Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2013-07-29

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:06 brianhicks joined #salt
00:07 druonysus joined #salt
00:07 druonysus joined #salt
00:18 danielbachhuber joined #salt
00:30 pdayton joined #salt
00:58 aranhoide joined #salt
01:13 dthom91 joined #salt
01:18 syngin so, pillar and include statements... i'm trying to leverage the "key" keyword that was added to pillar's include in 0.16.0, but I can't get it to work.
01:18 syngin any ideas?
01:19 mgw syngin: did that make it into 0.16?
01:19 syngin the documentation says so - perhaps not.
01:19 mgw ok, let me check
01:20 syngin https://salt.readthedocs.org/en/latest/topics/pillar/#including-other-pillars
01:20 liuyq joined #salt
01:21 liuyq joined #salt
01:22 mgw syngin: It's not there in the code
01:24 mgw https://salt.readthedocs.org/en/v0.16/topics/pillar/
01:24 danielbachhuber joined #salt
01:24 syngin damn
01:24 mgw It's still in development branch
01:24 syngin well, that would explain why I couldn't find it.
01:25 syngin damn. looks like i'll have to move things around again :/
01:25 mgw Unfortunately, I don't know what the timeline is like for getting that into a stable release.
01:25 syngin I really want to move my user defs into pillar, but without that "key" feature...
01:25 syngin No worries, thanks for checking.
01:25 mgw np
01:26 syngin Thought I was going mad ;)
01:26 mgw syngin: how many users do you have?
01:27 syngin only about 20 or 30.
01:27 syngin but i have them in groups and each server role has one or more groups of users associated with it.
01:30 mgw1 joined #salt
01:32 mgw1 syngin: one sec, I'll try to describe how I do exactly that (and before I added key:)
01:34 syngin ahh, thanks guy. that'd be super handy.
01:35 mgw1 Do you code python?
01:35 syngin yep
01:35 mgw1 It's basically like this
01:35 mgw1 I have users defined in one sls
01:35 syngin yep
01:35 mgw1 and each user has a list of groups it goes in
01:36 mgw1 (that's in pillar)
01:36 mgw1 each minion has a list of sudo groups and regular user groups
01:36 syngin right
01:37 mgw1 I use a #!py state script to generate either present or absent user entries
01:37 syngin ahh
01:37 mgw1 so pillar will always have the full list of users
01:37 mgw1 but whether they get rendered as present or absent is determined by the #!py
01:38 syngin i was starting to think i'd have to write something like that.
01:40 mgw1 It's not too bad :-)
01:40 syngin nah, single method with normal python constructs by the look of it.
01:40 syngin very straight-forward.
01:40 syngin just wanted to leverage as much of salt before getting into customizations.
01:40 syngin i guess i just feel like what i'm doing can't be that special ;)
01:41 mgw1 That's not considered a customization
01:41 mgw1 It's just a power user feature
01:41 syngin right, bad choice of words: more getting into things that will be harder for me to explain to the junior sysadmins ;)
01:45 m_george|away joined #salt
01:45 mgw1 syngin: I'm sure you'll find nearly as many ways to do this as there are salt users. Salt seems to avoid having a "canonical" way of doing things.
01:46 syngin mgw1: i'm getting that feeling. so glad i got into this rather than puppet. also, python and zmq.
01:47 avienu joined #salt
01:48 syngin so the script you're using to handle users... is that a state module?
01:49 syngin erp, guess not. what doco am i looking for?
01:52 Nexpro1 joined #salt
01:56 baniir joined #salt
01:59 brianhicks joined #salt
02:01 mgw1 syngin: it's not a state module
02:02 mgw1 trying to find the docs
02:02 dthom91 joined #salt
02:03 mgw1 I'm not using pydsl (not sure why not), but it should work for you: http://docs.saltstack.com/ref/renderers/all/salt.renderers.pydsl.html
02:04 oz_akan_ joined #salt
02:04 mgw1 See this too, syngin: http://docs.saltstack.com/topics/tutorials/starting_states.html#introducing-the-python-and-the-pydsl-renderers
02:06 FreeSpencer joined #salt
02:08 APLU joined #salt
02:09 Gifflen joined #salt
02:13 danielbachhuber joined #salt
02:15 aranhoide left #salt
02:42 whit joined #salt
02:48 Lue_4911 joined #salt
02:55 Newt[cz] joined #salt
02:57 lazyguru_ joined #salt
03:22 ponderability joined #salt
03:25 oz_akan_ joined #salt
03:26 oz_akan__ joined #salt
03:32 owensbla joined #salt
03:42 Furao joined #salt
03:43 avienu joined #salt
03:45 carmony joined #salt
04:02 dlindquist joined #salt
04:04 Nexpro joined #salt
04:15 dlindquist joined #salt
04:21 ponderability joined #salt
04:24 syngin so when writing a python renderer for a state sls (run(), return HSD), how does one debug what the returned value from the #!py script is?
04:37 berto- joined #salt
04:41 gwar99991 joined #salt
04:42 oz_akan_ joined #salt
04:43 gwar99991 Hey Salt gurus... Checking out salt and converting a puppet manifest to salt.... My test module manages a ton of files, most of which have the same permissions (user, group, mode).  Puppet has a module default, is there a salt default implementation?  That is, everything in the sls file shares the same perms but can be overriden for an individual file.
04:44 pcarrier joined #salt
05:00 Ryan_Lane joined #salt
05:09 dlindquist joined #salt
05:11 druonysus joined #salt
05:11 druonysus joined #salt
05:40 iquaba1 joined #salt
05:42 druonysus joined #salt
05:42 druonysus joined #salt
05:53 kstaken joined #salt
05:56 gwar99991 left #salt
06:17 druonysus joined #salt
06:17 druonysus joined #salt
06:36 masm joined #salt
06:52 intchanter How is __opts__ being used internally?
06:52 intchanter And what's necessary to use it in one of the core salt modules?
06:53 intchanter I don't see it being explicitly imported.
06:54 Corey intchanter: It may be happening either through inheritance or some kind of implicit importation.
06:54 Corey Unfortunately, I'm the wrong person to ask.
06:54 Corey The codebase seems a bit... difficult, to understand. :-)
06:55 intchanter Thanks for responding anyway.  I think I have #6238 tracked down, and it basically comes down to calling get_proc_dir() is destructive.
06:56 intchanter So I hoped I could switch that call in cli/caller.py to read the directory value from __opts__ instead.
06:56 intchanter Maybe I'll give it a wild try and see what happens.
06:56 Corey Just flag it as untested if you pull request it. I'm of the opinion that more eyes on it *before* merge, the better.
06:56 intchanter Definitely.
06:57 intchanter I'll still test it to the extent I can.
06:57 az87c joined #salt
07:01 intchanter Maybe you can answer this, though...
07:01 intchanter When salt-call --local is run, does it expect to be a minion in its own right?
07:02 intchanter Or does it somehow search out and communicate with any existing minion it can find.
07:02 intchanter ?
07:02 intchanter It feels like it could go either way, based on the code I've read so far.
07:03 Newt[cz] joined #salt
07:03 Corey --local doesn't require any network connectivity whatsoever from my experience.
07:03 Corey It worked on a plane today, for instance.
07:04 intchanter So the issue is that salt-call is clearing out the proc/ directory that's used to track running processes.
07:04 intchanter On startup, which seems suboptimal.
07:04 haroldjones joined #salt
07:06 carlos joined #salt
07:08 intchanter Oh, wait...
07:08 intchanter The code checks elsewhere for whether the PIDs still exist for anything that's found, so maybe we don't need to empty it even on minion creation.
07:09 dlindquist joined #salt
07:09 bud_ joined #salt
07:09 intchanter I'll sleep on this and see what comes to mind tomorrow.
07:09 intchanter Thanks again for everything.  :-)
07:15 LucasCozy joined #salt
07:17 unicoletti_ joined #salt
07:28 aleszoulek joined #salt
07:31 carlos joined #salt
07:37 ml_1 joined #salt
07:50 felixhummel joined #salt
08:03 davidone joined #salt
08:04 Xeago joined #salt
08:12 xl1 joined #salt
08:38 zooz joined #salt
08:49 whiskybar joined #salt
08:54 Linz joined #salt
08:57 aranhoide joined #salt
08:58 krak3n` joined #salt
09:17 yota joined #salt
09:18 balboah joined #salt
09:38 ClausA Does the client_acl system allow one to specify which minions a given user is allowed to execute on? Say I want to allow bob to run 'service.*' on all '*dev.servers.tld' - but only 'service.status' on '*prod.servers.tld'?
09:40 TheCodeAssassin joined #salt
09:40 TheCodeAssassin hi everybody
09:41 TheCodeAssassin I'm a proud user of salt-cloud. But i can't seem to solve this one
09:41 TheCodeAssassin https://gist.github.com/anonymous/346578c85f3bccacf207
09:42 TheCodeAssassin It seems that EC2 takes a little too much time to spin up the instance from EBS, and it doesn't have the IP address yet
09:43 helderco joined #salt
09:43 helderco left #salt
09:44 helderco joined #salt
09:45 waverider joined #salt
09:46 xl2 joined #salt
09:47 carlos joined #salt
09:51 koolhead17 joined #salt
09:51 koolhead17 joined #salt
09:53 backjlack joined #salt
09:54 TheCodeAssassin Hmm i fixed it by adding time.sleep(35) before quering the ip address. DOn't know if i'm supposed to do that
10:02 giantlock joined #salt
10:03 xl1 joined #salt
10:05 krissaxton joined #salt
10:09 Jason-AVST joined #salt
10:24 ml_1 joined #salt
10:26 ede joined #salt
10:29 Koma there is a web interface or a way to analyse the   salt '*' state.highstate output in a more confortable way to find errors and incongruences instead of scrolling 2^64^32 lines ?
10:43 Furao Koma: I use sentry returner to only look at failure
10:44 Koma which is? a perl script?
10:44 Furao salt returner are python modules
10:46 Linz joined #salt
10:47 Koma the returner talks to something called sentry wich is?
10:48 Furao getsentry.com
10:48 Furao i host my own deployment of sentry and I use it for all kind of alerts/errors reporting
10:49 Furao there is other returners
10:49 Furao maybe they also only reports errors
10:49 Koma nope I've already have prtg has monitoring solution but i think that the mysql returner could be useful to build a web interface
10:49 Koma Exactly
10:50 Koma :D
11:20 blee joined #salt
11:22 krak3n` joined #salt
11:41 djn joined #salt
12:03 aranhoide joined #salt
12:09 shiin joined #salt
12:10 whit joined #salt
12:12 shiin hello. Im trying to configure salt to install tools on my systems that I always need. tmux is one of them. unfortunately its rather old in debian squeeze so Ive worked out how to use grains to determine when I could install a newer version from squeeze backports - but what if its already installed. currently Im getting the error that the version requirement couldn't be met "function: installed, result: false" - but how do I get salt to really update tmux,
12:12 shiin besides just printing whats wrong with state.highstate?
12:21 probablyfine joined #salt
12:22 aranhoide left #salt
12:23 eccles joined #salt
12:27 y0j joined #salt
12:36 bhosmer joined #salt
12:45 carlos joined #salt
12:58 diegows joined #salt
13:00 anteaya joined #salt
13:00 blee_ joined #salt
13:05 juicer2 joined #salt
13:09 m_george left #salt
13:12 Gifflen joined #salt
13:16 balboah joined #salt
13:17 ggoZ joined #salt
13:18 krak3n` joined #salt
13:19 brianhicks joined #salt
13:22 jeffasinger joined #salt
13:22 mykhal joined #salt
13:24 carlos joined #salt
13:26 oz_akan_ joined #salt
13:26 racooper joined #salt
13:28 mgw joined #salt
13:29 unicoletti left #salt
13:33 Koma_ joined #salt
13:37 Furao_ joined #salt
13:39 aranhoide joined #salt
13:40 bhosmer joined #salt
13:41 dthom91 joined #salt
13:45 ipmb joined #salt
13:47 napperjabber joined #salt
13:49 racooper joined #salt
13:51 blink__ joined #salt
13:52 redbeard2 joined #salt
13:54 [diecast] joined #salt
13:54 [diecast] joined #salt
13:54 oz_akan_ joined #salt
13:56 TheRealBill joined #salt
14:01 marty_mcfly joined #salt
14:01 doublerr joined #salt
14:02 Khollowa_ joined #salt
14:03 KennethWilke joined #salt
14:06 Furao joined #salt
14:07 mannyt joined #salt
14:07 cnelsonsic joined #salt
14:11 toastedpenguin joined #salt
14:12 opapo joined #salt
14:19 aat joined #salt
14:21 redbeard2 left #salt
14:21 krissaxton left #salt
14:23 jeddi joined #salt
14:24 pdayton joined #salt
14:25 m_george|away joined #salt
14:26 m_george left #salt
14:29 bud_ Hello people.
14:29 teskew joined #salt
14:30 bud_ Can I query pillar like this {% set site_pillar = pillar.get('grains['id']', {}) -%} from a jinja templated file?
14:31 mgw joined #salt
14:35 oz_akan_ joined #salt
14:38 helderco joined #salt
14:38 lempa joined #salt
14:39 bud_ I have tried to store grains['id'] in a variable and query pillar.get on that variable but that doesn't work either.
14:39 bud_ Has anybody tried to do this before?
14:39 [diecast] use salt-call
14:39 bud_ Can you please provide an example.
14:40 [diecast] dont think it works folrm a template like that
14:41 bud_ {% set site = grains['id'] %}
14:41 bud_ {% site_pillar = pillar.get('{{ site }}', {}) -%}
14:41 pnl joined #salt
14:41 bud_ Fails.
14:42 bud_ [diecast]: maybe you are right, I don't really know.
14:44 [diecast] i can try it sometime, but not now =)
14:44 bud_ [diecast]: thank you anyway :-).
14:45 shiin left #salt
14:46 Newt[cz] joined #salt
14:47 [diecast] bud_ this might help - http://docs.saltstack.com/topics/tutorials/pillar.html#more-complex-data
14:48 jeddi joined #salt
14:49 aat joined #salt
14:50 kaptk2 joined #salt
14:54 bud_ [diecast]: I have read it and it works as specified there.
14:54 bud_ Also the set method works as long as I don't use {{ }} variables inside the pillar.get call.
14:55 jpeach joined #salt
14:55 whit joined #salt
14:56 LucasCozy joined #salt
14:56 bud_ I have a dictionary in pillar for each host using, for example host1.domain.tld: { key: value }.
14:57 bud_ I want to be able to get the value from inside the dict on the minion the state runs. So I thought I could store grains['id'
14:57 bud_ to a variable and make the pillar.get query for that minion.
14:57 bud_ I hope it makes sense :)).
14:58 samsalt joined #salt
14:59 owensbla joined #salt
15:00 cedwards joined #salt
15:01 StDiluted joined #salt
15:02 jalbretsen joined #salt
15:04 kermit joined #salt
15:04 Ivo joined #salt
15:05 jaequery joined #salt
15:06 blee joined #salt
15:08 doublerr joined #salt
15:12 dthom91 joined #salt
15:13 ada__ joined #salt
15:15 dthom91 joined #salt
15:16 StDiluted morning all
15:18 chrisgilmerproj joined #salt
15:19 devinus joined #salt
15:19 krak3n` joined #salt
15:20 devinus is there any plans on making a docker set of subcommands?
15:22 lazyguru joined #salt
15:24 TheRealBill devinus: I'm not sure. I've got a functional LXC controller module though. :) Need to convert some of it to be a state module so you can define containers in state files though.
15:27 nmistry joined #salt
15:27 bud_ TheRealBill: that sounds really good and pretty awesome. Can't wait to test it :).
15:28 aat joined #salt
15:31 napperjabber joined #salt
15:32 jslatts joined #salt
15:33 samsalt joined #salt
15:36 TheRealBill bud_: https://github.com/TheRealBill/salt-modules
15:36 TheRealBill it is an early iteration.
15:36 TheRealBill but it does work :)
15:36 TheRealBill and by early I mean "initial"
15:37 owensbla joined #salt
15:37 TheRealBill mostly proff of concept
15:37 carlos joined #salt
15:37 TheRealBill which reminds me ... time to submit a bug/feature request for Salt to recognize and treat a python module properly on sync_modules.
15:38 bud_ TheRealBill: cool :).
15:38 TheRealBill proof* argh. mornings.
15:40 devinus TheRealBill: that's interesting. how does the lxc module work?
15:43 krissaxton joined #salt
15:45 TheRealBill salt mylxchost lxc.createContainer name=container.host.name disksize=2G backingstore=lvm tempalte=debian -> will create an LVM backed container running debian with 2G of disk space on the host mylxchost minion
15:45 TheRealBill you can also do lxc.getContainerList to see available containers, or getContainerProcessList to see what is running in a given container.
15:46 TheRealBill mostly it is a wrapper around the lxc-* commands righ tnow.
15:46 TheRealBill I want to add checking cgroups filesystem to get memory, cpu, i/o usage as well. You can also start, stop, and delete containers
15:47 TheRealBill I threw it together for some testing, and to bette runderstand salt module creation.
15:48 TheRealBill I'm currently using it and my redis module to auto-deploy a bank of redis instances for testing.
15:49 jslatts joined #salt
15:50 TheRealBill I need to work out what should go into a state module (so you can define containers or redis instances in states), what I should add as runners, and what if anything I should be making as pillar modules (such as the "containers on this host" function).
15:50 felixhummel joined #salt
15:50 krissaxton joined #salt
15:50 cnelsonsic joined #salt
15:52 doublerr joined #salt
15:53 lemao joined #salt
15:55 doublerr joined #salt
15:56 cnelsonsic joined #salt
15:57 cnelsonsic joined #salt
15:58 dthom91 left #salt
15:59 cnelsonsic joined #salt
15:59 carlos joined #salt
16:00 KyleG joined #salt
16:00 KyleG joined #salt
16:02 mgw joined #salt
16:03 lunaryorn joined #salt
16:03 lunaryorn Can I access environment variables in the minion configuration?
16:03 cnelsonsic joined #salt
16:04 cnelsonsic joined #salt
16:06 cnelsonsic joined #salt
16:07 jpadilla joined #salt
16:09 forrest joined #salt
16:11 jschadlick joined #salt
16:12 denstark Hello! I've got a folder set up with an init.sls file in it called core (/etc/salt/core on the master) and i'm trying to apply it to a minion with the command salt 'centos6-tester' state.sls core and it is complaining. here is the pastebin of the error: http://tny.cz/2d134749
16:13 TheRealBill denstark: your sls files need to go in your file_roots, the default being /srv/salt/
16:13 Lue_4911 joined #salt
16:13 TheRealBill the /etc/salt tree is for master/minion configuration
16:14 denstark oh dang, duh.
16:14 denstark Let me take a swing at that
16:15 MZAWeb joined #salt
16:15 timl0101 joined #salt
16:15 forrest Has anyone encountered an issue installing salt via the bootstrap script due to python-jinja2 being named python-jinja2-26 in EPEL: http://dl.fedoraproject.org/pub/epel/6/x86_64/repoview/python-jinja2-26.html ? The install fails when it attempts to install salt because it specifically requires python-jinja2.
16:17 forrest There was this google groups post on it already https://groups.google.com/forum/#!msg/salt-users/ZyatYnb95QY/ADngjIjVF8cJ
16:17 forrest But I don't see any sort of follow up.
16:17 avienu joined #salt
16:22 forrest As a follow up, there is this bug: https://bugzilla.redhat.com/show_bug.cgi?id=844710
16:23 zee joined #salt
16:23 zee hello
16:24 zee I'm experiencing some issues with salt cmdmod where if you use runas, it uses /bin/sh for the shell instead of /bin/bash
16:25 zee gist with output of grains.items/cmd.run/cmd.run runas
16:25 zee https://gist.github.com/zspencer/6105559
16:26 zee Running salt 0.16.0 on minion and 0.15.3 on master
16:27 zee And if upgrading salt-master fixes this, I am going to punch a kitten.
16:28 zee Oh good. That didn't fix it. This means I am not going insane.
16:29 TheRealBill is the shell for discourse set as in /etc/passwd set to /bin/sh by any chance?
16:29 zee nope, /bin/bash
16:30 dthom91 joined #salt
16:30 pdayton joined #salt
16:30 TheRealBill well there goes that easy fix. :(
16:30 zee Yeah, haha :(.
16:30 zee I've install salt as a package using yum
16:31 zee I'm assuming there's no way for me to modify the python source code from the package?
16:31 denstark TheRealBill: Thank you, that worked :)
16:31 TheRealBill is this on bsd ro linux?
16:31 zee Centos 6.4
16:31 TheRealBill denstark: glad to hear, you're welcome
16:32 Corey zee: One moment. :)
16:32 TheRealBill zee: looks like you can add a "shell: /bin/bash" to the command, have you tried that?
16:33 zee That works when I use the runas
16:33 TheRealBill zee: you could modify it, but it woudl be overwritten when you did an upgrade
16:33 denstark Now I'm geting an issue that I have multiple state decs of the same type. Here is the relevant portion of the .sls: http://tny.cz/fd54ae93
16:33 zee The secondary problem is that I'm using the gem module to install a gem, which doesn't allow me to pass the shell attributes directly
16:33 TheRealBill oi
16:34 zee So let me go through the bungee jump for you real quick
16:34 TheRealBill yeah I think you need to declare /etc/localtime and use file.symlink underneath it, the proble,m IRIC is using file.* multiple times in the same "namespace"
16:34 zee High level goal: Build a state file that allows me to build and deploy the discourse rails app simply by adding a role: 'discourseserver'
16:35 zee I chose CentOS as the target distribution because I am "too smart" for Ubuntu and "Too dumb" for arch
16:35 Corey zee: Oh dear. I've seen something similar that wound up handling the entire ruby stack, auser came up with it.
16:35 Corey zee: Hey now, be nice.
16:35 denstark TheRealBill: Ok, let me take a swing at that
16:36 zee I am teasing
16:36 zee I really should just switch to Ubuntu. CentOS has been no end of trouble for me.
16:36 TheRealBill zee:  something like this: https://gist.github.com/TheRealBill/6105634 though I haven't tested it.
16:36 zee @TheRealBill, how does localtime affect this?
16:37 doublerr joined #salt
16:37 TheRealBill zee: I jsut rearranged the snippet you sent. ;)
16:37 zee The odd part is I had this working yesterday before I rebooted the system
16:37 zee I think you mean denstark
16:37 TheRealBill zee: whoopps, yeah I meant denstark
16:37 zee Which tells me something on my minion is enforcing /bin/bash in the runas
16:38 doublerr joined #salt
16:38 zee $- is output as "hBc"
16:39 owensbla joined #salt
16:41 zee Which I think means that it's running as non interactive
16:41 chrisgilmerproj hey all, if my minion says that the master has cached its key then what reason would it not show up in the master's set of keys?
16:43 forrest @chrisgilmerproj Does it fail to auth?
16:43 chrisgilmerproj i have debug on and it just says its waiting for the master to accept the keys
16:43 chrisgilmerproj but the master doesn't list it
16:43 chrisgilmerproj the master is on debian wheezy and this minion is on debian squeeze
16:43 chrisgilmerproj but i assumed that wasn't an issue
16:43 forrest Did you clear the cache already to force it to rebuild?
16:44 chrisgilmerproj oh no, how do you do that?
16:44 MZAWeb left #salt
16:44 salty456 joined #salt
16:44 forrest rm -rf /var/cache/salt/* would be how I'd do it on cent/rhel
16:44 forrest shoudl be the same for debian
16:45 chrisgilmerproj is there a salt command that will do that?
16:45 forrest I don't know
16:45 chrisgilmerproj hmmm
16:46 chrisgilmerproj ok, so i'll definitely try that out
16:46 forrest also, on the master what happens when you do salt-key -L?
16:46 forrest you don't see the box in that list right?
16:46 chrisgilmerproj i see all my other minions
16:46 chrisgilmerproj yeah, i don't see it
16:47 forrest there's no dups right?
16:47 forrest name wise
16:47 chrisgilmerproj yeah, no dups
16:47 forrest and the minion is able to connect to the machine, just fails to authenticate once it connects?
16:49 chrisgilmerproj yeah, it just says its been cached by the master
16:49 chrisgilmerproj i assume if it couldn't talk to the master it would give me a different message
16:49 chrisgilmerproj its in that 10sec loop waiting to authenticate
16:50 avienu Good morning! Is there a ssh.create_key(user,'rya') ?
16:50 denstark TheRealBill: That seems to have worked :)
16:51 forrest @avienu http://docs.saltstack.com/ref/modules/all/salt.modules.ssh.html
16:51 denstark man, salt is sweet
16:51 zee Yea, this is really bothering me.
16:51 forrest whoops sorry avienu: http://docs.saltstack.com/ref/modules/all/salt.modules.ssh.html#salt.modules.ssh.set_auth_key
16:51 forrest is that what you're looking for?
16:51 zee I'm guessing I should install salt from source so I can start tweaking the source code and submit a pull request
16:51 salty456 Hey all -- getting a weird error when trying to run simple pkg installs on a standalone minion: http://pastebin.com/jg4SbcBt
16:51 avienu forrest: Yah, I can put an ssh key there with that. But how do I create one from scratch?
16:52 krak3n` joined #salt
16:53 salty456 btw, I haven't signed on IRC for years…sry if I'm totally busting etiquette
16:53 forrest @avienu I don't know if you can do that, yea I don't know if you can do that.
16:53 avienu My use case is that I want the minions to be able to connect to a git server to download the source code that they need. So, I need the minions to create an ssh key and then set their public key on the git server. Unless someone knows a better way of getting them a copy of the repository.
16:53 druonysus joined #salt
16:53 druonysus joined #salt
16:54 zee @avienu, I'm not sure you want minions making changes to who has access control of a git server
16:54 saurabhs joined #salt
16:54 zee You may want to use a shared username/password so that you can invalidate it in the case of a leak
16:54 forrest chrisgilmerproj, I don't know enough about the auth process on salt, does the authentication, and connection occur at the same time? Or does it establish a connection, then try to auth? Can you confirm connectivity on 4505/4506 from the minion to the master?
16:55 zee and not let minions have the power to change the master
16:55 bhosmer joined #salt
16:55 jeffasinger avienu: I don't know if this is correct, but I've done it once in a very small installation. I created a read only key that gave read access to a git repository, then used salt to distribute that private key
16:55 robbyt joined #salt
16:55 avienu zee: Well, EugeneKay was saying that I'd use salt to add the minions public key to gitolite as read-only.
16:55 chrisgilmerproj forrest: I'll have to check it out
16:55 chrisgilmerproj i had hoped it would just be picked up but I guess I need to dig in a bit deeper
16:55 zee Got it
16:56 zee Does this have to happen in a state file?
16:56 zee What if you used something like cmd.run 'cat /home/<user>/.ssh/id_rsa.pub' and used the output on the master
16:56 zee that way you have to instigate the 'add this minion to gitolite' process/
16:56 avienu zee: I'd have to use a returner or something to have the salt-master have the gitolite master give access. In terms of security, gitolite should control them from not being able to manipulate the repository and I can always shut off their access. Plus, if a minion is hacked they have the source code anyway.
16:57 TheRealBill denstark: nice, glad to hear :)
16:57 forrest @chrisgilmerproj Yea see if you can confirm 100% that the minion is indeed connecting to the master, and then maybe try clearing those cache files to see if there's an issue there.
16:57 avienu zee: Yah, I thought about something like ssh-keygen -t rya via cmd.run but it feels inelegant.
16:57 zee @avienu I haven't dabbled with returners yet, so I have no idear :D
16:58 avienu jeffasinger: Yah, that would work. I could avoid having to deal with returners too.
16:59 herlo left #salt
16:59 dlindquist joined #salt
17:00 chrisgilmerproj forrest: clearing the cache didn't work so I'm going to try and see if there's a connection problem
17:00 forrest ok cool
17:01 forrest After you cleared the cache does it still say it's registered with the master? Or did it not regenerate the cache files.
17:01 chrisgilmerproj yeah, it says its still registered with the master
17:01 chrisgilmerproj it did regenerate all those files once i restarted the master and minion
17:01 forrest Hmm that's od.
17:01 forrest *d
17:02 zee Well, I'm giving up and just using cmd.run in my state to do the install. Hopefully it doesn't bork :X
17:03 jacksontj joined #salt
17:05 Ryan_Lane joined #salt
17:09 whiskybar joined #salt
17:09 denstark Getting an issue with my service state for httpd, not sure what I'm doing wrong: http://tny.cz/cbe64c48
17:09 denstark Please excuse my syntax issues if that's just the case, brand new to salt and converting my puppet manifests over
17:10 dlindquist left #salt
17:10 jpeach_ joined #salt
17:10 rmt joined #salt
17:13 devinus joined #salt
17:17 TOoSmOotH joined #salt
17:17 gwar9999 joined #salt
17:18 StDiluted denstark: taking a look
17:19 StDiluted den stark, I can tell you why that doesn't work
17:19 StDiluted http://tny.cz/35862769
17:20 StDiluted salt doesn't like when you mix dot notation and colon notation for stuff
17:20 jeddi StDiluted: is that that weird yamlness thing going on?
17:20 StDiluted and also whitespace is not recommended
17:20 StDiluted I'm not sure why you can't mix the two, but I saw it in the salt docs somewhere
17:21 jeddi denstark: this page is worth a read, but this # in particular (not sure it's appropriate here, but looking at your style of yaml it may bite you later too)  http://docs.saltstack.com/topics/troubleshooting/yaml_idiosyncrasies.html#yaml-does-not-like-double-short-decs
17:21 forrest_ joined #salt
17:21 jeddi though *that* page intimates that your snippet *should* work.
17:21 gwar99991 joined #salt
17:21 StDiluted yeah that
17:21 jeddi StDiluted: when you say 'white space is not recommended' - do you mean empty lines within a single id / stanza?
17:22 gwar99991 left #salt
17:22 jeddi whenever i think i have my head around basic yaml, i go read that page again ... it's very unsettling.
17:22 denstark StDiluted: Thank you
17:22 denstark jeddi: You too, will read that doc
17:22 StDiluted did that work, denstark?
17:22 TheRealBill jeddi: it would/should work if it were pkg.installed: []
17:22 jeddi TheRealBill: aha.
17:22 TheRealBill but a bare pkg.installed shoulnd't, as I understand it
17:22 StDiluted ah
17:22 StDiluted that makes sense
17:23 jeddi i'm torn on the use of short decs.  i use them all over the place, but i find the mix-n-match style it implies might reduce readability .. and/or cause me grief later if i (accidentally) end up with a double-short-dec and then lots of head scratching.
17:23 TheRealBill I only know that because it was one of the first things to bite me. ;)
17:23 denstark StDiluted: Checking now
17:23 jeddi TheRealBill: so the syntax really does include the string " : []" at the end of that line?
17:24 _vimalloc joined #salt
17:24 TheRealBill jeddi: yeah. THink of it as a formatting thing. If you were a parser you would need a way to know the declaration was complete.
17:24 StDiluted so theoretically: http://tny.cz/c062905c would be fine?
17:24 jeddi TheRealBill: if i were a parser, i'd trust \n   :)
17:24 gwar9999 Apologies if this has been answered earlier.... my connection dropped last night when I posted this.......  Hey Salt gurus... Checking out salt and converting a puppet manifest to salt.... My test module manages a ton of files, most of which have the same permissions (user, group, mode). Puppet has a module-level default, is there a salt default implementation? That is, everything in the sls file shares the same perms but can be overridden f
17:25 TheRealBill theoretically, it should, yes.
17:25 cron0 joined #salt
17:25 StDiluted gwar99: check out file.directory, and the recurse statement
17:25 jacksontj StDiluted: it sounds like he isn't doing "recursion" but wants defaults for the state file
17:26 jeddi depends what happens with the 'overridden fo ... ' qualification :)
17:26 denstark StDiluted: Seems to have worked, i now understand the distinction. I can just not use dot notation to clear that up
17:26 salty456 joined #salt
17:26 StDiluted yeah, I don't think there is a way to set that, but that would be a great feature to add
17:26 jacksontj gwar9999: can you open an issue on github for that?
17:26 StDiluted denstark: sure. I use dot notation when it's just a package i want installed with no other args
17:26 jacksontj I think that would be easy to add, and would be an awesome addition
17:27 jacksontj what i do for those types of things now is i add the list of files in a pillar, and then have the state file be a loop over that pillar data structure
17:27 jacksontj then you can have a .get('KEY', DEFAULT)
17:27 StDiluted ah, yeah you could use a for loop in jinja to do it as well
17:28 gwar9999 StDiluted: Thanks for the suggestion but at others have commented that isn't exactly what I'm looking for.... The files belong to many different paths (/var, /etc, /opt) but most have the same user (root), group (foo), file mode (750), dir mode (550), etc...
17:28 TheRealBill I can't help but hear Mongo from Blazing Saddles when I read the header for http://docs.saltstack.com/topics/troubleshooting/yaml_idiosyncrasies.html#yaml-support-only-plain-ascii
17:29 StDiluted gwar9999: yeah I think the best way to do that currently in salt would be with a for loop
17:29 forrest joined #salt
17:30 JasonSwindle joined #salt
17:31 gwar9999 StDiluted: thanks, that might work, but not sure if it's ideal.  Puppet's implementation seems a bit cleaner :(
17:31 denstark Now a user doesn't seem to want to be created, but it's giving me no reason why: http://tny.cz/74d3c45b
17:31 StDiluted gwar9999: agreed. I think that would be a great feature to add.
17:32 denstark Well, other than it cannot creat ethe user, but I got that part ;)
17:32 StDiluted gwar9999: you could open an issue or hack it up, and submit a pull
17:32 StDiluted does the www group exist?
17:32 StDiluted denstark^^
17:33 salty456 KeyError: 'pkg.list_pkgs'  *shudder*
17:33 denstark StDiluted: It should, I have it defined there as well (with a require) -- but yes, it was created successfully
17:33 StDiluted does the apache group exist?
17:33 gwar9999 StDiluted:  I'll open a ticket on GH.  I'm not too familiar with the saltstack codebase (yet).
17:33 denstark Yes, I checked that as well, but I can add a require in for that as well
17:33 StDiluted if the group in groups doesn't exist it won't create the user
17:34 denstark Right, it does exist
17:34 StDiluted denstark: one way to test and actually see the errors is to get on the minion you're testing with and run salt-call -l debug state.sls statename
17:34 StDiluted then you'll actually see the error it's throwing
17:35 denstark Awesome, let me do that
17:36 jslatts joined #salt
17:37 kermit joined #salt
17:37 denstark Oh, interesting. It's throwing: http://tny.cz/b1ccf559
17:38 jeddi i'm sure there are pastebins that don't track me and don't show me adverts.
17:39 Linz joined #salt
17:39 denstark Got it, had to add www under groups
17:39 denstark jeddi: sorry, didn't relize it did, I can use a different one
17:40 jeddi denstark:  no biggy. i'm also fond of colour / syntax highlighting pasties now .. spoiled after so many years of syntax highlighting in vim.   colours alone can hint at errors so beautifully :)
17:40 StDiluted glad you figured it out, denstark
17:40 StDiluted den stark, gist.github.com is good
17:41 denstark StDiluted: sure, I'll do that
17:41 salty456 sorry guys, I really need some help here -- can someone tell me what the protocol is here? is there a queue or something? I'll gladly take a number
17:42 forrest There's no queue Salty, people just kind of answer questions that they might know the answer to
17:42 StDiluted what's up, salty
17:42 salty456 cool
17:42 racooper salty456,  the protocol is to post your question then please be patient.  We all have lives outside of IRC too, and when someone who knows the answer is available they'll help.
17:42 salty456 awesome…well, I'm assuming I'm an idiot, and you guys'd be able to prove that
17:42 salty456 just trying to install git through salt
17:43 salty456 git.sls is just
17:43 salty456 git:
17:43 salty456 pkg.installed
17:43 salty456 but then I get http://pastebin.com/jg4SbcBt
17:43 forrest can you please try
17:43 forrest git:
17:43 forrest pkg:
17:43 forrest - installed
17:44 salty456 just tried…owned again
17:44 StDiluted nah that's something different
17:44 salty456 same error
17:44 StDiluted short notation should work fine in his case
17:44 salty456 it's happening with all 'yum-only' commands
17:44 StDiluted salt is trying to call pkglist_pkgs
17:44 salty456 like it's copying files from templates just fine, making dirs ok, etc
17:44 StDiluted on the minion and that's failing
17:44 salty456 yeah
17:44 salty456 well
17:44 salty456 sry - this is a standalone minion
17:45 StDiluted idoes yum work on the machine?
17:45 salty456 yes
17:45 forrest on your pastebin you've got it installed
17:45 salty456 in that paste, I copied the output of yum install git
17:45 salty456 yes, but the error should then be different, right?
17:45 forrest did you get the same error when it wasn't installed?
17:45 salty456 like "already installed" or something…not throw a trace
17:45 StDiluted what about salt-call pkg.list_pkgs from the command line
17:45 salty456 nope
17:45 dthom91 joined #salt
17:46 salty456 Function pkg.list_pkgs is not available
17:46 salty456 using version 0.15.3
17:46 salty456 I googled this error and saw that it was fixed in 0.12.x
17:46 StDiluted try pkgutil.list_pkgs
17:46 salty456 and then it was ubuntu only
17:47 gwar9999 StDiluted: issue 6405 created.
17:47 salty456 Function pkgutil.list_pkgs is not available
17:47 StDiluted gwar: right on
17:48 StDiluted I'm on 0.16.0 and pkg.list_pkgs works
17:48 salty456 aight…lets see if an upgrade works
17:48 salty456 StDiluted: centos6?
17:48 StDiluted upgrade the master first
17:48 StDiluted then the minion
17:49 salty456 it's standalone
17:49 StDiluted no, ubuntu, unfortunately for comparison
17:49 StDiluted oh
17:49 salty456 ok
17:49 salty456 I got this to work with Vagrant on my local
17:49 StDiluted but they changed the syntax for that from .15.3 to .16.0
17:49 salty456 ahh
17:49 StDiluted from pkgutil.list_pkgs to pkg.list_pkgs
17:49 austin987 joined #salt
17:49 denstark Is there any way to manage a yum repo from a salt state file? I see this doc: http://docs.saltstack.com/ref/modules/all/salt.modules.yumpkg.html#salt.modules.yumpkg.mod_repo but that seems to be only for running from cli?
17:50 forrest Do you mean actually modifying and changing packages denstark?
17:50 StDiluted denstark: https://salt.readthedocs.org/en/v0.16/ref/states/all/salt.states.pkg.html
17:51 StDiluted and https://salt.readthedocs.org/en/v0.16/ref/states/all/salt.states.pkgrepo.html
17:51 denstark StDiluted: Thanks, google did not provide with my search terms
17:51 StDiluted salt.readthedocs.org is the best place I've found for reference so far
17:52 denstark Ok, I will use that (was using docs.saltstack.com)
17:53 bhosmer joined #salt
17:54 forrest They're the same docs
17:54 forrest readthedocs just has some better search functionality.
17:55 StDiluted yep
17:58 tomeff joined #salt
17:58 hhhhddddd joined #salt
18:00 Gifflen_ joined #salt
18:01 Gifflen joined #salt
18:02 aranhoide joined #salt
18:02 jacksontj joined #salt
18:05 berto- joined #salt
18:07 KyleG1 joined #salt
18:12 KyleG joined #salt
18:13 Linz joined #salt
18:14 aranhoide left #salt
18:18 cnelsonsic joined #salt
18:18 owensbla left #salt
18:18 jschadlick joined #salt
18:20 forrest @chrisgilmerproj Did you have any luck figuring out the auth issue?
18:22 krissaxton joined #salt
18:22 UtahDave joined #salt
18:22 jacksontj joined #salt
18:24 chrisgilmerproj nope, still stuck
18:24 chrisgilmerproj i figured one problem might be permissions of some sort but I have nothing yet
18:25 chrisgilmerproj i'm also not sure how to listen on port 4506, my netcat foo is failing me here
18:26 chrisgilmerproj thanks for helping me forrest
18:28 Gifflen_ joined #salt
18:32 abele joined #salt
18:34 salty456 joined #salt
18:35 bitz joined #salt
18:37 JasonSwindle Welcome back UtahDave!
18:38 qba73 joined #salt
18:40 JasonSwindle Oh, I see 0.16.1 is there in Github
18:41 JasonSwindle UtahDave:  I think I either found an issue, or it is JINJA being JINJA
18:41 forrest Heh
18:45 krissaxton left #salt
18:45 nineteeneightd joined #salt
18:45 Newt[cz] joined #salt
18:47 whit joined #salt
18:47 aboe joined #salt
18:49 jesusaurus jinja will be jinja
18:51 JasonSwindle This is what I am seeing; https://gist.github.com/JasonSwindle/481d1709b03ed76cede2 UtahDave
18:51 dthom91 joined #salt
18:52 KyleG joined #salt
18:52 KyleG joined #salt
18:52 teampoop_ joined #salt
18:53 nineteeneightd joined #salt
18:53 jbraeg joined #salt
18:55 ipmb joined #salt
18:56 UtahDave hey, JasonSwindle!
18:58 mikedawson joined #salt
18:58 UtahDave JasonSwindle: Well, I think what's happening is this:
18:59 UtahDave JasonSwindle: The yaml file is templated with jinja.  The jinja returns whatever it's going to return. Then the file is templated with whatever is returned.
18:59 StDiluted hey UtahDave
18:59 UtahDave JasonSwindle: if the return from the publish.publish call is the same both times, then it templates the file with the same data, and so it returns True that the file is templated correctly.
19:00 UtahDave Hey, StDiluted!
19:00 UtahDave How's it going?
19:00 StDiluted going pretty well!
19:00 StDiluted just eating some lunch
19:00 JasonSwindle UtahDave:  We are also running into a chicken and egg issue
19:00 JasonSwindle Webheads need postgres to configure their settings files
19:01 JasonSwindle postgres needs webheads to allow connections in
19:01 JasonSwindle Which comes first?  The only way I find to fix it is to re-highstate
19:02 locke joined #salt
19:03 UtahDave JasonSwindle: You might want to use an overstate.
19:03 JasonSwindle Oh?
19:03 JasonSwindle That is a new term to me
19:03 UtahDave first configure the webheads with the correct postgres IP.
19:03 UtahDave Then have postgres machine query for webheads to allow for firewall rules
19:04 JasonSwindle lowstate, highstate, overstate, omgstate
19:04 UtahDave :)  yes, there's a lot of jargon there.
19:04 KennethWilke omgstate = presentstate
19:04 KennethWilke wait, flip that
19:04 JasonSwindle KennethWilkeState
19:05 KennethWilke that is a state of awesomeness, i tell you what
19:05 UtahDave lol, thanks for making me look good in front of my bosses, KennethWilke!
19:05 KennethWilke lol no problem
19:06 JasonSwindle Let me look up this overstate....
19:06 UtahDave I share this quote quite often, "Oh! UtahDave isn't in IRC!!!!! WE ARE EFFFEd!!!!   WE ARE EFFED!!!!!"
19:06 KennethWilke lmao
19:06 KennethWilke i did not say effed sir!
19:06 UtahDave My favorite quote ever!
19:06 KennethWilke [effed]
19:06 KennethWilke lol
19:06 JasonSwindle UtahDave:  BTW, what is new in 0.16.1?
19:06 UtahDave Yes, I then say that you didn't say effed.   lol
19:07 locke hi guys, i'm using salt to install specific version of packages on Ubuntu. Sometimes that version simply vanishes from repositories. Do you guys have some advice on this? (it's not a saltstack problem, indeed.) Now, I'm downloading each .deb and storing in S3 to install with attribute "sources" of pkg.installed, but this is getting hard to maintain.
19:07 UtahDave JasonSwindle: I've been out of town while 0.16.1 has been worked on. So I'm not 100% sure, but it's supposed to be only bug fixes, no new features
19:07 JasonSwindle kk
19:08 JasonSwindle UtahDave:  Reading over overstate
19:08 UtahDave cool
19:08 JasonSwindle KennethWilke:  Stop by my desk when you can.
19:09 aat joined #salt
19:09 timl0101 joined #salt
19:09 UtahDave locke: Yeah, you're going to have to either maintain your own local apt repo, or keep the debs you want in a specific location
19:10 locke UtahDave, i wonder how hard could be to Ubuntu not agressively delete old packages
19:11 locke but, seems like it's the only way
19:11 dthom91 joined #salt
19:11 KennethWilke locke: ubuntu is right, and you are wrong! lol
19:12 UtahDave locke: we have the same problem with the Salt ppa.  they don't keep the older versions around, so we're going to host our own ubuntu repo in addition to the ppa
19:12 locke KennethWilke, i cannot agree more
19:12 KennethWilke locke: i fall into this wrongness as well :(
19:12 KennethWilke i always forget to pip install git python vs apt-get
19:13 locke own apt repo,  there we'll go
19:13 JasonSwindle I always just use git tags
19:13 JasonSwindle but that may not help
19:15 locke thanks guys
19:16 UtahDave np
19:17 locke do we have a changelog or something like it for 0.16.1?
19:18 locke i like to read changes of my favorite projects in my breakfast
19:20 JasonSwindle It just dropped
19:20 mephx joined #salt
19:21 JasonSwindle locke:  https://github.com/saltstack/salt/commit/2c7b6f82e5e95486961beb61e809555e7b9e519e
19:21 mephx what up yall. I started getting a "TypeError intercepted: list indice
19:21 mephx s must be integers, not str"
19:21 locke JasonSwindle, great
19:21 mephx after adding a simple file.managed
19:21 mephx is this an issue with 0.16?
19:23 drawsmcgraw joined #salt
19:23 drawsmcgraw Any advice on setting a box's hostname via Salt?
19:24 drawsmcgraw Alternatively, has this been resolved? --> https://github.com/saltstack/salt/issues/4390
19:26 salty456 joined #salt
19:28 Corey drawsmcgraw: We talked about exactly this at the LA branch of the salt sprint on Saturday.
19:28 Corey I think it was dlinquist that brought it up.
19:28 dthom91 joined #salt
19:28 Corey dlindquist, even.
19:29 basepi_ joined #salt
19:30 m_george- joined #salt
19:30 jaequery_ joined #salt
19:31 drawsmcgraw Corey: Ah. So..... stay tuned, is what I'm hearing(?)
19:31 m_george left #salt
19:32 joeTSUNAMI joined #salt
19:32 scott_walton joined #salt
19:32 sw__ joined #salt
19:32 StDiluted drawsmcgraw: are you using AWS or local boxes or….?
19:32 jalbretsen1 joined #salt
19:32 joeTSUNAMI where can i look to see what bug fixes will be included in the next release?
19:32 marcinkuzminski joined #salt
19:33 owensbla joined #salt
19:33 marcinkuzminski joined #salt
19:33 marcinkuzminski joined #salt
19:33 coolj joined #salt
19:34 drawsmcgraw StDiluted: local boxes
19:34 Nitron joined #salt
19:34 drawsmcgraw It's all a dev environment now. No production just yet
19:35 StDiluted I'm using a script to set it from user-data on AWS, but not sure how you'd do it locally other than maybe DNS and an external pillar?
19:36 denstark Hrm, so if I have an if statement like the following, I get errors if the machine i'm applying the sls to does not have that grain set: https://gist.github.com/anonymous/e5d03111b8c8fc903731
19:37 drawsmcgraw StDiluted: Ah. Yeah, I was wondering about some clever solution involving some outside knowledge. I'll let my subconcious chew on it for a bit and come up with something. Thanks!
19:37 akshayms joined #salt
19:38 denstark Sorry, this is a gist with the errors: https://gist.github.com/anonymous/44b544127fafa80f9ee4
19:38 dthom91 joined #salt
19:38 pmcg joined #salt
19:38 drawsmcgraw Unrelated: Any known methods (or modules) to enforce the user accounts on a system?
19:38 drawsmcgraw As in, if I see a user on a system that I'm not expecting, remove it
19:38 StDiluted den stark, put in an else with your default case
19:38 yota joined #salt
19:38 fxhp joined #salt
19:39 zooz joined #salt
19:39 drawsmcgraw I'm thinking of a script that detects an unexpected user account, then drops a message into the bus for a Reactor file to take care of.
19:39 drawsmcgraw But am open to other solutions
19:39 forrest joined #salt
19:39 StDiluted sorry, my irc client keeps putting a space in your name, denstark
19:40 denstark StDiluted: ah, gotcha
19:42 JasonSwindle UtahDave:  Can the overstate match on grains?
19:42 denstark StDiluted: Know of a reference for salt's conditional statements?
19:42 JasonSwindle the matching example is a little lacking
19:43 StDiluted denstark: you need a reference for jinja conditionals: http://jinja.pocoo.org/docs/templates/#list-of-builtin-filters
19:43 logix812 joined #salt
19:44 denstark Thank you :)
19:44 StDiluted welcome
19:45 krissaxton joined #salt
19:45 waverider joined #salt
19:49 denstark Hrm, added an else but still getting the error about the grain not existing
19:50 denstark https://gist.github.com/anonymous/0323c385caa74ed66026
19:50 nineteeneightd joined #salt
19:52 cedwards basepi: ping re: bug #6407
19:52 basepi cedwards: hehe, totally missed the [FreeBSD] in your title.  =P
19:52 basepi sorry for the redundant request.
19:53 cedwards basepi: if you've got a FreeBSD machine to test on I can help you update the port
19:53 basepi cedwards: for some reason it looks like there's no 'os_family' grain being populated for FreeBSD.
19:53 basepi cedwards: i can spin one up on Rackspace -- didn't work so well last time, though, because i didn't know you had to point it to private repos for packages.  couldn't install anything!  =P
19:54 StDiluted denstark, hm, you may need to assign a grain like 'default' to anything that's not in 'dev' or at least have _something_ in the grain.
19:54 cedwards basepi: you can compile salt without a private repo. just takes a little longer (can't use bootstrap)
19:54 basepi cedwards: gotcha.  ya, i gave up pretty quick last time once I couldn't get it to bootstrap.  =)
19:54 cedwards basepi: or you can tweak bootstrap to point to my freebsd repo.. up to you.
19:55 denstark StDiluted: I see, interesting
19:55 denstark fair enough
19:55 basepi cedwards: give me a few minutes, let me get through a few more e-mails, make sure there are no other gamebreakers so far
19:55 basepi then i'll look into it
19:58 Xeago joined #salt
19:59 forrest As a repeat from earlier, does anyone know if https://bugzilla.redhat.com/show_bug.cgi?id=844710 has had any further discussion? I know it's just a RHEL thing and I plan to submit a pull to update the docs so they're accurate, but it's still a nuisance for people to find that.
19:59 blee_ joined #salt
20:00 cedwards basepi: os_family exists in 0.16.0. reports 'FreeBSD'
20:01 david_a joined #salt
20:01 basepi cedwards: thanks.  now to figure out what changed between 0.16.0 and 0.16.1 in the grains world.
20:01 basepi the answer is "a fair bit" i think
20:03 basepi cedwards: the weird thing is that that grain should *always* be available -- it should default to UNKNOWN if it can't figure it out.  =\  still looking for the problem.
20:06 jpeach_ joined #salt
20:06 basepi spinning up a freebsd machine now.  i'd love your help getting it working, cedwards.  pointing to your private repo and then bootstrapping should work
20:07 cedwards basepi: hopefully pushing the broken package to my repo doesn't break anyone else..
20:08 cedwards basepi: safer, although longer, if you build it from source.
20:08 basepi cedwards: well, maybe don't push salt there
20:08 basepi if you can just get me the salt dependencies, then i can install salt from source
20:08 basepi i just couldn't install *anything* on freebsd last time i tried
20:08 basepi i was thoroughly embarrassed.  =P
20:10 helderco joined #salt
20:10 cedwards basepi: it would be nice if they'd publish packages again. until then, there's always the ports tree.
20:10 owensbla left #salt
20:12 krissaxton joined #salt
20:13 basepi cedwards: so can you point me to a tutorial (or give me a quick run-down) on how to install salt (any version, i just need the dependencies) on freebsd?
20:14 cedwards basepi: checkout the ports tree 'portsnap fetch extract'. then 'make -C /usr/ports/sysutils/py-salt install clean'
20:14 cedwards basepi: that'll give you 0.16.0 and from there a couple changes and I can help you build 0.16.1
20:15 basepi cedwards: `python setup.py install --force` won't work?
20:15 dave_den joined #salt
20:15 basepi once you have dependencies taken care of?
20:15 Corey cedwards: Did you see an issue with 0.16.1?
20:16 Corey I may have introduced that bug on Saturday.
20:16 basepi ya, os_family grain is broken on freebsd, it's stacktracing the master
20:16 cedwards Corey: breaks on FreeBSD. os_family grain looks to be missing.
20:16 Corey Hmm.
20:16 salty456 joined #salt
20:16 Corey That's a red herring. It whines about os_family if there's another problem in core.py, I'm not entirely clear why.
20:16 Corey Checking.
20:17 basepi Corey: no, you may not understand.  it's erroring in apt.py when it tries to check os_family.  that key doesn't exist
20:17 basepi which should never happen
20:17 basepi if all else fails it should be UNKNOWN
20:17 basepi but never non-existent.
20:17 cedwards basepi: python setup.py might work--haven't tried, but that make command will build salt and all it's depends
20:18 basepi right.  once the dependencies are installed, setup,py *should* work.  we will see
20:18 basepi does that make command install git by chance?
20:18 Corey basepi: Take a look at core.py; when it assignes os_family, if not grains['os']: is when it gets set to unknown
20:18 basepi that's the one other thing i need.
20:19 dave_den anyone have a central TLS CA server setup that signs client CSRs from other minions?
20:19 cedwards basepi: it doesn't install from git.
20:20 basepi cedwards: how would i install git?
20:20 cedwards basepi: you could install git from my repo
20:20 basepi cedwards: sounds good to me.  how do i point to it?
20:21 cedwards basepi: add 'PACKAGESITE: http://166.70.213.133/${ABI}/' to /usr/local/etc/pkg.conf
20:21 cedwards basepi: then pkg install git. it should bootstrap pkgng at that point
20:22 basepi kk, i'll keep you posted if that works.  it's still running the first command i gave it
20:24 cedwards basepi: yeah. i wish there were a quicker way to just checkout select ports instead of the whole tree.
20:24 basepi life goes on
20:24 basepi cedwards: redbeard2 wants me to kick you in the shin
20:24 basepi ;)
20:24 basepi but i won't, because you've been a big help.  =P
20:25 cedwards basepi: give him the stink eye for me
20:25 cedwards basepi: judgeface.gif
20:26 basepi heh
20:26 basepi cedwards: so i'm honestly wondering, with all the pain you have to go through, why do people run freebsd?  what are the advantages? (off topic for this channel, but i don't much care)
20:26 cedwards too bad I couldn't come to the sprint this last weekend
20:27 cedwards basepi: i guess it doesn't seem like a lot of pain to me. checking out the ports tree initiall sucks, but you do that once.
20:27 cedwards basepi: the base OS is really solid. pf > iptables. jails are great for segregating users/services.
20:28 Corey basepi, cedwards: Send me a heads up when you sort out that bsd grain issue; a lot of the logic is shared for the MacOS stuff, which is what I was working on. Odd though, everything I did was bounded by a MacOS conditional.
20:28 basepi cedwards: cool.  now that i have some basic stuff installed i may have to play with it a bit.
20:28 cedwards cedwards: the ports tree essentially gives you a rolling release for packages if you like the latest versions, and you (optionally) use compile options if you're into that
20:29 basepi ya, if that's the case i doubt you broke it, Corey.  but we shall see.  =)
20:29 basepi i loved your OSX work over the weekend, it was awesome!
20:29 basepi cedwards: nice.  so once you're using the ports it's almost like gentoo, just installing everything from source?
20:30 cedwards basepi: all my servers, minus my home theatre pc, are FreeBSD at this point.
20:30 Corey basepi: So I can test it again on MacOS to make sure we're not going back and forth, that'd be ideal. :-)
20:30 cedwards basepi: gentoo sprang from trying to create a freebsd ports tree for linux, yeah
20:32 avienu FreeBSD is the only way to fly :)
20:32 StDiluted Daniel is a lunatic, but has some fun ideas!
20:32 StDiluted lol
20:33 basepi cedwards: `pkg install git` is just trying to reinstall pkg, not git
20:33 Corey basepi: I'd suspect it was I; "os_family" not matching was exactly how breakages in core.py manifested themselves on the Mac.
20:33 cedwards basepi: let it install pkg first, then try again
20:33 basepi Corey: curse you!  =P
20:33 Corey So git blame, start with my changes?
20:33 basepi ah, it worked that time, thanks cedwards
20:34 cedwards basepi: if that repo is working you could install salt and depends that way too
20:34 cedwards basepi: then we'll use the ports tree to manually build the latest
20:34 cedwards basepi: 'pkg install swig && pkg install py27-salt'
20:34 basepi i already installed salt from ports, so i think i'm good
20:35 cedwards oh, didn't know you were that far along
20:35 basepi =D
20:37 cedwards basepi: we do have some freebsd specific tweaks that happen in the packaging, so I don't know if setup.py alone will work.
20:37 cedwards basepi: but if you want to edit the Makefile in /usr/ports/sysutils/py-salt/ and s/0.16.0/0.16.1/' we can build the latest.
20:37 Corey Line 297 hits you and is mine.
20:37 Corey In core.py
20:37 Corey I don't THINK that'll do it.
20:38 cedwards basepi: you'll also need to run 'make makesum' in that directory and you should be set
20:38 basepi kk, one sec, i just want to see if setup.py works, for kicks and giggles
20:39 Corey It may not be me after all. Hmm.
20:39 cedwards basepi: fingers crossed, but paths are freeBSD specific so..
20:39 basepi cedwards: looks like setup.py worked.  i'm getting the same keyerrors now
20:39 cedwards how 'bout that
20:40 basepi luckily it tends to get the paths from the python executable running setup.py so it tends to be pretty cross-platform.  =)
20:40 devinus joined #salt
20:40 JasonSwindle Will an overstate be ran first if found when doing a highstate?
20:40 JasonSwindle From what I find, it should
20:42 basepi JasonSwindle: my brain thinks the answer is yes, but i haven't played with the overstate enough to be sure.
20:42 krissaxton joined #salt
20:42 JasonSwindle I am just getting into it because of the chicken and egg issue we face
20:43 jschadlick What would be the syntax for defining arguments for runners in a schedule?
20:43 TheRealBill joined #salt
20:43 basepi cedwards: where are the salt config files on freebsd?
20:43 avienu basepi: /usr/local/etc/salt
20:43 basepi i only see a minion.sample
20:43 basepi do i need to copy it into place?
20:44 cedwards basepi: yep
20:44 avienu basepi: Yah, you have to copy that to minion
20:44 basepi kk
20:45 waverider joined #salt
20:45 salty456 StDiluted: so I've got salt 0.16.0 installed (along with master and minion)…running standalone minion, still getting the same error: "Function pkg.list_pkgs is not available"
20:45 avienu avienu: If you didn't read that in the instructions you probably also didn't read you need to add salt_minion_enable="YES" to /etc/rc.conf and then /usr/local/etc/rc.d/salt_minion start  to start it
20:45 waverider left #salt
20:45 avienu :P
20:45 StDiluted salty456: that's really weird!
20:46 salty456 indeed…have been pulling my hair out as a result
20:46 avienu There's this other line too: salt_minion_paths="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin" . cedwards, is that needed as well in /etc/rc.conf? I put it there but wasn't sure
20:46 giantlock joined #salt
20:46 cedwards basepi: the port should have spit out post install steps
20:46 basepi avienu: well, i'm following the specialized cedwards instructions.  i also plan to run it manually each time, this is just to test a bug.  =P
20:46 avienu basepi: Ah, k
20:47 cedwards avienu: i think we've since added a patch so that adding salt_minion_paths to rc.conf isn't needed, but it doesn't hurt.
20:47 cedwards avienu: i still have it on all my boxes/jails..
20:47 basepi cedwards: ah, found the post-install instructions.  thanks.
20:49 avienu It'll be nice to have 16.1 so that status.loadavg works on FreeBSD.
20:49 basepi avienu: heh, first we have to stop it from stacktracing when you start the master......that's the bug i'm working on
20:49 Corey avienu: It works on OS X as well now.
20:50 avienu Corey: Nice!
20:50 Corey cquinn@quinntel ~/src/salt % sudo salt-call --local status.loadavg
20:50 Corey [INFO    ] Configuration file path: /etc/salt/minion
20:50 Corey Anyone object if we demote that INFO to a DEBUG?
20:51 SEJeff_work Corey, none
20:51 SEJeff_work Does anyone know off the top of their head if file.managed will follow the symlink when source:// is a symlink?
20:51 SEJeff_work or if it will make the destination on the minion a symlink
20:51 jschadlick Has anyone worked with passing arguments to runners within a schedule? I can't seem to figure out the syntax.
20:52 dthom91 joined #salt
20:53 Corey SEJeff_work: Pull request submitted.
20:54 Corey Ah, that's much better.
20:54 SEJeff_work merged :D
20:56 basepi Corey: looks like it was you.  at least the results of my git bisect point to you.  now to figure out what went wrong....
20:57 bostonian joined #salt
20:57 SEJeff_work basepi, Is it safe to say this has been fixed in master? [WARNING ] The function 'grains()' defined in '/usr/lib/python2.7/site-packages/salt/loader.py' is not yet using the new 'default_path' argument to `salt.config.load_config()`. As such, the 'SALT_MINION_CONFIG' environment variable will be ignored
20:57 dave_den is there a way to have a function in a state for one minion depend or interact with a state that runs on another minion? i want to create an SSL cert during a minion state for one minion, then immediately sign that cert on my ssl server minion that holds the CA file. not sure the best approach..
20:57 SEJeff_work dave_den, that is called an overstate, and yes that is totally possible
20:57 basepi SEJeff_work: 98% sure that's fixed in develop
20:57 SEJeff_work :D
20:57 Corey SEJeff_work: pep8? Pushed anyway.
20:57 SEJeff_work 98% of the time, basepi is right 100% of the time
20:58 basepi haha
20:58 Corey http://www.python.org/dev/peps/pep-0008/ Oh jeez.
20:58 dave_den SEJeff_work: i gues i was thinking of how it would work in a highstate, if possible
20:58 SEJeff_work dave_den, a highstate is for 1 minion. An overstate runs various states in groups on groups of minions
20:59 basepi Corey: wow, i have no idea how this commit could *possibly* cause that problem
20:59 Corey basepi: I've checked through a few times, I don't see where it did it.
20:59 Corey basepi: Yeah, there's something odd. Which commit?
20:59 basepi git bisect thinks this is the first bad commit:  https://github.com/saltstack/salt/commit/12f7e9bfb4cf6e3cad3aae21dba0899667af7e5b
20:59 Corey (At least I didn't do something OBVIOUSLY stupid)
20:59 basepi imma try reverting and see if it works, but it certainly doesn't *look* like it would cause it
21:00 JasonSwindle can an overstate match using grains?
21:00 JasonSwindle the current example is only web* or db*
21:00 SEJeff_work Corey, regardless, this isn't what you want: +    if grains['cpu_flags'] and not isinstance(grains['cpu_flags'], list):
21:00 SEJeff_work +        grains['cpu_flags'] = grains['cpu_flags'].split(' ')
21:00 SEJeff_work You should be more explicit
21:01 Corey SEJeff_work: How do you mean?
21:01 SEJeff_work ie: if 'cpu_flags' in grains and isinstance(grains['cpu_flags'], basestring): ...
21:01 Corey (I had help on that one, obviously)
21:01 basepi lol, reverting that fixed it
21:01 basepi wtf is going on?
21:01 SEJeff_work basestring is the type that returns true for both str and unicode
21:01 basepi i have no idea how that breaks os_family
21:01 basepi brb
21:01 SEJeff_work you can't split on a dict for instance, and in that code, it would try
21:01 salty456 StDiluted: and anyone else: any idea why I can install 'tree' via yum, but not through Salt? http://pastebin.com/2Fi1ibbT
21:02 Corey There's an obnoxious bug in the grains system that any breakage in core.py returns as os_family breaking.
21:02 basepi so it's just splitting a dict, eh?
21:02 SEJeff_work JasonSwindle, an overstate uses a top file, you can match using anything in the top file: http://docs.saltstack.com/ref/states/top.html#other-ways-of-targeting-minions
21:03 StDiluted same problem, salty456
21:03 StDiluted I don't know why that's happening to you though
21:03 SEJeff_work basepi, I have no clue what it is splitting, but that is bad code and should be fixed as I suggested so it is more explicit. Care to give it a go Corey?
21:03 SEJeff_work and do you understand why I'm suggesting you do it that way?
21:03 Corey StDiluted: I bet "tree" may be a special name.
21:03 JasonSwindle SEJeff_work:  ok, thx
21:03 Corey SEJeff_work: Yes and no, respectively.
21:03 salty456 Corey: 'tree' is a package…I get the same error when installing git, rpm-build, or any package that requires yum
21:04 StDiluted Corey: no, he can't install anything using pkg
21:04 SEJeff_work Corey, Well if cpuflags is a tuple, it will try to split, which would blow up horribly
21:04 SEJeff_work Corey, So you should say if this value exists AND it is a string type, split it
21:04 SEJeff_work which turns it into a list (by default)
21:04 SEJeff_work make sense?
21:04 Corey StDiluted: How did you install?
21:04 Corey SEJeff_work: Gotcha.
21:04 StDiluted Corey: it's not me, it's salty456
21:04 EugeneKay pkg_{{name}}:\n  - pkg.installed\n    name: {{name}}
21:04 EugeneKay ;-)
21:04 SEJeff_work Corey, Also, I'd suggest something even more bulletproof
21:05 salty456 Corey: the pas tie's got all the info, but basically a simple   tree:  pkg.installed
21:05 salty456 same for git, etc
21:05 SEJeff_work Corey, Instead of if netbsd:\n grains['cpu_flags' ] = [] ... if freebsd\n grains['cpu_flags'] = []
21:05 SEJeff_work At the top of that function, set grains['cpu_flags'] = []
21:06 krissaxton joined #salt
21:06 SEJeff_work then you have a default when the next if block is added as code is churned. I'm a defensive coder man, expect things to get rearranged and break
21:06 bitz joined #salt
21:06 EugeneKay I'm an offensive coder. Break it before somebody else does
21:07 SEJeff_work :D
21:07 jesusaurus does anyone have any good references for deploying mysql with salt?
21:07 StDiluted jesusaurus: I have a pretty good mysql state
21:07 forrest https://github.com/saltstack-formulas/mysql/tree/master/mysql
21:08 forrest there's a simple one
21:08 jesusaurus link?
21:08 StDiluted jesusaurus: I'd need to sanitize it, let me do that real quick
21:08 jesusaurus forrest: i was just looking at that, but it doesnt do anything like set root password
21:08 StDiluted jesusaurus: mine does.
21:08 StDiluted one sec
21:08 jesusaurus StDiluted: much appreciated
21:09 forrest @jesusaurus Yea I completely understand.
21:09 forrest StDiluted, if you have a good example you should commit it over there
21:09 forrest once you sanitize
21:09 StDiluted forrest: sure, I'll gist it
21:09 forrest cool
21:10 basepi cedwards: how do i install vim?  vi is slowly erroding my will to live
21:10 basepi pkg install vim isn't doing it
21:10 salty456 basepi: try vim-enhanced
21:11 cedwards basepi: vim-lite
21:11 basepi ah, there we go
21:11 basepi thanks
21:11 rookie joined #salt
21:12 avienu yay!
21:12 Corey SEJeff_work: Fixed and working.
21:12 Corey Pull requesting now.
21:13 forrest Does anyone have the docs for http://docs.saltstack.com/topics/tutorials/walkthrough.html pulled right now? Noticed a typo.
21:13 SEJeff_work forrest, Click through to that in the github webui and click "edit" it will automatically fork the repo to your account, create a new branch, and open up a web based text editor for you to fix it, then help you submit a pull request.
21:14 avienu So, if I do user.present and don't set password. Will one automatically get randomly generated ?
21:14 StDiluted Jesusaurus: https://gist.github.com/dginther/6107901
21:14 forrest @SEJeff_work yea I don't have my account logged in right now since I'm at work, otherwise I'd fix it. I'll do it when I get home.
21:14 StDiluted or vim-nox
21:14 SEJeff_work this is IRC, not twitter, please don't @username :)
21:14 SEJeff_work just username is fine
21:14 forrest heh ok
21:14 basepi Corey: wait.  terminalmage fixed it
21:15 basepi he hasn't been participating over here, and i didn't see him pinging me in our internal channel.  =P
21:15 basepi https://github.com/saltstack/salt/pull/6413
21:15 Corey Oh.
21:15 Corey Nevermind then.
21:15 Corey :-)
21:15 basepi hehe
21:15 StDiluted jesusaurus: let me know if you have questions. Also, I know I can use waatch_in: I hadn't discovered that yet when I wrote this.
21:15 StDiluted watch_in, rather
21:16 SEJeff_work Corey, basepi haha thats exactly what I suggested. win!
21:16 SEJeff_work Corey, that way it checks if the key is in the grains dict *first* and doesn't blow up if it doesn't exist
21:16 basepi which means i should have just pinged terminalmage to start out
21:16 basepi but at least now i have a working vm for freebsd for the future
21:16 SEJeff_work Corey, However, the isinstance logic should be fixed to: and isinstance(grains['cpu_flags'], basestring)
21:16 basepi and learned a bit.  =P
21:16 SEJeff_work terminalmage, ^^
21:16 SEJeff_work Yeah Erik is good peeps
21:17 basepi ya, he fixed the *actual* issue, but we still need to change the basestring part
21:17 SEJeff_work make the logic more explicit
21:17 basepi Corey: I can just fix it really quick if you want
21:17 SEJeff_work so future errors don't happen
21:17 Corey Go for it.
21:17 basepi kk
21:18 denstark Is it possible to specify a service to watch if a cmd.run happens to restart it? I have the following but it complains: https://gist.github.com/anonymous/0ea02142e24ace6d0f6c
21:18 jesusaurus StDiluted: thanks
21:19 jesusaurus so you're using debconf to seed the password to the apt package?
21:19 StDiluted jesusaurus: yep
21:19 StDiluted and you could use a pillar to put the password in if you like
21:20 StDiluted just template it instead of stating it
21:20 jesusaurus yeah, thats where my password is currently. im not very familiar with debconf, is it just the last 'password' that i would change?
21:20 StDiluted yep
21:20 dzen joined #salt
21:20 basepi https://github.com/saltstack/salt/pull/6414  <---- SEJeff_work
21:20 carxwol joined #salt
21:20 basepi good?
21:20 StDiluted mysql-server mysql-server/root_password password {{ pillar['mysql_password'] }}
21:21 jesusaurus okay, so s/password password/password {{ password }}/g would work for templating that file?
21:21 jesusaurus yeah
21:21 salty456 n00b question: just downloaded 0.16.1 -- how do I build it?
21:21 SEJeff_work basepi, yessir, you understand *why* you're doing that, correct?
21:21 jesusaurus thanks a ton StDiluted !
21:21 basepi definitely.
21:21 StDiluted and also root_password_again
21:21 StDiluted jesusaurus: no problem
21:21 basepi non-list types can not always be split
21:21 basepi but basestrings always can.  =)
21:21 StDiluted forrest, you catch the gist i posted?
21:21 SEJeff_work basepi, :)
21:21 SEJeff_work thanks
21:22 stevetodd joined #salt
21:22 salty456 just setup.py install?
21:22 salty456 yep
21:22 salty456 :)
21:23 forrest StDiluted, no I didn't
21:24 forrest I see it now though
21:24 StDiluted cool
21:24 terminalmage SEJeff_work: Corey: basepi: cool, I was more concerned with fixing the traceback, I didn't know the greater context
21:24 basepi hehe, funny thing is you narrowed down the traceback better than we did anyway
21:24 avienu Not setting the user.present password sets it to *, effectively disabling it. Perfect!
21:24 basepi we kind of fixated on the basestring thing from my last pull req
21:24 SEJeff_work terminalmage, basepi git bisected the error to that commit, I looked at the code and saw how it could break
21:24 Corey Yeah, sorry I broke it.
21:25 SEJeff_work so all around win
21:25 SEJeff_work and everyone point and laugh at Corey!
21:25 Corey :-(
21:25 StDiluted avienu: nice
21:25 basepi Corey: <3
21:25 Corey Or the idiot who trusted a commit from me. :-)
21:25 SEJeff_work Corey, At my work, we have a dunce cap
21:25 terminalmage hahah
21:25 basepi KILL THE MERGER OF THE PULL REQ
21:25 StDiluted *points and laughs*
21:25 Corey To be fair, the failure mode is somewhat non-obvious.
21:25 SEJeff_work for the last person who broke prod
21:25 SEJeff_work we come in peace, SHOOT TO KILL!
21:25 jeffasinger I just installed salt with salt-bootstrap, started the master, and then received "Failed to authenticate, is this user permitted to execute commands?" as root, any ideas why?
21:26 terminalmage SEJeff_work: we're going to get serious about a Chicago location for the next sprint in October
21:26 terminalmage you need to attend
21:26 SEJeff_work terminalmage, Oh fsck yeah! Count me in
21:26 SEJeff_work most def
21:26 SEJeff_work I've been away from salt for a bit, need to get back into the mix of things
21:26 terminalmage yeah, SLACKER!
21:26 SEJeff_work house hunting and whatnot kills free time (so does a new kung fu class :D)
21:26 terminalmage :P
21:26 forrest jeffasinger, which part did it fail at?
21:27 SEJeff_work terminalmage, I'll bring beverages to the Chicago salt sprint location
21:27 forrest or have you not jumped in that far yet
21:27 jeffasinger Ahhh, sorry, didn't finish my story. the master started fine, then I ran salt '*' test.ping, which failed with that error
21:27 terminalmage SEJeff_work: bring plenty of belgian tripel
21:27 terminalmage :D
21:27 jeffasinger This is ubuntu 12.04
21:27 forrest oh, did you approve the key jeff?
21:27 SEJeff_work Can't remember who, but I brought one salt contributer a bottle of Mcallan 15 for the very first sprint
21:27 forrest on the master try salt-key -L
21:27 SEJeff_work The gent in Pasadena, CA /me thinks
21:27 Corey SEJeff_work: WHY WASN'T THAT FOR ME?!
21:27 SEJeff_work hahaha
21:28 salty456 Pasadena here too
21:28 jeffasinger Completely empty
21:28 SEJeff_work Corey, :D
21:28 forrest ok, so on the minion did you configure /etc/salt/minion with the location of your master?
21:28 SEJeff_work Because you ordered Vindaloo for me that you wanted to give to someone you hate
21:29 Corey SEJeff_work: *YOU* ordered that! I merely suggested it!
21:29 SEJeff_work hahaha you went over the top :P
21:29 SEJeff_work but it was dayum good
21:30 forrest jefasinger, check out http://docs.saltstack.com/topics/tutorials/walkthrough.html#setting-up-a-salt-minion
21:30 SEJeff_work Corey, Not as bad as the ghost pepper wings I had last week. For a great laugh of me tearing up: http://www.youtube.com/watch?v=_lDbQmyL7fc&amp;feature=em-upload_owner
21:30 terminalmage jeffasinger: if no "master" key is set up in the minion config, it's going to look for the DNS name 'salt'
21:30 terminalmage counting on the minion's DNS resolution to figure it all out
21:30 forrest seems like you're to that point. If after configuring the master you still don't see anything when you restart the service (on the master) it could be an issue with iptables
21:30 jeffasinger ahhh okay, that explains it, I had remembered it defaulting to localhost for some reason
21:30 salty456 After upgrading to 0.16.1, getting: "TypeError: list indices must be integers, not str"…trace: http://pastebin.com/j8p6utiD
21:31 Corey http://i.qkme.me/3uf63m.jpg <-- SEJeff_work
21:31 salty456 after running salt-call --local state.highstate
21:31 terminalmage SEJeff_work: oh wow
21:31 SEJeff_work Corey, :D yeah it was fun, XXX Ghost pepper wings from Jake Melnicks in Chicago. Awesome
21:32 terminalmage SEJeff_work: you're supposed to chew, just swallowing immediately is cheating :P
21:33 SEJeff_work terminalmage, Want to come do one with me? :P
21:33 terminalmage hahahaha
21:33 terminalmage no thanks
21:33 StDiluted <- growing some ghost peppers this year
21:33 UtahDave salty456: do you get the same error if running the highstate from the master
21:33 salty456 UtahDave: I've been running this as a standalone minion
21:34 terminalmage SEJeff_work: now, please tell me that you thoroughly washed your hands before using the bathroom
21:34 salty456 so I don't know…I'd have to set up a master
21:34 avienu Is this a bug? On user.present, if I set createhome to True but don't set home it won't create their home directory. I was *thinking* that I'd just be able to use the operating system default home directory location by not specifying it?
21:34 UtahDave salty456: that's fine.  Could you open an issue on this?
21:34 SEJeff_work terminalmage, scrubbed them with a vengence
21:34 terminalmage SEJeff_work: good man :)
21:35 salty456 UtahDave: sure thing -- one last thing: should i be using a higher version of Python than 2.6.6 for salt?
21:35 terminalmage I had a friend in college that did some super spicy wings, not sure if it was ghost pepper, and he just wiped them with napkins
21:35 UtahDave salty456: That should be fine. We support python 2.6 and 2.7
21:35 salty456 ok cool
21:35 terminalmage he was almost screaming in the bathroom
21:35 FreeSpencer joined #salt
21:36 SEJeff_work terminalmage, that would likely result in blisters. Ghost peppers are (depending on the specific plant) between 1.5mill and 3 mill schoville heat units. If you don't do super spicy, don't ever touch them, you'll get an ulcer unless you know wtf you're doing
21:36 StDiluted they are damn hot
21:36 terminalmage SEJeff_work: I already have ulcers
21:36 terminalmage heh
21:37 SEJeff_work boo
21:37 SEJeff_work My stomach was upset for about 2 days after that video
21:37 terminalmage the best part is that my GI doc doesn't know why
21:37 terminalmage so, that's comforting
21:38 SEJeff_work I make sure to never do uber spicy (ghost or scorpion peppers) on an empty stomach and without milk/yogurt/iced cream around just in case it is too much
21:39 terminalmage yeah my brother once was offered 20 bucks in high school to eat a habanero
21:39 terminalmage he did it on an empty stomach and promptly puked it up
21:39 terminalmage at the whole pepper
21:39 terminalmage s/at/ate/
21:40 SEJeff_work terminalmage, Those aren't so bad honestly: http://www.youtube.com/watch?v=aa3BAgpSWJA
21:40 StDiluted I think Habaneros are 300k scovilles
21:40 SEJeff_work 300-500k correct
21:40 SEJeff_work It all depends on the specific plant
21:40 terminalmage SEJeff_work: he's not the jedi master that you are, apparently
21:41 SEJeff_work I did that video to tease a friend who whined about a sliver of 1 habanero. They are pretty hot, but taste great. Ghost peppers taste awful
21:41 salty456 UtahDave: pardon my n00bness -- where do I file the issue? https://github.com/saltstack/salt?
21:41 terminalmage salty456:
21:41 terminalmage salty456: yes
21:41 UtahDave yep!  right there is great, salty456
21:41 UtahDave thanks!
21:50 UtahDave Andy Windows gurus in here that can help me with a icacls or subinacl   ?
21:51 Corey UtahDave: Not if you don't ask an actual que-- oh wait, what channel am I in?
21:52 UtahDave :)
21:52 doublerr joined #salt
21:53 salty456 joined #salt
21:55 campee joined #salt
21:55 campee left #salt
21:59 kermit joined #salt
22:01 StDiluted Anyone see a behavior where eyou bring up a vagrant, high state it, and then when you try to run high state (or any command via salt) again, the minion is not talking with the master?
22:07 VertigoRay joined #salt
22:08 forrest Is this a common thing to have happen in salt where it doesn't return any sort of output?
22:08 forrest http://pastebin.com/tpJza3HY
22:08 forrest After enabling iptables on the minion (confirmed port connectivity, as well as port 22 access) it doesn't return any sort of output saying the job finished, but the job isn't listed as active
22:13 StDiluted I've seen that before, yes, but I don't know what causes it
22:14 forrest Odd, it only occurs when iptables are enabled on the minion, and so far has shown up 100% of the time
22:14 StDiluted and ports 4505 and 4506 are open, UDP?
22:15 StDiluted (I think it's UDP, i could be wrong)
22:16 oz_akan_ joined #salt
22:17 StDiluted sorry it's TCP
22:17 StDiluted TCP 4505 and 4506
22:17 forrest yea 4505/6 are open for TCP
22:18 forrest according to the troubleshooting page it doesn't matter what the ports are on the minion
22:18 forrest but I've tested with with iptables enabled and disabled on the master, works fine there.
22:18 StDiluted you have to allow outgoing connections from your minions
22:18 forrest I already did
22:19 forrest Thinking that was the issue
22:19 StDiluted hrm, then I have no clue. sounds like an iptables problem but...
22:19 forrest yea I agree, seems like iptables are acting up
22:19 forrest I just don't get how the job is completing but not returning any output
22:19 StDiluted oh, it does complete?
22:19 forrest it doesn't show in the active jobs
22:19 forrest unless it goes into some sort of 'sleep'
22:19 StDiluted but the state is enforced?
22:20 StDiluted I've had salt not wait for output on states, but still complete the state
22:20 SEJeff_work I don't think you gents understand how salt works
22:20 SEJeff_work from the master you tell salt to run a job
22:20 forrest Yes I did
22:20 SEJeff_work say that job is: state.highstate
22:21 SEJeff_work The minion hears that it is supposed to run that job and starts running it. The cli client will timeout on the master when the timeout is hit, but that doesn't mean the job has stopped. However, if it says the job isn't active (assuming you're using the jobs runner) that is a problem
22:21 SEJeff_work I'd suggest setting the minion to debug level in /etc/salt/minion and watch the logs when you try to run a job
22:22 SEJeff_work forrest, from the minion, can you hit ports 4405 and 4406 on the master? You can test with telnet
22:22 AviMarcus joined #salt
22:23 forrest SEJeff_work yea I can
22:23 forrest that's where my confusion comes in
22:24 mgw joined #salt
22:24 chrisgilmerproj problems with saltstack debian repo?
22:25 chrisgilmerproj sorry, that's on my end
22:26 forrest I thought it was an issue with the master connecting to the minion, because telnet (regardless as to whether iptables are enabled, or disabled on the minion/master) fails to connect
22:26 SEJeff_work forrest, the master never connects to minions
22:26 forrest on 4505/6
22:26 SEJeff_work minions connect to the master
22:26 jslatts joined #salt
22:27 forrest right to check in
22:27 forrest and then run whatever job is set up
22:27 SEJeff_work forrest, http://docs.saltstack.com/topics/troubleshooting/index.html#what-ports-do-the-master-and-minion-need-open
22:27 forrest yea I already have that stuff configured.
22:30 forrest connections from the minion to the master over telnet on 4505, and 4506 with iptables enabled on both machine work
22:30 forrest I just don't get why there isn't any output when iptables are enabled on the minion
22:30 forrest regarding the job
22:30 forrest and it's not listed under active jobs.
22:31 forrest Does that make more sense SEJeff_work?
22:32 SEJeff_work forrest, That clearly sounds erroneous, would you mind posting that to the salt-users mailinglist?
22:33 forrest sure, what additional details are they going to want, I assume the information in iptables.
22:33 VertigoRay Is zeroMQ used by the minion as well?
22:34 SEJeff_work yes
22:36 jeddi it's zeroMQ all the way down.
22:37 VertigoRay Thanks -- I'm starting up some testing. Also, I have a few minions that are NAT'd remotely.  I was under the impression that the minion could be configured to check in to the master on an interval.  Not able to find docs on that, but probably not searching it right. Can someone point me to some docs on that?
22:37 mgw joined #salt
22:41 TheRealBill_ joined #salt
22:41 jeddi VertigoRay: the minion pretty much needs to have visibility (network transit) to the master.
22:42 jeddi VertigoRay: there are ways (but I have no experience with them) to use things like Salt Syndic - to turn the structure into a hierarchy.  Whether that complication is worth it - is a question left for the reader.
22:42 TheRealBill_ UtahDave: you around?
22:42 salty456 UtahDave: terminalimage: TypeError bug filed -- https://github.com/saltstack/salt/issues/6417
22:45 UtahDave salty456: thanks for filing that!
22:46 UtahDave hey, TheRealBill_: I'm back now
22:46 TheRealBill_ UtahDave: cool, sent a PM. :)
22:46 TheRealBill_ just in case you weren't.
22:47 VertigoRay jeddi: Thanks. The minion would have visibility to the master, but not the other way around (maybe same thing you're saying ... ?).  Some of the minions are located remotely and re-configuring the firewall isn't always an option, so I want them to check in on an interval.  I assume that's still going to mean I need to read up on Salt Syndic, through.
22:47 UtahDave VertigoRay: I don't think you need a syndic
22:48 UtahDave VertigoRay: The minions reach out to the master, so there's no problems with nat firewalls generally
22:54 VertigoRay UtahDave: Thanks.  I had thought communication was triggered by the master. Where can I read up more on the intervals and logic associated with a minion "reaching out" to the master?  Google is not being my friend today as I try to dig this info up.
22:55 RookieJared joined #salt
22:56 UtahDave It's a zmq pub/sub interface, so the minions listen on the pub interface of the master
22:57 oz_akan_ joined #salt
22:59 napperjabber joined #salt
23:02 VertigoRay UtahDave: oic, I need understand zmq pub/sub better then.  Thanks so much. :)
23:02 errr UtahDave: thanks for coming out to Rackspace this weekend. It was great meeting you and learning about Salt
23:02 UtahDave you're welcome!
23:02 mgw joined #salt
23:02 UtahDave Thanks for having me there!  I had a great time.
23:02 UtahDave errr: are you Ryan?
23:03 nmistry joined #salt
23:03 errr It was fun. Jordan said yall were there way later than when I left at 6:30, and Im Mike the one with the famous 1 line commit
23:03 Nitron left #salt
23:03 UtahDave Ah, cool.  Congrats on the commit!  That's how everyone starts.  :)
23:03 errr :D
23:08 FreeSpencer joined #salt
23:15 Singularo joined #salt
23:19 avienu So, if I have a managed directory, let's say /usr/local/test: How could I reference this with a "require" to make sure I've set the correct permissions before another section runs?
23:19 avienu For instance, the other section is a git.latest: and I want to make sure /usr/local/test has the right permissions for the user that git will run as
23:20 UtahDave - require:
23:20 UtahDave - file: /usr/local/test
23:20 blink___ joined #salt
23:21 tildehblanks joined #salt
23:21 avienu UtahDave: And that will check for the directory configuration that I set up not to make sure that the directory exists on the FS?
23:21 UtahDave your sls files NEVER look directly on the system for anything it checks.  It ALWAYS looks at other ID declarations you've defined.
23:21 tildehblanks left #salt
23:22 avienu UtahDave: perfect. Thanks!
23:22 avienu avienu: The "file" threw me.
23:22 UtahDave you're welcome, avienu
23:22 UtahDave the "file" part refers to the "state module" that you used to define the original
23:23 tildehblanks joined #salt
23:26 andrew_seattle joined #salt
23:26 andrew_seattle quit
23:27 cxz joined #salt
23:31 ulius joined #salt
23:36 D-BO joined #salt
23:39 eightyeight to boostrap script should not be passing '-y' to the repo package manager to install packages
23:39 eightyeight bad form
23:41 squelch joined #salt
23:41 squelch Hey, how can I use '%' as a host for mysql.grants
23:41 squelch apparently '%' cannot be used to start any token
23:44 D-BO I'm trying to pass the ip of eth0 to a file using "internalip: {{salt['network.ip_addrs']('eth0')}}" in my sls.  The file is being written but it's including the [' and '] around the ip.  SSH example:  ListenAddress ['192.168.1.43'].  Am I doing something wrong here?
23:50 krissaxton joined #salt
23:51 EugeneKay Use the name property of mysql_grants
23:51 chrisgilmerproj left #salt
23:51 EugeneKay And give your token a sane name
23:52 auser joined #salt
23:52 auser hey all
23:53 hazzadous joined #salt
23:55 jschadlick left #salt
23:56 mgw1 joined #salt
23:59 squelch thanks
23:59 squelch left #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary