Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2013-08-14

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:03 Jahkeup joined #salt
00:06 UtahDave good idea!
00:06 joehh ksalman: I'm expecting to upload the debian packages tonight (it is morning here though...)
00:06 UtahDave I'll have one of our new engineers take care of that in the morning, jesusaurus
00:07 UtahDave he had no idea all our docs were in the salt repo.  :)
00:08 jesusaurus :)
00:08 gamingrobot when using the windows installer for the minion where do we put custom modules/states
00:08 abe_music joined #salt
00:09 joehh multani: I've noticed this too. I'm cleaning up the init scripts before this upload (0.16.3) so hoping to resolve this issue
00:09 UtahDave gamingrobot: stick them in /srv/salt/_modules   and /srv/salt/_states  on your master.  Then run   salt \* saltutil.sync_all
00:10 forrest joined #salt
00:10 gamingrobot cool thanks dave
00:10 aat joined #salt
00:10 UtahDave you're welcome!
00:14 jpeach what's then right way do dal with conflicting SLS IDs for packages?
00:15 jpeach i.e. when you end up with 2 states that both locally require the same package
00:15 jpeach s/do dal/to deal/ :-/
00:15 UtahDave jpeach: create an arbitrary ID dec for each one
00:15 UtahDave jpeach: and use - name: <your package>
00:16 UtahDave under each one
00:17 jpeach ah
00:17 baniir is it possible to set grains with salt bootstrap
00:18 jpeach that's a little strange, since it means salt states aren't really independent .. I guess there's a global namespace that every custom state gets to pollute :)
00:18 kalmar joined #salt
00:19 UtahDave s0undt3ch: do you know if salt bootstrap can configure grains?
00:20 UtahDave jpeach: All the states get compiled into a big python dict.  Each of those ID declarations become a key in that dict.
00:20 LucasCozy joined #salt
00:23 ksalman joehh: thanks!
00:25 jpeach yeh, I can see how that's an implementation issue, I guess it surprised me a little
00:26 jpeach if you allowed the same name and it was global, then would the resulting definition be a union of all the local definitions? hard to say whether that would be the right thing
00:29 bhosmer joined #salt
00:30 jpeach UtahDave: thanks, this works well http://apaste.info/twfK
00:31 UtahDave nice. I was going to mention that you could do that, but I wasn't sure if these definitions were both in the same file
00:31 UtahDave that's perfect, jpeach
00:37 falican joined #salt
00:45 CaptTofu hey salt people
00:46 CaptTofu how do you take care of pockage dependencies ?
00:46 CaptTofu chef refugee, and used to the apt ruby package handling that automatically
00:46 UtahDave CaptTofu: generally we let the package manager handle dependencies
00:47 CaptTofu so, if package C needs prereq packages A and B, that _should_ work?
00:47 CaptTofu I mean, is the answer to apt (or whatever) similar to a -y ?
00:48 UtahDave yeah,  it calls the underlying package manager to install the package you want. If that package requires other packages, then they will be installed as well.
00:53 whit joined #salt
00:57 rfgarcia joined #salt
00:57 MaxK1 joined #salt
01:01 rfgarcia joined #salt
01:03 rgarcia_ joined #salt
01:14 liuyq joined #salt
01:19 Furao joined #salt
01:20 Nexpro joined #salt
01:20 druonysuse joined #salt
01:34 mikedawson_ joined #salt
01:38 dthom91 joined #salt
01:41 liuyq joined #salt
01:42 m_george|away joined #salt
01:43 joehh multani: found the issue (mistake on my behalf)
01:43 joehh multani: will fix in upload tonight
01:52 s0undt3ch UtahDave: yes, upload a grains filename and use -c
01:53 UtahDave grains file on the brand new server?
01:54 m_george left #salt
01:59 mannyt joined #salt
02:00 malinoff joined #salt
02:08 renothing joined #salt
02:14 rgarcia_ joined #salt
02:16 rgarcia- joined #salt
02:18 renothing joined #salt
02:20 xl1 joined #salt
02:25 renothing joined #salt
02:28 Thiggy joined #salt
02:29 cocoy1 joined #salt
02:29 oz_akan_ joined #salt
02:33 dthom91 joined #salt
02:40 scooby2 was there a place that people could upload their sample Salt configs to share with others?
02:44 UtahDave scooby2: if you have them in a github repo you can add them to saltstarters.org
02:44 UtahDave also, we're filling out a bunch of repos at our new saltstack-formulas github organization
02:44 UtahDave https://github.com/saltstack-formulas
02:46 mmilano joined #salt
02:48 Nexpro joined #salt
02:50 andrew joined #salt
02:55 zonk1024 joined #salt
02:55 [diecast] joined #salt
02:59 Thiggy if I have a grain that's a list instead of a single key:value, should I expect modules.match.grain to match against it? e.g., I have a roles: grain that is a list of roles. Should I expect `salt \* match.grain 'role:web'` to return true on minions with web in that list?
02:59 Lue_4911 joined #salt
03:00 UtahDave Thiggy: I'm not sure if match.grain has been updated to deal with lists and dicts.
03:01 UtahDave I know that grains.get does
03:01 UtahDave salt \* grains.get 'role:subitem'
03:01 Thiggy ok, since it's not working, I would suggest it probably hasn't. :) I just wasn't sure if that was a functionality I should expect.
03:01 UtahDave yeah, doesn't surprise me.  Would you mind opening an issue about that?
03:02 Thiggy Yessir. I'll do that.
03:03 Thiggy if I need a list of hostnames matching some targeting spec, is there some established way of doing that?
03:04 UtahDave the easiest way is   salt <your target spec>  test.ping
03:04 UtahDave :)
03:05 UtahDave I know Tom just barely added some functionality to determine that in a better way, but it hasn't been released yet. I don't know how it works quite yet, either.
03:05 scooby2 UtahDave: thanks
03:05 Thiggy haha ok groovy.
03:05 syngin joined #salt
03:07 UtahDave you're welcome!
03:07 UtahDave scooby2: let me know if you want me to create you a new repo on saltstack-formulas for your example
03:08 Thiggy I created that issue. Thanks for the help.
03:08 UtahDave thank you!
03:13 gamingrobot joined #salt
03:19 octagonal joined #salt
03:28 nonuby joined #salt
03:31 ksalman how would one create a mysql database structure, tables and all? mysql.query?
03:32 lazyguru joined #salt
03:34 cocoy1 left #salt
03:40 UtahDave ksalman: that's one way.  If you have the schema you could import that file, too
03:42 ksalman UtahDave: is there an example of how to import schema in the docs?
03:42 qba73_ joined #salt
03:49 UtahDave I don't think so.  I'm not sure if there's state function to do it. You may have to use cmd.run
03:51 ksalman oh i see, okay
03:52 saurabhs joined #salt
03:52 dthom91 joined #salt
03:53 z3uS joined #salt
03:53 mlanner_ joined #salt
04:00 MTecknology there's a salt repo for debian, isn't there?
04:00 ksalman MTecknology: there is
04:00 ksalman MTecknology: http://docs.saltstack.com/topics/installation/debian.html
04:01 MTecknology thanks :)
04:01 ksalman sure
04:02 UtahDave time to head home.  Night everyone
04:02 MTecknology g'night
04:03 ksalman night
04:03 ksalman thanks for all the help
04:05 david_a joined #salt
04:07 rgarcia_ joined #salt
04:13 rgarcia- joined #salt
04:20 oz_akan_ joined #salt
04:31 nonuby joined #salt
04:31 nonuby joined #salt
04:51 MTecknology frick! It's been so long that I forgot the sls basics...
04:52 rgarcia_ joined #salt
04:54 MTecknology How can I create a state for the salt-minion service? I can't just do salt-minion: service.running
04:54 MTecknology It's launched with python      root      5914  0.0 18.1 180744 23816 ?        Sl   23:37   0:00 /usr/bin/python /usr/bin/salt-minion
04:56 MTecknology or will it use init functions?..
04:58 nonuby joined #salt
04:58 nonuby joined #salt
05:03 ksalman MTecknology: maybe I am wrong but I am pretty sure you need the minion running so the master can talk to the minion
05:04 ksalman so trying to control the minion service via the master seems to be a catch 22
05:04 MTecknology ksalman: right, but I'd like to be able to tell it to restart if the minion config changes
05:04 MTecknology and worstest worst case, have to run state.highstate on the minion
05:05 ksalman well, as soon as the master tells the minion to restart, the service goes down on the minion and it'd never return
05:05 MTecknology My goal is to never EVER actually ssh into those boxes.
05:05 ksalman on the master you'll see an error minion didn't return or something
05:06 ksalman Yea, I don't know the answer =)
05:06 MTecknology except say... the backup server has backup data that I need to access so I ssh into it to grab that
05:06 MTecknology I guess there's one way to find out...
05:07 ksalman I had tried to restart the minion services from hte master, because i was changing the minion config file, and I got the error "minion ddin't return" or something to that effect
05:07 ksalman I gave up the idea without diving too much into it
05:07 MTecknology ksalman: ya.... state.highstate won't finish if you execute it from the master; but salt-call state.highstate will work fine
05:08 ksalman but you'd need to run salt-call on the minion, no?
05:08 MTecknology ya, salt-call state.highstate
05:08 MTecknology then it'll grab the updated file and restart the service.
05:08 ksalman so you need to be ssh'd in..
05:09 MTecknology Realistically, I'll never have to actually do it, but that would defeat my goal of never logging in to do what salt can do
05:11 MTecknology I have a goal... it might be lofty, but I know it's doable. It's also a home network so why the hell not go all crazy until I make it happen. :D
05:11 mechanicalduck joined #salt
05:11 ksalman lol
05:11 ksalman you never know!
05:12 MTecknology Going crazy and doing off the wall crap is how I found many many weird bugs in older versions that even thatch had to get involved in. It turned out they could have been really ugly bugs but were easy to fix once found too.
05:14 ksalman nice
05:14 gamingrobot has anyone done gameserver management with salt?
05:24 renothing joined #salt
05:26 knightsamar joined #salt
05:30 oz_akan_ joined #salt
05:34 MTecknology ksalman: I'm gonna go with... running salt-call state.highstate on a minion is acceptable... but that should be absolutely it. :)
05:35 MTecknology even that shouldn't ever really need to happen
05:37 MTecknology I want to keep the root user from logging in via ssh. I know that can be done via managing ssh configs, but is there a better way?
05:39 az87c joined #salt
05:45 nonuby joined #salt
05:56 tomtom joined #salt
05:57 saurabhs left #salt
05:59 jkleckner joined #salt
06:05 Katafalkas joined #salt
06:06 Katafalkas joined #salt
06:07 andrew joined #salt
06:29 berto- joined #salt
06:41 carlos_ joined #salt
06:43 denstark joined #salt
06:55 mlanner_ joined #salt
06:57 ml_1 joined #salt
07:10 vaxholm joined #salt
07:12 multani joehh: thanks a lot
07:16 unicoletti_ joined #salt
07:30 quantumsummers|c joined #salt
07:35 Furao joined #salt
07:37 Ryan_Lane joined #salt
07:37 scott_w joined #salt
07:38 yogi joined #salt
07:39 dthom91 joined #salt
07:39 it_dude joined #salt
07:41 tomeff joined #salt
07:45 werewolf13 joined #salt
08:01 it_dude joined #salt
08:03 yogi I 'm installing an RPM which provides two services master and agent  - which are enabled by default.
08:03 yogi I 'm trying to split the installation on two boxes is it possible to disable one service and enable the other e.g on master  agent should be disabled and  master  should be enabled
08:12 Xeago joined #salt
08:12 syngin yogi: is that a salt question or a red hat question?
08:15 mmilano joined #salt
08:16 ml_11 joined #salt
08:19 balboah joined #salt
08:21 ze- is there a way to get that %@#((#%* google-list into a mailing list without getting too much lame registering stuffs from google ?
08:21 yogi salt question
08:23 renothing joined #salt
08:24 yogi It works if I use include option but is it possible to define two states for two different services in one state file ?
08:26 scalability-junk yogi: couldn't you declare the 2 state files via the top file?
08:27 suodla joined #salt
08:30 zooz joined #salt
08:31 yogi I could do that too, but in that case I will stick with include. As we are handling same rpm package
08:33 ze- if you have a single file that include an other... yes, you can easily place them in the same file
08:36 yogi Thanks guys, In that case I will stick with the include option.
08:39 dthom91 joined #salt
08:41 it_dude joined #salt
08:44 wimbo joined #salt
08:44 wimbo hello all
08:45 wimbo someone can help me to write salt module?
08:45 wimbo i can't find some helpfull information about that
08:45 ml_1 joined #salt
08:45 qba73 joined #salt
08:48 Katafalkas joined #salt
08:50 Katafalkas joined #salt
08:51 ml_11 joined #salt
08:58 aleszoulek joined #salt
09:06 helderco joined #salt
09:08 Katafalkas joined #salt
09:10 renothing joined #salt
09:15 mechanicalduck joined #salt
09:22 ml_1 joined #salt
09:26 it_dude joined #salt
09:30 bhosmer joined #salt
09:30 arnoldB hm. when was Salt(Stack) born?
09:33 Furao arnoldB: check first commit on github
09:34 lemao joined #salt
09:34 arnoldB Furao: thomas was using it since the beginning?
09:35 Furao https://github.com/saltstack/salt/commit/7578c4d9f429b91dd8df553fc6ed78f4c8b76e7c
09:35 arnoldB thanks
09:42 whiskybar joined #salt
09:43 bhosmer_ joined #salt
09:43 it_dude joined #salt
09:44 mechanicalduck Furao: or was salt developed outside git before?
09:44 mechanicalduck Furao: is this reliable?
09:46 it_dude_ joined #salt
09:48 yota joined #salt
09:48 unicoletti joined #salt
09:51 it_dude joined #salt
09:54 it_dude_ joined #salt
09:57 test joined #salt
10:00 felixhummel joined #salt
10:00 Furao mechanicalduck: just follow the git log
10:10 dthom91 joined #salt
10:11 giantlock joined #salt
10:13 faldridge joined #salt
10:19 kevin_27escape joined #salt
10:20 kevin_27escape just wondering, would be useful to anyone else to have the command used in cmd.run available in the data sent back to the salt-master (or in the returners)
10:27 fredvd joined #salt
10:29 ze- doesn't the returner have it as "name" ?
10:33 kevin_27escape hmm, will check
10:36 ml_11 joined #salt
10:36 kevin_27escape I cannot see a 'name' field in any of the returners
10:57 kevin_27escape I guess this is true of all of the modules, we know what module has been called ('fun') but not what arguments have been passed to it
10:58 kevin_27escape I will ask on #salt-devel if this is a good thing
11:12 bhosmer joined #salt
11:16 blee joined #salt
11:26 mikedawson joined #salt
11:31 sgviking joined #salt
11:34 keeeh joined #salt
11:34 Kotoura joined #salt
11:36 Kotoura joined #salt
11:54 oz_akan_ joined #salt
12:01 Ivo joined #salt
12:02 Jahkeup joined #salt
12:02 middleman_ joined #salt
12:03 oz_akan_ joined #salt
12:06 renothing joined #salt
12:08 mike25ro joined #salt
12:09 mike25ro hey guys
12:09 mike25ro can anyone take a look at: http://pastebin.com/XjAniBQC
12:09 mike25ro i am trying to .. manage the /etc/network/interfaces file on a debian minion from salt
12:09 mike25ro i created the pillar with ip/gateway etc..
12:10 mike25ro i believe the problem is with the pillar tree.... i am not sure i am accessing it correctly from jinja
12:11 Ryan_Lane joined #salt
12:12 Furao mike25ro: remove all "- "
12:12 Furao it's a dict not a list
12:12 mike25ro i just DID that
12:12 Furao then saltutil.sync_all
12:12 mike25ro damn... i have to learn more python ...
12:12 Furao but one thing, try to avoid dash in key name
12:13 mike25ro i am still confused where i should use "-" and where i should not use
12:13 mike25ro underscore is ok?
12:13 Furao if you have context: {{ pillar['network']['eth0'] }}
12:13 Furao you ends with jinja variable dns-nameserver
12:13 Jahkeup mike25ro: '-' makes it an array and not a dict so you won't be able to say pillar['networking']['eth0'] instead it would be pillar['networking'][0]
12:13 Furao which is like a math operator
12:14 mike25ro right got it
12:14 mike25ro thanks a LOT buddy
12:14 mike25ro both of you : thanks
12:15 Furao if you guys need to create superuser from salt (with password) here is something https://github.com/bclermont/django-insecure
12:15 Furao (for django of course)
12:15 mike25ro Furao:  Jahkeup thanks guys
12:15 Jahkeup mike25ro: np! glad to help, lend a hand where you can from what you learn :)
12:18 wimbo joined #salt
12:18 wimbo is anyone alive?
12:19 Furao that's a turnoff
12:20 wimbo can somebody help to write module for salt?
12:22 Furao wimbo: https://github.com/bclermont/states/tree/master/states/_modules
12:22 Furao some example
12:25 telexicon left #salt
12:25 wimbo can i wrote some function that install for example apache2, configure virtualhost and restart?
12:26 mike25ro wimbo: you can create a state that does all that
12:26 mike25ro you can have your virtualhosts file stored on the master .... and deployed to the minion
12:27 wimbo i need generate virtualhosts
12:27 wimbo take hostname of minion and generate
12:27 wimbo i have some bash script and i need to rewrite it on saltstack
12:28 mike25ro you can RUN your bash from salt.
12:28 mike25ro i am also a newbie... still reading the docs and examples
12:29 wimbo yea i know that i can do this, but my boss told me to rewrite this... he think that bash its so stupid
12:30 mike25ro bash is not stupid...
12:30 wimbo i know, but boss....
12:30 wimbo :)
12:31 jslatts joined #salt
12:31 mike25ro on the other hand... having things centralized in SALT is a lot better ... and easier to manage
12:32 mike25ro there are examples on how to install apache..... also you can create a pillar file depending on you OS ... the apache package  apache2 or httpd
12:33 ipmb joined #salt
12:34 wimbo yes,,, i know...
12:40 toastedpenguin joined #salt
12:40 Jahkeup wimbo: check out https://github.com/tdf/salt-states-base/blob/master/apache/server.sls to see how some people working with apache
12:43 Linz_ joined #salt
12:43 wimbo Jahkeup: i need create this file on master and add this sls files for some minion, after that need to do "salt \* saltutil.sync_all " ? and all this directives performed on minion? (sorry my very bad english)
12:44 Jahkeup wimbo: to sync all the states to the minions yes, but if you're working with highstates then it should sync on the salt '*' state.highstate call
12:45 Jahkeup wimbo: also you can template out your vhosts/sites available by iterating over pillar data
12:46 wimbo but how i can create rules for generate vhosts file from hostname for example?
12:47 Jahkeup when you use file.managed you can use jinja templating in your .conf's and also in the state to programmatically create multiple configuration files
12:47 jamesdevopppps joined #salt
12:49 Linz joined #salt
12:49 Jahkeup wimbo: there's some real simple examples here: http://docs.saltstack.com/topics/tutorials/states_pt3.html
12:49 Jahkeup wimbo: but you can easily use pillar data to do the same
12:50 wimbo thx, go to read documentation
12:53 wimbo whats the difference betwene pillar and state? can you explain? please
12:57 aat joined #salt
12:58 juicer2 joined #salt
13:00 kenbolton joined #salt
13:01 Jahkeup wimbo: pillar (though in a sls file) is a structure of data, where as a state is a state of desired configuration on a given machine
13:01 Jahkeup wimbo:  not the best explanation
13:01 Jahkeup :/
13:01 Jahkeup wimbo: http://docs.saltstack.com/topics/pillar/index.html?highlight=pillar
13:02 jeffasinger joined #salt
13:04 whit joined #salt
13:07 faldridge joined #salt
13:16 APLU joined #salt
13:20 kermit joined #salt
13:20 Damoun joined #salt
13:21 mechanicalduck_ joined #salt
13:22 brianhicks joined #salt
13:26 Thiggy joined #salt
13:27 racooper joined #salt
13:37 mechanicalduck joined #salt
13:41 whit joined #salt
13:41 krissaxton joined #salt
13:42 jeddi joined #salt
13:49 mike25ro wimbo: pillars are just a way of storing data related to a minion.
13:50 mike25ro in a pillar you can store different data.. from hostname, ip, gateway etc.
13:52 mike25ro guys... inside a managed file ... can i use jinja logic.... if and loops?  for example ... in a config file may i use.... {% if pillar['networking'] is defined %}  display some data {% endif %}  ?
13:53 MTecknology mike25ro: yup- but you have to tell salt that the state is a template
13:54 mike25ro sure .. i already have template: jinja
13:54 MTecknology mike25ro: - template: jinja2   iirc
13:54 aat joined #salt
13:54 mike25ro yep :)
13:54 [diecast] joined #salt
13:54 mike25ro is there a difference between jinja and jinja 2 in the salt state ?
13:54 MTecknology probably not
13:54 mike25ro i mean template: jinja2   or template: jinja ?
13:54 mike25ro it works with jinja :)
13:55 mike25ro awesomw
13:55 mike25ro awesome*
13:55 * mike25ro likes salt :)
13:55 MTecknology I don't think jinja1 really exists anymore, does it? :)
13:56 mike25ro i am a newbie... but i think ... is jinja2 :D
13:56 MTecknology mike25ro: The more you use it, the more you will love.
13:56 mike25ro MTecknology: indeed i do
13:56 mike25ro i am starting to document what i have learned... maybe others will find it useful
13:56 mike25ro i am doing a different approach ... learning by example.
13:57 conan_the_destro joined #salt
13:57 mike25ro i have read a lot of examples on github from all you guys... and i have really learned a lot...
13:58 abe_music joined #salt
13:59 MTecknology What I'm doing... I have salt-minion installed in my openvz template with /etc/salt/minion.d/base.conf and any keys removed. When the box is deployed, it'll try to connect to the master with the default fqdn id. I approve from the salt-master and the minion retries authentication.
13:59 jslatts joined #salt
13:59 MTecknology The end result of what I'm working on... I deploy a box and NEVER ssh into it to manage anything. I only ssh to utilize services (example: access backed up data on the backup server)
14:00 MTecknology The only management command I'll let myself run on a minion is salt-call state.highstate.
14:01 mike25ro but you can run salt 'minion' state.highstate from the master... no? isn't it the same thing?
14:02 ipmb joined #salt
14:03 MTecknology It's exactly the same, it just lets me ssh in to that box to look (read-only ssh) and then run that when I want to watch a change be reflected.
14:05 * mike25ro out ... going fishing :)
14:05 mike25ro left #salt
14:10 whit joined #salt
14:10 mannyt joined #salt
14:11 alunduil joined #salt
14:11 japage joined #salt
14:12 andrew joined #salt
14:14 mikedawson joined #salt
14:16 QWAZS joined #salt
14:17 QWAZS Hello, i wanted to know more about 'pillar', could someone tell me more about that <
14:17 QWAZS ?
14:18 opapo joined #salt
14:19 JesseC joined #salt
14:22 anteaya joined #salt
14:22 xt which part of the documentation was hard to grasp?
14:25 tempspace Is there ever a time I would have to use salt['pillar.get']('variable', 'default')  as opposed to pillar.get('variable', 'default')?
14:28 Jahkeup joined #salt
14:29 tempspace Would I need to specify salt[] if I'm in a jinja template?
14:30 Nick_______ joined #salt
14:30 whiteinge tempspace: the draw of salt['pillar.get'] is that you can do deep lookups, e.g. ("foo:bar:baz:qux", "somedefault")
14:30 tempspace ahh
14:31 Nick_______ Hello !, could someone tell me more about "pillar" in salt ?
14:32 teskew joined #salt
14:33 whiteinge Nick_______: what would you like to know?
14:35 mmilano joined #salt
14:35 Linz joined #salt
14:37 xt please tell me everything, so I don't have to investigate myself!!!
14:38 jalbretsen joined #salt
14:43 timl0101 joined #salt
14:46 KennethWilke joined #salt
14:49 tempspace Are we supposed to be able to run pillar.get from within a pillar?
14:50 webwurst joined #salt
14:51 webwurst what should permissions on /var/cache/salt look like? i have this "drwx------ 8 root root"
14:52 KennethWilke tempspace: i think so
14:53 KennethWilke webwurst: on an ubuntu box i  have it's drwxr-xr-x
14:53 unicoletti_ joined #salt
14:53 KennethWilke wait nvm thats a debian box
14:54 Thiggy joined #salt
14:55 chrisgilmerproj joined #salt
14:55 webwurst KennethWilke: thank you!
14:56 KennethWilke webwurst: no problem
14:56 lazyguru joined #salt
14:57 bhosmer joined #salt
15:02 dave_den joined #salt
15:08 forrest joined #salt
15:09 Jahkeup joined #salt
15:10 faldridge joined #salt
15:11 xinkeT joined #salt
15:11 Jahkeup_ joined #salt
15:12 bhosmer joined #salt
15:13 devinus joined #salt
15:16 whit joined #salt
15:18 StDiluted joined #salt
15:26 tempspace Hey UtahDave, maybe you can answer this. Am I supposed to be able to pillar.get from within a pillar?
15:30 krissaxton left #salt
15:30 mortis_ damn saltstack :( ....all this fun ruins my gamingtime
15:30 jschadlick joined #salt
15:31 alexandrel joined #salt
15:35 whiteinge tempspace: doing so runs the risk of forming miniature black holes which may or may not destroy the earth
15:35 farra is there a way to configure your ubuntu system so you can run the salt command without having to sudo?
15:36 whiteinge tempspace: also, no. i don't believe that is recommended. pillar got an official way to do that recently, iirc. hang on, i'll try to dig up docs...
15:37 alexandrel farra: uhm, salt-minion dosen't run as root on ubuntu?
15:37 farra alexandrel: no it does, but I was referring to running commands on the master
15:37 alexandrel farra: ah, ok sorry.
15:38 jeddi joined #salt
15:38 farra i.e. salt '*' test.ping
15:38 farra results in
15:38 farra Failed to authenticate, is this user permitted to execute commands?
15:38 farra when run on the master
15:38 farra sudo works fine
15:39 alexandrel farra: you could seuid salt.
15:39 TJ1980 joined #salt
15:39 alexandrel *setuid
15:40 farra yeah that was my one thought
15:40 farra wanted to make sure there wasn't a "better" way
15:41 troyready joined #salt
15:42 rgarcia_ joined #salt
15:44 cron0 joined #salt
15:44 UtahDave farra: you can use the client_acl option to allow your user to have access to Salt commands
15:44 dthom91 joined #salt
15:45 whiteinge tempspace: http://docs.saltstack.com/topics/pillar/index.html#including-other-pillars
15:45 tempspace whiteinge: Yeah, I saw those but I don't think that will work for what I'm doing unfortunately
15:46 farra UtahDave: thanks!
15:46 whiteinge ah. what are you working on, ooc?
15:46 tempspace I have 5 environments I support in my saltstack, and I assign a DIVISION pillar to each each environment
15:46 tempspace depending on their hostname
15:46 EugeneKay farra - in bash, alias salt='sudo salt'
15:46 tempspace so, now I have a php pillar I'm working on, and I want to have different pillars depending on the DIVISION
15:47 EugeneKay Make sure your sudo config allows your current user to perform that command passwordless
15:49 bhosmer joined #salt
15:50 farra EugeneKay: UtahDave's method worked really well and kept me from having to leverage sudo
15:50 tempspace but it looks like I'm going to have to create different pillar files for each division, which sucks
15:51 rgarcia- joined #salt
15:53 EugeneKay Oh, missed that. Herp!
15:53 EugeneKay Yeah, that's probably a better way; this is more of my go-to general solution :-p
15:54 alexandrel client_acl is nice!
15:54 KyleG joined #salt
15:54 KyleG joined #salt
15:55 soukihei joined #salt
15:56 faldridge joined #salt
15:56 marcinkuzminski joined #salt
15:56 farra super nice
15:57 farra and very granular
15:59 whiteinge tempspace: yeah, that's less than ideal. will you take a look at #2466 to see if those proposed changes would allow what you're trying to do? and if not, then will you file a ticket to get it added?
15:59 whiteinge tempspace: https://github.com/saltstack/salt/issues/2466
16:00 tempspace whiteinge: A workaround could be if instead of matching hostnames in my top.sls, I match grains['fqdn'] within a pillar file
16:00 tempspace then include that
16:01 tempspace then I could include just one pillar and work with that
16:03 KennethWilke whiteinge: i'm eager to test/contribute to your openstack-standalone-formula
16:04 KennethWilke maybe not your* but i'm likely to bug you about it since you've used it
16:04 whiteinge KennethWilke: woot! that would be really great
16:05 UtahDave I don't know, KennethWilke. You'll have to prove to us that you know anything about openstack     ;)
16:05 KennethWilke hey now, i never suggested i know anything about it :p
16:06 KennethWilke on that note too, i was wondering if https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/init.sls would work for me on salt 0.16.3
16:06 KennethWilke i haven't tried, but the docs say grains.filter_by is a 0.17.0 feature
16:07 whiteinge KennethWilke: we snuck it into 0.16.3 :)
16:07 KennethWilke ah alrighty, fun
16:07 UtahDave whiteinge: Oh, did we?
16:07 KennethWilke i like the way you're using it to map the packages
16:07 whiteinge snuck!
16:07 KennethWilke i wanted to amend it a touch, to allow pillar to override the pkg_tables
16:07 whiteinge thank you. i have an irrational dislike of if-elif-else trees
16:07 whiteinge please do!
16:08 KennethWilke do you think it'd also be good to move the package mapping to a separate file?
16:08 KennethWilke ie, for salt-formula i was thinking of making a package-map.sls
16:09 KennethWilke isolate all that into a single file, included by the others that need a table for that
16:10 whiteinge are you thinking of a giant package map to rule them all kind of thing?
16:10 KennethWilke nah, one per-formula
16:11 KennethWilke but with the goal in mind that most formulas would work in a similar way
16:11 whiteinge ah, better. yes, a separate file is a great idea
16:11 KennethWilke that being, theres a package map file and it can be overridden by pillar
16:11 whiteinge i like it
16:11 KennethWilke wee! then it shall be done
16:11 KennethWilke good to know that filter_by snuck into 16.3
16:11 whiteinge i've been puzzling over how to handle packages such as python26-blah for centos5, for example. that would solve that handily
16:16 KennethWilke salt-cloud has to run on the salt-master, correct?
16:16 KennethWilke i've never tried to run it elsewhere, but curious
16:17 bitz joined #salt
16:21 whiteinge i don't think so...
16:22 matanya joined #salt
16:22 cedwards KennethWilke: it won't be able to automagically setup keys if it's not on the master, but it'll work otherwise last i tried.
16:22 KennethWilke cedwards: thanks for the info, i figured about as much but wanted to know what people have experienced
16:22 brutes left #salt
16:24 rrauenza_ joined #salt
16:24 Jahkeup joined #salt
16:24 derelm joined #salt
16:25 rrauenza_ The postgres_user.present seems to not be setting the password correctly.  Or I have another problem.  Trying to debug.
16:26 rrauenza_ I'm a little suspcious of two things -- with encrypted on, I seem to get the same password hash in the users table, and what salt says it is running seems to be overquoted:  '/usr/bin/psql --no-align --no-readline --dbname postgres -c \'CREATE USER "blah" WITH ENCRYPTED PASSWORD \'"\'"\'blah1\'"\'"\'\'' as user 'postgres' in dire
16:27 rrauenza_ ctory '/tmp'
16:27 mmilano left #salt
16:27 mmilano joined #salt
16:28 Linz joined #salt
16:28 scofflaw joined #salt
16:28 UtahDave rrauenza_: Yeah, that looks like a bug.  Have you had a chance to look at the code?
16:29 rrauenza_ No ... was checking to see if this was a well known problem
16:29 Lue_4911 joined #salt
16:30 rrauenza_ BUT .. I also just hand create the user (duh) and can't authenticate -- so let me do some due dilligence there first :)
16:30 UtahDave ok, cool
16:31 rrauenza_ ah, and hand creating gives the same md5 hash, so this must be something else.  Access controls or something.
16:31 jacksontj joined #salt
16:41 [diecast] joined #salt
16:41 [diecast] joined #salt
16:49 jkleckner joined #salt
16:52 alexandrel joined #salt
16:53 berto- joined #salt
16:54 tempspace whiteinge: if I include a pillar, am I not able to pillar.get that either?
16:56 dthom91 joined #salt
16:57 bhosmer joined #salt
16:59 bemehow joined #salt
16:59 [diecast] joined #salt
16:59 [diecast] joined #salt
16:59 druonysus joined #salt
16:59 druonysus joined #salt
17:00 UtahDave tempspace: depending on how much you want to do with the pillar, you might consider writing a custom external pillar
17:00 UtahDave http://docs.saltstack.com/topics/development/external_pillars.html
17:01 tempspace UtahDave: I have division.sls which only contains DIVISION: mydivision
17:01 tempspace In php.sls, I include division
17:01 UtahDave It's actually pretty easy to do.  The function gets the current pillar passed in as an argument, then you can do whatever you want with that dictionary to make it look just like you need.  Then you return that dict and that becomes the pillar var.
17:02 tempspace and I want to be able to do an if statement on the value of DIVISION
17:02 redbeard2 joined #salt
17:02 tempspace from php.sls
17:03 UtahDave tempspace: Hm. The problem you're going to have is that jinja is evaluated before the yaml is evaluated
17:03 tempspace balls
17:07 Jahkeup joined #salt
17:07 Xeago joined #salt
17:08 tempspace guess I'm going to have to manually assign all these grains
17:08 bastion2202 joined #salt
17:10 bastion2202 hey guys, did you ever see this ? using file.recurse with a 1x1.gif file : UnicodeDecodeError: 'utf8' codec can't decode byte 0x80 in position 10: invalid start byte. All good without the gif
17:10 bhosmer joined #salt
17:13 devinus joined #salt
17:13 whiteinge tempspace: you could do the if-statement in the ext-pillar module itself since it's just python. i think UtahDave's suggestion will work
17:14 whit joined #salt
17:14 whiteinge you could make the DIVISION determination right there in the python since you'll have access to the current minion, then do the logic and add the result to the final pillar dictionary
17:16 UtahDave bastion2202: do you get the same error with a different gif?
17:16 logix812 joined #salt
17:17 rgarcia_ joined #salt
17:18 rgarcia- joined #salt
17:18 bhosmer joined #salt
17:21 jpeach joined #salt
17:25 Jahkeup is it considered pragmatic to use salt to exec bash scripts to configure nodes, I haven't stumbled upon any practical method to do certain tasks with pure salt (without custom modules)
17:28 bastion2202 UtahDave yes same problem with another gif (random from internet
17:29 tomeff joined #salt
17:32 bastion2202 UtahDave no problem if I move the file of the folder and then use file.managed just for it
17:33 UtahDave Jahkeup: Yeah, that's perfectly fine.
17:33 UtahDave bastion2202: can you pastebin what you have?
17:34 Jahkeup UtahDave: okay, just making sure before I stray from the well trodden path. I'll try some scripts later. Thanks
17:36 UtahDave Jahkeup: are you using cmd.script()  ?
17:39 TJ1980 joined #salt
17:41 mechanicalduck joined #salt
17:41 bastion2202 UtahDave http://pastebin.com/KBKF3092
17:43 alexandrel Does anyone have an example of Peer publication? Also would it make sense to use this feature to automatically manage salt minions in a nameserver?
17:43 UtahDave bastion2202: ah, so the gif is in the directory you're using file.recurse on?
17:44 UtahDave alexandrel: let me grab you an example
17:44 alexandrel In return, if I get it working, I'll publish my configs.
17:44 zonk1024 joined #salt
17:45 UtahDave alexandrel: https://gist.github.com/UtahDave/5217462
17:45 matanya joined #salt
17:46 david_a joined #salt
17:46 alexandrel UtahDave: woa, cool example.
17:46 UtahDave bastion2202: what version of Salt?
17:46 krissaxton joined #salt
17:46 UtahDave alexandrel: Yeah, dynamic iptables rules!
17:47 bastion2202 UtahDave 0.16.0
17:47 UtahDave bastion2202: ok, let me test something here
17:49 m_george|away joined #salt
17:52 UtahDave bastion2202: OK, just confirmed this same bug in the latest salt from git develop
17:53 UtahDave I think it's any binary blob that's killing it.
17:55 UtahDave yeah, just tested with a pdf as well
17:55 jschadlick1 joined #salt
17:57 UtahDave bastion2202: OK, for now the workaround would be to do a file.managed separately on your gif.
17:57 UtahDave bastion2202: I'm going to open an issue on this
17:58 Ryan_Lane joined #salt
17:58 jschadlick1 left #salt
17:58 bastion2202 UtahDave tx that's what I did :)
17:58 UtahDave ok, cool.  sorry about that.
17:59 m_george left #salt
18:00 pdayton joined #salt
18:00 Jahkeup UtahDave: hadn't noticed that one! Is it possible to then set a arbitrary grain value on 0 status exit?
18:01 bitz joined #salt
18:02 jpeach is there a way to iterate over a set of files using a ninja template? I want to do something like:
18:02 helderco joined #salt
18:03 jpeach {% for k in salt://sudoers/keys/*.pub %}
18:03 jpeach {% endfor %}
18:03 Ryan_Lane joined #salt
18:04 UtahDave bastion2202: Here's the issue I created: https://github.com/saltstack/salt/issues/6698    Please feel free to add any additional info you think would be helpful.
18:04 UtahDave Jahkeup: yeah, you could do that.
18:05 Jahkeup jpeach: try using file.recurse http://docs.saltstack.com/ref/states/all/salt.states.file.html?highlight=file.recurse#salt.states.file.recurse
18:05 Jahkeup jpeach: or just a set of files?
18:05 Jahkeup UtahDave: how would one go about setting a grain from the script or state?
18:06 jpeach Jahkeup: file.recurse copies the files, right?
18:06 jpeach I want to iterate over all the files, and add them to a single authorized_keys file, for use my pam_ssh_agent
18:06 alexandrel wow, publish is by far the most powerful feature I've seen in salt so far, the possibilities it offers are absolutely insane.
18:07 Jahkeup jpeach: oh you want to concatenate them together?
18:07 Jahkeup hmm, not sure actually. Haven't tried that myself yet
18:07 jpeach in practice, yes, but I was planning on using state.ssh_auth to do that
18:08 kermit joined #salt
18:10 Jahkeup jpeach: I could think of ways to do this in python but I'm really not sure how you'd do this with salt, maybe someone else knows?
18:10 jpeach :)
18:10 jpeach the cp module looks promising, but it only has copying functions, nothing that will just list a directory
18:10 tomeff_ joined #salt
18:12 helderco joined #salt
18:13 Thiggy joined #salt
18:14 devinus joined #salt
18:14 Jahkeup jpeach: are the files jinja?
18:14 jpeach the files are public SSH keys
18:15 Jahkeup here's how you can do this, you can read in the files using python and then inserting into the state using jinja and multiline strings for a file.managed's content arg
18:16 Jahkeup because jinja will let you import and use modules in the template you should be able to use standard modules to read the files and concat them into a single string
18:17 jpeach so, write a salt module to do the file listing, then use that from ninja?
18:18 Jahkeup jpeach: you could however I was proposing to use python in-line
18:18 jpeach oh, I did not know you could do that
18:19 Jahkeup jpeach: lemme double check in jinja docs
18:20 jpeach I wonder whether salt['os.walk'] would work ...
18:21 Jahkeup jpeach: sadly I am mistaken, I was under the impression this could be done :C
18:23 Jahkeup jpeach: it supports a 'subset' of python methods
18:24 Jahkeup and it has its own import
18:24 jpeach no problem, thanks for the help
18:24 Jahkeup so we're back in the same place, hey I tried ;) again, someone probably has a solution!
18:24 Jahkeup np
18:24 jpeach I'll list it statically for now, that will be fine ;)
18:26 whit joined #salt
18:33 alexandrel Jahkeup: mako seems to allow it.
18:36 Jahkeup alexandrel: I was thinking of recommending that ;) haven't used it thus far though
18:37 jpeach Jahkeup: I ended up doing http://apaste.info/19WV
18:37 alexandrel I tried it, but couldn't seem to access the __salt__ structure within my in-line python blocks, so I gave up on it.
18:38 jpeach it's not too terrible
18:38 TJ1980 joined #salt
18:38 Jahkeup jpeach: that doesn't look half bad at all :)
18:41 Thiggy So salt.modules.data is minion-local, correct. Does salt include any sort of similar thing that's spread across all the minions? That seems kind of like a big wish, but I thought I'd ask.
18:41 Thiggy It'd be super handy for me today to have some kind of distributed key-value store across all my minions.
18:46 jschadlick joined #salt
18:46 Katafalkas joined #salt
18:47 jschadlick Is minionswarm installed in the normal salt packages?
18:48 dave_den Thiggy: what about using salt-mine?
18:49 UtahDave jschadlick: no, it's only in the git repo
18:50 UtahDave jpeach: does this help? http://docs.saltstack.com/ref/modules/all/salt.modules.cp.html#salt.modules.cp.list_master
18:50 Thiggy @dave_den Maybe? I might not understand how salt-mine works. My understanding is it's just a place where you can list functions from salt.modules and then it keeps that data available across the cluster? Is that accurate?
18:50 UtahDave Thiggy: Pillar is designed to do what you want.  You can create pillar values that are available across all minions
18:50 bhosmer joined #salt
18:51 jpeach UtahDave: yeh I noticed that earlier, but now that you point it out, I realize that I could probably use that and then apply a ninja filter to get just the filed I want
18:51 Thiggy Can the minions publish the pillar data? Can I have a bash script that says pillar['somekey']['this_minion_id'] = 'somevalue' and then that's available everywhere?
18:51 Thiggy (a bash script that runs on the minions)
18:52 dave_den Thiggy: right, the salt mine data is the result of a module function from each minion and available to all minions.
18:54 Thiggy @dave_den then I don't think that'd work unless there's another piece I'm missing. I need the minion to be able to update some key whenever it feels like it. I'm trying to publish a distributed job's state across the cluster.
18:54 KyleG left #salt
18:56 zooz joined #salt
18:56 brianhicks has anyone had success with salt-cloud in a VPC? I can't get it to work :\
18:58 brianhicks it looks like I should just have to specify a subnetid in cloud.profiles, right?
19:03 qba73 joined #salt
19:06 aat joined #salt
19:07 daBrado joined #salt
19:11 kermit joined #salt
19:13 kermit joined #salt
19:14 JasonSwindle joined #salt
19:14 kermit joined #salt
19:16 kermit joined #salt
19:19 bitz joined #salt
19:22 dave_den Thiggy: does the data need to be within salt?
19:22 jpeach joined #salt
19:22 dave_den seems like an easy solution would be to configure your minions to be able to set/get that data from a different data store like redis
19:22 Thiggy it does not. I was just curious if such a thing existed. If it does, hooray. If it's not, then that's fine too.
19:23 Thiggy @dave_den totally. I'm just trying to get the most out of my kitchen sink. :)
19:23 dave_den well, you could still do it via salt, but it may not make sense
19:23 whiteinge KennethWilke: btw, i'm open to any other suggestions you have on the openstack formulas. atm i'm working toward an "It works!" baseline so there's plenty more to do
19:23 kermit joined #salt
19:24 kaptk2 joined #salt
19:24 JasonSwindle whiteinge:  I push up my NGINX / UWSGI states
19:24 dave_den for example, you could write a custom runner module that takes the key+data from the minion and puts it into your data store (that way you can do extra stuff from the master's point of view to update the data store), or you could also use events + reactors
19:24 JasonSwindle I need to clean them up, and right now they are Ubuntu only
19:25 whiteinge very cool
19:26 rberger joined #salt
19:27 whiteinge i'd like to see the django (and by extension the openstack horizon) formula be able to freely switch between requiring formula such as apache or nginx/uwsgi just by setting a pillar var. that would be very cool
19:28 Katafalkas joined #salt
19:28 dave_den Thiggy: also, you could allow peer to peer execution of the data module, so permitted minions could publish the key/value to other specified minions and then each minion would have that key/value stored locally…
19:28 whiteinge i haven't mapped the whole thing out in my head yet but i think that would be a lot of win
19:28 pdayton joined #salt
19:29 JasonSwindle whiteinge:  It would.  I am not sure how you would do it.  Giving up Apache was a win for us.  So much memory usage….
19:29 kermit joined #salt
19:30 whiteinge :)
19:30 whiteinge i've got a django formula on my todo-shortlist so i'll give it a shot after openstack is in a better spot
19:31 JasonSwindle My stack is DJANGO
19:31 JasonSwindle NGINX \ UWSGI \ Django
19:31 akoumjian I've been meaning to update my salt-django-example to our new stack with uses nginx / uwsgi
19:32 jschadlick joined #salt
19:32 akoumjian I also removed all the circus / supervisor cruft and just went for straight upstart scripts
19:32 JasonSwindle akoumjian: Ditto
19:32 hernantz joined #salt
19:33 JasonSwindle I never saw a need for that stuff.  KISS and DRY rule
19:33 Thiggy @dave_den I'm using events/reactors right now which is why I was trying to see if I could do it inside saltstack. Everything sounds more complicated than just standing up redis/whatever to act as a central data store, so I'm thinking that's probably what I need to do.
19:34 akoumjian JasonSwindle: I think it's a throwback to the days when you'd have really long running processes under apache that would crash and burn every couple weeks, you'd want a process watching like supervisor to restart it
19:34 dave_den Thiggy: yeah. sometimes even if it *is* possible to do it within salt, it doesn't mean it belongs there.
19:34 Thiggy oh man getting django/uwsgi/celery/supervisor to play nice with saltstack was my life about 3 weeks ago
19:34 KennethWilke whiteinge: yeah i got plenty to learn about it myself :p
19:34 JasonSwindle akoumjian:  True
19:34 akoumjian JasonSwindle: But a well managed system that gets updated frequently and proper error reporting shouldn't need it
19:34 Thiggy @dave_den the eventing/reactor system was super awesome for what I'm doing though because since I could target script execution as things happen
19:34 KennethWilke whiteinge: deploying openstack that is
19:34 JasonSwindle akoumjian:  Yep yep
19:35 Thiggy @dave_den it's just some of the more complicated stuff like "Well I only really want 1 of these events to be published, not N of these events where N is the number of minions where something is happening"
19:35 KennethWilke JasonSwindle: you be sharing tings?!
19:36 JasonSwindle KennethWilke:  I will once I can clean them up.  I may work with you on that.
19:37 KennethWilke i'm down, i'd like to be able to point to any repo under salt-formula when someone asks about best practice
19:37 whiteinge +1
19:38 KennethWilke plus i want to be lazy like chef people and use 'cookbooks'
19:39 KennethWilke i also harbor a dream that salt-formula will eventually be used for some kinda state package manager
19:40 whiteinge speaking of which...
19:40 whiteinge akoumjian: i've been meaning to catch up with you about spm
19:40 forrest joined #salt
19:40 alexandrel woa, mako is pretty powerful.
19:40 akoumjian whiteinge: Yes, I would really like your feedback, or Tom's opinion on proper direction
19:41 akoumjian whiteinge: unfortunately I'm about to head out for lunch. can I ping you when I get back?
19:42 whiteinge please do
19:46 jacksontj joined #salt
19:49 Xeago joined #salt
19:50 devinus joined #salt
19:50 druonysus joined #salt
19:50 druonysus joined #salt
19:52 stefw joined #salt
19:52 subway_ joined #salt
19:52 subway joined #salt
19:53 dthom91 joined #salt
19:54 dave_den anyone know the answer to this - i didn't catch any replies on salt-devel: I see both "env=None" and "env='base'" used for arg defaults in the salt source. When is it appropriate to use one or the other?
19:57 mgw joined #salt
19:57 david_a joined #salt
20:01 druonysuse joined #salt
20:03 jacksontj joined #salt
20:04 JasonSwindle akoumjian:  You played with Docker.io?
20:04 SEJeff_work dave_den, In python, the best way is def some_func(default_arg=None, ...):
20:04 SEJeff_work default_arg = "base" or default_arg
20:04 tagNinja03600 joined #salt
20:05 dave_den SEJeff_work: i'm wondering about the distinction of using None vs 'base' as the env… it seems like it should be consistent across all defaults, right?
20:06 hernantz joined #salt
20:06 SEJeff_work dave_den, in the function declarations, setting None is always the right way
20:06 SEJeff_work There are some pretty subtle bugs otherwise
20:06 dave_den i figured so, but i thought i saw 'base' being used as well. maybe that was only in the module defaults
20:07 whiteinge strings are immutable so they should be safe as defaults. dave_den is right about inconsistencies in various places. they should be fixed
20:08 dave_den SEJeff_work, whiteinge: from a quick grep: http://pastebin.com/REfwfqqZ
20:09 SEJeff_work ++
20:10 whiteinge heh
20:11 chutzpah there should be a release announcements mailing list
20:12 SEJeff_work salt-announce. Thats a good idea
20:13 chutzpah SEJeff_work: it would certainly make maintaining salt packages easier
20:15 Gifflen joined #salt
20:15 tagNinja03600 hello ^
20:16 whiteinge UtahDave: ^^ wasn't there movement on a release mailing list recently?
20:17 akoumjian JasonSwindle: I have not yet. Doesn't really fit our use case much as we are on aws and it makes more sense for our services to be split out into separate VMs
20:19 saurabhs joined #salt
20:20 JasonSwindle Ah ok
20:21 UtahDave whiteinge: not that I know of. We created a packagers mailing list.
20:22 chutzpah <-- gentoo packager, I have never heard of such a mailing list
20:22 KennethWilke the jinja site seems to be down ;|
20:23 KennethWilke on my end anyway, anyone else having issues with http://jinja.pocoo.org/ ?
20:23 chutzpah KennethWilke: yeah it's unresponsive, though the full docs are in the source tarball
20:23 UtahDave chutzpah: doh!  can you pm me your email address?  I'll add you
20:23 KennethWilke chutzpah: keep making them gentoo packages!
20:25 chutzpah UtahDave: got my pm? though my gentoo email isn't exactly a secret
20:25 rberger joined #salt
20:26 chutzpah which is why it gets absurd amounts of spam :P
20:26 UtahDave yep!
20:29 b55 joined #salt
20:31 Gifflen joined #salt
20:32 dave_den is it preferred to use 'tgt_type' or 'expr_form'?
20:42 StDiluted had anyone done any work on salt-cloud VPC documentation?
20:43 mike25ro joined #salt
20:44 hernantz joined #salt
20:45 zooz joined #salt
20:47 d0rm0us3 joined #salt
20:48 Jahkeup joined #salt
20:49 UtahDave dave_den: unfortunately some parts of salt require the former and others the latter.  We need to unify that.  :(
20:50 dave_den UtahDave: i'm writing new runner functions - what should i use for any new code?
20:50 UtahDave StDiluted: nope. It's still not fully baked, from what I understand. redbeard2 do you have any info on that?
20:51 redbeard2 StDiluted: yeah, it's not really there yet.
20:52 d0rm0us3 left #salt
20:53 StDiluted i could really use that functionality. I'm currently using an AMI with salt baked in but there are issues with that
20:57 forrest joined #salt
21:05 jacksontj joined #salt
21:07 hernantz hi! is salt a possible replacement for fabric? we need to manage multiple projects with different configs, and every developer shoud be capable to do it from his laptop
21:08 SEJeff_work hernantz, For salt, you need to run the commands from the master server
21:08 SEJeff_work but you can run things similar to fabric
21:09 SEJeff_work hernantz, You basically specify what you want to do using a fabfile in a state file and then don't put it in the top.sls. Instead of running: fab hosts foobar, you'd do: salt hosts* state.sls foobar
21:10 hernantz SEJeff_work, and each minion should be associated to every laptop, right? there would be multiple masters...
21:10 SEJeff_work Depends
21:10 SEJeff_work A minion can run on a laptop
21:11 SEJeff_work but in general, you'd run minions on things you want to remotely execute commands on or configure using states
21:11 Lue_4911 joined #salt
21:16 jschadlick joined #salt
21:18 Linz_ joined #salt
21:18 zloidemon joined #salt
21:19 hernantz SEJeff_work, yes, that is the plan
21:21 hernantz so, for each project i would have my sls files in the project root (along with the fabfile.py) for the project specific config, and run salt commands from there
21:23 giantlock joined #salt
21:31 danielbachhuber joined #salt
21:35 b55 hello #salt. has anyone come across a situation where regex isn't being applied in top.sls for a high state? I've tested the regex using salt cli on master and it works, but highstate is ignoring it for some reason.  check http://pastebin.com/JXMcHHK4 for a few more details. appreciate any pointers/links to docs/reccomendations on how to get past this. (salt v0.14.0)
21:35 Corey b55: Step 1, upgrade.
21:35 Corey In a big way. :-)
21:36 b55 not as easy for me here, but I'll definitely consider it
21:36 b55 e.g. discuss with other powers in control
21:36 Gifflen joined #salt
21:37 keekz joined #salt
21:38 UtahDave b55: you have to specify that you're matching with pcre
21:38 UtahDave in your top.sls
21:38 UtahDave - match: pcre
21:40 b55 does the '- match: pcre' go under the regex for the host block then?
21:41 poil joined #salt
21:43 saurabhs Hi I had a question around salt caching data. I wanted to know if pillar data is ever cached on minion or if its cached on salt master only?
21:43 poil Hi everyone, I was trying to use the file roots to separate multiple accounts/clients/project. I noticed all the top files from every file_roots are being pushed to /var/cache/salt/minion/files no matter which hosts they match. Is there a way to cleanly separate state trees? Thanks!
21:44 UtahDave b55: yep!
21:44 UtahDave saurabhs: yes, it's cached on the minion, too
21:44 UtahDave poil: the entirety of your file_roots is viewable by all authenticated minions.
21:48 mike25ro how is the best way of upgrading salt?
21:48 mike25ro i have 0.16.0 .... on debian (both master and minions)
21:48 b55 Thanks UtahDave.  Adding that didn't work but I'm also aware I'm on an older version.
21:48 mike25ro what is the best option on ... updating salt?
21:48 helderco joined #salt
21:49 mike25ro i have installed salt... from debian repo
21:49 UtahDave b55: http://docs.saltstack.com/topics/targeting/globbing.html#regular-expressions
21:49 UtahDave mike25ro: did you use   debian.saltstack.com?  I think it has the latest
21:50 JasonSwindle left #salt
21:50 mike25ro UtahDave:  thanks buddy
21:51 poil UtahDave: Thanks! That means someone logged as root on client A can see the top file of client B. Is there another way to execute specific states based on nodegroups/hosts without matching them in the top files?
21:51 poil :UtahDave: when using highstate
21:52 b55 UtahDave: Thanks. That's bascially what I did but no go.  I think I'll use globbing and grarins for now until we can upgrade our env to latest tho.
21:52 UtahDave poil: No. A highstate requires a top.sls    You can specify the exact state files you want manually:    salt 'myminion' state.sls vim,otherstate,addfiles,mysql
21:54 mike25ro as far as i understand... in the top.sls state you add only the states that you want to apply to ALL minions ,,,, right?
21:56 b55 UtahDave: success.  had to change the "P@fqdn:regex" to just 'regex' and add the match.  many thanks.
21:56 UtahDave mike25ro: actually, no.  Your top.sls allows you to match on your minions to give them specific sls files to execute
21:57 mike25ro ah right good point
21:57 UtahDave b55: ah, good.  Yeah, I think you only need the "P@" if you're using the compound matcher
21:57 poil :@UtahDave is there a way to disable the minion cache or that would be a bad idea?
21:57 Gifflen_ joined #salt
21:59 jacksontj joined #salt
22:02 dthom91 joined #salt
22:03 racooper does a pkg.upgrade restart running services like httpd?
22:03 forrest no
22:04 racooper didn't think so. thanks.
22:04 forrest racooper, maybe: http://docs.saltstack.com/ref/states/requisites.html#watch
22:05 forrest I don't know if you can do a watch, or on an rpm though
22:05 forrest errr on an rpm
22:05 saurabhs What is salt payload? I am wondering what is it that payload.py class does in salt : https://github.com/saltstack/salt/blob/develop/salt/payload.py
22:05 forrest If you try it racooper, let me know
22:06 racooper it's not for a state, and I've already run the upgrade. I don't really know if it restarted or not, so I did a service.restart afterward.
22:06 forrest it would be better if you could just do a watch then to avoid that step
22:06 forrest if it was possible
22:06 saurabhs is it resposible for dealing with cache?
22:07 racooper if it was in a state declaration I'd be more concerned about that yeah
22:09 UtahDave poil: is there an option to disable the minion cache in the minion config?
22:10 poil @UtahDave: thanks anyway. Cya!
22:11 UtahDave racooper: if you're doing a highstate you can have the httpd service watch the pkg
22:11 UtahDave and it will restart
22:12 racooper great, thanks UtahDave
22:12 UtahDave saurabhs: payload.py is for dealing with Salt's internal communications.
22:12 esrax joined #salt
22:12 troyready joined #salt
22:12 UtahDave np!
22:13 saurabhs UtahDav: Where are we dealing with Cache (read/write)?
22:15 UtahDave saurabhs: are you asking about caching on the minion or master?
22:15 saurabhs both actually :).
22:16 saurabhs particularly caching of the pillar data
22:16 mike25ro i am curious about this one too... was wondering what to do with cache
22:16 KennethWilke damns, salt-cloud isn't working with gentoo boxes for me atm :(
22:16 UtahDave saurabhs: I'm thinking the minion caching is in minion.py
22:16 jschadlick joined #salt
22:16 UtahDave cachedir   is the variable that holds the path to the caching directory. That might help you track it down.
22:17 KennethWilke it's failing when emerge tried to bring in dev-libs/crypto++, i think i recall the solution for this being to emerge libtool
22:17 druonysuse joined #salt
22:17 UtahDave hm. I haven't used salt-cloud with gentoo yet.
22:17 UtahDave saurabhs: what are you trying to do?
22:18 KennethWilke i've had success before, but i think this has to do some some portage tree changes or something
22:18 oz_akan_ joined #salt
22:18 KennethWilke UtahDave: is there anyone who likes to maintain salt-cloud interoperability with gentoo?
22:18 jacksontj joined #salt
22:19 UtahDave KennethWilke: redbeard2 is the lead salt-cloud dev.  He just left for home, but usually gets back online in an hour or two
22:19 saurabhs We are using salt and using plain text pillar data is just no go here. So was look at how difficult it would be to get encrypted pillars
22:20 saurabhs I got it work somewhat with few changes but then I got to caching and want to see how it will play with it values being encrypted
22:20 mike25ro it would be good ... to get data pillar from mysql or a db - just saying..
22:22 saurabhs I always wonder how people get around securing there pillar data
22:22 mike25ro me too!
22:22 saurabhs since it resides on master in plain text, isn't that a security concern?
22:23 mike25ro well.. i think... noone should access your master
22:23 UtahDave mike25ro: yeah, that's what external pillars are for
22:23 mike25ro :D
22:23 saurabhs external pillars?
22:23 mike25ro external pillars UtahDave ? i haven't seen that yet
22:24 UtahDave http://docs.saltstack.com/ref/pillar/all/index.html#all-salt-pillars
22:24 UtahDave saurabhs: the problem is that the master has complete control of the minion.  So even if the item is encrypted on the master, the master can tell the minion to give it the decrypted data back or do something else with it
22:26 mike25ro UtahDave:  still no mysql in the external pillars... is that ... smth that is work on progress?
22:26 mike25ro or maybe REDIS
22:26 KennethWilke mike25ro: i have plans to make a redis external pillar
22:27 KennethWilke but i also have a lot on my plate, so no ETA on that one
22:27 UtahDave mike25ro: yeah, we should have a mysql pillar.  They're REALLY easy to make
22:27 UtahDave Great doc on creating external pillars. http://docs.saltstack.com/topics/development/external_pillars.html?highlight=external%20pillar
22:27 mike25ro UtahDave:  i am still a newbie... but i would really like to contribute with something
22:27 saurabhs UtahDav: How do I configure this then?
22:28 mike25ro ah thanks UtahDave ... i will definitely take a look and maybe start doing that mysql pillar module
22:28 UtahDave saurabhs: configure your master to not know everything about your minion?
22:28 KennethWilke mike25ro: sorry if this is redundant info: https://github.com/saltstack/salt/tree/develop/salt/pillar
22:28 mike25ro KennethWilke: nothing is redundant ! :)) thanks a lot
22:29 saurabhs Nope, ext_pillar? is there an example?
22:29 KennethWilke most of the stuff in salt is readable fortunately
22:29 KennethWilke :) which makes this guy happy
22:30 KennethWilke i'm thinking the mongo ext_pillar might be the best foot in the door on that mike25ro
22:30 UtahDave saurabhs: look at the last several links
22:30 saurabhs KennethWilke: yeh I am happy with that too, its just that I was looking for something like encrypted data bags in chef. which can be used for credentials
22:30 mike25ro KennethWilke: i think so too.. i was thinking at mysql / redis...
22:31 KennethWilke i'd be all for you getting started on the redis one, forget mysql it's too slow! :)
22:31 b55 left #salt
22:31 KennethWilke saurabhs: yeah the databags in chef are handy, i definitely approach pillar a similar way
22:32 etw joined #salt
22:32 mike25ro KennethWilke: indeed... redis is bloody fast.
22:32 mike25ro KennethWilke: and it is to set up slaves to get data from the master... if needed..
22:33 mike25ro KennethWilke:  but first i need to learn some python... i am a php dev/sysadmin myself :D
22:34 * mike25ro really fancies SALT :D
22:34 KennethWilke ooooh, salt is a good gateway drug for python i think!
22:34 KennethWilke and coming from php, python's OO model should make you happy
22:34 mike25ro KennethWilke:  i have to agree again with you
22:35 KennethWilke did take me a long while to like python, but now i get too much work done on a single day because of it
22:36 jacksontj joined #salt
22:36 mike25ro KennethWilke: ... i usually READ a lot... before... getting into smth... but a lot of py devs that used to be php ... are really keen on using py instead of php
22:37 KennethWilke yeah i can see why, it can solve for a much larger problem domain, while i only ever felt confortable using php for webdev
22:38 mike25ro yeah ... php is still really good for web apps... but also django seems a pretty good alternative... and a really used one
22:40 rodif joined #salt
22:40 rodif hello
22:41 * mike25ro is going to sleep.. it's been a long day
22:41 * mike25ro c u later guys
22:41 mike25ro left #salt
22:41 rodif i had a question, i'm just toying with salt right now and i'm trying to understand how i would install a software package from its src
22:42 rodif obviously the pkg module handles the distribution based installs, but say i wanted to compile and install a 3'rd party package from its src
22:43 mmilano_ joined #salt
22:45 druonysuse joined #salt
22:45 druonysuse joined #salt
22:48 krissaxton joined #salt
22:52 kermit joined #salt
22:52 UtahDave rodif: You'd probably just want to use cmd.run to execute each step.  Just a sec. I have a good example
22:52 UtahDave rodif: https://gist.github.com/UtahDave/6125409
22:53 rodif UtahDave: thanks
22:53 rodif ahh understood, i had thought of doing it that way, but i wanted to make sure i wasn't missing something
22:54 rrauenza_ I need to manage my supervisord.conf file with different entries -- the version I have doesn't support /etc/supervisord.d/* -- is there a pattern for this?  In puppet I would have used the concat module.
22:56 conan_the_destro joined #salt
23:00 berto-_ joined #salt
23:03 rrauenza joined #salt
23:06 david_a joined #salt
23:07 berto- joined #salt
23:08 rrauenza is there a good design pattern for adding supervisord services to the actual supervisord.conf?  My version of supervisord on centos 6 doesn't have an /etc/supervisord.d
23:08 rrauenza In puppet I would use a concat module to build it up.  I think in salt I may just have to just keep track of them in a single file.
23:11 jschadlick joined #salt
23:12 jacksontj joined #salt
23:14 aat joined #salt
23:17 dizzyd joined #salt
23:17 dizzyd hello, my salty hearties
23:18 dizzyd is there a reason all the modules in salt call each other like so:
23:18 dizzyd __salt__['pillar.get']('ephemeraldisk:' + name, [])
23:18 dizzyd ?
23:18 dizzyd i.e. why not just call a function directly?
23:24 mikedawson joined #salt
23:28 UtahDave rrauenza: try file.accumulated:
23:28 UtahDave http://docs.saltstack.com/ref/states/all/salt.states.file.html#salt.states.file.accumulated
23:28 UtahDave example here:
23:28 UtahDave https://github.com/saltstack/salt/pull/2521#issuecomment-10278405
23:29 UtahDave dizzyd: there's various reasons.  The biggest is that it makes all your call cross platform
23:30 Kotoura joined #salt
23:32 dizzyd cross platform?
23:32 dizzyd UtahDave: how is looking up the fun in a dictionary before invoking it more cross platform?
23:33 cewood joined #salt
23:34 UtahDave because if you call  __salt__['file.copy]('old', 'new.txt')    that's going to work whether you're on Linux, Solaris, or Windows.
23:34 UtahDave or __salt__['pkg.install']('firefox')
23:35 kermit joined #salt
23:36 dizzyd ah
23:37 dizzyd so for modules where they are cross platform, is there any reason to NOT to call directly?
23:38 UtahDave Yeah, there are several other reasons. They're not coming to mind right now, unfortunately.
23:38 UtahDave Do you have a compelling reason not to?
23:39 Jarus Hi I got following confusing error: https://gist.github.com/jarus/18dfc4521463ed627447
23:40 joehh dizzyd, UtahDave: you're having the discussion I've been planning to ask for a few days...
23:40 dizzyd UtahDave: well, it's just a bit awkward from an idiomatic perspective
23:41 UtahDave Jarus: what version of salt?
23:41 dizzyd basically it's layering an additional call level atop python's internal mechanism
23:41 Jarus UtahDave, 0.16.2
23:41 UtahDave Jarus: https://github.com/saltstack/salt/issues/6545
23:41 dizzyd even for cross platform stuff, you could use python's existing dynamic invocation to avoid having to do a lookup per call
23:42 Jarus UtahDave, okay thank you!
23:42 UtahDave Jarus: np
23:43 UtahDave dizzyd: I think Tom has had this discussion quite a few times. You might find his explanation in the mailling list.
23:43 dizzyd ok
23:43 dizzyd i'll see what i can find
23:43 dizzyd thx
23:43 UtahDave well, time to head home!
23:43 UtahDave hasta manana
23:48 krissaxton joined #salt
23:54 chrisgilmerproj left #salt
23:57 intchanter joined #salt
23:57 logix812 joined #salt
23:58 druonysuse joined #salt
23:58 druonysuse joined #salt
23:59 jschadlick left #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary