Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-03-06

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 rojem joined #salt
00:04 Fin1te joined #salt
00:05 schimmy joined #salt
00:10 schimmy1 joined #salt
00:11 whiteinge Vye: salt-api should work with both salt versions. the salt-api RPM package is out of date though (if you're on a cent/rhel system)
00:12 norkakn joined #salt
00:12 norkakn can I full a file from s3 with a state?
00:14 norkakn it looks like I can do it with file.managed, but I don'
00:14 norkakn tt know how to do the upstream hash part
00:14 andrej Hmmm .. I stumbled upon the ldap module earlier, and think I understand what it's there for (not 100% certain, my python-fu is basic, and the in-code doco is, errrh, sparse
00:14 andrej I think it allow a minion to join a network, most likely useful for windows
00:15 seth__ joined #salt
00:15 andrej I was wonderting whether anyone is working on an LDAP backend for the master, as in storing minion data, grains, users, all in LDAP and then use that as a saltf-like mechanism
00:17 seth__ does anybody know what this warning is about: "'sfun' is an invalid keyword argument for 'service.mod_watch'"
00:18 lzhang joined #salt
00:19 norkakn the hash should be the ETAG, but I have no idea how to encode that into something file.managed can understand
00:20 Ryan_Lane joined #salt
00:27 justlook joined #salt
00:31 rgbkrk joined #salt
00:32 allanparsons salt only uses tcp 4505/4506 correct?
00:33 faldridge joined #salt
00:34 timoguin allanparsons, by default, yes
00:34 timoguin as publish / return
00:34 allanparsons hm
00:37 allanparsons ok
00:37 allanparsons so port wasnt it
00:38 allanparsons cant find out why auto_accept: True doesnt work
00:38 allanparsons in my /etc/salt/master config
00:40 Fin1te joined #salt
00:41 atealtha left #salt
00:41 manicouman joined #salt
00:46 oz_akan_ joined #salt
00:47 ipalreadytaken joined #salt
00:48 frasergr_ joined #salt
00:48 toastedpenguin joined #salt
00:50 krow joined #salt
00:51 mgw joined #salt
00:51 justlook hi,i try to write a returner ,here is what i do https://gist.github.com/justlooks/9380028 anyone know why?
00:51 druonysuse joined #salt
00:51 druonysuse joined #salt
00:51 KyleG joined #salt
00:51 KyleG joined #salt
00:52 KyleG joined #salt
00:52 KyleG joined #salt
00:56 rojem joined #salt
00:59 mgw joined #salt
00:59 justlooks_ joined #salt
01:01 hunter joined #salt
01:02 justlooks anyone ?
01:03 AdamSewell joined #salt
01:04 AdamSewell so i just upgraded my salt install to 2014.1.0 but the salt-cloud version is still at 0.8.9. I'm using Ubuntu 12.04, how can I upgrade salt-cloud?
01:05 sporkd2 salt-cloud is part of 2014.1.0
01:06 AdamSewell sporkd2, yes i know but i don't understand why i'm still seeing salt-cloud at version 0.8.9
01:07 timoguin AdamSewell, it probably didn't update that package with salt.
01:07 timoguin but salt-cloud should be at 0.8.11 in 12.04
01:07 AdamSewell timoguin, any idea on how to upgrade it?
01:08 timoguin either via apt or pip
01:08 timoguin you can also use just the cloud modules and states that have been merged into salt
01:09 AdamSewell hem, any documentation on how to use what's built in directly now?
01:11 timoguin the module: http://docs.saltstack.com/ref/modules/all/salt.modules.cloud.html
01:11 timoguin the state: http://docs.saltstack.com/ref/states/all/salt.states.cloud.html
01:12 justlooks anyone can help https://gist.github.com/justlooks/9380028 ,i do not know why it will failed on minion
01:12 joehoyle joined #salt
01:13 dyim joined #salt
01:15 borgstrom joined #salt
01:17 ajw0100 joined #salt
01:24 allanparsons im using gitfs with salt master
01:24 allanparsons and cant seem to get past:  "No Top file or external nodes data matches found"
01:24 allanparsons i see a simialr error (https://github.com/saltstack/salt/issues/8026), but I'm currently running Salt: 2014.1.0
01:25 allanparsons and my salt file is in /srv/my_proj/salt-states/top.sls
01:25 allanparsons it has no problem finding the pillar top.sls file
01:25 allanparsons just the salt states top file
01:26 bhosmer joined #salt
01:27 shadowsu1 sup
01:28 xzarth joined #salt
01:29 allanparsons my minion is also on 2014.1.0
01:29 allanparsons (and i installed via the bootstrap scripts)
01:34 rojem joined #salt
01:36 ipmb joined #salt
01:40 funzo joined #salt
01:43 borgstrom joined #salt
01:44 funzo joined #salt
01:44 Ryan_Lane joined #salt
01:44 funzo joined #salt
01:46 jacksontj_ joined #salt
01:47 oz_akan_ joined #salt
01:49 joehoyle joined #salt
01:54 pydanny joined #salt
01:55 manicouman joined #salt
01:55 KyleG joined #salt
01:55 KyleG joined #salt
01:55 dyim joined #salt
01:56 zain_ joined #salt
01:58 rgbkrk joined #salt
01:59 KyleG joined #salt
01:59 KyleG joined #salt
01:59 KyleG1 joined #salt
01:59 lionel joined #salt
02:05 allanparsons at the bottom is the exact issue:  https://github.com/saltstack/salt/issues/10804
02:05 allanparsons no idea what the workaround is though :(
02:06 joehoyle joined #salt
02:09 vxitch joined #salt
02:10 favadi joined #salt
02:10 Ryan_Lane joined #salt
02:11 oz_akan_ joined #salt
02:12 krow joined #salt
02:12 oz_akan_ joined #salt
02:13 favadi joined #salt
02:13 schimmy joined #salt
02:14 schimmy1 joined #salt
02:18 joehoyle joined #salt
02:18 mgw joined #salt
02:19 AdamSewell joined #salt
02:20 krow1 joined #salt
02:25 bemehow joined #salt
02:37 joehoyle joined #salt
02:37 ajw0100 joined #salt
02:38 troyready joined #salt
02:38 eofs joined #salt
02:45 joehoyle joined #salt
02:48 kintel joined #salt
02:54 oz_akan__ joined #salt
03:01 yomilk joined #salt
03:01 themadcanudist joined #salt
03:02 thayne joined #salt
03:02 jalbretsen joined #salt
03:03 themadcanudist hey guys, is there a state to just write/return messages to the console/master on a highstate?
03:04 funzo joined #salt
03:05 themadcanudist doesn't obviously have to be a highstate (could be a state.sls module)
03:05 themadcanudist etc
03:09 Ryan_Lane joined #salt
03:12 FarrisG after upgrading to 2014.1, the default timeout for salt commands doesn't appear to be obeyed. If a minion is offline and I target it (or use '*'), the command line will wait indefinitely
03:12 krow joined #salt
03:13 FarrisG The jobs module appears to be broken, as well. "jobs.active" just outputs: "{}", even if I know there are active jobs
03:13 Andrevan joined #salt
03:14 manicouman quick newbie question... how do I require a directory to be created before other functions are run?
03:14 manicouman in an sls?
03:16 dyim joined #salt
03:16 FarrisG manicouman: file.exists?
03:17 manicouman ok...
03:17 FarrisG or a named file.managed and then a "require: -file: name"
03:17 FarrisG http://docs.saltstack.com/ref/states/all/salt.states.file.html
03:18 manicouman actually on that page now :-) Thank you though
03:18 manicouman :)
03:22 swa_work joined #salt
03:23 rostam joined #salt
03:28 vejdmn joined #salt
03:28 raizyr joined #salt
03:33 jslatts joined #salt
03:34 lionel joined #salt
03:34 sgviking joined #salt
03:37 FarrisG Yeah, I've somehow broken the jobs runner. jobs.active never gives any output other than open and close curly braces, even when I know for sure there are jobs running.
03:39 manicouman joined #salt
03:40 raizyr joined #salt
03:41 Thiggy joined #salt
03:42 jeremyfelt joined #salt
03:44 nextdoorwarren joined #salt
03:45 jaimed joined #salt
03:48 mgw joined #salt
03:51 joehoyle joined #salt
04:01 CeBe joined #salt
04:02 rojem joined #salt
04:02 ravibhure joined #salt
04:08 xl1 joined #salt
04:10 lzhang joined #salt
04:12 krow joined #salt
04:13 NV how does halite and salt-api interact? I notice halite has some apis itself - is halite going to be replacing salt-api? does it depend on salt-api? or are they independant, but complimentary serving different purposes? (if so, what is the purpose of each, etc)
04:14 NV is the halite api just for its own use not designed for external application use? or?
04:14 Ryan_Lane joined #salt
04:17 AdamSewell on the cloud.create module, the documentation says to provide a minonname as the second parameter, would this be the new minion name?
04:18 manfred yes
04:18 timoguin no, actually. the 'minionname' those docs are referring to is a minion that is configured for salt-cloud
04:19 timoguin i.e., a minion that has /etc/salt/cloud* configs setup
04:19 manfred wouldn't that be configured by salt 'minionwithcloudconfigs' cloud.create ?
04:19 manfred oh
04:19 manfred i didn't see that docs heh
04:20 manfred yeah minionname is the name of the minion that you are running the cloud.create on
04:20 nmistry joined #salt
04:22 manfred AdamSewell: myinstance would be the name of the server that is being created
04:24 AdamSewell hem, in my case, i've been creating all of my minions via salt-cloud on my master
04:25 manfred AdamSewell: the cloud states are usefull for when like... you are salting a web head and are just like, well i really need a db server, but one doesn't exists, so better create it first
04:26 AdamSewell hrm i see
04:26 AdamSewell thnx
04:26 joehoyle joined #salt
04:27 manfred or what I have been working on, which was i want to deploy an 8 node replica 2 gluster setup for a customer, and I can just say, make sure that the needed number of peer nodes exist!
04:27 manfred meh
04:30 Ryan_Lane joined #salt
04:30 Ryan_Lane1 joined #salt
04:31 DaveQB joined #salt
04:32 funzo_ joined #salt
04:34 mgw joined #salt
04:35 bhosmer joined #salt
04:38 svs joined #salt
04:39 krow joined #salt
04:39 timoguin My master is a minion of itself, and I launch cloud instances from there.
04:40 lionel joined #salt
04:52 frasergraham joined #salt
04:55 xmltok joined #salt
04:59 nextdoorwarren joined #salt
05:03 ipalreadytaken joined #salt
05:09 danielbachhuber joined #salt
05:21 Andrevan joined #salt
05:29 frasergraham joined #salt
05:30 frasergr_ joined #salt
05:38 frasergraham joined #salt
05:38 frasergraham joined #salt
05:39 mgw Anybody know where custom cloud modules go?
05:39 mgw http://docs.saltstack.com/topics/cloud/cloud.html doesn't seem to indicate
05:51 codekoala joined #salt
06:02 n0c dave_den: MasterPillarUtil solves my problem from earlier. Thanks! I wouldn't have figured that out for a long time on my own. :)
06:03 rojem joined #salt
06:04 hunter joined #salt
06:07 CheKoLyN joined #salt
06:09 thayne joined #salt
06:17 oz_akan_ joined #salt
06:18 rgbkrk joined #salt
06:38 krow joined #salt
06:40 xmltok joined #salt
06:50 Ryan_Lane1 joined #salt
06:53 viod joined #salt
06:56 frasergraham joined #salt
06:56 ckao joined #salt
07:01 linjan_ joined #salt
07:07 lionel joined #salt
07:09 krow joined #salt
07:10 ndrei joined #salt
07:14 mgw joined #salt
07:15 thayne joined #salt
07:18 oz_akan_ joined #salt
07:18 zain_ joined #salt
07:21 mgw joined #salt
07:27 B3open joined #salt
07:27 raizyr joined #salt
07:30 jeffro_ joined #salt
07:31 krow joined #salt
07:32 slav0nic joined #salt
07:32 slav0nic joined #salt
07:41 krow joined #salt
07:44 krow1 joined #salt
07:50 lessismore joined #salt
07:52 puppet joined #salt
07:52 krow joined #salt
07:54 alfborge joined #salt
07:56 oz_akan_ joined #salt
07:57 alfborge Hi, I just looked at https://github.com/saltstack/salt/issues/6862 which talks about connection loss between master and minion on windows.  thatch45 mentions a new transport that should resolve this.  Has there been any development there?
07:58 harobed joined #salt
07:59 scristian joined #salt
08:03 krow1 joined #salt
08:09 balboah joined #salt
08:10 Shenril joined #salt
08:17 Kenzor joined #salt
08:17 ndrei joined #salt
08:19 bitmand Hi again, still debuggen my problem with keeping minions alive - anyone here running freebsd salt minions?
08:19 bitmand debugging*
08:19 lzhang joined #salt
08:20 joehoyle joined #salt
08:24 xmj moin
08:27 gammalget joined #salt
08:29 xmj cedwards: do you have any idea why your PR hasn't been committed yet?
08:29 zooz joined #salt
08:31 alfborge Are there any known issues with windows minions loosing connection to the salt master?
08:31 alfborge I have three windows minions and they all go down after a short time.
08:35 giantlock_ joined #salt
08:36 jeremyBass joined #salt
08:39 Kenzor joined #salt
08:40 Kenzor joined #salt
08:40 sfello joined #salt
08:41 sfello hello all.
08:41 sfello Yesterday salt was really going very well for me, and then suddenly all the minions stopped being able to talk to the master.
08:42 sfello I've tried high state with -L all and it stops on the line [DEBUG   ] Loaded minion key: /etc/salt/pki/minion/minion.pem
08:42 sfello and just waits there forever
08:43 sfello I checked the keys for the minions on the master and they are all accepted and match
08:43 sfello can anyone suggest what I might do to remedy this?
08:43 yomilk joined #salt
08:43 sfello My only guess is that the master has somehow changed its key, but I don't really know how that would have happened.
08:44 elsmorian1 joined #salt
08:46 johtso joined #salt
08:50 jeffro joined #salt
08:51 nn0101 joined #salt
08:51 sfello I can also see that the minions are talking to the master (or at least connected), looking at the state of port 4505 and 4506
08:53 ambientsound sfello: DNS working properly?
08:54 sfello i think so; lsof -i :4505 says that there is a connection established to <minion hostname> and I can ping that same hostname
08:55 sfello its bizarre because it worked one minute then suddenly all stopped
08:56 sfello is there a way to make the master run very verbose logging to see what is connecting and stuff?
08:57 sfello oh.. hm
08:57 sfello "This master address: 'salt' was previously resolvable but now fails to resolve! The previously resolved ip addr will continue to be used" in the logs
08:57 oz_akan_ joined #salt
08:57 sfello followed by "Caught signal 15, stopping the Salt Master" lots
08:58 kadel joined #salt
09:00 CeBe joined #salt
09:02 scott_w joined #salt
09:02 topochan joined #salt
09:04 alfborge I guess the answer to my question is https://github.com/saltstack/salt/issues/6231, so yes there are known connectivity issues here.
09:16 sfello umm… so, using the bootstrap and then using salt-cloud - the resulting minions don't have the same version number as the master
09:17 sfello seems like it might be a flaw… particularly given this message in the logs: "Most likely this means that your masters and minions are not the same version.  After Salt 0.17.6 this situation will throw an exception."
09:18 krow joined #salt
09:21 ipalreadytaken joined #salt
09:25 yomilk joined #salt
09:29 ndrei joined #salt
09:35 alfborge According to http://docs.saltstack.com/topics/releases/2014.01.0.html, salt cloud should be included in the main salt release.  Do I still need to build the salt cloud repo?
09:35 alfborge I don't have a salt-cloud command, so it seems that way...
09:41 sfello alfborge: it worked for me
09:41 sfello if you use the develop version
09:41 sfello but then the whole lot has just blown up and all the minions are being weird and the master is refusing to talk to them and keeps dying so… maybe just wait until it's stable.
09:41 ndrei joined #salt
09:41 sfello :-/
09:42 elsmorian1 lol
09:46 bhosmer joined #salt
09:47 alfborge sfello: I'm using the 2014.01 release.  I guess I'll try the develop version instead...
09:48 lessismore alfborge: for debian you have to install salt-cloud, it is a separate package, do not know for other distro
09:48 elsmorian1 alfborge:  one of the issues sfello and I are having might be casued by teh lateste release trying to install older salt versions on the minions it spins up through salt-cloud it seems
09:48 sfello alfborge: so, it all worked fine for like a week or so, and then yesterday everything blew up. Some of the salt-clouded minions whinge about version mismatch (which seems a bit silly because they should presumably have been installed with the same develop version)
09:48 sfello and the master keeps saying "This master address: 'salt' was previously resolvable but now fails to resolve!"
09:49 generj joined #salt
09:49 ambientsound sfello: check your /etc/hosts for a "salt" entry
09:50 joehoyle joined #salt
09:50 krow joined #salt
09:50 sfello ambientsound: is not there… :-/
09:50 aserdp joined #salt
09:50 ambientsound try adding "<salt-master-ip> salt" to the file
09:50 sfello this is *on* the master though (which is also a minion to itself)
09:50 sfello ok, will try that
09:51 Ryan_Lane joined #salt
09:51 ambientsound ok, so add 127.1.2.3 or something
09:51 sfello interesting
09:52 sfello now lots of other errors about pillar rendering : if self.opts['master_ip'] not in self.opts['master_uri'] Key error 'master_uri'
09:53 alfborge I just did apt-get install salt-cloud and voila, it works.
09:53 alfborge thanks lessismore
09:53 sfello ha
09:54 sfello ambientsound: well the minions are now back in touch, just seems that this master_uri option is missing ...
09:54 sfello this is so weird because it was all literally going really well immediately before
09:54 sfello and then boom
09:58 oz_akan_ joined #salt
09:58 elsmorian1 sfello: ambientsound: so saltmaster needs to be told its running on localhost.. the machine its running on..?
09:59 * xmj looks at salt 2014.1.0 on freebsd
09:59 ravibhure joined #salt
10:01 LinuxBill joined #salt
10:01 jrdx joined #salt
10:03 jrdx This is a great guide on best practices... shaping up well. Can't wait to see it grow! https://github.com/gravyboat/salt/blob/develop/doc/topics/best_practices.rst
10:04 carlos_ joined #salt
10:07 xmltok_ joined #salt
10:09 sroegner joined #salt
10:11 ndrei joined #salt
10:13 johtso joined #salt
10:14 helderco joined #salt
10:31 raizyr joined #salt
10:34 Katafalkas joined #salt
10:34 Katafalkas Any ideas where TechHat is gone ?
10:39 MrTango joined #salt
10:44 manicouman joined #salt
10:44 yomilk joined #salt
10:45 generj sporkd2: so I can happily manually clone from github on my master
10:45 generj sporkd2: but from gitfs it gives the error
10:45 generj sporkd2: [salt.loaded.int.fileserver.gitfs][WARNING ] Exception caught while fetching: len([]) != len(['Permission denied (publickey).', ''])
10:46 generj I'm at my wits end here :(
10:49 yomilk_ joined #salt
10:53 joehoyle joined #salt
10:58 manicouman joined #salt
10:58 oz_akan_ joined #salt
11:00 elsmorian1 I'm trying to use the mine to get stats on the IP addresses for certain grains. When I use network.ip_addrs I get one of the IPs the machines have (they have two interfaces each), but when i restrict them to a subnet which they are in, it displays nothing?
11:00 elsmorian1 root@coconut:~# salt-call mine.get 'role:production-server' network.ip_addrs:cidr='10.0.0.0/8' grain
11:00 elsmorian1 local:
11:00 elsmorian1 ----------
11:00 elsmorian1 root@coconut:~# salt-call mine.get 'role:production-server' network.ip_addrs grain
11:00 elsmorian1 local:
11:00 elsmorian1 ----------
11:00 elsmorian1 avocado:
11:00 elsmorian1 - 10.181.104.163
11:00 elsmorian1 durian:
11:00 elsmorian1 - 10.181.97.48
11:01 elsmorian1 Both those IPs are in 10.0.0.0/8, so why arent they showing with the first command? and, why arent both eth0 and eth1 interfaces on both boxes showing up in the second command?
11:01 alfborge joined #salt
11:04 joehoyle joined #salt
11:09 elsmorian1 ANy ideas anyone?
11:11 elsmorian1 Also, the documentation for ip_addrs is unclear:
11:11 elsmorian1 http://docs.saltstack.com/ref/modules/all/salt.modules.network.html#salt.modules.network.ip_addrs
11:11 elsmorian1 is ip_addrs the same as ipaddrs?
11:12 elsmorian1 and if so, why do the CLI examples for ipaddrs and ipaddrs6 use ip_addrs and ip_addrs6 respectively?
11:12 ndrei joined #salt
11:17 diegows joined #salt
11:20 manicouman joined #salt
11:26 zooz joined #salt
11:27 psarossy joined #salt
11:27 pdayton joined #salt
11:28 elsmorian1 OK, I'm answering a few of my own questions, i forgot you had to explictly set which options are availble from which minion in teh salt mine.
11:30 psarossy hey folks, I've been trying to add another file declaration for the past hour and a half to my config, but for some reason I cannot get salt to apply the changes to some specific files while the exact same config works with other files.
11:31 psarossy monitoring/init.sls: http://pastebin.com/baBixAmp
11:31 psarossy monitoring/snmp.sls: http://pastebin.com/pD2zFk2f
11:31 psarossy could someone take a look, I'm at a loss here
11:31 ggoZ joined #salt
11:31 psarossy the declaration for the munin config file and the snmpd one are the same
11:32 brian joined #salt
11:32 brian hey, i'm trying to configure multi-master, but when I specify two master servers i get an error: http://pastebin.com/8WLkkjaC
11:32 psarossy if I make a change to the munin one it gets rolled out, but the snmp ones are deemed to be in the correct state
11:32 brian what am i doing wrong?
11:32 psarossy if I delete the files it just creates empty ones, and the config files don't show up in the minion cache folders either.
11:32 psarossy the permission are the saem
11:38 brian looks like bug in salt stack
11:38 brian i found bug report, confirmed bug
11:38 topochan joined #salt
11:41 psarossy any clues on my issue? I just broke the munin config out into a separate sls as well to test, but it still works fine
11:44 psarossy hmm it looks like it could be a bug in the package release for 10.04, as it works fine on 13.04
12:03 Nazzy joined #salt
12:03 Nazzy joined #salt
12:04 elfixit joined #salt
12:06 elsmorian1 Using mine.get from the command line on a minion works fine, but using it in a jinja template in the minions pillar fails with:
12:06 elsmorian1 File "/usr/lib/python2.7/dist-packages/salt/crypt.py", line 341, in sign_in
12:06 elsmorian1 if self.opts['master_ip'] not in self.opts['master_uri']:
12:06 elsmorian1 KeyError: 'master_uri'
12:08 x5257 joined #salt
12:10 brian hi, when PHP is installed, I want to restart Apache, how can I do it?
12:13 elsmorian1 brian: you can watch teh state that installs php and restart apache based on that
12:13 gammalget joined #salt
12:13 elsmorian1 Brain: http://docs.saltstack.com/ref/states/ordering.html halfway down might be helpfull
12:21 raizyr joined #salt
12:23 Katafalkas Where is the default directory I should place my salt runners in ?
12:33 hunter joined #salt
12:38 jrdx joined #salt
12:39 blee joined #salt
12:40 ndrei joined #salt
12:42 topochan joined #salt
12:44 rojem joined #salt
12:45 rojem joined #salt
12:50 bhosmer joined #salt
12:52 Tanoti joined #salt
12:56 Tanoti I have a sequence of stop service, deploy package, do some config stuff, start service. How can I write a state such that the service is only started if it was running before and has been stopped by the first part of the state?
13:00 jrdx joined #salt
13:12 dyim joined #salt
13:15 baffle When targeting minions with a compound match.. How is and/or weighted? I.e. I want to match "(G@foo:bar or G@foo:zoo or G@foo:yomoma) and G@domain:lol.biz" .. () doesn't seem to work. :)
13:15 GoKage joined #salt
13:16 jrdx joined #salt
13:17 rgbkrk joined #salt
13:20 helderco joined #salt
13:25 oz_akan_ joined #salt
13:25 akoumjian joined #salt
13:27 NV baffle: ( and ) should work
13:27 oz_akan_ joined #salt
13:27 NV https://github.com/saltstack/salt/blob/develop/salt/minion.py#L1842 is the relevant code
13:27 rojem joined #salt
13:27 NV I notice that ( and ) are valid operators, go figure
13:27 NV I suspect you might need to use this though
13:28 NV "( G@foo:bar or G@foo:zoo or G@foo:yomoma ) and G@domain:lol.biz"
13:28 baffle You mean just add spaces?
13:28 NV yes
13:29 NV ( and ) are operators, the compound match is split into tokens, operations are a token
13:29 NV kinda non-intuitive, but that's how i read the source
13:29 NV if that works might be worth raising a bug report to improve the documentation a little (and/or the behaviour)
13:30 baffle NV: Hmm, I don't think it works actually.
13:30 jslatts joined #salt
13:31 baffle "G@foo:bar or G@foo:zoo" should be the same as "( G@foo:bar and G@foo:zoo )" but it isn't. Returns no hosts if I use (). :)
13:31 themadcanudist hey guys, is there a salt state that allows for writing a message to a run's output?
13:32 themadcanudist like a "console" or "message" state?
13:32 baffle themadcanudist: I wonder about that too; Right now I just do "echo superdebug: cmd: -run" :)
13:33 themadcanudist baffle: interesting hack… hrm, it shouldn't be too hard to write that state
13:33 baffle printf debugging is the best.
13:33 * themadcanudist looking...
13:34 baffle echo Debug output {{ jinja_variable }}:
13:34 baffle cmd:
13:34 baffle - run
13:34 baffle :)
13:34 baffle I really hope there is some better way that I don't know about.
13:35 themadcanudist baffle: my feeling is that there isn't.
13:36 cpenner461 joined #salt
13:37 sfello joined #salt
13:41 sroegner joined #salt
13:45 jaimed joined #salt
13:45 krow joined #salt
13:49 Katafalkas /join #python
13:51 elfixit joined #salt
13:54 juicer2 joined #salt
13:56 ndrei joined #salt
13:59 N-Mi joined #salt
14:00 babilen What are good ways to ensure that users have the same uid across servers managed with salt? Or rather: What will happen if the uid I choose in salt.states.user.present has already been taken?
14:00 andr386 joined #salt
14:01 R_Shackleford joined #salt
14:02 btorch dave_den: timoguin thanks for the info/help yesterday, I had to leave but I will check out the pull link today. I've always tried to use state.show_lowstate to check on the order of things
14:02 quickdry21 joined #salt
14:05 NV babilen: I have a users.sls state that creates users from pillar data, and a custom py rendered pillar sls that generates users dictionaries by looking up ldap - but you could easily store your user information in a sql database, etc and have a unique constraint on your uid field
14:05 NV etc
14:07 andr386 Hello, I am new. Trying to make my first pillar to configure dhcpd.  I get a list of elements like this  {'kiosk2': [{'fixed_address': ’10.0.0.1’}, {'hardware_ethernet': ‘XX:XX:XX:XX:XX:XX’}]}, but can't figure how to extract the values in jinja. Anybody can help ? (I am not familiar with jinja and my python is limited)
14:08 vejdmn joined #salt
14:08 racooper joined #salt
14:09 babilen NV: yeah, I am using the user formula and pillars already and all I have to ensure is that the uid is the same across a number of boxes. I don't care at all which uid that is though.
14:10 faldridge joined #salt
14:11 jrdx joined #salt
14:12 oznt joined #salt
14:12 Guest71944 joined #salt
14:12 oznt what is the best way to read slat minion logs from the salt master?
14:14 baffle andr386: pillar.get and for-loops?
14:14 jrdx joined #salt
14:16 baffle andr386: {% for host,values in salt['pillar.get']("dhcpstuff").items() %}
14:17 andr386 @baffle: I already loop to get that line.  To extract 'kiosk2', I do {% set name = machine.keys.pop() %}. Then I try to loop on machine[name] == [{'fixed_address': ’10.0.0.1’}, {'hardware_ethernet': ‘XX:XX:XX:XX:XX:X’X}]. But to no avail
14:18 NV andr386: why not do what baffle does? then host == 'kiosk2' and values['fixed_address'] has your address, etc
14:18 NV why loop twice?
14:19 dopp joined #salt
14:20 andr386 I tried to do what baffle says and got an error. Maybe I should give and example of the pillar. machines:
14:20 andr386 -kiosk:
14:21 andr386 - fixed_address: 10.0.0.1
14:21 andr386 - hardware_ethernet: XX:XX:XX:XX
14:21 NV err
14:21 NV remove the - before fixed and hardware
14:21 NV also, pastebin next time
14:22 NV and you probably need a space between the - and kiosk
14:22 andr386 Okidoki, it's my 'first time'
14:22 NV actually, you probably dont want the - in front of kiosk either
14:22 vu_ joined #salt
14:22 NV - means lists
14:22 NV you want a dictionary really
14:22 NV (I assume hostnames are unique)
14:22 andr386 Yep,
14:23 cpenner461_ joined #salt
14:23 cpenner461 left #salt
14:23 andr386 I guess the number of space is significative ?
14:24 andr386 What is the format of the pillars ? Is it yaml too ?
14:25 cpenner461 joined #salt
14:25 oznt andr386, please use a paste, do post code in the channel
14:26 wkf_ joined #salt
14:27 hartym joined #salt
14:28 mpanetta joined #salt
14:28 andr386 @oznt: really, I've just been told not to do that. So far removing the - everywhere seems to help tremendously
14:32 diegows joined #salt
14:33 mpanetta_ joined #salt
14:34 jrdx joined #salt
14:34 NV andr386: yes it's yaml (jinja2 templated yaml)
14:35 mpanetta joined #salt
14:35 andr386 @buffle,NV: Thanks a million. I removed the '-', and host was immediatly usable. and for the values values.get('my_variable') gave me exactly what I needed
14:35 timoguin joined #salt
14:36 fxhp andr386: yeah so that is a YAML thing
14:36 fxhp dashes will create a python list
14:37 fxhp no dashes will be a key:value (dict)
14:37 scoates https://groups.google.com/forum/#!topic/salt-users/GVSaXUPjBbY
14:37 fxhp Oh NV already explained that, sorry
14:37 NV andr386: http://yaml-online-parser.appspot.com/ - probably the single most useful tool you can have at your disposal ;)
14:38 NV being able to see the yaml parsed and outputted in pretty printed json makes things very easy to understand what's going on ;)
14:38 fxhp Yeah, Salt sort of suggests certain grammer of YAML, like indent with only two spaces, etc
14:39 andr386 Yes, I didn't even know it was yaml and yaml itself is worth diggin into a little bit ;-)
14:39 * fxhp nods
14:39 NV mhmm
14:40 rgbkrk joined #salt
14:40 dopp I think I discovered a bug yesterday. Though, perhaps not a bug, but something to work around. Try having Salt create a group called "no" :)
14:40 andr386 Ok, now I need that yaml parser 2 json in a gnu tool
14:41 n0c dave_den: I think I found a bug in MasterPillarUtil
14:41 dopp the no is passed through to state.py and interpreted as a boolean (which of course bombs when state.py tries to do a startswith on it)
14:41 fxhp dopp - like group.present: -name: no ?
14:41 dopp well, in my case, no: group.present
14:42 dopp I had to quote the no. 'no' to make it work
14:42 dopp I only hit it because I have *nix groups based on country code, heh
14:42 fxhp Ahh, could you try placing something else as the <ID Declaration> and then use the - name: no
14:42 fxhp dopp: to see if it happens in that case as well, def sounds like a defect.
14:43 dopp I didn't know about that, but another work-around is nice
14:43 dopp still, I don't think that a python boolean should be passed through
14:43 fxhp dopp: yeah, our team at work uses the ID Declaration as a human readable unique value and then we always supply a - name arg
14:44 fxhp It has really helped us keep the states uniform
14:44 dopp I've also had problems with group names that are nothing but numbers. Perfectly acceptable by POSIX, but salt doesn't like it, heh
14:44 dopp probably because it becomes an int
14:45 fxhp yeah
14:45 fxhp dopp: http://russell.ballestrini.net/understanding-salt-stack-user-and-group-management/
14:45 fxhp take a peek at that, that is basically what we are using
14:46 timoguin i've also found a descriptive SLS ID with a name arg is better.
14:46 timoguin and results in fewer SLS ID conflicts
14:46 yomilk joined #salt
14:46 dopp fxhp: have you run into any scalability issues with having salt manage groups? My concern is just how long it takes, as the groups are checked one by one
14:47 fxhp timoguin - yup fewer collisions and a much more verbose output during highstates
14:47 dopp certainly, I could just have salt distribute the entire group map, but I would rather not
14:47 dopp I have about 400 groups in a salt state now :)
14:47 ajprog_laptop joined #salt
14:48 fxhp timoguin: we use dashes in the ID but I just found out it supports spaces (I should have guessed considering it is a dict key)
14:48 timoguin I didn't know it supported spaces. Good to know.
14:48 oznt how am I supposed to read the logs from the minion ? I can't find the right place to guide me, can someone give me a hint?
14:49 fxhp dopp - I have only a handful of groups (maybe ~20) but that is something we could def test
14:49 dopp oznt: good question. Certainly there are logs on the minion (/var/log/salt), but what I've been doing while debugging is logging into the minion and running 'salt-call -l trace state.highstate'
14:50 dopp fxhp: the thing is, even if there are no new groups to create, just checked to see if all of the groups are present takes a long time
14:50 baffle dopp: You actually hit tat a lot. I live in Norway, "no" is the shorthand. :) I was a bit confused why I suddenly had {{ country }} return "False". :)
14:50 dopp baffle: yeah, it took me quite a lot of debugging to figure out what was causing the stack trace, heh
14:51 dopp of course, once I narrowed it down to groups that started with 'n', I was like, "Oh, of course!"
14:51 oznt dopp, this sounds also ok, but I don't want to do this all the time. Especially not  when I work with windows minions, they are so terribly slow
14:52 fxhp http://www.yaml.org/refcard.html | so it is a YAML thing, not something Salt is imposing
14:52 kintel joined #salt
14:56 oznt dopp, check this out http://paste.debian.net/85642/, this is really not informative, until now the only way I found to see what is happening on the windows machine was to put in on my desk and run salt-minion -l debug from the command line,
14:56 kaptk2 joined #salt
14:56 SkyRocknRoll__ joined #salt
14:57 x5257 joined #salt
14:58 rojem joined #salt
14:58 gnugnu8 joined #salt
14:58 * fxhp feels sorry people need to maintain windows
14:59 oznt fxhp, thanks,  i feel sorry too
15:00 gnugnu8 joined #salt
15:00 oznt but right now I am fighting salt, not windows. I feel awkward. You run a command, but there is no log ? Sure there is, i know, but I can't see to find in the documentation how to find this log. So I am whining here ...
15:01 kermit joined #salt
15:01 jslatts joined #salt
15:01 pydanny joined #salt
15:02 stefanmonkey joined #salt
15:06 mgw joined #salt
15:07 ipmb joined #salt
15:09 rgbkrk joined #salt
15:09 lessismore anybody knows how to specify a pillar and salt environment for salt-ssh? I do not see any doc or example!
15:14 abe_music joined #salt
15:16 btorch does the order of the matches in the state top.sls matter in anyway when it comes down to the order of execution ?
15:16 Gifflen joined #salt
15:18 GradysGhost joined #salt
15:18 joehoyle joined #salt
15:22 elsmorian joined #salt
15:23 rostam joined #salt
15:25 colinbits joined #salt
15:25 elsmorian Hi all. Using mine.get from the command line on a minion works fine, but using it in a jinja template in the minions pillar fails with:
15:25 elsmorian File "/usr/lib/python2.7/dist-packages/salt/crypt.py", line 341, in sign_in
15:25 elsmorian if self.opts['master_ip'] not in self.opts['master_uri']:
15:25 elsmorian KeyError: 'master_uri'
15:25 elsmorian Any hints at why that might be?
15:26 pdayton joined #salt
15:29 jmlowe joined #salt
15:29 jmlowe anybody had trouble with pkg.upgrade after moving from 17.5 to 2014.1.0?
15:30 jmlowe I had some trouble, removed this file /usr/lib/python2.7/dist-packages/salt/modules/apt.pyc, and it fixed everything
15:32 n0c hmm.. salt cloud doesn't appear to copy my minion config to new minions
15:33 NV btorch: Don't quote me on it, but I think it does - that said, don't rely on it, use require!
15:34 ipmb joined #salt
15:34 slav0nic joined #salt
15:34 slav0nic joined #salt
15:35 forrest joined #salt
15:37 oznt I don't get why my windows 32bit client can successfully run command, but state.highstate isn't working, on 64bit i have not problem. Can someone help me resolve this issue?
15:37 oznt http://paste.debian.net/85651/ is the error i am seeing on the master
15:38 btorch NV: yeah I don't think it does, there one particular role that seems to be messing up the whole order, not sure why yet
15:42 alunduil joined #salt
15:42 Gordonz joined #salt
15:43 Gordonz joined #salt
15:43 vxitch does salt have a release timeline or schedule?
15:44 forrest vxitch, not really.
15:44 forrest oznt, that box is in your top file right?
15:44 vxitch so no idea when the bugs in 2014.1.0 will be patched? the fix is already in the dev version
15:45 vxitch i rely on epel package to distribute via kickstart
15:46 oznt forrest, yes
15:47 oznt here is my top file http://paste.debian.net/85652/
15:47 sroegner is any of you Gentlemen successfully using overstate with 2014.1?
15:49 oznt ok, restarting the windows machine does not help. It seems that salt on 32bit machine is only half baked
15:49 oznt I have more success with 64bit clients
15:50 forrest oznt, try to re-run the highstate with -l debug on the end
15:52 oznt forrest, i did but it does not make any difference
15:52 forrest oznt, what release of salt is that?
15:52 oznt 0.17.5
15:52 btorch if I'm telling all my pkg installs from other state files to require a pkg from a base.sls file, should that base.sls show up first in a show_lowstate ?
15:53 oznt I upgrade from 0.17.4 which didn;t also work on 32bit
15:53 seapasulli joined #salt
15:53 Thiggy joined #salt
15:54 carlos_ joined #salt
15:55 oznt forrest, take a look here http://paste.debian.net/85654/ the problem is really only on windows 7 32bit
15:55 forrest oznt, are you able to run a single state.sls call?
15:56 oznt in my top file i have a state called win, how do I run it?
15:58 forrest salt 'target_server_name' state.sls win
15:58 vlcn joined #salt
15:58 teskew joined #salt
16:00 forrest oznt, you may also want to start the service on the minion in debug mode to see if anything else pops up in those logs.
16:00 oznt forrest, see this, it's working on my 64bit client, not on 32 http://paste.debian.net/85655/
16:01 oznt I asked earlier how to read the logs from the minion ... any idea? I guess I could use salt-mine to copy the logs, but it should be easier than that
16:02 forrest oznt, what do you mean? You don't have admin access to remote desktop into that box?
16:02 jeremyfelt joined #salt
16:03 danielbachhuber joined #salt
16:03 oznt i do, but I simply find it awkward to actually work on the machine itself
16:03 oznt i want to have salt installed and never log-in again on windows
16:03 forrest oznt, you should also check to see if the cache dir within the salt folder on the minion is being populated with states.
16:03 oznt i worked 3 years with a products that does that
16:03 conan_the_destro joined #salt
16:04 oznt forrest, that is a good hint
16:04 forrest oznt, yea fair enough, you'll still need to get the logs somehow, unless windows has some sort of syslogd equivalent.
16:05 oznt forrest, that was a VERY good hint
16:05 forrest are they not getting dropped onto the minion?
16:05 oznt the /var/conf/files/base/win is populated in the 64bit  client
16:06 oznt it's empty on the 32bit client
16:06 jslatts joined #salt
16:06 oznt this is darn weired
16:06 forrest odd, ok yea you need to crank that minion to debug logging and see why it's not getting them then
16:06 vejdmn joined #salt
16:06 smcquay joined #salt
16:07 davet joined #salt
16:07 juice joined #salt
16:10 higgs001 joined #salt
16:10 naiyte joined #salt
16:10 oznt ok, i also found out that this client had a later version of salt installed, I asked our intern to do it, but he obviously installed the latest, no the version i told him. Could be related to protocol mismatch
16:11 higgs001 joined #salt
16:11 rojem joined #salt
16:12 tvle joined #salt
16:12 oznt forrest, I don't know how I feel about it... I am quite pissed off with the guy now, but hey, because of your tipp I learned some new stuff about salt debuggings . So I'd buy you both a beer
16:13 oznt and now that the problem is solved, I can do Feierabend!
16:13 Eugene beer is always a good decision
16:15 forrest oznt, oh yea that's a problem, you won't be able to run a newer release on the minion with an older master in most cases.
16:16 oznt forrest, yes, I've seen that in the past, with salt 0.0.8 about two years ago
16:16 oznt but the trick with the files i didn't know
16:16 Katafalkas joined #salt
16:16 forrest oznt, cool
16:18 bt joined #salt
16:18 saint-n actually you can run old master new minion if its relatively close
16:18 saint-n older minion than master is where the issues abound
16:19 saint-n like i have a 15 master and 17.1 minions
16:19 saint-n works hunky dory
16:19 saint-n 15 master and 10.2 minions make me wanna stab things ;)
16:21 forrest saint-n, that isn't always the case :\
16:22 forrest saint-n, always a crap shoot depending on what was fixed.
16:22 bemehow joined #salt
16:22 saint-n hooray luck!
16:23 saint-n oh that rmeinds me
16:23 saint-n i think ir ead that periods in grains was fixed
16:23 saint-n like /etc/init.d/thing:
16:23 saint-n - file.managed
16:24 TheRealBill_here joined #salt
16:24 saint-n would i need to update master for it to actually not though "dictionary" errors?
16:26 Katafalkas joined #salt
16:26 Katafalk_ joined #salt
16:29 mpanetta forrest: I have an odd question...
16:29 mpanetta Well I think it is odd...
16:29 mpanetta Does salt have dummy states?
16:29 forrest mpanetta, as in states that do nothing?
16:30 mpanetta Yeah, I am tryingto install something on ubuntu and centos, but they install completely differently, so I don't know how to wait for them to finish
16:30 babilen Why do I have to restart my salt-master whenever I make changes to GitFS if I want it to pick those up? Is there a way to configure it to refresh that automagically?
16:30 mpanetta I was thinking a dummy gate state would work...
16:30 Thiggy joined #salt
16:31 mpanetta it is mongodb BTW...
16:31 mpanetta Maybe there is already one somewhere that works for both
16:32 mpanetta The mongodb formula in the salt repo is only for centos I think,
16:33 mpanetta Is it possible to wait on an entire sls file to complete?
16:34 forrest mpanetta, yea, use require: \n  - sls: my_sls
16:34 forrest and include the state at the top of the one that requires it
16:34 forrest then you are requiring all actions in that state complete before running the next one
16:34 forrest babilen, gitfs should be refreshing every 60 seconds
16:34 mpanetta forrest: Awesome!
16:34 mpanetta Thank you
16:34 forrest mpanetta, yea np
16:35 vejdmn joined #salt
16:35 babilen forrest: Ah, is there a way to trigger that?
16:35 forrest babilen, check out this issue: https://github.com/saltstack/salt/issues/6989
16:36 forrest babilen, seems like salt-run fileserver.update might work.
16:36 babilen Ah, great.
16:36 mgw joined #salt
16:37 babilen In a way I would like all commands that use data from GitFS to update the data (much like pillar.items refreshes pillars) -- but then pillar.get doesn't do it, so there is some kind of consistency to this inconsistent behaviour :D
16:38 Gifflen joined #salt
16:42 vxitch how can i delete a file in a salt state? i want to make sure my iptables rules are completely empty before starting the service in case default policy is set to DROP
16:43 timoguin vxitch, use the file.absent state
16:44 Gareth vxitch: http://docs.saltstack.com/ref/states/all/salt.states.file.html#salt.states.file.absent
16:44 vxitch thank you :)
16:44 dstanek joined #salt
16:45 vxitch can i use a regex in name?
16:47 FarrisG Anyone know about issues in 2014.1 with salt commands not properly timing out the CLI when minions are unreachable, and the jobs.active module always outputing "{}" even when there are definitely active jobs?
16:47 dstanek_afk joined #salt
16:48 elsmorian Hi all. Using mine.get from the command line on a minion works fine, but using it in a jinja template in the minions pillar fails with:
16:48 elsmorian File "/usr/lib/python2.7/dist-packages/salt/crypt.py", line 341, in sign_in
16:48 elsmorian if self.opts['master_ip'] not in self.opts['master_uri']:
16:48 elsmorian KeyError: 'master_uri'
16:48 dstanek i'm getting 'No Top file or external nodes data matches found' on new nodes; is there any known issues with nodes running 2014.1.0 talking to a 17.5 master?
16:48 elsmorian Any hints at why that might be?
16:49 akoumjian joined #salt
16:50 vxitch dstanek: upgrade, i had the same issue
16:51 vxitch won't work if master is 0.17.5 and minion is 2014.1.0
16:51 dstanek vxitch: do you know if old minions can access a newer master?
16:52 elsmorian I can't work it out, as it works on the CLI, so it can't be a problem talking to the salt-master etc
16:52 elsmorian do you have to do something special to get salt-calls to work in Jinja Templates?
16:54 Ashu joined #salt
16:54 faldridge joined #salt
16:55 thayne joined #salt
16:55 ajw0100 joined #salt
16:55 vxitch dstanek: i have no experience with that, but i heard on this channel yesterday or the day before that the scenario is compatible
16:56 vxitch dstanek: so i've seen people say yes, but i wouldnt do that. are you having issues upgrading?
17:01 elsmorian Can somecheck that this is valid syntax: {% for host, ip in salt['mine.get']('role:production-server', 'network.ip_addrs', expr_form='grain').items() %}
17:01 elsmorian (This is the full render error BTW http://pastebin.com/NBi3YvwK)
17:02 elsmorian I dont understand how it can work on the commandline and not in a jinja template though :(
17:03 Gifflen_ joined #salt
17:04 themadcanudist joined #salt
17:05 dstanek vxitch: no issues yet, but i'm not going to update the entire infrastructure at the moment
17:06 vxitch word of warning if you upgrade before a new version comes out: 2014.1.0 breaks iptables.flush and iptables.set_policy because of a couple of stupid typos. i'm bitter because i fought it for days before someone pointed me to the bug
17:06 quickdry21 joined #salt
17:06 tea-boy joined #salt
17:07 vxitch so if you use those state modules, pull the most recent salt/states/iptables.py from github.com/saltstack/salt and replace the ones on your minions
17:07 meteorfox joined #salt
17:15 d10n joined #salt
17:15 lessismore ssh
17:16 lessismore sorry, wrong input area, I was try to search back if there where any responses to my question ;-)
17:21 elsmorian lessismore: yeah, quite noisy in here :S
17:22 hotbox joined #salt
17:23 dstanek vxitch: thx for the tip; i would have probably started running into that too
17:27 tvle joined #salt
17:28 schimmy joined #salt
17:28 dyim_ joined #salt
17:33 vxitch man, im getting real fucking sick of salt.
17:33 vxitch 2014.1.0 is littered with shitty bugs
17:33 robawt vxitch: like what?
17:33 vxitch ive been fighting it this whole week instead of having it help me
17:34 mgw joined #salt
17:34 vxitch like more iptables exceptions
17:34 schimmy joined #salt
17:35 vxitch http://hastebin.com/limokogasi.vhdl
17:35 vxitch seriously, this is shit. ive been wasting my time
17:35 vxitch salt is half baked at best
17:36 jcockhren vxitch: yeah. I've been sitting back to see what issues appeared with the new release before applying it to my infra
17:36 vxitch and im saying that as someone who really really likes what it stands for and would rather use this over puppet any day
17:36 vxitch ive been touting salt all day long to my colleagues and others looking into cfg mgmt
17:36 vxitch and i feel like its a pile of shit. who needs unit tests before pushing out a major version, right?
17:37 vxitch at least if there was some accessible errata or known bugs, id feel a little better
17:37 vxitch but there isnt
17:37 forrest vxitch, Yea that's something that has been brought up with the dev team before that is actively being worked on (the QA stuff), but it does blow when there are errors on a new release.
17:38 forrest vxitch, the only thing I can suggest is to fall back to 0.17.5, and review the issues to see what is affecting you, and when it will get resolved.
17:39 KyleG joined #salt
17:39 KyleG joined #salt
17:39 schimmy joined #salt
17:41 seanz forrest: How are issues filed? From the saltstack devs or from people who run headlong into brand new issues without warning?
17:41 timoguin seanz, both
17:41 timoguin on the Github tracker
17:41 forrest seanz, yea both, most issues on new releases are found by users though
17:42 ggoZ joined #salt
17:42 btorch is there another way to find why a service is failing to start with salt ? debug doesn't seem to say much .. I can start the service fine after the highstate call is done
17:42 frasergraham joined #salt
17:42 vu_ joined #salt
17:44 KyleG joined #salt
17:44 KyleG joined #salt
17:44 wendall911 joined #salt
17:44 forrest btorch, does it fail on every highstate?
17:45 jacksontj_ joined #salt
17:46 btorch forrest: nope if I do it again it starts up
17:46 vu_ joined #salt
17:46 btorch forrest: but looking at the debug log it makes no sense to why it would fail .. unless there is some race condition going on
17:48 robawt seanz: please file a bug
17:49 elsmorian As no-one in here has replied I'm guessing no one knows the answer. have made a Stack Overflow Question, http://stackoverflow.com/questions/22232110/salts-mine-get-command-works-on-cli-but-not-in-a-jinja-template and might reply here if its interesting
17:53 exgenome joined #salt
17:53 exgenome hey, peers :)
17:54 exgenome i would love to contribute in this project.
17:54 zach_ Then publish your contributions to the githubs!
17:54 zach_ to the cloud
17:54 [diecast] joined #salt
17:55 exgenome okay, but any instruction or something?
17:55 Katafalkas joined #salt
17:55 exgenome like some module>
17:55 exgenome ?
17:57 tvle joined #salt
18:00 Gifflen joined #salt
18:01 meteorfox joined #salt
18:02 lahwran joined #salt
18:02 jeremyBass1 joined #salt
18:03 sporkd2 why is salt-cloud trying to create salt-user ssh folder?
18:03 jeremyfelt joined #salt
18:04 Thiggy joined #salt
18:05 viod joined #salt
18:05 AdamSewell joined #salt
18:05 AdamSewell joined #salt
18:06 mgw joined #salt
18:11 Gifflen joined #salt
18:13 Ryan_Lane joined #salt
18:15 forrest btorch, sorry had some meetings. That seems to me like you are missing some requirements that get properly dropped on during the first highstate AFTER you attempt to start the service, which are present for the second highstate. I'd suggest to review the minion log to see if it shows why anything is failing there, and review what is required for the service to start to ensure it's being properly dropped on
18:15 forrest you might have to put the minion into debug mode
18:15 meteorfox joined #salt
18:17 dwiden joined #salt
18:19 dwiden Hi everyone.  I am using a Linux master an a windows minion.  I have an installer that I want to distribute to my minions.  However, each installer has a single-use license so I can only use each installer once (I have plenty of these).  Is there an easy way to distribute these installers on a first-come, first-served basis and once an installer has been distributed, no other minions can get it?
18:20 johtso joined #salt
18:20 pydanny joined #salt
18:21 forrest dwiden, hmm, is the license some sort of file?
18:22 themadcanudist How do you folks handle provisioning monitoring? ie. nagios monitors, etc.?
18:22 dwiden forrest: its more like the installer requires a password, and each installer is unique and has a unique password and I would be breaking my license agreement if I used the same license on two different machines
18:23 forrest dwiden, hmm
18:24 jmccree themadcanudist, I use collectd mostly for metrics collection, which is easily configured via salt.
18:24 thayne joined #salt
18:24 forrest dwiden, well, you could try to do something ghetto, like having a 'license' pillar, where you pull the first available item, then use a reactor: http://docs.saltstack.com/topics/reactor/
18:24 forrest to remove that item from the pillar
18:24 dwiden I had a really ugly solution of mapping a minion id to an installer
18:24 jmccree themadcanudist, for monitoring/alerting I use circonus, and I have a evil genius script that's called by salt and uses the api to setup/change monitoring rules automatically on highstate.
18:24 forrest dwiden, it seems like it would be better though, if you could create a database which contains the license key, along with the host it is associated with.
18:25 amckinley joined #salt
18:25 bhosmer joined #salt
18:25 dwiden forrest: I could potentially do that.
18:27 themadcanudist jmccree: nice! that's the solution I'm thinking of using w/ a nagios cfg creation api
18:27 jmccree themadcanudist, not sure if it'll work for your use case, but I generated config files via salt and then ran a single script over the files.
18:28 forrest dwiden, are the licenses unique strings of random characters, or is there some sort of 'logic'
18:28 * themadcanudist nods - that can work too.
18:28 jmccree a single script ran on each minion over it's files that is
18:28 dwiden forrest: they are unique strings of letters and numbers, looks pretty random
18:29 forrest dwiden, lame
18:30 dwiden forrest: unfortunately.  I thought that installing the software would be hard, I just need to device a good system to distribute it to my minions
18:31 forrest dwiden, seems to me like the best way to plan for this in the long term is to create a database, because then you can populate the database, add keys and their associated minions, and then simply connect to that DB to get the data. Exactly how you'd do that last part, I haven't messed with
18:31 forrest dwiden, yea, you don't want something you have to constantly change/modify, the cool thing about the DB is you could just auto-dump the minion on provision, and have one giant column of keys
18:32 Kraln joined #salt
18:32 forrest granted it's also more work, and if you don't have something to associate the key in the software with a value from the DB, I don't know how it would be done :\
18:33 dwiden forrest: I unfortunately don't have enough time to set that up and figure out how to make it work.  Luckily I have control over minion ids and they will follow a standard naming convention (name-1, name-2, ...).  Would it be crazy for me to do a file.recurse and a cmd.exe based on minion id?
18:33 dwiden so I would transfer over install files with the proper command/key for minion-1, then for minion-2, etc
18:36 forrest dwiden, if you don't mind doing the minion-key association, that could be as easy as having a lookup in pillar. So you could have a pillar with that looks like minion:\n  - key: asdf1234, then just do a managed file with key: {{ salt['pillar.get']('grains.get['hostname']:key') }}
18:36 forrest that might work
18:37 Kraln- joined #salt
18:37 forrest I haven't tried to nest something like that too much...
18:38 dwiden forrest: that sounds like it might work.  As always, thanks for the help and I'm sure that I'll be back
18:38 forrest yea np, let me know what you decide on.
18:38 raizyr joined #salt
18:38 forrest and whether it ends up working :P
18:38 kermit joined #salt
18:39 jalbretsen joined #salt
18:41 ajw0100 joined #salt
18:43 dwiden forrest: sure thing
18:45 Gifflen joined #salt
18:45 nextdoorwarren joined #salt
18:46 Kraln joined #salt
18:48 yomilk joined #salt
18:50 aaroneous joined #salt
18:53 HeadAIX joined #salt
18:53 longdays joined #salt
18:54 dwiden Does a file.managed/file.recurse state always run?  Or will it only run if the name attribute does not exist?
18:58 m8ncman joined #salt
18:59 cheus joined #salt
19:01 aaroneous1 joined #salt
19:02 longdays It seems with the new 2014 version that something has changed with what a function is in state when referencing pillars or grains.
19:02 longdays http://pastebin.com/9cntJwCX
19:03 longdays that state fails with "No function declared in state "lvm" in sls postgresql"
19:03 longdays anyone here seen this behavior?
19:06 mgw joined #salt
19:07 m8ncman shouldn't you have a function call after lvm? like lvm.vg_present
19:08 higgs001 joined #salt
19:10 m8ncman i'm getting render() got multiple values for keyword argument 'saltenv'
19:11 jmlowe left #salt
19:11 m8ncman when i try any state on some of my minions. i've only seen this after updating to 2014.1.0
19:11 m8ncman any ideas?
19:16 m8ncman verify_env: False fixed it
19:22 rgbkrk joined #salt
19:24 bemehow joined #salt
19:24 ausmarton joined #salt
19:26 zain_ joined #salt
19:29 druonysus joined #salt
19:31 joehoyle joined #salt
19:31 ndrei joined #salt
19:32 longdays @m8ncman that was our issue. in some cases we were not making a function call. Guess we will be fixing those :)
19:34 MrTango joined #salt
19:36 ahammond for the vagrant salt provisioner, how do I set a grain?
19:37 ahammond just hardcode it in the minion config?
19:39 elsmorian joined #salt
19:45 rojem joined #salt
19:47 timoguin ahammond, yea that's one way. it's how i'm currently setting my grains for various roles
19:50 Gifflen_ joined #salt
19:53 dyim joined #salt
19:54 rgbkrk joined #salt
19:55 diegows joined #salt
19:58 hunter joined #salt
19:59 dstanek_afk joined #salt
19:59 mr_chris- joined #salt
20:01 fwiles joined #salt
20:01 tempspace_ joined #salt
20:01 amckinley1 joined #salt
20:03 copelco____ joined #salt
20:03 Kraln joined #salt
20:03 copelco____ joined #salt
20:04 carmony joined #salt
20:04 Nazca joined #salt
20:06 kevinbrolly joined #salt
20:07 kermit joined #salt
20:08 ndrei joined #salt
20:09 m8ncman left #salt
20:10 kickman joined #salt
20:12 btorch forrest: sorry had stepped out .. well I'm using debuging on master and minion systems... I'm trying to reduce the number of states called for the role in the top to see if I can find out more
20:13 schimmy joined #salt
20:14 btorch forrest: if the order of execution is indeed what show_lowstate (which doesn't seem to be the case) than I can maybe see why 1/3 services would not start. but accoding to the debug minion file everything seems to be executing in the proper order
20:14 btorch so a bit of a mistery to me .. could be something in the app code as well
20:17 ajw0100 joined #salt
20:17 Katafalkas joined #salt
20:17 schimmy joined #salt
20:17 forrest btorch, very strange...
20:18 btorch indeed
20:19 mjulian joined #salt
20:19 mjulian joined #salt
20:19 copelco____ joined #salt
20:20 vu_ joined #salt
20:20 echos joined #salt
20:21 schimmy1 joined #salt
20:21 frasergraham should I be able to query pillar values with wildcard?
20:21 frasergraham I have a pillar entry called role, some of my minions have role:celery-build and others role:celery-test
20:22 frasergraham but salt -I "role:celery*" only returns the celery-build ones
20:22 harobed_ joined #salt
20:23 R_Shackleford joined #salt
20:24 tvle joined #salt
20:28 themadcanudist guys, when using salt mine, there is no access control system, correct? the docs suggest that you turn it on and it's available to all nodes (i assume using a salt.modules.mine call)?
20:28 Ryan_Lane themadcanudist: I believe access control was added to it
20:28 themadcanudist Ryan_Lane: oh, seriously, eh?
20:28 * themadcanudist checks version of docs
20:29 forrest did anyone ever write any better docs for the mine?
20:29 forrest I think I still have the issue open
20:29 gadams999 joined #salt
20:29 lzhang joined #salt
20:29 smcquay joined #salt
20:30 Ryan_Lane features should really be blocked ond ocs
20:30 Ryan_Lane *docs
20:30 abe_music joined #salt
20:31 Ryan_Lane themadcanudist: hm. maybe there isn't. I can't find any docs for it
20:31 themadcanudist same: https://github.com/saltstack/salt/issues/6437
20:31 Gordonz_ joined #salt
20:35 Gordonz joined #salt
20:35 frasergraham i dont understand why this doesn't work. pillar.items says my minions have the key role:celery-test, yet salt -I "role:celery-test" gives me nothing
20:35 bemehow_ joined #salt
20:36 Gordonz joined #salt
20:36 frasergraham and it takes a long time to do nothing too, 30+ seconds
20:38 gadams999 salt-run manage.status show all instances up?
20:39 frasergraham yes, all the minions are up
20:40 frasergraham sometimes manage.status returns with status immediately, sometimes it takes minutes
20:41 frasergraham i only have four minions on this setup and they are all up and available and not busy
20:41 gadams999 normally when I see a salt command taking 30+ seconds, it's due to a node down and the command waiting for timeout.
20:42 frasergraham i dont have that situation and many of my commands seem to wait for a long time
20:43 frasergraham i'm more concerned that the pillar data is not matching
20:43 frasergraham pillar.items clearly shows role:celery-test
20:43 frasergraham but -I "role:celery-test" test.ping does nothing
20:44 ajw0100 joined #salt
20:44 vu_ joined #salt
20:44 bhosmer joined #salt
20:44 chadhs joined #salt
20:47 frasergraham salt -I "role:*" pillar.items role shows the two minions with role as celery-build, but then waits for minutes before completing without showing the two celery-test minions
20:47 bhosmer_ joined #salt
20:47 frasergraham -l debug isn't giving any useful datsa
20:49 yomilk joined #salt
20:50 rsimpkins joined #salt
20:50 kballou joined #salt
20:52 vu_ joined #salt
20:54 dyim joined #salt
20:54 jacksontj_ joined #salt
20:56 rgbkrk joined #salt
20:59 toastedpenguin1 joined #salt
21:02 frasergraham my salt commands are now claiming "Failed to authenticate, is this user permitted to execute commands?"
21:05 pydanny joined #salt
21:05 snuffeluffegus joined #salt
21:05 Gareth frasergraham: are you running the salt command as root?
21:07 frasergraham no, I configured it to run as a different user. It's been working for most other things
21:08 sporkd2 has anyone run into an ssh problem with salt-cloud and aws?
21:08 frasergraham i'd rather not have to run salt as root if possible
21:08 Networkn3rd joined #salt
21:08 Gareth frasergraham: what command are you trying to run with salt running as a non-root user?
21:08 Ryan_Lane joined #salt
21:09 frasergraham salt -l debug -I "role:*" pillar.items role
21:09 frasergraham it returns two of my minions and then stops
21:09 frasergraham salt -l debug "*" pillar.items role
21:09 frasergraham that behaves fine
21:10 frasergraham just with the -I that has problems
21:10 Gareth frasergraham: weird.  You should file an issue.
21:10 andr386 joined #salt
21:10 frasergraham ok, will do
21:10 frasergraham i guess i'll go back to running as root
21:10 frasergraham :(
21:11 Gareth brb.
21:12 cewood joined #salt
21:12 gadams999 updated my test master to the latest 2014.1.0 release. For CentOS minions, now getting this error when deploy.sh runs
21:12 gadams999 Failed to run install_centos_check_services()!!!
21:12 schimmy joined #salt
21:13 ndrei joined #salt
21:13 forrest gadams999, can you compile some more data on that and file an issue?
21:13 forrest You're the first I've seen with that one
21:14 gadams999 sure. I'll throw up some pastebins on what I see from the master when doing a 'salt-cloud -m' as well as the log file from the minion
21:15 forrest gadams999, that sounds great, thanks!
21:15 nmistry joined #salt
21:16 schimmy1 joined #salt
21:18 kballou joined #salt
21:19 oz_akan_ joined #salt
21:21 sporkd2 if I'm specifying ssh user in cloud.profile why is it trying to put the ssh keys on the ec2 box as the user I run saltmaster as?
21:22 xsphex joined #salt
21:24 zach_ how else are you going to bootstrap saltstack otherwise?
21:24 joehoyle joined #salt
21:25 sporkd2 zach_: I mean why on the remote box is it not using the ssh_username ?
21:25 bhosmer_ My master is still 17.1 and my minion is 2014.1.0. I'm trying to use state.sls but I'm getting an error "No matching sls found for mystate in env 'base'"
21:25 sporkd2 i'm bringing up an ubuntu aws ami which only has ubuntu user
21:25 sporkd2 and salt-cloud is complaining about not being able to create /home/<saltuser>/.ssh
21:25 forrest bhosmer_, yea that won't work, you can't use a 2014.1 minion with a 17.X master.
21:26 bhosmer_ Hmm...I was afraid of that since it worked before. I'm trying to figure out how to either downgrade my minion or update my master. EPEL versions are different for each.
21:27 manfred bhosmer_: i believe epel-testing has the new version?
21:27 bhosmer_ Let me look...
21:27 manfred hrm, maybe not
21:27 forrest bhosmer_, yum downgrade salt-minion
21:28 forrest bhosmer_, there are a few issues with 2014.1 for the master, especially for multi-master setups, just as a heads up
21:28 bhosmer_ Thanks, I'll stick with 17.x for now then for sure.
21:28 DaveQB joined #salt
21:28 forrest bhosmer_, yup, let me know if downgrade works for you without having to address deps.
21:29 bhosmer_ Nope, only upgrade packages available.
21:29 forrest ?
21:29 forrest bhosmer_, it just fails?
21:29 bhosmer_ Only Upgrade available on package: salt-minion-2014.1.0-1.el6.noarch
21:30 bhosmer_ I wonder if I remove it first?
21:31 andrej Hmmm .. I stumbled upon the ldap module earlier, and think I understand what it's there for (not 100% certain, my python-fu is basic, and the in-code doco is, errrh, sparse
21:31 andrej I think it allow a minion to join a network, most likely useful for windows
21:31 andrej I was wonderting whether anyone is working on an LDAP backend for the master, as in storing minion data, grains, users, all in LDAP and then use that as a saltf-like mechanism
21:32 andrej saltfs like
21:34 forrest bhosmer_, no
21:34 forrest bhosmer_, with yum downgrade, you JUST downgrade the package, it should have something available....
21:34 forrest andrej, not that I'm aware of, that would be cool though.
21:34 bhosmer_ This was a new install I started this morning. I can't seem to find an older version in epel.
21:35 forrest bhosmer_, ahh ok that makes sense then. Yea I don't know where the older releases went since they aren't on epel any longer, hang on a second...
21:35 bhosmer_ I mean, I could always just build it from git, but I'd rather use the package manager.
21:36 gadams999 forrest: github issue   under salt-bootstrap best place to bring up?
21:36 forrest gadams999, if it's a problem with the bootstrap, then yep!
21:36 gadams999 forrest: I think it is, so sending there. Beg forgiveness and all that.....
21:37 forrest gadams999, you'll have to answer to s0undt3ch, not me :P
21:37 sporkd2 could someone please point me in the direction of finding out why saltcloud needs to make a new home & .ssh directory when I bring a VM up on aws?
21:37 rgbkrk joined #salt
21:38 forrest sporkd2, I can assure you if someone in here knew the answer they would have answered the question, we try to be pretty good about that.
21:38 sporkd2 sorrry, just frustrated :)
21:38 forrest sporkd2, Yea I can tell you are frustrated, just wanted you to know no one is purposefully ignoring you!
21:38 andrej forrest - that's what I thought ;}
21:39 forrest bhosmer_, http://rpm.pbone.net/index.php3/stat/4/idpl/25502874/dir/rawhide/com/salt-minion-0.17.5-1.fc21.noarch.rpm.html
21:39 bhosmer_ Sweet, thanks forrest
21:39 forrest that's the fc21 release though :\
21:39 forrest bhosmer_, don't download that
21:39 forrest it will bomb
21:40 shadylog_ joined #salt
21:40 shadylog_ Hiya salt people
21:40 forrest all I see are suse copies, let me see if I have a backup...
21:40 shadylog_ I'm looking to support salt in my program and was wondering if salt has a masterless mode?
21:41 christopherl joined #salt
21:41 bhosmer_ forrest: http://rpm.pbone.net/index.php3/stat/4/idpl/25173353/dir/fedora_20/com/salt-minion-0.17.1-1.fc20.noarch.rpm.html
21:41 forrest bhosmer_, that's fc20
21:42 manfred shadylog_: it does
21:42 shadylog_ manfred: awesome!
21:42 manfred shadylog_: salt-call --local
21:42 rgbkrk joined #salt
21:43 christopherl I'm on Ubuntu 12.04, I just upgraded to the latest salt-minion package 2014.1.0-1precise1 from 0.17.5, and now my all my minions fail with the following message -> http://pastebin.com/jSeZRcwr
21:44 ndrei joined #salt
21:44 manfred christopherl: did you upgrade the master to 2014.1 ?
21:45 christopherl double checking the master version
21:45 manfred christopherl: https://github.com/saltstack/salt/issues/10932
21:46 christopherl That would do it. Thanks!
21:46 manfred np
21:48 [diecast] joined #salt
21:53 ndrei joined #salt
21:54 BogdanR hello. Anyone using scheduler?
21:54 dyim joined #salt
21:56 krow joined #salt
21:57 gzcwnk joined #salt
21:57 gzcwnk anyone around pls?
21:57 christopherl joined #salt
22:03 elfixit joined #salt
22:03 tvle joined #salt
22:04 rojem joined #salt
22:04 forrest gzcwnk, just ask your question, if someone knows the answer they'll usually respond
22:04 Ahlee BogdanR: yes
22:05 higgs001 joined #salt
22:07 gzcwnk Hi Im in NZ so often these channels are asleep
22:07 gzcwnk im trying to follow a salt demo on youtube to setup users and Im getting an error
22:08 gzcwnk Rendering SLS "base:users" failed: Jinja variable 'dict' object has no attribute 'userdata'; line 3
22:08 gzcwnk - fullname: {{ pillar['userdata']['munin']['fullname'] }}    <======================
22:08 gzcwnk cant see what ive done wrong
22:09 gzcwnk prop a syntax error on my part, but I cant see it
22:10 gzcwnk im not a coder
22:11 Ahlee i'm no good with pillars, but do you have userdata defined?
22:11 gzcwnk i think so
22:11 manfred gzcwnk: you don't
22:11 christopherl Is there a good way to add a watch command to the pip.installed state?
22:11 gzcwnk so under /srv/pillars i have a file
22:11 manfred can you share your pilar file?
22:11 gzcwnk % set admin_group = 'sudo' if grains['os'] == 'Ubuntu' else 'wheel' %} admin_group: {{ admin_group }}
22:12 gzcwnk userdata:   munin:     fullname: munin     password: eeeeeeeeeeeeeeeeeeeee
22:12 Ahlee can you pastebin/gist it?
22:12 manfred curl -F 'f:1=<-' ix.io < /path/to/file
22:13 gzcwnk um, never done taht before
22:13 Ahlee gzcwnk: http://pastebin.com/
22:13 manfred replace path to file with /srv/pillar/whatever.sls
22:13 Ahlee oh
22:13 Ahlee neat manfred
22:14 manfred so much better than pastebin.com, no nasty carriage returns, and no dumb ads
22:14 gzcwnk http://pastebin.com/M3JHYfKq
22:14 oraqol joined #salt
22:14 bhosmer joined #salt
22:14 manfred and your /srv/pillar/top.sls?
22:15 gzcwnk http://pastebin.com/wzrrZRL8
22:15 oraqol Hi guys, I'd really appreciate some help scheduling highstate to run on the master.  I've set this in /etc/salt/master but it does not run every minute, doesn't run at all.  Any ideas?  schedule:
22:15 oraqol overstate:
22:15 oraqol function: state.highstate
22:15 oraqol minutes: 1
22:15 Gordonz joined #salt
22:15 Ahlee doesn't schedule need to run on the minion?
22:15 oraqol Oops, next time I will use pastebin, my apologies
22:16 gzcwnk http://pastebin.com/vUMKNgiZ
22:16 oraqol Is there no way for it to be scheduled from the master?
22:16 Gordonz joined #salt
22:16 forrest Ahlee, oraqol, according to the docs it can be scheduled on either
22:17 Ahlee forrest: yeah, just saw that
22:17 Ahlee huh
22:17 Ahlee that's interesting.
22:17 oraqol yes, and the configuration I used came straight out of the docs, but it still does not run
22:17 forrest oraqol, your config doesn't exactly match the docs
22:17 oraqol I know because I'm watching htop and there is no spike in usage
22:17 forrest you have overstate instead of highstate
22:17 forrest for your second line
22:17 forrest I don't know if that effects it or not
22:18 manfred gzcwnk: is the top.sls in /srv/salt or /srv/pillar ?
22:18 forrest Ahlee, if you don't specify the target though, how would that work from the master?
22:18 forrest seems like 'yea ok state.highstate nothing? More than happy to do so! ok I am done.'
22:18 gzcwnk its in /srv/salt/
22:18 Ahlee forrest: good call
22:18 manfred gzcwnk: you need one in /srv/pillar to, that one says which pillar data gets assigned to the server
22:19 oraqol so is there anyway to specify a target in the /etc/salt/master config?
22:19 oraqol in essence, is there anyway to schedule highstate from master?
22:19 gzcwnk ah ok so the youtube piece looks to be wrong, bugger
22:20 forrest oraqol, I don't know, I've never targeted a specific minion like that via the scheduler. Not sure what the syntax looks like.
22:20 oraqol if not, I'll prolly just hook "salt '*' state.highstate" to a cron job, but I'd like to avoid that if salt has the ability internally
22:20 forrest maybe just - tgt: '*' ?
22:20 forrest oraqol, yea of course.
22:20 oraqol forest: so cronjob is the way to go?
22:20 helderco joined #salt
22:20 sporkd2 oraqol: most people do that with their CI servers
22:20 forrest oraqol, for the quick and dirty if you don't want to look into the scheduler code, yea :P
22:20 sporkd2 kick off highstate after a build
22:20 gzcwnk is this second top.sls the same file or different?
22:21 forrest gzcwnk, there is /srv/pillar/top.sls, and /srv/salt/top.sls
22:21 forrest gzcwnk, take a look at http://docs.saltstack.com/topics/best_practices.html#structuring-pillar-files
22:21 manfred gzcwnk: they are different files, because your pillar names might be different than state names
22:21 gzcwnk really when I call it I use the salt 'target' state.highstate command
22:21 forrest I wrote it, so someone better read it dammit!
22:22 manfred gzcwnk: right, but the top.sls in /srv/salt/ assigns which states to run, and the top.sls in /srv/pillar/ assigns which pillars it has
22:22 oraqol Ok, so then scheduling highstate on master is not officially supported by salt?
22:22 forrest oraqol, It seems like it should be, but I don't know how the targeting works
22:22 oraqol just need something to present to the higher ups, ya know?
22:22 forrest oraqol, hang on
22:22 forrest basepi are you around?
22:22 gzcwnk ah ok....bugger this looks complex
22:22 forrest gzcwnk, it's not as complex as it seems
22:22 basepi forrest: no
22:22 basepi ;)
22:23 basepi What can I do for you?
22:23 oraqol [hanging]
22:23 forrest basepi, how do you target the scheduler to run a state.highstate across multiple targets/all targets?
22:23 forrest from the master
22:23 forrest not the minion
22:23 basepi Just add it to a '*' pillar file
22:23 basepi And do a sync_all (refresh_pillar doesn't seem to be doing everything it's supposed to right now, but sync_all is)
22:24 basepi Scheduler config can be in minion config or in pillar.
22:24 forrest ok, so then this line in the docs is incorrect: Scheduling is enabled via the schedule option on either the master or minion config files, or via a minion's pillar data.
22:24 manfred can it be in grains?
22:24 basepi forrest: well, it's still the minion's pillar data
22:24 basepi but that's set on the master.
22:24 basepi minions get their pillar data from the master...
22:24 elsmorian joined #salt
22:25 manfred but not from the master config file
22:25 basepi True.
22:25 basepi manfred: I don't know on grains, but I think not
22:25 oraqol I'm sorry to be a pain, but I only have a cursory understanding of pillars.  How would I add the scheduling option in a pillar file?
22:25 forrest basepi, gotcha, ok thanks.
22:26 basepi oraqol: in one of your pillar sls files, just add the same lines as you might add to the minion config, as shown in the scheduler docs
22:26 basepi oraqol: if you've never configured pillar, i can point you to a doc for it
22:27 oraqol just like, create a scheduling.sls file in the /srv/pillar, place the config lines, and add the sls to the top.sls in pillars directory?
22:27 basepi oraqol: Yep.  =)
22:28 oraqol Sweet!
22:28 basepi Oh, and make sure you run a `salt '*' saltutil.sync_all` afterwards
22:28 oraqol I'm going to try that out right now and update you guys once it completes.  Wish me luck!
22:28 basepi to make sure all the minions have it
22:28 oraqol oh wait
22:28 oraqol so this means the minions will be running highstate, contacting the master?
22:28 gzcwnk hmm, now I have a different error,  http://pastebin.com/mPaVCPmy
22:29 oraqol my bosses don't like the idea of minions checking in, they prefer all exchanges to be initiated by the master
22:29 oraqol if that is the case, I may just go the cronjob route
22:29 chuffpdx joined #salt
22:30 basepi oraqol: Yes, the minions run their own schedule
22:30 oraqol eek
22:30 oraqol hmm, I guess cronjob it is
22:30 oraqol no biggee
22:30 oraqol Thanks guys, you've been very helpful.
22:31 manfred gzcwnk: is it an ubuntu server or something else?
22:32 gzcwnk its redhat but the code nees to run on ubuntu as well
22:32 gzcwnk we'll have redhat and ubuntu desktops
22:32 manfred right
22:32 gzcwnk users have the choice
22:32 manfred i was jsut wondering about your set admin_group thing
22:32 gzcwnk so im trying to setup sudo and local users
22:32 sporkd2 the sweet sweet sight of saltcloud configuring a box on ec2 while I eat peanutes over my keyboard
22:33 bemehow joined #salt
22:33 gzcwnk i want to put "thing" into the wheel group and lock down sudo su -
22:34 gzcwnk so im trying to ge the user there and into wheel
22:35 ajw0100 joined #salt
22:36 gzcwnk I will try and set it manually, see if its teh scripting i copied sucks
22:37 manfred gzcwnk: where did you find the set group = admin if .... else wheel syntax? i don't see it in the jinja templating thing
22:37 gzcwnk http://www.youtube.com/watch?v=fTieSO2tp3s   at 25mins 52secs it shows it
22:38 manfred yeah i am not opening that.
22:38 gzcwnk k
22:38 manfred http://jinja.pocoo.org/docs/templates/#if
22:38 manfred i was looking for it here
22:38 gzcwnk it doesnt like groups at all
22:38 ajw0100_ joined #salt
22:39 joehoyle joined #salt
22:39 gzcwnk i bypassed it and it still bombs
22:39 seapasulli joined #salt
22:40 manfred oh
22:40 manfred uhh... no :/
22:40 manfred hrm
22:42 gzcwnk i remove that and I still get a failure
22:42 manfred so, the munin one doesn't have groups set...
22:42 manfred http://pastebin.com/M3JHYfKq
22:42 alunduil joined #salt
22:42 manfred but i don't know  why it says it is failing on thing...
22:43 gzcwnk i removed it anyway and it still fails
22:43 roolo joined #salt
22:43 manfred salt '*' state.highstate |& curl -F 'f:1=<-' ix.io
22:43 roolo Guys, does salt have something like community states repository?
22:43 manfred roolo: https://github.com/saltstack-formulas/
22:44 gzcwnk its not thing is the groups line,
22:44 bemehow_ joined #salt
22:44 roolo I am writing small intro for my friend about provisioning
22:44 roolo manfred: thx
22:44 gzcwnk its failing on a null value?
22:44 manfred gzcwnk: no idea until i see the error
22:45 gzcwnk http://pastebin.com/CUdUj8Bv
22:45 gzcwnk i wonder if that youtube thig is obsoolete code
22:45 manfred you don't have groups set in the pillar data for munin
22:47 gzcwnk ok now this error,  http://pastebin.com/hL6FLNAk
22:47 manfred you have a semicolon instead of a colon?
22:47 manfred user.present;
22:47 gzcwnk doh
22:48 manfred yup, same thing with the one before
22:48 gkze joined #salt
22:49 kermit joined #salt
22:49 yomilk joined #salt
22:50 gzcwnk well it worked :D  but failed  :(
22:50 gkze hey guys I'm running into a basic design issue... I'm refactoring my Salt setup and would like to get user management right from the get-go. What is the best way to separate users by environments or groups?
22:50 gkze so that for example devs don't have access to prod systems
22:51 manfred gkze: set the users to create in your pillar data
22:51 manicouman joined #salt
22:51 manfred where you can also specify the same environmens
22:51 gzcwnk says the user isnt there, yet the users is   http://pastebin.com/bn2HByLU
22:51 manfred gzcwnk: there is no group None
22:52 gzcwnk huh?  shouldnt it create thing though?
22:52 gkze manfred: right, so have a template that iterates through the users pillar data and creates a user for each entry
22:52 manfred yes
22:52 gkze how would I separate users in pillar then?
22:52 gzcwnk well it didnt
22:52 manfred same way you are setting the stuff in the top.sls
22:52 manfred gzcwnk: that yes wasn't to you
22:53 gkze ohhh just have users_dev: and users_prod: or something?
22:53 gzcwnk yep
22:53 manfred gzcwnk: right
22:53 manfred gzcwnk: well no
22:53 manfred bah
22:53 manfred so many gggggg
22:53 manfred gkze: so
22:53 gzcwnk i'd have thought it would have created the user thing
22:53 manfred gkze: have a dev environment and a base environment in /srv/pillar/top.sls,
22:54 gkze is that better than having branches with GitFS?
22:54 manfred gkze: then you have /srv/pillar/base/users/init.sls, where you specify the users for the base environment
22:54 manfred and /srv/pillar/dev/users/init.sls where you have the dev users
22:54 manfred you can do it with gitfs if you wanted to
22:54 gkze gotcha ok
22:54 gkze thanks, one more thing
22:55 gkze I do get a few snowflakes when a dev is temporarily promoted to a prod system for quick access
22:55 gkze would I just include that user
22:55 gkze user's pillar data in the base env?
22:55 dyim joined #salt
22:55 joehoyle joined #salt
22:56 manfred yes, and then push a highstate, or state.sls for those users, make sure to have a way to remove users that aren't listed though
22:56 gkze I'm thinking absent.sls?
22:56 gkze still trying to get the hang of that
22:57 manfred i haven't put any thought into that, so no ideas come to mind right awawy
22:57 gkze alright thanks a lot anyway
22:58 manfred gzcwnk: http://docs.saltstack.com/ref/states/all/salt.states.user.html#salt.states.user.present
22:58 manfred groups
22:58 manfred A list of groups to assign the user to, pass a list object. If a group specified here does not exist on the minion, the state will fail. If set to the empty list, the user will be removed from all groups except the default group.
22:58 oraqol Ok so hooking salt command to cron works as expected, you can even batch jobs
22:59 oraqol Sweeeeeeeeeet
22:59 tvle joined #salt
22:59 joehoyle joined #salt
23:00 dstanek_afk joined #salt
23:02 meteorfox joined #salt
23:05 mgw joined #salt
23:05 mgw joined #salt
23:08 christopherl left #salt
23:10 themadcanudist joined #salt
23:12 [diecast] what's this someone is telling me about a mitm attack with salt?
23:13 faldridge joined #salt
23:14 gzcwnk hrmm, im trying to create a new users but its failing, is there a log anywhere to say why?
23:14 sporkd2 gzcwnk: bebug it
23:14 sporkd2 debug*
23:15 gzcwnk who to debug?
23:15 [diecast] http://osvdb.org/98642
23:15 [diecast] is that security flaw still valid?
23:15 gzcwnk how even
23:15 manfred [diecast]: read it
23:15 sporkd2 when you run your salt command run -l debug with it
23:15 manfred [diecast]: Solution: Upgrade
23:15 [diecast] nm, i see it says fixed
23:15 manfred Solution
23:15 manfred It has been reported that this issue has been fixed. Upgrade to version 0.17.1, or higher, to address this vulnerability.
23:15 [diecast] manfred yes, my apologies
23:15 manfred np
23:16 gzcwnk debug didnt help, I get "Comment: Failed to create new user thing2"
23:16 gzcwnk not very helpful
23:19 gzcwnk how do i find out why its failing?
23:19 themadcanudist check the minion log
23:20 mikkn joined #salt
23:20 themadcanudist salt -v -l trace
23:20 gzcwnk where is the minion log kept?
23:20 themadcanudist /var/log/salt/minion
23:21 snuffeluffegus joined #salt
23:21 gzcwnk ta, getting a return code 6
23:23 gzcwnk looks like the user's group doesnt exist so it fails
23:23 rojem joined #salt
23:23 gzcwnk thats wierd
23:24 krow joined #salt
23:25 jeffro joined #salt
23:25 shadylog_ anyone experimented using zookeeper as a source for salt tree's in standalone mode?
23:25 shadylog_ (anyone that desires such a config?) ??
23:25 ndrei joined #salt
23:26 gzcwnk i think this looks like a bug, but it seems so simple
23:28 manicouman joined #salt
23:29 seapasulli joined #salt
23:34 gzcwnk i think i'll give up.....curve too steep for so little gain
23:35 themadcanudist hmm, doubtful it's a bug
23:35 themadcanudist groups
23:35 themadcanudist A list of groups to assign the user to, pass a list object. If a group specified here does not exist on the minion, the state will fail. If set to the empty list, the user will be removed from all groups except the default group.
23:35 themadcanudist you can try using optional_groups
23:36 themadcanudist http://docs.saltstack.com/ref/states/all/salt.states.user.html
23:36 themadcanudist you'll need to ensure the group exists before the user is made "present"
23:39 bhosmer joined #salt
23:41 gadams999 joined #salt
23:48 yomilk joined #salt
23:51 timoguin joined #salt
23:57 dyim joined #salt
23:57 Ryan_Lane1 joined #salt
23:58 mgw Am I wrong in thinking that salt CLI args get run through yaml.loads?
23:58 mgw e.g., if I run salt module.fun '{"foo": "bar"}', does the module receive that as a string or as a dict?

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary