Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2013-12-04

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 terminalmage mikef: what version of salt do you have installed
00:00 terminalmage ?
00:01 terminalmage ssh into the f19 box and run: salt-call --versions-report
00:02 mikef__ joined #salt
00:03 mikef__ terminalmage:   http://dpaste.com/1491908/      <== i think its 0.17.2 on both master and minion , sorry my net  broke.
00:06 pipps joined #salt
00:07 terminalmage mikef__: OK, I'll take a look
00:12 seanz joined #salt
00:12 seanz MTecknology: ping
00:13 elfixit joined #salt
00:24 terminalmage mikef__: the monogodb-10gen package doesn't provide a systemd unit
00:25 terminalmage so this is not a salt problem
00:25 mikef__ oh, thats good then
00:25 terminalmage mikef__: they're not hard to write
00:26 terminalmage mikef__: you can place your own there and then put in a cmd.wait that runs systemctl --daemon-reload
00:27 mikef__ terminalmage:  interesting,  let me look into that, sounds like a good solution,
00:28 terminalmage mikef__: yeah, something like this: http://dpaste.com/1491926/
00:28 terminalmage oh damnit
00:28 terminalmage srsly?
00:32 oz_akan_ joined #salt
00:36 jfzhu_us joined #salt
00:36 jslatts joined #salt
00:36 grep_away joined #salt
00:37 cbloss joined #salt
00:38 anitak joined #salt
00:43 pipps_ joined #salt
00:46 amahon joined #salt
00:50 zandy joined #salt
00:59 redondos_ joined #salt
01:04 zandy joined #salt
01:07 cnelsonsic joined #salt
01:12 ertac joined #salt
01:38 anitak joined #salt
01:40 yes456 joined #salt
01:42 yes456 please check  this sls http://pastebin.com/Wkc7eydE need help to understand watch
01:43 yes456 i think when file get update it will restart xinetd service
01:44 yes456 is it correct behavior?
01:44 futurisk joined #salt
01:45 zandy joined #salt
01:51 Ryan_Lane joined #salt
01:52 cnelsonsic joined #salt
01:55 dstanek_afk joined #salt
02:00 robertkeizer joined #salt
02:00 yes456 sorted out thanks
02:07 amortimer_mbp joined #salt
02:11 forrest joined #salt
02:12 sine_nitore joined #salt
02:12 MTecknology seanz: pong
02:15 redondos joined #salt
02:15 MTecknology Would it be overkill to deploy a git server for the sole purpose of using gitfs for salt at home?
02:17 Furao_ joined #salt
02:21 kermit joined #salt
02:24 druonysuse joined #salt
02:24 pentabular joined #salt
02:26 pentabular left #salt
02:36 NV MTecknology: probably - just use a file:// url pointing to a git repo on the local machine :)
02:37 MTecknology but... I'm out of ideas for what servers to create.
02:37 willist joined #salt
02:38 MTecknology Every server is 100% managed with salt. I don't even install a package without doing it via salt. They're all in the state of "just works" and I can't think of neat changes to make to them.
02:38 MTecknology I can't think of other servers to spin up...
02:39 anitak joined #salt
02:46 mannyt joined #salt
02:47 xl1 joined #salt
02:48 jdenning joined #salt
02:49 packeteer is this for fun or profit?
02:51 Ryan_Lane joined #salt
02:53 packeteer have you got log servers? logstash or similar
03:00 danielbachhuber joined #salt
03:02 Drawsmcgraw joined #salt
03:04 mgw joined #salt
03:06 mpanetta joined #salt
03:13 robertkeizer joined #salt
03:13 AdamSewe_ joined #salt
03:14 jfzhu_us joined #salt
03:16 vipul joined #salt
03:17 sine_nitore joined #salt
03:18 jphall_ joined #salt
03:19 szicari joined #salt
03:19 Valdo joined #salt
03:19 robertkeizer joined #salt
03:19 indymike joined #salt
03:19 jasonrm joined #salt
03:19 robertkeizer left #salt
03:19 shine joined #salt
03:19 mollerstrand joined #salt
03:20 robinsmidsrod joined #salt
03:20 Corey joined #salt
03:22 sroegner joined #salt
03:23 codysoyland joined #salt
03:24 NV joined #salt
03:29 philipsd6 joined #salt
03:32 MK_FG joined #salt
03:34 sandGorgon joined #salt
03:35 cachedout joined #salt
03:39 mwmnj joined #salt
03:40 anitak joined #salt
03:41 MTecknology joined #salt
03:43 favadi joined #salt
03:51 Ryan_Lane joined #salt
03:54 oz_akan__ joined #salt
04:05 NV joined #salt
04:12 JordanRinke joined #salt
04:21 Teknix joined #salt
04:34 lemao joined #salt
04:40 anitak joined #salt
04:41 AdamSewe_ joined #salt
04:48 nmistry joined #salt
04:49 grep_awesome joined #salt
04:51 Ryan_Lane joined #salt
04:59 dpippenger joined #salt
05:09 philipsd6 joined #salt
05:14 forrest_ joined #salt
05:15 LordOfLA|Weechat joined #salt
05:17 mollerst1and joined #salt
05:17 tamentis_ joined #salt
05:17 zsoftich_ joined #salt
05:17 oliv`_ joined #salt
05:17 fishpen0 joined #salt
05:18 joehh1 joined #salt
05:18 _FL1SK joined #salt
05:18 indymike_ joined #salt
05:18 dmalinovsky joined #salt
05:19 philipsd6 joined #salt
05:19 kamal joined #salt
05:19 ksk_ joined #salt
05:20 forrest joined #salt
05:20 ze-_ joined #salt
05:21 Gifflen_ joined #salt
05:22 brutasse_ joined #salt
05:22 mikn_ joined #salt
05:22 jasonrm joined #salt
05:22 jfalco joined #salt
05:22 bigmstone joined #salt
05:22 dcmorton joined #salt
05:22 faulkner- joined #salt
05:22 whiteinge joined #salt
05:22 a1j joined #salt
05:22 jfalco joined #salt
05:22 whiteinge joined #salt
05:23 seb` joined #salt
05:23 Furao joined #salt
05:23 sroegner joined #salt
05:23 packeteer joined #salt
05:24 Drawsmcgraw joined #salt
05:25 pt|Zool joined #salt
05:29 codysoyland joined #salt
05:37 dpippenger joined #salt
05:41 anitak joined #salt
05:41 cachedout joined #salt
05:50 matanya joined #salt
05:53 Gifflen joined #salt
06:05 shinylasers joined #salt
06:09 oz_akan_ joined #salt
06:12 jalbretsen joined #salt
06:13 noahasm joined #salt
06:14 bhosmer_ joined #salt
06:18 oz_akan__ joined #salt
06:18 redondos joined #salt
06:23 Destro joined #salt
06:28 MTecknology joined #salt
06:35 lemao joined #salt
06:36 sandGorgon joined #salt
06:41 anitak joined #salt
06:44 bemehow joined #salt
06:46 swc|666 joined #salt
06:51 Ryan_Lane joined #salt
07:09 matanya joined #salt
07:14 harobed_ joined #salt
07:15 harobed_ joined #salt
07:16 harobed_ joined #salt
07:17 harobed_ joined #salt
07:19 bemehow joined #salt
07:23 philipsd6 joined #salt
07:23 scristian joined #salt
07:24 sroegner joined #salt
07:40 xl1 left #salt
07:41 xl1 joined #salt
07:42 anitak joined #salt
07:51 napse joined #salt
07:51 Ryan_Lane joined #salt
07:52 juasiepo joined #salt
07:57 redondos joined #salt
07:58 giantlock joined #salt
07:59 sunand joined #salt
07:59 mbrgm joined #salt
07:59 bemehow joined #salt
08:00 mbrgm hi! i want to match foo1 ... foo15 with globbing... i tried 'foo[0-9]+' but it did not work?
08:00 _ikke_ globbing is not regular expression
08:02 sunand can i call like "sudo salt-ssh '*' state.show_sls test"   it says no sls found for each charachter in "test"
08:02 balboah joined #salt
08:04 slav0nic joined #salt
08:04 slav0nic joined #salt
08:05 napse Has anyone successfully used the dockerio states included on the development branch?
08:09 Nazzy joined #salt
08:13 MrTango joined #salt
08:15 oliv` joined #salt
08:16 harobed_ joined #salt
08:17 bejer joined #salt
08:18 _ikke_ sunand: I guess that's because it expects the argument to be a list, and interates over the characters instead if the items in the list?
08:20 napse sunand: _ikke_ is correct, I've had that exact problem in other states
08:21 napse Is there an "official" developer vagrant box?  I want to eliminate my architecture during bug chasing
08:22 hhenkel joined #salt
08:23 mbrgm _ikke_: how would i do what i want to do then?
08:24 _ikke_ mbrgm: try "test,"
08:24 mbrgm ?
08:24 _ikke_ mbrgm: see the added ,
08:24 _ikke_ Not sure if it works, but you could try
08:24 mbrgm yep
08:24 mbrgm ok
08:29 Ryan_Lane joined #salt
08:36 lemao joined #salt
08:39 gasbakid joined #salt
08:40 napse left #salt
08:43 anitak joined #salt
08:43 Psi-Jack_ joined #salt
08:45 zsoftich_ joined #salt
08:50 anitak joined #salt
08:52 NV mbrgm: of course the sane way would just be to _USE_ a regex match instead of a glob match ;)
08:53 NV (aint nobody got time for listing all 15 nodes)
08:53 NV or just 'foo*' which is a valid glob
08:57 redondos joined #salt
09:03 giantlock__ joined #salt
09:05 neilf_ joined #salt
09:05 jpaetzel_ joined #salt
09:06 lyddonb_ joined #salt
09:07 jefferai joined #salt
09:07 bezaban_ joined #salt
09:07 tallpaul_ joined #salt
09:07 dottedma1 joined #salt
09:08 dottedmag joined #salt
09:09 mikn_ Is it possible to have custom grains read core grains?
09:10 bashcode` joined #salt
09:11 bwq- joined #salt
09:11 andyshin` joined #salt
09:11 EugeneK joined #salt
09:11 dlloyd_ joined #salt
09:12 dpacz joined #salt
09:12 che-arne joined #salt
09:14 crane_ joined #salt
09:17 sunand _ikke_: didnt help :(
09:17 lemao joined #salt
09:18 baoboa joined #salt
09:18 jhermann joined #salt
09:18 sunand i got something like "No matching sls found for ',' in env 'base' " additionally
09:19 terminalmage joined #salt
09:19 drags joined #salt
09:20 ckao joined #salt
09:21 mbrgm NV: i tried this: http://pastebin.com/JtSmT12K but it fails with "no top file or external nodes matches found"
09:21 mbrgm in fact the % is a +
09:22 mbrgm http://pastebin.com/v2Rz88CF
09:24 sroegner joined #salt
09:25 redondos joined #salt
09:27 zooz joined #salt
09:27 godber joined #salt
09:28 xl1 joined #salt
09:36 trevorj joined #salt
09:41 JordanRinke joined #salt
09:41 mike25 joined #salt
09:42 * mike25 hi all
09:45 * NV waves to mike25
09:46 * mike25 yesterday i had the first minion deployed with all the packages.. app... confs etc... all went smoothly
09:46 NV nice
09:46 mike25 yeah ... salt's future looks great
09:54 N-Mi joined #salt
09:56 __cli joined #salt
09:56 quanta_ joined #salt
09:57 quanta_ I have tried on my local machine, and it didn't work
09:57 quanta_ no folder was created in /var/cache/salt/minion/
09:57 quanta_ if I `mkdir file_backup` manually, no file was created in that folder
09:58 quanta_ Version: 0.17.2
09:58 quanta_ {{ pillar['home'] }}/.vimrc:
09:58 quanta_ file:
09:58 quanta_ - managed
09:58 quanta_ - user: quanta
09:58 quanta_ - group: staff
09:58 quanta_ - mode: 644
09:58 quanta_ - template: jinja
09:58 quanta_ - source: salt://vim/vimrc.jinja2
09:58 quanta_ - backup: minion
10:01 quanta_ http://docs.saltstack.com/ref/states/backup_mode.html
10:03 bhosmer_ joined #salt
10:03 NV did the execution of that state actually result in the file changing?
10:03 NV also what does file.list_backups show?
10:04 NV and does anything change if you set backup_mode: minion in the minion config?
10:07 yota joined #salt
10:10 quanta_ NV: sure, I have tried to move .vimrc to somewhere and re-run to create it
10:11 quanta_ I have tried both: backup_mode in minion config and backup: minion in sls file
10:12 quanta_ ah, I am testing on OS X (if it makes sense)
10:13 quanta_ sudo salt '*' file.list_backups /Users/quanta
10:13 quanta_ MacBook-Pro.local:
10:13 quanta_ Traceback (most recent call last):
10:13 quanta_ File "/usr/local/lib/python2.7/site-packages/salt/minion.py", line 691, in _thread_return
10:13 quanta_ return_data = func(*args, **kwargs)
10:13 quanta_ File "/usr/local/lib/python2.7/site-packages/salt/modules/file.py", line 2552, in list_backups
10:13 quanta_ for fn in [x for x in os.listdir(bkdir)
10:13 quanta_ OSError: [Errno 2] No such file or directory: '/var/cache/salt/minion/file_backup/Users'
10:14 quanta_ ├── extmods
10:14 quanta_ ├── files
10:14 quanta_ ├── highstate.cache.p
10:14 quanta_ ├── highstate.p
10:14 quanta_ ├── module_refresh
10:14 quanta_ ├── proc
10:14 quanta_ └── sls.p
10:15 quanta_ Above is the /var/cache/salt/minion tree
10:16 favadi quanta_, I think you should file a bug report
10:17 favadi the file_backup feature work well for me on CentOS and Ubuntu
10:17 mike25 hey guys ... who can help me out for 2 min on private... related to jinja/pillar DATA structures?
10:17 mike25 some stupid Q...
10:19 tiriel joined #salt
10:20 tiriel Hi everybody!
10:20 mike25 hey tiriel
10:21 Gnouc joined #salt
10:21 tiriel I'm a bit stumped here. I'm trying to write a state file that fetches an sls from a remote location and then runs that sls, but I can't figure out how to make sure that the remote file has been fetched to begin with
10:22 tiriel I don't know if I'm making any sense
10:24 aleszoulek joined #salt
10:25 tiriel http://pastebin.com/TqeKMH33
10:26 redondos joined #salt
10:27 tiriel http://pastebin.com/HPJgdi7e
10:28 favadi travisfischer, I don't think your code will work at all
10:29 NV quanta_: err, you moved the .vimrc somewhere? so what file is it going to backup if no file exists? :)
10:29 NV you probably want to change the contents of the .vimrc
10:29 NV mike25: why not just paste here?
10:33 quanta_ NV: my silly test case
10:34 tiriel On the last pastebin, the include statement is dependent on the /srv/salt/php file statement, but I cannot figure the proper way to write it
10:35 mike25 NV  http://pastebin.com/xysT4MSP
10:35 mike25 what am i doing wrong here?
10:36 mike25 the state... doesn't generate anything
10:37 mike25 brb 3 min
10:38 NV I'm curious what you did when you pasted that url
10:38 NV mucked up KiTTY's url detection
10:39 NV mike25: for starters your outer if statement is redundant
10:39 NV second if you're using the pillar.get('blah:blah') style
10:39 NV you cant use the default jinja dict .get func
10:40 NV you have to use
10:40 __cli hello, is it possible to call salt.pillar.git_pillar.update(branch, repo_location) using saltutil or something similar ?
10:40 NV salt['pillar.get'](''config:ntpservers')
10:40 NV err
10:40 NV salt['pillar.get']('config:ntpservers')
10:40 NV not sure where that extra quote came from...
10:41 NV and probably worth passing in the default empty dict {} as the second parameter too
10:41 NV salt['pillar.get']('config:ntpservers', {})
10:41 NV so you dont get errors (and can still drop the if check)
10:42 NV also i suggest using
10:42 NV {% for srv,v in salt['pillar.get']('config:ntpservers', {}).iteritems() %}
10:43 NV then having test-file--{{ srv }}: as your state name
10:43 NV otherwise you're using 'v', which is a dict, in your states name, which won't work very well :P
10:43 NV (srv will be 'server1' or 'server2' in your example of course, ie the key)
10:45 tiriel can I get some help with this http://pastebin.com/HPJgdi7e ?
10:46 whiskybar joined #salt
10:46 tiriel in there, the /srv/salt/php symlink is a directory containing an init.sls file. how do I add that to my state with the symlink as a prerequisite?
10:47 jcsp joined #salt
10:48 scristian if I want to read pillar data in a .conf file, only way is to do a jinja template ? thanks
10:49 NV scristian: not necessairly, a python templated file could also read it, or if the entire files contents is in a pillar you can use file.managed's contents_pillar options
10:50 NV etc
10:50 philipsd6 joined #salt
10:50 NV or like file.append with the pillar being expanded in the state itself to add a specific line, etc
10:50 NV otherwise, yes, templated file :)
10:51 NV tiriel: why not use gitfs? It supports multiple git backends for just such an occasion
10:51 mike25 NV thanks buddy - will look into it now... i am still confused with dictionaries... shit i have to learn py
10:51 NV hehe, you won't regret it!
10:51 tiriel because I'm running masterless
10:53 NV ah, glhf then, never done masterless tbh
10:57 harobed_ joined #salt
10:57 tiriel still, the backend is not relevant. I'm just struggling to write a stanza that basically says execute php/init.sls if and only if php/init.sls exists
10:58 NV not possible without breaking out into a py rendered state
10:59 NV (at which point you can literally call os.flie.isfile etc)
11:01 mike25 how can i add comments into a pillar sls file?
11:01 mike25 like {# my comment #} ?
11:02 NV comments begin with a #
11:02 NV but must still match the whitespace indenting
11:03 NV there's also block comments (google yaml comment)
11:03 mike25 aha GOOD to know that
11:04 mike25 NV: i see you are very active.. and a really GOOD help... are you part of the dev team?
11:05 NV no
11:05 NV just someone who wastes a lot of time on IRC in between hacking on code for various things :P
11:05 mike25 even better :)  i really liked this irc channel... because of the really good people here.
11:06 mike25 the irc channel made me ... really look into SALT and i did the right choice.
11:13 pengunix joined #salt
11:19 mike25 guys... can i ... generate a config file on the minion BASED on something return by a shell command? ... eg> i want to create the  /etc/sysconfig/network-scripts/ifcfg-eth0   file but i need the IP from the  command> ifconfig eth0 |grep "inet addr:" | awk  '{ print $2 }' | awk -F: '{ print $2 }'
11:20 mike25 the IP generated by the DHCP server
11:20 mike25 but after that needs to be static
11:20 NV use a grain lol
11:20 NV in fact, there is already grains for exactly that!
11:21 NV salt-call grains.items
11:21 NV ;)
11:21 mike25 ah shit... NV you are right... but for OTHER .. .things... like smth returned by a command... is it possible?
11:21 NV possibly using cmd.run, etc
11:21 NV like in your jinja template
11:22 NV {{ salt['cmd.run']('echo fancy') }}
11:22 NV but yeah, i've never had to do it so YMMV, and chances are there is a better way to do it
11:22 NV (consider the command will be run every time the state is compiled, even if the state does nothing, etc)
11:23 mike25 i know that... true
11:23 mike25 but that state will run only once.
11:23 NV either be it a grain, or a server-side pillar
11:23 mike25 thanks buddy
11:23 NV the state will run once, sure - but the template will be compiled every time the sls file is executed (ie, every highstate!)
11:23 NV and thus the jinja is compiled down
11:23 NV so the cmd.run would happen, every time...
11:24 NV even a state.show_sls would cause it to be run
11:24 diegows joined #salt
11:25 bhosmer_ joined #salt
11:25 NV also, fuckyeahseaking, vyatta get_node_type function works
11:25 tiriel Ha! I managed
11:25 sroegner joined #salt
11:25 NV ooh? how?
11:26 tiriel by using the modules state
11:26 NV calling state.sls?
11:26 NV dirty :P
11:27 tiriel http://pastebin.com/KHe2jrgR
11:27 tiriel yup, it's not very pretty
11:28 NV http://pastie.org/8527954 is how i do a similar thing to include states that match roles in my pillar roles dict ftr
11:28 NV i assume cp.list_states works in masterless, if not just replace the check with os.path.exists() (and check for .sls and /init.sls)
11:29 NV then it just builds an include list, so your highstate looks normal :)
11:29 NV OTOH, your highstate wouldn't include the php state initially, only the second time around
11:29 JasonG_TA joined #salt
11:30 quanta_ joined #salt
11:34 dpippenger joined #salt
11:46 zandy joined #salt
11:56 zooz # ps aux | grep salt-minion | wc -l
11:56 zooz 121
11:56 zooz this gets really old
11:58 zooz it's been happening with almost all versions of salt
12:06 NV zooz: never experienced that tbh
12:07 zooz I have multiple times
12:08 zooz it happens when master has an invalid key of a minion or when master is gone
12:08 Teknix joined #salt
12:10 carlos__ joined #salt
12:13 NV actually, now that you mention it i think it also happens if the pillar data fails to compile when a node first starts up too...
12:13 NV accidentally nuked a box with ~3000 minion processes once doing that...
12:13 harobed joined #salt
12:15 NV zooz: have you got a bug report open about that issue?
12:23 ertac joined #salt
12:26 zooz NV, I looked at this issue some time ago, I believe multiple times, and always the new version promised fixing this problem
12:27 redondos joined #salt
12:29 foxx joined #salt
12:29 foxx left #salt
12:30 NV zooz: link to github issue(s)?
12:30 foxx joined #salt
12:32 zooz I don't have it at hand, I'll link you to it if I find it
12:33 foxx joined #salt
12:35 foxx left #salt
12:37 foxx joined #salt
12:39 favadi joined #salt
12:55 mike25 hey again ... can i add 2 services to a state :  nfs-services:
12:55 mike25 service:
12:55 mike25 - names:
12:55 mike25 - rpcbind
12:55 mike25 - rpcidmapd
12:56 mike25 is that correct?
12:56 blee joined #salt
12:57 bhosmer joined #salt
12:57 NV mike25: no, see http://docs.saltstack.com/ref/states/all/salt.states.service.html
12:57 mike25 yeah i was looking there..
12:57 mike25 i just thought i can add 2 :)
12:58 higgs001 joined #salt
12:59 NV hehe
12:59 NV better luck next time :P
12:59 * NV wanders to bed
12:59 mike25 NV:  sleep tight :)
13:07 sroegner joined #salt
13:10 Gifflen joined #salt
13:12 harobed joined #salt
13:13 jfzhu_us joined #salt
13:15 MZAWeb joined #salt
13:21 elfixit joined #salt
13:23 amahon joined #salt
13:28 redondos joined #salt
13:34 Sheco joined #salt
13:37 macduke joined #salt
13:43 jslatts joined #salt
13:44 ipmb joined #salt
13:44 quanta_ joined #salt
13:49 hhenkel Hi all, I installed halite two weeks ago and managed to get the frontend up and running. But since then I hadn't had time to invest more time.
13:50 rgbkrk joined #salt
13:50 hhenkel I'm currently facing a problem when I try to login with a user that is able to authenticate on the cli via pam.
13:50 hhenkel Anyone able to point me to the way to solve this? Do I need to configure halite in some way?
13:52 _ikke_ hhenkel: This is #salt
13:52 _ikke_ oh, n/m
13:53 Destro You mean you need to grant the users authority to use Halite
13:53 Destro external_auth:
13:53 Destro pam:
13:53 Destro username:
13:53 Destro - .*
13:53 Destro - '@runner'
13:54 Destro - '@wheel'
13:54 Destro Restarting the service would be required
13:54 Destro Just change the username towards the Local Pam user
13:54 hhenkel _ikke_: I know that's why I'm asking... ;)
13:54 hhenkel Destro: So for halite I need "@runner" and "@wheel" ?
13:55 hhenkel Destro: For authentication on the cli everything is fine for the user.
13:55 Destro Those I've tested previously and was working however I removed it completely :-( I just wrote my own SaltCLI
13:55 Destro Yip, to log into halite that would be the best
13:56 mpanetta joined #salt
13:56 Destro or to log into halite you can just add that then restart master and halite and should be working
13:56 prooty joined #salt
13:56 juicer2 joined #salt
13:57 prooty hello. i have an sls, for example foo.sls.
13:57 prooty foo.sls only contains an include of another sls.
13:58 brianhicks joined #salt
13:58 prooty if i have foo included in a separate sls and have it be a requirement of a state (require sls: foo), salt errors with "the following requisites were not found".
13:59 prooty but if i put something inside foo.sls (for example bash pkg.installed), then it works.
13:59 hhenkel Destro: It's still failing for halite
14:00 hhenkel Destro: What do you mean with "log into halite you can just add that then restart master and halite and should be working"
14:00 prooty can i just have foo.sls be empty except for an include?
14:01 ertac joined #salt
14:01 Destro Hmmm, that worked for me - perhaps check the error logs for any traces, might need additional py packages
14:02 hhenkel Destro: I started halite with "-l debug" but I see nothing in stdout
14:02 racooper joined #salt
14:04 marcinkuzminski joined #salt
14:11 mannyt joined #salt
14:18 Destro hhenkel problem resolved -> ran "salt-call state.highstate --local" to verify which packages was missing and installed them acordingly
14:18 cachedout joined #salt
14:20 moos3 joined #salt
14:22 mikn_ Is there a module for ensuring a disk is formatted before mounting it?
14:29 redondos joined #salt
14:29 quanta_ left #salt
14:32 vejdmn joined #salt
14:32 juasiepo joined #salt
14:35 JulianGindi joined #salt
14:36 quickdry21 joined #salt
14:43 th3reverend joined #salt
14:45 th3reverend left #salt
14:47 scoates joined #salt
14:52 dan_johnsin joined #salt
14:57 davidfischer joined #salt
15:03 cachedout joined #salt
15:03 mpanetta_ joined #salt
15:06 mannyt joined #salt
15:10 th3reverend joined #salt
15:10 th3reverend left #salt
15:11 pengunix_ joined #salt
15:13 N-Mi joined #salt
15:24 tyler-baker joined #salt
15:28 pass_by_value joined #salt
15:29 forrest joined #salt
15:30 redondos joined #salt
15:30 PhiSec joined #salt
15:31 schristensen joined #salt
15:38 crane joined #salt
15:38 mike251 joined #salt
15:42 ccase joined #salt
15:46 smccarthy joined #salt
15:52 beardo joined #salt
15:53 Sheco joined #salt
15:54 kermit joined #salt
15:54 marcinkuzminski joined #salt
15:57 shiin joined #salt
15:57 shiin when running a shell script in a salt state using cmd.run I get much different results than when locally executing that script on my server.
15:58 shiin the shell script is calling python setup.py build and install and it bursts into errors
15:58 shiin what am I missing?
15:58 forresta shiin, maybe an issue with the shell?
15:58 Gifflen joined #salt
15:58 forresta do you have any weird configuration locally on that machine?
16:01 shiin I dont have issues with the shell, I tried both /bin/sh and /bin/bash as shebangs in that script.
16:01 bbinet joined #salt
16:01 bbinet hi guys
16:02 bbinet salt newbie here
16:02 scoates shiin: virtualenv related?
16:02 forresta shiin, so you're calling an actual file to run the command?
16:02 shiin http://pastebin.com/4TMYBeuB
16:02 shiin thats the script
16:03 bbinet how long the salt '*' state.show_highstate should take?
16:03 bbinet on my side it takes 41s, is that normal?
16:04 EugeneKay About right.
16:04 mike251 weird scenario: i have a conf file to deploy ... and i have a {{ ip }} variable inside... that ip variable has to come from a command like ifconfig eth0 |grep 'inet addr'| awk '{print $2}'|sed 's/addr://'  which gives me the ip of the machine.... So that ip has to populate the conf file and push it to the minion (i know i can find the ip via grains.. the ip is just an example in this case)
16:04 shiin bbinet: if there are many states across slow networks, it takes longer. it also slows down when registered minions are unavailable.
16:04 forresta shiin, I'd say add some logging into the script to print variables out to a file within /tmp (including all the variables as they are set, and the directories as you change into them) to see if something weird isn't getting pulled properly
16:06 bbinet shiin: salt '*' test.ping is  0.5s, and I have few states
16:06 forresta mike251, I guess I am a bit confused, so you need the IP, which is available via a grain, but want to attain it via another method?
16:06 mike251 yeah forresta... or the MAC not the IP :)
16:06 mike251 the ip was just an example...
16:06 bbinet shiin: I'll try to remove all state except one to see if this is still so slow
16:06 shiin forresta: the mess starts in the last two lines when calling python
16:06 forresta can you try to reference the full path to python shiin?
16:07 forresta so ${WORKING_DIR}/${PHPSH_SUBDIR} (seems recursive which is odd though?
16:08 shiin for the lack of a better subdir-name, I wanted the tar to unpack into its own directory so it can easily be rm'd.
16:08 forresta gotcha
16:09 shiin about referencing python, you mean like which python?
16:09 forresta do you have multiple python versions installed?
16:09 forresta yea
16:09 forresta mike251, so for what reason can you not use the ip grain?
16:10 shiin both salts cmd.run and when logged in as root user says /usr/bin/python
16:10 forresta hmm
16:10 forresta well, what errors do you get when running it?
16:11 pentabular joined #salt
16:12 shiin http://pastebin.com/GEas8rd7 <- above that snippet, theres just more tar unpacking paths.
16:12 mike251 forresta: i need the mac as well ... so i need to create the /etc/sysconfig/network-scripts/ifcfg-eth0  from salt... but to take the MAC IP and GATEWAY that are already there after i deploy the minion
16:12 cachedout joined #salt
16:13 forresta mike251 ahh I seem
16:13 forresta *see
16:13 forresta hmm
16:13 fllr joined #salt
16:14 forresta shiin, I wonder if there's an issue with the home directory
16:14 pdayton joined #salt
16:14 forresta though make requiring emacs is also pretty comical
16:14 mike251 forresta: is there a way to run the salt '*' cmd.run XXXX and the response of this command to be assigned to a {{ jinjavar }} .. all this inside a state file ?
16:15 bbinet shiin: with only one state definition, state.show_highstate now takes 52s!
16:15 bbinet see: http://pastebin.com/NaKsyPC2
16:15 forresta mike251, ehh that seems kinda dirty. why not use http://docs.saltstack.com/topics/tutorials/states_pt3.html#calling-salt-modules-from-templates
16:15 forresta they have an example there where they pull the mac for eth0
16:16 mike251 cool!!!!!! forresta
16:16 forresta looks like it uses the network module
16:16 forresta http://docs.saltstack.com/ref/modules/all/salt.modules.network.html
16:16 bbinet I feel like salt is very slow, or there is an issue in my setup
16:16 forresta I don't see one for gateway in there though..
16:16 mike251 forresta: ... i will dig into it
16:16 mike251 thanks buddy
16:16 forresta bbinet, well, how many hosts do you have, and what sort of resources do you have on the master
16:16 forresta mike251, yea np
16:17 shiin heres the env output on both sides: http://pastebin.com/6qzgzFCD
16:17 bbinet forresta: only one host, and one resource
16:17 backjlack joined #salt
16:17 forresta so you just have a master and a single minion??
16:17 bbinet forresta: see the result of state.show_highstate:
16:17 bbinet forresta: http://pastebin.com/NaKsyPC2
16:17 bbinet forresta: yes :-)
16:18 forresta EugeneKay, that seems pretty slow to me for a single minion
16:18 bbinet forresta: I'm experimenting with salt
16:18 robert0878 joined #salt
16:18 forresta bbinet, yea always good to do so
16:19 bbinet forresta, shiin: any idea why it can be so slow?
16:19 forresta mike251, looks like this dude wrote his own grain to get some of that data: http://www.marsdominion.com/2013/10/31/saltstack-and-bonding-part-1/
16:19 forresta bbinet, what does the round trip time look like between servers?
16:19 mike251 cool .. forresta will check it
16:19 forresta with just normal commands.
16:20 seanz MTecknology: ping again. Sorry, I wasn't able to respond to you yesterday.
16:20 forresta seanz, don't apologize to MTecknology, that will just fuel his rage
16:20 forresta :P
16:20 seanz forresta: It's been done. I will now have to endure the consequences. :)
16:20 forresta heh
16:20 seanz MTecknology: goodwill referred me to you. I'm doing some apt packaging research and work, and I wanted to ask you some questions.
16:21 bbinet forresta: ping is good: 0.2ms
16:21 forresta and resource wise the master isn't stressed?
16:21 bbinet forresta: nope
16:21 bbinet 99% idle ;-)
16:22 bbinet time salt '*' test.ping returns in 0.5s
16:22 Doormatt joined #salt
16:22 forresta can you go onto the minion and run salt-call state.show_highstate?
16:22 bbinet but state.highstate of state.show_highstate is really slow
16:23 bbinet forresta: will do
16:23 forresta bbinet, ok, the next thing to do after that is gonna be to change how your top.sls is formatted (to make it extremely simple), and apply an extremely simple state, such as a package install or something.
16:24 forresta Then you should be able to see whether it happens only with your specific top file/states, or all top files/states, and that should provide another troubleshooting path.
16:24 bbinet salt-call state.show_highstate returns in 36s on the minion
16:25 forresta ok
16:25 bbinet now I'll change the top.sls file to only manage a single file
16:25 forresta sounds good
16:25 forresta how long did an actual highstate run take previously?
16:25 N-Mi joined #salt
16:25 N-Mi joined #salt
16:25 forresta also, can you make sure your 'new' top only has the single base environment?
16:26 PhiSec left #salt
16:26 bbinet an actual highstate run took from 26s to 55s previously
16:26 mike251 now.. all it remains is to get the getway of a minion ... anyone knows how to do that?
16:26 bbinet forresta: I already use only the 'base' environment
16:26 forresta ok cool
16:28 forresta mike251, there doesn't seem to be a default module item to do that, and while it's super ghetto, could you take the IP address, then modify the 3rd(?) octet to match your subnet? Hopefully all subnets have a reserved IP for the gateway address
16:28 cnelsonsic joined #salt
16:29 pentabular left #salt
16:29 mike251 yeah ... good point..  forresta
16:29 mikn_ Can anyone tell me why the following doesn't work? http://pastebin.com/a9PZjsgX I'm trying to use jinja template imports...
16:29 mike251 but ... i am on 3-4 different networks... is more complicated
16:29 forresta don't all the networks use the same gateway address, so 192.168.1, and 192.167.1 ?
16:30 blee joined #salt
16:30 forresta missing an octet, but you get the gist
16:30 redondos joined #salt
16:30 robert0878 hello everyone, i have some questions about the AES use in the network protocol
16:31 robert0878 I've seen that the AES encryption for master <=> minions communications uses the same key for all minions (I've logged the AES key)
16:31 robert0878 which would means that one compromised minion would allows full access to my salt network (tcp payload contains the same encrypted data for each minion)
16:31 aptiko ogai: Anyway, I will create this email address, filling up all 10 names, and when we get the 11th we decide. Do you have any idea for the name? submit@wikical.com?
16:31 aptiko oops, sorry, wrong window
16:31 robert0878 and it seems that is the case because of the structure of 0MQ which kind of "duplicate" an outgoing packet to everybody (which then makes hard to encrypt with one specific AES key per minion)
16:32 [diecast] joined #salt
16:32 bbinet forresta: so here is my test
16:32 bbinet tree
16:32 bbinet .
16:32 bbinet ├── test.sls
16:32 bbinet └── top.sls
16:32 bbinet $ cat top.sls
16:32 bbinet base:
16:32 bbinet '*':
16:32 bbinet - test
16:32 bbinet $ cat test.sls
16:32 bbinet /tmp/test:
16:32 bbinet file.directory:
16:32 bbinet - makedirs: True
16:33 bbinet time salt '*' state.show_highstate returns 24s
16:33 Doormatt robert0878: While it's not for salt, this sensu FAQ addresses the same point:  http://sensuapp.org/docs/0.12/ssl
16:33 bbinet forresta: this is still slow, isn't it?
16:33 forresta I'm not sure, I honestly haven't really timed running show_highstate, how long does the highstate run itself take if you do state.highstate?
16:34 higgs001 joined #salt
16:34 forresta mikn_, you might try {% from 'dev/data/init.sls' import dev, fs_type with context %}
16:34 bbinet forresta: it runs in 31s
16:35 forresta bbinet, yea that seems extensive, ok next thing, run the highstate again, but add -l debug
16:35 forresta see if we get anything else with debug logging
16:35 UtahDave joined #salt
16:35 bbinet forresta: ok
16:36 forresta 31 seconds for a highstate one a single minion that just creates a tmp directory seems a bit high to me :P
16:36 bbinet forresta: it stay a long time on:
16:36 bbinet [DEBUG   ] LocalClientEvent PULL socket URI: ipc:///var/run/salt/master/master_event_pull.ipc
16:37 bbinet here is the full log:
16:37 bbinet $ salt '*' state.highstate -l debug
16:37 bbinet [DEBUG   ] Reading configuration from /etc/salt/master
16:37 robert0878 Doormatt: yes, but sensu answer might be good enough for monitoring but for me, it is not good enough for cfg mgmt/orchestration with root privileges
16:37 bbinet [DEBUG   ] Including configuration from '/etc/salt/master.d/helioslite.conf'
16:37 bbinet [DEBUG   ] Reading configuration from /etc/salt/master.d/helioslite.conf
16:37 bbinet [DEBUG   ] Missing configuration file: /home/bruno/.salt
16:37 bbinet [DEBUG   ] loading log_handlers in ['/var/cache/salt/master/extmods/log_handlers', '/usr/lib/pymodules/python2.7/salt/log/handlers']
16:37 forresta bbinet, paste it in a gist please
16:37 bbinet [DEBUG   ] Skipping /var/cache/salt/master/extmods/log_handlers, it is not a directory
16:37 bbinet [DEBUG   ] None of the required configuration sections, 'logstash_udp_handler' and 'logstash_zmq_handler', were found the in the configuration. Not loading the Logstash logging handlers module.
16:37 forresta or on pastebin
16:37 bbinet [DEBUG   ] Configuration file path: /etc/salt/master
16:37 bbinet [DEBUG   ] Reading configuration from /etc/salt/master
16:37 bbinet [DEBUG   ] Including configuration from '/etc/salt/master.d/helioslite.conf'
16:37 bbinet [DEBUG   ] Reading configuration from /etc/salt/master.d/helioslite.conf
16:37 bbinet [DEBUG   ] Missing configuration file: /home/bruno/.salt
16:37 bbinet [DEBUG   ] LocalClientEvent PUB socket URI: ipc:///var/run/salt/master/master_event_pub.ipc
16:37 bbinet [DEBUG   ] LocalClientEvent PULL socket URI: ipc:///var/run/salt/master/master_event_pull.ipc
16:37 bbinet [DEBUG   ] loading output in ['/var/cache/salt/master/extmods/output', '/usr/lib/pymodules/python2.7/salt/output']
16:37 forresta because IRC is gonna DC you for spamming
16:37 bbinet [DEBUG   ] Skipping /var/cache/salt/master/extmods/output, it is not a directory
16:37 bbinet [DEBUG   ] Loaded no_out as virtual quiet
16:37 bbinet [DEBUG   ] Loaded json_out as virtual json
16:37 bbinet [DEBUG   ] Loaded yaml_out as virtual yaml
16:37 bbinet [DEBUG   ] Loaded pprint_out as virtual pprint
16:37 bbinet forresta: sorry, will do
16:38 forresta thanks
16:38 bbinet forresta: here it is: http://pastebin.com/1hQ6Chny
16:38 forresta cool
16:39 robert0878 Doormatt: so I'm going to put salt network communications in stunnel or ssh tunnel and I was wondering if anybody had better ideas than using "secure wrappers"
16:39 Doormatt robert0878: Hmm...
16:39 forresta robert0878, you could use salt-ssh
16:40 robert0878 yes, I'm looking forward to it but it's seems that it will hardly get to the actual state of salt (with pillars, scalability etc)
16:41 pentabular joined #salt
16:41 forresta https://github.com/saltstack/salt/blob/85e446abc310ba92fba7705dc784faa8ffc08e57/salt/utils/event.py#L401 seems like maybe that's related to some socket stuff with zeromq, what version of zmq are you on bbinet?
16:41 forresta robert0878, yea it has drawbacks
16:41 mikef joined #salt
16:42 forresta robert0878, I feel like this has been brought up on the mailing list before, but I can't remember the topic, might be worth double checking over there.
16:42 robert0878 about aes key or salt-ssh limitations?
16:43 bbinet forresta: salt --versions-report report Salt: 0.17.2 and ZMQ: 3.2.2
16:43 forresta ok that should be fine then
16:43 forresta about the aes key robert0878
16:43 Doormatt robert0878: I suppose running the salt-minion as non-root isn't an option?
16:45 forresta bbinet, I don't know enough about how the master_event_pull.ipc is assigned :\
16:45 robert0878 Doormatt: it can be but the point of using a cfg mgmt tool in my case it to do root operations like install packages
16:45 Doormatt robert0878: Yeah, I figured that'd be the case.
16:45 bbinet forresta: what is master_event_pull.ipc about?
16:46 bitz joined #salt
16:46 rgbkrk joined #salt
16:46 bbinet forresta: do you think I should open a bug report?
16:46 Ryan_Lane joined #salt
16:46 forresta I don't know, I only see that item a few times in the code when doing a search: https://github.com/saltstack/salt/search?q=master_event_pull&amp;ref=cmdform
16:46 forresta but it could be missing some
16:46 forresta since there are more than 2 instances in event.py
16:47 forresta bbinet, I'd say start a discussion on the mailing list first
16:47 amahon joined #salt
16:47 forresta we don't really have enough detail to create an issue
16:48 bbinet forresta: ok. Thanks a lot for helping!
16:48 forresta bbinet, if you want to get really in-depth, I'd try a stack trace, or a library trace when you run the command, then you MIGHT be able to see what's happening at that point
16:48 prooty hello. i have an sls, for example foo.sls.
16:48 prooty foo.sls only contains an include of another sls.
16:48 forresta bbinet, yea np, I wish I had a better solution for you since you're testing it out :P
16:48 prooty if i have foo included in a separate sls and have it be a requirement of a state (require sls: foo), salt errors with "the following requisites were not found".
16:48 prooty but if i put something inside foo.sls (for example bash pkg.installed), then it works.
16:48 prooty can i just have foo.sls be empty except for an include?
16:49 forresta prooty, for what reason would you do that, instead of defining those items to include in the top.sls?
16:49 robert0878 forresta: I've just double checked the mailing list about aes key reuse across the network and I found nothing about it
16:49 Doormatt robert0878: So your concern is that someone could steal a minion key, and then issue commands?
16:50 forresta robet0878, ok might be worth starting a discussion on then, since I believe most of the devs are subscribed to the mailing list.
16:50 forresta prooty, I've just never seen anyone do that, so I don't have an answer for you
16:51 Doormatt prooty: Yes, you can have an SLS with just an include.
16:51 forresta Doormatt, that's good to know, I never thought to do that
16:51 robert0878 Doormatt: yes and also the fact that it is able to decipher the commands I send to the others and gain valuable data about my (potentially poor) server configuration
16:51 Doormatt robert0878: Gotcha.
16:52 bbinet forresta: I've commented out git fileserver_backend and related gitfs_remotes, and state.show_state is now down to 17s
16:52 bbinet forresta: (forgot to do that before)
16:52 bbinet forresta: does it sounds ok for you in terms of speed?
16:52 forresta bbinet, I'd try the actual highstate run again
16:53 ggoZ joined #salt
16:53 bbinet forresta: salt '*' state.highstate runs in 23s
16:53 forresta that's still way too slow
16:53 jalbretsen joined #salt
16:54 bbinet forresta: ok, thanks. Will start a thread on the ml
16:54 forresta bbinet, cool! I will be very interested to see the results
16:55 mike251 hey guys - if anyone wants to find the IP / MAC / GATEWAY (you need to know the gateway like .1 or .254 )  this is what i have used:
16:55 mike251 http://pastebin.com/1Gb7XXLK
16:57 robert0878 I think it would be pretty easy to mitigate the sending of command by signing the clear text payload with the master RSA private key
16:58 Doormatt robert0878: You'd certainly think so...
16:58 robert0878 (pretty easy is not a good choice of words)
17:00 Gifflen joined #salt
17:01 mike251 left #salt
17:01 mikef__ joined #salt
17:02 Doormatt robert0878: So, if I'm looking at a pcap file from my salt server, how would I go about determining the AES key used?
17:02 robert0878 you need access to a compromised minion
17:02 robert0878 not only pcap
17:03 Doormatt Ah - so your concern is that once one minion is compromised, it can be used as a toehold to continue to exploit?
17:03 KyleG joined #salt
17:03 KyleG joined #salt
17:03 Doormatt (And the information leakage)
17:04 robert0878 i've logged the aes key from decrypt & encrypt
17:04 robert0878 https://github.com/saltstack/salt/blob/develop/salt/crypt.py#L386
17:04 blee_ joined #salt
17:04 robert0878 and it's the same on multiple minion
17:04 mikn_ forresta: The assignment for {% set dev = (file.find('/dev', name='vd[c-z]') | first) %} looks correct?
17:04 robert0878 yes, one compromised minion means not so long before everybody is compromised
17:06 Doormatt robert0878: forgive me if I'm being dense, but how would sticking the communication over ssh help in this case?
17:06 robert0878 I haven't tried to reinject crafted packet in my network because of 0MQ which makes it not as straightforward to get in the existing tcp communication
17:06 Doormatt If they compromise the machine, then it's compromised, and they'd still be able to read all the config info,
17:07 robert0878 yes but i'm concerned about the other machines
17:07 robert0878 and being in ssh tunnel would make the tcp packet forge impossible
17:07 davet joined #salt
17:07 robert0878 as the minions would not be listening to anything outside of the tunnel
17:08 Gifflen joined #salt
17:09 mikn_ robert0878: it still means you must reach a point in the network where you can actually intercept the tcp packages aimed for the other nodes
17:09 Doormatt robert0878: AFAIK, you can't forge the communication, since they won't have the master's private key.
17:12 jdenning joined #salt
17:12 snap joined #salt
17:12 JasonG_TA joined #salt
17:13 robert0878 Doormatt: you can't forge the authentification phase but you can get in the kept alive tcp connection where it's only using aes and not rsa (which is doable using http://www.secdev.org/projects/scapy/ )
17:13 rojem joined #salt
17:14 Doormatt robert0878: You're getting a little to paranoid, even for my tastes.
17:14 shiin left #salt
17:14 robert0878 mikn_: I don't get it, you mean ssh access to the master where you would be able to listen to ougoing connections?
17:14 prooty i had it setup that way because the include in foo.sls is templated according to a minion's pillar data. if it's for example "a", then a.sls will be included, else b.sls.
17:15 robert0878 Doormatt: I admit :p
17:15 seubert joined #salt
17:15 prooty then the pillar data is dependent on the minion's grains.
17:15 seubert does anyone know of a tutorial that covers saltstack + vagrant that doesn't use salty-vagrant?
17:15 mikn_ robert0878: There are few spots in the network where you can actually evesdrop on the communication not pertaining to your interface. You either need to reach a router or the master to actually even be able to see the information.
17:16 Doormatt mikn_: technically you could arp-poison the network.
17:16 redondos joined #salt
17:16 redondos joined #salt
17:16 mikn_ Doormatt: Well, then it wouldn't be so stealthy anymore. :P
17:16 Doormatt True...
17:17 robert0878 and if you make arp table static you are as paranoid as I am
17:17 Guest78682 hi, i have a salt state that deals with a mount point adding the 'noatime' option (http://pastebin.com/8XUE59UT).  i have "persist" enabled, which works, and "remount" set to True, but it never actually remounts it.  any ideas if i'm missing something?  thanks in advance
17:17 troyready joined #salt
17:17 sandGorgon joined #salt
17:17 Doormatt robert0878: Unless you compile your own compiler from scratch, and read every line of source code for things you compile, I think you're going after diminishing returns here.
17:20 pipps_ joined #salt
17:21 pass_by_value joined #salt
17:22 robert0878 Doormatt: as a non native english speaker, I'm not sure to understand, you mean that I need to trust salt "level of security"?
17:22 freelock_ joined #salt
17:23 Doormatt robert0878: Not so much trust salt, as all parts of the system need to be secured to the same level.
17:23 freelock_ Hello, think I found a bug in salt-cloud digital ocean provider, in error handling
17:23 robert0878 ok
17:23 Doormatt robert0878: For example, it doesn't help you to secure salt to this level, if you have bigger holes in other places.
17:23 freelock_ where should I report it?
17:23 robbyt joined #salt
17:23 Doormatt robert0878: I'm assuming a lot about your needs and requirements though, so please take what I say with a massive grain of...salt.
17:23 Doormatt rpvert
17:24 Doormatt robert0878: Just realized if you're not a native speaker, that might not make sense.  "Take something with a grain of salt" means to not trust it without looking at it yourself.
17:25 JulianGindi joined #salt
17:26 robert0878 yep, i'm still evaluating the use of salt in our organization, and using a cfg mgmt tool is already almost at the boundaries of what is acceptable to us, so stunnel/ssh tunnel with static arp table makes sense
17:27 Doormatt robert0878: Fair enough!  I just personally think that unless you're hosting insanely sensitive data (Which you very well might be), you're in severe overkill.
17:28 robert0878 I understand your point of view :)
17:28 Doormatt Sorry I couldn't be of more help!
17:29 zandy joined #salt
17:30 druonysus joined #salt
17:31 robert0878 i think i'm going to start a thread (tomorrow) on the mailing list about the aes key reuse and "easy" strategies to mitigate that without loosing the essence of salt & 0mq (scalability etc)
17:32 jdenning joined #salt
17:33 bbinet forresta: https://groups.google.com/forum/#!topic/salt-users/za7i08bCdB8
17:35 snave joined #salt
17:35 robert0878 I'm leaving, thanks for the exchange Doormatt
17:39 mohae joined #salt
17:39 mgw joined #salt
17:40 matanya joined #salt
17:48 lineman60 joined #salt
17:50 m4yfield joined #salt
17:55 dpippenger joined #salt
17:56 KyleG joined #salt
17:56 KyleG joined #salt
18:04 JordanRinke joined #salt
18:06 AdamSewell joined #salt
18:06 AdamSewell joined #salt
18:13 Gifflen joined #salt
18:14 zandy joined #salt
18:14 pass_by_value joined #salt
18:18 quanta_ joined #salt
18:19 quanta_ lib.sls
18:19 quanta_ {% macro convert_hostname_to_ip(hostname) -%}
18:19 quanta_ dig.A(hostname)
18:19 quanta_ {%- endmacro %}
18:20 quanta_ template.jinja2
18:20 quanta_ {% from 'lib.sls' import convert_hostname_to_ip %}
18:20 quanta_ [uwsgi]
18:20 quanta_ plugins = carbon
18:20 quanta_ enable-metrics = true
18:20 quanta_ carbon-use-metrics = true
18:20 quanta_ carbon-id = %n
18:20 quanta_ {%- if dig.check_ip({{ pillar['graphite_address'] }}) == 'True' -%}
18:20 quanta_ carbon = {{ pillar['graphite_address'] }}:2003
18:20 quanta_ {%- else -%}
18:20 quanta_ carbon = {{ convert_hostname_to_ip({{ pillar['graphite_address'] }}) }}:2003
18:20 quanta_ {%- endif -%}
18:20 HeadAIX joined #salt
18:20 vbabiy Can pillar data be servered from git repo in a subdirectory? Like salt states can?
18:20 quanta_ and the error:
18:20 quanta_ State: - file
18:20 quanta_ Name:      /etc/uwsgi/carbon.ini
18:20 quanta_ Function:  managed
18:20 quanta_ Result:    False
18:20 quanta_ Comment:   expected token ':', got '}'; line 8 in template:
18:20 quanta_ [uwsgi]
18:20 quanta_ plugins = carbon
18:20 quanta_ enable-metrics = true
18:20 quanta_ carbon-use-metrics = true
18:20 quanta_ carbon-id = %n
18:20 quanta_ {%- if dig.check_ip({{ pillar['graphite_address'] }}) == 'True' -%}    <======================
18:20 quanta_ carbon = {{ pillar['graphite_address'] }}:2003
18:20 quanta_ {%- else -%}
18:20 quanta_ carbon = {{ convert_hostname_to_ip({{ pillar['graphite_address'] }}) }}:2003
18:20 quanta_ {%- endif -%}
18:21 vbabiy quanta_ you are double wrapping
18:21 vbabiy {{ convert_hostname_to_ip({{ pillar['graphite_address'] }}) }}
18:21 forresta quanta_, can you please use pastebin or something?
18:21 forresta vbabiy, http://docs.saltstack.com/ref/pillar/all/salt.pillar.git_pillar.html
18:22 backjlack joined #salt
18:22 vbabiy forresta maybe I am missing something but how would I tell it the pillar data is in sub folder of the repo?
18:22 forresta I don't know if you can since you are using the actual .git data
18:23 forresta I think it just imports the whole repo. I haven't realy messed with that too much?
18:23 forresta *.
18:23 JordanRi1ke joined #salt
18:24 vbabiy Yeah from the looks of it, it seems better to just have 2 repos
18:24 nmistry joined #salt
18:25 * JordanRinke looks around
18:26 quanta_ vbabiy: error at this line: {%- if dig.check_ip({{ pillar['graphite_address'] }}) == 'True' -%}    <======================
18:27 fatbox_ left #salt
18:28 quanta_ vbabiy: not the double wrapping line
18:28 quanta_ vbabiy: I have changed to: carbon = {{ convert_hostname_to_ip(salt['pillar.get']('graphite_address', {})) }}:2003
18:30 scott_w_ joined #salt
18:34 MTecknology seanz: sure thing - pm?
18:35 ajw0100 joined #salt
18:35 seanz MTecknology: Sure.
18:35 sandGorgon joined #salt
18:37 quanta_ any syntax problem with dig.check_ip: {%- if dig.check_ip({{ pillar['graphite_address'] }}) == 'True' -%}
18:37 quanta_ why and where it expect token ':'
18:39 vbabiy quanta_ still double wrapping: : {%- if dig.check_ip(pillar['graphite_address']) == 'True' -%}
18:42 * Gareth throws tiny pickles at JordanRinke
18:44 bemehow joined #salt
18:44 tempspace Has anybody ever included pillars successfully?
18:47 Gifflen joined #salt
18:47 austin987 joined #salt
18:49 tempspace Specifically the default options at http://docs.saltstack.com/topics/pillar/index.html#including-other-pillars
18:49 amckinley joined #salt
18:50 Gifflen joined #salt
18:52 Gifflen joined #salt
18:52 wramthun joined #salt
18:53 quanta_ vbabiy: how do I avoid double wrapping?
18:54 vbabiy if your in a {% %} you don't need to wrap with {{ }}
18:54 vbabiy quanta_ http://jinja.pocoo.org/docs/
18:55 Doormatt {{ convert_hostname_to_ip({{ pillar['graphite_address'] }}) }}  ==>  {{ convert_hostname_to_ip(pillar['graphite_address'])}}
18:55 quanta_ ah, I see, thank you very much!
18:56 KyleG cedwards: Have you noticed any issues with pkgng 1.2.1 and salt?
18:57 AdamSewell does anyone have a good example of a ufw state file?
18:58 bretep @all: We want to start having our own jenkins build our own .dep package of salt. Does anyone know if http://jenkins.saltstack.com/ does this right now, or is it setup to just check the build status of chekins to github or both? Any suggestions?
18:58 forresta bretep, that's specifically for tests
18:59 bretep Got it. When saltstack builds their .deb packages, is it a manual thing or automated?
18:59 forresta AdamSewell, did we discuss ufw before? Or was that someone else? I think when it was discussed before we discussed just a file.managed :\
18:59 forresta bretep, let's ask joehh
19:00 bretep At my previous employment we built our own RPM packages using Koji.
19:00 AdamSewell forresta, i had asked about the order of commands
19:00 forresta joehh1, you around?
19:00 cedwards KyleG: I don't know that I've deployed anything since the latest pkgng updates
19:00 AdamSewell forresta, i had made the changes that you recommended and i'm still getting cut off when using salt-cloud
19:00 AdamSewell so i must be doing something wrong
19:00 forresta lame :\
19:01 forresta my salt-cloud knowledge is pretty weak
19:01 KyleG Ah okay, thanks cedwards, I think I just need to update my pkg config
19:01 forresta I really need to mess with it some more at home
19:01 KyleG I think salt does not know how to handle the error that that needs to be updated
19:01 forresta bretep, I know that joehh1 is building the Ubuntu packages, I don't remember if he builds the debian ones or not.
19:02 bretep We are using ubuntu, so joehh1 would be the one I want to talk to
19:02 forresta bretep, ok yea, it might be a few hours before he respond since it's only 6 AM in Australia
19:03 forresta *responds
19:03 backjlack joined #salt
19:04 AdamSewell forresta, a guy named redbeard or something was suppose to talk with me about another issue i was having with salt-cloud but i haven't seen him around
19:06 cachedout AdamSewell: He had to fly out to meet with a customer this week. He's often around in the evenings, however.
19:06 tempspace AdamSewell: What's the question?
19:06 AdamSewell cachedout, thanks
19:06 AdamSewell tempspace, i'm having an issue with digital ocean and their private networking flag
19:06 bretep Nice! http://jenkins-debian-glue.org/getting_started/
19:06 pipps_ joined #salt
19:07 AdamSewell it's like it's not getting passed during creating for some reason
19:07 davet joined #salt
19:08 KyleG or not :(
19:09 supp joined #salt
19:10 rgbkrk joined #salt
19:11 supp hi anybody know how to use states to install a  software that is not part of a distribution?
19:11 racooper did you consider building your own package for that software and hosting your own local repo?
19:12 supp if i want support, i have to run their installer :(
19:14 bhosmer joined #salt
19:20 bhosmer_ joined #salt
19:22 supp any ideas?
19:29 Doormatt copy the installer to your file backend, and just copy and install it "manually"?
19:40 loconut joined #salt
19:42 loconut I have a jinja template that is accessing a grain and getting a value.. we realized we accidentally used grains['key'] instead of pillars,  there is no grain with the name we're asking for, but it gets the value from pillar despite accessing grains['xxx']
19:42 loconut Can anyone clarify why the grains dictionary has pillars in it? or is it coming from the environment vars?
19:42 cdcalef joined #salt
19:45 thematthopkins joined #salt
19:47 anitak joined #salt
19:48 blee joined #salt
19:50 zandy joined #salt
20:01 pipps joined #salt
20:02 loconut joined #salt
20:07 forresta AdamSewell, yea redbeard2, I have no idea where he's been
20:10 scott_w_ joined #salt
20:18 * Gareth waves
20:24 che-arne joined #salt
20:24 scoates is there for a way for pillar data to refer a sibling?   `foo: bar`, `baz: {{pillar['foo']}}` <-- like that
20:31 cachedout joined #salt
20:32 dvogt joined #salt
20:34 dvogt I think I remember a video from Thomas Hatch explaining how to customize output. If anyone has any pointers that would be great and thanks in advance.
20:38 cdcalef has anybody made bind zone files from their lists of hosts in salt?
20:40 lemao joined #salt
20:41 sandGorgon joined #salt
20:42 shinylasers joined #salt
20:48 cym3try joined #salt
20:48 mgw joined #salt
20:49 scott_w_ joined #salt
20:49 nmistry joined #salt
20:49 whiteinge dvogt: customize output for state runs or general output?
20:50 zandy joined #salt
20:50 cewood joined #salt
20:51 whiteinge scoates: no, although (depending on the exact use case) you can use jinja variables to achieve something similar
20:51 dvogt It is for a custom module that I wrote.
20:51 scoates whiteinge: thanks. I just reworked it. probably better to not poke the nest. (-:
20:51 whiteinge ha :)
20:52 fllr joined #salt
20:53 whiteinge dvogt: ah, so like specifying which kind of data the functions in your module will return?
20:55 dvogt That is correct. Let's say I have an ERROR, i would like to have the return in red, and
20:55 whiteinge i'm not sure about a video, but the aliases module has an example of specifying which outputter to use for various functions
20:55 whiteinge https://github.com/saltstack/salt/blob/develop/salt/modules/aliases.py#L17
20:55 whiteinge available outputters here:
20:55 dvogt I am not sure if makes a difference, but I am also using the salt API.
20:56 whiteinge http://docs.saltstack.com/py-modindex.html#cap-o
20:56 dvogt Thank you, I will take a look at those.
20:56 whiteinge dvogt: salt-api the REST api or the ``import salt.client.api`` api?
20:56 nmistry joined #salt
20:56 dave_den joined #salt
20:58 dvogt Good question, I am using the: import salt.client.  like so:
20:58 dvogt client = salt.client.LocalClient()
20:58 dvogt minions = client.cmd_cli(tgt=mytgt, fun=deployer_module, arg=[application], timeout=1, expr_form='list')
21:01 whiteinge gotcha. you can use those same outputters from there too. the syntax looks like this:
21:01 whiteinge https://github.com/saltstack/salt/blob/develop/salt/runners/jobs.py#L52
21:02 whiteinge (since you're using LocalClient() you can substitude ``__opts__`` in that example for ``client = LocalClient(); client.opts``
21:02 whiteinge )
21:02 JulianGindi joined #salt
21:03 dvogt whiteinge - thank you! I think this gives me a good start.
21:08 anitak joined #salt
21:08 andersb joined #salt
21:09 bhosmer joined #salt
21:11 pipps_ joined #salt
21:13 y0j joined #salt
21:17 jslatts joined #salt
21:19 bhosmer joined #salt
21:21 bhosmer_ joined #salt
21:22 Sheco joined #salt
21:23 pengunix_ joined #salt
21:40 MZAWeb joined #salt
21:44 carlos_ joined #salt
21:44 terminalmage 0.17.2 has been pushed to stable for EPEL6
21:45 terminalmage EPEL5 probably coming in the next couple hours or so
21:45 terminalmage allow 24-48 hours for mirrors to sync
21:45 carlos_ joined #salt
21:45 forresta terminalmage, jeez, about time :P
21:45 forresta so when is 0.17.3 gonna be in epel-testing?
21:45 terminalmage forresta: hey, don't complain, vote it up so it has more karma and doesn
21:45 forresta lol I'm joking man
21:45 terminalmage doesn't have to spend 2 weeks in testing
21:45 terminalmage haha I know
21:46 forresta don't you have to actually HAVE votes to cast?
21:46 terminalmage but in general I would like it if people did that
21:46 forresta you can't just create an account and upvote stuff.
21:46 terminalmage ha, yeah that is true, you need to be a packager I think
21:46 forresta yea that's the problem
21:46 forresta last time I checked at least
21:46 forresta you have to package and get stuffed pushed to the stable channel to earn the credits to vote stuff up
21:46 forresta and you use them when you vote things up it looked like
21:47 terminalmage ahh
21:47 terminalmage EPEL5 now pushed to stable as wellk
21:47 terminalmage *well
21:47 forresta can you vote your own stuff up?
21:47 terminalmage forresta: probably not
21:47 forresta bummer
21:48 forresta That's cool though, now I can tell people who are using EPEL that they should upgrade from 0.17.1
21:50 zandy joined #salt
21:52 zandy_ joined #salt
21:52 cdcalef joined #salt
21:53 bersace joined #salt
21:57 alunduil joined #salt
22:02 sroegner ll /usr/lib
22:02 sroegner oops
22:02 forresta sroegner, always fun when that happens
22:03 sroegner ya
22:04 sroegner speaking of which - i see some significant runtime difference of my stack of formulas between RedHat/Amazon and Ubuntu
22:04 sroegner 0.17.2 both
22:04 forresta terminalmage, just saw your pull request 8958, is the primary reason to keep yumpkg support around instead of moving to 5?
22:04 sroegner same code both
22:04 forresta sroegner, are you installing packages?
22:04 forresta and how significant is significant
22:04 sroegner is there a procedure for profiling describied anywhere?
22:04 forresta not that I know of
22:05 terminalmage forresta: the truth of it is that the rpm/yum API is horrible
22:05 terminalmage it's an abomination
22:05 sroegner 12 vs. 17 minutes for execution incl. downloads
22:05 sroegner full hadoop stack + some extras
22:05 forresta sroegner, are all the machines hosted on AWS?
22:05 terminalmage forresta: https://github.com/saltstack/salt/issues/8226#issuecomment-29664936
22:05 terminalmage this isn't the first time we've had an issue with the API cause problems
22:05 forresta terminalmage, yea I saw an email on that one
22:05 sroegner yes but creating the lowstate is slower even locally in vagrant
22:06 forresta sroegner, did you already enable debug logging to see if that provides any hints
22:06 terminalmage a few weeks ago I fixed a bug where there was no verification done if a package had other packages that depended on it, and you tried to remove it, it also removes the dependencies
22:06 forresta really??
22:06 terminalmage yep
22:06 forresta that doesn't happen with just plain yum
22:06 terminalmage yeah no kidding
22:06 forresta why is the API such crap?
22:06 * terminalmage shrugs
22:07 terminalmage I didn't write it
22:07 forresta should rewrite it :P
22:07 terminalmage ha, no
22:07 forresta you've got plenty of free time right?? RIGHT!
22:07 terminalmage should nuke it from orbit, is more like it
22:07 forresta how would you interface with yum then
22:08 terminalmage just using the existing yumpkg5 module
22:08 terminalmage it works just fine
22:08 sroegner hostname
22:08 sroegner darn
22:08 forresta two for two here sroegner
22:08 terminalmage it's just that someone decided long ago that we needed to have a pure python option, since there's an API
22:08 terminalmage there's really no reason to have both
22:09 vptr joined #salt
22:09 nmistry joined #salt
22:09 forresta ahh ok, for some reason I thought that the module used the api
22:10 terminalmage nah, yumpkg5 (named because it is used by RHEL5) just wraps the yum cli
22:10 forresta ahh gotcha
22:10 terminalmage which is what we do for apt, zypper, et al
22:10 jcockhren are we nuking APIs from orbit?
22:12 terminalmage jcockhren: just rpm/yum
22:12 jcockhren nuke all the things
22:13 terminalmage forresta: on one of my dev VMs, I was testing pkg states that try to remove packages that are required by other packages
22:13 terminalmage forresta: I chose python, arbitrarily
22:13 terminalmage it proceed to uninstall about half my packages, including yum, rpm, and most of what else I needed
22:13 terminalmage instabrick-ed the VM
22:13 forresta lol
22:13 forresta that sucks
22:14 terminalmage yeah... luckily for some reason I already had netcat installed
22:14 terminalmage I was able to tar and netcat my files from the VM to my laptop
22:14 terminalmage or else I'd have lost everything I was working on
22:14 terminalmage in addition to my RPM building environment
22:15 terminalmage for fedora/epel
22:15 terminalmage neither of which would cripple me, but would be a pain in the butt to get set back up
22:15 cdcalef does a rsa pub key have to be file.managed before it can be used with ssh_auth?
22:15 cdcalef key file never gets into the minions cache directory
22:16 seanz joined #salt
22:16 forresta terminalmage, oh man that's scary
22:17 sroegner forresta: on the runtime difference - of course I forgot the massive apt-get updateat the beginning of the bootstrap
22:17 terminalmage yeah, and netcat is not part of the default install, so I must have used it as a pkg target when testing something
22:17 terminalmage so it was just dumb luck that it was there in the first place
22:18 forresta sroegner, oh yea that would make sense.
22:18 forresta sroegner, you don't HAVE to do that if you pass the option
22:18 forresta terminalmage, yea that's crazy
22:18 forresta terminalmage, did you rebuild then create a backup image?
22:18 forresta terminalmage, on the note of backups, how is that service working with the blowfish key?
22:18 bhosmer joined #salt
22:19 sroegner forresta: it all comes out of salt-cloud and I'd like to avoid messing with the script itself
22:20 forresta sroegner, fair enough
22:20 terminalmage forresta: actually, I just rebuilt, but I could have re-downloaded the image from my online backup. It does scheduled backups so a "good" copy would have still been there\
22:21 forresta terminalmage, ahh alright, smart
22:21 jfzhu_us joined #salt
22:21 terminalmage only problem is I would still have lost whatever had been changed since the last backup
22:21 terminalmage I did use that service to re-download my dev VMs though after I had my laptop sent in for repair
22:22 terminalmage I refused to give them my encryption key
22:22 forresta yea I wouldn't either
22:22 forresta lol, how do you even phrase that 'sir we need access to your secure online backup to redownload files'
22:23 harobed joined #salt
22:24 jaustinpage joined #salt
22:24 terminalmage no, I meant my key for my laptop
22:24 harobed joined #salt
22:24 terminalmage it's encrypted
22:28 elfixit joined #salt
22:30 cnelsonsic joined #salt
22:33 forresta terminalmage, oh ok
22:34 cdcalef anybody use ssh_auth to distribute ssh keys?
22:34 JulianGindi joined #salt
22:36 jcockhren cdcalef: I do
22:38 amckinley joined #salt
22:38 jcockhren problem solved! \o/
22:38 cdcalef can you show me a snippet?
22:39 cdcalef my key files aren't getting to my minions :(  my init.sls is though
22:41 jcockhren one sec
22:41 pipps joined #salt
22:43 jdenning joined #salt
22:44 cdcalef :)
22:46 kermit joined #salt
22:46 zooz joined #salt
22:47 harobed joined #salt
22:49 Ryan_Lane joined #salt
22:50 zandy joined #salt
22:51 jcockhren cdcalef: need a pillar and top file as well?
22:52 cdcalef umm sure
22:52 cdcalef don't need it but i wouldn't mind seeing
22:53 MTecknology joined #salt
22:53 cdcalef my biggest problem is that my key file isn't getting to the minion and the minion doesn't like that.
22:53 MTecknology So... my issues are already fixed and now I need to wait for 0.17.3. I think that will be the version that I stick with for a year or two.
22:54 jcockhren https://gist.github.com/jcockhren/339ea523ed9aa63ee8d0
22:54 jcockhren cdcalef: ^
22:55 jcockhren I just push the actual pub key in my pillar
22:55 jcockhren not the file
22:56 joehh1 forresta, bretep: morning
22:56 cdcalef hmm. yeah you're doing it a different way it seems.
22:56 cdcalef i'm using source: and a file
22:56 cdcalef i don't want to gack up my file with a bunch of partial ssh keys.
22:57 cdcalef i suppose i could just do it with file.managed
22:59 joehh1 I actually do the debian packaging - just help out with ubuntu
23:00 joehh1 the jenkins builds (as far as I know) just do the git develop branch
23:00 joehh1 they use the packages from the ppa to install the dependencies, but hten do an install via git
23:01 joehh1 there is the salt-daily ppa which does nightly packaing automatically of the git develop branch
23:03 btorch does pillar has anything like "if {% grains['host'] startswith 'ftp' %}" ?
23:03 scott_w_ joined #salt
23:03 frosty996 joined #salt
23:04 frosty996 anyone have an example of using salt mine info in a state? My google-fu isn't turning anything up
23:04 bemehow_ joined #salt
23:05 forresta joehh1, ahh thanks joehh1, I completely forgot.
23:06 scott_w__ joined #salt
23:07 fridder joined #salt
23:08 jfzhu_us joined #salt
23:14 joehh1 bretep: interesting - the guy (mika) who does debian-jenkins-glue used to do the debian packaging for salt
23:15 canci joined #salt
23:16 joehh1 the general (ie major release) debian (and ubuntu) packaging is done manually, could be automated, but hasn't yet
23:18 canci joined #salt
23:18 joehh1 main reason is the last few releases have had some minor patching to build on each release
23:19 joehh1 see http://patch-tracker.debian.org/package/salt/0.17.2-3
23:19 joehh1 some are minor improvements (ie inclusion of release notes), others are required for building with particular versions of sphinx/docutils
23:19 cdcalef ooo i like how if you replace a file with file.managed it actually shows you a diff.  classy.
23:20 dave_den joined #salt
23:24 bemehow joined #salt
23:28 MTecknology joined #salt
23:29 anitak Guys, may I ask for your help with Salt's scheduler?
23:30 anitak I have my schedule configuration in pillar
23:30 anitak I am basically running a bunch of munin.run functions and have carbon set as the returner
23:30 anitak since 0.17.2 (I think, not sure though), I don't see any schedule being executed at all on the minions
23:30 anitak I have them run in debug mode
23:31 N-Mi joined #salt
23:31 N-Mi joined #salt
23:31 anitak running the same function manually via salt or salt-call works fine
23:34 jcockhren anitak: post your scheduler in a gist
23:34 KyleG cedwards: Do you know if anything changed recently with the freebsdpkg module? I haven't gone through the commits yet, but it seems something weird is going on
23:34 KyleG https://gist.github.com/kylegato/acbae85b4555754bddc0
23:34 KyleG also the command should be "pkg info" not pkg_info
23:35 jcockhren anitak: remember the pillar that contains the scheduler has to be made available to the minions
23:35 jcockhren top.sls and all
23:35 anitak yup
23:35 scott_w_ joined #salt
23:35 anitak I run salt 'minion id' pillar.get schedule
23:35 anitak and the whole schedule turns up
23:36 jcockhren what;s your returner?
23:36 anitak carbon
23:36 anitak thing is…this used to work
23:36 anitak then I discovered I had no new metrics in graphite anymore...
23:36 jcockhren until you upgraded to 0.17.2?
23:36 higgs001 joined #salt
23:36 KyleG cedwards: I'm assuming there's some sort of logic that determines weather to use pkgng module or freebsdpkg module, since they're both named "pkg" in the state
23:36 KyleG and that's probably where something went wrong..
23:38 KyleG I'm thinking it's gotta be that logic. Because freebsdpkg module runs "pkg_info" but pkgng does "pkg info" and I never had this issue before so that's my guess
23:39 anitak jcockhren: https://gist.github.com/anitakrueger/7797640
23:40 anitak I am still in the development stage for graphite…so it may have been 0.17.1…I didn't really notice until yesterday
23:40 KyleG basepi: I see you touched https://github.com/saltstack/salt/issues/8988 so maybe there's something related
23:40 cnelsonsic joined #salt
23:41 MTecknology WOOHOO!!! I finally have IPv6 and ip6tables working correctly on my server!
23:42 KyleG terminalmage: I see you re-wrote the freebsd pkg stuff, any recommendations?
23:42 MTecknology Once 0.17.3 is released for rhel, all of the bugs I've been fighting this week should be resolved!
23:42 Ryan_Lane joined #salt
23:42 jcockhren anitak: looks correct
23:42 jcockhren hmm
23:42 anitak I don't even see the schedule being executed on the minion
23:42 anitak at all
23:43 bhosmer joined #salt
23:43 terminalmage KyleG: recommendations for what?
23:43 KyleG On what might be the issue I'm seeing……Salt is now using pkg_info instead of "pkg info" and it's breaking my highstates
23:44 KyleG https://gist.github.com/kylegato/acbae85b4555754bddc0
23:44 terminalmage are you running from develop?
23:44 pdayton joined #salt
23:44 KyleG 0.17.2
23:44 terminalmage ok, the rewrite didn't make it into 0.17.0
23:44 terminalmage so it's not in 0.17.2
23:44 KyleG Hrm, okay
23:44 KyleG Still weird that this is suddenly broken…..
23:45 KyleG As far as I understand the syntax hasn't changed (pkg.install)
23:45 terminalmage KyleG: I think the old freebsdpkg (pre-rewrite) looked for the pkgng sqlite database
23:45 terminalmage and if it found it, it would try to use "pkg"
23:46 terminalmage instead of the pkg_XXXX commands
23:46 terminalmage but it wasn't necessarily doing it correctly
23:46 terminalmage that's why it was badly in need of a rewrite
23:47 terminalmage among other things, like neither pkg_add nor pkgng support being fully-implemented
23:47 KyleG Okay, so the next release/develop should solve my issues?
23:47 KyleG I should be able to put develop on one of my minions and test it now
23:48 jcockhren anitak: yeah. I don't know what happening. What does the logs on you master say?
23:48 terminalmage yes, it should
23:48 terminalmage though, if your minion is pre freebsd 10, it is going to use pkg_add by default
23:48 KyleG We're 9.1 and 9.2
23:48 KyleG But we use pkgng
23:48 terminalmage so if you are running a freebsd 9 minion and want to use pkgng, you need to override the provider, instructions are in the docs
23:49 terminalmage KyleG: http://docs.saltstack.com/ref/modules/all/salt.modules.freebsdpkg.html?highlight=freebsdpkg#salt.modules.freebsdpkg
23:49 snave joined #salt
23:49 KyleG I'll give that a   go
23:49 KyleG Thank you
23:50 terminalmage no prob
23:50 zandy joined #salt
23:50 pass_by_value joined #salt
23:51 KyleG terminalmage: Do you mean the providers will work w/ Develop but not my current version?
23:51 anitak jcockhren: nothing :( it's like the scheduler doesn't exist
23:51 KyleG because I tried that and I got a different error this time
23:51 anitak is there any way to "kick off" a schedule manually?
23:51 jcockhren not that I know of
23:51 terminalmage KyleG: yes you need to be on develop to get the new freebsd package management code
23:52 jcockhren anitak: though. my schedulers works just fine
23:52 terminalmage or you can wait until the next feature release, due sometime this month
23:52 jcockhren "works on my machines"
23:52 anitak sigh
23:52 jcockhren I know right
23:52 erchn joined #salt
23:52 jcockhren it kind of difficult to debug it without debugging info
23:53 anitak I know
23:53 anitak let me take out the carbon returner...
23:53 erchn hi all, anyone know of a simple way to specific an epel mirror when using salt-cloud?  For the bootstrap portion specifically.
23:53 jcockhren yeah. push it to syslog
23:54 erchn specific=specify

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary