Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2013-12-08

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:09 gadams999 joined #salt
00:15 zooz joined #salt
00:17 redondos joined #salt
00:17 redondos joined #salt
00:21 zandy joined #salt
00:24 sroegner joined #salt
00:37 sroegner joined #salt
00:59 rojem joined #salt
01:06 njs126 joined #salt
01:12 anitak1 joined #salt
01:15 rojem joined #salt
01:15 nicksloan left #salt
01:18 futurisk joined #salt
01:21 zandy joined #salt
01:29 bhosmer joined #salt
01:29 higgs001 joined #salt
01:36 snuffeluffegus joined #salt
01:37 futurisk joined #salt
01:38 futurisk_ joined #salt
01:38 futurisk1 joined #salt
01:39 futurisk2 joined #salt
01:43 futurisk joined #salt
01:46 futurisk joined #salt
01:47 quanta_ joined #salt
01:47 fllr joined #salt
01:58 jslatts joined #salt
02:11 che-arne joined #salt
02:17 vu joined #salt
02:21 zandy joined #salt
02:23 bhosmer joined #salt
02:47 zandy joined #salt
02:47 brad_ joined #salt
02:49 quanta_ joined #salt
02:49 Guest21537 What does "Comment:   Service mysqld has been enabled, and is dead"    mean
02:50 quanta_ joined #salt
02:50 bradnow it is supose to be started  "- enable: True"
02:58 bradnow "Service mysqld has been enabled, and is dead" how can it be enabled and dead at the same time?
02:58 nmistry joined #salt
03:15 rope_ bradnow: probably enabled, so it started and then died
03:17 rope_ I use solaris (so SMF keeps track of restarting/warningme) but assume theres something similar on Linux
03:21 bradnow it i just really strange that the same salt script works on a vm that I order from a hosting company but on my own kvm vm it gets there errors
03:21 bradnow http://pastebin.com/uUgqMBZz
03:23 alunduil joined #salt
03:27 xl1 joined #salt
03:35 altj so, I'm tinkering with salt and have a question about restricting access to sls files.  I'd like to have a bunch of minions, but don't want all of the minions to have access to the sls files that the others use.
03:35 altj I'm looking into pillar, but think I might be heading in the wrong direction
03:36 forresta Guest21537, on a linux system (at least centos/rhel), enabled means it's enabled for the run levels, usually 3 for most servers.
03:37 forresta altj, ok, so why don't you use http://docs.saltstack.com/ref/configuration/master.html#std:conf_master-file_roots
03:37 forresta altj, file_roots are awesome
03:39 altj forresta: I tried that but the minion cached all of the files from each of the file roots even though this particular minion only matched on 2 of the roots.  Let me recreate my test and pastebin my configs.
03:40 forresta oh you actually want the data to be protected?
03:40 forresta hmmm
03:40 forresta altj, what reason do you want to do that?
03:40 altj not necessarily protected, I just don't want non-applicable files copied down to the minion
03:40 altj but protected would work too :-)
03:41 forresta altj, ok in that case looking at pillars is the right way to go.
03:41 altj ok... here's my use case...
03:41 forresta honestly probably a combo of file_roots, and pillars.
03:42 altj I'm managing a bunch of servers for a few clients.  and don't want a minion to have access to files relating to other clients of mine.
03:42 forresta oh I see
03:42 forresta why not use a masterless minion?
03:42 forresta so each machine is a masterless minion for that specific client, and you just push the associated files up there.
03:42 forresta or hook them into your git repo or whatever.
03:43 altj hmmm
03:43 altj maybe
03:43 forresta altj, other than that, the only thing I can think of would be to have jails on your main machine, with multiple salt instances running
03:44 forresta how many boxes does the average client have that you use?
03:44 altj some of the clients have 5-10 servers that are almost identical.  It would be nice to be able to simultaneously work on those similar servers.
03:44 altj some only have 1, so there's a bit of a variation.
03:44 forresta altj, are they hosted on internal networks? Where were you planning on putting your master?
03:45 altj master was going to be on the public internet, with IP based firewall rules restricting access.
03:45 altj multiple master instances might be the way to go
03:45 forresta hmm, I think that is a security concern
03:46 altj what kind of security concern?
03:46 forresta well, multiple clients being hooked into your system, there's also the (slight) chance you could fall prey to a man in the middle attack where someone spoofed your master.
03:47 forresta altj, it's not as powerful or as fast as normal Salt is, but what about using salt-ssh? http://docs.saltstack.com/topics/ssh/
03:47 forresta I haven't tried multiple environments, but if you set up your roster with specific environments per client, maybe that would work? Or just multiple salt-ssh instances.
03:48 altj salt-ssh would simplify what I'm doing currently (ssh w/shell scripts)  I'll look into it.
03:48 forresta altj, ok cool.
03:50 forresta altj, let me know what you do, might be good as a use case for others
03:50 altj forresta: do you see a way of accomplishing it with pillars?
03:50 altj a somewhat easy way?
03:50 forresta altj, not as far as I know, because the states are going to be pulled.
03:51 forresta I don't think there's a way to force states to only be pulled by specific machines...
03:51 forresta altj, it might be worth posing on the mailing list, someone else might have a good solution.
03:51 altj hmm, maybe a mix of salt-ssh and masterless minions
03:51 forresta depending on the client that could work
03:54 redondos joined #salt
03:59 altj forresta: speaking of man in the middle attacks, it would be kinda nice if salt-key showed a fingerprint of the minion's pub key that could be easily verified directly on the minion (I think puppet does this when accepting new clients)
04:00 forresta You can view the key within the pki directory on the minion.
04:01 altj true.  I find fingerprints easier to look at and verify.    I might be able to hack out a pull request with that in it.  (depends on how quickly I get through this other work I need to get done)
04:02 forresta altj, yea that's fair
04:02 altj the minion could even just output it in the log along with the "this salt minion will wait for 10 seconds before attempting to re-authenticate" message.
04:03 forresta That's not a bad idea, you should see if someone opened an issue on that already, it might have some details!
04:04 altj hehe.. oh, look at that.. 'salt-key -F'
04:05 forresta oh even better
04:05 * altj should RTFM
04:05 forresta I don't think I've ever seen someone use -F :P
04:09 higgs001 joined #salt
04:11 sroegner joined #salt
04:14 fllr joined #salt
04:21 redondos joined #salt
04:23 sroegner joined #salt
04:33 brad_ joined #salt
04:34 Bradnow well mysql is set to start but it did not start on centos
04:34 Bradnow any suggestions on how to figure out why it is not starting
04:41 nmistry joined #salt
04:44 prooty joined #salt
04:47 sandGorgon joined #salt
04:47 forresta Bradnow, what happens when you start the service from the server?
04:52 prooty hi. is there a way to pass context variables to the source of a cmd.script, similar to the defaults argument in file.managed?
04:54 forresta not as far as I'm aware prooty, are you unable to simply pass the variables to the command?
04:56 Bradnow shit looks like there are diffrences in centos versions
04:56 prooty forresta, i wanted to use it as a part of a path. like /foo/{{ bar }}/baz
04:57 prooty i was also looking at the env argument, but either it's not working or i don't know how to use it.
04:57 forresta are you actually running a script, you reference, or is it running straight from the sls?
04:57 prooty it's a cmd.script state. i'm running it in the minion.
04:57 forresta oh duh was looking at the wrong thing
04:58 forresta so you want to use a variable in the name where the script lives? Or you have variables in the script?
04:58 forresta because you can just use - template: jinja, then use jinja variables in the script like anything else.
04:59 prooty ok, so how do i pass jinja variables to the source of the cmd.script?
04:59 forresta in your script you reference the jinja variables, and just use the - template option
04:59 forresta let me see if I can find a similar example
05:00 forresta ok, not identical, but similar so here in file.managed: https://github.com/gravyboat/hungryadmin-sls/blob/master/salt/hungryadmin/app.sls#L76
05:00 forresta I use - template: jinja
05:00 forresta then in this config file: https://github.com/gravyboat/hungryadmin-sls/blob/master/salt/hungryadmin/files/hungryadmin.conf
05:00 forresta you can see me referencing pillar data.
05:01 prooty i understand that pillars and grains can be accessed through jinja variables, but can i set my own variable and pass it?
05:01 forresta within the state?
05:01 forresta yea sure: https://github.com/gravyboat/hungryadmin-sls/blob/master/salt/hungryadmin/app.sls#L1
05:01 forresta I'm pulling that from pillar, but it could just as easily be = 'blah'
05:02 forresta prooty, or am I confused as to what you're asking?
05:03 prooty yeah, but you got that from the pillar. i guess we're not really understanding each other. could you take a look at the file states (http://docs.saltstack.com/ref/states/all/salt.states.file.html)? there is a defaults argument there.
05:03 prooty i'm looking if that functionality is also available in cmd.script.
05:04 forresta I don't think so, pretty sure you'd have to set a local jinja variable.
05:04 forresta I mean it supports kwargs
05:04 forresta so TECHNICALLY it should support whatever you want, so I'd say try passing defaults, see what happens
05:05 prooty okay, i'll try that. have you also used the env argument in cmd.script before?
05:05 forresta never, I haven't used cmd.script before
05:06 prooty i see. thanks for your help.
05:06 forresta np, wish I had more for you :P
05:22 redondos joined #salt
05:36 prooty joined #salt
05:37 forresta any luck prooty?
05:38 prooty i haven't tried it yet, sorry. i'll post here when i do.
05:38 forresta no rush
05:41 ckao joined #salt
06:23 redondos joined #salt
06:26 prooty joined #salt
06:38 matanya joined #salt
06:47 quanta_ joined #salt
06:59 bhosmer joined #salt
07:09 terminalmage joined #salt
07:10 sandGorgon joined #salt
07:26 redondos_ joined #salt
07:36 quanta_ joined #salt
07:42 sroegner joined #salt
07:45 thelorax123 joined #salt
07:48 sandGorgon joined #salt
08:26 redondos joined #salt
08:26 redondos joined #salt
08:39 fllr joined #salt
08:40 thelorax123 joined #salt
08:40 mortis joined #salt
08:41 fllr joined #salt
08:56 ajw0100 joined #salt
09:01 nmistry joined #salt
09:07 sandGorgon joined #salt
09:14 juso joined #salt
09:27 redondos joined #salt
09:30 sroegner joined #salt
09:32 _mohshami joined #salt
09:33 fllr joined #salt
09:34 _mohshami hey guys, I'm trying to reload postfix with salt using "/usr/local/sbin/postfix reload" I'm either getting no output or "fatal: the postfix command must not run as a set-uid process" Any idea what I'm missing? running freebsd btw
09:34 waverider joined #salt
09:35 waverider left #salt
09:35 thelorax123 joined #salt
09:41 fllr joined #salt
09:53 Katafalkas joined #salt
10:06 xl1 left #salt
10:09 dvogt joined #salt
10:28 redondos joined #salt
10:41 fllr joined #salt
10:49 sinh joined #salt
11:19 sroegner joined #salt
11:29 redondos joined #salt
11:41 fllr joined #salt
11:43 _fllr_ joined #salt
12:12 Sheco joined #salt
12:15 whyzgeek joined #salt
12:28 zandy joined #salt
12:29 redondos joined #salt
12:41 fllr joined #salt
12:44 backjlack joined #salt
13:02 fuser joined #salt
13:03 bhosmer joined #salt
13:08 sroegner joined #salt
13:30 redondos joined #salt
13:31 sroegner joined #salt
13:41 fllr joined #salt
13:47 rhand joined #salt
13:51 gadams999 joined #salt
14:07 bhosmer joined #salt
14:14 MrTango joined #salt
14:16 nocturn joined #salt
14:16 nocturn joined #salt
14:28 MK_FG joined #salt
14:29 zooz joined #salt
14:30 jslatts joined #salt
14:31 redondos joined #salt
14:35 NotreDev joined #salt
14:41 fllr joined #salt
15:13 anuvrat joined #salt
15:15 gavit joined #salt
15:15 gavit hey
15:15 gavit anyone know how to check if win7 minion works?
15:24 Ryan_Lane joined #salt
15:32 redondos joined #salt
15:40 backjlack joined #salt
15:41 fllr joined #salt
15:46 xmltok joined #salt
16:29 quickdry21 joined #salt
16:33 redondos joined #salt
16:36 zandy joined #salt
16:41 fllr joined #salt
16:48 anitak joined #salt
17:03 AdamSewell joined #salt
17:05 fllr joined #salt
17:07 zandy joined #salt
17:15 Katafalkas joined #salt
17:32 matanya joined #salt
17:34 redondos joined #salt
17:36 Corey So what've I missed?
17:51 zandy joined #salt
18:03 nmistry joined #salt
18:03 amahon joined #salt
18:04 Katafalk_ joined #salt
18:04 pdayton joined #salt
18:05 smccarthy joined #salt
18:11 nmistry joined #salt
18:15 elfixit joined #salt
18:21 zandy joined #salt
18:29 sroegner joined #salt
18:34 redondos joined #salt
18:39 nmistry joined #salt
18:44 scristian hi, did anyone tried a recent version of halite ? is stable or still in heavy dev ? thanks
18:45 cowyn_ joined #salt
18:45 snow_ joined #salt
18:47 fatbox_ joined #salt
18:49 Damoun_ joined #salt
18:50 elfixit1 joined #salt
18:50 dnsn_ joined #salt
18:50 hotbox joined #salt
18:53 flebel_ joined #salt
18:56 sroegner joined #salt
18:56 ebodine joined #salt
18:56 hotbox joined #salt
18:57 yota joined #salt
18:57 xet7 joined #salt
18:57 njs126 joined #salt
18:58 dccc joined #salt
18:58 whyzgeek joined #salt
19:02 mnemonikk joined #salt
19:02 _fllr_ joined #salt
19:05 ertac joined #salt
19:08 zooz joined #salt
19:14 nocturn joined #salt
19:14 nocturn joined #salt
19:21 whyzgeek joined #salt
19:21 anitak joined #salt
19:21 zandy joined #salt
19:26 mnemonikk joined #salt
19:28 bhosmer joined #salt
19:35 redondos joined #salt
19:35 xinkeT joined #salt
19:40 dvogt_ joined #salt
19:40 BrendanGilmore joined #salt
19:41 Daviey joined #salt
19:43 quickdry21 joined #salt
19:49 nicksloan joined #salt
19:49 nicksloan left #salt
19:51 anitak joined #salt
20:11 Daviey joined #salt
20:13 cowyn_ joined #salt
20:16 quickdry21_ joined #salt
20:17 pengunix joined #salt
20:21 zandy joined #salt
20:29 Daviey joined #salt
20:34 Katafalkas joined #salt
20:36 redondos joined #salt
20:41 Gifflen joined #salt
20:43 MrTango joined #salt
20:56 anitak joined #salt
20:59 AdamSewell joined #salt
21:00 giantlock joined #salt
21:07 sgviking joined #salt
21:10 cewood joined #salt
21:18 redbeard2 joined #salt
21:18 redbeard2 left #salt
21:21 zandy joined #salt
21:23 esogas_ joined #salt
21:35 higgs001 joined #salt
21:37 redondos joined #salt
21:42 bhosmer joined #salt
21:43 minibox joined #salt
21:44 Sheco joined #salt
21:45 forresta joined #salt
21:55 robbyt joined #salt
21:56 ajw0100 joined #salt
21:58 pdayton joined #salt
22:05 forresta Jeez steveoliver, now I feel like I HAVE to go back and fix the typos in that blog post :P
22:05 steveoliver :) bah!
22:06 steveoliver don't worry about that :)
22:06 forresta no one is actually supposed to visit that, it's just to look good for interviews!
22:07 steveoliver with a domain name like that … i had to check it out
22:07 forresta lol, yea I have been slacking on getting some cooking posts up there
22:07 forresta 'well rounded individual' and all that jazz
22:07 steveoliver cobblers' shoes…
22:08 forresta hah
22:12 JulianGindi joined #salt
22:13 smccarthy joined #salt
22:16 bhosmer joined #salt
22:21 zandy joined #salt
22:25 fllr joined #salt
22:32 BrendanGilmore joined #salt
22:33 brendangilmor joined #salt
22:37 redondos joined #salt
22:47 Daviey joined #salt
22:53 forresta Is anyone around that knows they're going to saltconf but hasn't registered for a hotel yet? It's the same price for a double as a single, so if someone wants to split a hotel room to save some cash I'd be down.
23:07 jacksontj joined #salt
23:10 arapaho joined #salt
23:11 Gifflen joined #salt
23:11 fllr joined #salt
23:16 jacksontj joined #salt
23:21 zandy joined #salt
23:37 higgs001 joined #salt
23:38 redondos joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary