Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2013-09-27

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:13 rlarkin joined #salt
00:19 Gifflen joined #salt
00:23 shinylasers joined #salt
00:49 rlarkin joined #salt
00:49 farra joined #salt
01:06 ipmb joined #salt
01:06 oz_akan_ joined #salt
01:09 patrek joined #salt
01:23 nu7hatch joined #salt
01:24 cedwards I just started playing around with halite, but I'm stuck on the auth.
01:24 cedwards can anyone tell me what I need to do in order to login? The docs aren't entirely clear to me
01:25 dzderic cedwards: I just installed halite as well about 5 mins ago
01:25 swa_work joined #salt
01:25 dzderic to get auth working, I just added the 'external_auth' settings in the master config, as per the doco
01:26 cedwards I added that.. let me double check
01:26 [diecast] joined #salt
01:26 cedwards but that external auth via pam should just auth with my system username/password?
01:27 dzderic yep
01:27 dzderic as long as the user is in the 'pam' list under 'external_auth'
01:28 andrej Sorry about the lack of nettiquette re the paste
01:29 andrej If I strip the srv of my command I get the same result
01:29 cedwards i keep getting a login failed
01:29 Jahkeup joined #salt
01:31 dzderic cedwards: can you log in through the command line? (eg. salt -a pam '*' test.ping)
01:35 cedwards looks like i had poor spacing in my external_auth definition
01:38 nu7hatch joined #salt
01:41 jslatts joined #salt
01:42 farra joined #salt
01:42 dthom91 joined #salt
01:45 deepakmd_oc joined #salt
01:46 bhosmer joined #salt
01:58 andrej Hmmm
01:58 andrej I can't seem to get any output when I use cms.script
02:01 oz_akan_ joined #salt
02:02 andrej and the return value is always 0, even if all I do is echo "test"; exit 5
02:04 sixninetynine joined #salt
02:05 nu7hatch joined #salt
02:19 redondos joined #salt
02:24 xl1 joined #salt
02:30 StDiluted joined #salt
02:33 redondos joined #salt
02:39 berto- joined #salt
02:44 farra joined #salt
02:56 justlooks joined #salt
02:57 justlooks hi,all ,i want to judge if the file exist how to use the module?
02:57 ifnull_ joined #salt
02:58 jcockhren http://docs.saltstack.com/ref/modules/all/salt.modules.file.html#salt.modules.file.file_exists
02:58 jcockhren justlooks: ^
02:58 justlooks where i can parse my sls content,i want to show you what i write
02:59 jcockhren are you saying you're going to post your sls?
02:59 justlooks yes
02:59 mianos joined #salt
02:59 jcockhren how about gist.github.com or pastebin.com ?
03:00 justlooks thank you
03:02 fragamus joined #salt
03:02 justlooks what i want to do is here https://gist.github.com/justlooks/6723618
03:03 jcockhren maybe
03:03 justlooks i do not know how to write unless use file.file_exists
03:03 jcockhren unless: "which java"
03:04 justlooks o ,nice i forgot it
03:04 jcockhren ;)
03:04 justlooks but what if i want to call file.file_exists in unless?
03:05 justlooks maybe next time i need complex thing do by module
03:06 jcockhren I don't think you can "yet"
03:06 jcockhren I was looking for that a couple days ago
03:08 BrendanGilmore joined #salt
03:09 justlooks i think salt should allow module call in sls file,what if i use jinja ? i think it's a way,try it
03:11 kenbolton joined #salt
03:12 oz_akan_ joined #salt
03:16 ifnull_ joined #salt
03:16 jpeach joined #salt
03:19 Lue_4911 joined #salt
03:22 justlooks i try jinja render sls file ,but it's says __salt__ can not be understand ,anyone can help?https://gist.github.com/justlooks/6723728
03:24 jacksontj joined #salt
03:27 jacksontj_ joined #salt
03:29 jcockhren justlooks: if you want one state to run conditionally, use cmd.wait
03:29 jcockhren sorry. stepped away for a sec
03:36 jcockhren justlooks: added a comment that should what you should do
03:38 StDiluted joined #salt
03:44 benspaulding left #salt
03:53 justlooks why i can not create id declaration? https://gist.github.com/justlooks/6723880
03:53 jcockhren justlooks: syntax is incorrect
03:54 jcockhren justlooks: remove proinstall
03:55 justlooks jcockhren:  /tmp/mytest1: already is id declaration?
03:58 jcockhren justlooks: basically. there's two ways to structure it. see my comment
04:00 kenbolton joined #salt
04:08 dzderic does anyone know if there's any way to asynchronously execute a function from a module inside of another module?
04:09 dzderic ie. something like: jid = __salt__['func.name'].async('arg')
04:16 danielbachhuber joined #salt
04:20 woebtz joined #salt
04:22 redondos joined #salt
04:24 mianos joined #salt
04:29 dthom91 joined #salt
04:32 redondos joined #salt
04:47 Katafalkas joined #salt
04:51 druonysus joined #salt
05:05 mianos can I copy from a local filesystem, outside salt://
05:06 cshuman joined #salt
05:12 justlooks mianos: yes you can ,you can put file on http or ftp server
05:13 justlooks mianos: you also need add source_hash argument  ,if do so
05:18 justlooks how to comment  partial sls code?
05:19 mianos upstream hash, what a hassle
05:26 aleszoulek joined #salt
05:27 justlooks mianos: plz reference doc about state.file.managed
05:28 justlooks is there good tool for sls syntax validation?
05:33 justlooks why i can not find iptables pkg? https://gist.github.com/justlooks/6724543
05:34 mianos justlooks: never mind, I did not know you could configure the master salt:// fileserver to directories outside the /srv/salt
05:35 mianos we will just add a new one and use that for our css etc
05:38 justlooks mianos:  i can change to use httpd service and use source : http://path/to/yourfile
05:38 justlooks mianos: i think
05:38 mianos yes, but it saves nothing, because it's the master that downloads from the http and then sends it to the minions using salt:// protocol
05:39 justlooks mianos: in master config file it just open salt self file server ,you can comment it to disable it
05:42 mianos the salt master is a protocol 'bridge'
05:44 jalbretsen joined #salt
05:46 Ryan_Lane joined #salt
05:46 Ryan_Lane joined #salt
05:48 justlooks https://gist.github.com/justlooks/6724614 ,execute sls not output
05:58 gildegoma joined #salt
06:03 redondos_ joined #salt
06:04 redondos_ joined #salt
06:25 cshuman joined #salt
06:45 Furao joined #salt
06:51 malinoff joined #salt
06:56 elsmorian joined #salt
06:57 fragamus joined #salt
06:57 Ryan_Lane joined #salt
07:06 ml_1 joined #salt
07:10 redondos joined #salt
07:15 mianos joined #salt
07:21 Ryan_Lane joined #salt
07:22 cnelsonsic joined #salt
07:22 athit joined #salt
07:39 mianos joined #salt
07:42 redondos joined #salt
07:44 balboah joined #salt
07:56 Ryan_Lane joined #salt
08:13 redondos joined #salt
08:16 hummus3 joined #salt
08:20 krissaxton joined #salt
08:23 abele joined #salt
08:27 Ryan_Lane joined #salt
08:34 zooz joined #salt
08:37 malinoff Hi all
08:37 nu7hatch joined #salt
08:40 genkimind Hi
08:41 qba73 joined #salt
08:44 redondos joined #salt
08:44 linjan hi
08:48 scott_w joined #salt
08:52 Kraln joined #salt
08:52 bawnzai joined #salt
08:53 jbub joined #salt
08:54 pmrowla joined #salt
08:56 justlooks i can collect grain info use jinja, but how can i run the salt module in jinja?
08:56 felixhummel joined #salt
08:57 Ryan_Lane joined #salt
08:58 yota joined #salt
09:01 phillipshum joined #salt
09:01 phillipshum how do I specify a version using npm.installed ?
09:01 phillipshum salt.states.npm *
09:09 justlooks phillipshum: it depend to the software package version in you package manager system
09:09 phillipshum npm --version
09:09 phillipshum 1.3.11
09:09 felixhummel joined #salt
09:10 phillipshum justlooks, ^
09:15 redondos joined #salt
09:15 phillipshum justlooks, what do you mean by it depends?
09:26 justlooks phillipshum: i use redhat,so wen i run yum install nmp ,if the installed nmp is version 1.3.11 ,when i write sls ,and run it ,you installed nmp is version 1.3.11 ,hope you can understand what i said
09:26 phillipshum justlooks, that's the salt.states.pkg
09:26 phillipshum I'm talking about salt.states.npm
09:27 Ryan_Lane joined #salt
09:31 justlooks phillipshum: sorry ,not familiar with npm ,if it is the package manager software ,it shoud same as yum ,pacman ,what you installed is the package which you put in the npm
09:37 psyl0n joined #salt
09:39 pexio joined #salt
09:39 felixhummel joined #salt
09:46 redondos joined #salt
09:48 goodbytes joined #salt
09:52 lemao joined #salt
09:56 geak joined #salt
09:58 Ryan_Lane joined #salt
10:09 felixhummel joined #salt
10:17 redondos joined #salt
10:25 [M7] joined #salt
10:27 TheCodeAssassin joined #salt
10:29 Ryan_Lane joined #salt
10:31 deepakmd_ joined #salt
10:34 ronc joined #salt
10:36 bhosmer joined #salt
10:42 nu7hatch joined #salt
10:45 giantlock joined #salt
10:47 boite joined #salt
10:48 redondos joined #salt
10:56 movedx_ joined #salt
10:57 movedx_ Hi. Just wondering, if I bootstrap some cloud servers using salt-cloud, can I have the minion uninstall its self in the event I don't want to continue managing the state after the initial setup?
10:57 boite joined #salt
10:59 Ryan_Lane joined #salt
11:00 movedx_ Unless salt-cloud is going to support the forth coming salt-ssh, I think I might need to work out such a system.
11:04 jslatts joined #salt
11:15 talso joined #salt
11:19 redondos joined #salt
11:25 psyl0n joined #salt
11:28 anuvrat joined #salt
11:30 Ryan_Lane joined #salt
11:33 ipmb joined #salt
11:35 [diecast] joined #salt
11:42 nu7hatch joined #salt
11:46 farra joined #salt
11:51 redondos joined #salt
11:51 felixhummel joined #salt
11:59 xl1 left #salt
12:00 Ryan_Lane joined #salt
12:13 dthom91 joined #salt
12:19 shiin joined #salt
12:20 shiin is it possible that changing the user gid with a user.present state is broken/not quite implemented? Ive been trying to get it to work the way its documented, but it doesnt like me.
12:22 redondos joined #salt
12:24 unicoletti_ joined #salt
12:26 shiin nevermind. it requires a group to be required manually.
12:26 shiin left #salt
12:27 geak_ joined #salt
12:28 zooz joined #salt
12:30 Gifflen joined #salt
12:31 jslatts joined #salt
12:36 Ryan_Lane joined #salt
12:36 bhosmer joined #salt
12:36 eliasp_ joined #salt
12:40 copelco joined #salt
12:43 iromli joined #salt
12:45 jeff__ joined #salt
12:53 NotreDev joined #salt
12:54 linjan_ joined #salt
12:54 redondos joined #salt
12:58 iromli so i clone pip-formula and place it under /srv/salt, then i use salt "*" state.sls pip-formula.pip
12:58 kenbolton joined #salt
12:58 iromli it works, but is this the right way to use saltstack-formulas ?
12:58 oz_akan_ joined #salt
12:59 oz_akan_ joined #salt
13:00 juicer2 joined #salt
13:04 Jahkeup joined #salt
13:04 racooper joined #salt
13:06 Ryan_Lane joined #salt
13:07 jslatts joined #salt
13:08 piffio joined #salt
13:13 racooper of course with 0.17 just released, 0.16.4 just hit EPEL mirrors...
13:16 mattmtl joined #salt
13:18 ronc joined #salt
13:19 jslatts joined #salt
13:22 cron0 joined #salt
13:22 brianhicks joined #salt
13:22 joehh racooper: I think that is actually pretty good
13:22 joehh lots of changes in 0.17, so I think if you are running anything near production, 0.16.4 is the place to be right now
13:23 oz_akan__ joined #salt
13:23 joehh even if salt itself is "perfect", i'm expecting a little delay/few iterations before the packaging side settles
13:24 racooper oh, I'm not complaining about having 0.16.4. just finding it humorous that it hit mirrors just hours after the newer version released.
13:24 kenbolton joined #salt
13:25 redondos joined #salt
13:27 movedx_ You should be using Salt's own repositories anyway (if they exist for RHEL based distributions).
13:27 movedx_ You should always use a vendor's repositories other the OS' for a specific peice of critical software.
13:28 racooper salt's own docs recommend EPEL.
13:29 racooper http://docs.saltstack.com/topics/installation/rhel.html
13:31 racooper maybe you should check your facts before berating people.
13:31 rgbkrk joined #salt
13:32 joehh I agree with the humor part :) I'm still trying to get dependencies in order for debian backports to get 0.16.4 into old-stable backports
13:32 joehh so close but not quite there
13:35 movedx_ racooper: Where in that document does it say they recommend EPEL? I believe it states the packages are stored in EPEL and as such you should use EPEL. I believe I covered this case when I said, "if they exist for RHEL based distributions."
13:35 movedx_ So they're not "recommending" EPEL - you have no choice in the matter.
13:36 mwillhite joined #salt
13:36 racooper so in that case, there is no vendor repo so your lecturing me was still pointless.
13:36 Ryan_Lane joined #salt
13:37 mapu joined #salt
13:38 geak joined #salt
13:38 timoguin joined #salt
13:39 * movedx_ sighs
13:45 movedx_ Does anyone here use salt-cloud? I'm getting some warnings about a low level function that's not being used with salt-cloud: http://pastebin.com/B1fqsi8d
13:48 rlarkin I always use the distribution repo for all software unless I'm actually forced upstream.  Everyone I've worked with has the same opinion.
13:48 imaginarysteve joined #salt
13:49 kenbolton joined #salt
13:50 Thiggy joined #salt
13:52 movedx_ Swings and roundabouts I guess.
13:54 Ahlee How do people prove that salt states are applied?
13:54 Ahlee Or, I already trust the utility: how do I verify?
13:56 redondos joined #salt
13:58 movedx_ Check the server's configuration matches your expectations?
13:58 blee joined #salt
13:59 Ahlee That would be one way
14:00 Ahlee but, if I have to verify a thousand minions, what does the tool get me
14:01 Ahlee I feel like I'm missing something.
14:01 kaptk2 joined #salt
14:02 movedx_ There is a degree of trust needed, I guess.
14:02 Ahlee Yeah. I trust. I understand writing idemopotant states.
14:02 Ahlee Unfortuatnely, I'm not highest man on the totem pole
14:02 Ahlee and he does not share my trust
14:02 movedx_ But then it boils down to what you're doing. For example if you deploy Salt and ask it to setup a web server, database server and a monitoring server and none of that works, then you've done something wrong or Salt has been telling you lies all along and all those lines of code do nothing.
14:02 movedx_ :P
14:03 Ahlee I guess I'm struggling with if i have 20 servers doing something, I'm stuck either constantly applying the state and completely tying my application start process around whether state has applied
14:04 Ahlee or i'm blindly trusting to never have a minion fail
14:04 anteaya joined #salt
14:07 Ryan_Lane joined #salt
14:08 silviud joined #salt
14:11 movedx_ Well if I was you, I would develop your states and test them like crazy. Try and break them, if you like, and then work to prevent that in future.
14:11 movedx_ Once you're confident you can see the states working as expected and under extreme conditions, you can trust them.
14:15 unicoletti_ left #salt
14:18 Ahlee I guess I can look into a custom returner, and manually populate success of each step
14:19 Ahlee maybe
14:19 blee joined #salt
14:19 alexandrel Ahlee: Configuration Management dosen't remove the need to have solid monitoring in place.
14:20 KennethWilke joined #salt
14:20 Ahlee Right, and I'm not claiming it does
14:21 alexandrel I'm just saying ;)
14:22 Brew joined #salt
14:23 alexandrel And if I had to choose between blindly trusting a salt minion, or a human,  to deploy something consistently... My money is on the salt minion!
14:24 KennethWilke indeed
14:24 KennethWilke computers happen to be really good at doing redundant tasks without complaint
14:24 redbeard2 joined #salt
14:26 opapo joined #salt
14:26 pnl actually, it's the only thing they're meant for
14:27 Ahlee Right. My issue is verification that after an outtage, a minion is brought up to par
14:27 Ahlee dropping a salt-run into rc.local or whatever will kick off hte run, great. But how do you verify?
14:28 Ahlee How do you audit, i guess is the ultimate question
14:28 redondos joined #salt
14:28 KennethWilke salt \* test.ping should work for that
14:28 micah_chatt joined #salt
14:28 Ahlee that will tell me the minion is up, assuming I know all hosts
14:29 Ahlee My staging environment has 204 minions currently, if one is missing, I certainly won't know it from a test.ping
14:29 Ahlee so then i'm into manage.up and manage.down
14:29 vimalloc I think nagios/icinga/etc is better suited for that task then salt.
14:29 Ahlee I wrote convoluted checks surrounding manage.down, checking AD for if the system still exists
14:30 Ahlee process monitoring of the minion is going in, so I'll know if/when it fails. That doesn't speak to missed state applications, or verifycation and validation the state applied
14:30 kaptk2 joined #salt
14:31 Ahlee i suppose I'll need to look into whether I can return True on successful state application to a persistent data store
14:31 Ahlee so then I know that state foo applied successfully at 9:31 AM on Sep 27
14:31 alexandrel Ahlee: I have never used returners, but I think that might be a good use case.
14:32 Ahlee I haven't had much luck with monogo or redis returners.
14:32 lorimar left #salt
14:32 Ahlee mongo I can see data being put into the DB, but lookup_jid currently doesn't query appropriately
14:32 Ahlee redis I have about a 50/50 success rate with returning test.ping results
14:33 alunduil joined #salt
14:33 faldridge joined #salt
14:33 alexandrel That's disapointing.
14:34 Ahlee entirely probably my setup is at fault.
14:34 cnelsonsic joined #salt
14:34 Ahlee at least for redis. It's probably just the minions started before the master had the redis config
14:35 pentabular joined #salt
14:36 Ahlee and/or they're missing python-redis, which speaks volumes to why I don't trust the setup
14:36 Ahlee I don't have salt managing internal repos, none of my systems have access to the internet
14:37 Ahlee this causes problems when one of the DCs fails to sync a repo
14:37 Ahlee etc
14:37 Ahlee self inflicted pain is the best pain, right?
14:37 Ryan_Lane joined #salt
14:38 alexandrel ;)
14:39 cnelsonsic joined #salt
14:39 cnelsonsic left #salt
14:42 ronc joined #salt
14:44 higgs001 joined #salt
14:47 bhosmer_ joined #salt
14:50 jpadilla joined #salt
14:50 linjan joined #salt
14:51 jinnko joined #salt
14:52 ricicle joined #salt
14:57 linjan joined #salt
14:57 nu7hatch joined #salt
14:59 redondos joined #salt
14:59 abele joined #salt
14:59 ricicle can you have a file.directory that specifies two source directories to recurse into one target?
15:00 ricicle e.g. /etc/config gets filled with salt://defaultconfig and then salt://customconfig
15:00 oz_akan_ joined #salt
15:02 ipmb joined #salt
15:06 jpeach joined #salt
15:06 teebes joined #salt
15:06 copelco is it possible to only execute a state if another state is included and run elsewhere, but not execute it if the dependant state is not run?
15:06 bhosmer joined #salt
15:08 copelco i'm looking for something more than cmd.wait. for example, i'm trying to disable a firewall, but there are few stale states that still include setting up the base firewall. i want to have a fallback state that says "if for whatever reason the ufw state was run, then run this state to disable it. otherwise don't run it at all and don't try to disable the firewall"
15:08 Ryan_Lane joined #salt
15:08 StDiluted joined #salt
15:08 movedx_ copelco: I'm quite new to Salt, but I believe you can define a requirement/dependency within a state, allowing you to build a dependency map.
15:09 movedx_ Oh I see.
15:09 jalbretsen joined #salt
15:09 redondos joined #salt
15:10 troyready joined #salt
15:11 faeroe joined #salt
15:12 copelco movedx_: yeah, i think it need something beyond a require/watch
15:12 copelco thanks though
15:13 faeroe_ joined #salt
15:13 alexandrel copelco: cmd as a few cool built-in conditionals like unless and onlyif
15:13 copelco hmm that's true, guess i could see if it's running
15:14 TheCodeAssassin joined #salt
15:15 alexandrel *has
15:18 elsmorian joined #salt
15:19 gmoro joined #salt
15:19 qba73 joined #salt
15:19 elsmorian left #salt
15:22 mapu I;m having trouble adding users via saltstack. using a 'users' pillar. WHen I do salt 'myhostname' pillar.items, I see the user information populated properly. When I run state.highstate - the user is not added.
15:23 mapu Not sure what I am missing (this is my first time trying to use Pillars)
15:26 timoguin mapu, is that user state referenced in your top.sls?
15:26 Teknix joined #salt
15:26 mapu it is.
15:27 mapu in the top part base:
15:27 mapu '*':
15:27 mapu - users
15:27 mapu properly formatted of course
15:28 shinylasers joined #salt
15:30 cro joined #salt
15:30 cro joined #salt
15:31 timoguin mapu, not sure without seeing your pillar and state file. i used the users formula with pillar data recently: https://github.com/saltstack-formulas/users-formula
15:31 timoguin i formatted mine like the pillar.example there, and it worked like a charm
15:31 Katafalkas joined #salt
15:32 mapu WIll take a look and report back.
15:32 mapu thnaks
15:38 alunduil joined #salt
15:38 Ryan_Lane joined #salt
15:40 piffio joined #salt
15:42 NotreDev joined #salt
15:43 TheCodeAssassin joined #salt
15:45 UtahDave joined #salt
15:48 nu7hatch joined #salt
15:49 pipps joined #salt
15:50 Mef1 joined #salt
15:50 blee can I have a pillar, which contains a list, have only certain portions of it overwritten?
15:51 blee so if i load lol.sls, then lol2.sls, i can target certain items in the first list (hash?)
15:51 Mef1 quick question if you specify multiple environments in the file roots in the master how do you specify what environment to use from the cli  for example salt-call state.sls env=???
15:52 SunSparc joined #salt
15:52 mapu timoguin: thanks. that pillar worked. Not sure where the heck mine came from :)
15:53 timoguin mapu, great! :)
15:54 timoguin Mef1, you match minions within those environments, like the dev environment might have something like "dev.*" and prod might have "www.*"
15:55 timoguin make sense?
15:55 Mef1 so a minion cannot be in two different environments?
15:55 pipps1 joined #salt
15:56 timoguin Mef1, i think it could be, but i haven't done that though.
15:56 timoguin i'd just match the minion(s) in both environments.
15:56 timoguin not sure how it would work
15:57 Mef1 by the i'm using salt-call to test and doesn't that default to the local minion.  What is happening is that I'm getting an error indicating it can't find my sls file in base environment which of course it's not.  This seems to indicate it would be appropriate to be able to specifify what environment I' want to pull from
15:57 forrest_ joined #salt
16:03 UtahDave blee: no, the whole list will be overwritten currently
16:03 blee darn, i was hoping that would be implemeted in 17
16:03 blee oh well, big ups on 17, huge release! i cant wait to play with the new stuff
16:04 UtahDave blee: Yeah, I don't think that's been implemented yet.
16:04 blee gotcha
16:04 timoguin Mef1, I think the minion will still get matched appropriately on the master according the the top.sls, even when using salt-call.
16:06 LGSilva joined #salt
16:06 LGSilva hey guys. Where can I find a more detailed changelog for 0.17?
16:08 jdenning joined #salt
16:08 jslatts joined #salt
16:08 Lue_4911 joined #salt
16:10 redondos joined #salt
16:10 cshuman joined #salt
16:12 KyleG joined #salt
16:12 KyleG joined #salt
16:12 jaequery joined #salt
16:13 forrest_ LGSilva, you've already reviewed: http://docs.saltstack.com/topics/releases/0.17.0.html ?
16:13 Mef1 so i'm probably confused on the concept.  As I understood it environments allow you to have multiple trees under one file server.  This implies that you can put different files in one tree branch versus another.  Assuming I put the dev environment and base environment in the top file (which I did) and I put a glob of "*" in both (which I did) the salt-call is going to match the local minion but as I said its still trying to pull the file
16:14 Mef1 I am clearly missing something here can anybody explain how to properly use the environments
16:15 kenbolton joined #salt
16:20 forrest_ So Mef1, let me get this straight, you have a dev environment (and thus a dev file_roots), and a prod environment (and prod file_roots), the file only lives in prod, and you're globbing all machines in the topfile for both as  prod: * and dev: *
16:21 ricicle Are there any up-to-date salt rpms anywhere please? This whole idea of sending the server to run an un-verified script is not acceptable here (understandably). I've seen links to thatch45's downloads which are now gone and the saltstack ones on github that are two years old.
16:22 ronc joined #salt
16:23 Mef1 forrest essentially yes.  I guess the question is there a way to specifiy what environment you are working in?  From the doc its not obvious which essentially makes me feel like I'm missing the point
16:23 forrest_ ricicle, http://dl.fedoraproject.org/pub/epel/6/x86_64/repoview/salt.html is available.
16:23 forrest_ can you paste your top file Mef1?
16:24 ricicle @forrest: thanks
16:24 forrest_ yea np ricicle.
16:25 Mef1 yes I will what tool would you prefer I'll send the config
16:25 forrest_ whatever, gist, pastebin, doesn't matter
16:27 Mef1 forrest here it is http://pastebin.com/NVbrBqb3
16:28 forrest_ ok, so when this goes through, it applies agn_openstack.agn_keystone, and agn_openstack.agn_glance to everything.
16:28 forrest_ then for setup, it again applies etc.glance to all servers.
16:29 gildegoma joined #salt
16:29 forrest_ So what are you expecting this to do?
16:29 forrest_ versus it 'pulling the file' as you said above
16:29 forrest_ I assume that file is whatever etc.glance is?
16:30 deepakmd_oc joined #salt
16:30 nu7hatch joined #salt
16:31 Mef1 actually what is use the setup to have sls that essentially templatize the openstack config files.  so think of it as two different steps  the first step I run the "setup files" to templatize and put them in the salt format and then as a second step (manual now) I will copy the template files into base so i can file.manage
16:31 Mef1 so I'm thinking I would run salt-call etc.glance (where  the init.sls) file lives but salt-call assume the base environment
16:32 Mef1 I saw somewhere that you can specify using env= but I'm not sure that is true as it doesn't work for me...which means it either isn't the proper way or I have some other issue
16:33 forrest_ when you run your salt-call, are you doing state.highstate?
16:33 Mef1 so for example when I do salt-call --log-level debug etc.glance env=setup I get the follwing  No matching sls found for 'etc.glance' in env 'setup' which sort implies it should work but I'm doing something wrong
16:33 ronc joined #salt
16:33 Mef1 no I'm calling state.sls
16:34 forrest_ but you have /srv/salt/setup/etc/glance/init.sls?
16:35 TheCodeAssassin joined #salt
16:35 Ryan_Lane joined #salt
16:36 forrest_ or /etc/glance.sls I guess
16:36 Mef1 ok....i'm embarrassed...I forgot I actually had a agh_templatized_files directory under setup....so I should have specified agn_templatized_files.etc.glance....it works now (well at least I can debug the sly file)
16:36 CheKoLyN joined #salt
16:37 forrest_ ok cool!
16:37 Mef1 my bad sorry
16:37 forrest_ It's all good, sometimes you just need to rubber duck debug it :P
16:37 Mef1 btw do you know where in the doc it says that is the way....seems like the doc is light on this part
16:37 mgw joined #salt
16:37 forrest_ regarding subdirectories?
16:38 Mef1 regarding cli invocations and specifiying environments via env=xxx
16:39 forrest_ Here: http://docs.saltstack.com/ref/cli/#node-group-targeting it's mentioned a little ways down
16:39 jslatts joined #salt
16:39 forrest_ but that's not referencing it from the top file
16:41 Ahlee Anybody seen Exception len([]) != len(['Host key verification failed.', '']) occurred in file server update for gitfs backends?
16:41 Ahlee doh, restart magically fixed. key was configured and root was able to clone prior to
16:42 forrest_ Oh weird, before I think that's been an issue with the url that was being used Ahlee
16:42 Mef1 ok but truthfully that is pretty oblique as its referencing setting parameters and not whole environments. ..in any thanks
16:44 dave_den joined #salt
16:57 felixhummel Hey everybody!
16:59 Gifflen joined #salt
17:00 UtahDave hey, felixhummel
17:02 micah_chatt joined #salt
17:07 higgs001 joined #salt
17:07 anuvrat joined #salt
17:08 bhosmer joined #salt
17:09 berto- joined #salt
17:10 mwillhite joined #salt
17:23 DanGarthwaite joined #salt
17:28 pdayton joined #salt
17:28 ldlework Is the appropriate place to put user dotfiles and such be the pillars?
17:29 UtahDave if they're sensitive, then yeah pillars is the way to go.
17:30 UtahDave If not, I'd just drop them in a subdirectory of /srv/salt
17:32 pipps1 joined #salt
17:36 Katafalkas joined #salt
17:41 geak_ joined #salt
17:44 dave_den joined #salt
17:53 faldridge joined #salt
17:55 cedwards I've been looking at Halite and the documentation suggests creating a cert using the tls module
17:55 cedwards but the instructions don't work for me
17:56 UtahDave is this on freebsd, cedwards?
17:56 jimallman joined #salt
17:56 cedwards UtahDave: on Arch actually
17:57 NotreDev joined #salt
17:57 UtahDave hm. I haven't actually created the cert since I was testing in debug mode.
17:57 UtahDave what error are you getting?
17:57 cedwards one sec
17:58 cedwards There is no CA named "test"
18:02 UtahDave cedwards: do you have to create a CA first?
18:03 faldridge joined #salt
18:03 cedwards UtahDave: that's my guess
18:04 cedwards Maybe a note about that can be added to the docs
18:06 UtahDave Yeah, I'll mention it to Sam.
18:06 cedwards looks like it needs to create a CA and a CSR
18:07 cedwards with those two created I can create the cert and SSL works
18:08 timoguin i'm thought it was in the initial docs. right after he pushed the first big batch of changes.
18:09 timoguin at least it was there in whatever docs i initially read...
18:09 BrendanGilmore joined #salt
18:11 mapu joined #salt
18:13 mapu joined #salt
18:13 druonysuse joined #salt
18:13 druonysuse joined #salt
18:16 mapu I've run into an interesting problem with gifts backend- it's actually reported in the logs as a GitPython exception.
18:16 mapu I use gitlab- and URL is not liked very well.
18:17 mapu Could not resolve hostname git.mydomain.com:configurationmanagement/salt-files.git
18:17 mapu the URL does resolve, and is the URL I use on the command line
18:18 EugeneKay Probably because mydomain.com is not your domain.
18:19 EugeneKay You may need to pass the url as ssh://user@domain:path/to/repo.git
18:20 EugeneKay I don't know that salt's gitfs uses the same parsing engine as `git remote` - I want to say it's the pygit thingy.
18:20 mapu yes- mydoomain is simply obfuscated from my real domain
18:21 faldridge joined #salt
18:21 manybubbles joined #salt
18:21 mapu right now i have the URL as git+ssh:// etc
18:21 ldlework How do you refer to files in the pillar paths?
18:21 ldlework pillar:// ?
18:22 mapu but yes- since GitPython is reporting it that's where I should first look
18:22 EugeneKay I'd try without git+
18:22 manybubbles yo #salt!  does salt have a thing for running a list of commands spread across some set of minions?  When I mention gnu parallel people are telling me "use salt!"
18:22 EugeneKay Which is why I say that REAL pastes are better than your censored one - if we're not seeing the same error as you, we're debuggint the wrong thing
18:23 mapu um, ok.
18:23 EugeneKay manybubbles - yup; `salt '*' cmd.run /bin/something` will run that on all your minions
18:23 EugeneKay Or you can use any of the selectors, such as by Grain or ID or anything else.
18:23 UtahDave manybubbles: salt '*' cmd.run "echo Salt is awesome"
18:24 manybubbles EugeneKay and UtahDave: I suppose I'm not good at phrasing this:)
18:24 manybubbles I have a batch of things that can be done on any of my minions.  Each thing should only be done once.
18:24 manybubbles and I want to order my minions to do them all
18:25 EugeneKay Oh, you want to do queueing
18:26 EugeneKay That'd be more like ZeroMQ than Salt(though the latter uses the former internally for talkign to minions)
18:27 terminalmage kaptk2: around?
18:28 UtahDave manybubbles: then you'll want to use a salt "state"
18:28 manybubbles EugeneKay: thanks!
18:30 EugeneKay Each of your clients will get a Task from the server(the server marks it as being in-progess), the client works on the Task, then submits the finished output back to the server(Task is marked as completed). Repeat.
18:30 EugeneKay RabbitMQ is also a bit contender in this space and(I believe) is more built for this directly.
18:30 manybubbles EugeneKay: yeah - so there is no simple way for me to tell salt to do that for me?
18:30 EugeneKay s/bit/big
18:30 EugeneKay Not that I know of, no.
18:31 rgbkrk joined #salt
18:31 manybubbles EugeneKay: thanks.  no wonder I wasn't finding it.
18:31 EugeneKay It's more for managing systems / distributed control.
18:31 manybubbles UtahDave: It looks like states are for client state, I'm really only interested in job state.
18:31 manybubbles cool
18:31 EugeneKay You would use Salt to bring up the clients daemon
18:31 rgbkrk Darn, I missed all the discussion from manybubbles about parallel execution when I disconnected
18:32 manybubbles rgbkrk: looks like the answer is no, salt doesn't help with that.
18:32 rgbkrk You wanted separate jobs for each?
18:32 rgbkrk Something embarrasingly parallel?
18:32 manybubbles pretty much
18:32 rgbkrk Well, here's some hackery -- you could build a jobs list they all share
18:32 dindin_ joined #salt
18:33 rgbkrk Push that file out
18:33 forrest_ manybubbles, you can also create node groups: http://docs.saltstack.com/topics/targeting/nodegroups.html
18:33 rgbkrk Then each one does work based on their assignment, even if you give the same command.
18:33 rgbkrk Honestly though, there are better frameworks for that kind of job (at the moment)
18:34 rgbkrk Hah. Sorry about the ping honestly. Didn't realize there was someone in here with that s/n.
18:34 rgbkrk I'm going to be "the" next time I'm on IRDC
18:34 rgbkrk *IRC
18:34 manybubbles I've just been impressed with how simple gnu parallel has been to work with but we have salt set up.
18:34 EugeneKay There's a guy in #git named __main__
18:34 EugeneKay A personal favorite silly nick
18:35 manybubbles very silly
18:35 rgbkrk I would be reflog
18:35 rgbkrk If I was in #git
18:35 EugeneKay Haha
18:36 rgbkrk Any salt-cloud users in here?
18:36 rgbkrk Are you able to use salt-cloud to stand up the master node as well?
18:36 mgw joined #salt
18:38 UtahDave rgbkrk: yeah, you can set up a master with salt-cloud
18:39 rgbkrk Oh hey @UtahDave.
18:39 UtahDave rgbkrk: make_master: True
18:39 UtahDave http://salt-cloud.readthedocs.org/en/latest/topics/misc.html#setting-up-new-salt-masters
18:39 LarsN UtahDave: when you gave the training at TLF, you had state files that built a wordpress server from scratch.  Including deploying the packages, and setting up default users etc.
18:39 mmilano joined #salt
18:39 UtahDave hey, rgbkrk
18:39 LarsN are those state files online anywhere that I can use them for a quick & dirty presentation for LOPSA in Austin next month?
18:39 UtahDave LarsN: yep!
18:39 rgbkrk I'm reading the Rackspace section of the docs which I guess is tilted towards setting up a conf on the master
18:40 UtahDave LarsN: It will cost you one or two Torchy's Tacos, though
18:40 UtahDave :)
18:40 rgbkrk Thanks for the links
18:40 LarsN UtahDave: next time you're in Austin I think I can manage that.
18:40 LarsN I'll be in Denver next month.
18:41 UtahDave rgbkrk: you're welcome.
18:41 rgbkrk Do I still need to launch from a salt-master?
18:41 UtahDave LarsN: I don't have them in a repo right now. I'll clean them up and get them online over the weekend.  Does that work?
18:42 UtahDave rgbkrk: salt-cloud works best of it's run from a salt-master because salt-cloud will automatically create all the required keys and pre-authenticate the new minions
18:42 giantlock joined #salt
18:42 UtahDave rgbkrk: if salt-cloud is not run from the master, then you'll have to manually accept the keys on the master.
18:43 rgbkrk They'll be treating the one I launched from as their master then?
18:43 rgbkrk Any others that I put master on would have to be configured later?
18:44 rgbkrk Sorry if these are dumb questions, I'm probably not diving into the docs in the right order.
18:44 LarsN UtahDave: sounds great.
18:44 LarsN Thanks.
18:44 UtahDave no, you can run salt-cloud from your laptop and have your new minions point to a different server online that's your actual master
18:44 rgbkrk If I figure it out and see areas I can improve, I'll make PRs against the docs.
18:44 rgbkrk Oh ok cool.
18:44 rgbkrk That bodes well.
18:44 rgbkrk I want to be able to create the overall infrastructure easily again.
18:45 UtahDave rgbkrk: it would be cool to have a feature where a remote salt-cloud could reach into an existing master and add the appropriate keys
18:45 woebtz joined #salt
18:45 rgbkrk I look forward to the reference architecture for wordpress
18:45 rgbkrk That would be cool.
18:46 lemao_ joined #salt
18:46 troyready joined #salt
18:47 LarsN UtahDave: I'd love to see salt have a "knife like" command.
18:47 LarsN where from my workstation I can tell the salt-master to do things to the salt-minions
18:48 Corey LarsN: You mean like salt-api? :-)
18:48 UtahDave LarsN: it's call   "ssh"   :)
18:49 UtahDave LarsN: actually, whiteinge is working on a project call salt-pepper that essentially does that.
18:49 JaredR joined #salt
18:50 rgbkrk lol
18:51 LarsN wait...
18:51 LarsN so from a workstation, NOT managed by salt, I can do things to minions?
18:51 LarsN via the Master?
18:51 * LarsN does a happy dance.
18:51 UtahDave LarsN: yeah, it's slowly coming along.  It's something he's been working on in his "spare" time.  :)
18:52 UtahDave LarsN: and because it uses salt-api, you can give users specific rights to do certain things to certain minions.
18:53 LarsN UtahDave: that is likely to make the NOC happy.
18:53 LarsN not having to log into the master to push changes.
18:55 rmt Hmm... Then offer the same interface and access controls to control non-host-specific services (eg. by load balancing amongst registered minions, maybe with various policies), and you've got yourself a winner. ;-)
18:57 rmt The Salt Masters themselves would have to be redundant, and probably distributed.. But the idea of having completely locked down production environments is definitely appealing to many organisations..
18:57 * rmt cou*nsa*ghs slightly. ;-)
18:59 c0bra joined #salt
19:01 jslatts joined #salt
19:03 jdenning_ joined #salt
19:05 StDiluted So does anyone have a simple way to put 'file generated by salt, do not edit" notices into templated files, or am I just better off using a pillar with the text and sticking it in the top of the templated files?
19:07 rmt Hmm.. salt-api request... add a transaction ID that can be passed through multiple calls... it really helps tracking down what originally triggered a set of actions.
19:07 rmt StDiluted, I usually remove the write bit from managed files...
19:08 faldridge joined #salt
19:08 rmt StDiluted, and a comment in the template for people who don't quite get it.
19:08 jY are there debs yet for 0.17?
19:08 NotreDev joined #salt
19:10 alexandrel rmt: it would be even more hardcore to chattr +i any files managed by salt.
19:10 teebes joined #salt
19:10 faldridge_ joined #salt
19:10 rmt alexandrel, I tend to reserve chattr +i for humans who need to keep the machines in check. ;-)
19:11 rmt If someone understands chattr +i, they're usually not someone you have to be concerned about. :-)
19:11 alexandrel indeed
19:12 kamal_ Is it possible to use grains in jinja templates?
19:12 kamal_ ha nevermind, forgot to set template: jinja
19:13 alexandrel kamal_: checkout mako, it's so much better than jinja
19:14 alexandrel kamal_: you can even import python modules in your template, with it.
19:14 UtahDave StDiluted: A lot of people will add {{ pillar['donotmodify'] }}  at the top of their templates and add the desired text to pillar.
19:14 Gifflen joined #salt
19:15 UtahDave rmt: could you open an issue on that?
19:15 rmt utahcon, transaction id? Sure.
19:15 UtahDave jY: no debs quite yet. probably monday or tuesday
19:15 rmt UtahDave,
19:15 UtahDave rmt: yeah.  thanks!
19:15 jY UtahDave: thanks
19:17 jslatts joined #salt
19:29 mwillhite joined #salt
19:34 LGSilva joined #salt
19:36 zooz joined #salt
19:40 TheCodeAssassin joined #salt
19:40 Ahlee thoughts on how i'd ensure a downgraded RPM is installed via a state?
19:43 pipps1 joined #salt
19:44 larstr joined #salt
19:45 UtahDave Ahlee: You can specify a specific version of an RPM is installed
19:48 Ahlee UtahDave: Right, but that doesn't help if a newer one is installed already.
19:49 Ahlee to my knowledge, yum doesn't like that, and i'll need to remove if new is present, then install old
19:50 UtahDave have you tried it with salt yet?
19:51 Ahlee Aye, it fails.
19:51 Ahlee Comment:   The following packages failed to install/update: libicu=3.6-5.16.1.
19:51 Ahlee as libicu=4.2.1-9.1 is already installed, and RPM doesn't doesn't like downgrading.
19:54 aleszoulek joined #salt
19:54 cron0 salt 'server' pkg.install vim …. If vim is already installed, is it normal that I get no output? If I use --out highstate I get nothing but Succeeded: 0, Failed: 0
19:54 faldridge joined #salt
19:55 patyx7 joined #salt
19:56 racooper Ahlee,  could you do a cmd.run 'yum downgrade libicu' or somthing like that?
19:57 Ahlee racooper: yeah, which is what i'll end up doing. was hoping i wouldn't need to hit the rpm db every time highstate runs
19:57 Ahlee but, i guess that's the price i pay
19:59 racooper you might do one run to fix everything, then look at yum versionlock plugin
20:00 Ahlee I'll take that into consideration, thanks
20:01 pipps joined #salt
20:07 ldlework Does anyone know how to sync a directory from salt to the minion while providing permission information?
20:08 ldlework The docs mention file.recurse but I can't find any documentation on it.
20:10 Ahlee ldlework: http://docs.saltstack.com/ref/states/all/salt.states.file.html#salt.states.file.directory
20:10 m_george left #salt
20:11 ldlework so do you just add both a file.directory and a file.required ?
20:11 ldlework err
20:11 ldlework file.recurse
20:12 nu7hatch joined #salt
20:15 Ahlee Well, I can roll back with : http://pastebin.com/Y4VWzZMb
20:16 Ahlee but, i get back a failure when libicu-4.2.1-9.1 isn't found
20:18 Ahlee bah. reverting the test system by reinstalling libicu and i can't get the state to install it again
20:20 pdayton joined #salt
20:24 cron0 is it normal to have neither a success or failure if a state doesn't change? https://gist.github.com/jfchevrette/447f3dd0eaa85b6520da
20:26 UtahDave cron0: pkg.install isn't a state.
20:26 UtahDave you're just running an execution module there
20:27 jbunting joined #salt
20:28 teebes joined #salt
20:36 goodbytes joined #salt
20:40 Jahkeup joined #salt
20:44 teebes joined #salt
20:45 c0bra joined #salt
20:46 jdenning joined #salt
20:46 redondos joined #salt
20:50 c0bra joined #salt
20:52 oz_akan_ hi UtahDave
20:52 oz_akan_ or anyone active at this hour, if I use gitfs, does it work only for formulas or also for pillar data?
20:53 oz_akan_ UtahDave: ^^
20:54 FL1SK joined #salt
20:54 quist joined #salt
20:56 quist left #salt
20:56 oz_akan_ anyone experience with gitfs?
20:56 oz_akan_ d
20:58 Ahlee I do not use pillars, but I'm relatively sure i've seen pillars defined with gitfs backends
20:59 timoguin 0.17 added gitfs for pillar
20:59 Ahlee well there you have it
20:59 timoguin it doesn't support the branches -> environments mapping, just a single branch i think.
20:59 timoguin for now
21:00 oz_akan_ so gitfs for pillar doesn't support branches
21:00 oz_akan_ which means I will have only one environment
21:00 cedwards haha I just toppled a test server using the minionswarm.py test script
21:00 linjan joined #salt
21:00 oz_akan_ Ahlee: how can one survive without using pillars?
21:02 Ahlee I don't see a need for them
21:02 ldlework Do require statements refer to other states?
21:02 ldlework like state ids?
21:02 Ahlee Though, mayhaps that explains a lot of the problems I have
21:02 oz_akan_ Ahlee: I would use pillar to define an environment
21:03 oz_akan_ Ahlee: like servers, load balancers etc..
21:03 oz_akan_ Ahlee: then I use this information to take decisions etc
21:03 ldlework I don't understand why in the docs it says "- require: pkg: vim"
21:03 Ahlee why use a grain though?
21:03 Ahlee er
21:03 Ahlee why use a pillar for that?
21:04 Ahlee you're arbitrarily defining this system is this app, right?
21:04 mapu joined #salt
21:06 Ahlee so after three read throughs of http://docs.saltstack.com/topics/pillar/ it sounds like i'm using my grains like others are using pillars
21:08 oz_akan_ grains can't really replace pillar
21:08 oz_akan_ pillar data is available to all minions
21:08 oz_akan_ grains are not
21:08 oz_akan_ you would have to use mine to distribute grains information
21:09 Ahlee I wrote a _module that populates a hosts' grains in the /etc/salt/minion
21:09 oz_akan_ and also, if you are creating an environment with salt, you need to define what grain values you will assign to minions
21:09 jimallman joined #salt
21:09 cedwards ldlework: what doc are you referring to? maybe i can clarify
21:09 Ahlee and I can target the host. I don't see a benefit of having hosts talk to each other or have other info
21:09 Ahlee that said, I also don't run any load balancers, web servers, or the like
21:10 oz_akan_ lets say you have a database server which is allowed to talk to only 2 web servers you have in the environment
21:10 oz_akan_ if you add one more web server, you would ike database server to find it out and give access to that new server as well
21:10 cedwards ldlework: require statements refer to id declarations in the current or included states.
21:10 oz_akan_ there you would need minion to know other minion
21:10 Ahlee ah. I don't have those limitations. My staging environment is all welcome to talk to the staging db, uat talks to uat, prod to prod
21:12 oz_akan_ mine was example
21:12 oz_akan_ like if you would need to take an action when a server is added
21:12 mannyt joined #salt
21:17 NotreDev joined #salt
21:17 Ahlee gotcha
21:18 Ahlee so you're using minions where I use multicast messaging
21:18 Ahlee er, pillars
21:19 nu7hatch joined #salt
21:20 g4rlic joined #salt
21:21 cro joined #salt
21:22 g4rlic so, I'm trying to use ssh_auth and user.present in the same SLS file.  Without using order:, is there a way to use require: to make sure the user.present runs first?
21:24 ldlework GARGH why doesn't salt spit out the jinja context when stuff fails?
21:24 g4rlic http://pastebin.centos.org/4611/  <-- this is what my current state file looks like.
21:26 oz_akan_ joined #salt
21:26 dave_den g4rlic: yes, just put '- require:\n    - user: derp' in ssh_auth
21:31 g4rlic dave_den: first thing I tried, and I get a gnarly traceback in the process.
21:31 StDiluted joined #salt
21:31 g4rlic http://pastebin.centos.org/4616/
21:31 kermit joined #salt
21:33 dave_den what does your sls file look like now?
21:34 g4rlic dave_den: http://pastebin.centos.org/4621/
21:34 g4rlic that's current.
21:35 dave_den and you only got the backtrace when you added the require?
21:35 g4rlic Aye.
21:36 alunduil joined #salt
21:36 g4rlic Otherwise, it tries to execute the ssh_auth state before the user.present state, and I the salt-call completes without barfing, it just didn't quite do what I wanted. ;)
21:39 nu7hatch joined #salt
21:40 freeconfig joined #salt
21:41 ldlework How can pw_user and useradd be unavailable?
21:42 ldlework ah nm
21:42 dave_den g4rlic: try splitting out the ssh_auth state - you can keep it in the same sate file, just give it a different id
21:43 ldlework Why might salt not be able to change a user's id?
21:44 ldlework Or does anyone know how I can check?
21:45 zooz joined #salt
21:47 nu7hatch joined #salt
21:48 ldlework ha
21:48 ldlework cuz I was logged in
21:51 Gifflen joined #salt
21:54 _ilbot joined #salt
21:54 Topic for #salt is now Welcome to #salt - http://saltstack.org | 0.16.4 is the latest | Please be patient when asking questions as we are volunteers and may not have immediate answers - Channel logs are available at http://irclog.perlgeek.de/salt/
21:54 kiorky_ joined #salt
21:55 auntie joined #salt
21:55 craig___ joined #salt
21:56 jgelens_ joined #salt
22:10 _ilbot joined #salt
22:10 Topic for #salt is now Welcome to #salt - http://saltstack.org | 0.16.4 is the latest | Please be patient when asking questions as we are volunteers and may not have immediate answers - Channel logs are available at http://irclog.perlgeek.de/salt/
22:10 ldlework I would really like to be able to refactor my pillar data like this
22:10 ldlework but I just can't figure out how the include should be formatted.
22:11 jdenning joined #salt
22:14 UtahDave looks like you're trying to do yaml includes.
22:16 Thiggy joined #salt
22:16 felixhummel joined #salt
22:19 yano joined #salt
22:20 g4rlic dave_den: ok, tried splitting it out, per your suggestion, and still get a traceback
22:22 ldlework UtahDave: yeah
22:23 g4rlic Ok. even weirder, which is suggesting to me that it's not related at all, is that even with that file consisting only of comments (no actionable YAML) I'm still getting the same error.
22:23 ldlework UtahDave: I have been trying to get this kind of thing working for a few hours
22:23 g4rlic This is bizarre..
22:26 g4rlic dave_den: @#*$ permissions problem.
22:28 g4rlic running salt as a non-root user has its drawbacks.. :)
22:29 koblas joined #salt
22:29 rorski left #salt
22:30 koblas I've got a question about gitfs working with salt v17 (I'm a noob)
22:31 koblas added  - git to the fileserver_backend in the master config, then restarted.
22:31 koblas gitfs_remotes:
22:31 koblas - https://github.com/saltstack-formulas/ntp-formula.git
22:31 koblas as well.
22:32 koblas but everything I do appears to not know what 'ntp' is :   salt '*' state.sls ntp
22:32 koblas No matching sls found for 'ntp' in env 'base'
22:32 koblas — help?
22:35 StDiluted joined #salt
22:40 ldlework UtahDave: probably not possible right?
22:44 ldlework How do I assign grains to my minions?
22:45 ldlework without logging into the minions I mean
22:45 mgw Idlework, the grains module lets you do that
22:45 mgw grains.set I believe
22:46 ldlework Oh I see.
22:46 ldlework That makes sense
22:49 jimallman joined #salt
22:49 mgw Idlework:
22:49 mgw salt '*' grains.setval key val
22:49 mgw salt '*' grains.setval key "{'sub-key': 'val', 'sub-key2': 'val2'}"
22:53 bhosmer joined #salt
22:55 UtahDave ldlework: I've played around with yaml imports a while back. It's really tough
22:55 aantony has anybody started messing with sal-ssh yet?   I can't seem to get it to work.  I set up my roster with passwd's but keep getting "permission denied" and prompts about deploying keys.   there isn't any useful debug logging either
22:56 UtahDave aantony: I've used it.  what version of salt are you using?
22:56 kenbolton joined #salt
22:56 UtahDave koblas: I don't see an ntp.init.sls  in there.
22:57 UtahDave koblas: try    salt '*' state.sls ntp.client
22:57 aantony develop branch as of an hour ago
22:58 aantony is it actually using the passwd's to connect each time, or is it jsut trying to login the first time to deploy a key?
22:59 AWanderingVagabo joined #salt
22:59 UtahDave It should just log in with the passwd, unless you've set it to deploy Salt's key, too
22:59 ldlework I'm sorry, how do you actually apply your top file?
23:00 UtahDave ldlework: salt '*' state.highstate
23:00 ldlework thanks
23:01 ldlework UtahDave: is there anyway to get the salt master to spitout what's going on at the minion?
23:01 ldlework like which state its working on or something?
23:01 UtahDave the master doesn't get all the output until the very end
23:02 ldlework I see.
23:02 UtahDave We're actually building in a powerful event system that will eventually allow for that, but it won't be for a version or two
23:03 koblas UtahDave: Thanks.
23:03 AWanderingVagabo joined #salt
23:03 UtahDave koblas: did that work?
23:04 koblas yes
23:07 aantony UtahDave: FWIW, this is what I'm seeing https://gist.github.com/ajithhub/97f0f9e168a8cd8363aa
23:07 ldlework Is there anyway to rename a minion?
23:08 ifnull joined #salt
23:08 UtahDave ldlework: the easiest way is to use salt-key to delete the minion's key. Then update the minions id in /etc/salt/minion and restart the minion
23:10 UtahDave aantony: Hm. That seems correct.  Would you mind opening an issue on that?
23:10 ifnull When using gitfs_remotes, how do I specify the branch to use? I have been following this tutorial: https://salt.readthedocs.org/en/latest/topics/tutorials/gitfs.html#branches-environments-and-top-sls-files
23:12 teebes joined #salt
23:12 aantony UtahDave: ok
23:17 UtahDave ifnull, you don't. The git master branch becomes your "base" environment in Salt.  All other git branches and tags become Salt environments of the same name
23:19 ldlework how do you call a function multiple times in a state?
23:20 ldlework argh I wish there was a better explanation of how the yaml translates into calls
23:24 faldridge joined #salt
23:24 redbeard2 joined #salt
23:26 ldlework like I want to set a list of grains in a state
23:26 ldlework I have no idea how to call grains.present more than once in a state
23:28 redondos joined #salt
23:31 ldlework anyone know?
23:32 ifnull UtahDave: How so you specify an environment?
23:33 c0bra joined #salt
23:36 UtahDave ifnull your top file generally determines the environment a minion uses, unless you peg the environment in your minion config
23:36 kenbolton joined #salt
23:37 UtahDave ldlework: you'll have to set each one individually in its own ID declaration
23:37 robawt alo!
23:37 UtahDave well, time to head home.
23:37 UtahDave hola, robawt
23:37 robawt how the hoot do I deal with line breaks in pillar?
23:37 robawt hola Senior UtahDave
23:37 UtahDave robawt: |
23:38 robawt UtahDave: every linebreak?
23:38 robawt I've got a priv key it's complaining about
23:38 robawt says line X, where X is the first line of the key
23:38 ldlework UtahDave: man.... so to set a bunch of grains I have to consume a ton of state namespace :(
23:38 UtahDave - item: |
23:38 UtahDave another line
23:38 UtahDave another line
23:39 robawt UtahDave: i'm concerned the line is '-----BEGIN KEY ------'
23:39 robawt is that going to mess the parser up?
23:39 UtahDave ldlework: yeah
23:39 EugeneKay I'd distribute keyfiles via another mechanism
23:39 UtahDave robawt: whiteinge has a good explanation on how to do that. I think it might be in the mailling list archives
23:39 robawt EugeneKay: sneakernet?
23:40 robawt UtahDave: ok i'll dig it up
23:40 EugeneKay Typically copy-paste inside a PuTTY window, but yeah :-p
23:40 robawt thanks for the direction gentlemen
23:41 EugeneKay I'm trying to sort out a way to automagically create a 'git' (or 'deploy') user on a system, generate a ssh priv key, and then suck the pubkey back to the master(for plopping into a gitolite install). I know it's possible, just gotta glue the bits together and put it into a statefile.
23:48 xerxas joined #salt
23:51 nkuttler joined #salt
23:51 nkuttler joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary