Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-01-08

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 Ahlee fr0de: enterprise environments that's not uncommon.
00:00 misc1 I don't disagree, but from my experience many traditional shops are like that
00:00 Ahlee you can get by without a language.
00:00 misc1 ahlee: exactly
00:00 Ahlee also, there's a lot of issues that script heavy shops experience that 'traditional' systems don't
00:00 fr0de sure, you can get by, but man, what tedium to do everything manually
00:00 rojem joined #salt
00:01 Ahlee fr0de: that's what L1 and interns are for, man
00:01 Ahlee you can hire 'em for a dollar a dozen
00:01 fr0de hahaha
00:01 higgs001 joined #salt
00:01 misc1 haha, if the budget allows for them
00:01 Ahlee hell, in the us you don't even have to pay them sometimes
00:01 rojem joined #salt
00:01 Ahlee and they _jump_ at the opportunity
00:01 Ahlee but, that's another discussion for another time ;)
00:01 misc1 yep
00:02 DavidEzek joined #salt
00:02 elithrar joined #salt
00:03 fr0de yeah, I watched The Internship :)
00:04 misc1 ahlee: thanks for the info, greatly appreciated.  i will dig around more and see if salt is something that could gain some traction here.
00:04 Ahlee no problem
00:05 funzo joined #salt
00:10 * Gareth takes a page from terminalmage's book and uses a long commit message
00:11 terminalmage Gareth: :)
00:12 jsivak joined #salt
00:13 jsivak left #salt
00:14 ekristen http://docs.saltstack.com/ref/states/top.html <— where it talks about repos.ubuntu or repos.epel, what would those state files look like?
00:15 terminalmage ekristen: search for pkgrepo states in the docs
00:15 terminalmage pkgrepo.managed I believe it is called, specifically
00:18 JasonSwindle joined #salt
00:21 foxx joined #salt
00:22 ConceitedCode joined #salt
00:36 xmltok joined #salt
00:48 rgbkrk joined #salt
00:50 anuvrat joined #salt
00:52 Ryan_Lane2 can salt-cloud be backed by hiera, rather than yaml files?
00:53 Ryan_Lane2 or maybe via pillars (which can be backed by hiera)?
00:54 andrej Assuming I wanted to make sure that a packages config file, e.g. the ntp I did earlier, was in a sensible state, and ran a state.sls ntp against our fleet on a regular (timed) basis; is there a way to make salt send me an e-Mail if the config file differed?
00:54 MindDrive Hello, folks... so, after getting ticked off by MCollective once too many times, I'm looking at trying out Salt for a replacement.  The current main use for MCollective is with an application we have here at our company that lets developers do their own application deployments.  Basically there are a set of 'client' systems that make an MCollective call (as the logged in user) which then on each matching agent server runs a Python program a
00:54 MindDrive s root.  I'm trying to work out an equivalent setup that would work with Salt instead, though the current documentation I've read through makes it seem like it might be a bit of a challenge, since I don't want to reduce security in the process of replacing things.  Can anyone suggest specific documentation or information on the Web that might help point me in the right direction?
00:54 MindDrive (Or offer suggestions on how to go about it would be fine as well.)
00:56 Ryan_Lane2 MindDrive: well....
00:56 Ryan_Lane2 I haven't really upstreamed this well enough for easy use, but: https://github.com/trebuchet-deploy/trebuchet
00:56 Ryan_Lane2 https://github.com/trebuchet-deploy/trigger
00:57 MindDrive Ryan_Lane2: Taking a look right now...
00:58 funzo joined #salt
00:59 andrej MindDrive - how would using salt reduce security? Or which part of the doco made you think it might?
00:59 bhosmer joined #salt
01:05 MindDrive andrej: the comments in the /etc/salt/master file for client_acl (which is the initial way I was considering how to make this work) indicated that care must be taken, so I want to make sure whatever method I use I don't accidentally open up the ability for a non-root user to run whatever they want.
01:06 Ryan_Lane2 oh, no worries about that
01:06 MindDrive Ryan_Lane2: It looks interesting, though it obviously duplicates a lot of what our deployment system already does, so I'd need to dig a bit to see if I can extract the information specific to what I need.  Please note that I'm very new to Salt (even though I've known about it for nearly two years), so I'm still in the process of learning.
01:07 Ryan_Lane2 right. what I linked to is a full deployment system
01:08 jslatts joined #salt
01:10 MindDrive Ryan_Lane2: http://blog.tagged.com/2012/10/tech-talk-tagged-deployment-system/ - an old talk from the beginning of the development of our deployment system; we're in the process of a bit of a rewrite to make the system even more robust and capable (along with fixing some flaws from the initial system).  My primary goal right now is to have a mostly drop-in replacement for the MCollective section (after the rewrite a public release is planne
01:10 MindDrive d, so trying to keep things modular to allow for pluggable backends).
01:13 Ryan_Lane2 ah. heh. I think patrick wants to use https://github.com/Git-Tools/git-deploy as your frontend
01:13 Ryan_Lane2 I had contributed to that, but decided I wanted to keep everything apache2 licenced and wrote trigger from scratch ;)
01:14 funzo joined #salt
01:15 MindDrive Wait, have we met before? :)  (I know Patrick introduced me to someone before the holidays, but my memory is so terrible with names...)
01:15 Ryan_Lane2 you're thinking of ryan faulkner maybe? or did we meet in the wikimedia offices at my going away?
01:16 Ryan_Lane2 I have design docs, if you'd like to see how I wrote mine using salt: https://wikitech.wikimedia.org/wiki/Trebuchet/Design
01:16 Ryan_Lane2 I haven't updated github with the docs yet
01:16 MindDrive I can't even remember the first name, sadly; the person came to Tagged for lunch last month and we chatted for a bit.
01:17 Ryan_Lane2 ah. wasn't me
01:18 helderco joined #salt
01:22 MindDrive No problem.  I know Patrick has been wanting to test it out, at least.  The TDS system is trying to do a bit more in concept (though only a fraction of what I want implemented currently is actually there), but there are definitely similarities.
01:22 Ryan_Lane2 he has no plans on using my system, just the frontend, which would call your system
01:23 Ryan_Lane2 (and his plan was to use gitdeploy and not trigger)
01:23 helderco Can anyone help me writing a custom module? Can't seem to get it to work. I'm running a masterless salt with vagrant and put a _modules/foo.py in the same dir that I have my salt states (top.sls). sudo salt-call sys.doc foo doesn't return anything. I have a function in that file with a docblock.
01:23 MindDrive Ahh, got it.
01:23 MindDrive (Yeah, the holidays pretty much wiped everything from my mind from before them... having to reload a lot of info back into my head. :) )
01:25 TomasNunez joined #salt
01:28 helderco I had to call `salt-call saltutil.sync_all`... I thought it wasn't needed when running masterless.
01:30 helderco highstate solves that but I had the _modules folder in the wrong place
01:34 jimallman joined #salt
01:35 cachedout joined #salt
01:36 backjlack joined #salt
01:36 bhosmer joined #salt
01:38 Linz joined #salt
01:47 andrej Assuming I wanted to make sure that a packages config file, e.g. the ntp I did earlier, was in a sensible state, and ran a state.sls ntp against our fleet on a regular (timed) basis; is there a way to make salt send me an e-Mail if the config file differed? :)
01:47 oz_akan_ joined #salt
01:58 xt joined #salt
01:58 funzo joined #salt
02:01 AdamSewell joined #salt
02:06 rgbkrk joined #salt
02:07 psyl0n joined #salt
02:12 jfzhu_us andrej: I don't think that salt is capable of indicating whether a system has deviated from a set configuration. Based on the source code for the file state, it doesn't look like salt compares the files to some kind of internal hash to check the consistency of a file so it won't know if someone, for example, added ntp time servers to your ntp config file. A salt stack developer would have to confirm this behavior.
02:12 lahwran joined #salt
02:16 sroegner__ joined #salt
02:17 funzo joined #salt
02:21 funzo joined #salt
02:24 mgw joined #salt
02:26 xt joined #salt
02:28 jfzhu_us andrej: I may have been too hasty with my original statement. There looks like a source_hash that is used to determine whether a configuration file has changed from a hash, and if it has, replace it. You could parse the return to see if a configuration file has been replaced
02:30 tseNkiN joined #salt
02:31 Ryan_Lane2 joined #salt
02:37 tseNkiN left #salt
02:37 Ryan_Lane joined #salt
02:40 tvs_ joined #salt
02:41 tvs_ how can I delete a key on a minion?
02:42 tvs_ I've changed a minion hostname adn wanted to delete the salt-keys to obtain the new name but I couldn't
02:44 pniederw when I run highstate, I get "specified SLS xyz in environment base is not available on the salt master". what exactly does this mean? xyz was long renamed to something else, and I can't find any reference to the old name in the gitfs repo.
02:44 scoates tvs_: I've had good luck with simply deleting the key files in /etc/salt/pki/minion/* and restarting the minion (it will generate new keys)
02:44 tvs_ yes, I've done that but when I run salt-key -L on the server, the old server name appears
02:45 scoates tvs_: have you deleted the keys on the master? `salt-key -d old.server.name` ?
02:45 pniederw nevermind, found the cause
02:45 tvs_ yes
02:46 scoates really don't know, then. /-:
02:46 xt joined #salt
02:46 foxx joined #salt
02:46 darless tvs_: How did it change? hostname? id?
02:47 tvs_ I've changed the hostname
02:47 tvs_ is a freebsd box
02:47 darless Did you make sure that /etc/hosts didn't have the old hostname?
02:49 tvs_ yes
02:49 tvs_ executing hostname from the box returns the proper (new)   hostname
02:50 tvs_ could it be that something is cached in the salt master server?
02:51 darless tvs_: hmm don't know then. I've switched my minions to use the [id] field in /etc/salt/minion
02:52 darless You'll have to delete the Unaccepted Key first then restart the salt minion after the change
02:54 xl1 joined #salt
02:57 Furao joined #salt
03:01 tvs_ darless: I've did what you suggested but it doesn't work either
03:02 tvs_ as soon as I restart the server, the key with the old name appears in the unaccepted list on the server
03:03 jfzhu_us tvs_: Have you changed /etc/salt/minion_id ?
03:03 jdenning joined #salt
03:05 tvs_ jfzhu_us: that was the problem!!! I've removed that file, restarted the minion service and now it works perfectly! thanks!!!
03:06 jfzhu_us tvs_: Sure np
03:06 jfzhu_us tvs_: I recommend re-adding the file with your new hostname
03:07 tvs_ yes, the restart recreates it
03:07 scoates the minion will automatically add it on start, no?
03:07 scoates heh. yes. (-:
03:08 darless jfzhu_us: cool, didn't know about the minion_id file, learn something new every day
03:08 scoates I put this in my `Vagrantfile`s http://paste.roguecoders.com/p/a5522d81c55f1da42f71b692a015ab80.txt
03:08 jfzhu_us tvs_: o.0 I did not know that
03:10 davidfischer joined #salt
03:11 funzo joined #salt
03:13 rojem joined #salt
03:13 tvs_ thank you again all of you guys! as always, you have been very helpful!
03:25 elithrar joined #salt
03:28 anuvrat joined #salt
03:30 bhosmer joined #salt
03:31 Ryan_Lane2 joined #salt
03:33 drawsmcgraw joined #salt
03:34 markizano joined #salt
03:34 drawsmcgraw Anyone familiar with running tests? I'm trying to follow the doc (http://docs.saltstack.com/topics/tests/index.html) but am having a hard time
03:34 drawsmcgraw All I've done is the pip install incantation. I have no idea where 'tests/runtests.py' is supposed to be.
03:35 scoates drawsmcgraw: I'm not familiar with the salt test suite, but: https://github.com/saltstack/salt/blob/develop/tests/runtests.py
03:36 andrej jfzhu_us, ta ... I had come up with a grep 'File .*changed' in the cron line :)
03:37 drawsmcgraw scoates: Thanks. Still very weird... I don't... have the 'tests' directory in my salt installation
03:37 drawsmcgraw I've obviously done something wrong
03:37 drawsmcgraw Good to know where it's *supposed* to be though. Thanks
03:38 scoates drawsmcgraw: I don't see it installed after salt bootstrap, either.
03:39 drawsmcgraw scoates: huhn..... Yep. Have obviously overlooked something :)
03:39 andrej http://pastebin.com/4ct1VwJA ... this works for ubuntu machines. But when I try to run salt 'centos' state.sls nagios-nrpe against a centos box it bombs out with a parse rror?     Rendering SLS "base:nagios-nrpe" failed: Unknown yaml render error; line 27
03:41 funzo joined #salt
03:43 funzo_ joined #salt
03:44 AdamSewell joined #salt
03:45 DanGarthwaite joined #salt
03:45 steveoliver joined #salt
03:50 Linz joined #salt
03:59 davet joined #salt
03:59 srage joined #salt
04:04 dezgot left #salt
04:13 oz_akan_ joined #salt
04:14 Linz joined #salt
04:15 oz_akan__ joined #salt
04:16 sroegner__ joined #salt
04:20 smkelly joined #salt
04:20 smkelly joined #salt
04:23 bowen joined #salt
04:26 ajw0100 joined #salt
04:37 Ryan_Lane joined #salt
04:37 higgs001 joined #salt
04:43 AdamSewell joined #salt
04:44 funzo joined #salt
04:50 oz_akan_ joined #salt
04:53 mgw joined #salt
05:09 kedo39 has anyone here used the network states before? I'm trying to use them but i get "State network.managed found in sls ... is unavailable"
05:09 kedo39 here's my sls for reference http://pastebin.com/ZxBuFVxw
05:19 jfzhu_us kedo39: In my experience that means that state file isn't working for that release. I ran into the same error when using pkg.repos
05:20 jfzhu_us kedo39: I have heard of workaround where someone used file.managed for pkg.repos which I think you can use for your case also but not sure you whether you want to do that or wait until mainstream fixes the issue
05:20 kedo39 oh, turns out it doesn't work in debian/ubuntu ... https://github.com/saltstack/salt/issues/1468
05:21 fllr joined #salt
05:22 kedo39 oh wait, his pull request got merged in...
05:22 bowen kedo39: The current source code states "This module will therefore only work on RH/CentOS/Fedora and Debian/Ubuntu"
05:23 bowen kedo39: You could try dropping this state in under /srv/salt/states, syncing it to your minion and then trying again (assuming you're working in a test environment)
05:23 bowen https://github.com/saltstack/salt/blob/develop/salt/states/network.py
05:24 kedo39 i think i'll also need https://github.com/saltstack/salt/blob/develop/salt/modules/debian_ip.py
05:24 kedo39 i was confused because the docs also say that it works in debian/ubuntu, but 0.17.4 doesn't have the debian-specific stuff
05:25 bowen kedo39: The bug report you referenced showed a stack trace when trying to apply the sls. Your error message seems to indicate that it can't even find the state module.
05:25 anuvrat joined #salt
05:26 kedo39 the debian_ip.py file isn't in my /usr/lib/python2.7/dist-packages/salt/modules either
05:27 kedo39 i do have the states/network.py file though
05:30 cachedout joined #salt
05:33 zzzirk joined #salt
05:35 zzzirk just getting started with salt and wonder if someone can answer what is likely a simple question I'm not grokking for me
05:40 fllr joined #salt
05:40 zzzirk I'm working through the tutorial and I get that I can do a "salt '*' state.highstate" to induce the system to distribute things, but what I'm wanting to know is that if I *don't* induce that to happen does it happen on it's own?  I'm guessing I just missed something in reading through the tutorials or I'm just thick
05:42 Nexpro1 joined #salt
05:42 bowen zzzirk: Nothing will happen unless you issue a command. Salt doesn't work like puppet where servers check in and apply config periodically.
05:43 zzzirk okay I was kind of wondering if that was the case and just wanted to verify I hadn't missed something
05:43 zzzirk I come from a cfengine background (from a few years back) so I'm trying to make sure I don't miss something since I know salt works different
05:43 bowen zzzirk: If you would like your servers (aka minion) to check in and run highstate on a periodic basis, you can use https://salt.readthedocs.org/en/latest/topics/jobs/schedule.html
05:44 zzzirk that looks like it answers what I was wondering
05:44 zzzirk thanks!
05:44 funzo joined #salt
05:44 bowen zzzirk: No problem. Hang in there with learning Salt. You'll be very glad you did ;-)
05:45 zzzirk oh I'm already sold I'm just slogging through the initial learning curve
05:45 fr0de right there with you! :D
05:47 zzzirk and now that I answer that I think it's time for bed as I can finally sleep.  thanks again!
05:49 sirtaj joined #salt
05:50 wunki joined #salt
05:51 oz_akan_ joined #salt
05:54 bowen kedo39: Any luck? If not, I would try creating a new folder under /srv/salt/ (assuming you're using the default base dir) called _states. Copy the latest network.py file in to it (https://raw.github.com/saltstack/salt/develop/salt/states/network.py). Then run salt '*' saltutil.sync_states. Cross your fingers really hard and then try again.
05:55 bowen kedo39: Just to clarify, the directory to copy the network.py file in to should be /srv/salt/_states/
05:56 mgw joined #salt
05:58 kedo39 that seems a bit too risky for me :X
05:59 kedo39 i'm just using file.managed for my /etc/network/interfaces
05:59 kedo39 and having that be watched by the networking service
05:59 kedo39 i didn't know about that _states trick though :o
06:01 bowen kedo39: That's completely fair enough. If it was a test machine that you didn't care about then it would at least help to see if the problem has been solved.
06:02 kedo39 thanks for the suggestion though. i'll definitely keep it in mind the next time i need to debug
06:03 bowen kedo39: Yeah, it's a good one to keep up your sleeve. You can read more info here, if you're interested: http://docs.saltstack.com/ref/states/writing.html#using-custom-state-modules
06:04 bowen kedo39: This will work for modules too (use _modules directory). The modules and states that you drop in these directories will override whatever is already installed (if there's a name conflict).
06:05 kedo39 oh, nice
06:07 Gifflen joined #salt
06:09 fllr joined #salt
06:10 _fllr_ joined #salt
06:11 bowen kedo39: The last suggestion I've got for you (which will eliminate your sls config as a potential cause of the problem) would be to try using a lower state - https://salt.readthedocs.org/en/latest/ref/states/layers.html
06:11 ConceitedCode joined #salt
06:12 bowen I haven't done this before myself (so please forgive me if it fails) but running "salt '*' state.single network.system name=system enabled=true gateway=192.168.2.1" should do the same thing as the first block of code that you pasted on pastebin
06:13 bowen perhaps wrap each of the parameters in single quotes, as it shows in the documented example
06:14 kedo39 i'm pretty sure the problem is that debian networking isn't supported in 0.17.4 though
06:16 redmin joined #salt
06:16 steveoliver left #salt
06:17 sroegner__ joined #salt
06:17 bowen kedo39: Sorry, I just took a look at the 0.17 branch and you're quite right.
06:18 bowen left #salt
06:18 kedo39 at least i know what i'm looking forward to in the next rlease though, heh
06:19 ajw0100 joined #salt
06:22 xt joined #salt
06:22 markizano joined #salt
06:29 xmj joined #salt
06:29 xmj cedwards: hi
06:29 xmj cedwards: would you know if salt has a backend for ezjails, these days?
06:30 ravibhure joined #salt
06:32 ravibhure1 joined #salt
06:33 ravibhure2 joined #salt
06:35 rmt joined #salt
06:37 rgbkrk joined #salt
06:38 higgs001 joined #salt
06:39 fllr joined #salt
06:40 Ryan_Lane joined #salt
06:44 david_a joined #salt
06:45 funzo joined #salt
06:47 [vaelen] joined #salt
07:00 d10n joined #salt
07:01 Jahkeup joined #salt
07:01 nliadm joined #salt
07:01 echos joined #salt
07:02 seanz joined #salt
07:02 Guest93739 joined #salt
07:05 steveoliver joined #salt
07:06 steveoliver joined #salt
07:09 steveoliver left #salt
07:11 Guest93739 joined #salt
07:15 fr0de left #salt
07:18 linjan joined #salt
07:21 harobed joined #salt
07:31 TomasNunez joined #salt
07:31 matanya joined #salt
07:31 gammalget joined #salt
07:32 krish joined #salt
07:33 harobed joined #salt
07:33 gasbakid joined #salt
07:34 krish i am beginner to salt. So, please let me know what is the use of master and minion. and how do i connect to remote machines using saltstack
07:36 krish i am using linux system
07:37 ml_1 joined #salt
07:37 Ryan_Lane2 joined #salt
07:39 fllr joined #salt
07:41 _fllr_ joined #salt
07:43 gammalget joined #salt
07:45 cb krish: did you read the Salt Walkthrough?
07:46 funzo joined #salt
07:48 Obike joined #salt
07:48 Obike anyone awake? having an issue in production that i need help on
07:54 oz_akan_ joined #salt
07:54 jacksontj joined #salt
07:56 BbT0n joined #salt
07:57 gasbakid_ joined #salt
08:00 fllr joined #salt
08:04 krish @cb i had  gone through some what but it would be better, if you give me the solution
08:12 Ryan_Lane joined #salt
08:18 sroegner__ joined #salt
08:21 redmin joined #salt
08:24 helminthe joined #salt
08:25 higgs001 joined #salt
08:37 ds45 joined #salt
08:39 fllr joined #salt
08:47 funzo joined #salt
08:50 harobed_ joined #salt
08:50 bbinet hi
08:50 bbinet I'm wondering how works salt environments when the same state is applied to the
08:50 krish hi
08:50 bbinet same node in two different environments?
08:51 bbinet which environment wins?
08:51 krish hi bbinet
08:51 harobed joined #salt
08:51 bbinet hi krish
08:51 krish can you let me know how to work on cloud using salt
08:52 krish where do i want to configure salt to install or update in cloud syatems
08:52 krish bbinet?
08:52 bbinet krish: I've never used salt-cloud myself
08:52 harobed_ joined #salt
08:53 bbinet so I can only redirect you to salt-cloud doc:
08:53 bbinet http://salt-cloud.readthedocs.org/en/latest/
08:53 krish thanks
08:53 harobed_ joined #salt
08:53 krish but i need to tell you about salt which is installed in my machine
08:54 krish i need to install in ec2-aws machines using salt
08:54 bbinet krish: does http://salt-cloud.readthedocs.org/en/latest/topics/aws.html help?
08:55 krish sorrry for the typos. i need you to tell about salt which i installed locally.
08:55 bhosmer joined #salt
08:55 krish what is the uses of master and minion in the salt
08:58 bbinet Salt functions on a master/minion topology. A master server acts as a central control bus for the clients (called minions), and the minions connect back to the master.
08:59 joset joined #salt
09:04 taion809 joined #salt
09:04 Gifflen joined #salt
09:11 linjan joined #salt
09:12 krish thanks bbinet. please let me know how to configure salt
09:13 bbinet krish: if you're new to salt, I encouraging you to start with the walkthrough:
09:13 bbinet https://salt.readthedocs.org/en/latest/topics/tutorials/walkthrough.html
09:15 krish ok but let me know where do i want to add my public DNS in salt
09:17 bbinet krish: sorry, not sure I understand your question
09:18 fllr joined #salt
09:20 krish i will let you know clearly. i have installed salt in my system(linux), and i have say 4 servers(aws-ec2) so, 4 public DNS. i want to install a software in these 4 servers using salt.
09:21 krish what should i want to do in the salt in my machine?
09:21 krish thanks in advance
09:22 bbinet krish: ok
09:23 krish actually we work through terminal
09:23 ckao joined #salt
09:23 krish i like to know in any ways (terminal or GUI)
09:24 bbinet so you need to set the master server name or ip in the minion configuration
09:24 taion809 joined #salt
09:24 bbinet open the port 4605 and 4506 on the salt master server
09:25 bbinet and it should be good to go
09:25 bbinet salt-key -L on the master should list the available minions
09:26 bbinet issue: salt-key -A to accept the minions keys
09:26 bbinet then you can test that salt master can ping salt minions with:
09:27 bbinet salt '*' test.ping
09:27 krish salt-key -L Failed to create directory path "/etc/salt/pki/master/minions" - [Errno 13] Permission denied: '/etc/salt/pki/master/minions'
09:28 krish how to get the master server name.?
09:29 favadi joined #salt
09:31 helminthe joined #salt
09:31 bbinet sudo salt-key -L
09:32 bbinet you can use the ip for now
09:32 ravibhure2 left #salt
09:33 bbinet setting a domain name to a ip has nothing to do with salt
09:34 MohShami joined #salt
09:34 MohShami hey guys, can salt master read files form the minions?
09:34 krish krish@ubuntu:~$ sudo salt-key -L [sudo] password for krish:  Accepted Keys: Unaccepted Keys: Rejected Keys: krish@ubuntu:~$
09:35 krish this what i get
09:35 ravibhure joined #salt
09:35 krish i got no info
09:35 bbinet krish: so your minions have not been able to contact the master yet
09:35 krish yes
09:36 bbinet what does return the following command on the minion:
09:37 bbinet grep "master:" /etc/salt/minion
09:37 bbinet ?
09:37 krish ok
09:38 krish krish@ubuntu:~$ grep "master:" /etc/salt/minion #master: salt
09:40 bbinet krish: so you need to set a value here
09:41 bbinet something like:
09:41 bbinet master: xxx.xxx.xxx.xxx
09:41 bbinet (ip of your master)
09:41 krish how do i find my master ip. please let me know
09:41 bbinet (or the domain name of you master if available)
09:42 krish where do i find these two thanks
09:42 bbinet krish: what do you want to do with salt?
09:42 jpihl joined #salt
09:43 krish i want to install one software in all ec2 servers by one command
09:43 krish or once
09:43 bbinet krish: but you don't know how to find a server ip...?
09:44 krish server ip is public dns
09:44 bbinet krish: anyway you can get your master public ip for example with:
09:44 bbinet curl ifconfig.me
09:44 bbinet on the master server
09:45 krish i have found my server ip
09:45 krish by typing ifconfig in my ec2 instance
09:46 krish where do i want to add this server ip in salt file
09:47 bowen joined #salt
09:47 funzo joined #salt
09:48 bbinet krish: ifconfig will give you your internal ip address, not the public ip address
09:49 krish yes i know my public ip address very well. but i don't know the path to add the public ip address
09:55 oz_akan_ joined #salt
09:58 linjan joined #salt
10:03 krish i have added master: xxx.xxx.xxx.xxx in vi /etc/salt/minion
10:09 fllr joined #salt
10:11 ravibhure1 joined #salt
10:19 sroegner__ joined #salt
10:19 bbinet krish: so if your minion is properly configured, you can restart it
10:19 bbinet and if it can ping the salt master
10:20 bbinet you should see it when you do:
10:20 bbinet sudo salt-key -L
10:20 bbinet on the master
10:21 krish krish@ubuntu:~$ sudo service salt-minion restart salt-minion stop/waiting salt-minion start/running, process 12994
10:22 krish i have restarted. please let know how to get it to work
10:26 jpihl Hi I can't highstate my a minion on windows. I'm running the newest version of salt both on the master and minion (17.4). I'm getting a "global name '__salt__' is not defined". Can someone please help me?
10:27 redmin joined #salt
10:28 william_20111 joined #salt
10:28 bbinet krish: can you ping your salt master from the minion?
10:29 krish i don't know to do :)
10:31 bbinet ping your_salt_master
10:31 bbinet ;)
10:31 bbinet or ping your_salt_master_public_ip
10:34 MartinG joined #salt
10:35 krish i have searched in vi /etc/salt/master regarding salt master public ip.  but i couldn't find
10:35 bbinet curl ifconfig.me
10:35 bbinet on the salt master server
10:36 bbinet will give you its public ip
10:39 fllr joined #salt
10:40 _fllr_ joined #salt
10:42 Damoun joined #salt
10:44 fllr joined #salt
10:45 che-arne joined #salt
10:48 Damoun joined #salt
10:48 funzo joined #salt
10:52 david_a joined #salt
10:56 krish krish@ubuntu:~$ curl ifconfig.me   122.147.20.127
10:57 JasonSwindle joined #salt
10:57 jacksontj joined #salt
10:58 BogdanR joined #salt
10:58 BogdanR Hello
10:58 BogdanR Is it possible to automatically deploy the minion with the salt master?
11:00 jacksontj_ joined #salt
11:02 bowen joined #salt
11:05 bowen left #salt
11:13 taion809 joined #salt
11:15 taion809 joined #salt
11:17 mnemonikk joined #salt
11:17 taion809 joined #salt
11:18 taion809 joined #salt
11:32 psyl0n joined #salt
11:36 wonhunawks joined #salt
11:39 viq joined #salt
11:49 funzo joined #salt
11:50 jakubek joined #salt
11:57 oz_akan_ joined #salt
12:02 Iwirada joined #salt
12:08 dangra joined #salt
12:13 dangra1 joined #salt
12:15 kamal__ joined #salt
12:15 bhosmer joined #salt
12:17 oz_akan_ joined #salt
12:17 jpihl left #salt
12:18 jpihl joined #salt
12:19 jpihl Hi I can't highstate my a minion on windows. I'm running the newest version of salt both on the master and minion (17.4). I'm getting a "global name '__salt__' is not defined". Can someone help me?
12:20 sroegner__ joined #salt
12:22 Shenril joined #salt
12:23 funzo joined #salt
12:24 Nazzy does anyone happen to know what the expected release date is for Hydrogen/2014.1.0?
12:26 MartinG joined #salt
12:28 Shish It was tagged in git a few days ago so I'd guess "soon", but no actual idea (I'm waiting too, so my patches can be deployed without having to have a custom build /o/)
12:30 Nazzy heh, the pydsl fixes I got merged couple of months back are minion side, so I'd have to put a custom build on every minion :(
12:35 Psi-Jack Yeaah.. I'm willing to yell at some devs for pre-tagging a release that's not released. That's HORRIBLE PRACTICE, and should never be done until it's actually a genuine release.
12:41 psyl0n joined #salt
12:42 mgw joined #salt
12:43 ekristen joined #salt
12:46 Linz joined #salt
12:50 MartinG joined #salt
12:54 harobed_ joined #salt
13:01 jfzhu_us joined #salt
13:10 blee joined #salt
13:14 jrdx joined #salt
13:14 balltongu joined #salt
13:15 fllr joined #salt
13:16 BogdanR Is it possible to automatically deploy the minion with the salt master?
13:19 jakubek BogdanR: imo its better to use some bash script, or fabric :)
13:20 BogdanR jakubek: How come?
13:20 jakubek BogdanR: sorry? ;-)
13:21 sroegner__ joined #salt
13:21 diegows joined #salt
13:21 Nazzy BogdanR, any specific reason for not using salt-bootstrap?
13:21 BogdanR Then is it possible to run a bash script with the master before I install the minion?
13:21 mgw joined #salt
13:22 BogdanR I would like to install the minion with bootstrap but automatically with the master and I was curious if that sounds doable
13:23 BogdanR Basically evey time I install a minion I have to configure DNS, run bootstrap and add the key
13:23 BogdanR Is there an established way for doing that automatically?
13:24 th3reverend joined #salt
13:27 ecdhe joined #salt
13:29 Nazzy you can preseed the key ... I suspect your best option is to write a bit of bash that preseeds a key, uses ssh multiplex to open a reusable connection to the new minion, run bootstrap, scp the pre-accepted key, push updated configs, restart salt, then kill the ssh connection
13:36 gadams999 joined #salt
13:40 fllr joined #salt
13:42 iarmstro joined #salt
13:44 iarmstro does anyone have problem try to exceute command with a hypen in the path as part of the sls file as shown here https://gist.github.com/anonymous/8316945
13:46 matanya joined #salt
13:46 rojem joined #salt
13:46 redmin joined #salt
13:46 fllr joined #salt
13:46 jslatts joined #salt
13:47 elithrar joined #salt
13:49 Gifflen joined #salt
13:50 _fllr_ joined #salt
13:58 oz_akan_ joined #salt
13:59 martoss joined #salt
14:00 oz_akan_ joined #salt
14:01 martoss Hey folks, any ideas how to get results from minions instantaneously instead one block at the end of the higstate run? Can one use a different returner to circumvent this?
14:02 jfzhu_us joined #salt
14:02 toastedpenguin joined #salt
14:02 psyl0n joined #salt
14:04 jakubek iarmstro: its working :-)
14:04 jakubek iarmstro: i have tested that
14:05 jakubek iarmstro: what is you version of minion?
14:07 iarmstro salt-minion 0.17.4
14:07 iarmstro salt-master 0.17.4
14:07 jakubek iarmstro: http://pastebin.com/YuT4X3Qn
14:07 iarmstro salt 0.17.4
14:08 jakubek iarmstro: could you ls -l /tmp/build-python27.sh and show me head of this file?
14:08 fllr joined #salt
14:09 Gifflen joined #salt
14:09 juicer2 joined #salt
14:11 iarmstro salt '*' state.sls blackbox_env work
14:11 iarmstro salt '*' state.sls blackbox_env works
14:11 wkf_ joined #salt
14:11 iarmstro salt '*' state.highstate does not work
14:12 jakubek iarmstro: ok try to change order first mangaed then run ;-)
14:13 iarmstro ok
14:13 juicer2 joined #salt
14:13 jakubek iarmstro: after first run you are trying to run file then you are checking if its in good state
14:14 Linz joined #salt
14:14 to_json joined #salt
14:15 jrdx joined #salt
14:16 racooper joined #salt
14:16 iarmstro no I renamed the file to see if it worked to have the underscore
14:18 natim joined #salt
14:18 natim Hello guys
14:18 natim Does anyone know how to use cmd.wait in an activated virtualenv ?
14:19 anuvrat joined #salt
14:22 iarmstro am also having an issue installing a rpm as shown here http://pastebin.com/uqt0YNRB can anyone help?
14:22 brutasse natim: you can use the full path to the command directly -- /path/to/venv/bin/<command>
14:23 brianhicks joined #salt
14:23 iarmstro joined #salt
14:27 fllr joined #salt
14:28 higgs001 joined #salt
14:28 fllr joined #salt
14:29 natim brutasse, yes I usually do that, but I would like to run a make rule with 3 or 4 commands that must be ran inside the venv
14:30 mpanetta joined #salt
14:30 natim I am trying to define VIRTUAL_ENV and PATH environment variable to the cmd.wait command but I don't know if it will work as expected
14:35 fllr joined #salt
14:35 natim brutasse, or I should but all the make commands directly in salt ?
14:36 _fllr_ joined #salt
14:37 brutasse natim: I couldn't completely parse your sentence but probably, yes
14:37 mpanetta joined #salt
14:38 lahwran_ joined #salt
14:39 mpanetta_ joined #salt
14:39 th3reverend joined #salt
14:39 natim s/but/put
14:39 th3reverend left #salt
14:42 Ahlee basepi: terminalmage: oi
14:43 gammalget joined #salt
14:43 jrdx joined #salt
14:43 juicer2 joined #salt
14:43 balltongu joined #salt
14:43 Kyle joined #salt
14:43 seanz joined #salt
14:43 echos joined #salt
14:43 nliadm joined #salt
14:43 Jahkeup joined #salt
14:43 rojem joined #salt
14:44 mpanetta joined #salt
14:52 Iwirada hi, i have the following sls http://slexy.org/view/s20qZHSF3F and it fails with the comment "State network.managed found in network is unavailable"
14:52 Iwirada somehow i cant find any big differences to the states in the documentation. have i done something wrong?
14:53 Iwirada salt is version 0.17.4
14:55 gammalget joined #salt
14:55 bbinet Iwirada: what is the minion os?
14:56 bbinet Iwirada: I think that the network state is not available for debian os
14:56 kaptk2 joined #salt
14:56 bbinet in 0.17.x
14:56 quickdry21 joined #salt
14:56 bbinet will be available in the next release
14:57 Iwirada damn, it's ubuntu
14:57 Mua joined #salt
14:57 Iwirada ok, but thanks for the heads up!
14:57 timoguin joined #salt
14:58 bbinet Iwirada: https://github.com/saltstack/salt/pull/9043
14:59 patrek joined #salt
14:59 iarmstro can anyone help with this issue install a rpm http://pastebin.com/uqt0YNRB
14:59 mortis is it just me, or is it an issue when the minions lose contact with their master for a while .....that they become unresponsive when the master is back up?
15:00 Iwirada bbinet: thx!
15:01 mortis im on 0.17.4
15:02 vejdmn joined #salt
15:06 hanxue joined #salt
15:07 micah_chatt joined #salt
15:08 jimallman joined #salt
15:09 hanxue I have salt-master running on my local machine and salt minion running on AWS EC2 . How can I request the salt-key from the minion?
15:15 gadams999 will bootstrap install the 2014.1 RC0 version?
15:21 Ahlee mortis: Don't believe it's just you, based on https://github.com/saltstack/salt/issues/6306 and https://github.com/saltstack/salt/issues/8295
15:22 Ahlee Trying to figure out how much pain in rolling all minions back to 0.16.x
15:23 Ahlee It honestly looks like there's a tipping point in number of connections a master can service, and when you breach X minions it just all falls apart
15:24 scoates hanxue: your minion has to contact the master to establish the key exchange. if your local machine is on a public IP, this is easy… if not, it's hard (tunnels/opened ports/etc.)
15:24 jfzhu_us Ahlee: Aren't there some tunable options to ensure that the master can scale to handle a larger number of minions?
15:24 timoguin gadams, if you specify a tag or branch for the bootstrap it can.
15:24 kermit joined #salt
15:25 Ahlee jfzhu_us: The only config option I'm aware of is pub_hwm and worker_threads
15:25 hanxue scoates: Indeed my local machine is behind a router/NAT. Finding out what ports are needed
15:25 AdamSewell joined #salt
15:26 AdamSewell joined #salt
15:26 scoates Ahlee: not a solution to your immediate problem, but minions *can* have multiple masters; might help in the longer term.
15:26 Ahlee scoates: yeah, we've discussed this as it's trivial to overwhelm one master if you submit a long running queue against a master to work with > worker_threads minions
15:26 juasiepo joined #salt
15:27 timoguin gadams, like this: curl -L http://bootstrap.saltstack.org | sudo sh -s -- git 2014.1
15:27 scoates hanxue: http://docs.saltstack.com/topics/tutorials/firewall.html
15:27 scoates spoiler: 4505, 4506 by default
15:28 Ahlee i.e., salt '*' state.sls state.take_a_minute, if * matches more thatn worker_threads minions you can't submit new requests to the master, as the client or API times out as the master is fully consumed talking to the minions
15:28 dimeshake am I missing some dependency if I'm getting this when trying to generate a cert: Function tls.create_self_signed_cert is not available
15:29 timoguin dimeshake, it depends on the PyOpenSSL python module
15:29 timoguin won't load without it
15:29 dangra joined #salt
15:29 dimeshake excellent, thanks
15:30 scoates carmony: I just experienced the opposite of your nano shame. Had broken DNS on a machine, and vim wasn't installed. Couldn't remember how to use nano effectively to edit /etc/resolv.conf (-;
15:30 carmony scoates: hahaha
15:30 Ahlee opened a ticket through sales force, waiting to hear back
15:30 carmony I bet you erased that from your search history
15:30 carmony "how to use nano"
15:30 scoates (-;
15:31 gadams999 timoguin: tks, I'll use that testing the RC
15:31 zzzirk joined #salt
15:31 scoates [esc] d d -> literal "dd"… oh… right… how do they spell… [^k]ut. right. (-:
15:32 zzzirk joined #salt
15:34 vbabiy Why does salt load the minion key so much when running highstate
15:35 iarmstro any idea why pkg.installed sources works with the source on the minion but not on the master?
15:36 iarmstro the sls file is shown here http://pastebin.com/7RgKmctx
15:36 forresta joined #salt
15:37 cachedout_home joined #salt
15:37 Ahlee vbabiy: There's a pull that reduces them significantly
15:37 Ahlee trying to find it but GH  isn't playing nice
15:38 vbabiy Ahlee I would love to read the back stroy
15:38 vbabiy thanks
15:38 fllr joined #salt
15:39 Ahlee vbabiy: https://github.com/saltstack/salt/pull/9374?source=cc
15:39 scoates that looks like Ruby… amirite? (-:
15:39 Ahlee though, this doens't explain why the _auth is being called
15:41 ajw0100 joined #salt
15:42 cro joined #salt
15:43 iarmstro1 joined #salt
15:43 iarmstro left #salt
15:44 scoates http://gim.ie/a0B8K
15:45 Cottser left #salt
15:45 forresta heh
15:47 cro joined #salt
15:50 colinbits joined #salt
15:50 elfixit joined #salt
15:51 tyler-baker joined #salt
15:51 tyler-baker joined #salt
15:52 davidfischer joined #salt
15:52 alunduil joined #salt
15:52 juso joined #salt
15:55 juso Hey guys. I'm trying to upgrade from 0.17.2 to 0.17.4 and getting un-handled exception Permission denied: 'c:\\salt\\var\\cache\\salt\\minion\\highstate.cache.p', which I checked is r/o. If I make it r/w then I'm getting another exception
15:55 juso NameError: global name 'set_mode' is not defined
15:55 juso in "File "salt/modules/file.py", line 1699, in check_perms"
15:55 juso is it a known issue or it's only me bumping into this issue?
15:57 teskew joined #salt
15:58 sgflt joined #salt
16:00 juicer2 joined #salt
16:04 Mua joined #salt
16:05 forresta juso, I have not seen that happen to someone before. Do you have a similar test machine where you can see if the issue occurs on a clean install of 0.17.4?
16:05 pmcg joined #salt
16:07 forresta juso, are you getting that when you run state.show_highstate?
16:07 forresta the original error
16:07 bhosmer joined #salt
16:08 juso forresta - I can quickly re-install fresh VM with 0.17.4 on my home lab, takes around 15 minutes, and if necessary can also give access to it. I'm getting this error when I do salt-call state.highstate locally
16:09 forresta juso I'm wondering if it's related to this: https://github.com/saltstack/salt/issues/9604
16:09 mohae joined #salt
16:10 dfinn joined #salt
16:10 cro joined #salt
16:13 juso forresta - it doesn't look too similar though of cause the underlying reason could be the same (somehow setting r/o for cache files). But even when I fix the r/o attribute - it exposes this strange exception "global name 'set_mode' is not defined" in modules/file.py. I checked the 0.17.4 modules/file.py and it does contain function set_mode, so to me the error looks quite strange.
16:13 forresta yea I agree, that's why I didn't immediately pass it off as being the same thing
16:14 honestly_ joined #salt
16:14 cro joined #salt
16:14 forresta juso, I'd suggest to create another issue outlying what you've discovered. The maintainer for the Windows package (UtahDave) should be around later today if he isn't on a job site, and might have a better suggestion, but creating the issue will ensure it gets visibility.
16:16 juso ok, will do. Will just re-create the VM with 0.17.4 to get log files and raise the issue.
16:16 forresta ok cool, you should mention that it happened during the upgrade from 0.17.2 to 0.17.4 just as a note so all the info is in there.
16:17 juso BTW, is it there a known issue with salt-call somehow generating ctrl-c?
16:18 forresta you mean it runs that command?
16:18 juso forresta - well, it's not as such upgrading an existing 0.17.2 installation, it's upgrading the windows deployment process with 0.17.4 installation (instead of 0.17.2).
16:18 forresta ahh ok
16:20 abe_music joined #salt
16:21 juso forresta - I'm not sure how this happens, but when e.g. I have a shortcut to be run at startup which looks like "sal-call.exe state.highstate & rm blah.lnk" then the 'rm blah.lnk' never performed. And if I try to run manually salt-call state.highstate -l debug, then it shows something like "gracefully exited due to receiving ctrl-c".
16:22 forresta weird
16:23 forresta I haven't heard anyone talk about that before (I don't use windows servers at all so I haven't encountered it either)
16:26 juso but seems like that's previously unknown issue. Weird, I agree. I also tried shortcuts which run powershell like 'powershell "& salt-call.exe; remote-item blah.lnk" then the 'rm blah.lnk' also never been executed. I made a work-around by putting salt-call at the end of command line so it doesn't screw up following things, but thought may be worth checking with you if there is a proper solution.
16:26 scoates juso: sal-call.exe ? just a typo or is it actually wrong?
16:26 juso salt-call.exe
16:27 juso it's a typo I introduced just here, not a copy-paste from actual code
16:27 higgs001 joined #salt
16:27 cachedout joined #salt
16:28 scoates ok
16:28 scoates just making sure (-:
16:29 juso I know, worth double checking rather than investigating some stupid cases
16:29 forresta it's not that, scoates just has so many typos.... :P
16:30 scoates so mn any tpoys.
16:30 forresta yep
16:30 forresta I imagine that was hard to do.
16:31 scoates not really. just type fast and don't use backspace (-:
16:31 cro joined #salt
16:31 scoates I only have ~25 years of typing experience. Still don't quite have the hang of it (-;
16:31 forresta it's mostly just your smileys, they all count as typos
16:31 jperras typing was probably the best class I took in high school
16:32 jperras learning how to use all 10 digits was totally worth those 4 weeks of boredom
16:32 forresta How old are you jperras?
16:32 jperras 28
16:32 forresta ahh ok
16:33 jperras I'm old enough to know how to use the Dewey Decimal System
16:33 jperras and have used card catalogs in libraries before
16:33 jperras :p
16:33 forresta heh
16:34 mikkn Is there a way to return a subset of the currently active salt minions on a salt minion? I want to filter down and make a conf parameter containing all servers that have a specific grain specified.
16:36 forresta mikkn, are you talking about straight from the command line?
16:37 wkf_ joined #salt
16:37 mikkn forresta: no, in a state file
16:38 forresta mikkn, you can filter by grains like this example: https://github.com/saltstack-formulas/apache-formula/blob/master/apache/mod_wsgi.sls#L13
16:38 forresta the states tutorial part 3 also has lots of examples: http://docs.saltstack.com/topics/tutorials/states_pt3.html
16:39 UtahDave joined #salt
16:39 Ahlee _modules should show up under cp.list_master, right?
16:39 mikkn forresta: I want to do something more like this example in pseudo code "masters: {{ salt.find['dns01*'] | filtername }}"
16:41 mikkn Well, I guess it would be salt.find('grain["role"] == "dnsmaster"')
16:41 mikkn But I hope you get what I'm trying to do
16:41 jpihl Do I have to do anything special if I want a 2014.1.0 minion to connect to a 0.17.4 master? I'm getting some weird errors..
16:41 jalbretsen joined #salt
16:42 timoguin jpihl, generally you want the master to be newer. there have been issues with newer minions in previous versions
16:43 forresta mikkn, hmm, I'm thinking doing something like {% if grains['role'] == 'dnsmaster' %}\n - option: {{ salt['hostname'] }}
16:43 forresta something like that maybe?
16:44 forresta I don't have a box locally to test
16:44 forresta but basically if the grain role matches, then just use the name grain
16:44 jpihl timoguin, ah okay.. do you know if there is any problems connecting 0.17.4 minions to a 2014.1.0 master? I have many other minions and i'm not ready to update them yet..
16:44 timoguin jpihl, i'm not sure
16:44 dfinn1 joined #salt
16:44 jalbretsen joined #salt
16:44 forresta jpihl, you aren't using salt-cloud are you?
16:45 jpihl forresta, nope..
16:45 forresta ok cool
16:45 cnelsonsic joined #salt
16:46 godber joined #salt
16:46 mikkn forresta: I think you're misunderstanding, I want to list all servers running a salt minion and having that grain specified into that parameter
16:47 forresta ahh
16:47 mikkn forresta: Something like "salt-run manage.up" but in a state file for minions and filterable
16:47 forresta right I understand
16:48 jpihl timoguin, this is the error i'm getting http://pastebin.com/DTBeY544 . does it make any sense to you?
16:48 forresta off the top of my head I can't think of a good way to do that.
16:48 dfinn1 i'm not too familiar with this process but I had a bug reported that just got fixed in a "pull request".  what does that actually mean for it getting into a release?
16:48 jpihl it's a clean archlinux and salt has been installed using yaourt
16:48 forresta dfinn, most of the time that means it will get cherry picked into the next release, basepi is pretty good about grabbing them.
16:49 forresta jpihl, is your top.sls broken?
16:49 dfinn cool
16:49 jpihl forresta,  It's working on debian and ubuntu (which happens to run 0.17.4)
16:49 basepi dfinn1: leave a comment on the pull req reminding me to cherry pick if you want to be really sure it gets in.
16:49 forresta weird
16:50 jpihl yup.. and i'm not too compelled to upgrade my master if it breaks the compatibility with all my other minions :/
16:50 opapo joined #salt
16:50 forresta yea that's understandable
16:50 davet joined #salt
16:50 forresta jpihl, I'd suggest if you have a test env, doing it there.
16:51 mgw joined #salt
16:52 jpihl I don't but i guess it wouldn't be a bad idea to create one.. :) Thanks for the help..
16:53 forresta jpihl, yea np. Don't wanna risk prod!
16:55 forresta For anyone interested in light table, it went open source today: https://github.com/LightTable/LightTable
16:55 dave_den mornin
16:55 forresta hey
16:56 Iwirada left #salt
16:58 beanux joined #salt
17:01 KyleG joined #salt
17:01 KyleG joined #salt
17:04 troyready joined #salt
17:04 fllr joined #salt
17:07 TheRealBill_here joined #salt
17:07 Linz_ joined #salt
17:10 micah_chatt joined #salt
17:13 higgs001 joined #salt
17:14 pdayton joined #salt
17:17 xmltok joined #salt
17:18 Linz joined #salt
17:18 TomasNunez joined #salt
17:22 joehillen joined #salt
17:22 BbT0n_ joined #salt
17:25 esogas left #salt
17:26 luminous forresta: thanks for the reference!
17:26 luminous I'm exploring ext_pillar and would actually benefit from that!
17:29 jdenning joined #salt
17:32 luminous basepi: hey, are you around?
17:33 basepi luminous: indeed.
17:33 luminous yay
17:33 basepi (sort of, anyway.  on a call)
17:33 luminous ok
17:33 luminous understandable
17:33 luminous well, I'm digging into ext_pillar and making this available on the minion
17:33 luminous I've made some progress
17:34 basepi nice!
17:34 luminous but I'm a little confused with some of the function loading
17:34 luminous basepi: I started here: https://github.com/saltstack/salt/blob/develop/salt/loader.py#L147
17:34 Ryan_Lane2 joined #salt
17:34 luminous and I can see how what I tried does not work
17:35 luminous and I can see the mismatch between the expected keys and what I've got in the Pillar.ext_pillars dictionary
17:36 quickdry21 joined #salt
17:36 luminous basepi: I'm not sure of a specific question, but maybe you are able to help me better understand load.pillars() a little better?
17:37 luminous one thing I have not been able to determine is how the pillar function loading differs for the master, as loader.py seems to filter out ext_pillar functions? is this how we limit the salt-minion? or am I misunderstanding this?
17:37 morte joined #salt
17:38 basepi luminous: hehe, the problem here is that i've had very little experience with the loader myself!  =P
17:38 kula stare at the loader for a while, eventually you reach Enlightenment. at least, that's my experience.
17:38 basepi haha
17:39 luminous hah
17:39 luminous it seems I should not change loader.py there
17:39 basepi luminous: give me a few minutes, after i get off this call i'll poke around, see if i can see anything
17:40 kula nearly any time i try to figure out an interesting question in salt, i end up staring at loader.py....
17:40 luminous basepi: sure
17:40 luminous kula: good to know!
17:40 luminous it seems like some awesome magic
17:40 luminous I can see some interesting stuff in there
17:44 luminous basepi: hrm, maybe it's already available..
17:45 mgw joined #salt
17:45 ConceitedCode joined #salt
17:45 Nazzy understanding salt/loader.py is an exercise in madness
17:45 Nazzy just saying
17:46 luminous hah
17:46 KyleG For some reason, cedwards is adding a requirement to the salt code to require /usr/local/etc/pkg.conf to exist. The code does not exist in github, it's something cedwards is doing
17:47 luminous basepi: ok, I'm really confused.. without any changes, my tests with putting ext_pillar:  - cmd_yaml:  cat /some/file.yaml   works as expected with salt-call --local pillar.get some_key
17:47 KyleG and I have no idea why. Breaks all my package management.
17:47 KyleG on the freebsd branch
17:47 basepi luminous: wait, so it just randomly started working?
17:47 luminous I'm really confused
17:48 luminous maybe this was possible in 0.17 but not earlier?
17:49 basepi it's possible.....i don't think we made many changes with regards to the minion side salt-call stuff......
17:49 luminous basepi: is the 0.16 branch in git the latest 0.16.x ?
17:49 luminous ei .16.4
17:49 basepi yes.
17:50 luminous ok, I'll test that
17:53 luminous basepi: I think I need to try in a new VM. I didn't use virtualenv the first time around >.<
17:53 basepi luminous: heh
17:53 basepi it happens.  =)
17:54 luminous basepi: my cmd_yaml test is supposedly working with 0.16.4, but I don't believe it
17:54 basepi haha
17:54 luminous would you be able to test this on a .17 install?
17:55 basepi i'm not sure if i have time today, unfortunately.  i'm quite swamped atm.  unless it's a fairly small, straightforward test.
17:55 luminous understood
17:55 Nazzy some basic understanding of how loader works... you create a loader, typically, with 2 string params (ext_type and tag).  the main purpose of those params is to build the path names where things /might/ live in order to provide some nice path overlay type stuff ... it then manually loads those modules (and injects them in to the python modules system to avoid multiple loads), injects some salt instances in t
17:55 Nazzy o the namespace for you (just to be helpful), and finally filters the list of what it found to match things that are actually relevant to what you originally asked for ... does that help you in any meaningful way? ^_^
17:55 luminous the test I have right now is, yes
17:55 Nazzy wow, that actually exceeded line length, oops
17:56 luminous basepi: I have installed salt-minion, updated minion config with:  ext_pillar:   - cmd_yaml: cat /etc/test.yaml     and then echo "foo: bar" > /etc/test.yaml; restart salt-minion; salt-call --version --local; salt-call --local pillar.get foo
17:56 Nazzy I had to trace through the logic both to debug pydsl and to figure out where I had to put my prototype outputter code
17:56 luminous Nazzy: paste somewhere? gist/etc?
17:57 luminous Nazzy: nvm, I can read
17:57 luminous yes, that does help
17:58 luminous I was actually doing something similar (dynamically looking up and loading function and then attaching them to a new class), so I saw that and laughes
17:58 luminous *laughed
17:59 luminous I was also just (yesterday) thinking about how salt loaded modules and if I could point it to something completely random (run a function on a class as if it were a salt module), and I think my answer is in here
17:59 basepi luminous: wait, i think cmd_yaml has been around for a long time
17:59 basepi unless i missed something
17:59 Nazzy in practice, I have a directory named salt-modules, I shoved a directory in that called output and put my python in there ... then I specified extension_modules: /path/to/salt-modules
17:59 basepi oh, except not for salt-call
17:59 basepi i see what you're saying
18:00 luminous basepi: the original issue was not seeing ext_pillars from salt-call
18:00 luminous err.. salt-call --local
18:00 basepi luminous: so you want me to just try that on a 0.17 release?
18:00 luminous if you could, that would be awesome - just as a sanity check
18:01 Nazzy since the outputters loader uses "output" for it's strings, the loader will take my python before it takes the dist python ... I've not tried it with the other loader helpers, but I'm betting they'll behave the same way
18:01 basepi luminous: your minion is not connected to any master, correct?
18:02 Nazzy admittedly I'm not certain what you're doing (leaving shortly so can't read up properly) but that's helpful in figuring out how loader actually behaves
18:03 Nazzy oh! basepi, do you know when 2014.1.0 is being pushed to published?
18:03 luminous basepi: correct
18:03 chutzpah joined #salt
18:03 basepi Nazzy: I expect before salt conf, end of this month
18:03 basepi Nazzy: release candidate one is out now
18:03 Nazzy there's partial release notes on docs.salt* and apparently it's been tagged hehe
18:03 Nazzy shweeet
18:03 basepi Nazzy: hoping for a couple more before real release.
18:04 Nazzy I might have to see if there's anything else I want to try and write before then lol
18:04 luminous Nazzy: I've no need to dig deeper into loader.py right now, but I might hit you up another time
18:04 luminous thanks for sharing there
18:05 Nazzy I reallly want a proper central returner framework, but that's likely to need tracing messages through the core *shudder*
18:05 forresta luminous, sorry I was in a meeting, what's up?
18:05 luminous forresta: I was just thanking you before RE lighttable link
18:05 luminous looks awesome
18:05 basepi luminous: it does seem to be working for me.
18:05 Nazzy luminous, you're welcome ... I figure if other people can learn from my Herculean tasks hehe
18:06 forresta luminous, oh yea np. I backed it originally but it's taken a while to get to a really good state
18:06 luminous basepi: weird. I could not get it working before, and then asked here: http://irclog.perlgeek.de/salt/2013-12-30#i_8052530
18:06 luminous Nazzy: :D
18:06 luminous forresta: NICE, oh that's a kickstarter type of project?
18:06 basepi right, Tom was actually surprised it wasn't working and said it would be trivial to add
18:07 basepi maybe it was user error the first time?  not sure.
18:07 forresta luminous, yea it was on kickstarter, I'm glad to see they opene sourced it as promised.
18:07 basepi then again, my install might not be clean either.  =P
18:07 basepi i did not spin up a new VM
18:07 thrashr888 joined #salt
18:07 luminous basepi: I'm going to test what I tried originally (reclass)
18:07 forresta luminous, the tutorials are a lot better for the last release or two than they were, so I need to check those out, been a couple releases since I messed with it.
18:07 luminous thanks for the sanity check basepi =
18:08 luminous basepi: ok, good to know RE your test
18:08 luminous I will try on a totally clean VM
18:08 luminous forresta: yea, I'm going to give it some time tonight
18:08 basepi cool.
18:09 forresta luminous, cool I probably will as well
18:10 luminous forresta: I'm trying to get deeper into dev on salt internals, but I need a more supportive dev setup first. I hope this is a part of it and as useful as it seems
18:10 forresta luminous, yes that was the original reason I backed it as I'm a much more visual learner, so I was hoping it would help me out in general as well.
18:15 ml_1 joined #salt
18:17 mpanetta Is it possible to upcase a grain value in a jinja template?
18:18 forresta mpanetta, http://jinja.pocoo.org/docs/templates/#upper
18:19 mpanetta Well, that was an embarrassingly simple question :P
18:19 mpanetta forresta: Thanks :)
18:19 forresta np
18:19 jcockhren forresta just keeps winning
18:20 forresta yea where's the IRC stackoverflow plugin at??
18:21 KyleG Anybody know why salt is now wreaking havok on my perms for file.recurse?
18:21 KyleG It set all my tftp stuff to 420
18:21 KyleG breaking my PXE setup!
18:21 forresta KyleG, it doesn't copy permissions down
18:21 KyleG forresta: Before it used to just inherit them.
18:21 KyleG Not it's setting them to 420
18:21 KyleG Now*
18:21 KyleG so wtf.
18:21 forresta really? I thought there had been a discussion before about how they weren't inherited...
18:22 KyleG Well at least they weren't setting the perms to 420.
18:22 KyleG I could swear they were inheriting them
18:22 KyleG This breaks my entire infrastructure if I high state any more boxes….
18:22 KyleG Not cool.
18:22 dave_den KyleG:  are you setting the mode in the state for file.recurse?
18:22 forresta KyleG, can you (to fix this box) user the file_mode option to set to something like 644?
18:22 KyleG What's even more weird is, I can't find 420 anywhere in /usr/local/lib/python2.7/site-packages/salt
18:22 KyleG I have no idea where it's coming from
18:22 KyleG forresta: Tried that, but all the tftp files have specific chmod's
18:23 KyleG and it was inheriting fine before.
18:23 KyleG So I would have to specify unique state options for each file…because it's TFTP...
18:23 dave_den there was an issue with this a long time ago. what version are you running?
18:23 KyleG so it's an OS
18:23 KyleG 0.17.4
18:23 kermit joined #salt
18:23 kolaman joined #salt
18:23 KyleG It did not happen on 0.16.4
18:23 KyleG We recently upgraded everything
18:23 KyleG and now it's fucked
18:23 KyleG :\
18:24 forresta how many files live under the dir?
18:24 KyleG 418
18:24 kolaman hi all, is there any possibility to set hostname with saltstack. Actually I am using AWS and hostnames are pretty much ugly
18:24 forresta KyleG, ugh
18:24 tessellare joined #salt
18:24 KyleG it's an OS….tftp boot and all that.
18:24 KyleG Supposed to…you know. Manage my infrastructure with salt.
18:24 KyleG Or is it not for that anymore?
18:24 dave_den KyleG: are you sure you're not specifying the mode in any states that might touch those files?
18:24 KyleG dave_den: Positive.
18:24 KyleG I wasn't before, then it set them to 420
18:24 KyleG so I tried adding in 644
18:24 KyleG but it's all unique, so it's no dice.
18:25 KyleG Literally, this is all it was: https://gist.github.com/kylegato/26b129d66ff2796291f2
18:25 KyleG that managed all 418 files in the /conf dir
18:25 KyleG for TFTP booting
18:25 Gareth ahoy.
18:25 KyleG And somehow it interpreted that I wanted ALL the files set to mode 420
18:25 forresta hey Gareth
18:25 KyleG why it would do that, I have no idea.
18:25 Gareth hey forresta, hows it going?
18:25 luminous basepi: 0.17.4 works on a clean vm
18:26 KyleG I need this to inherit perms like it did in 0.16.4.
18:26 KyleG :(
18:26 forresta Gareth, one day closer to Friday!
18:26 luminous basepi: err, that previous test with catting the yaml file works
18:26 dave_den kyleg: it's obviously not intended behavior.
18:26 forresta UtahDave, are you aware of any file.recurse behavior changes on 0.17.4? KyleG is encountering issues where the perms aren't inheriting, and are all being set to 420.
18:26 KyleG dave_den: I know and it's frustrating because I can't find "420" anywhere in the site-packages dir for salt.
18:26 KyleG I blame colorado.
18:27 Gareth forresta: heh.  I'm on-call this week/weekend...so its one day closer to Monday and when I hand off the pager in my book :)
18:27 forresta I am also on call
18:27 dave_den KyleG: search the issues on github and if you don't see one and it's reproducible it will get fixed. you're surely not the only one using file.recurse on 0.17.4
18:27 basepi luminous: cool!  sorry you wasted time on it, then.
18:28 forresta Gareth, I will enjoy a full nights sleep on Monday evening.
18:28 jankowiak joined #salt
18:28 KyleG dave_den: https://github.com/saltstack/salt/pull/9131
18:28 KyleG Think it's that one?
18:29 Gareth forresta: yeah. its amazing how little sleep you get when on-call...even when the pager doesn't go off, the anticipation..
18:29 luminous basepi: no worries, I learned more
18:29 william_20111 joined #salt
18:30 dave_den KyleG: there's a good chance it might be. if that fix was merged a month ago it should be in 0.17.4 i would think
18:30 KyleG https://gist.github.com/kylegato/b34193baed0cc13300fd
18:31 KyleG :(
18:31 zach What do you guys think about using salt to distribute fail2ban iptables rules?
18:31 zach eg on ban, send out the iptables cmd with saltstack and ban across the farm?
18:31 luminous zach: write a module :)
18:31 forresta Gareth, lol yea. The big issue for me is I get called, it takes 20 minutes to fix whatever the issue is, and then I can't fall asleep for at least an hour
18:31 forresta just laying there trying to make your mind relax
18:31 luminous zach: use the salt-mine maybe even
18:32 zach luminous: have been, just wanted to get feedback before I decided to spend more time on it
18:32 forresta zach, there is a fail2ban formula, so maybe you could incorporate with that somehow?
18:32 forresta or a module is cool too
18:32 mikewf joined #salt
18:32 zach something like salt '*' fail2ban.[add|delete] <ip> <duration>
18:32 forresta zach, that could be cool
18:33 zach Should be super straight forward and simple
18:33 zach Sorry KyleG, didnt mean to step on your toes
18:33 forresta zach, how would that work with deps though? Clearly you'd have to have fail2ban installed, I don't know if that could go into the main repo, might have to be in contrib
18:34 zach forresta: no need, run remote rsyslog on your master, parse that data with fail2ban (only need it installed in one place)
18:34 forresta ahh good point
18:34 ajw0100 joined #salt
18:36 KyleG This is a fairly large bug, I'm surprised none of you have run into it.
18:37 UtahDave KyleG: let me ask about this.
18:37 zach Which? I've ran into nearly every bug
18:38 KyleG zach: Files managed by recurse getting all set to mode 420
18:38 pears joined #salt
18:38 KyleG https://github.com/saltstack/salt/pull/9131
18:38 zach KyleG: that sounds like a developer was high and it's a feature
18:38 KyleG I just realized this specific minion is on version 0.17.3
18:38 KyleG I'm going to try 0.17.4 and see if that fixes it
18:38 pears joined #salt
18:38 forresta KyleG, ok
18:38 pears left #salt
18:39 zach KyleG: haha. let me look at my states...I am quite certain I specify the perms it is to have in mine
18:39 forresta how did you even get a minion on 0.17.3?
18:39 zach forresta: mine run 0.17.3?
18:39 forresta that release was out for like a day
18:39 forresta weird
18:39 KyleG Some of us (not me, my co-worker) keep an eye on that stuff and update often.
18:39 KyleG lol
18:39 zach I should probably show Brian how to roll out the new version since I put my notice in today, and force him to join here
18:40 forresta yea that would be a good plan, 0.17.3 shouldn't be used
18:41 luminous basepi: I've got reclass working this way as well.. with salt-call --local and ext_pillars
18:41 luminous still on v0.17
18:41 basepi nice
18:42 KyleG 0.17.4 fixed it.
18:42 KyleG phew
18:42 KyleG thank lawdy
18:42 KyleG let's test forreal though..
18:42 KyleG 1 sec
18:42 forresta lol
18:43 forresta scumbag KyleG :P
18:43 zach forresta: I know KyleG personally and I can attest to your statement
18:43 KyleG whatever
18:43 zach hahaha <3
18:43 KyleG you were only my supervisor for like 4 months bro
18:43 KyleG lol
18:43 KyleG <3
18:43 zach :-P
18:43 forresta Did that fix it?
18:43 KyleG rebooting now
18:43 KyleG we'll see
18:43 forresta ok
18:43 zach actually forresta - I was wrong!
18:43 zach [zfouts@waldo ~]$ salt-master --version
18:43 zach salt-master 0.17.2
18:44 KyleG so uhm.
18:44 KyleG still broken.
18:44 KyleG Gotta dig some more.
18:44 zach KyleG was actually one of the most (if not the most) talented people I have had on my team
18:44 timoguin joined #salt
18:44 KyleG Not 420 anymore, but something is still off
18:44 KyleG awh zach, shucks ;)
18:44 zach KyleG: what does your state look like?
18:44 KyleG we also play GTA V sometimes. lol
18:45 KyleG zach: https://gist.github.com/kylegato/26b129d66ff2796291f2
18:45 KyleG that's why I'm pissed, it's so simple, it was fine for over a year
18:45 KyleG now all of a sudden it's broken
18:45 zach http://pastebin.ca/2531752
18:45 KyleG well yeah
18:45 zach that is what I do
18:45 luminous basepi: it does not seem to be available in v0.16
18:45 forresta he has over 400 files
18:45 luminous basepi: oh, wait, that is reclass not available then
18:45 KyleG yeah.
18:45 luminous nevermind
18:46 KyleG It's a TFTP boot, so we have read-only machines for our app servers
18:46 KyleG That PXE boot
18:46 zach http://pastebin.ca/2531754
18:46 KyleG so it's their entire "os"
18:46 luminous basepi: yea, all of this works in v0.16 too. so I guess this turns into a documentaiton thing
18:46 KyleG Different modes for different files.
18:46 zach Oh man KyleG
18:46 KyleG Like /conf/etc/passwd would be different than /conf/etc/rc.conf
18:46 KyleG Yeah exactly zach.
18:46 zach I tried that once...I did it with 5000 files...it was a fail
18:46 KyleG That's why I'm wtfin'
18:47 zach How about using rsync/svn/git/etc to pull the files to each machine instead of using salt file.recurse?
18:48 zach Or even Jenkins
18:48 druonysus joined #salt
18:48 KyleG well excuse me for trying to manage my infrastructure with salt. I thought this was America!
18:48 zach I know I know
18:48 zach This is a quick hack to your problem
18:48 KyleG well I don't have a problem yet.
18:49 KyleG Not until I reboot all the servers
18:49 KyleG then I have a problem
18:49 KyleG lol
18:49 zach So you're netbooting all of your servers via PXE?
18:49 KyleG all my app servers yeah
18:49 zach Ok, that sounds fun
18:49 KyleG Each ESXi host has 4 app servers and a "boot drive" host
18:49 KyleG bd0 = boot disk 0
18:50 KyleG It is. Normally.
18:50 zach How often does your PXE environment change?
18:50 KyleG Not too often, but I wanted it in salt so that I can create new boot disks and app servers on the fly if I need be
18:50 zach Do you guys keep it somewhere central with version history? (git, svn, etc)
18:50 KyleG Over-automate so I don't have to do it myself later
18:50 KyleG Yeah our states are controlled by git
18:51 zach I almost feel like this could be a job for Jenkins, that way it deploys on commit
18:51 KyleG We have that ability
18:51 KyleG We use bamboo.
18:51 KyleG Bamboo is an atlassian product that is sorta like jenkins
18:51 zach Yeah, familiar with it
18:52 KyleG We do our deploys from there
18:52 zach Jenkins is the spawn of satan
18:52 zach WIth that smug smile he has on his face, because he knows your life will be hell after you manage it
18:52 forresta lol
18:52 zach I would try something like that though, it seems like it would be the best bet
18:53 zach I hate mixing automation, but that almost seems like the best way of doing it
18:53 Ryan_Lane2 joined #salt
18:54 KyleG At my last job
18:54 KyleG My bosses name was Jenkins
18:54 KyleG we replaced the logo on the page with a cartoon version of him
18:54 KyleG It was quite comical.
18:56 giantlock joined #salt
18:57 wkf_ joined #salt
19:00 KyleG meh
19:00 KyleG I guess i"m just not going to manage tftp via salt anymore. big bummer.
19:03 amckinley joined #salt
19:06 william_20111 joined #salt
19:10 Gareth KyleG: Thats terrible.  Why isn't it working?
19:11 KyleG Gareth: Well, it didn't set the perms to 420, but it didn't inherit the perms like before, so there's still a bug somewhere.
19:11 KyleG I have to dig in and figure out specifically what's going on
19:12 Gareth Using a file.manage on a directory?
19:13 KyleG Using this: https://gist.github.com/kylegato/26b129d66ff2796291f2
19:18 KyleG yeah I just did an rsync from my git states dir for the /conf
19:18 KyleG and all the perms are right, which means it was inheriting it before
19:18 KyleG now it's deciding to do whatever it wants, apparently lol
19:19 andrej http://pastebin.com/4ct1VwJA ... this works for ubuntu machines. But when I try to run salt 'centos' state.sls nagios-nrpe against a centos box it bombs out with a parse rror?     Rendering SLS "base:nagios-nrpe" failed: Unknown yaml render error; line 27
19:20 mattmtl I am trying to install salt on a minion but it doesn't work... here is the output: http://paste.ofcode.org/n37X5vtYT7ZC3Puk5GmWGx
19:20 QauntumRiff joined #salt
19:21 QauntumRiff quick question.. Does salt 17 allow you to "include" pillar files (ie, nest them?)
19:22 QauntumRiff that would really cut down on the amount of typing and repitition I do with my pillar files
19:22 QauntumRiff :) nvm.. I just found its there since 16
19:25 colinbits joined #salt
19:25 mattmtl does bootstrap support centos 6.5?
19:25 ggoZ joined #salt
19:25 UtahDave mattmtl: yep!
19:26 Ahlee mattmtl: from line 45, it looks like everything's installed already?
19:26 Ahlee oh
19:26 Ahlee nevermind.
19:26 Ahlee git != salt
19:26 mattmtl last line :)
19:26 Ahlee i'll see myself out
19:26 timoguin mattikus, looks like your machine is having trouble contacting github?
19:26 Ahlee i was having a lot of timeouts to github earlier today
19:27 martoss joined #salt
19:27 mattmtl maybe that's the problem... cause with the usual rpm packages, it does work
19:30 pmcg joined #salt
19:33 kermit joined #salt
19:46 aleszoulek joined #salt
19:52 thrashr888 joined #salt
19:53 Vye Is anyone using lettuce to test salt formulas? I'm researching available tools for writing BDD tests. On the ruby side some use cucumber for writing tests in plain english. Does anyone have any feedback on tools their using?
19:56 martoss1 joined #salt
19:56 andrej d'oh .... missing colon problem
19:56 andrej I didn't realise that the numbering of the lines in an sls file gets modified depending on conditionals
19:57 basepi joined #salt
19:58 andyshinn` joined #salt
19:59 gldnspud joined #salt
19:59 jesusaurus andrej: yeah, the numbering refers to the processed file, not the jinja template
20:00 gldnspud anyone know of a good RSS feed or mailing list that i could send a client to track salt stable release announcements only?
20:02 luminous gldnspud: a good suggestion to make is in there: there ought to be a salt-announce ml
20:03 gldnspud ok... i'll submit that as a github issue
20:03 mattmtl well it appears that proxy envs are not picked by the bootstrap command...
20:03 mattmtl even this doesn't work: curl --insecure -L http://bootstrap.saltstack.org | sudo -E sh -s -- git develop
20:07 timoguin mattmtl, can you clone the salt repo with git normally?
20:07 timoguin or any repo on github
20:08 gldnspud luminous: thanks.  https://github.com/saltstack/salt/issues/9638
20:09 timoguin mattmtl, the bootstrap script is just running 'git clone', and it looks like that's where yours is erroring out
20:10 whiskybar joined #salt
20:10 terminalmage KyleG: the file.recurse permissions fixes were made a while back and are in 2014.1.0rc1
20:10 abe_music i launched 100 machines with salt-cloud, all came up, but two of them failed to bootstrap...what is the preferred way to get salt to reattempt the bootstrap?
20:10 luminous gldnspud: yay!
20:12 quickdry21 joined #salt
20:13 UtahDave KyleG: are you still around?
20:14 UtahDave abe_music: I usually just delete them and rerun the map.  Other wise you can use the "saltify" salt-cloud driver, but it's not as easy to use as I would like.
20:14 abe_music UtahDave: yeah i noticed :) i also modified the manage.bootstrap runner, but that doesn't populate the minion, grains, etc like salt cloud does
20:14 abe_music i'll try to remove and re-run the map
20:16 KyleG UtahDave: yup
20:17 thrashr888 joined #salt
20:18 UtahDave KyleG: Can you test your file.recurse issue using the 2014.1 RC?  terminalmage thinks your issue may be fixed there.
20:18 KyleG Okay UtahDave
20:19 KyleG We're working on getting that out right now
20:19 KyleG I'll let you know what happens
20:19 UtahDave ok, thanks, KyleG
20:22 nliadm could I write a module that has a minion send and ssh host key to the master, have the master sign it and send it back down?
20:25 timoguin nliadm, sounds doable
20:28 nliadm I'm not sure how to have a minion do something on the master
20:29 luminous nliadm: what do you mean?
20:30 nliadm I'd like to be able to do: salt-call key.signme 'PEM'
20:30 nliadm and I have no idea how that'd work
20:30 luminous nliadm: salt-call --local ?
20:30 nliadm but the CA would live on the master
20:32 frosty996 joined #salt
20:32 luminous what's the problem nliadm ?
20:33 nliadm I'd like to have a minion take its ssh host key
20:33 nliadm send it to the master
20:33 nliadm have the master sign it
20:33 nliadm then return the signed version to the minion
20:33 nliadm I'm unclear if I can do this
20:34 luminous nliadm: there's the cp module that might help
20:34 luminous you could create some states to run when you need, that step through the process you want
20:34 luminous salt can do that pretty easy, but might take some digging from you
20:35 bhosmer joined #salt
20:35 nliadm luminous: would the master part be outside salt? like, would i just have a cronjob watch a directory in that case?
20:36 anuvrat joined #salt
20:37 luminous nliadm: you would need to be more clear RE your needs, I'm not sure I follow why you would need that
20:37 nliadm so, with openssh
20:37 nliadm you can do some limited CA-type stuff
20:38 nliadm I'd like to, once the machine is joined to the salt cluster, pass the host cert to the master to have it signed.
20:38 dfinn this is an odd one, as best as I know we didn't change anything but "all of a sudden" all of our packages are failing.  in all of our sources we always reference an "env" variable.  this has never been an issue before but now it's causing this error: http://pastebin.com/bxBv11Vi
20:38 nliadm then a user can trust the CA, and have host keys verified without ever having seen the host before
20:39 luminous nliadm: again, use the cp module to copy the file you want, do what you want with it, then send it down to the minion
20:40 luminous the minions are not really allowed to push files to the master, and they ought not be able to
20:40 nliadm well, I could pass it in the call, but yeah
20:40 luminous pass it in the call?
20:40 luminous what's that mean
20:40 nliadm like as an argument to the module
20:41 luminous why?
20:41 timoguin dfinn, are you running the develop branch or the 2014.1 RC?
20:41 dfinn i'm running 0.17.2-2.el6 from EPEL
20:41 nliadm to avoid a cp, in theory
20:42 rjc joined #salt
20:42 cewood joined #salt
20:43 dfinn this was working yesterday and stopped working today
20:43 timoguin dfinn, I'm not sure then. I think env was changed to saltenv in the RC and dev branch, but since you're on 0.17 i dunno
20:44 rgbkrk joined #salt
20:44 dfinn odd
20:47 oeuftete joined #salt
20:56 UtahDave Does anyone have any thoughts or input on this idea?  https://github.com/saltstack/salt/issues/9639
20:57 altj joined #salt
20:57 dfinn seems sensible
20:58 dfinn is it a lot of work to implement?
21:00 UtahDave dfinn: I haven't dug into the code yet, but I doubt it would be a whole lot of work.  It's just pointing to config locations.
21:00 dfinn that's kind of what I figured
21:00 dfinn if saltfile is found, use that for config instead of default
21:00 luminous UtahDave: I like the idea of shortening the cli like that, but I can't stand the use of Vagrantfile and the like (personally)
21:01 luminous UtahDave: I don't see why existing solutions (shell aliases, anyone???) or updating the config could not work
21:03 UtahDave luminous: well, I think the idea is that depending on which directory you're in you can have different configs.  Can a shell alias be made to do that?  I'm not expert on shell aliases.
21:03 luminous UtahDave: ~/.somedotfile is also a better convention imho
21:03 luminous UtahDave: ah, yes, I see
21:03 luminous I guess for that usecase there might not be a more clear path
21:04 UtahDave luminous: It's definitely not for everyone and would be optional, for sure
21:04 luminous the whole Vagrantfile thing forces directories on me when I haven't wanted, maybe I'm just bitter.
21:04 luminous :P
21:04 * carmony paths luminous
21:05 carmony paths?
21:05 higgs001 joined #salt
21:05 * carmony pats luminous
21:05 Dale_32 joined #salt
21:05 gasbakid joined #salt
21:06 psyl0n joined #salt
21:08 ossalk joined #salt
21:15 ossalk Hi everybody . For this grain ec2_tags: {'Name': 'minion2', 'Roles': 'test'}
21:16 frosty996 left #salt
21:16 ossalk I want to use in pillar as  {% if grains['ec2_tags'] -->
21:16 ossalk how should it be?
21:16 kula joined #salt
21:17 TomasNunez joined #salt
21:21 timoguin ossalk, you mean if the grains exist, then do stuff?
21:22 ossalk yes. grain exists now and I want to assing a new grain to servers which have Roles tag test
21:23 KyleG UtahDave: No dice, this time it set everything to 644. No inheritiance.
21:23 ossalk and I will use it in pillar
21:23 KyleG salt-master 2014.1.0
21:23 KyleG same version for minion as well
21:23 UtahDave KyleG: dang.   hey, terminalmage ^^
21:23 ossalk ip-172-31-0-187:   ec2_tags: {'Name': 'minion2', 'Roles': 'test'}
21:24 ossalk this is grains.item "ec2_tags"
21:24 terminalmage UtahDave: ok
21:24 terminalmage KyleG: there was a regression I fixed yesterday
21:24 ossalk my top.sls
21:24 ossalk base:   '*':     - data
21:24 ossalk my data.sls
21:25 andrej Is there a way to put lines based on a minion ID into a config file?  I'm still pottering w/ my nrpe.cfg, and am happy with the way this works; but for certain minions I'd like to add individual service checks in w/o having them on ALL minions of a given OS class
21:25 ossalk info : somedata  {% if grains['ec2_tags'],['Roles']=='test' %} env_id: development {% endif %}
21:25 ossalk I don't think it is correct
21:25 KyleG UtahDave/terminalmage: https://gist.github.com/kylegato/40794e00c3ae793ff310
21:25 ossalk by the way I am new and learning
21:25 KyleG So it's in develop right now?
21:25 andrej Also reluctant to store mostly identical files per minion
21:26 terminalmage KyleG: yeah... salt.utils.copyfile()
21:26 terminalmage salt/utils/__init__.py
21:27 luminous has anyone parametized the entire master/minion config so as to be populated by pillar?
21:27 terminalmage It now checks the permission of the file being replaced
21:27 terminalmage and replicates it
21:27 timoguin ossalk, I think you should be doing grains['ec2_tags']['Roles'], without the comma, but I'm not really clear on what you're trying to do
21:27 timoguin and my eyes are tired today
21:28 timoguin luminous, I'm using the salt-formula with all the master config in pillar
21:29 timoguin I also had the minion config in pillar, but I disabled it until I could think though some security implications
21:31 luminous timoguin: security implications where?
21:32 luminous timoguin: I'll check the formula, thanks for the pointer
21:32 terminalmage KyleG: I confirmed that recurse works in develop
21:32 terminalmage changes file without modifying perms
21:33 terminalmage there were changes in file.manage_file as well that relate to this
21:33 terminalmage I believe
21:33 terminalmage those fixes will be in the next RC or in the final release
21:33 ossalk how can I test if this grain "Roles" key has a "test" value? ec2_tags: {'Name': 'minion2', 'Roles': 'test'}
21:33 * luminous wishes salt pillar had reclass's intelligent dictionary merging for pillar
21:34 terminalmage ossalk: doing this in an SLS file?
21:34 ossalk yes in a pillar sls
21:35 terminalmage {% if salt['grains.get']('ec2_tags:Roles', '') == 'test' %}
21:35 terminalmage the : is a delimiter, lets you traverse into multilevel dicts
21:35 ossalk ok let me check
21:36 terminalmage ossalk: there is also a pillar.get
21:36 * luminous recommends using pillar over grains where possible
21:36 luminous it's far more sensible in the long-haul
21:37 terminalmage yeah, grains are static and only reload when the minion restarts
21:37 luminous and, look at what reclass can do for simplifying your use of pillar
21:37 luminous terminalmage: it's also really confusing to use grains as you do pillar, and then using them both in the same setup is confusing to newbs
21:37 ossalk yes I am trying to use it in pillar
21:37 luminous it's easier to just stick with pillar unless grains is the absolute best (such as os detection)
21:38 dangra hey, anyone knows why docker.installed state defaults "command" to /sbin/init? it is overriding the CMD declared in Dockerfile
21:38 ossalk yea ı am newb
21:38 ossalk and learning
21:38 luminous :)
21:38 luminous ossalk: are you using the grain to set a pillar?
21:38 ossalk I used ec2_tags.py
21:38 ossalk yes
21:39 ossalk working with pillar walkthrough , PARAMATERIZING STATES WITH PILLAR
21:39 ossalk I had two ec2 servers
21:39 ossalk one of them has Roles tag test
21:40 ossalk and other prod
21:40 luminous ossalk: where does the grain come into play?
21:40 ossalk ?
21:41 luminous nevermind, I'm not following the earlier part of this enough to be efficient in helping :(
21:41 ossalk Actually I am confused with grains/pillar
21:41 luminous what's confusing you?
21:41 ossalk in walkthrough
21:41 luminous grains are "grains of truth" loaded when the minion starts up
21:41 ossalk pkgs:   {% if grains['os_family'] == 'RedHat' %}   apache: httpd
21:42 ossalk is used in pillar sls file
21:42 luminous they are associated with things like OS and distro and network interfaces
21:42 luminous ossalk: right, so that sets the name of a package based on the type of linux OS
21:42 ossalk if I have that grain why I am using it again in pillar ?
21:42 fuser is there a cleaner way to get around an empty array in a for loop? this works cleanly but its kludgy http://pastebin.com/YzPHesKF
21:43 luminous ossalk: in that example, you are setting the value of a pillar key based on the grain
21:43 lzhang joined #salt
21:43 luminous ossalk: they are separate things
21:43 luminous grains are "grains of truth" loaded when the minion starts up
21:43 gadams999 to pass bootstrap params to a new salt-minion install, can I do that in a profile file? E.g., want to use 2014.1 minion code
21:43 ossalk hmm
21:43 luminous ossalk: pillar is also sent to a single minion
21:43 luminous so they are "private"
21:44 lzhang do the dockerio states work? I'm getting errors like "State docker.pulled unavailable" in my tests. I'm on version 0.17.4
21:44 luminous ossalk: overall, you want to use pillar to make your states simple and reusable
21:44 ossalk ahh that is ok
21:44 luminous use grains to set pillar keys and sometimes good in a state.sls too
21:44 luminous lzhang: not in 0.17 I don't believe
21:44 luminous lzhang: need 2014.1
21:45 luminous or develop
21:45 lzhang Hmm ok
21:45 ossalk ok is there any other documentation except salt website?
21:45 luminous ossalk: salt.readthedocs.org/en/latest ?
21:45 luminous or maybe somethign like intothesaltmine.org?
21:45 luminous ossalk: there are also all the salt-formulas
21:45 luminous what are you looking for?
21:46 ossalk whatever I can find :) . As I said I am learning
21:46 luminous but what do you want to do?
21:46 martoss joined #salt
21:46 luminous you have the whole world ahead of you
21:46 luminous salt can do anything you can make python do, and then more
21:46 luminous anyone else getting this when trying to clone salt-formulas: error: The requested URL returned error: 403 while accessing https://github.com/saltstack-formulas/salt-formula.git/info/refs
21:47 * luminous sadface
21:47 fuser github's acting up at the moment
21:47 luminous ok
21:47 nahamu https://status.github.com/
21:47 luminous I need to pick up my work on gitlab..
21:47 gadams999 I had to wipe /tmp/.git to pull down the latest develop code
21:48 gadams999 ...from git
21:48 ossalk thanks for help luminous
21:48 luminous BAH, not even wget .zip works!
21:48 timoguin luminous, in my case, i had a single "salt" key in pillar, with master and minion as keys under it.
21:49 luminous ossalk: sure! welcome to the crew :)
21:49 ossalk :)
21:49 timoguin and i wanted to add a "cloud" key, which meant minions would get my API keys
21:49 timoguin not an issue with the formula itself, just the way i was trying to do it.
21:49 luminous timoguin: yea, I see how the formula is doing it.. I wanted to avoid goofing around with the details of pillar keys in that config, as there is some looping and what not
21:49 timoguin so i just turned it off for now
21:50 andrej Is there a way to diff/patch a config file based on conditions?
21:55 tollmanz joined #salt
21:56 forresta andrej, you mean like a file.append with an unless?
21:57 gasbakid joined #salt
21:57 gadams999 this worked for installing 2014.1 version of minion: http://pastebin.com/NnpHC5i1 is that the cleanest way to do it on a profile basis?
21:58 mattmtl oh, the -g option just disappeared from the bootstrap script!
21:59 mattmtl discovered finally that I cannot use ssh over proxy, so I was using option -g with github over https
21:59 mattmtl but in the last hour, the bootstrap script has been updated and option g is not there anymore
22:02 gadams999 left #salt
22:02 forresta https://github.com/saltstack/salt-bootstrap/blob/develop/bootstrap-salt.sh#L145 the option is still there in develop
22:03 diegows joined #salt
22:03 gadams999 joined #salt
22:03 Ahlee has there been any movement on the switch runners, or should i just start hobbling it together/
22:03 bhosmer joined #salt
22:04 forresta I also still see it there in the stable mattmtl
22:05 mattmtl is it just me or github is having problem?
22:05 forresta github is having issues
22:05 forresta https://status.github.com/
22:05 mpanetta Quite
22:06 cachedout github is quite broken
22:06 mattmtl ok that's maybe why
22:09 mpanetta I keep gettig a pissed off unicor lol
22:09 mpanetta +n
22:10 gadams999 left #salt
22:10 luminous if you spend enough time trying, you can still get code through the web
22:10 luminous from github
22:10 forresta yeaaaaaa
22:11 Thiggy joined #salt
22:12 srage joined #salt
22:15 Thiggy joined #salt
22:17 lisetuo joined #salt
22:18 BbT0n joined #salt
22:19 fishpen0 joined #salt
22:20 Ahlee no built in grain to target via MAC?
22:20 Ahlee no grain to expoe /proc/net/bonding
22:20 Ahlee guess I'll get busy
22:28 UtahDave Ahlee: I think there might be a new MAC grain in the develop branch
22:28 jfzhu_us joined #salt
22:31 Ahlee sweet
22:31 Ahlee will check before going down that path
22:31 Ahlee but i'm doubtful a bonding one will be there, so i'll verify when gh comes back up and get cracking on that
22:31 Ahlee UtahDave: have you heard any progress on the switch runner?
22:32 Ahlee as I'm about to just install salt on the aristas, but that doens't get me anywhere for the legacy cisco gear
22:32 UtahDave Ahlee: ooh, yeah there is.
22:33 UtahDave Ahlee: It's actually called Salt Proxy, or something like that.  I don't think it's been merged into Salt yet, but basically it will allow you to create a pseudo minion that acts as a proxy for the device that can't run an actual minion.
22:34 UtahDave It's freaking slick.
22:34 Ahlee ha, awesome. that's exactly the design we came up with here
22:34 Ahlee whiteboarding how we were gonna before terminalmage told us it was under dev already
22:34 Ahlee bbl
22:35 UtahDave k
22:36 andrej Thanks forresta, yet again; that module seems very helpful indeed :)
22:36 forresta yea np
22:37 higgs001 joined #salt
22:40 kermit joined #salt
22:40 Iskondi joined #salt
22:41 amckinley1 joined #salt
22:41 Iskondi Hello everyone, rather new to Salt and thus far loving it. I'm working on creating a Raid Array using the mdadm module but I keep getting "raid.create" is not available. I'm sure I'm doing something stupid... Ideas?
22:42 dangra Iskondi: the mdadm state is enabled only if mdadm unix command is available in the minion host
22:43 dangra s/mdadm state/raid state/
22:43 Iskondi I did wonder if that was my problem and installed the mdadm package. If I run the command locally on the minion it works.
22:44 Iskondi Ahhhh
22:44 Corey forresta: Which hotel are you staying at for SaltConf?
22:45 dangra anyone interested in docker+salt, here is a simple PR to review: https://github.com/saltstack/salt/pull/9644
22:45 quickdry21 joined #salt
22:46 dangra if anyone see kiorky around, ping him ;)
22:46 forresta dangra, he might not be around till late this evening, it's almost midnight in France
22:47 forresta dangra, might be good to ping him with the PR
22:47 fishpen0 joined #salt
22:47 dangra I will, thx forresta
22:47 forresta npo
22:47 forresta *np
22:47 forresta can't type, that's how you can tell it's getting late in the day
22:49 Iskondi Sorry dangra, I'm still not getting the create raid going. Trying this: salt minionhost raid.create /dev/md0 level=10 chunk=256 raid-devices=4 /dev/xvdf /dev/xvdg /dev/xvdh /dev/xvdi
22:49 JordanRinke Morning
22:51 Iskondi Well nevermind. It seems that it just took the master a little bit to realize the minion did indeed have the mdadm package... odd. Thanks!!
22:51 psyl0n joined #salt
22:56 Iskondi Alrighty, spoke to soon, now I'm seeing: ERROR executing raid.create: The following keyword arguments are not valid: level=1, chunk=256, raid-devices=2, test_mode=True
22:56 Cidan stupid github outage
23:06 amckinley joined #salt
23:07 ajw0100 joined #salt
23:07 david_a joined #salt
23:09 cro joined #salt
23:10 JasonSwindle joined #salt
23:10 dangra is there a way to orchestrate states across multiples minions, or should I look at the reactor for that?
23:13 forresta dangra, there is the mine, and there is the reactor depending on what your needs are
23:13 dangra what is the "mine"?
23:13 UtahDave dangra: the overstate can orchestrate states across minions.  And indeed the reactor can do some really interesting things with that as well.
23:14 dangra good pointers, I'll read and come back later. thanks
23:23 fllr joined #salt
23:23 srage joined #salt
23:24 taion809 joined #salt
23:24 srage joined #salt
23:37 Gifflen joined #salt
23:39 whiteinge joined #salt
23:40 elfixit joined #salt
23:44 mnemonikk joined #salt
23:50 dangra joined #salt
23:50 jeddi joined #salt
23:52 whiteinge joined #salt
23:53 thrashr888 joined #salt
23:56 andrej Hummm ... is there a way to tuilise the files module from within a state or a pillar?

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary