Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2013-11-25

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:09 cachedout joined #salt
00:16 berto- joined #salt
00:18 oz_akan_ joined #salt
00:20 puppet_ joined #salt
00:21 [1]VertigoRay joined #salt
00:21 crazysim joined #salt
00:22 sashka_ua joined #salt
00:32 thelorax123 joined #salt
00:33 elfixit joined #salt
00:42 noob21 joined #salt
00:43 noob21 anyone around?
00:48 cedwards joined #salt
00:51 cedwards joined #salt
00:52 eliasp joined #salt
00:52 cedwards joined #salt
00:56 jcockhren I am
00:57 ajw0100 joined #salt
00:59 xyl joined #salt
01:01 brianhicks joined #salt
01:02 noob21 i had a question about mounting but i just got it working by failing my way to victory haha
01:03 bemehow joined #salt
01:08 isomorphic joined #salt
01:15 jcockhren \o/
01:16 zandy joined #salt
01:19 oz_akan_ joined #salt
01:22 stewpot joined #salt
01:22 zandy joined #salt
01:26 stewpot Hi, it seems as though there is some confusion. I am hoping that I can find an answer here. or someone can lead me in the right direction.
01:27 cedwards joined #salt
01:28 stewpot I have a profile which I am trying to create ec2 instances with EBS volumes attached. I have tried volumes: using the example of the profile in the cloud/aws.html documentation. I have also tried the block_device_mappings: with various instance types and neither have created the EBS volumes. It does not seem as though there is even a create api call done.
01:29 stewpot after further investigation I tried the salt-cloud -f create_volume ec2 examples.. none of which work
01:29 stewpot returns the following errorsalt-cloud: error: Any arguments passed to --function need to be passed as kwargs. Ex: image=ami-54cf5c3d. Remaining arguments: ['size=100', 'iops=1000']
01:31 jimallman joined #salt
01:32 zandy joined #salt
01:37 mgw joined #salt
01:42 justlooks joined #salt
01:43 justlooks hi, how can i monitor if a minion service restart ,if restarted i fire a event to master
01:50 quickdry21 joined #salt
01:50 deepakmd_oc joined #salt
01:51 mgw joined #salt
01:52 wilywonka joined #salt
01:55 diegows joined #salt
02:02 forrest joined #salt
02:02 justlooks is 0.17 remove reactor system?
02:02 forrest no
02:04 justlooks forrest:  i get parse error info when restart salt master https://gist.github.com/anonymous/7635148
02:05 forrest can you look above line 496 to see if there are other issues? Sometimes that will happen if there is something else screwed up
02:08 oz_akan_ joined #salt
02:15 vkurup joined #salt
02:16 anuvrat joined #salt
02:16 xl1 joined #salt
02:23 pt|Zool joined #salt
02:24 joonas joined #salt
02:26 redondos joined #salt
02:29 MTecknology I don't get this... http://dpaste.com/1481918/  <-- It's whining that rsyslog_client isn't an absolute path. No crap it's not, it's a state name.
02:30 mgw joined #salt
02:48 forrest is your include actually including files? Or a state?
02:55 MTecknology forrest: a state
02:57 MTecknology sys/files/rsyslog.sls has two states in it, one of them is what's being claimed isn't there
02:59 forrest just as a test, can you flip it and make it so sys.files.rsyslog includes the rsyslog service state, and the actual file is a 'watch_in' of the service?
03:02 MTecknology forrest: as a test, I put them all in the same sls
03:02 audreyr joined #salt
03:03 MTecknology I wonder if I found a bug with an older version... maybe it's time to build an apt repo at home and include 0.17.2
03:03 forrest what release is this one on?
03:03 MTecknology 0.16.2
03:03 forrest ugh
03:03 forrest yea I have no idea what the bugs might be with that one
03:05 MTecknology I don't wanna build an apt repo tonight... :(
03:05 forrest lol then don't
03:06 forrest it's sunday
03:08 mapu joined #salt
03:08 MTecknology heh... it takes me 10s to create a new VM
03:11 ravibhure joined #salt
03:17 goodwill okie who here uses supervisor?
03:19 ravibhure joined #salt
03:19 MTecknology goodwill: nobody if the have any tiny amount of sanity to them
03:19 goodwill ?
03:20 goodwill why joo no love?
03:20 MTecknology suprevisord is a giant pain in the ass pile of shit that only kinda works and gives you a false sense of knowing what's going on and breaks the ever living piss out of many well built applications.
03:21 EWDurbin wow.
03:21 stefanmonkey joined #salt
03:21 goodwill never broke for me in years
03:21 EWDurbin i'm a supervisord user as well, i don't have any unkind words for it
03:22 MTecknology It especially does a fantastic job at causing all sorts of issues in #nginx and we flat out refuse to provide any support
03:22 goodwill interesting
03:23 goodwill I never ran nginx under it of course
03:23 goodwill so I can not say
03:23 EWDurbin neither have i.
03:23 goodwill EWDurbin: do you guys use it at work?
03:23 EWDurbin i'm phasing out a homegrown process monitor in favor of supervisor
03:23 EWDurbin so huge upgrade
03:24 goodwill nice
03:24 goodwill :)
03:24 polaco_zZz joined #salt
03:24 goodwill EWDurbin: can I PM?
03:24 EWDurbin goodwill: certainly
03:24 forrest Clearly you guys just need to install some crappy security app that kills off processes randomly
03:25 EWDurbin i'm positive if systemd were a part of the "Distro of choice"(TM) i wouldn't have gone for supervisor, but i'm a patient type
03:27 MTecknology I'm not the biggest fan of systemd either, but I don't dislike it
03:27 MTecknology What's the best way to install apt keys for repos?
03:27 MTecknology using salt, of course
03:27 Yojimbosan joined #salt
03:28 mannyt joined #salt
03:29 berto- joined #salt
03:33 favadi joined #salt
03:33 cewood joined #salt
03:34 redondos joined #salt
03:37 MTecknology forrest: any ideas there?
03:38 MTecknology Seems like I should be able to stick something in /etc/apt/trusted.gpg.d/ but not sure how to generate what I need
03:39 redondos joined #salt
03:40 polaco_zZz joined #salt
03:41 redondos_ joined #salt
03:44 vkurup joined #salt
03:45 mafrosis joined #salt
03:47 stewpot can anyone successfully create volumes on ec2 with saltcloud?
03:48 redondos joined #salt
03:49 cachedout joined #salt
03:50 MTecknology forrest: I take it 0.16 and 0.17 is one of those upgrades that went holy incompatible on us?
03:50 anuvrat joined #salt
03:51 MTecknology I'm upgraded to 0.17.2 now and having the same issue...
04:04 Furao joined #salt
04:07 sroegner_ joined #salt
04:11 altj joined #salt
04:15 ckao joined #salt
04:21 wilywonka joined #salt
04:23 mapu left #salt
04:35 forrest MTecknology, sorry man I was at the gym, seems odd it would happen in two releases
04:38 MTecknology forrest: can you try to do the same? a service state that depends on a file state but the name of the file state is not the full path
04:39 forrest yea sure let me spin up some vms.
04:39 MTecknology what do you use for spinning up VMs?
04:39 forrest digital ocean
04:39 MTecknology oooh
04:39 forrest jeez, good thing I have a couple spun up right now, they're doing some maintenance.
04:39 MTecknology I have a proxmox box at hom
04:39 MTecknology e
04:40 forrest honestly it takes less time to spin one up on digital ocean than to provision it locally
04:40 forrest it's usually in the range of 30 seconds between me hitting go, and the box being up
04:42 MTecknology I'm curious how quickly I could decide to spin up a new VM, get DHCP/DNS set up, turn it on, and have it joined to salt....
04:44 forrest yea it just costs me so little to spin up machines with them, it isn't even worth thrashing my local disk
04:44 forrest though the images not having vim is a serious pet peeve
04:44 forrest need to mess with their api
04:44 MTecknology 1.5min
04:45 forrest not bad
04:45 MTecknology I had to test the whole process to see how long it took. I like my environment so much that I had to know.
04:46 forrest heh
04:46 forrest are you applying via highstate?
04:46 MTecknology ya
04:47 MTecknology I do OpenVZ templates too
04:48 troyready joined #salt
04:53 forrest https://gist.github.com/gravyboat/7636562
04:53 forrest take a look at that MTecknology, I haven't run it yet
04:54 MTecknology forrest: line 1 in your first file should be bad_file:
04:54 forrest why
04:54 MTecknology and needs - name: /tmp/bad_file
04:54 forrest are you using - name?
04:55 MTecknology ya- I prefer not using the file name as part of the state because of different distros using different names on files
04:55 forrest fair enough
04:55 forrest usually I'd use a map file for this, but it isn't needed in this situation
04:55 MTecknology oh.... wait a minute....
04:55 forrest other than that though, you're good with it?
04:56 MTecknology ya
04:57 forrest interesting     Include Declaration in SLS nginx is not formed as a list
04:58 forrest oh duh forgot a dash
04:58 MTecknology that's how I fucked up... I didn't add -name
04:58 MTecknology forrest: thanks for showing me where I was blind!
04:58 forrest wait where was yours?
04:58 forrest and yea mine just worked fine
04:59 forrest ohh for your service statement
05:00 forrest or was it somewhere else
05:01 MTecknology forrest: my error was this... http://dpaste.com/1482020/
05:01 MTecknology no crap it was ticked off... :P
05:02 MTecknology it's awesome having my syslog server up and running
05:02 MTecknology forrest: THANKS!!!
05:04 forrest lo np
05:04 forrest oh yea that would make sense why it didn't work
05:05 MTecknology want me to pay for your VM for you?
05:05 forrest no
05:06 MTecknology I'll pay for that VM and you can buy me a drink! :D
05:06 forrest I spun those up earlier this week for something else anyways
05:06 forrest psssh this seems like a rip off!
05:06 MTecknology :P
05:06 forrest costs less for a month of that VM than a drink, lol
05:06 NV hrm, using ldapmod in a py rendered pillar sls
05:06 NV where is the correct way to specify the options?
05:07 forrest did you already look at this? http://docs.saltstack.com/ref/renderers/all/salt.renderers.py.html
05:08 forrest I don't know if you can use __pillar__ like they do with the aws key though, haven't messed with that much :\
05:09 NV http://docs.saltstack.com/ref/modules/all/salt.modules.ldapmod.html reccons to define it in the minion config
05:09 NV but i cant see that working when running in pillar as that runs on the master
05:09 NV so i tried defining it in the master config, but that didn't appear to work either
05:10 NV the ldapmod appears to be using __salt__['config.option']['ldap.*'] to access its config
05:11 NV which in turn reads from __opts__ (and pillar, but i suspect i cant access pillar data at that stage)
05:13 junedm joined #salt
05:13 dvogt joined #salt
05:14 wilywonka joined #salt
05:14 bemehow joined #salt
05:20 redondos joined #salt
05:24 pengyao joined #salt
05:26 NV hrm, seems it is populated ino __opts__ fine, so config.option is doing something silly
05:27 NV oh hang on, damn thing is a literal 'ldap.server' not 'ldap:\n  server:'
05:29 pengyao could get the fire event by minion's local?
05:36 mgw joined #salt
05:37 redondos_ joined #salt
05:38 redondos joined #salt
05:38 redondos joined #salt
05:43 thelorax123 joined #salt
05:49 khaije|io joined #salt
05:51 wilywonka joined #salt
06:02 middleman_ joined #salt
06:10 robawt joined #salt
06:10 khaije|io the only advantage puppet has over salt that I'm aware of is use of the augeas package... any plans to incorporate similar utility into salt?
06:12 MTecknology khaije|io: you could write it!
06:12 * MTecknology has no idea what it is
06:12 khaije|io lol, np, but I don't think you want me writing it :)
06:14 khaije|io augeas is a redhat project that breaks configuration files into schema and AST (iirc) that allows for individual portions to be upgraded/modified/tested
06:15 MTecknology "a redhat project that breaks" .. 'nuf said
06:15 MTecknology I think most of them break
06:21 khaije|io left #salt
06:24 redondos joined #salt
06:25 sgviking joined #salt
06:37 redondos joined #salt
06:58 NV there is actually an augeas module and state in salt
06:58 NV although the state is a tad incomplete
07:01 davet joined #salt
07:06 MTecknology but he left.. :(
07:07 rmt joined #salt
07:08 redondos joined #salt
07:18 Katafalkas joined #salt
07:18 Katafalkas joined #salt
07:22 tinuva joined #salt
07:29 ddv joined #salt
07:33 matanya joined #salt
07:34 Katafalkas joined #salt
07:35 juasiepo joined #salt
07:36 Katafalk_ joined #salt
07:50 giantlock_ joined #salt
08:00 balboah joined #salt
08:01 bravo_ joined #salt
08:03 Destro joined #salt
08:03 Destro left #salt
08:05 littleidea joined #salt
08:08 stefanmonkey hi gus , is there any projects for  web ui of salt?
08:09 redondos joined #salt
08:09 harobed_ joined #salt
08:10 harobed_ joined #salt
08:10 mortis stefanmonkey: halite on github
08:12 dranger joined #salt
08:12 stefanmonkey tks
08:13 kiorky joined #salt
08:16 mortis Im trying to let my icinga-user on the same server as the salt-master run commands on all minions. Added external-auth-config in the master-config and restarted the master, su to icinga and run commands, but getting "failed to authenticate" http://pastie.org/8506750 ..ideas?
08:27 favadi joined #salt
08:36 slav0nic joined #salt
08:36 Nexpro joined #salt
08:57 dangerousbeans joined #salt
09:04 dranger joined #salt
09:09 redondos joined #salt
09:14 Damoun joined #salt
09:20 thelorax123 joined #salt
09:32 juasiepo joined #salt
09:38 littleidea joined #salt
09:42 giantlock_ joined #salt
09:49 bui left #salt
09:57 dranger joined #salt
10:06 zandy joined #salt
10:10 redondos joined #salt
10:12 darksaint joined #salt
10:13 darksaint hello
10:13 Balu_ hello
10:15 darksaint new to salt
10:16 darksaint so this is part of my pilgrimage hopefully I can taste sweet at some point
10:18 Balu_ sweet or salty :)
10:20 darksaint all's good that taste salty
10:20 darksaint so yeah salty
10:21 sgviking joined #salt
10:36 ravibhure1 joined #salt
10:38 ravibhure2 joined #salt
10:39 darksaint left #salt
10:45 dranger joined #salt
11:04 backjlack joined #salt
11:10 cym3try joined #salt
11:11 redondos joined #salt
11:14 aleszoulek joined #salt
11:15 ravibhure joined #salt
11:21 xt joined #salt
11:25 zandy joined #salt
11:26 iri- joined #salt
11:28 iri- I'm using `user.present` - how do I make it so that skeleton home directory files are copied in when the user is first created?
11:29 iri- For example .profile, etc.
11:29 iri- ah, sorry, my bad. I think it is, I just have the wrong shell.
11:29 carlos joined #salt
11:35 mortis "Failed to authenticate, is this user permitted to execute commands?" grrr ...even in open_mode :\
11:35 iri- Once my user is created I want to populate a file in their home directory with the output of `curl | some_program`. Is there a good way to achieve this?
11:36 hhenkel Hi all, anyone around who uses halite? I keep getting errors when I try to access the app
11:40 zandy joined #salt
11:42 sroegner_ joined #salt
11:47 iri- I have this simple file.managed state using "content:". It insists that the file is already in the correct state even though it is empty. What's going wrong? http://hastebin.com/jawejuyaye.yaml
11:51 whiskybar joined #salt
11:51 mekstrem joined #salt
11:53 NV iri-: that looks fine to me, what happens when you run: salt-call state.sls <name of state that has that snippit>
11:53 NV (on the minion)
11:53 iri- uh, NV: "name of the state"?
11:54 iri- Is that the path of the file?
11:54 iri- i.e, "/etc/sudoers.d/90-passwordless-sudo"
11:54 iri- and I should replace state.sls with the name of the file with that state relative to the salt filesystem?
11:55 iri- Ah, literally "state.sls" with "salt-file-name" without the .sls worked
11:56 cron0 joined #salt
11:57 iri- NV: it just claims that it is in the correct state, no matter the file contents
11:57 iri- and doesn't try to change them
11:57 iri- if I delete the file it creates it with the correct mode but just has an "empty file"
11:58 iri- --versions-report: http://hastebin.com/qujejavovu.sm
11:58 iri- Is this a bug?
12:01 NV iri-: paste the output of the salt-call command
12:01 elfixit joined #salt
12:01 iri- NV: http://hastebin.com/qepacotawa.txt
12:02 iri- NV: also reported this issue so that others have a trail to find if they encounter the same problem https://github.com/saltstack/salt/issues/8797
12:02 NV salt-call state.show_sls devops-users
12:02 NV kgo pastie ^^
12:03 iri- NV: http://hastebin.com/kaderitima.txt
12:04 srage joined #salt
12:04 thelorax123 joined #salt
12:06 NV iri-: your /tmp isn't full?
12:06 che-arne joined #salt
12:06 iri- left #salt
12:06 iri- joined #salt
12:06 iri- NV: 4.1GB free
12:07 NV wait hang on
12:07 NV content != contents
12:07 JasonG_TA joined #salt
12:08 iri- crap. Salt doesn't warn you if you pass an invalid argument? :L
12:08 jean-phi1ippe joined #salt
12:08 jean-phi1ippe hello
12:09 iri- NV: good spot. I think it's best to continue this conversation on GH.
12:10 NV haha yeah, was just about to give up on what the issue was when i spotted it :P
12:10 iri- Thanks for helping me identify it.
12:10 iri- I'm new to salt, I'm a bit weary at the moment because of how easy it is to make a mistake and then not be told about what it is
12:12 redondos joined #salt
12:15 jean-phi1ippe @iri, I completely agree. I'm exactly in the same position right now
12:16 jean-phi1ippe I'm starting with the saltstack-formulas on github (users-formula), I can't make it fit my needs (different users for different machines)
12:16 iri- I've opened https://github.com/saltstack/salt/issues/8799
12:17 jean-phi1ippe @iri nice one
12:17 iri- left #salt
12:17 iri- joined #salt
12:18 jean-phi1ippe a yaml debug could be great
12:18 jean-phi1ippe (to see how the minion sees the YAML)
12:19 iri- jean-phi1ippe: I just learned that one a few minutes ago thanks to @NV. You can run "state.show_sls <sls filename without .sls>"
12:19 jean-phi1ippe nice
12:19 iri- jean-phi1ippe: It looks like this: http://hastebin.com/kaderitima.txt
12:20 NV show_highstate is good too
12:20 NV in fact, the state module in general is quite useful :)
12:20 jean-phi1ippe thanks for the info
12:20 jean-phi1ippe iri, I see you are busy with users, same as me :)
12:20 NV also salt-call on a minion (instead of salt 'minion_id') is pretty useful for debugging too
12:20 NV you can even up the logging level too :D
12:21 jean-phi1ippe that's also nice
12:21 iri- NV: you're being quite helpful for us newbies. Thanks.
12:21 jean-phi1ippe will check on how to have a higher logging level
12:21 jean-phi1ippe /agree
12:21 iri- You're encouraging me to continue spamming this channel...
12:21 iri- jean-phi1ippe: -lDEBUG
12:22 jean-phi1ippe @iri that's even better, I don't have to check now
12:22 NV salt-call -h ;)
12:22 iri- jean-phi1ippe: that one is in the --help output of `salt`
12:22 NV *insert something about fishing and teaching here*
12:22 iri- I'm now having a problem with a YAML block. How do I get a comment in there..
12:23 NV #
12:23 junedm left #salt
12:23 NV you'll need to follow the indentation though
12:23 iri- - blarg: | something
12:23 iri- and subsequent lines beginning with | at same indentation as the | of the first line?
12:23 Pate_ joined #salt
12:24 iri- NV: do you have any hints on my first question? I'd like to populate a file in a users directory according to the output of running a command (with their username in it)
12:24 NV is the command to be run on the master, or on a minion?
12:24 iri- NV: doesn't matter. It' just curling somewhere.
12:25 NV easy then
12:25 iri- curl http://blarg/$USERNAME/ | postprocess
12:25 Pate_ Hi Salty Sea Dogs. How do I instruct salt to run a command in a python virtualenv? Or, how do I precede a cmd.run with "source /path/to/bin/activate"? This is to run alembic migrations.
12:25 iri- > /home/$USERNAME/filename
12:25 NV write a pillar that does it :D
12:25 NV then use pillar_contents in file.managed :D
12:25 NV pillar with #!py at the start is just a python script
12:25 NV so you can do anything you want, return arbitrary data, kdun
12:25 NV actually, another way to do it would be have file.managed pointing to a templated file
12:26 NV where the templated file is rendered with the py renderer
12:26 NV then run it on the minion
12:26 NV either works
12:26 iri- NV: You intrigue me, but I don't feel confident enough to figure out where to put such files
12:26 NV or, last but not least, if you only want it to make the file, but not run every time you execute the state use cmd.run
12:27 NV advantage is you don't keep hitting the webserver every time you run it
12:27 NV curl blah | jigger > /home{{ username }}/myfancyjigger:
12:27 NV cmd.run:
12:27 NV - unless: test -e /home/{{ username }}/myfancyjigger
12:27 NV etc
12:27 iri- ooh,. nice.
12:28 iri- How do I make it happen for each {{ username }}?
12:28 NV you already have a for loop in your users state no?
12:28 NV just chuck it in there :D
12:28 iri- Not yet. But soon, apparently.
12:28 NV also a require: - user: {{ username }} is probably useful for the cmd.run state
12:29 NV http://docs.saltstack.com/ref/states/all/salt.states.cmd.html stateful commands are also fancy, but possibly a little overkill for this task
12:29 Sheco joined #salt
12:29 iri- NV: do I need whitespace in {{username}} ?#
12:29 iri- {{ username }}
12:29 NV i don't think so
12:30 NV thats the jinja templating ftr
12:30 iri- NV: And if > /home/{{username}}/myfancyjigger/blah directory doesn't exist?
12:30 dangerousbeans okay, run into some trouble with mah minion
12:30 dangerousbeans [CRITICAL] Failed to load grains defined in grain file opts.opts
12:30 NV use a state to make sure it does exist then? :P
12:31 NV (with appropriate requires, etc)
12:31 NV there is also except in cmd.run too
12:36 iri- NV: holy crap I managed to get the syntax right first time. Wat.
12:37 jean-phi1ippe I'm looking for a way to create users on every system (I'm taking the github formula) based on a pillar, and have additionnal users on particular hosts, based on the same formula... Is there a good (DRY) way?
12:38 jean-phi1ippe @iri- maybe you already went trough this step? ;)
12:38 iri- jean-phi1ippe: I'm afraid not. I'm just doing something fairly primitive right now.
12:38 iri- I have devops-users.sls where I've got a block like so: "{% for username, fullname in users.items() %}"
12:38 dangerousbeans salt-call pillar.items is returning False for me
12:38 dangerousbeans :C
12:38 iri- {% set users = dict(pwaller="Peter Waller") %}
12:40 jean-phi1ippe @iri- that's what I have
12:40 jean-phi1ippe the fact is: the whole "users" items have to differ by hosts
12:45 iri- jean-phi1ippe: I haven't gotten that far yet.
12:46 jimallman joined #salt
12:47 bhosmer_ joined #salt
12:50 bhosmer__ joined #salt
12:50 iri- NV: that's odd. My cmd.run tried to run before a user.present had happened..
12:51 NV do you have a require:\n - user: {{ username }} in your cmd.run state?
12:51 iri- Yes
12:52 iri- NV: http://pastebin.com/hSzJz6JE
12:52 iri- the "order" looks correct in state.show_sls too
12:52 iri- But it failed because the user it was trying to run as wasn't yet created.
12:52 NV sweet jesus christ
12:53 iri- NV.. ? :s
12:53 NV http://docs.saltstack.com/ref/states/all/salt.states.ssh_auth.html
12:53 bhosme___ joined #salt
12:53 iri- NV: is there an option to grab it from github?
12:53 NV as for your actual issue, requires != require
12:53 iri- NV: Fuck.
12:53 iri- Why can't salt tell me when I get the plurality of an option wrong?
12:54 NV also, 'populate-keys-from-github' doesn't contain {{username}}
12:54 bhosmer_ joined #salt
12:54 iri- uh, NV, how so?
12:54 NV so in the for loop you'll find if it runs twice, the latter will overwrite the former
12:54 NV add another user and run show_sls and you'll see what i mean ;)
12:54 iri- oh, I see.. so the top level thing is used to generate a dictionary
12:54 NV change the name of the state to populate{{username}}sshkeys
12:54 NV or something
12:55 NV correct :)
12:55 NV anyway, sweet jesus was at A) managing the authorized keys file yourself directly, and B) at blindly trusting github with the security of all your systems :P
12:55 iri- NV: well, yeah, I know.
12:55 NV (oh, and C) assuming that your users github usernames are always going to be their local usernames)
12:56 NV if you want sexy authorized keys management, i can highly recommend monkeysphere
12:56 iri- NV: Do tell
12:56 NV uses gpg to manage your authorized keys
12:56 NV have your public ssh keys on your gpg keychain
12:56 NV :D
12:56 NV http://web.monkeysphere.info/
12:57 NV also does stuff for trusting host keys and for https on websites, but i don't use either of those parts of it, just the authorized_keys stuffs
12:57 iri- NV: intriguing
12:58 NV related: you could run monkeysphere on your salt master, then use a pillar (which executes on the salt master) to rip the ssh keys out of monkeysphere and serve them up as pillar data to minions
12:58 NV so you only need it installed in one place :P
12:58 NV (although your salt master would have to have user accounts on it for each user etc for monkeysphere to do its stuff)
12:58 iri- NV: If I'm stupid and think that github is "good enough" for my purposes, would it be best to use the ssh_auth state with a pillar which fetches the keys?
12:59 MrTango joined #salt
12:59 NV ... you're hosting your pillar in git pushed to github aren't you?
12:59 iri- Yes.. :(
12:59 NV then you're pretty much screwed anyway :P
12:59 iri- NV: exactly
12:59 NV also, states :p
12:59 iri- ?
13:00 NV (i keep a local fork of saltstack-formula repos that i use - good for stability anyway as changes only happen when i want them to :P)
13:00 NV state data in git on github == also screwed :P
13:00 iri- NV: you are a sensible sensible man
13:00 NV (assuming someone compromises github that is)
13:00 iri- NV: and I appreciate that and you pointing out what I'm doing wrong.
13:00 NV at least use https or ssh always to retrieve the data, never use anonymous git (see: no encryption so no defense against even the most basic mitm)
13:01 iri- yup.
13:01 NV I'm kinda quite security focused though in general, so it may be overkill for your needs :P
13:01 iri- NV: I'm actually somewhat security-aware, just, also being a bit pragmatic
13:01 iri- since I'm on an extremely tight time budget
13:01 iri- and I'd like if it *just worked*
13:01 NV yeah fair enough
13:02 NV can always move repos around later :P
13:02 iri- Yeah. :(
13:02 iri- NV: Is my cmd.run hack reasonable for now, then?
13:02 NV (although still don't use git:// - that just makes it too easy!)
13:02 iri- git:// can't access private repos on GH anyways.
13:03 harobed joined #salt
13:03 NV mhmm :)
13:03 NV anyway, your require: is wrong
13:03 NV it just needs to be user: {{username}}
13:03 NV not user.present: {{username}}
13:03 iri- arg, how do I tell that?
13:03 NV it just always is
13:04 NV same for file.directory and pkg.installed
13:04 iri- and with jq and file.directory too?
13:04 NV you can never run two states on a single target
13:04 iri- Is it "wrong won't work" or "wrong, more verbose than needs be"?
13:04 iri- if it's "wrong won't work", then is there a good reason salt doesn't warn me?
13:04 NV i actually don't know, i've never tried listing the full thing in require :P
13:04 diegows joined #salt
13:05 iri- NV: that actually fails.
13:05 NV but yeah, you can't apply more than one 'file' state to a single thing
13:05 iri- "Requisite declaration jq in SLS devops-users is not formed as a single key dictionary"
13:05 iri- (as with all of the other requires I stated)
13:05 NV ie, file.managed conflicts with file.directory
13:05 NV etc
13:05 Iwirada joined #salt
13:05 NV hehe at least that one tells you it's wrong! :P
13:05 iri- whereas it does work if I specify user.present, etc
13:05 * iri- was just copying the docs
13:06 NV wait, im talking about in the populate-keys cmd.run state under require:
13:06 NV the actual state itself needs file.directory, etc
13:06 jean-phi1ippe Is what I attempt to do even possible?
13:07 iri- NV: I am talking about the line beginning "    - require:" and the dependencies under it
13:07 iri- AFK ~4 minutes
13:07 NV jean-phi1ippe: only just read your jigger - yes its possible, i do exactly that but i use custom py rendered pillars to assemble a 'users' pillar dictionary (pillar data normally can't be merged)
13:08 NV i do it as a part of my roles pillar which builds a similar dictionary for role data that can be applied to hosts
13:08 NV my setup is a tad complex though as i also grab data out of ldap and merge it together with static overrides in yaml format where required
13:09 jean-phi1ippe it's interesting
13:09 bhosmer_ joined #salt
13:09 jean-phi1ippe did you doccument it somewhere?
13:09 jean-phi1ippe or are you able to share it?
13:09 NV sec
13:09 NV let me nab an old copy before i tripled the size of the code with ldap crap :P
13:10 jean-phi1ippe mmm maybe the ldap crap could be useful
13:10 jean-phi1ippe if you use it for user passwords it was my next step
13:10 NV ldap crap has a tonne of specific stuff to my organisation in it (haven't abstracted it out fully yet)
13:11 NV http://pastie.org/private/qd9xsop1dml2lx4qefbvww
13:11 NV but check that out
13:11 NV its just a users dictionary (it also has roles in that too)
13:11 NV at the moment users is just soley populated by a yaml file with the users name in a users dir on the same level as that sls
13:11 NV but you can extend to pull from ldap/mysql/whatever :)
13:11 NV (salt has a ldap module already which makes it easy)
13:12 jean-phi1ippe It's interesting, but I'm not sure to get everything in it :)
13:12 NV http://pastie.org/8507331
13:12 jean-phi1ippe I see that at the end you create different files on the system
13:12 NV you have to create a file like that called roles.yaml
13:12 redondos joined #salt
13:13 NV in the same dir as the python pillar in the first paste
13:13 NV that's how you actually define users for systems
13:13 jean-phi1ippe ok
13:13 NV it uses the same matching as top.sls
13:13 jean-phi1ippe I do get it better now
13:13 NV so you can match on grains, compounds, regex, node names, etc
13:13 NV to define a user, its - users.<username>
13:13 NV the rest of the definitions are roles which populate the roles dictionary
13:14 NV make users/<username>.yaml with the user info
13:14 NV http://pastie.org/8507332 for example
13:14 NV then just write a users state that loops through the users pillar dictionary and sets up states/keys/whatever for each user
13:14 srage joined #salt
13:16 jean-phi1ippe ok I'll test it right now
13:16 jean-phi1ippe thanks
13:16 NV oh yeah, you can use templating in those files too :)
13:17 iri- NV this is really useful information
13:17 NV iri-: salt is really powerful :)
13:17 iri- NV: that is apparent, but it's quite hard for a user to know how to get started
13:17 iri- I've just been reading the documentation over and over the last week not quite sure how to approach it
13:18 iri- and keep hitting silly little blockers like typing content/contents and require/requires
13:18 iri- And other such stupid mistakes where it just isn't clear what you've done wrong
13:18 blee joined #salt
13:18 iri- if you're starting from nothing it is especially hard
13:19 iri- Even now it's not clear to me how I should store my salt configuration and pillar stuff.
13:19 iri- I'm thinking about using the salt-formula but it's not clear to me how
13:19 iri- (the one for configuring salt itself)
13:20 iri- I also don't quite follow the gitfs thing, maybe because it's blindingly obvious: if you use gitfs, does it sync every time?
13:20 iri- (i.e, use `master` at the point you say "states.highstate"
13:20 NV salt-run fileserver.update
13:21 NV will force a gitfs refresh
13:21 NV otherwise it updates <x>
13:21 NV it seems to be fairly quick
13:21 NV but isn't instant
13:21 iri- NV: I don't quite understand
13:21 iri- firstly what's the difference between salt-call and salt-run?
13:21 NV if you run "salt-run fileserver.update" on the master, gitfs will refresh instantly
13:21 NV salt-run runs things on the master
13:21 NV salt-call runs things on the local minion (same as if you had done salt 'minion' <x>)
13:22 iri- and "salt"?
13:22 NV salt runs 'salt-call' on one (or more) remote minions
13:22 NV using the first parameter as a means to match
13:22 NV ie, salt '*' test.ping runs the module test.ping on all minions
13:23 iri- so if I use gitfs I have to do "fileserver.update" followed by "states.highstate" to get my machines to the latest state
13:24 NV correct, _OR_ wait like 30 seconds and it does it anyway
13:24 iri- 30 seconds from when?
13:24 NV gitfs does update by itself fairly quickly
13:24 iri- gitfs is updating every 30 seconds?
13:24 NV no idea, just emperical testing i've noticed that it seems to update :P
13:24 brianhicks joined #salt
13:24 iri- NV: your paste http://pastie.org/8507331 is role.yaml? How are roles matched? "- match: role" ?
13:25 NV nah, its probably only when you run a command if it's been 30s since it last checked it updates
13:25 NV iri-: roles are exposed as a pillar dict, so in your states/top.sls you'd have 'role:saltmaster':\n  -match pillar
13:25 NV salt-call pillar.items
13:25 iri- "role:" causes it to look inside ${PILLARDIR}/role.yaml?
13:25 NV to see how it does shiz ^^
13:26 iri- NV: I owe you a beer.
13:26 NV by default if you specify a role, and either rolename.sls or rolename/init.sls exists, it will include that pillar data as well
13:26 iri- (or beverage of your choice)
13:26 srage joined #salt
13:27 NV hehe, I get that a lot although I daresay after shipping it'd be hot! :P
13:27 NV (aussie here :P)
13:27 iri- :)
13:27 NV well, that and job offers funnily enough
13:27 iri- ;-)
13:28 NV on the topic of which, should probably hit the sack
13:28 NV I'll probably be floating around intermittently in 10 hours or so at work :P
13:29 iri- NV: sleep well. Thanks very much for your help again.
13:29 iri- Hm, I will probably be hitting the sack around then.
13:29 iri- But good to know I'll find you tomorrow ;-]
13:29 NV yeah I tend to sit on irc a lot :p
13:30 NV currently looking at writing a config parser for vyatta/edgeos configurations in python and building a salt module for it
13:30 NV then i can manage my router configs with salt too :D
13:30 srage_ joined #salt
13:34 jsm joined #salt
13:36 bhosmer_ joined #salt
13:36 dangerousbeans joined #salt
13:37 iri- is there a way to get the minion to print their id?
13:37 srage joined #salt
13:37 NV locally?
13:38 NV cat /etc/salt/minion_id
13:38 NV ?
13:38 NV define print? :P
13:38 iri- I want to say "salt '*' minion id"
13:38 iri- or something
13:38 NV test.ping shows all minions that are online
13:38 NV the minion id is available as a grain too
13:38 NV (salt-call grains.items)
13:39 NV salt-run on the master has some niceities in manage (manage.up, manage.down, etc)
13:39 NV http://docs.saltstack.com/ref/runners/all/salt.runners.manage.html
13:39 iri- All of my minions will belong to a domain. Is it really necessary to match "x.*" for all minions?
13:39 srage_ joined #salt
13:39 NV you can override the minion ids by editing /etc/salt/minion_id
13:39 NV it defaults to whatever socket.getfqdn() returns in python
13:40 iri- NV: I'm not keen on any manual step
13:40 NV then change how you're deploying the minions so that socket.getfqdn() doesn't return a fqdn :P
13:40 iri- better to just write 'machine.*' for all matches
13:40 NV or incorperate it into your bootstrap script
13:41 iri- hmm.. what are the other implications of forcing the fqdn == hostname?
13:41 NV or just do what i do and use fqdn's because it's good practice and will save your arse later on if your requirements change :P
13:41 NV not much really
13:41 NV i think it can be done by appropriate /etc/hosts config
13:41 iri- NV: if it's good enough for you, it's good enough for me.
13:42 jimallman joined #salt
13:42 iri- Yeah, I know how to do it. I just rather like that "hostname -f" is doing what I conceptually think it should be doing
13:42 NV i ran into issuses on a few boxes at one stage not having the full fqdn and seem to recall having to beat hosts with a stick
13:42 iri- and I can imagine later having sub domains etc
13:42 NV funnily enough hostname -f still reported the full fqdn :P
13:42 NV was quite confusing for a while
13:42 NV (also fun fact, hostname -f isn't necesairly equal to hstname, but neither is hostname -s necessairly equal to hostname either! :P)
13:42 NV -f is always fqdn, -s is always short
13:43 NV but hostname without either -s or -f will depend on if you set your hostname as a fqdn or not
13:43 NV (ie, 'hostname host' vs 'hostname host.fqdn.com')
13:43 iri- nice.
13:43 NV same as for your init configs for the hostname (which just call hostname during bootup)
13:43 NV can never seem to find any documentation on which is actually right :P
13:44 NV although i found a bug in postfix which causes it to do retarded things (appending .localdomain) if you don't specify the fqdn as the hostname, so i've tended towards fqdn when defining the hostname nowadays
13:44 iri- odd. `salt-run manage.bootstrap` doesn't work
13:44 NV yeah, i think thats only in git not in a released version yet ;)
13:45 iri- NV "defining" -> "$ hostname my.fqdn.com" ?
13:45 NV related, states/_states and states/_modules is handy as :)
13:45 iri- (and /etc/hostname?)
13:45 NV correct
13:45 iri- (and first hit for 127.0.0.1 in /etc/hosts ?)
13:45 NV yup
13:45 srage joined #salt
13:46 iri- NV: I think I really need to see some full example deployment repositories.
13:46 iri- There is so much that I do not know.
13:46 iri- I'm feeling blind.
13:46 NV the saltstack-formulas github account has some pretty useful bits of info
13:46 NV all the config is driven by pillar
13:46 NV (although sometimes that may not be configurable enough)
13:46 NV but still, good examples
13:47 iri- NV: the problem is that I don't even know what a basic well-bootstrapped configuration looks like
13:47 NV i quite like the salt minion and salt master states in it
13:47 srage_ joined #salt
13:47 iri- How do I make it so that I don't need to touch a machine once I've run salt-cloud to provision a machine?
13:47 Voziv Can pillar be pulled from gitfs? Is it a bad idea to keep them in a separate repository?
13:48 iri- I haven't yet seen an example of how to structure my pillar data in a non-trivial case
13:48 NV iri-: lucky you, I've not been able to use salt-cloud due to internal politics :P
13:48 NV as for pillar data, i found it limiting hence my roles/users jigger (which will probably be further expanded as time goes on)
13:48 NV i define roles for machines in pillar using the roles thing, with config being sucked in by having pillar sls files of the same name as the roles (so my pillar top.sls is relatively bare)
13:49 iri- NV: it's very hard for me to parse a sentence like that. It sounds exactly what I want, but the chance of me getting it right on my filesystem is low
13:49 jslatts joined #salt
13:49 NV Voziv: you can use git with pillar, yes - although last i tried in 0.16.3 the internal mechanism for doing so was a tad buggy so i used the git state module to check it out for me rather than using the internal one - i suspect its probably better nowadays but i haven't tried in a while
13:50 NV iri-: #!py one, call it roles.sls, next pastie, call it roles.yaml (top-like config to define roles)
13:50 NV any role you define in roles.yaml, say role1 - you can optionally create role1.sls, which will be included automagically on nodes that have that role
13:51 iri- where role1.sls is available at salt://role1.sls?
13:51 iri- What about users.salt?
13:51 NV no, its pillar data
13:51 iri- So how do I use this to configure a state for a role?
13:51 NV use jinja2 templating
13:52 NV {{ pillar.role1.secretpassword }}
13:52 NV etc
13:52 iri- like the `- sshd` role for example. How can I make it that "if you have an `sshd`" role, then sshd.sls is used?
13:52 NV assuming role1 has contents role1:\n  secretpassword: blahblah
13:52 NV ah i knew i forgot to paste something
13:53 NV http://pastie.org/private/lrvo8qt48xdnsqsg2lcrq
13:53 NV rolestates.sls (it's a state not pillar)
13:53 iri- Aha
13:53 NV in your top.sls have '*': - rolestates
13:53 Voziv Is there a way to state an "or" in case pillar data isn't set. For example when specifying the mysql conneciton user I'd like to use pillar data, or root if it doesn't exist
13:53 NV then any role defined in the pillar, if a state exists with the same name, bam it's pulled in :)
13:53 NV Voziv: yes, with pillar.get
13:53 iri- NV: so if my .sls begins #!py, then run() is run to generate the dictionary rather than parsing jinja'd yaml?
13:53 NV http://docs.saltstack.com/ref/modules/all/salt.modules.pillar.html#salt.modules.pillar.get
13:54 NV iri-: yup, good ole python ;)
13:54 NV in that instance if you wrote it as yaml it would be: include:\n  - sshd\n  - role1
13:54 NV etc
13:54 NV works with pillar and states, just remember states are run on minions, pillar run on the master :P
13:55 NV so in pillar, you can be durty and check the local filesystem, but in a state you have to call cp.list_states to see if a state exists or not ;)
13:55 NV (which is how i avoid a bajillion errors when you define roles that don't necessairly have a state with the same name :P)
13:55 NV anyway, almost midnight, hitting the sacm, night :)
13:56 iri- NV: brain melting
13:59 cron0 joined #salt
13:59 pass_by_value joined #salt
13:59 pass_by_value left #salt
14:00 cron0 is it possible to launch salt-bootstrap and force it to act as if my distro was redhat/centos? I run a derivative ...
14:01 sroegner_ joined #salt
14:02 oz_akan_ joined #salt
14:03 oz_akan_ joined #salt
14:03 iri- NV: if you happen to still be there, do you know a good "dummy" state I can use to see if a state is being run
14:04 ravibhure joined #salt
14:04 iri- Should I just do cmd.run\nname: echo "hi {{pillar[blarg]}}" or some such
14:04 ipmb joined #salt
14:04 gmoro joined #salt
14:06 sroegner_ joined #salt
14:09 Voziv Hmm. When trying to enforce the mysql root usre to have a password. How do I get to pass future state checks? I now get " Comment:   MySQL Error 1045: Access denied for user 'root'@'localhost' (using password: NO)"   If I specify a connection user/pass then it fails the first time through
14:12 ravibhure joined #salt
14:12 jean-phi1ippe @iri- did you achieve to get the roles/user working with the example of NV?
14:12 jean-phi1ippe the pillar.items returns no roles
14:13 jean-phi1ippe while I still have them on the roles.yaml
14:13 redondos joined #salt
14:15 iri- jean-phi1ippe: I'm working on it. I'll let you know if I get somewhere..
14:15 AdamSewell joined #salt
14:15 AdamSewell joined #salt
14:16 vejdmn joined #salt
14:16 wilywonka joined #salt
14:18 alekibango joined #salt
14:20 zandy joined #salt
14:22 mattmtl joined #salt
14:25 juicer2 joined #salt
14:28 Pate_ joined #salt
14:28 juicer21 joined #salt
14:28 mpanetta joined #salt
14:28 Pate_ left #salt
14:29 racooper joined #salt
14:31 JasonSwindle joined #salt
14:31 berto- joined #salt
14:32 mpanetta_ joined #salt
14:34 jean-phi1ippe I'm trying but this method seems complex and more it's not working ;)
14:34 mpanetta joined #salt
14:34 mgw joined #salt
14:35 Pate_ joined #salt
14:38 mpanetta joined #salt
14:38 thelorax123 joined #salt
14:38 jergerber joined #salt
14:39 jrb28 joined #salt
14:44 micah_chatt joined #salt
14:46 zandy joined #salt
14:47 danielbachhuber joined #salt
14:48 mannyt joined #salt
14:52 micah_chatt joined #salt
14:53 [diecast] joined #salt
14:57 NotreDev joined #salt
14:59 sroegner_ joined #salt
15:05 juasiepo joined #salt
15:06 mgw joined #salt
15:11 khaije1 joined #salt
15:12 NotreDev joined #salt
15:14 Katafalkas joined #salt
15:14 redondos joined #salt
15:21 forrest_ joined #salt
15:21 amahon joined #salt
15:23 jalbretsen joined #salt
15:30 iri- How do I verify that my pillar data is working correctly?
15:30 iri- I'm doing "salt-call pillar.raw" but my data isn't showing up..
15:33 iri- I'm having difficulty using pillars at all and the salt documentation is being quite unhelpful
15:34 iri- Aha, finally found the right part of the documentation.
15:35 pvial joined #salt
15:35 vejdmn joined #salt
15:36 pass_by_value joined #salt
15:36 pvial hello, does anyone know how to get around this libcloud error when using the openstack driver in SaltCloud?  LibcloudError in None 'Could not find specified endpoint
15:36 audreyr joined #salt
15:37 davidfischer joined #salt
15:38 alunduil joined #salt
15:38 cachedout joined #salt
15:40 smccarthy joined #salt
15:42 teskew joined #salt
15:44 davet joined #salt
15:45 noob2 joined #salt
15:51 zandy joined #salt
15:52 UtahDave joined #salt
15:52 Katafalkas joined #salt
15:53 zandy joined #salt
15:55 DerekRBN joined #salt
15:55 Gifflen joined #salt
15:57 questionable joined #salt
15:57 questionable How would I go about running __salt__ on a minion
15:57 questionable Let me be more specific
15:58 questionable I want to gather data about a minion in my pillar for a minion
15:58 questionable but I want to read a file from that minion
15:58 questionable how do I read a file from the minion in the pillar?
16:01 TheRealBill_ joined #salt
16:01 UtahDave questionable: The problem is that the pillar is compiled on the master itself.
16:01 questionable Yeah I know :-/
16:02 lineman60 joined #salt
16:02 cedwards joined #salt
16:02 questionable I'm thinking a custom grain is what I'm going to have to do
16:02 UtahDave ok, try that.  I have to run to a meeting. back in a bit
16:03 questionable Cheers
16:05 bastion2202 joined #salt
16:06 bastion2202 hey Guys, I just updated my master from 0.16.x to 0.17.2. now the master log is full of eceived incomplete call from HOSTNAME for '_mine', missing 'tok' can it be ignore for now. I do not use mine atm
16:07 JasonSwindle joined #salt
16:13 blee_ joined #salt
16:13 deedubs left #salt
16:13 deedubs joined #salt
16:14 deedubs left #salt
16:14 anuvrat joined #salt
16:15 redondos joined #salt
16:17 pipps joined #salt
16:18 VSpike joined #salt
16:18 Ahlee bastion2202: gotta upgrade all minions, there was a change in the transport for a CVE filed against salt
16:18 bastion2202 Ahlee will do tx for the info
16:19 Ahlee bastion2202: some commands will complete, but some won't
16:19 quickdry21 joined #salt
16:23 JasonSwindle1 joined #salt
16:24 mgw joined #salt
16:26 Brew joined #salt
16:26 cym3try joined #salt
16:26 NotreDev joined #salt
16:27 linjan joined #salt
16:32 Linz joined #salt
16:33 JasonSwindle joined #salt
16:37 vejdmn joined #salt
16:44 rojem joined #salt
16:48 snave joined #salt
16:52 sinenitore joined #salt
16:53 zandy joined #salt
16:54 noob2 left #salt
16:54 cym3try joined #salt
16:54 * Gareth waves
16:54 dvogt joined #salt
16:55 ddv joined #salt
16:56 dranger joined #salt
16:58 kermit joined #salt
17:00 pentabular joined #salt
17:01 redondos joined #salt
17:01 redondos joined #salt
17:01 KennethWilke joined #salt
17:03 sroegner_ hi there
17:03 sroegner_ any plans to push 0.17.2 into epel updates?
17:03 forrest_ It's already in epel testing
17:04 sroegner_ i know
17:04 sroegner_ can i somehow make the rhel bootstrap use that?
17:04 pentabular joined #salt
17:05 vejdmn joined #salt
17:05 pentabular joined #salt
17:06 forrest_ You'd have to modify this function in the bootstrap script: https://github.com/saltstack/salt-bootstrap/blob/develop/bootstrap-salt.sh#L1792
17:06 sroegner_ i see
17:07 pentabular joined #salt
17:07 sroegner_ thx
17:07 forrest_ np
17:07 deepakmd_oc joined #salt
17:07 jdenning joined #salt
17:08 pentabular1 joined #salt
17:12 sroegner_ forrest: looks like I could specify the repo name as a cmdline arg - any idea how/where to do that in a salt-cloud setup (using a map)?
17:13 forrest_ sroegner_, I have no idea, haven't really touched salt-cloud, sorry.
17:18 troyready joined #salt
17:18 forrest_ Has anyone had luck with hdmi to vga converters?
17:19 xmltok joined #salt
17:19 anitak joined #salt
17:21 Ryan_Lane joined #salt
17:21 iri- joined #salt
17:23 littleidea joined #salt
17:32 Sheco joined #salt
17:34 jasg75 joined #salt
17:36 pass_by_value joined #salt
17:36 mgw joined #salt
17:38 CheKoLyN joined #salt
17:38 ktenney joined #salt
17:40 jetole joined #salt
17:40 elfixit joined #salt
17:41 jetole Hey guys. Is there any way for me to manage saltstack in a way where if there's a error or something I need to undo in my config I can revert the changes on the hosts that I brought into the highstate after the initial changes were made?
17:41 jetole generally speaking a method to revert salt changes?
17:42 forrest_ jetole, couldn't you just fix the error and re-run?
17:43 bemehow joined #salt
17:43 [ilin] left #salt
17:43 pvial joined #salt
17:43 nahamu jetole: it's a hard problem.
17:43 jetole forrest_: in some states sure. I'm not referring to any one error in particular but I'm thinking of how to basically vcs the minions
17:43 forrest_ ahh yea, that is tough
17:44 nahamu forrest_: imagine adding a state that adds a file that breaks things. removing that state doesn't remove the file
17:44 jetole for me it's tough. Was hopinh there was someone who came up with a vcs-minions for idiots book
17:44 jetole lol
17:44 jetole nahamu: right
17:44 nahamu jetole: best solution for that is a testing environment that you can destroy and recreate the minions
17:45 jetole nahamu: yeah I'm aware of that and hence testing, qa, staging, etc
17:45 nahamu once you get things right in testing, only then put the states into production
17:45 jetole but versioning the changes to the minion for reverting actually, well to me, seems like the next step
17:46 jetole if there isn't a way yet (and I hoped there was), I imagine it's a matter of time before someone releases one
17:46 jetole anyways. I'm speaking in rhetoric now. I was hoping there was already a way. There isn't so moving on
17:46 jetole thanks for the input guys
17:46 nahamu personally, if there is such a feature I probably wouldn
17:46 nahamu 't even know it existed.
17:47 nahamu forrest_ knows more than I do.
17:47 jetole ok
17:47 nahamu I know puppet would back up files it overwrote. I don't know if salt does that.
17:47 forrest_ It only seems that way nahamu :P
17:48 berto- joined #salt
17:48 forrest_ nahamu, I don't think so, unless it gets stored somewhere that isn't visible.
17:48 forrest_ because if you query a job ID it doesn't have any data along those lines
17:50 jetole no it doesn't afaik
17:50 jetole though files can be stored via git via salt
17:51 jetole anyways
17:51 UtahDave nahamu: yeah, you can have salt backup files
17:51 forrest_ with this UtahDave? http://docs.saltstack.com/ref/states/backup_mode.html
17:51 Ahlee jetole: I know there's been progress lately in minions not going completely dead if for example you ship a bad module
17:51 UtahDave forrest_: yeah
17:52 forrest_ I didn't even know this page of documentation existed :\
17:52 forrest_ See nahamu, told ya :P
17:52 forrest_ I know nothing
17:52 slav0nic joined #salt
17:52 slav0nic joined #salt
17:52 Ahlee jetole: otherwise, if you don't already have a key on the master you can ssh into, i suggest writing a state to do so, and then get good at iterating over a list of hosts from salt-run manage.up you ran before you pushed
17:52 zandy joined #salt
17:52 jetole yeah looking at the doc now
17:52 jetole interesting
17:57 jslusher joined #salt
17:58 jslusher look whose back
17:58 jslusher who's
17:58 jslusher my back!
17:58 jetole left #salt
17:58 forrest_ did you figure it out?
17:58 jslusher forrest_: I did
17:58 jslusher sort of
17:58 forrest_ lol
17:58 jslusher in that I still have to use the dev branch to get it to work
17:59 jslusher and add a directory prior to running stup.py
17:59 hhenkel Hi, anyone around who was able to get halite running? When I access the app it fails.
17:59 [diecast] joined #salt
17:59 jslusher you said UtahDave was the guy to hound for getting a proper release into at ;east pypi?
18:00 UtahDave jslusher: hey!
18:00 forrest_ uhh I don't think so, he just said he had gotten it working
18:00 forrest_ so I suggested bothering him to see if he had to troubleshoot what you did
18:00 jslusher UtahDave: hi there. didn't mean to put you on the spot
18:00 hhenkel The server is running but as soon as I try to connect I get the following error: IOError: [Errno 2] No such file or directory: '/opt/halite-venv/lib/python2.6/site-packages/halite/mold/main_bottle.html'
18:00 forrest_ hhenkel, I haven't tried it on 0.17.2
18:00 forrest_ hhenkel, ahh yea that's a common error, did you install it from pypi or manually?
18:00 jslusher UtahDave: https://groups.google.com/forum/#!topic/salt-users/vCGDr4lVHx0
18:00 UtahDave jslusher: no problem.
18:01 hhenkel forrest_: Via pypi in a virtualenv
18:01 marcinkuzminski joined #salt
18:01 jslusher UtahDave: so who do I hound to get a proper release where salt-cloud works out of the box and that deals with the issue I had over the weekend referred to in that ticket?
18:02 UtahDave jslusher: redbeard2 is the main salt-cloud dev
18:02 forrest_ hhenkel, are you just restarting the salt-master service?
18:03 forrest_ hhenkel, I only got that error when I was trying to run the script directly
18:03 jslusher UtahDave: I don't see that he's in this room. Is there a way I could reach out to him otherwise?
18:04 hhenkel forrest_: Good question...wait I'll connect to the company env. Wasn't expecting that someone would reply...only figured now is a better time as of the timezone issue
18:05 j___ joined #salt
18:05 forrest_ hhenkel, time zone issue? It's 11 AM on the west coast.
18:05 forrest_ of the US
18:05 forrest_ hhenkel, I couldn't figure out that error, I'm trying to see if an issue was ever created...
18:06 forrest_ hopefully pass_by_value will come back in and we can ask him
18:06 j___ Has anyone successfully linked a ec2 ubuntu image salt master to another ec2 windows image minion?!
18:06 hhenkel forrest_: I'm in the south of germany...
18:07 forrest_ hhenkel, ahh right right, I think we've talked about this before
18:07 pass_by_value joined #salt
18:07 Julian joined #salt
18:07 sgviking joined #salt
18:07 forrest_ oh good timing, pass_by_value, you have a minute?
18:07 pniederw_ joined #salt
18:08 pniederw__ joined #salt
18:08 pniederw__ any experiences how fast/slow `file.managed(replace: False)` is compared to scp?
18:09 pdayton joined #salt
18:10 StDiluted joined #salt
18:10 StDiluted morning all
18:10 th3reverend joined #salt
18:10 forrest_ hey
18:11 StDiluted I'm running into an issue when I'm running things using cmd.run which is that it defaults to /bin/sh, which doesn't run the .bash_profile or /etc/profile.d/* scripts
18:11 forrest_ hhenkel, looks like I never made an issue for that, I believe I thought I had screwed up somewhere, lol.
18:11 StDiluted which means the rbenv initialization stuff isn't getting done when I use cmd.run
18:12 cro joined #salt
18:13 vejdmn joined #salt
18:14 vkurup joined #salt
18:15 pentabular joined #salt
18:16 VertigoRay joined #salt
18:16 dpippenger joined #salt
18:17 cro joined #salt
18:19 amckinley joined #salt
18:19 lineman60__ joined #salt
18:20 davet joined #salt
18:21 hhenkel forrest_: Checked again, restarted the master but still facing the issue. Is it a problem that halite runs in a virtualenv and the master is installed via rpm?
18:22 forrest_ hhenkel, I'm trying to remember. I'm pretty sure when I did my testing '/opt/halite-venv/lib/python2.6/site-packages/halite/mold/main_bottle.html' complained about it being a missing file even when I DIDN'T install it in a virtualenv. the funny thing is, if you look that file does't get generated. I never looked into the code to see how it's supposed to be created.
18:23 forrest_ granted mine was in the main site-packages dir.
18:23 shinylasers joined #salt
18:23 forrest_ but this happened when I was trying to run it directly from the script you can start it with in the directory, not restarting the service.
18:24 shinylasers joined #salt
18:24 pentabular joined #salt
18:25 rojem joined #salt
18:26 pentabular1 joined #salt
18:26 druonysus joined #salt
18:27 forrest_ hhenkel, can you try a non-virtualenv install?
18:27 forrest_ via pip though, not the RPM
18:27 hhenkel sure
18:28 KyleG joined #salt
18:28 KyleG joined #salt
18:29 pass_by_value joined #salt
18:30 pass_by_value forrest_: sorry for the late reply. I am here now.
18:30 hhenkel forrest_: IOError: [Errno 2] No such file or directory: '/usr/lib/python2.6/site-packages/halite/mold/main_bottle.html'
18:30 forrest_ yea hhenkel, that's what I got before
18:31 forrest_ is that trying to restart the service or call the script?
18:31 forrest_ pass_by_value, yea no worries man, have you seen this error that hhenkel just pasted in? It seems to happen with the pip install where the main_bottle.html file doesn't get created.
18:31 Nazzy joined #salt
18:31 lineman61 joined #salt
18:32 jslusher https://groups.google.com/forum/#!topic/salt-users/S5CpjdA35nY
18:32 jslusher can't load my pillars since I moved to this dev branch
18:32 forrest_ lol
18:34 pass_by_value I have installed it via pip install -e
18:34 forrest_ and you don't get an error like that?
18:34 pass_by_value and I usually do ./prep_dist.py from the halite dir
18:34 hhenkel forrest_: calling this: ./server_bottle.py -d -C -l debug -s cherrypy
18:35 forrest_ yes that's where I got the error before hhenkel, when trying to call the server_bottle.py script
18:35 forrest_ can you try and call it with the full directory structure hhenkel?
18:35 pass_by_value I would try the prep dist
18:36 pass_by_value oh, nm that might not be a 'pip -e' install
18:37 ajw0100 joined #salt
18:37 hhenkel forrest_: That doesn't change a thing.
18:37 forrest_ hhenkel, ahh ok
18:37 forrest_ I figured it wouldn't, but worth a shot
18:37 hhenkel pass_by_value: if the prep stuff referring to my issue?
18:38 hhenkel /if/is/
18:38 pass_by_value do you have a prep_dist.py in your halite install dir?
18:39 hhenkel nope
18:39 pass_by_value and if I understand correctly you did pip install halite?
18:42 gasbakid joined #salt
18:48 Pate_ joined #salt
18:48 hhenkel pass_by_value: yes
18:49 hhenkel pass_by_value: pip list shows: halite (0.1.07)
18:50 jmpf joined #salt
18:52 zandy joined #salt
18:53 ldlework left #salt
18:57 pass_by_value joined #salt
18:59 pass_by_value Hmm mine is a dev version of salt
19:00 sgviking joined #salt
19:01 jtibbes Are the tests supposed to be directly runnable from a git clone of salt (with "python setup.py test") ?
19:02 hhenkel pass_by_value: So you're running the version from github?
19:03 cro jtibbes: in the tests directory is a script called 'runtests.py'
19:03 cro use that
19:03 pass_by_value yes I did 'git checkout https://github.com/saltstack/halite'
19:03 pass_by_value and then pip install -e halite/
19:04 pass_by_value then cd into halite
19:04 pass_by_value and ./prep_dist.py
19:04 jmpf does it take a while for the startup phase if you have say 50-60 minions?
19:04 jtibbes cro: thanks, but I get "ImportError: No module named salttesting"
19:05 hhenkel pass_by_value: Okay, I will give it a shot tomorrow in the morning when I'm back in the office. Thanks so far!
19:05 cro jtibbes: Oh--I forgot
19:06 cro cd into the salt repo
19:06 cro and pip install -r dev_requirements_python27.txt
19:07 pass_by_value np
19:08 lineman60 joined #salt
19:09 jtibbes cro: thanks
19:09 cro jtibbes: Did that do it?
19:09 cro runtests.py is pretty comprehensive, you can pretty much restrict the test run to whatever you need
19:10 jtibbes cro: m2crypto needs the openssl headers, which I didn't have installed - just waiting for them
19:10 cro right
19:10 cro I can never remember all the distro deps for salttesting
19:11 pass_by_value hhenkel: when you install it using source the server_bottle.py is located in halite/halite
19:13 dranger joined #salt
19:13 pass_by_value http://pastebin.com/iBqRsx1e
19:15 dangerousbeans joined #salt
19:15 dangerousbeans left #salt
19:15 pentabular joined #salt
19:16 xmltok joined #salt
19:17 matanya joined #salt
19:21 jkleckner joined #salt
19:23 jkleckner joined #salt
19:27 pvial hi, i see that many people have run into this libcloud error while using the openstack driver in Salt-Cloud.  does anyone know the solution to get the openstack driver to work? LibcloudError in None 'Could not find specified endpoint
19:29 pvial salt-cloud would be a cool product if the openstack driver worked.
19:29 JasonSwindle pvial:  What version do you have?
19:29 JasonSwindle I use Openstack (Rackspace) and SaltCloud
19:29 pvial JasonSwindle: 0.8.9
19:29 JasonSwindle Let me grab my configs
19:30 JasonSwindle one moment :)
19:30 pvial JasonSwindle:  the Rackspace driver is different from the Openstack driver.
19:30 Jahkeup joined #salt
19:30 pvial i can use Rackspace driver just fine with Rackspace but I'm trying to use a vanilla Openstack cloud deployment with Salt-cloud and no dice.
19:31 JasonSwindle hmmmm, odd
19:31 littleidea joined #salt
19:34 jslusher just to make sure, nothing should have changed recently regarding how pillars are loaded
19:35 jslusher I'm trying to figure out if it's the VPC or this dev branch of salt causing my pillars not to load
19:35 littleidea joined #salt
19:35 jslusher they used to work, then I changed those two things
19:36 jslusher if the master can run high states on the minion, it can give it pillars, right?
19:36 jslusher no additional network port?
19:38 [diecast] joined #salt
19:39 littleidea joined #salt
19:43 [diecast] joined #salt
19:45 rojem joined #salt
19:51 cym3try joined #salt
19:52 zandy joined #salt
19:54 zandy joined #salt
19:54 rgarcia_ joined #salt
19:54 jslusher pillars? anyone?
19:55 thelorax123 joined #salt
19:58 pniederw__ installed 0.17.2 from ubuntu ppa today and it still seems to have the pkgrepo problem. wasn't that fixed already?
19:59 forrest_ 0.17.2.2 I think pniederw__
19:59 pniederw__ shouldn't the repo give me that automatically?
19:59 forrest_ I have no idea if it was built into a package yet.
19:59 pniederw__ --version gives 0.17.2
20:00 rgarcia_ joined #salt
20:01 pniederw__ I was told here last week that it's already building
20:02 cdcalef joined #salt
20:02 pniederw__ are you saying --version should give 0.17.2.2?
20:02 forrest_ joehh, do you know if the ubuntu package for 0.17.2.2 that fixed the pkgrepo error was dropped into the ppa?
20:02 forrest_ I'm not sure.
20:02 forrest_ I'm just saying I thought that the second revision for 0.17.2 fixed it
20:03 ajw0100 joined #salt
20:05 NotreDev joined #salt
20:06 NotreDev I keep getting "Warning: Master hostname:  not found. Retrying in 30 seconds". i shut down the salt-master and salt-minion and I'm still getting this. This is after restarting a masterless salt server
20:09 mpanetta_meeting joined #salt
20:10 pniederw__ just to be clear, my question was (only) if the second revision would definitely show 0.17.2.2 as the version number
20:14 cdsrv joined #salt
20:14 cdsrv who's using salt-cloud ?
20:15 cdsrv RuntimeError: Please set SaltCloud._default_logging_logfile_
20:21 sroegner_ cdsrv: which side are you seeing this on?
20:23 UtahDave NotreDev: do you have   file_client: local  in your minion config?
20:24 NotreDev UtahDave: i've toggled that
20:24 NotreDev to no avail
20:24 UtahDave NotreDev: and by "masterless salt server"  you mean a masterless minion, right?
20:24 NotreDev UtahDave: yeah
20:24 UtahDave is the "master: " config option commented out?
20:28 NotreDev UtahDave: not currently
20:29 UtahDave Hm. try commenting "master: " out and restarting the minion service
20:29 NotreDev UtahDave: the service is currently off, though
20:29 NotreDev i'll restart it
20:30 NotreDev UtahDave: still getting that message
20:31 UtahDave NotreDev: what version of Salt?
20:31 matanya joined #salt
20:31 CheKoLyN joined #salt
20:32 stewpot I am currently using version 0.17.2 from ppa on Ubuntu 12.04.3. I am having trouble creating an EC2 instance with volumes attached automatically.. I can create an EC2 instance, I can create an EBS volume, but I can't get the samples in the documentation to work with either volumes: or block_device_mappings: I have tried different instance types with no success. When I turn on -l debug It does not even attempt to initiate the create_volumes function.
20:32 NotreDev 17.1
20:33 Brew joined #salt
20:33 NotreDev UtahDave: 17.1 and my CentOS EPEL repo has nothing newer available
20:33 UtahDave stewpot: what version of Salt Cloud?
20:34 UtahDave NotreDev: OK, let me test here real quick
20:35 cdsrv salt-cloud.noarch   0.8.8-1.el6                                                   @epel
20:35 stewpot UtahDave: 0.8.9
20:35 cdsrv why is it coming out of epel, when the other stuff is already pulling form @epel-testing
20:35 cdsrv hmm
20:36 cdsrv salt.noarch                                                           0.17.2-2.el6                                                     @epel-testing
20:36 mannyt joined #salt
20:38 cdsrv (trying to run strictly out of the yum repos for this)
20:38 JasonSwindle left #salt
20:39 UtahDave NotreDev: on my local machine, it seems to be working with the file_client: local and #master:   commented out.
20:40 cdsrv sroegner_, on the saltmaster trying to run salt-cloud
20:40 cdsrv thought maybe it might give a —help output, but nothing
20:40 StDiluted I'm having an issue where path is not getting set from /etc/profile or /etc/profile.d/*.sh when using cmd.run
20:40 StDiluted anyone know how to fix that?
20:40 StDiluted looks like cmd.run uses /bin/sh
20:40 NotreDev UtahDave: i can execute commands, but i'm still getting that warning; and i don't know what it means
20:42 berto-_ joined #salt
20:42 UtahDave NotreDev: Usually that means it's trying to connect to its master.
20:42 cdsrv StDiluted, are you running custom scripts from the cmd.run ?
20:42 cdsrv if so, maybe try sourcing environment there..
20:42 NotreDev UtahDave: could it be because i have salt-syndic running?
20:42 UtahDave NotreDev: yes
20:42 NotreDev should i not have that running?
20:43 StDiluted cdsrv: tried that but it's using /bin/sh and not bash
20:43 cdsrv grr.. oh right!
20:43 cachedout joined #salt
20:43 UtahDave yes, turn off the syndic, NotreDev
20:43 mgw joined #salt
20:43 cdsrv even if you put #!/bin/bash in your script?
20:44 sroegner_ cdsrv: suspecting it may be your version mix
20:44 cdsrv sroe, why is salt-cloud in epel and not epel-testing?
20:44 NotreDev UtahDave: turning it off. i did not turn it on, it looks like it's been enabled as a system service for boot
20:44 jslusher I'll try again. Anyone know about pillars and how either moving into a VPC or using the development branch might have broken a once-working structure?
20:45 sroegner_ cdsrv: because it is about to be part of the next major salt release and the transistion is somewhat messy
20:45 cdsrv OK.
20:45 cdsrv this can wait then
20:45 jslusher really need to get these pillars working again
20:45 berto-_ joined #salt
20:46 sroegner_ cdsrv: i am using salt out of epel and salt-cloud out of a salt build in a virtualenv
20:46 cdsrv and its working?
20:48 cdsrv trying to avoid that complication for the moment.. customer isn't going to want to deal with all that to update production environment, sticking with the yum pipelines
20:49 cdsrv also curious if anyone is using salt-cloud with 'vanilla' openstack configurations such as what might be encountered in a private-cloud circumstance
20:49 willist joined #salt
20:49 ajw0100 joined #salt
20:49 willist anyone know if it's possible to match multiple grains with salt -G?
20:50 sroegner_ cdsrv: it works for now ... can't wait to see this stabilize
20:50 cdsrv willist, search for 'compound matching'
20:50 cdsrv sroegner_ : thanks..!
20:51 willist thanks cdsrv
20:51 sroegner_ np
20:51 cdsrv sroegner, do you know if this will work with standard openstack config?
20:51 cdsrv looks like everything is geared towards commercial provider interfaces
20:51 cdsrv seems like it should
20:52 zandy joined #salt
20:53 StDiluted cdsrv: I'm not running scripts. I'm jsut doing stuff like: cmd.run 'ruby --version'
20:53 stewpot UtahDave: 0.8.9
20:53 StDiluted and I get a different version than if I log in and execute the same command
20:53 StDiluted because the path variables for rbenv are not getting put in
20:55 avdhoot joined #salt
20:55 stewpot another question.. with salt-cloud becoming a part of salt when is that release scheduled for release?
20:57 penguin_dan joined #salt
20:59 jslusher forrest_: any suggestions in troubleshooting this very irksome problem?
21:00 ajw0100 joined #salt
21:00 cdsrv Diluted.. maybe look at using the built-in functions for managing packages.. otherwise push your own scripts out which source their own environment.
21:00 StDiluted Is there a way to change which shell salt uses when it does a cmd.run?
21:00 forrest_ jslusher, not really, I haven't messed with the latest dev branch, is the pillar just failing to compile or what?
21:00 StDiluted cdsrv: I don't think you're actually understanding the issue
21:00 cdsrv maybe not..
21:00 cdsrv :)
21:00 StDiluted The issue is not that I am trying to push out a package
21:00 jslusher no errors, the pillars just don't show up
21:00 StDiluted that works just fine
21:00 forrest_ StDiluted, yes, use the shell option
21:01 forrest_ http://docs.saltstack.com/ref/states/all/salt.states.cmd.html#salt.states.cmd.run
21:01 StDiluted forrest: ah. that is awesome, thank you
21:01 forrest_ jslusher, even when you run it with -l debug it doesn't show any data?
21:01 cdsrv we learn something new every day, yep, thanks1
21:01 forrest_ StDiluted, yea np
21:03 StDiluted strangely that doesn't get the right path vars either
21:03 cdsrv so, StDiluted, what are you exactly trying to do then?
21:03 forrest_ ok, so strip it down to the most basic pillar you can, and then see if that works would be my first step.
21:04 Ahlee anybody rebuilt python26-zmq from epel to use zeromq 3.x and got any suggestions about the severity of hte tests failing?
21:04 StDiluted cdsrv:
21:04 StDiluted EAST root@beta-all1:/usr/src# ruby --version
21:04 StDiluted ruby 1.9.3p484 (2013-11-22 revision 43786) [x86_64-linux]
21:04 dranger joined #salt
21:04 jslusher forrest_: seems to run alright, but I don't get the expected results
21:04 jslusher forrest_: http://pastebin.com/jkZyfXQM
21:04 StDiluted root@dev-salt-ops:/srv/salt# salt 'beta-all1' cmd.run 'ruby --version' shell=/bin/bash
21:04 StDiluted beta-all1:
21:04 StDiluted ruby 1.9.3p385 (2013-02-06 revision 39114) [x86_64-linux]
21:05 JulianGindi joined #salt
21:05 cdsrv the salt command runner may not be picking up your custom environment.. of course.
21:06 StDiluted as you can see, when I log into the server and run ruby --version, I get 1.9.3p484 (thats what I want) but when I run the same command via cmd.run I get 1.9.3p385. That's because it's not getting the .bashrc, .bash_profile, or even /etc/profile.d/*.sh
21:06 forrest_ jslusher, what are you expecting?
21:07 ipmb joined #salt
21:07 cdsrv may I ask why you want salt to run that command?
21:07 StDiluted cdrv: this works, but is a lot of extra typing: salt 'beta-all1' cmd.run 'source /root/.bash_profile;ruby --version' shell=/bin/bash
21:08 cdsrv right
21:08 StDiluted cdsrv: for purposes of seeing what version of ruby is installed on all my hosts, all at once
21:08 StDiluted i mean, salt started as remote execution
21:08 cdsrv there may be a better way, with the 'pkg.installed' function
21:08 StDiluted that was the whole point of it
21:08 StDiluted there is no pkg for ruby
21:09 StDiluted that is past 1.8.7
21:09 StDiluted so I'm using rbenv
21:09 cdsrv well it makes sense you'd need to source environment to get environment
21:09 StDiluted and I am using the rbenv states
21:09 cdsrv k
21:09 jslusher forrest_: I have some values set that used to populate the minion
21:09 cdsrv salt is probably running in minimal environment
21:09 StDiluted it doesn't make sense when I have a .bash_profile which should be read suring a non-interactive shell session with bash
21:09 StDiluted during*
21:09 jslusher forrest_: but now when I run a pillar.items it comes up empty
21:10 forrest_ jslusher, can you try to refresh the pillar data with salt '*' saltutil.refresh_pillar?
21:10 cdsrv yeah, but cmd.run isn't exactly going through the normal channels to operate.
21:10 StDiluted sure it is
21:10 cdsrv anyway, seems like you solved the problem already
21:10 jslusher forrest_: the logs in the paste bin I sent are from that command
21:10 cdsrv :)
21:10 cdsrv source the env..
21:10 forrest_ oh sorry, half distracted.
21:10 StDiluted again, the entire beginning of salt was to be able to execute commands remotely on multiple computers simultaneously. The states system grew out of that.
21:11 StDiluted it's just annoying to have to do all the extra typing. The whole point of environment files is to not have to do that
21:11 forrest_ StDiluted, you should start a thread on the mailing list to discuss that, maybe someone has a more efficient solution
21:12 StDiluted yeah, i might
21:12 mannyt_ joined #salt
21:12 StDiluted i hate mailing lists
21:12 forrest_ it's using the google ones, so it's more similar to a forum
21:12 cdsrv StDiluted, just put all the source statements in a script on the minions
21:13 cdsrv so you can just run that command and it will give you the right results without having to add the source statement on the commandline.
21:13 cdsrv meanwhile maybe the finer points of the cmd.run will fall into place for you.
21:13 cdsrv :)
21:14 cdsrv we are all learning, its quite a relevant issue to bring up
21:14 cewood joined #salt
21:14 forrest_ jslusher, I really don't know why the pillar would just break doing an update like that.
21:18 StDiluted meh, it's not really that I can't write a script, push it to the minions, and use that to run commands. I can do that. My point is really just that I think it would be nice for it to behave like it would is I was just executing the command remotely with SSH, because I took the time to set up the environment files for that to work.
21:18 mwmnj joined #salt
21:18 StDiluted it's unexpected behavior, it's not necessarily wrong behavior
21:19 StDiluted plenty of ways to work around it, I just don't really _want_ to work around it. I use Salt because it makes my life easier
21:20 jslusher forrest_: I wonder if it has to do with the VPC, but it's not complaining about anything related to communication. the calls seem to return alright, they just come up empty
21:20 cdsrv http://docs.saltstack.com/ref/modules/all/salt.modules.cmdmod.html
21:20 oz_akan_ joined #salt
21:20 forrest_ jslusher, yea it might be worth spinning something up somewhere else as a quick test maybe?
21:20 mwmnj does the latest version of salt from pip include the merge with salt-cloud ?
21:22 forrest_ mwmnj, no
21:22 [diecast] joined #salt
21:23 Linz joined #salt
21:25 anuvrat joined #salt
21:25 mwmnj forrset_: 0.17.2 ?
21:27 forrest_ 0.17.2 is the latest release, but salt and salt-cloud are not merged in that release.
21:27 forrest_ they just got salt-cloud into the main salt repo
21:29 luminous hello! say you have multiple salt installed into separate virtualenv.. how would you access one of those installs over another, when using SaltClient or LocalClient?
21:29 luminous eg, with salt-call -c I can specify, but how to do this with python?
21:30 mwmnj forrest_: k
21:34 ipmb joined #salt
21:34 mpanetta Hey guys, I have a possibly stupid question...
21:35 mpanetta Is the overstate the only state that can programmatically call other states?
21:35 mpanetta Outside of including them of course...
21:37 mgw joined #salt
21:40 cdsrv seems like they made 'overstate' to compensate for the fact states weren't executed in any order prior to the .17 release
21:40 cdsrv now, not so sure if its relevent. just guessing tho
21:42 cdsrv maybe some combination ..
21:42 Gareth It seems my work on adding a debian_ip.py module to Salt has led me to find a potential bug in another debian package.
21:44 harobed joined #salt
21:46 NotreDev joined #salt
21:47 mpanetta cdsrv: Ahh, yeah we are not on 0.17 yet
21:48 mwmnj I am running into the error: global name '__opts__' is not defined
21:48 mwmnj when trying to call: digital_ocean.list_nodes()
21:48 mwmnj from salt.cloud.clouds import digital_ocean
21:48 gmcwhist1 joined #salt
21:49 rlarkin joined #salt
21:49 mwmnj Looks like this is the undefined variable: https://github.com/saltstack/salt/blob/develop/salt/cloud/clouds/digital_ocean.py#L80
21:50 mafrosis joined #salt
21:50 mafrosis left #salt
21:52 oz_akan_ joined #salt
21:52 zandy joined #salt
21:52 oz_akan_ joined #salt
21:53 Gareth UtahDave: ping
21:53 UtahDave Gareth: pong!
21:54 lineman60 joined #salt
21:55 chadhs joined #salt
21:55 Gareth UtahDave: hey :) so I've run into a little snag and need some advice on the direction to take.
21:56 UtahDave sure, what's up?
21:57 Gareth working on the debian ip module.  mostly done, one piece left to add.  Ran into an issue with the routes support though.  the accepted way of doing it seems to be using a package called ifupdown-extra, which provides a config file, scripts, etc.  so I've got code that builds that file, and it works great.  The problem is there is a script that does autodetection of IPs.
21:58 Gareth eg. if the IP is already in use on the network it complains, there seems to be a bug in there if you're using Ipv6...it tries to run arping on the ipv6 address, which obviously fails.
21:59 Gareth the arping option can be disabled via an /etc/default file.
22:00 UtahDave ok
22:01 amckinley joined #salt
22:03 UtahDave So is the question whether we should lay down that config option if ipv6 is being used?
22:06 Marion joined #salt
22:06 khaije1 I have read through the documentation in a somewhat disjointed way as time allows but I'm having trouble organizing my understanding of salt ... is there a basic unit (or set of units) that configuration can be reduced to? Whats the first thing a person who wants to start with salt for provisioning should read?
22:06 dranger joined #salt
22:06 UtahDave Gareth: I'm not sure what the best path would be here.  Could you ask on the salt-users email list?
22:07 forrest_ khaije1, did you read through the tutorial?
22:07 UtahDave I have to leave now
22:07 Ryan_Lane joined #salt
22:09 khaije1 this one? http://docs.saltstack.com/topics/tutorials/walkthrough.html
22:09 forrest_ yea
22:10 khaije1 it looks like i marked it read but haven't yet, I'll prioritize it
22:10 forrest_ ok cool
22:10 forrest_ there is also a set of instructions for walking through the creation of states.
22:10 khaije1 which are desired-state declarations?
22:10 forrest_ ?
22:11 jdenning joined #salt
22:11 khaije1 i'm not really clear on the project-specific terminology
22:11 forrest_ states = things that you want done.
22:11 jdenning joined #salt
22:11 forrest_ install packages, create files, etc.
22:13 khaije1 ok, thats what I had in mind ... analagous to a puppet manifest, perhaps?
22:14 forrest_ yes
22:14 khaije1 I'm more familiar with the declarative nature of a puppet manifest, but states can be declarative and imperative, correct?
22:15 forrest_ in what sense?
22:18 khaije1 manifests are organized around the description of what should be and then puppet attempts to make that description correct ... the descriptions of states I've heard (FLOSS Weekly) makes it sound like they are more like OO classes which is challenging for me to wrap my mind around
22:18 worstadmin joined #salt
22:19 forrest_ khaije1, take a look at an example state: https://github.com/terminalmage/djangocon2013-sls/blob/master/foo/app.sls
22:23 Ryan_Lane joined #salt
22:25 snave joined #salt
22:25 khaije1 okay, I see variable substitution based on grains (?) ... the rest is hard for me to parse without annotation since it seems that the type of the thing doesn't clearly/cleanly map to relative heirarchial positions in the file
22:26 khaije1 is it (I) label (a) module (1) module method/attributes ... you see my confusion?
22:26 forrest_ I guess I'm having a hard time understanding what you mean by that.
22:28 khaije1 so setting the variables at the top I get, but the next section... "include:" is that a keyword?
22:28 forrest_ basically yes, it's saying 'hey INCLUDE these other states that I've created'
22:29 forrest_ so the include of git refers to https://github.com/terminalmage/djangocon2013-sls/blob/master/git/init.sls
22:29 forrest_ ssh.server refers to https://github.com/terminalmage/djangocon2013-sls/blob/master/ssh/server.sls
22:31 juicer2 joined #salt
22:32 khaije1 forrest_: how does that lookup happen?
22:34 forrest_ Pretty sure it just all gets compiled together and arranged when you run the actual salt commands, I haven't looked at how the actual include code itself works.
22:34 khaije1 my goal is to be able to visually step through a state file and understand the whole thing, I don't mind reading but haven't found a good entry point to grasp and proceed from just yet
22:35 stewpot has anyone else got problems creating ec2 instances with volumes attached in salt cloud 0.8.9?
22:35 srage joined #salt
22:37 Ahlee any ETA on when 0.17.x will be able to update itself again?
22:37 forrest_ khaije1, if that's your plan then it would probably be good to start with something similar. Take a look at that walkthrough, then http://docs.saltstack.com/topics/tutorials/states_pt1.html
22:38 dccc joined #salt
22:38 mgw joined #salt
22:39 khaije1 forrest_: cheers, thank you!
22:39 forrest_ np
22:41 srage joined #salt
22:42 renoirb This is nice!! http://docs.saltstack.com/ref/states/all/salt.states.file.html#salt.states.file.blockreplace
22:43 forrest_ it's not in yet renoirb
22:43 renoirb Such a shame that i'm still at 0.16.x
22:43 renoirb oh, ok.
22:43 forrest_ unless the release date thing is off, let's see..
22:43 renoirb it says 0.18
22:43 troyready joined #salt
22:43 renoirb I thought it was out already
22:44 forrest_ nope: https://github.com/saltstack/salt/blob/v0.17.2/salt/states/file.py
22:44 forrest_ no blockreplace in there :
22:44 srage_ joined #salt
22:44 forrest_ *:\
22:44 forrest_ it's on the develop branch though
22:45 renoirb cant' wait
22:47 alekibango joined #salt
22:47 matanya joined #salt
22:52 zandy joined #salt
22:53 alunduil joined #salt
22:53 matanya joined #salt
22:54 Linz joined #salt
22:56 cdsrv joined #salt
22:56 rgarcia_ joined #salt
23:02 matanya joined #salt
23:03 pass_by_value left #salt
23:05 avdhoot joined #salt
23:08 mwmnj joined #salt
23:09 Ahlee what the hell creates cluster_id file
23:09 Ahlee er, sorry.
23:09 matanya joined #salt
23:11 berto- joined #salt
23:16 ertac joined #salt
23:17 jslusher forrest_: confirmed that I'm having the same issue not in a VPC
23:24 jslusher https://github.com/saltstack/salt/issues/8819
23:25 jesusaurus anyone around who's familiar with salty vagrant?
23:25 * akoumjian raises hand
23:25 jesusaurus any idea what would be creating /etc/salt/minion_id in the vagrant lxc?
23:26 jesusaurus it doesnt seem to be in the box rootfs, but it exists inside the vm
23:26 akoumjian Not immediately. Can you share your Vagrantfile?
23:27 jesusaurus https://github.com/jesusaurus/salt-formula-rabbitmq/blob/master/Vagrantfile (with lines 3 and 4 modified to use a pre-existing lxc box)
23:27 akoumjian It may either be a salt-bootstrap thing or part of salt proper
23:27 jesusaurus well, the real issue is that /etc/salt/minion_id contains something different than config.vm.hostname
23:29 akoumjian Well, salty-vagrant does not create a minion_id file to my knowledge. I can see it in my vm too. I'm guessing part of a recent salt upgrade
23:30 jesusaurus my minion_id file contains the string "precise-base" can you share what the contents of your minion_id are?
23:30 jesusaurus do they match the hostname?
23:32 jslusher is there anyone in here that develops salt?
23:32 jslusher trying to figure out why I can't see my pillars after an upgrade
23:35 akoumjian jesusaurus: yes, they do
23:37 jesusaurus akoumjian: i just found where in salt its creating the minion_id, im guessing something about my vagrant is causing salt to probe its id before the hostname is set
23:38 jesusaurus i dunno though. today is my first day playing with vagrant
23:38 sroegner_ joined #salt
23:41 jgelens_ joined #salt
23:41 ajw0100 joined #salt
23:41 pentabular joined #salt
23:42 akoumjian does your minion config specify minion id?
23:46 anitak Hey guys, I have a question about updating files on the fileserver backend on the salt master. I want to update my states and pillar configuration in a consistent way, so that while files are being updated, no minion can run highstate and could possibly get a state configuration that is not fully updated. Is there such a thing as a "maintenance mode" for the salt master? If not, is there are recommended way to do consistent upda
23:47 jslatts joined #salt
23:48 NV anitak: use gitfs? I'd imagine that handles it in an atomic manner as the salt master itself does the updating
23:49 anitak @NV: yea, I looked into that, although we are using Mercurial for our repositories. Now that unfortunately does not have an ext_pillar plugin.
23:49 [diecast] joined #salt
23:49 NV hg can expose itself out as a git repo can it not? :P
23:50 anitak also, we'd like to deploy a specific version of state configuration files (they are managed in hg after all)
23:50 anitak we basically ship state configuration files with our python application
23:52 zandy joined #salt
23:54 anitak I thought there was may be a way to put the master in a state were it would not accept requests from minions until a maintenance window is over

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary