nkuttler stiang: nginx is installed?
07:05 knightsamar miaonos: just found out that saltutils.sync_modules refreshes the grain data somehow
07:05 stiang nkuttler: yes, but from source
07:05 nkuttler stiang: ah, which os?
07:06 stiang nkuttler: Ubuntu LTS 12.04
07:07 nkuttler stiang: is your nginx binary in the default location?
07:08 stiang nkuttler: no, probably not: /usr/local/nginx/sbin/nginx
07:08 stiang can I tell salt to use a given binary?
07:09 SpX joined #salt
07:09 stiang … or change the path that it searches?
07:09 afx_hero joined #salt
07:09 afx_hero joined #salt
07:09 nkuttler stiang: 46     cmd = '{0} -t'.format(__detect_os())
07:10 nkuttler oh wait..
07:10 nkuttler 32     cmd = '{0} -v'.format(__detect_os())
07:11 stiang nkuttler: I’m afraid my python/salt fu isn’t strong enough to understand that...
07:12 nkuttler stiang: well, check the salt/modules/nginx.py module
07:13 nkuttler looks like salt should just run a which nginx to detemine the location, so adding the right PATH to salt should do the trick
07:14 xet7 joined #salt
07:14 nkuttler oh wait, you'd need to do that on the minions.. maybe there's a config for that, no idea
07:15 nkuttler looks like you'll have to add an env var
07:15 nkuttler or use some python method of changing PATH
07:16 ydavid joined #salt
07:18 stiang nkuttler: yes, that worked. not sure what the best way to modify the path just for salt-minion yet, so for now I just symlinked the nginx binary to /usr/bin
07:18 stiang thanks!
07:18 SpX joined #salt
07:18 nkuttler yw
07:19 joshe joined #salt
07:23 vaxholm joined #salt
07:23 Furao mianos: it's just "mode" and not "file_mode"
07:24 joshe joined #salt
07:25 p3rror joined #salt
07:26 dthom91 joined #salt
07:27 mianos aha!
07:27 mianos let me try
07:27 mianos exciting
07:27 mianos easy to work around
07:28 mianos damn I have 5 stanzas above all using 'mode:'
07:29 balboah joined #salt
07:30 mianos forehead slap
07:33 carlos joined #salt
07:34 jessep joined #salt
07:34 mianos I must have copied it from directories:
07:34 chesty joined #salt
07:35 chesty what's the best way, the salt way, to transfer a file from the minions to the master?
07:36 auser why do you want to do that chesty
07:36 auser what's the usecase
07:37 nkuttler chesty: iirc there will be a new feature in the next release for that
07:37 chesty i want to keep an eye on .xsession-errors
07:37 ProT-0-TypE joined #salt
07:37 nkuttler chesty: check the latest salt air
07:39 chesty nkuttler: ok, thanks.
07:41 stevetodd joined #salt
07:44 Xeago joined #salt
07:44 Ryan_Lane joined #salt
07:50 Lucas_- joined #salt
07:52 __gotcha joined #salt
07:52 __gotcha joined #salt
07:52 lempa joined #salt
07:54 Ryan_Lane joined #salt
07:55 scott_w joined #salt
07:57 MrTango joined #salt
07:58 Newt[cz] joined #salt
08:07 ronc joined #salt
08:07 felixhummel joined #salt
08:14 whiskybar joined #salt
08:16 ede joined #salt
08:16 Ryan_Lane joined #salt
08:20 krak3n` joined #salt
08:22 zooz joined #salt
08:26 dthom91 joined #salt
08:27 hazzadous joined #salt
08:28 vaxholm joined #salt
08:40 bluemoon joined #salt
08:43 efixit joined #salt
08:49 Furao mysql is a real joke
08:49 Furao it's not just a unreliable database-like datastorage
08:49 Furao it's painful to manage
08:49 aleszoulek joined #salt
08:51 Furao and all shitty PHP apps depends on MySQL, they don't log properly errors. neither MySQL.
08:53 nkuttler \o/
08:55 Furao turning back to wireshark and dump sql statements by sniffing loopback interface
08:56 henk Why are you using shit? o_O
08:57 Furao it's not "me" it's a client who asked my GF to redo their HTML/CSS to make it look prettier
08:58 Furao and like every other PHP apps it's shitty, it's all bad coding habits into a single package
08:58 Furao even the sql table names are in 2 language at the same time
08:58 Furao it start in english and ends in french
08:58 Furao with an underscore between
08:58 henk Hope you are getting well compensated for the pain.
08:59 Furao a BJ
08:59 Furao from my GF not the client :P
09:01 henk one for php, one for css? :-p
09:02 nkuttler Furao: just curious, which app?
09:03 Furao nkuttler: they are a SaaS for some healthcare niche. home made
09:03 nkuttler ah, i see
09:04 Furao based on a MVC framework that wasn't updated since 2009
09:04 Furao run on a PHP version with so many security issues that I wonder how it still run
09:05 Furao recipe for disaster
09:05 nkuttler heh..
09:21 mb111111 joined #salt
09:21 mb111111 hi all
09:23 mb111111 how to install salt on debian 4.0 ??????????
09:23 nkuttler debian 4.0? are you kidding?
09:24 Furao debian 4 isn't supported by debian since more than 3 years ago
09:24 Furao how to install salt on slackware 95 ?
09:24 Furao with perl 4
09:25 pnl and 4gb of ram
09:25 pnl 4mb
09:25 pnl sorry
09:25 mb111111 now install python2.7 on debian 4.0
09:25 nkuttler nah, it's not *that* old
09:25 Furao Debian GNU/Linux 4.0 has been superseded by Debian GNU/Linux 5.0 (lenny). Security updates have been discontinued as of the end of February 2010.
09:25 mb111111 ....my god
09:26 Furao Debian 4.0 was initially released on April 8th, 2007.
09:26 mb111111 ok update 5 ?
09:26 nkuttler make that 7
09:28 djn joined #salt
09:30 hazzadous joined #salt
09:31 jeddi joined #salt
09:33 mb111111 thank all
09:48 oz_akan_ joined #salt
09:51 echos joined #salt
09:52 pjs joined #salt
09:56 Xeago joined #salt
09:57 dthom91 joined #salt
09:59 kadel joined #salt
10:01 derelm joined #salt
10:06 hazzadous_ joined #salt
10:10 gmoro_ joined #salt
10:16 krak3n` joined #salt
10:19 Newt[cz]1 joined #salt
10:20 krak3n` joined #salt
10:20 linjan deb4... all updated kernel to prevent vulnerability CVE-2013-2094?
10:34 karlp salt install manual for fedora says it's in the package repos, but it only has 0.15.1, which I know had bugs affecting me,
10:34 karlp is there an easy way to get 0.15.3 on fedora (17)?
10:41 adfasdfasdf joined #salt
10:42 adfasdfasdf hi folks. I am trying to get started with saltstack here, so far so good but am sill missing some basic knowledge that I have a hard time filling in via the web. Perhaps osmeone could help me out? :)
10:43 adfasdfasdf basically, i have written a module for puppet that allows one to isntall and configure Pound http(s) proxy. It includes creation of the configuration files and adding of entries (similar to apache vhosts).. how would i do this in salt? I mean, what is the equivilent functionality to puppet custom modules in salt?
10:44 Furao adfasdfasdf: check github.com/bclermont/states for complete example of states
10:51 adfasdfasdf Furao: thanks
10:51 oz_akan_ joined #salt
10:53 krak3n`_ joined #salt
11:06 adfasdfasdf Furao: lol, so easy :D
11:08 giantlock joined #salt
11:16 djn joined #salt
11:25 blee joined #salt
11:26 oz_akan_ joined #salt
11:34 logix812 joined #salt
11:38 liuyq joined #salt
11:39 liuyq Furao, hi
11:44 carxwol joined #salt
11:44 carxwol Hey!
11:45 krak3n`_ joined #salt
11:46 Furao hi liuyq
11:46 Furao 你好
11:47 krak3n` joined #salt
11:47 liuyq Furao, 你好, 我不知道怎么在init.sls中写一个cmd.run的部分
11:47 liuyq 帮忙看一下吗
11:48 Furao wait I just understand 12 characters in that list :P
11:49 Furao and separately
11:49 Furao it don't make sense togheter
11:49 liuyq Furao, this is the init.sls file: http://bazaar.launchpad.net/~linaro-validation/lava-lab/salt-states/view/head:/lava/fastmodels/init.sls
11:49 liuyq Furao, and the start FMNetwork: part does not work
11:49 liuyq Furao, do you know how should I write that part?
11:50 Furao the name is wrong
11:50 linjan может, вы еще русский понимаете)
11:50 Furao oh no sorry
11:50 Furao linjan: I can read
11:50 Furao and understand bit of it
11:50 Furao bit I can't write it, my keyboard isn't set for cyrillic
11:50 linjan thanks utf8 for it
11:51 oz_akan_ joined #salt
11:51 Furao liuyq: url.extracted is a custom state of you?
11:52 liuyq Furao, yes, that's a custom state
11:52 diegows joined #salt
11:52 Furao it look like my https://github.com/bclermont/states/blob/master/states/_states/archive.py
11:53 liuyq Furao, the /etc/init.d/FMNetwork can also be created, just the command is not run
11:53 Furao add require -file: /etc/init.d/FMNetwork
11:53 Furao between line 35 and 36
11:54 Furao liuyq: and you should use service state
11:54 Furao it will run those 2 command for you
11:54 Furao more reliable
11:56 liuyq Furao, you mean like this: http://paste.ubuntu.com/5801278/
11:56 Furao linjan: but I learned cyrillic in bulgaria, so my list of russian words is relatively small
11:56 liuyq Furao, if I use service state, how should I write that?
11:56 Furao liuyq: in fact, it's - url: /opt/arm
11:57 Furao at line 37
11:57 Furao liuyq: check at github.com/bclermont/states for plenty of service example
11:57 kenbolton joined #salt
11:57 Furao liuyq: line 15 is bad too
11:58 Furao it must be - url: /opt/arm
12:04 Nexpro joined #salt
12:17 elbaschid joined #salt
12:17 elbaschid hi everyone
12:18 Katafalkas joined #salt
12:18 elbaschid I've got a quick question about external pillars and hope someone can help
12:19 elbaschid I have a python module in my file_roots _modules/pillars and it get's picked up by sync_modules
12:19 elbaschid the module test_pillar.py contains a function ext_pillar(pillar, *args, **kwargs)
12:21 elbaschid all I am doing is returning a sample key/value pair but I doesn't show up in pillar.data
12:22 elbaschid can someone point me in the right direction or tell me what I might be doing wrong?
12:22 liuyq Furao, does the enable of service state do the same thing like "update-rc.d FMNetwork defaults"
12:23 Furao liuyq: if you set enable: True
12:24 Furao yes
12:24 liuyq Furao, thanks for your help, seems I understood my error about the require item.
12:25 liuyq Furao, http://paste.ubuntu.com/5801351/ is what I changed to use the service state
12:25 liuyq Furao, do you think if it will work?
12:27 Furao I don't see any obvious errors
12:28 jslatts joined #salt
12:30 liuyq Furao, thank you very much! you helped me a lot
12:33 Furao no problem :)
12:33 Furao sorry to let you think I understand chinese well enough, I only spent 7-8 months in hong kong and only had time to learned a little
12:37 Furao where I am right now they speak more hokkien than cantonese
12:38 Furao :( run state.highstate BEFORE git push
12:38 Furao need to update everything again
12:45 mikedawson joined #salt
12:49 Lucas_- joined #salt
12:49 juicer2 joined #salt
12:53 oz_akan_ joined #salt
12:54 oz_akan_ joined #salt
12:58 cron0 joined #salt
12:58 Furao $@%$#@
12:58 Furao - πkg: xml-dev
12:58 Furao instead of p
12:58 Furao cause the whole .sls file to be ignored
12:59 Furao that was so hard to find
12:59 dcrouch joined #salt
13:03 karlp as much fun as a tab char :)
13:05 adotbrown joined #salt
13:05 afx_hero joined #salt
13:06 shiznit joined #salt
13:11 madduck the master_tops top() function gets passed opts and grains. However, the opts dictionary actually doesn't include the master_tops masjjmaster_tops key itself???
13:13 Kholloway joined #salt
13:17 Grokzen joined #salt
13:17 Lucas_- joined #salt
13:18 fxhp joined #salt
13:19 timl0101 joined #salt
13:21 danielbachhuber joined #salt
13:25 madduck sorry, bad connection.
13:27 jaequery joined #salt
13:31 tpe11etier joined #salt
13:34 racooper joined #salt
13:35 afx_hero joined #salt
13:35 afx_hero joined #salt
13:36 kenbolton joined #salt
13:54 kaptk2 joined #salt
13:55 Kamal_ What would happen if two minions shared the same hostname?
13:55 Kamal_ Would salt-master drop one of them?
13:57 kaptk2 Kamal_: One of them would just refuse to start due to a private key mis-match
14:01 zooz left #salt
14:01 faust joined #salt
14:03 SEJeff_work Kamal_, hostname and salt minion id don't have to always be the same
14:03 SEJeff_work Kamal_, You could simply change the "id" field in the minion config and all would be well
14:05 aberant joined #salt
14:06 aberant joined #salt
14:07 Kamal_ I know
14:07 Kamal_ clone1018: ^
14:08 Kamal_ Thanks guys
14:08 clone1018 SEJeff_work: How would it "appear" to salt-key?
14:08 clone1018 What if you had "servera" and "servera"
14:08 Kamal_ oh i got it clone1018
14:08 clone1018 Would salt-key -a servera add them both?
14:08 Kamal_ the master stores each minion's public key by its hostname
14:09 clone1018 Yes
14:09 SEJeff_work Kamal_, No
14:09 clone1018 doesnt explain how salt-key responses
14:09 clone1018 responds
14:09 abe_music joined #salt
14:10 SEJeff_work Kamal_, the master stores each minion's key as it's minion id. minion id is (by default) generated from hostname, but you can change it in the config file by changing the "id" line in /etc/salt/minion
14:10 Kamal_ That's what I meant :p
14:10 Kamal_ clone1018: I think it wouldn't accept the second one
14:10 SEJeff_work subtle but very important difference
14:10 Kamal_ since it "already exists"
14:10 SEJeff_work yes
14:10 clone1018 So that's what happens for sure?
14:11 SEJeff_work clone1018, It isn't that hard to reproduce. Try it
14:11 clone1018 Can't right now
14:11 danielcharles joined #salt
14:11 SEJeff_work but the key would be different, so it should just reject it
14:11 SEJeff_work and complain in the logs
14:12 SEJeff_work So I've got a question that seems simple, but is something I've never done (shock shock)
14:12 SEJeff_work I am specifying a systemd service file and want to run: systemctl --system daemon.reload with a cmd.run *only* if those files change
14:12 SEJeff_work so I can put a watch on it
14:12 SEJeff_work but will it try to run the daemon-reload if no changes happened?
14:13 SEJeff_work because I don't want it to do that
14:13 KennethWilke joined #salt
14:14 Kamal_ SEJeff_work: there's a file.watch thingy I think
14:14 N-Mi joined #salt
14:14 N-Mi joined #salt
14:16 StDiluted joined #salt
14:17 StDiluted morning all
14:20 blee__ joined #salt
14:21 adfasdfasdf would i be right in thinking that to abstract the configuration of a vhost into an sls file would be quite complicated? so i could do something like with puppet, create a "servername.pp" file that contains a list of parameters which are translated to the config file via a template?
14:21 g3cko joined #salt
14:21 adfasdfasdf sorry if that doesn't make much sense
14:22 mgw joined #salt
14:22 adfasdfasdf https://github.com/AppThemes/salt-config-example/blob/master/vhosts/production.sls is about the only example i have found.. don't see a great deal of abstraction there at all as the vhost config files are just as they would be wtihout salt more or less
14:24 cron0 adfasdfasdf: not sure i'm following you. have you looked at templates?
14:25 adfasdfasdf cron0: yeah sorry, finding it hard to explain myself :P
14:28 marty_mcfly joined #salt
14:29 jdaggett joined #salt
14:31 adfasdfasdf cron0: so as a basic example.. i want an apache "module" that handles the abstraction of the configuration files for apache (apache.conf htttpd.conf, sitename_vhost.conf, etc) and then I want to be able, for specific webservers to say in their config file "you will use the Apache module and have the following vhosts: blah.se in directory /var/www/blah.se/, gahhh.com in directory /var/other/whatever/, etc. and when i apply that hosts file apache is inst
14:31 JasonSwindle joined #salt
14:31 JasonSwindle Howdy, all.
14:31 adfasdfasdf thats basically how i have been using puppet.. was hoping to try salt as an alternative but i don't see how to acheive the same end result
14:33 adfasdfasdf actually im mostly thinking of Apsis Pound proxy but assume most people are more familiar with apahce so used that as an example
14:34 adfasdfasdf i wrote this puppet module for pound: https://github.com/mrintegrity/puppet-pound you can see in the readme there how it's used, i am hoping to acheive similar simplicity with salt
14:35 tpe11etier joined #salt
14:35 canci_ adfasdfasdf: I am not sure if there is already a matching state for that but in general you could implement an apache state for salt that does what you describe
14:36 newyorker joined #salt
14:37 adfasdfasdf canci_: so in salt terms a puppet "module" would be called a salt state?
14:38 newyorker Hi, I'm trying to include a salt state file two folders deep (i.e., salt/deploy/blue/web.sls) in my top.sls... I've tried to use deploy.blue.web but it doesn't work.
14:38 adfasdfasdf would love a direct comparison of puppet to salt terminolgoy/ features.. tried to write one myself but don't know enough about salt yet to do it properly
14:39 StDiluted Anyone have a unicorn/nginx/memcached setup they would care to share?
14:43 mgw joined #salt
14:44 JasonSwindle StDiluted: I am NGINX / UWSGI
14:44 JasonSwindle putting in MEMCACHE
14:44 StDiluted nice
14:44 StDiluted I'm just getting started and I learn best by looking at working examples, so I'm just curious to see what others have done
14:45 JasonSwindle I looked at unicorn and did not like it vs uWSGI
14:45 StDiluted we're already using unicorn and it's not likely we will change
14:45 Furao uwsgi +1
14:45 StDiluted unicorn will likely be deployed via capistrano with our app
14:45 nkuttler gunicorn?
14:45 StDiluted so I'm not too worried about deploying that part of it
14:45 JasonSwindle nkuttler: Green Unicorn
14:46 canci_ adfasdfasdf: I am not sure about the puppet modules. The salt state modules are the things you reference from your salt state. For example when you have https://paste.as5580.net/p/rm2t19c022kp9cxy pkg is a state module providing the installed function.
14:47 nkuttler StDiluted: you should probably just start on your own to learn, or see https://github.com/saltstack/salt-states
14:48 StDiluted I've started on my own, actually
14:52 nkuttler StDiluted: just wondering, but do you have a specific question?
14:53 kho joined #salt
14:54 StDiluted no, I don't have a specific question at the moment. I've been having trouble finding examples doing similar things to what I want to do, so that's why I'm asking. I've worked through the walkthroughs on the saltstack site, so I'm learning, but as I said, I learn best by looking at working examples that I can dissect
14:55 LyndsySimon joined #salt
14:57 fridder joined #salt
14:57 Gifflen joined #salt
15:00 kho joined #salt
15:04 jeddi joined #salt
15:04 jaequery joined #salt
15:08 jalbretsen joined #salt
15:09 shiznit joined #salt
15:11 asdf_ joined #salt
15:11 tpe11eti1r joined #salt
15:11 StDiluted joined #salt
15:12 asdf_ left #salt
15:12 greg_ joined #salt
15:18 sidewinder12s joined #salt
15:21 zonk1024 joined #salt
15:23 stevetodd joined #salt
15:24 sidewinder12s Hello there everyone, I am just starting to play around with Salt and I am wondering if this is a game stopping issue with my setup
15:24 sidewinder12s [WARNING ] Unable to bind socket, error: [Errno 98] Address already in use The ports are not available to bind
15:24 whiskybar joined #salt
15:25 sidewinder12s I get this whenever I try to start my Salt-master
15:25 nkuttler sidewinder12s: you have another master already running?
15:26 sidewinder12s I dont think so
15:26 nkuttler ps auxw | grep salt
15:27 sidewinder12s Thanks!
15:27 sidewinder12s looks like i was running a bunch
15:32 nliadm so, I've noticed that every other 'salt' invocation from my master doesn't find any minions
15:33 nliadm any ideas what the issue is?
15:33 KennethWilke hmm, sounds like maybe two salt-master processes?
15:34 KennethWilke have not seen that before, but just throwing that out there
15:34 jschadlick1 joined #salt
15:34 nliadm no, there's just the one parent process
15:35 chrisgilmerproj joined #salt
15:35 jpeach joined #salt
15:36 nliadm I was thinking it might be a open file limit?
15:37 nkuttler me neither, but i've seen multiple minions many times
15:42 toddejohnson joined #salt
15:43 nrub joined #salt
15:43 bemehow joined #salt
15:45 jalbretsen gah, this is likely a stupid question.  say for example, you have "salt-run manage.status"  in the function, there is a default value of output=True.  What if I want to run with output=False.  How do I need to modify the command?
15:50 wendall911 joined #salt
15:51 dthom91 joined #salt
15:51 HaxCore joined #salt
15:53 nliadm anyone have an example of the acl system?
15:54 nliadm the example master config has a line it claims will disallow non-sudo users, but nothing says how that works, or how/if one can use groups instead of users
15:56 isomorphic joined #salt
15:58 jessep joined #salt
16:00 Gifflen_ joined #salt
16:01 Gifflen_ joined #salt
16:02 abyss42 joined #salt
16:05 bemehow joined #salt
16:05 Gifflen joined #salt
16:06 ktmx joined #salt
16:07 KyleG joined #salt
16:14 jdenning joined #salt
16:14 renoirb joined #salt
16:15 dgarstang I've got a master here that's gone catatonic. :(
16:16 canci_ jdenning: salt-run manage.status output=False seems to work
16:16 canci_ jalbretsen: ^^^
16:18 jalbretsen ya, I got it figured out.  Writing a custom runner and figuring out how it all works
16:20 renoirb Hey people. Quick question, mostly a wording problem from my Puppet background.
16:20 symb0l joined #salt
16:20 renoirb What can I use to call external packages, or to package them from external sources, in a, e.g. zip file, or remote git repo?
16:21 kenbolton joined #salt
16:21 renoirb i am reading around and nothing describes that and I am sure it exist. But cannot find the term used in the docs
16:22 abyss42 How do I get my minion talking to my master? I tried to run sudo salt-key -L in master, but it does not list any accepted, unaccepted or rejected keys? ps: new to salt
16:23 KennethWilke renoirb: i think you'll want to look at some of the state modules for that
16:23 KennethWilke renoirb: http://docs.saltstack.com/ref/states/all/salt.states.git.html#module-salt.states.git
16:23 renoirb ok.
16:23 KennethWilke this is an example for git
16:23 KennethWilke brb
16:23 renoirb what I am talking about and 'external pillars' are they related? Or pillars ONLY takes care of variables?
16:24 renoirb perfect, thx :)
16:24 UtahDave joined #salt
16:26 renoirb hum, the salt states git is a module that takes care to checkout/clone a git repository. Not necessarily a recipe or puppet module per se. :(
16:26 redbeard2 joined #salt
16:26 redbeard2 350. bam.
16:27 KyleG 370. bam.
16:27 karlp ?
16:27 UtahDave KyleG: PM?
16:27 KyleG UtahDave: Sure
16:28 rglauser joined #salt
16:29 toastedpenguin joined #salt
16:31 ktmx joined #salt
16:31 jalbretsen UtahDave: is using salt.client.LocalClient the preferred way to use cmd.run  (say in a custom runner) or is there another option
16:32 toastedpenguin is it possible to nest sub directories under an environment specified in top.sls so salt will see them, e.g. base = /srv/salt as defined in master conf file, then in top.sls base: '*': - servers where servers is a dir with init.sls and then several sub dir
16:32 jalbretsen I'm getting ERROR: "The shell - is not available"
16:32 carmony joined #salt
16:32 toastedpenguin I am trying to find a happy medium to structure base configurations for all servers and would like to keep /srv/salt less cluttered
16:33 UtahDave jalbretsen: I think generally the LocalClient is used on the minion side, not on the master side where runners are executed.  I haven't done much with it though.
16:33 UtahDave toastedpenguin: yep!
16:33 robbyt joined #salt
16:34 jlund joined #salt
16:34 mgw UtahDave: remember our discussion on chaining ext_pillar mods?
16:34 UtahDave mgw: yeah.
16:34 toastedpenguin UtahDave: yes, still working on up to the pillar info but ya
16:34 mgw it already works that way
16:35 jessep joined #salt
16:35 toastedpenguin so that must mean it "looks" through all available dirs?
16:35 UtahDave Oh, does it? nice.  Now that I think about it, reading the ext_pillar docs yesterday there was a mention about not returning the entire pillar but just returning a dict with your additions or changes
16:35 mgw UtahDave: ext_pillar receives a pillar dict, and instead of returning a dict (which will merge/override), it can manipulate the incoming pillar dict
16:36 vaxholm joined #salt
16:36 commie joined #salt
16:36 UtahDave mgw: ah, cool.  So have you been able to put together the functionality you needed?
16:36 mgw UtahDave: yeah, that's what the docs say. what it doesn't say is that you can manipulate the pillar dict and return {}
16:36 abyss42 can the master be a osx host and the minion be a bunch of ubuntu hosts?
16:36 f4cl3y joined #salt
16:36 gordonm joined #salt
16:37 UtahDave abyss42: I haven't tried running a master on osx myself, but theoretically yes.
16:37 mgw UtahDave: not really, but I'm sure I'll make use of this. I have a very nice user management system in place so far, but am now returning to the whole dns thing.
16:37 shiznit1 joined #salt
16:37 UtahDave mgw: ah, cool
16:37 UtahDave toastedpenguin: no, it will only apply an sls that you specify the full path for (within your file_roots)
16:41 toastedpenguin UtahDave: ah ok I have to specify all the paths to the sub dir, I was confused because I specified base: '*': - servers in top.sls which is /srv/salt/servers but its not specified in /etc/salt/master for the base env, only /srv/salt is
16:45 bluemoon joined #salt
16:56 jaequery joined #salt
16:58 JasonSwindle joined #salt
16:58 LyndsySimon joined #salt
17:00 djn joined #salt
17:03 bluemoon joined #salt
17:03 carmony joined #salt
17:04 Xeago joined #salt
17:05 kermit joined #salt
17:07 logix812 joined #salt
17:08 sciyoshi I want to update the ssh_auth module so that you can pass multiple keys in one rule, as it is I'm adding 40 or so keys and it makes it difficult to see what's changed when you do a highstate. Would that useful for others before I do the work to submit the patch?
17:08 UtahDave sciyoshi: Yeah, I think that would be cool.  Are you thinking of implementing its usage like the - pkgs option in the pkg state?
17:09 sciyoshi UtahDave: yea, same concept
17:10 UtahDave yeah, I say go for it.  Some other devs may want to comment on your pull req before the merge, but I think that would be very useful.
17:10 sciyoshi ok will do, thanks
17:12 jschadlick joined #salt
17:14 fragamus joined #salt
17:15 Lucas_- joined #salt
17:16 kstaken joined #salt
17:19 newyorker joined #salt
17:20 newyorker aack, I get a "State git.latest found in sls deploy.blue is unavailable" error... is there any solution?
17:20 UtahDave is git installed on that server, newyorker?
17:21 newyorker UtahDave: yes it is
17:21 stevetodd joined #salt
17:21 UtahDave newyorker: I'd run the  minion in the foreground in debug mode and see if any errors pop up when you attempt to apply the state.
17:22 dthom91 joined #salt
17:22 mgw joined #salt
17:22 mgw so, how are others dealing with config verification? E.g., I want to run "ssh -t -f /tmp/sshd_config" before that (newly templated) config is actually copied into place. similarly with sudoers and many others.
17:30 madduck My master_tops script can happily return nodegroup information. What do I have to do to use that?
17:31 madduck Or, put differently, short of using -I (pillar) matching, what other ways do I have to address groups of hosts?
17:31 jpadilla joined #salt
17:33 abe_music updated my develop branch and I'm getting a warning on salt-master and salt-cloud: The parsed version info, `(0, 15, 0)`, is lower than the one defined in the file, `(0, 15, 90)`
17:33 UtahDave madduck: all these ways: http://docs.saltstack.com/topics/targeting/compound.html?highlight=compound
17:33 alazylearner joined #salt
17:34 abe_music said i need to update my local git tags, which i've done, but doesn't seem to help…any ideas how to make that go away?
17:35 JasonSwindle Is there a way to use a grain to find the system memory and then do math on it?  Like grain:[system_memory] / 2 ?
17:35 KennethWilke JasonSwindle: ...
17:35 KennethWilke :)
17:35 JasonSwindle Go on KennethWilke
17:36 newyorker Does anyone know how to trace a salt/jinja "Data failed to compile error"? (full error text: http://pastebin.com/vw8dZZKD)
17:36 UtahDave JasonSwindle: run a  salt \* grains.items  to look at all the names of the available grains
17:36 KennethWilke ^ +1
17:36 UtahDave JasonSwindle: Then you can match on any grain like this:    salt -G 'os:Ubuntu' test.ping
17:37 UtahDave where 'os' is the grain name and 'Ubuntu' is the value
17:37 KennethWilke and also yes, you can do like {{ grains['mem_total'] / 2 }}
17:37 bemehow joined #salt
17:37 JasonSwindle neat, that does it
17:37 mgw UtahDave: any ideas on config verification?
17:38 JasonSwindle Oh, one thing I found that is bothersome…….. SaltState user and the createhome
17:38 mgw In theory if I fubar sshd_config or sudoers, I can use salt to fix it… but I'd rather prevent the problem in the first place.
17:38 KennethWilke JasonSwindle: elaborate sir, or i will hunt you down
17:38 JasonSwindle It would be nice if createhome did create the leading up directories.
17:38 madduck UtahDave: hm, that's a bit of a shame, I mean that master_tops can't be used to define nodegroups. I wonder if that would be a worthwhile patch…
17:39 JasonSwindle Like for example, the user's home dir is /var/www/html/project_name
17:39 KennethWilke hmm yes, the documentation does say it won't do it
17:39 JasonSwindle So, I have to use salt to make /var/www/html/ , to allow state.user to make 'project_name' dir
17:39 madduck When I run 'salt -I realm:virt.local test.ping', then Salt actually doesn't go out to inquire about all nodes. And that makes me think… how does Salt even know what '*' is with master_tops, which only returns data on a specific id…?
17:39 whiskybar joined #salt
17:40 JasonSwindle KennethWilke: It would nice if it did…. it would simply my SLS.
17:40 KennethWilke yeah i'd have salt manage that dir and you're good to go
17:40 KennethWilke put it as a require for the users
17:41 Ryan_Lane joined #salt
17:41 UtahDave mgw: I'm not exactly sure what you mean. Can describe a scenario?
17:41 JasonSwindle yeah….. just was hoping not to have to do that and just have state.user do it.
17:41 UtahDave madduck: Hm. I haven't used master_tops for a LONG time.  Let  me refresh my mind with the docs real quick
17:41 mgw UtahDave: E.g., I want to run "ssh -t -f /tmp/sshd_config" before that (newly templated) config is actually copied into place. similarly with sudoers and many others.
17:42 madduck UtahDave: it's quite a horrible interface… it might well need some love.
17:42 madduck thanks for taking the time to look
17:42 UtahDave I'm still a bit confused, mgw, You want to use a file before it exists?
17:42 UtahDave madduck: Yeah, I don't think master_tops has been used a whole lot, so it hasn't been too polished.
17:42 madduck UtahDave: I think he might want to use a temporary file, or do some validation.
17:43 mgw UtahDave: no, i want to run a command (e.g, sshd -t) on a file after it's templated, but before it's moved into place
17:43 madduck UtahDave: I will write an email with a suggestion I have.
17:43 KennethWilke JasonSwindle: I can see the appeal of having it all in one place, but then it'll complicate exposing the features of file.directory
17:43 zonk1024 joined #salt
17:43 Ryan_Lane1 joined #salt
17:43 UtahDave mgw: I think there is a state module function that will show what a templated file will look like after being templated on a specific minion
17:44 Ryan_Lane1 joined #salt
17:44 jacksontj joined #salt
17:45 mgw UtahDave: any ideas what that is? I don't see it in files.*
17:46 KennethWilke mgw: i think state.show_sls will do it
17:46 KennethWilke first argument is the state to look at
17:46 KennethWilke mgw: http://docs.saltstack.com/ref/modules/all/salt.modules.state.html#salt.modules.state.show_sls
17:47 UtahDave madduck: So the master_tops allows you to get top data from an external source.
17:48 UtahDave madduck: so it allows you to create matching line with their associated sls file they should execute
17:48 UtahDave I think salt \* state.show_top will display what you're getting back from the all master_tops and the top file
17:49 mgw KennethWilke: that shows the rendered sls…. but I'm not sure how that would give me access to the rendered sshd_config.jinja
17:49 ydavid joined #salt
17:49 madduck UtahDave: I don't have a top.sls file at all and I don't want one.
17:49 KennethWilke mgq: yeah it won't, that one just returns the structured result of the jinja template
17:50 UtahDave madduck: that's fine.
17:50 madduck does it print nodegroup information if you run state.show_top?
17:51 madduck for me, it just prints a list of states for each node
17:51 madduck that may well be wrong.
17:51 madduck could someone show me state.show_top output for '*' please?
17:52 UtahDave master_tops basically creates a virtual top.sls
17:52 madduck yeah, and I think I screwed that up royally ;)
17:53 KennethWilke UtahDave: in regards to what mgw is trying to do, I don't think it's in there now but maybe some debug logging in the jinja renderer would be helpful?
17:53 UtahDave madduck: here's the state.show_top  from a demo server I have:
17:53 UtahDave http://pastebin.com/mSERgDvh
17:53 KennethWilke so a user could see the jinja template rendered before the yaml is intepreted
17:54 UtahDave madduck: master_tops isn't built specifically to build a "nodegroup" as Salt thinks of a "nodegroup"
17:54 aranhoide joined #salt
17:54 mgw KennethWilke: I actually want to have access to the exact rendered template, just before it is moved into place
17:55 UtahDave mgw: you could use cp.push to push the rendered file back up to the master for further examination
17:55 KennethWilke mgw: hmm, i don't think i get what you mean
17:56 Ryan_Lane UtahDave: so, a coworker is asking me about salt/puppet integration for pub/priv keys
17:56 madduck UtahDave: yeah, I am afraid, but that would be a useful extension, eh?
17:56 LyndsySimon_ joined #salt
17:57 Ryan_Lane basically, for the minion it's relatively easy to just use the puppet public and private keys
17:57 UtahDave madduck: Have you considered that what you want might be better put in an external pillar?
17:57 UtahDave Ryan_Lane: have you tried that yet?
17:57 Ryan_Lane on the master side, puppetca stores X.509 certificates, while salt needs public keys
17:57 Ryan_Lane so, this works: openssl x509 -in $< -pubkey -noout > $@
17:58 madduck UtahDave: I have an external pillar.
17:58 Ryan_Lane he was wondering if there could be a mode where salt could extract a pubkey from a PEM encoded X.509
17:58 madduck UtahDave: if you have a minute and are interested, then I will quickly try to tell you what this is about…
17:58 Ryan_Lane UtahDave: I'm assuming he did
17:59 mgw UtahDave, KennethWilke: I just want to run "sshd -t -f {rendered sshd_config.jinja}", on the minion, before actually putting it in place and restarting sshd
18:00 Ryan_Lane let me do a quick test to verify
18:00 UtahDave madduck: I am interested.  I'm about to break for lunch and then I have a meeting.  Can we discuss this in about 2 hours?
18:00 madduck UtahDave: hm, I need to be in bed by then. :(
18:00 madduck UtahDave: can I send you an email?
18:00 madduck or should I just send an email to the list?
18:00 UtahDave Ah, that's right.
18:01 UtahDave madduck: You can do either.  My email is dave@saltstack.com
18:01 madduck UtahDave: I will send it to you first for initial ideas and then to the list later, so as to confuse less people at once. ;)
18:01 abyss42 joined #salt
18:03 UtahDave madduck: that sounds great.
18:03 abe_music in my map file i've added a couple of EBS volumes to be created and attached during the launch of a machine….is there a way to query that information back out after everything is running?
18:03 UtahDave abe_music: salt-cloud -Q,  I think
18:04 abe_music ah, good call…i forget about those args
18:04 madduck UtahDave: thanks for your interest. Email forthcoming. Bon appetit.
18:04 UtahDave thanks, madduck! I appreciate your input.
18:04 jaequery joined #salt
18:04 abe_music thanks UtahDave….-F will work fine for me :)
18:05 UtahDave abe_music: Ah, good.  Glad you found that!
18:05 tseNkiN joined #salt
18:05 UtahDave Ryan_Lane: Just had a quick convo with Tom about the key integration. He said he's been thinking of making the key subsystem pluggable, so you could have the keys assigned from some "other" system.
18:06 shiznit1 joined #salt
18:06 UtahDave Ryan_Lane: which could include what your coworker is trying to do.
18:06 Ryan_Lane for puppet it's just a matter of extracting the public key from the X.509 cert
18:06 Ryan_Lane on the master side
18:06 tseNkiN joined #salt
18:06 Ryan_Lane on the minion side it can just use puppet's info directly
18:07 sijis joined #salt
18:07 diegows joined #salt
18:07 sijis how can i find the list of available modules on the salt master?
18:08 UtahDave salt \* sys.doc
18:08 UtahDave sijis: ^^
18:08 UtahDave Ryan_Lane: that's good to know.   Is there a pressing need for this?  Generally you don't have to worry too much about the actual keys in Salt.
18:09 Ryan_Lane UtahDave: we're using both, so we have to deal with two key systems currently
18:09 Ryan_Lane including when we rebuilt systems and such
18:09 Ryan_Lane *rebuild
18:09 UtahDave so you're manually creating the keys when you deploy systems right now?
18:09 sijis UtahDave: thanks :)
18:09 Ryan_Lane it leads to inconsistencies between puppet and salt
18:09 Ryan_Lane which leads to people not wanting to use salt
18:10 Ryan_Lane UtahDave: yes
18:10 Ryan_Lane it would be great if salt had a "puppet key" subsystem
18:10 UtahDave Ryan_Lane: Sorry for all the questions. Just trying to understand what's going on.
18:10 Ryan_Lane for those of us unlucky souls stuck with both :)
18:11 UtahDave Ryan_Lane: So why do they care about the salt-key?
18:11 UtahDave er, the minions'  public/private keys?
18:11 Ryan_Lane UtahDave: if the minion uses puppet's pub/priv keys, then it's automatically trusted on the master side when we trust puppet certs
18:12 Ryan_Lane so, rather than needing to keep keys in sync, it's done automatically
18:12 UtahDave Ryan_Lane: Ah, I see.
18:13 UtahDave Ryan_Lane: So do you run the puppet master and salt master on the same machine?
18:14 Ryan_Lane yes
18:14 Ryan_Lane and if we didn't, we'd sync the keys
18:14 Ryan_Lane we need to distribute them for puppet (and salt master) anyway
18:15 UtahDave Ryan_Lane: ok, so maybe for the master side we create a runner that allows you to export the puppet keys and place them in the proper location for Salt.
18:15 Ryan_Lane just tested this with using puppet pub/priv on minion
18:16 Ryan_Lane and using "openssl x509 -pubkey -noout -in /var/lib/puppet/server/ssl/ca/signed/<minion>.pem  -out /etc/salt/pki/master/minions<minion>" on the master
18:16 jschadlick joined #salt
18:16 UtahDave And then on the minion side we create a custom module (which maybe we could have run on minion startup) that make sure that if there are existing puppet keys on the minion server, then ensure that they've been copied to the correct location on the minion for salt to use
18:17 Ryan_Lane on the master salt can just read the pubkey from the X.509
18:17 Ryan_Lane as shown above
18:18 Ryan_Lane rather than copy the keys, it's better to link to them
18:18 Ryan_Lane or use them directly
18:18 Ryan_Lane otherwise, if puppet recreates its keys, they'll be out of sync
18:18 UtahDave ok
18:19 Ryan_Lane let me open an issue on github
18:20 UtahDave Ryan_Lane: cool.  It looks like it might not be too hard to get right.
18:20 Ryan_Lane yeah, it looks pretty straightforward
18:20 Ryan_Lane assuming straight re-use of things
18:20 Ryan_Lane otherwise then keeping things in sync becomes an issue :)
18:21 UtahDave Yeah, it would be good to minimize syncing
18:21 * Ryan_Lane nods
18:22 carlos joined #salt
18:22 nliadm can I do "touch if not exists"?
18:24 Ryan_Lane nliadm: stat <file> || touch <file>
18:24 Ryan_Lane ^^ ?
18:24 Ryan_Lane of course I didn't actually test that
18:24 nliadm I meant in an sls
18:24 Ryan_Lane ah
18:25 nliadm it'd be nice to have a 'make' option to file.exists, if a file just needs to be there (i.e. '#include /etc/sudoers.%h')
18:25 UtahDave nliadm: I would use file.managed  without a source or content entry and then add the replace: False
18:26 jslatts joined #salt
18:27 jpeach joined #salt
18:28 UtahDave ANNOUNCEMENT:  We're going to have our second Great Salt Sprint!  This hackathon will be held on Saturday July 27, 2013.  Details can be found here: http://saltsprint.eventbrite.com/
18:28 nliadm UtahDave: thanks, will try
18:28 KyleG Los Angeles will be sponsored by the company I work for :) Details soon on LA. Working out the venue now. It's going to be a blast! :-)
18:28 UtahDave We have 6 remote locations that we'll be announcing soon where you can get together with other Salt users and hack on Salt.
18:29 UtahDave Thanks, KyleG!
18:29 Ryan_Lane https://github.com/saltstack/salt/issues/5752
18:30 UtahDave If you or your company would be interested in hosting people at your location please send me an email or a private message.  dave@saltstack.com
18:30 jpeach_ joined #salt
18:30 UtahDave Ryan_Lane: Awesome. thanks! That's a really interesting integration.
18:31 Ryan_Lane yw. I think it would be helpful for shops that are transitioning or are in our position
18:32 UtahDave Some goals for the Salt Sprint will be to work on our OpenStack integrations, improve our test suite, and of course knock out some bugs and new features.
18:32 UtahDave We'll be having a friendly competition between locations with a live leaderboard.
18:32 Ryan_Lane hooray for more openstack integration
18:33 UtahDave yep!
18:34 UtahDave Last year's Salt Sprint was a lot of fun. i'm really looking forward to this one.
18:37 LyndsySimon joined #salt
18:38 JordanRinke Morning
18:39 KyleG sup Rinke
18:39 aberant joined #salt
18:39 UtahDave :)  you in a different time zone today, JordanRinke?
18:39 JordanRinke Oh you know, just getting an early start on the day.
18:39 JordanRinke Yeah, Central time :-D
18:39 kula i gotta bug my boss about getting the saltsprint here lined up
18:40 nielsbusch joined #salt
18:40 UtahDave kula: sweet. We'd like to start advertising the locations as soon as we can.
18:42 JordanRinke KyleG: ohai
18:44 KyleG haiii2u
18:44 Ryan_Lane UtahDave: is there already one in SF?
18:44 KyleG lol
18:44 Ryan_Lane what days is it, and how long is it?
18:45 sedie1 joined #salt
18:45 KyleG JordanRinke: Is Rackspace sponsoring the San Antonio Salt Stack Meetup ?
18:45 sedie1 left #salt
18:46 Xeago joined #salt
18:47 KyleG Since you know…OpenStack integration and all that, I'd assume.
18:53 kenbolton joined #salt
18:53 JordanRinke KyleG: We are trying to get it worked out. I want our DRG group to own it and get food and stuff brought in. Just trying to get it worked out.
18:54 JordanRinke KyleG: I can get the space/building for sure, but I would like to have a dev group actually run it/provide some stuff etc. We will see what we get setup. Working on it right now actually.
18:54 AviMarcus joined #salt
18:55 toastedpenguin I have hostnames using the following convention ptc01-dc1.doma.in where p=production environment, tc=service (tomcat), 01=instance, dc1= data center, if I wanted to identify thge data center and use that for setting a pillar to use for determining files to use, how could I do that?
18:55 __gotcha joined #salt
18:55 __gotcha joined #salt
18:55 JordanRinke If there isn't one in SF... there is a Geekdom and a RS office in SF too that might be options.
18:55 KyleG I'm trying to get a keg for sure for LA
18:55 KyleG :-P
18:57 scott_w joined #salt
18:57 PentiumBug joined #salt
18:59 jalbretsen okay, so here is one for everyone.....  Salt Master of Master has keys, and Salt Syndic Master has keys.  Is there a way that the Master of Masters can get a list of keys (similar to salt.key.list_keys) on the syndic?
18:59 jdaggett joined #salt
19:09 jaequery joined #salt
19:14 UtahDave Ryan_Lane: it's on Saturday July 27th.  10am to 6pm
19:15 Ryan_Lane hm. not sure I'll be in town then, otherwise I'd offer wikimedia as a sprint spot in SF
19:15 UtahDave We're still working on confirming a SF location.
19:16 UtahDave Ah, that would be cool to meet there.  Let me know if your travel schedule clears up.
19:16 yumike joined #salt
19:17 afx_hero left #salt
19:17 Oscar_ joined #salt
19:18 pentabular joined #salt
19:19 __gotcha joined #salt
19:19 __gotcha joined #salt
19:19 UtahDave Wow, looks like there are going to be several Salt Sprint locations outside of the US
19:21 Oscar_ Hi, I have an issue with salt, Whe I do an highstate from the master it just returns the name of each machine without the log, but I send cmd.run with any command and I get the the log. How I can solve this issue?
19:22 UtahDave Oscar_: what version of salt are you on?
19:22 Oscar_ salt-master 0.15.3 | salt-minion 0.15.3
19:23 UtahDave Oscar_: is the state being applied?
19:23 Oscar_ I don't know because it doesn't return the log saying if the states were applied
19:24 rglauser joined #salt
19:24 Oscar_ just the device names, not more
19:24 scott_w joined #salt
19:24 UtahDave Oscar_: can you pastebin the command you're running and the output?
19:24 Oscar_ ok
19:29 Oscar_ @UtahDave -> http://pastebin.com/PfgVKSQ9
19:37 jessep joined #salt
19:41 mgw joined #salt
19:41 jschadlick joined #salt
19:41 bemehow joined #salt
19:42 koolhead17 joined #salt
19:42 koolhead17 joined #salt
19:46 whiskybar joined #salt
19:46 jessep joined #salt
19:47 cron0 Oscar_: are you running CentOS 5 / RHEL 5 on the minions ?
19:48 LyndsySimon joined #salt
19:48 Oscar_ Nope, Master is ubuntu server, minions are Ubuntu Desktop 12.04, then my servers just work fine, these are debian wheezy
19:49 Oscar_ the issue just happens with workstations
19:49 cron0 Ok then I don't know … I thought this might be a known issue with cents/rhel 5
19:50 Lucas_- joined #salt
19:50 rohit01 joined #salt
19:51 ktmx joined #salt
19:52 rohit01 Hi all. Some news: http://reseller.co.nz/reseller.nsf/news/rackspace-goes-openstack-in-sydney
19:52 rohit01 We should add Sydney in our documentation:
19:52 rohit01 https://salt-cloud.readthedocs.org/en/latest/topics/rackspace.html
19:58 Oscar_ There is a standard way to debug this issue?
19:58 abe_music joined #salt
20:01 __gotcha joined #salt
20:02 jacksontj joined #salt
20:05 Grokzen have anyone got pkg.installed state to work on windows repo in the development branch? i only get 'failed to install/update' when running highstate
20:05 UtahDave Oscar_: these are Debian workstations that aren't returning?
20:06 Oscar_ UtahDave Ubuntu Workstations
20:07 UtahDave Grokzen: terminalmage has made some code additions with the windows repo recently. I think he tested pkg.installed.  Are there any other errors in your logs on the workstations?
20:07 Oscar_ UtahDave: Debian based servers are working fine, but some states that worked fine first in Ubuntu oesnt work in the same way in Debian
20:07 terminalmage UtahDave: I'm looking at 5746 right now
20:07 UtahDave Oscar_: can you run one of the minions in the foreground in debug mode and run your highstate?
20:07 mohitr joined #salt
20:08 UtahDave Oscar_: stop the salt-minion service and start it like this:      sudo salt-minion -l debug
20:08 jdaggett joined #salt
20:09 Thiggy joined #salt
20:09 Grokzen i see that it runs the installers each time i run the highstate like it is not installed, if i run pkg.install i get empty response
20:10 UtahDave Grokzen: so it's successfully installing the software, but is failing to report it correctly?
20:10 Grokzen yes
20:11 Grokzen i get Result: False on every package
20:11 cleeming[foxx] joined #salt
20:12 Grokzen i think
20:12 felixhummel joined #salt
20:12 UtahDave Grokzen: is it related to this issue that you opened? https://github.com/saltstack/salt/issues/5746
20:13 Grokzen no
20:14 terminalmage Grokzen: just fixed that one
20:14 terminalmage 5746 that is
20:14 Grokzen ye just saw :P
20:14 terminalmage https://github.com/saltstack/salt/pull/5761
20:14 terminalmage cool
20:14 jduckles joined #salt
20:14 Grokzen that when i look in the source i see a name missmatch when pkg.installed when the function do the ok/failed check
20:15 Grokzen it sends in a name that it looks up in the win_repo cache but it cannot find it
20:15 terminalmage Grokzen: UtahDave: This is the same thing that I mentioned last week regarding windows packages. It was showing failed, then you run the state again and it says the package is already installed
20:15 terminalmage something to do with the python interface used to get the list of installed pacakges
20:15 terminalmage *packages
20:15 terminalmage Grokzen: is that what you are seeing?
20:17 spacedentist_ joined #salt
20:17 __gotcha joined #salt
20:17 __gotcha joined #salt
20:17 Grokzen ye i think so
20:17 terminalmage Yeah, I was seeing this before i made my changes
20:17 spacedentist joined #salt
20:18 terminalmage I need to look into this further, it does not appear to be a salt issue
20:18 terminalmage so it's something for which we need to find a workaround
20:18 jslatts joined #salt
20:18 aranhoide joined #salt
20:19 auser joined #salt
20:19 Grokzen another thing i saw in 0.15.3 is that when an installer do not register a version number when installing salt is not happy
20:19 Grokzen when running pkg.list.pkgs i see Not found i think it was
20:20 Oscar_ UtahDave: Result from what you asked -> http://cl.ly/Pu5g
20:20 Grokzen and similar issues happens where it runs the installer each time i run highstate even if the app is installed on the machine
20:20 dthom91 joined #salt
20:21 jduckles joined #salt
20:21 Grokzen on the first issue, if i change my windows repo and my .sls files to have the acctual name that is stored in the windows repo cache i acctually gets it to work
20:22 Grokzen i cannot use "firefox: pkg.installed" in my .sls file but i have to use ""Mozilla Firefox 20.0.1 (x86 en-US): pkg.installed"
20:22 Grokzen Oo
20:26 * robawt highfives UtahDave
20:27 Grokzen terminalmage: is that something that is changed that my application name in my win repo has to be the exact name that salt extracts from windows?
20:28 terminalmage Grokzen: you should be able to use "firefox" now in your SLS
20:28 UtahDave yo, robawt!
20:28 UtahDave How's it going, my man?
20:28 Grokzen ye that is what i have used in >= 15.3 but now i cant
20:28 UtahDave terminalmage: in 0.15.3 or in develop?
20:28 terminalmage develop
20:28 terminalmage and 0.16rc1
20:28 terminalmage or 0.15.90
20:29 terminalmage whatever it is we're calling it
20:29 UtahDave Oscar_: OK, I see an interesting stacktrace.  So you have 0.15.3 on your minions?
20:29 Oscar_ yep
20:31 UtahDave Oscar_: is there any way you could upgrade one of those minions to the latest from the develop branch in the git repo?  or 0.15.90?
20:31 robawt UtahDave: going well
20:32 Oscar_ UtahDave: yep, just say to me how; I installed it from ppa
20:32 robawt UtahDave: i see the salt sprint is coming
20:32 LyndsySimon joined #salt
20:32 efixit joined #salt
20:32 UtahDave robawt: yep! are you guys planning on doing it again with us?
20:33 UtahDave Oscar_: 1. clone the saltstack repo. cd into the salt repo.  sudo python setup.py install --force
20:33 robawt goodwill is out of office, I'll ask him when he gets back if he's doing anything
20:33 auser Is that this weekend? UtahDave?
20:33 auser what a bummer :/ I can only participate in the afternoon
20:33 UtahDave cool!
20:34 UtahDave auser: nope. On July 27th.
20:34 auser oh nice!
20:34 UtahDave We're still trying to get a SF location confirmed.
20:34 auser UtahDave: if you want help with that...
20:35 aberant joined #salt
20:35 UtahDave auser: we'd love that.  I think we have enough users in the SF  bay area that we could do 2 or maybe even 3 locations.
20:35 jdenning joined #salt
20:37 dthom91 joined #salt
20:37 UtahDave auser: do you know of a place that would want to host?
20:37 auser UtahDave: I will start to ask
20:38 auser I can think of a few places
20:38 UtahDave cool.  let me know if you need me to talk to anybody.  Here's the eventbrite page with more details: http://saltsprint.eventbrite.com/
20:39 UtahDave We have about 8 more locations (some even outside the US) that are almost finalized. Just confirming conference room reservations and things like that.
20:40 auser nice UtahDave
20:40 auser I'll send a few emails out now
20:42 UtahDave auser: thanks, man!
20:46 UtahDave Wow!  We just got confirmation from Rackspace that they'll be hosting a Salt Sprint location in San Antonio.
20:46 * KyleG looks at JordanRinke
20:46 KennethWilke that's where I live....
20:46 auser Nice UtahDave
20:46 KennethWilke and work!
20:46 KennethWilke lol
20:47 KennethWilke what is this you speak of UtahDave
20:47 KennethWilke how do i participate!
20:47 UtahDave Also, they're going to be sponsoring virtual machines for all attendees. If you RSVP beforehand they'll provide free virtual machines on the Rackspace Cloud for the Salt Sprint.  More details to come!
20:47 UtahDave KennethWilke: you're a racker, too!  I didn't realize that.
20:48 KyleG UtahDave: Does that mean I don't need to provide cloud resources?
20:49 auser nice UtahDave!!!
20:49 KennethWilke UtahDave: lol indeed i am, as were the others i brought at tlf
20:49 UtahDave KennethWilke: ah, doh!  sorry, I didn't connect your name and your face
20:51 KennethWilke lol oh yeah sorry, not here under my pseudonym
20:52 mikedawson joined #salt
20:52 rohit011 joined #salt
20:53 KennethWilke UtahDave: is this happening tomorrow?
20:53 UtahDave Nope. on July 27th
20:53 KennethWilke oh JULY
20:53 KennethWilke that's not this month!
20:53 UtahDave Here's the registration page: http://saltsprint.eventbrite.com/
20:54 UtahDave We'll have the San Antonio venue registration up soon.
20:54 KennethWilke alrighty cool, i'll check it tomorrow
20:54 puppet_ UtahDave: salt sprint sounds intresting, we had a salt minimeetup in stockholm a while back, maybe time to do a sprint here
20:55 jacksontj joined #salt
20:55 UtahDave puppet_: Oh, yeah?  That would be really cool.
20:55 UtahDave puppet_: Would you be able to host it at your business or somewhere?
20:55 puppet_ UtahDave: i just got the time to install it on our machines, but we haven't had time to start using it yet ...
20:55 puppet_ UtahDave: depending on how much people comes, yes I could host it at our office
20:56 puppet_ that comes*
20:56 puppet_ now when we got working WiFi too ;P
20:56 puppet_ UtahDave: will talk with some people in the community here, 27th was it?
20:57 carmony joined #salt
20:59 cron0 Anyone have an example of a way to manage compiled software with salt ?
21:00 SEJeff_work cron0, Well how do you normally manage it?
21:00 SEJeff_work Do you package it up, do you rsync it out?
21:00 cron0 download sources, unpack, configure, make, make install, etc...
21:00 xet7 joined #salt
21:00 cron0 I guess I'll just run these with cmd.run then ;)
21:00 SEJeff_work cron0, salt can do all of those
21:00 SEJeff_work bingo
21:00 StDiluted or use fpm to make a package
21:01 SEJeff_work checkinstall!
21:01 cron0 Maybe with a unless: test -e /usr/bin/myapp to prevent compiling everytime
21:01 cron0 ohhh fpm yes!
21:01 SEJeff_work correct
21:02 aleszoulek joined #salt
21:03 bluemoon joined #salt
21:03 kho_ joined #salt
21:04 kho joined #salt
21:05 oliv_mc joined #salt
21:05 carmony joined #salt
21:08 LyndsySimon joined #salt
21:08 Oscar_ UtahDave: I cloned 0.15.90 then did the same, this returned: ti-et28:     Data failed to compile: ----------     The function "state.highstate" is running as PID 7598 and was started at 2013, Jun 26 16:36:33.021337 with jid 20130626163633021337
21:09 Oscar_ after that I restarted the master service at the master saltstack server then I re run the command and I got the same result. Just the name of the minion.
21:09 UtahDave so weird.
21:10 UtahDave Oscar_: could you open an issue on the github repo with this?  Include the stacktrace at the end of that file you sent me, too
21:11 kermit joined #salt
21:11 Oscar_ UtahDave: Which one? from 0.15.90 ? or previous?
21:11 aranhoide any recommendations re: monitoring tools for salt-managed EC2 ubuntu instances?
21:12 aranhoide I remember I saw some recommendations in the salt docs, but I can't find them anymore
21:12 aranhoide (I mean, tools that were known to integrate well with salt)
21:12 UtahDave the gzipped file you pastebinned, Oscar_
21:12 Oscar_ Ok
21:13 bemehow joined #salt
21:13 oz_akan_ hi, with mine, is this expected to work: salt web-04 mine.get -G "roles:web_server" grains.items
21:13 oz_akan_ I have grains.items in function list in minion configuration
21:13 oz_akan_ I get this error: Got insufficient arguments for grains match statement from master
21:14 lemao joined #salt
21:19 jacksontj joined #salt
21:19 Oscar_ Anybody knows how to uninstall salt-minion from "sudo python setup.py install --force" command installation?
21:20 UtahDave Oscar_: just do a  sudo apt-get remove salt-minion      and then    sudo apt-get install salt-minion
21:20 UtahDave that should do it.
21:20 Oscar_ I alredy did that but when issue an salt-minion --version it still says 0.15.90
21:21 Oscar_ even when I remove using apt-get the salt-minion command is still available
21:21 jeddi Oscar_: what does 'apt-cache show salt-minion | grep -i version' show on that box?
21:21 KyleG Do any of you happen to know why our uwsgi instances are all logging as localhost: in their log files…none of our hostnames are set to localhost, lol
21:22 KyleG random q
21:22 jeddi Oscar_: when you apt-get remove salt-minion .. what does 'which salt-minion' show?
21:22 Oscar_ Version: 0.15.3-1precise
21:22 Oscar_ 0.15.90
21:22 jeddi Oscar_: and 'pip freeze | grep -i salt'
21:22 Oscar_ Warning: cannot find svn location for distribute==0.6.24dev-r0
21:23 KyleG joined #salt
21:23 jeddi that's okay - that's just stderr overflowing into our investigation :)
21:23 jeddi though it's weird that people still use svn.
21:23 Oscar_ without grep pipe it shows that salt is not installed
21:23 jeddi Oscar_:  and 'which salt-minion' .. once you apt-get remove salt minion.
21:24 jeddi you've got some residual cruft there, one way or another.  not pip'd .. did you do any other pythony setup / install ?
21:24 jeddi Oscar_: once you've apt-get removed the package, does 'ps aux | grep salt' indicate that the daemon (minion) is still running?
21:24 Oscar_ "/usr/local/bin/salt-minion"
21:25 jeddi okay .. well that's not a package-installed location.
21:25 Oscar_ nope
21:25 jeddi is there a /etc/init.d/salt-minion file there too?
21:25 Oscar_ nope, no init file
21:25 jeddi strange stuff.
21:26 dave_den Is there an issue when trying to install packages as files (from salt:// source), when the names of the packages are also in a configured repo?
21:26 Oscar_ Do I remove all salt exec from /usr/local/bin
21:26 jeddi at this point i'd be tempted to do something like 'cd /usr ; find . -name \*salt\*
21:26 Oscar_ ??
21:27 jeddi and if the output looks safe to get rid of manually, do a -delete on the end of the find .. but be careful, of course, in case that result brings up stuff you care about.
21:27 jeddi Oscar_: well, check 'du -a /usr | grep salt' -- and see if you've got lots of cruft under /usr/lib/pythong2.7/dist-packages/salt* or similar.
21:28 jeddi and /usr/share/pyshared .. and a few other places.   sure you can't just rebuild this machine? ;)
21:28 jeddi did someone else install salt on this box somehow perhaps?
21:28 jeddi Oscar_: actually, with salt-minion removed - are there any other salt-packaegs installed (master, cloud, etc) ?   and what does 'dpkg -l | grep salt' show ... i'm guessing rc ?
21:29 afx_hero joined #salt
21:29 afx_hero joined #salt
21:30 toastedpenguin yesterday someone mentioned using infro from the hostname/id taken from grain.items to setup templates using pilliars, am I remembering that correctly?
21:30 Oscar_ this command shows that salt-minion and salt-common are still installed, even after issue and apt-get remove salt-minion
21:30 jeddi dave_den: i'd guess if you were using the apt states, then they'd look to the configured repos for the package yeah.  but haven't tested it.
21:30 jeddi Oscar_: okay.  let's blat them.  'dpkg --purge  salt-minion salt-common'
21:30 Oscar_ whe issue the unisntall command apt-returns that both packages dosnt exist and will be not removed
21:31 jeddi once you've done that, do the find again looking under /usr for salty files .. just in case.
21:32 dave_den jeddi: i'm using (condensed to one line): pkg.installed: sources: - pkgname: salt://path/to/pkg.deb   but even though the source packages are newer than waht is in the ubuntu repo, it only installs from the repo
21:32 probablyfine [–]zeeagle 59 points 6 hours ago
21:32 Oscar_ a lot less:
21:32 Oscar_ ./share/vim/vim73/syntax/tsalt.vim ./local/bin/salt-key ./local/bin/salt-cp ./local/bin/salt-master ./local/bin/salt-run ./local/bin/salt-call ./local/bin/salt-minion ./local/bin/salt-syndic ./local/bin/salt ./local/lib/python2.7/dist-packages/salt ./local/lib/python2.7/dist-packages/salt/utils/saltminionservice.pyc ./local/lib/python2.7/dist-packages/salt/utils/saltminionservice.py ./local/lib/python2.7/dist-packages/salt/modules/sal
21:32 dave_den oh, maybe i need to import the package signer key for the source packages. ..
21:34 kho_ joined #salt
21:34 jeddi dave_den: that might be it - sorry, i haven't tried pushing non-repo packages out to minions.
21:35 oliv_mc joined #salt
21:35 jeddi Oscar_: if you did the dpkg --purge .. did that say the packages weren't installed?  i thought you said 'dpkg -l | grep salt' showed residual cruft left from two packages?
21:41 Oscar_ no more residual cruft
21:41 Oscar_ but salt-minion is still available as command
21:42 Oscar_ do I must remove all salt execs from /usr/local/bin ?
21:46 jessep joined #salt
21:46 Oscar_ I remove all execs, then reinstalled salt-minion it created again the execs then issued --version, but still says 0.15.90
21:46 Oscar_ WTF
21:46 Oscar_ dpkg says 0.15.3-1precise
21:49 UtahDave Oscar_: I'd probably just cd into your repo again.  Checkout the v0.15.3 tag  and then run the setup.py install --force again.    :)  Sorry for causing you all this headache!   :(
21:51 Oscar_ UtahDave: Ok but I gues that I brok this thing; I delted all /usr salt scruft and then re-instaled from apt, but it now says: Traceback (most recent call last):   File "/usr/bin/salt-minion", line 6, in <module>     from salt.scripts import salt_minion ImportError: No module named salt.scripts
21:51 Oscar_ I will try with the repo
21:52 bluemoon joined #salt
21:53 hazzadous joined #salt
21:54 Oscar_ done, fixed, thanks UtahDave
21:56 jeddi Oscar_: it really isn't usually this complex.  honestly.  :)
21:58 shiznit1 joined #salt
22:01 shiznit1 joined #salt
22:07 bhosmer joined #salt
22:12 joehh joined #salt
22:14 austin987 joined #salt
22:15 ronc joined #salt
22:16 jrgifford joined #salt
22:19 jeddi Am I right in thinking anything under salt://fs (in my case) is accessible by any minion, effectively?  How do I protect entire files - not just a few lines here and there - using pillar?   I have a lengthy xml file I want to lock down to just two machine's visibility.
22:20 jdenning joined #salt
22:21 saltydog joined #salt
22:21 ydavid joined #salt
22:27 EugeneKay jeddi - I've been wrastling with that myself; best I can figure is to do it via git, with minion-specific repo
22:28 Thiggy joined #salt
22:30 Thiggy I'm having a bit of trouble with an unless clause on a cmd.script. It runs the script every time. When I run the unless clause locally on the minion it returns what I expect it to:  - unless: "[[ 'MYERLANGCOOKIE' == `cat /var/lib/rabbitmq/.erlang.cookie` ]]"
22:30 LyndsySimon joined #salt
22:30 Thiggy https://gist.github.com/jthigpen/1673966954a9724d30e7 <-- rest of sls for context.
22:33 scott_w joined #salt
22:33 jeffrubi` left #salt
22:34 auser joined #salt
22:36 efixit joined #salt
22:36 jeddi EugeneKay: hmm .. not gitfs, i hope you don't mean?   i have deploy rsa keys (private) that get pushed for read-only access to various repos (we use gitolite) out to minions .. i guess i could formalise that better for these kinds of secret data.
22:37 jeddi EugeneKay: it seems a bit .. complex.
22:37 JasonSwindle joined #salt
22:37 jeddi Thiggy:  is it a newline/cr problem?  can you try turning it into a grep?
22:38 jeddi Thiggy: just a guess .. first thing that came to mind looking at that gist.
22:38 scott_w joined #salt
22:38 EugeneKay jeddi - yeah, that.
22:38 Thiggy There's no newline in the cookie file, but that's a good idea. Do you have an example of a greppy unless/onlyif condition handy? If not I can fumble around until I get something.
22:39 EugeneKay I've been fiddling with getting the same setup myself
22:39 jeddi Thiggy: i do not - i've only used simple 'ls ...' type constructs in my unless's.
22:39 Thiggy k, thanks
22:39 EugeneKay I think I may put my salt.sls up on github, this feels like reinventing the wheel
22:39 jeddi Thiggy: if it does'nt work .. i'll guess again :)
22:39 EugeneKay s/salt.sls/salt.git
22:40 kermit joined #salt
22:41 EugeneKay On a related note, rather than pushing deploy keys to minions, what would be a sane way to have them generated & the pubkeys pulled back to the master?
22:41 EugeneKay (and dropped into gitolite.git)
22:41 jeddi EugeneKay: i just feel there should be a more elegant way.  everything under fs/ is visible to minions, right?  even if it's not specified anytwhere in a state file?   i ahven't tested this, but i gather this is the case.   and pillars .. are a bit painful to start putting ssh public keys, quite painful to put private key blocks, or anything quoted.   and 250 line xml files .. especially painful.  i guess i could try to template them, but ... there are myriad
22:41 jeddi changes to be made, and i really worry about gotchas with things like jinja trying to parse the angle-bracket ugliness of xml.
22:42 EugeneKay jeddi - yes, my understanding is /srv/salt/ is public to all minions
22:42 EugeneKay I had the same question about a week ago
22:42 jeddi EugeneKay: so you're currently pushing deploy-account private keys out the same way that i am then?  just dump them somehwre (in my case /etc/companyname/ssh_keys/deploy.*  ) ... and hook them in via ssh and git configs later?
22:42 EugeneKay I'm not doing anything yet
22:42 jeddi ack.
22:43 jeddi i'm debating whether i can avert the problem entirely by deploying solely via salt .. or perhaps wrap up some fabric.  i think i can get away with solely salt, even if i end up with a few bodgy cmd.run lines in a bash wrapper.
22:43 jeddi we do not hvae a complex deploy mechanism.  yet.   but once i get to jenkins .. and a few CI vm's .. it's going to need to be a bit more robust.
22:44 carmony joined #salt
22:44 EugeneKay What I have napkined right now is to have a state module generate an id_rsa on the minion, then submit the pubkey for acceptance(in much the same way as salt-key works)
22:45 KyleG jeddi: we deploy soley via salt.
22:45 KyleG Using bamboo
22:45 KyleG and a custom module
22:45 jeddi EugeneKay: acceptance back into gitolite admin you mean?
22:45 KyleG It took awhile to get there
22:45 EugeneKay Correct
22:46 jeddi KyleG: hey - that's .. encouraging.   what type of shop are you (ruby, java, php ,etc )
22:46 EugeneKay Or, into gitolite's ~/.ssh/authorized_keys(you don't really need it in the gitolite-admin repo; that's just for convenience of management)
22:46 EugeneKay I actually don't have ANYTHING in gitolite-admin.git/keydir/
22:46 KyleG jeddi: PHP, currently re-writing our entire code base+api+deploy process in pythn
22:46 KyleG python*
22:46 jeddi EugeneKay: because we may deploy from multiple sites, and we certainly update gitoliate admin from multiple machines .. i'd wnt to not risk breaking gitolite admin repo.
22:46 EugeneKay Ya, merges on that are fun
22:46 EugeneKay Especially automated ones
22:46 jeddi KyleG: have you doc'd your deploy processes anywhere vaguely public? :)
22:47 KyleG no lol sorry
22:47 Thiggy jeddi: you're my hero. the grep condition worked fine.
22:47 KyleG but I'm sure you could hound our developers if you're part of the great salt stack hackathon next month ;P
22:47 jeddi EugeneKay: i usually drop an irc or sms to my colleague before touching gitolite-admin with a subtle suggestion that if he's got any commits pending ...
22:47 jeddi KyleG: i am but a small cog in a faraway land.
22:47 EugeneKay If you have anything that isn't pushed, you're dead to me.
22:47 EugeneKay pull, edit, push, or die.
22:47 EugeneKay If you forget to pull it's your job to rebase it sanely
22:48 jeddi EugeneKay: but keydir's incredibly handy for multiple keys per person ..  or don't you use that feature?
22:48 EugeneKay I do self-service key management
22:48 jeddi Thiggy: good good.  never get too complicated where a grep or ls will work just as well :)
22:48 EugeneKay http://gitolite.com/gitolite/sskm.html
22:48 shiznit1 joined #salt
22:49 jeddi EugeneKay: nice.  i never dove into that stuff .. the standard way of using gitolite-admin repo always worked fine where i've used it (usually with only two or at most three people having write access to it)
22:49 EugeneKay I also have a project underway for signup via HTTP, eg to provide it as a webservice
22:49 jeddi KyleG: oh - you're part of saltstack.org?  (not sure if i misunderstood)
22:50 EugeneKay I'm proooobably gonna bastardize that into my key-generation+submission idea
22:50 jeddi EugeneKay: a web front end to gitolite .. sounds disgusting :)
22:50 EugeneKay Just to create a new user.
22:50 EugeneKay The disgusting part is the command extension for git to work with repo creation/deletion
22:50 jeddi do any of the various web front ends - say like gitlab - offer that?
22:51 EugeneKay gitlab reimplemented it in Ruby
22:51 jeddi there are many, many occasions where i am particularly glad i have modest requirements.
22:51 EugeneKay They're also a bunch of clowns, but hey
22:51 jeddi i looked at gitlab several weeks ago .. and fantasised about converting their arduous build instructions into a state file.  i was young.  and naive.  i have since dropped that idea.
22:51 EugeneKay Yeahhh.... screw that.
22:52 jeddi maybe it might be a nice idea to fiddle with docker/lxc ... <ponder pulp>
22:52 inso joined #salt
22:52 * EugeneKay goes downstairs to hunt a burger at the bar
22:54 KyleG jeddi: No the Salt Stack hackathon is open to all, I'm just sponsoring the Los Angeles meetup because the company I work for supports open source, and we <3 salt stack
22:54 KyleG That's my involvement
22:56 conan_the_destro joined #salt
22:56 jeddi KyleG: ooh, okay.  i wonder if there's a london shindig.  probably not.  no one cares about this dismal city.
22:57 KyleG jeddi: We do. :) Just hired a UK Sales Rep, starting an office there.
22:58 KyleG also, I've been to london. I quite enjoyed my week long visit there. :)
23:00 Thiggy joined #salt
23:00 emocakes joined #salt
23:00 redbeard2 joined #salt
23:06 jeddi KyleG: that's encouraging to hear.  i was hoping there'd be something going on at one of the local python or devops meetups.  no biggy.
23:09 NotMyself joined #salt
23:10 NotMyself left #salt
23:16 ninkotech joined #salt
23:17 quantumsummers|c joined #salt
23:20 kenbolton joined #salt
23:21 oz_akan_ joined #salt
23:23 bluemoon joined #salt
23:30 bemehow can you please clarify how the sls files are mapping variables to methods?
23:30 bemehow redis:
23:30 bemehow service:
23:30 bemehow - running
23:30 bemehow - enable: True
23:30 bemehow - reload: True
23:30 bemehow - watch:
23:30 bemehow - pkg: redis
23:30 bemehow documentation mentiones this should be variable enable=True being passed to running method
23:31 bemehow and magic mapping of mod_watch method to watch and reload is a variable being passed to watch method or is it a syntax error in docs?
23:32 bemehow redis:
23:32 bemehow service:
23:32 bemehow - running:
23:32 bemehow - enable: True
23:32 bemehow - watch:
23:32 bemehow -  pkg: redis
23:32 bemehow -  reload: True
23:33 bemehow cause correct me if I'm wrong it makes no sense by looking at the code..
23:33 bemehow makes more sense..
23:33 jeddi bemehow: use a pastebin!
23:33 bemehow oh sorry
23:34 jeddi what are you actually seeing go wrong / what are you expecting to see?
23:34 UtahDave joined #salt
23:35 jeddi bemehow: that top one - is that cut-n-pasted from the saltdocs site?   and the second lump is your re-write?  the first one looks about right.
23:35 bemehow jeddi: yeah I've rewritten 2nd
23:35 bemehow can you explain which variable is being passed to which function
23:35 jeddi is your problem the reload is part of the service definition proper?
23:35 bemehow i'm trying to write my own state file and this is confusing how to map
23:36 jeddi bemehow: can you copy to a paste bin of your choice and share the link here.
23:36 jeddi add in some # comments explaining the two fragments.
23:36 jeddi i'm old and grumpy and find syntax highlighting much easier to read than irc logs.
23:39 scott_w joined #salt
23:39 bemehow jeddi: sure, here it is http://pastebin.com/A7xCx50N
23:40 jeddi why doesn't anyone use the syntx highlighting feature?  http://pastebin.com/UUYYDXzU
23:41 UtahDave bemehow: what problem are you having with that paste?
23:41 jeddi UtahDave: you know how this stuff works .. what do you think -- bemehow reckons the location of the mappings is the wrong way around
23:41 jeddi ah.  beat me to it :)
23:42 jeddi bemehow: you mean that it's not intuitive, right, rather than it being outright wrong .. ?
23:42 bemehow UtahDave: I'm trying to learn how to write my custom states, based on service, to include runit configuration and need some understanding of sls->code
23:42 bemehow and this is definitely not intuitive, or wrong, can't say
23:43 bemehow if you can point me how sls maps variables passed to methods in state.modules this would help
23:43 jeddi bemehow: to be candid, the conversion (mentally) of the doc's descriptions of parameters often is a bit of trial-and-error for me to get a decent sls file out of it.
23:43 jeddi bemehow: but i put that down to my lack of python fu on the list  front.
23:45 UtahDave bemehow: OK, so  on line 1, "redis" is your ID declaration.  If you don't have the   - name   option set, then Salt sets  - name to be whatever the ID declaration is.
23:45 UtahDave obviously line to refers to the "service" state.
23:45 alazylearner joined #salt
23:46 UtahDave If you have an option with nothing attached to it, such as  - running,  then it means that we're executing the  "running" function of the "service" state python file
23:47 UtahDave - enable: True and - reload: True and any other variables you set are passed in as variables to your "service.running" function
23:47 UtahDave - watch and - require   are "requisites"
23:48 nrub joined #salt
23:48 UtahDave Requisites are used by the Salt data compiler to order the execution of the various things your trying to do.
23:48 UtahDave If you're going to write your own State and Execution module remember this
23:49 UtahDave The execution module (the .py files in the modules directory) are where things are actually done.  for example, install this package, check if this package is installed, write this file to disk, restart this service
23:50 UtahDave The State modules (those .py files in the states directory)  use the execution modules to do things.
23:50 UtahDave The state module will use the corresponding execution module to check if a package is installed.
23:50 hazzadous I suppose the confusing is that running doesn't explicitly reference reload, where as mod_watch does
23:50 UtahDave then the state module will use the execution module to install the package, if needed.
23:51 UtahDave hazzadous: ok good point.
23:51 UtahDave so a "watch" is the exact same things as a "require"
23:51 bemehow give me 1m reading trough
23:52 UtahDave The only additional thing a "watch" does is execute the mod_watch function if the mod_watch function exists and whatever is being "watched" returns True
23:52 UtahDave err,  actually, I think if the "watched" thing returns a changed state.
23:55 bemehow UtahDave: thx!
23:55 bemehow it should be linked to the main doc page..
23:55 bemehow cause I've just asked my colleagues here and this is all confusing :D

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary