Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-03-18

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:07 themadcanudist left #salt
00:07 redondos_ joined #salt
00:09 kickerdog joined #salt
00:09 kickerdog I need a little help with salt-cloud, I'm getting a strange error: http://pastebin.com/VUYW3J0Z
00:10 redondos_ joined #salt
00:14 manfred can you provide the profile you are using?
00:15 kickerdog http://pastebin.com/3y8WBjjS
00:16 fllr joined #salt
00:18 JordanRinke joined #salt
00:19 manfred what version of salt are you using?
00:20 giles_ joined #salt
00:21 kickerdog salt-cloud 2014.1.0
00:21 manfred ahh ok thanks, one second
00:22 kickerdog no problem
00:23 ggoZ joined #salt
00:23 mapu joined #salt
00:24 jtang1 joined #salt
00:25 googolhash joined #salt
00:25 manfred kickerdog: https://github.com/aws/aws-cli/issues/479 looks to be the same problem here
00:26 googolhash joined #salt
00:27 googolhash joined #salt
00:28 KyleG1 joined #salt
00:28 manfred looks like you would need to use the network_attachment instead of network_interfaces
00:28 DaveQB joined #salt
00:28 manfred but i don't see anything in salt documentation on how to do that, and i don't use ec2 so i don't have anything to help you test it
00:29 googolhash joined #salt
00:34 kickerdog I added "associate-public-ip-address: True"
00:35 manfred and it worked?
00:36 kickerdog I believe it did
00:36 kickerdog Yup, it did
00:36 manfred nice
00:36 kickerdog Thanks for the help. I have to migrate prod,staging,dev to a different availablity zone tonight :(
00:37 jnials joined #salt
00:39 manfred good luck!
00:41 andrej With the most recent update (salt 2014.01 on Ubuntu 12.04) none of my jobs seem to run to completion. I have the suspicion that one OLD minion is the cause of this (it's 15.02 or some such on ubuntu 7.04 - don't ask :) - the machine will go away in 3 months).
00:41 andrej Is it feasible/sensible/possible to try and update the box from git as there's no newer packages available?
00:41 andrej Or can I make the master kind of ignore it all together?
00:43 schimmy joined #salt
00:43 kickerdog You can bootstrap using the latest code
00:45 andrej Do I need to remove the the current ubuntu package for this to work, and can I retain the current minion config?
00:46 snarfy^ joined #salt
00:49 kickerdog I would backup the current config
00:49 kickerdog killall salt-minion; apt-get purge —remove salt-minion
00:50 kickerdog Use the steps in here https://github.com/saltstack/salt-bootstrap
00:50 kickerdog then once your done, delete and then re-add your minion to the salt-master
00:51 giles_ Does anyone have a proper watch that i can out in place so that when any user updates their password it check and sets it back to what I am trying to send down from the master?
00:51 giles_ I got the password setting working but trying to figure out what to watch on the user.present
00:51 frasergraham joined #salt
00:52 giles_ http://0bin.net/paste/BHtfdWsjWxuGfheN#bmFCIqqiufzchXyZ6JySA/q6ab5FBIln609yESuWY5k= This is my highstate output currently
00:52 kickerdog you could watch the /etc/passwd file and the /etc/shadow files for changes
00:52 giles_ its saying /etc/shadow not found
00:52 giles_ let me try passwd
00:52 l0x3py joined #salt
00:54 giles_ doesn't look like passwd updates when the password is changed
00:55 giles_ Current users.sls file http://0bin.net/paste/il-eU6y+-KeWLo0f#zKiexBiqy56QzGgC9wiQDxrT88Aa2660HrWtUqKJraY=
00:55 giles_ have tried putting the path to shadow in quotes too... nothing
00:55 akoumjian joined #salt
00:56 jab416171 joined #salt
00:56 taion809 joined #salt
00:56 scalability-junk joined #salt
00:56 abele joined #salt
00:56 gldnspud__ joined #salt
00:56 Guest10400 joined #salt
00:56 symroe joined #salt
00:57 simonmcc_ joined #salt
00:58 xerxas joined #salt
01:02 n8n joined #salt
01:04 mpanetta joined #salt
01:04 jperras joined #salt
01:13 akoumjian joined #salt
01:14 symroe joined #salt
01:15 simonmcc_ joined #salt
01:15 gldnspud__ joined #salt
01:15 scalability-junk joined #salt
01:15 Guest10400 joined #salt
01:15 jab416171 joined #salt
01:16 abele joined #salt
01:16 xerxas joined #salt
01:19 jtang1 joined #salt
01:22 sroegner joined #salt
01:23 mgw joined #salt
01:25 Linz_ joined #salt
01:26 manicouman joined #salt
01:28 xzarth joined #salt
01:29 jeddi joined #salt
01:32 thayne joined #salt
01:33 manicouman joined #salt
01:34 n8n joined #salt
01:36 frasergraham joined #salt
01:36 manicouman joined #salt
01:37 jergerber joined #salt
01:37 HeadAIX joined #salt
01:41 druonysuse joined #salt
01:42 yomilk joined #salt
01:44 frasergraham joined #salt
01:48 Ryan_Lane joined #salt
01:48 shoemonkey joined #salt
01:52 andrej Ah strike ... that box is firewalled off, and I don't control the firewall.  Can I get everything from git, package it up and push it to the machine via scp?
01:53 ipmb joined #salt
01:56 pydanny joined #salt
01:58 schimmy joined #salt
01:59 suckaplease joined #salt
01:59 schimmy1 joined #salt
01:59 suckaplease is there any way for a service to watch directories not managed by salt?
02:01 andrej suckaplease: define service
02:01 andrej And what OS is this for?
02:02 andrej On Linux you can "watch" files/directories via the inotify framework
02:02 quickdry21 joined #salt
02:03 joehh joined #salt
02:09 shoemonkey joined #salt
02:09 suckaplease andrej: hmm, inotify, interesting… I'm installing elasticsearch plugins using cmd.run and want to restart elastic search when a new one is added.
02:09 dave_den suckaplease: no, not at the moment. You would need to use something like inotify like andrej mentioned and fire off an event or call a state
02:10 dave_den suckaplease: that is different and yes that would be supported
02:10 schimmy1 joined #salt
02:10 dave_den but your cmd.run would need to be stateful in order to let your service state know when a change in plugins happens happened
02:11 fllr joined #salt
02:11 suckaplease andrej: I'm just about to try a new method where I do something like:
02:11 suckaplease {{ dest }}-els-plugin:
02:11 suckaplease cmd.run:
02:11 suckaplease - name: '……'
02:11 suckaplease - unless: '…..'
02:11 suckaplease and then:
02:11 suckaplease service.running:
02:11 suckaplease - name: elasticsearch
02:11 suckaplease - watch:
02:11 suckaplease - {{ dest }}-els-plugin
02:12 dave_den suckaplease: use a pastebin service, pls
02:12 meteorfox joined #salt
02:13 jtang1 joined #salt
02:13 meteorfox joined #salt
02:14 suckaplease dave_den: sry! I'm new IRC
02:15 dave_den no worries
02:15 dave_den so how do you install your els plugin?
02:16 suckaplease using /usr/share/elasticsearch/bin/plugin -install {{ source }}: OR some-state-name: and then use - name: …
02:18 dave_den suckaplease: read this about stateful cmd.run: http://docs.saltstack.com/ref/states/all/salt.states.cmd.html#module-salt.states.cmd
02:18 suckaplease dave_den, how do you add a state-key to a list of watched components?
02:19 dave_den suckaplease: requisites like watch/require are in the form:   module; id_declaration
02:19 suckaplease nm, i get it!
02:19 suckaplease so cmd: <whatever> right?
02:19 dave_den in your case, service.running would watch:  cmd: {{ dest }}-els-plugin
02:19 druonysus joined #salt
02:20 suckaplease dave_den, thanks homie. You too andrej!!
02:20 dave_den but you need to make sure you make cmd.run stateful, otherwise your service will never get restarted
02:20 suckaplease worked like a charm
02:21 andrej no worries ... dave's way seems much easier ;)
02:22 rostam joined #salt
02:22 andrej Is there a way to run bootstrap on a box w/o an actual internet connection?
02:23 dave_den andrej: there has been a long-standing wish list for things like long-running deamons that watch for things like inotify and execute something in salt. i  proposed something like this to integrate that kind of thing into salt: https://github.com/saltstack/salt/issues/7105
02:24 dave_den andrej: if you are going to use the bootstrap script, i think it inherently requires internet access
02:24 manfred you could use inotify and use salt-api to fire events for the reactor to act upon
02:25 ajw0100 joined #salt
02:25 dave_den manfred: yes indeed, but that is somewhat roundabout and not directly integrating inotify into salt minions
02:25 manfred if you use systemd, you could also just use .path units to run a command to fire off events
02:25 manfred dave_den: yar
02:25 manfred that would be nice
02:26 ipalreadytaken joined #salt
02:26 dave_den it would be awesome to just say 'watch this direcoty' and 'when a new file is created, fire this event'
02:26 dave_den or some such, as a built in state
02:26 dave_den or daemon
02:26 manfred yar
02:27 andrej That looks quite snazzy dave_den
02:27 dave_den i thin that might get a second look once raet/ioflo is implemented
02:27 shoemonkey joined #salt
02:27 dave_den think
02:28 andrej So ... w/o inet access, and no current repo for the OS the minion is running ... how do I get salt-minion 2014.1 installed? :)
02:29 dave_den andrej: well, if you have ssh access you can send a git checkout of v2014.1 to the minion and then run setup.py install
02:29 dave_den it depends on what methods you have of getting the alt source to the minion
02:30 andrej I can ssh/scp stuff to the box fine
02:30 dave_den i personally like virtualenv based installs
02:30 dave_den and if you use upstart, there is support for virtualenvs in the upstart scripts
02:30 andrej So I just do a git checkout on e.g. my workstation (w/o running install.sh), tar that up, push it across, and then what? :)
02:31 dave_den make sure you have the salt dependencies installed, then run untar it and run setup.py install (or activate a virtualenv first, then run setup.py)
02:32 andrej I'll give that a shot
02:32 andrej let me check whether virtualenv is available for the old dog
02:32 dave_den i strongly recommend virtualenv
02:32 dave_den it makes it nice and clean and allows you to have multiple versions installed at the same time, if needed
02:33 dave_den https://github.com/saltstack/salt/blob/develop/pkg/salt-minion.upstart#L20
02:34 dave_den as defined in /etc/default/salt-minion
02:35 druonysus joined #salt
02:35 Furao joined #salt
02:35 che-arne joined #salt
02:36 schimmy1 joined #salt
02:40 yomilk joined #salt
02:40 fllr joined #salt
02:42 thayne joined #salt
02:45 andrej arrrrgh ... "* ERROR: End of life distributions are not supported."
02:45 andrej I can't upgrade the box
02:45 andrej Can I override this somehow?
02:45 fllr joined #salt
02:45 dave_den what distro?
02:45 Corey andrej: ^
02:45 andrej Geriatric ubuntu. not as old as I thought (somehow I had 7 in my mind, but it's 11.04)
02:46 andrej I'm just taking the test out of install.sh
02:47 dave_den andrej: that test is only in bootstrap - are you just running './setup.py install' in the salt source dir?
02:49 Gordonz joined #salt
02:51 Gordonz joined #salt
02:53 andrej Nope
02:53 modafinil_ joined #salt
02:53 andrej I badgered one of our network guys to make the internet work for a while for that box
02:53 andrej ran bootstrap after all
02:53 andrej and it's installed and working
02:53 andrej thanks dave_den :)
02:54 dave_den cool, glad you got it
02:54 andrej me too
02:54 andrej and it seems to be quite happy so far even on the old dunger
02:55 frasergraham joined #salt
02:56 joehh joined #salt
02:57 techdragon Is there a 'gatekeeper' in the house, anyone with merge rights? Got a question about writing tests... Whats the procedure for getting new tests in? is it just 'all old tests pass' + your tests look correct and pass? or is there anything more complicated?
03:00 Corey techdragon: Oh, they'll merge anything. :-p
03:01 techdragon lol well I figured I had to check given I'm testing something that I can't even work out how until I finish reading through the separate salttesting repo code.
03:02 favadi joined #salt
03:02 rgbkrk joined #salt
03:03 manfred techdragon: if you have a good test that makes sure that something always works, they will probably just merge it :)
03:04 suckaplease joined #salt
03:04 techdragon yeah, i was hoping it would be like that. the test itself is pretty simple.
03:07 jtang1 joined #salt
03:23 googolhash joined #salt
03:24 googolhash joined #salt
03:25 googolhash joined #salt
03:27 googolhash joined #salt
03:27 ipmb joined #salt
03:28 googolhash joined #salt
03:29 googolhash joined #salt
03:30 googolhash joined #salt
03:32 googolhash joined #salt
03:33 googolhash joined #salt
03:34 googolhash joined #salt
03:35 googolhash joined #salt
03:41 Linz joined #salt
03:42 googolhash joined #salt
03:45 googolhash joined #salt
03:51 schimmy1 joined #salt
03:53 jeremyfelt joined #salt
03:55 ipalreadytaken joined #salt
03:58 TyrfingMjolnir joined #salt
04:01 jtang1 joined #salt
04:01 joehillen joined #salt
04:08 adyromantika joined #salt
04:11 googolhash joined #salt
04:20 frasergraham joined #salt
04:22 Katafalkas joined #salt
04:25 ipalreadytaken joined #salt
04:25 sroegner joined #salt
04:30 thayne joined #salt
04:37 joehillen joined #salt
04:41 manicouman joined #salt
04:42 schimmy joined #salt
04:47 schimmy joined #salt
04:53 smcquay joined #salt
04:55 jtang1 joined #salt
04:56 yomilk joined #salt
04:58 jalbretsen joined #salt
05:12 arthabaska joined #salt
05:14 n8n joined #salt
05:18 cyrusdavid joined #salt
05:18 manicouman joined #salt
05:19 cyrusdavid joined #salt
05:28 cyrusdavid joined #salt
05:28 seblu joined #salt
05:33 cyrusdavid joined #salt
05:39 manicouman joined #salt
05:50 jtang1 joined #salt
05:51 techdragon anyone written an integration test for salt before?
05:52 * techdragon just realised how significantly it will be more complex than his local test harness shell script
05:53 Hemebond left #salt
05:57 mgw joined #salt
05:57 ipalreadytaken joined #salt
05:59 kickerdog joined #salt
06:01 kickerdog1 joined #salt
06:14 sroegner joined #salt
06:23 Furao techdragon: I did
06:24 Furao but it's tight to my formulas
06:24 Furao it expect few things
06:24 techdragon any pointers what I should be looking at in order to setup the test case data?
06:24 Furao it's unittest & python metaclass that use salt.client.LocalClient to list all formulas (.sls) and test them separately and in group
06:25 Furao it took me months to have something that works well
06:25 techdragon I see a dir full of random states, with no clear indication how the test runner uses them.
06:25 Furao on a VM with SSD testing all my stuff now takes 19 hours
06:26 pdayton joined #salt
06:27 techdragon oh, I think there was a miscommunication, Im talking about writing an integration test for salts own components as part of the tests/integration/* suite of salts tests, the ones run by jenkins whenever a pull request is issued, etc. Not sure if thats the same kind of test you're talking about.
06:28 manicouman joined #salt
06:32 techdragon is it?
06:32 salt_ joined #salt
06:34 salt_ how to create a user in salt-minion(Ubuntu) using saltstack from salt-master
06:34 salt_ please do let me know
06:42 joehillen joined #salt
06:44 jtang1 joined #salt
06:46 Furao techdragon: no it's not
06:46 Furao it's integration tests of formulas (.sls files)
06:47 techdragon oh well, thanks for the reply. i think i'm finally starting to make some sense of the integration tests now I've taken my mind off them for a moment.
06:51 smcquay joined #salt
06:53 fllr joined #salt
06:55 _fllr_ joined #salt
07:00 xmltok joined #salt
07:05 astol joined #salt
07:05 manicouman joined #salt
07:09 ChaosPsyke joined #salt
07:14 salt_ how to create a user account in salt-minion(Ubuntu) using saltstack from salt-master
07:20 Katafalkas joined #salt
07:24 slav0nic joined #salt
07:27 Katafalk_ joined #salt
07:29 Furao how can I do something that had been documented elsewhere multiple times? can you please reformulate this for me on IRC, as it's the best medium to read web page.
07:32 Iwirada joined #salt
07:33 pdayton joined #salt
07:37 astol joined #salt
07:38 jtang1 joined #salt
07:45 Kenzor joined #salt
07:46 astol joined #salt
07:48 MrTango joined #salt
07:49 seblu joined #salt
07:49 babilen salt_: See https://github.com/saltstack-formulas/users-formula for some inspiration (or a working formula)
07:52 Katafalkas joined #salt
07:53 fllr joined #salt
07:58 kickerdog joined #salt
08:01 kickerdog joined #salt
08:02 Katafalkas Is it possible to wait for module to finish the job before exiting ? I am using salt-api, running local_client.cmd(instance_name, 'pkg.install', ['myservice', 'refresh=True']), and modules returns without actually finishing the installation
08:03 sroegner joined #salt
08:05 johtso joined #salt
08:06 balboah joined #salt
08:13 jtang1 joined #salt
08:19 ajw0100 joined #salt
08:20 giantlock joined #salt
08:25 mike25ro joined #salt
08:26 astol joined #salt
08:27 yomilk joined #salt
08:27 harobed_ joined #salt
08:28 joehh joined #salt
08:44 astol joined #salt
08:51 topochan joined #salt
08:53 fllr joined #salt
08:54 Signum left #salt
08:56 Ztyx joined #salt
08:57 Ztyx Hey, I have a custom grains module that I'd like to use. Could anyone tell me where the "_grains" directory should reside?
08:58 Shish top level of the states folder is where I've put it (using gitfs)
08:58 Shish so same folder as top.sls
08:59 Ztyx Ok. For which environment? base?
08:59 Shish I presume so (not really using environments here)
09:00 Ztyx Aight. Thanks. Will try.
09:01 Ztyx That worked! Good to see that `saltutil.sync_grains` also outputs which custom grains where picked up.
09:05 kadel joined #salt
09:11 astol joined #salt
09:14 LinuxBill joined #salt
09:14 ajw0100 joined #salt
09:16 LinuxBill can salt deploy onto bare metal? We have some physical machines that I want to automate deployment on. How do you guys deal with this?
09:17 krow joined #salt
09:19 salt_ let me know the use of salt grains
09:19 malinoff joined #salt
09:22 alex_____ joined #salt
09:22 Ztyx @LinuxBill: Absolutely. You just install the salt-minion on the bare metal machine and accept it on the master.
09:23 Ztyx salt_: was your post about my question?
09:24 dusel joined #salt
09:26 videre joined #salt
09:28 LinuxBill Ztyx: sorry my question is poorly worded. Does salt have afeature like puppet razor for bare metal deployment.
09:29 videre what do people use for storing large binaries (fx. installation files) and making them accessible to minions?
09:32 bhosmer joined #salt
09:37 asdf_ joined #salt
09:38 asdf_ i had created a user account by sudo salt '*' cmd.run ' sudo adduser asdf'
09:38 asdf_ my question how can i set password for this account
09:39 zooz joined #salt
09:39 asdf_ sudo passwd doesn't helped much
09:40 Ztyx LinuxBill: I see. Can't answer that. Never used Puppet.
09:41 Ztyx videre: I'm deploying large binaries from apt repository. If I wasn't using that, I'd put the binaries on the salt master (_not_ in git).
09:41 Furao videre: I have my own mirror server http://archive.robotinfra.com/
09:42 Furao useful to handle failure that sometimes plague pip and github
09:42 Furao pypi
09:42 Furao and that make testing process few hours shorter
09:46 videre Ztyx: what is your setup with the apt repo? We are hosting our own mirror repo for packages, do you use the same repo for packages as for binaries? I was avoiding using the master because of the load if 1000's of servers are requesting transfers at the same time
09:47 Furao videre: it's very costly in term of CPU to transfer files from minion to master
09:47 Furao it's a lot faster to use http/https
09:49 videre Furao: I wasn't talking about transferring from minion to master. what did you think I said?
09:50 N-Mi joined #salt
09:50 Ztyx left #salt
09:51 Furao "and making them accessible to minions"
09:51 Furao I gave you an comparison with one of the most easy and costly method to transfer file in salt
09:51 Furao but it's ok, I'm loosing my time trying to help
09:52 Furao bye
09:52 videre Furao: ok, so http/https, thank you ( I was talking about transfers To the minions, not From)
09:52 sroegner joined #salt
09:53 fllr joined #salt
09:55 LinuxBill left #salt
10:20 johtso joined #salt
10:20 krow joined #salt
10:31 manicouman joined #salt
10:37 ggoZ joined #salt
10:37 mekstrem joined #salt
10:37 rtucker i'm writing a new custom state, which needs to track state to know if there are any more executions necessary of it's type
10:38 rtucker is there a counter used internally to track execution vs order perhaps?
10:38 rtucker maybe a way to get where in the current graph tree execution is, to then traverse downward?
10:42 rtucker when i look at __salt__['state.show_highstate']() I see 'present', {'order': 10000}]
10:43 rtucker if I could correlate 10000 vs an internal counter that would be fantastic
10:53 fllr joined #salt
11:10 manicouman joined #salt
11:15 diegows joined #salt
11:20 analogbyte is there a way to run every state during a highstate? I'd like to do this for testing
11:21 mike25ro analogbyte: during highstate ... all states that you have added to top.sls are run
11:22 astol joined #salt
11:22 analogbyte mike25ro: yes I know ;) now I am testing my states whenever I push to their repo, and I often forget to adjust the testing top file to include all states when creating a new one... I want to assign all of them to a minion running in docker
11:23 manicouman joined #salt
11:27 bhosmer joined #salt
11:29 mike25ro you can create a bash - to loop through the states and dynamically create the top.sls analogbyte
11:29 mike25ro that's what i would do...
11:30 analogbyte you could of course do that, but thats not really what I thought off... but I guess it would do
11:40 babilen Hi - I am using the users-formula (cf. https://github.com/saltstack-formulas/users-formula/ ) and would like to require a user... unfortunately that doesn't seem to work and I am not entirely sure how to deal with this as a "require: \n - user: $NAME" doesn't seem to work.
11:41 sroegner joined #salt
11:48 rojem joined #salt
11:48 JacKLeo__ joined #salt
11:48 faust joined #salt
11:49 JacKLeo__ Hi, can I use local client as in masterless mode and keep states in gitfs? For some reason this does not want to work for me
11:51 analogbyte JacKLeo__: you mean using gitfs from the master, and local on the minon? I guess you can set the fileserver_backend and the git foo on the minion, which should be used by the --local directive...
11:52 analogbyte but normaly local refers to /srv/salt on the minion, but I guess this is only the default config... any fileserver_backend should be possible
11:53 fllr joined #salt
11:53 astol joined #salt
11:54 JacKLeo__ analogbyte: well I do have this http://pastebin.com/raw.php?i=t8RHQxmD Ive just started with salt :/ what I am trying to achieve is to use salt in local as you mentioned, but read states from git repo. Debug just shows that it reads the config and does nothing.
11:56 elfixit joined #salt
11:57 analogbyte JacKLeo__: this does look right to me, except that I am not sure of git+ssh... It doesn't require your ssh key? and other than the issue with keys, I think there was a problem with using it (at least a few versions back)... it is best to use the plain git:// protocol
11:59 rtucker is there a place to ask dev related questions?
11:59 masterkorp joined #salt
11:59 masterkorp hello
12:00 masterkorp I am from the chef world and this new job requires me to learn and use salt
12:00 rtucker masterkorp: congrats!
12:00 masterkorp what would recomend to someone that come from chef to pay special attention to ?
12:01 analogbyte rtucker: many of the devs are on here regulary. you can also try the mailing list
12:01 rtucker analogbyte: k, perhaps i just keep missing then :(
12:01 masterkorp it seems to be a centic control system, is that correct ?
12:02 rtucker masterkorp: it also has that capability, yes
12:02 JacKLeo__ analogbyte: but then again it should sum up with the contents of file location by the gitfs_remotes that I've set. And setting that as ``file_roots: base:`` works just fine.
12:02 masterkorp rtucker: its both ?
12:03 rtucker masterkorp: it's a configuration management engine as well as a centric control system i'd say
12:03 masterkorp but its all based on remote the exuction right ?
12:04 masterkorp not like chef that chef-client does everything
12:04 rtucker masterkorp: there is a salt minion that executes similar to chef client or puppet agent
12:04 analogbyte JacKLeo__: mh, I don't have better advice than checking /var/log/salt/minion then, or perhaps running the minion not as a service but straight from the commandline with 'salt-minion -l debug' to see whats going on
12:05 masterkorp thing is puppet agent does use remote execution
12:05 masterkorp chef client is almost independt besides gettting running data
12:05 masterkorp and sending
12:06 masterkorp anyways I will keep reading
12:06 rtucker masterkorp: do you have a specific question?
12:06 dh__ joined #salt
12:06 babilen Hi all -- I am using GitFS and the repositories aren't checked out in their entirety. I am really not sure how to proceed and any hint would be most welcome. See details in: http://paste.debian.net/88353/
12:06 rtucker masterkorp: i feel like some of this conversation is too ambiguous to really solve anything, if you had a specific question that might help me to know what you're looking to figure out
12:06 msciciel joined #salt
12:07 Linz joined #salt
12:07 masterkorp yeah, I am sorry
12:07 rtucker masterkorp: no need to apologize
12:07 masterkorp do you recomend any video introduction ?
12:07 babilen I am simply baffled by this, particularly because the missing file is mentioned in "cp.list_master" but is not actually found in /var/cache/salt/master/gitfs/refs/ :-/
12:07 dh joined #salt
12:07 wedgie joined #salt
12:08 malinoff rtucker, what do you want to know about development?
12:08 JacKLeo__ analogbyte: logs contain exact copy of -l debug output. And I can't reallu run salt-minion since again it's masterless mode. I don't have master
12:08 rtucker malinoff: well, i'm creating a new custom state, and i need to essentially track state so i know when the last instance is being ran.. essentially the opposite of mod_init
12:09 rtucker malinoff: i'm working on a purgeable ssh key state
12:10 malinoff rtucker, AFAIK, there were a gossip about that, but right now it can be achieved with 'order': 100000 argument
12:10 rtucker malinoff: unfortunately the __salt__ global is reset between each iteration, i was hoping to track state there, but no luck
12:10 rtucker malinoff: is there a way to get the current order number?
12:10 delkins joined #salt
12:10 andersb joined #salt
12:11 analogbyte JacKLeo__: yes I mistyped, you can also pass the -l debug flag to salt-call but if you don't see anything in there, I don't know... maybe check the issues on github
12:12 flebel joined #salt
12:12 babilen Can I force a gitfs checkout again and can I see what actually happens when i do that?
12:12 scott_walton joined #salt
12:12 malinoff rtucker, well, I have no idea how this can be achieved
12:13 rtucker malinoff: k, can i get you opinion on the hackiness level of: https://rtucker.pastebin.mozilla.org/4619703
12:13 rtucker malinoff: that's how i currently have it implemented, basically calling write-purge for every user at the end, and with the order: last it ensures that the write method happens after all the other keys
12:14 rtucker sorry, calling write
12:14 kevinbrolly joined #salt
12:14 sroegner joined #salt
12:15 analogbyte babilen: You can delete the cache you mentioned above and salt-run fielserver.update
12:15 analogbyte babilen: never heard of some kind of proper refetch
12:16 babilen analogbyte: I am just stunned by this behaviour and can consistently reproduce it ... Lets see what "fileserver.update" does
12:16 malinoff rtucker, can you re-upload to pastebin? I can't open your paste
12:17 philipsd6 joined #salt
12:17 rtucker malinoff: weird, 1 sec
12:17 rtucker malinoff: http://pastebin.com/kmPWmtyp
12:19 rtucker malinoff: the only other thought i have at this point, is to basically create a cache file in /tmp for tracking state
12:21 JacKLeo__ analogbyte: can it be that it simply ignores fileserver_backend because even if it's masterless it's still a minion?
12:21 tzero_ joined #salt
12:21 troyready joined #salt
12:21 ggoZ joined #salt
12:22 ChaosPsyke joined #salt
12:22 wkf_ joined #salt
12:23 babilen analogbyte: I had no ../refs/ directory after that at all. It did, however, magically appear during the highstate run. The file, nrpe.cfg.jinja is still missing though
12:23 analogbyte JacKLeo__: could be, but I don't think this is the desired behaviour
12:23 babilen Seriously, I have no idea how you would even manage to get an incomplete git checkout as the SHA checksum wouldn't be correct
12:24 manicouman joined #salt
12:24 analogbyte babilen: wat... yeah, makes no sense at all :/
12:25 babilen analogbyte: And there I had hoped to use this in production this afternoon :(
12:26 babilen The only "weird" thing about my setup is that I testing this in virtualbox and set "gitfs_base: dev" in /etc/salt/master, but then I still don't understand why files are missing.
12:26 analogbyte JacKLeo__: https://github.com/saltstack/salt/issues/6660
12:27 babilen analogbyte: If I clone the repository that I have as gitfs_remote manually the file is present
12:28 analogbyte babilen: virtualbox should make no difference... and you aren't confusing any branches? gitfs_base is correct and contains the file?
12:28 JacKLeo__ analogbyte: thanks a lot
12:29 babilen analogbyte: It is indeed. The files in /refs/ are from the right branch (aren't even present in the other branch) ... It's just that one file is missing.
12:30 repl1cant joined #salt
12:30 babilen analogbyte: One thing that I do, however, is to "extend" that file somewhere else as I want to ship a different version than the one in the formula. That still doesn't explain why the original is missing, but it's one thing that I can think of. (but then I do the same for other states without problems)
12:31 analogbyte babilen: yes, it doesn't make sense... I can't find an issue describing something similar either... you should probably create one
12:32 babilen analogbyte: Okay, I will. It's just that I would simply like to debug this further ... I mean there is obviously a bug somewhere, but I just can't think of other ways to debug this.
12:33 analogbyte babilen: yeah me neither... good luck with it ;)
12:33 babilen heh *sob*
12:38 astol joined #salt
12:38 mapu joined #salt
12:38 suckaplease joined #salt
12:42 faldridge joined #salt
12:42 suckaplease joined #salt
12:46 malinoff rtucker, what kind of problem you're trying to solve? I mean, not "determine current state", but a more common?
12:46 rtucker malinoff: so we generate authorized_key files for users
12:46 rtucker malinoff: let's say that a user adds a ssh public key to their authorized_keys file
12:46 rtucker malinoff: we don't want to allow that, we only want public keys from our 'source of truth'
12:47 rtucker malinoff: i'm currently going down the road of storing json blobs as cache files in /tmp
12:49 malinoff rtucker, and you want to disable "wrong" states, right
12:49 malinoff ?
12:49 rtucker so, essentially, i want to generate an authorized key file from the source of truth (ldap)
12:50 shoemonkey joined #salt
12:50 rtucker then after i've done so for every user, i want to one time run a script that compares what i've generated to /home/<user>/.ssh/authorized_keys
12:50 rtucker and if they differ, overwrite /home/<user>/.ssh/authorized_keys with my generated version
12:50 rtucker all of this is working, but as you could see in my pastebin, i have to call purgeablesshauthorizedkey.write for every single user, which is miserably inefficient
12:52 rtucker malinoff: ^^
12:53 fllr joined #salt
12:53 jslatts joined #salt
12:53 malinoff rtucker, I have no idea what's going on, really :) Never tried to manage ssh keys with salt, I think the other system should handle this (like sso, etc.)
12:54 rtucker malinoff: unfortunately, no
12:54 malinoff I hope you will figure this out
12:54 rtucker malinoff: i'm close!
12:55 londo rtucker: why don't you point sshd to some different path for authorized keys?
12:55 shoemonkey joined #salt
12:55 rtucker londo: i'm not sure how that solves my problem
12:56 timoguin joined #salt
12:56 astol joined #salt
12:57 rtucker londo: if you're getting at because i can then make them root writeable only, it doesn't solve the problem of a user getting disabled and the key getting purged from say the root keyring
12:57 Linz joined #salt
13:02 shoemonkey joined #salt
13:07 faust why don't you simply build a dir like "authorized_keys/[user1,user2]" and then use an ad-hoc process which uses inotify to track changes and rewrite authorized keys?
13:08 londo or just sync the full ldap list to it directly, although AuthorizedKeysCommand might be a better solution for all this
13:09 rtucker faust: that seems like an extreme amount of overkill
13:09 rtucker regardless, i got this to work now, i'm just creating state files in /tmp
13:10 faust rtucker: londo answer about "AuthorizedKeysCommand" looks good
13:11 millz0r joined #salt
13:11 rtucker that is interesting, issue though are ACLs to the LDAP server from the managed nodes
13:11 vejdmn joined #salt
13:13 juicer2 joined #salt
13:15 londo in a previous job I solved the ssh keys problem by disabling them and forcing everyone to use kerberos tickets instead, disabled accounts can't get a ticket so you don't have to be as aggressive with cleaning old entries from .k5login, obviously not a solution for everyone
13:17 rtucker londo: yep, good solution, but i'm trying to fit something in to replace how we're currently doing it with puppet
13:17 xerxas joined #salt
13:18 HeadAIX joined #salt
13:19 zaz\ rtucker: this may be overkill, but since you want authorized keys to be determined only from ldap, why not patch sshd to look them up directly from the ldap ? shouldn't be that much of a chore
13:19 Gifflen joined #salt
13:19 zaz\ and bypass the authorized_keys file problem entirely
13:21 rtucker zaz\: i kind of feel like just writing a stateful salt state is the way to go
13:21 zaz\ something like https://code.google.com/p/openssh-lpk/
13:21 Nazca joined #salt
13:21 zaz\ right, it's probably simpler, just pointing out an alternative ;)
13:21 obimod joined #salt
13:22 rtucker zaz\: yep, appreciate it
13:22 Gifflen joined #salt
13:22 londo rtucker: how do you collect keys from ldap at the moment?
13:23 shoemonkey joined #salt
13:23 rtucker on the master, iterate over users where employeeType != disabled, store that in a dict object, then iterate it out into yaml
13:24 obimod what's shaken salters?
13:25 londo can you not then have a state with a managed file with jinja listing the keys per user?
13:25 obimod have a quick question regarding an osx brew install saltstack and the subsequent absence of /etc/salt/master config file
13:26 rtucker londo: yeah, i'd say that's pretty much what we've got
13:26 faldridge joined #salt
13:27 shoemonkey joined #salt
13:27 jaimed joined #salt
13:27 rtucker londo: i'm going to put this state up on my github once i clean it up a bit
13:28 racooper joined #salt
13:29 ChaosPsyke joined #salt
13:31 zaz\ also, but you probably thought of it already : what about generating the "true" authorized_keys files periodically on the master (with cron of the likes) and simply using those as managed file sources for your users ?
13:31 zaz\ spares you from trying to generate them with salt
13:32 gnugnu9 joined #salt
13:32 zaz\ obimod: what's the matter ?
13:32 rtucker zaz\: i have thought of that, but doesn't help if a user file exists on a system, but not from the source of truth
13:32 quickdry21 joined #salt
13:33 zaz\ ah, right. you mean there's a problem when a user has no authorized_keys according to the source of truth, then you can't simply manage it, since there is none.
13:33 mpanetta joined #salt
13:33 rtucker zaz\: exactly
13:33 zaz\ what about generating an empty one for each and every possible user from the ldap, and only populating the ones that should be ?
13:34 zaz\ since you would be making a shell script to generate them, it shouldn't be much harder to generate empty ones too
13:34 rtucker cause i'm doing a ton of unnecessary writes and there's a chance that while i've written an empty one a user can't login until their proper one gets put into place
13:34 obimod oh hai zaz, jw why the /etc/salt/master config file is missing after a brew install saltstack execution on osx
13:34 sroegner joined #salt
13:34 zaz\ obimod: http://docs.saltstack.com/topics/tutorials/walkthrough_macosx.html . It's more or less expected, just get it from here (section 3.4.9.3)
13:35 obimod : )
13:35 zaz\ rtucker: sure, but if you generate them on the salt-master side and make your shellscript so the file made available to salt is always the right one, i don't think there would be a problem
13:36 rtucker zaz\: how is that better than just writing a purging state?
13:36 rtucker it seems like i've been told by a few people to look to other solutions
13:36 zaz\ don't know, just seems simpler from the salt state standpoint :P
13:36 rtucker writing cache files was very simple
13:36 suckaplease joined #salt
13:36 zaz\ but i think i may just fail to see the problem, so, well .. :D
13:37 kermit joined #salt
13:37 rtucker basically the problem is a salt state that tracks state to purge ssh authorized keys that don't exist in ldap
13:37 TyrfingMjolnir joined #salt
13:37 rtucker the other issue with AuthorizedKeysCommand is if there is a network outage, or LDAP is down
13:37 rtucker i knew there was a deal breaker
13:38 vejdmn joined #salt
13:39 zaz\ i think that the network outage problem will probably be hard to solve, because i don't think you'll be able to purge anything if you can't reach the source of truth :) except if you cache it, but, well, the cache may become wrong too
13:39 vejdmn joined #salt
13:40 londo you can use AuthorizedKeysCommand to collect /etc/authorized_keys/user.d/*.keys, that way you don't have to manage a single file per user
13:41 rtucker zaz\: but a user can still login to a managed system during an outage
13:41 vejdmn joined #salt
13:41 rtucker londo: that is interesting, but doesn't get around firewall ACLS prohibiting managed nodes from talking to LDAP, not to mention the load of 50,000 machines talking to said ldap servers
13:42 londo don't talk to ldap, generate the files the same way as now
13:42 zaz\ precisely, generate them on the salt master and let it dispatch them to the clients
13:42 zaz\ and just use empty files for users that shouldn't have any authorized keys
13:43 mapu joined #salt
13:45 ccase joined #salt
13:45 zaz\ also, maybe you can look at using certificates instead of using rsa keys for ssh authentication, i haven't used them but i understand it makes user management easier, as you can apparently control who can login as which user from a single root-owned file on the servers
13:45 mpanetta joined #salt
13:45 zaz\ (i'm not actually sure about that but i read it few weeks ago, seemed interesting)
13:45 rtucker i'm leaning towards just going forward with a stateful state provider, since it would be a drop in replacement
13:45 rtucker thanks much for the suggestions though
13:46 zaz\ FYI : http://neocri.me/documentation/using-ssh-certificate-authentication/
13:47 zaz\ hope that helps
13:47 tyler-baker joined #salt
13:48 Networkn3rd joined #salt
13:49 alfborge joined #salt
13:49 alfborge s
13:53 fllr joined #salt
13:55 gnugnu9 joined #salt
14:00 baffle Can anyone think of a good way to pull IP addresses out of the mine as a list without loops in Jinja?
14:00 ndrei joined #salt
14:01 shoemonkey joined #salt
14:03 baffle I.e. if I want to pull out a list of IDs, I just do salt['mine.get']("G@foo:bar and *.biz", "network.interfaces", expr_form="compound").keys() .. But if I do .values() I can only (afaik) only target a specific result, i.e. with .values()[0]['eth0']['inet'][0]['address'] ...
14:03 baffle The first [0] there can't be some kind of wildcard? :)
14:04 sgviking joined #salt
14:05 kaptk2 joined #salt
14:05 baffle In the past I've used for-loops to iterate over keys/values and built a new list.
14:05 fllr joined #salt
14:06 jcsp joined #salt
14:07 jeremyBass joined #salt
14:08 mike25ro hi guys - weird issue ... i just deployed a minion ... but pillar refresh is not updating the minion pillar data. Also when i run a salt 'office-sugarcrm01.xxx.yy' pillar.items  the only result i get is  ---------------   ... no pillars are returned. Do you have any idea what might be wrong?
14:10 mike25ro i can get the grains.items ... just fine.... but pillar.items... doesn't return anything
14:12 sporkd2 can you -l debug that command?
14:14 mike25ro sporkd2: http://pastebin.com/Q0vV7id3
14:15 sporkd2 mike25ro:
14:15 sporkd2 are you sure your setting them correctly in your pillar top file?
14:17 baffle Now I do this: http://pastebin.com/KrcwmXJd
14:18 Ryan_Lane joined #salt
14:18 Ryan_Lane joined #salt
14:18 Gordonz joined #salt
14:20 pnl joined #salt
14:22 pdayton joined #salt
14:23 rostam joined #salt
14:23 mike25ro yeah sporkd2... i have used it before
14:24 GradysGhost joined #salt
14:25 mike25ro yesterday i have installed another minion that worked perfectly
14:26 napper2 joined #salt
14:27 jergerber joined #salt
14:28 ajprog_laptop joined #salt
14:28 seapasulli joined #salt
14:31 Damoun joined #salt
14:35 dccc joined #salt
14:38 rojem joined #salt
14:38 shoemonkey joined #salt
14:39 fllr joined #salt
14:40 mike25ro sporkd2: the minion is a newer version than the master ... that's the problem. thanks sporkd2 for  your time!
14:40 sporkd2 mike25ro:
14:40 sporkd2 ugh
14:40 sporkd2 i had to find that out myself once, no easy way lol
14:40 mike25ro yeah.. my salt version is 0.17.1 everywhere... and this new minion is 2014.1.0
14:41 sporkd2 i had an issue that the ubuntu repo was installing different tags of the 17.1 branch.. that was fun
14:41 HeadAIX joined #salt
14:41 suckaplease joined #salt
14:41 chrisjones joined #salt
14:41 mike25ro now i have to see if I update salt everywhere... if that might break anything...
14:41 sporkd2 im running 2014.1.0 master and minions succesfully
14:42 mike25ro we have centos... with a clone of the repo ... some of my colleagues must have update the repo last night...
14:42 mike25ro sporkd2: should i know anything .... .or how do you update salt-minions?
14:42 mike25ro to a newer salt version?
14:43 mike25ro i never updated it until... now :)
14:43 sporkd2 i use the bootstrap script since you can specifcy a tag
14:43 transmutated joined #salt
14:43 mike25ro bootstrap?
14:44 sporkd2 mike25ro: https://github.com/saltstack/salt-bootstrap
14:44 mike25ro i have installed salt manually
14:44 sporkd2 linux?
14:44 timoguin You can upgrade using your package manager. I wouldn't upgrade before testing though.
14:44 mike25ro yeah... that's my fear timoguin
14:45 rallytime joined #salt
14:46 che-arne joined #salt
14:47 mike25ro sporkd2: centos 6.4
14:47 Katafalk_ joined #salt
14:48 kzx on windows tryign to use pkg.installed state and it seems to install the package but show False as the result and the state fails
14:48 Katafalkas joined #salt
14:49 ndrei joined #salt
14:49 mike25ro what is the best option to update salt-minion ? via a script? or via salt-master... running a command yum install salt-minion
14:49 mike25ro ?
14:49 sporkd2 both, salt command with script
14:50 sporkd2 IMHO
14:50 mike25ro thanks sporkd2
14:51 sporkd2 mike25ro glad I could help
14:51 Katafalkas joined #salt
14:51 Gordonz joined #salt
14:51 kzx is there any way to debug it, i see the pkg installed in pkg.list_pkgs output, seems to have the right name...
14:51 sporkd2 kzx: run your command with -l debug
14:53 kzx sporkd2: good idea, trying it
14:54 kzx sporkd2: doesn't seem to show internal state debugging (maybe that happesn on the minion only?)
14:54 patrek_ joined #salt
14:54 pugs joined #salt
14:58 sporkd2 anyone using salt with django?
14:58 pnl joined #salt
15:00 transtipper joined #salt
15:00 ambientsound sporkd2: I'm in the adoption process
15:01 kzx well if anyone is interested, I figured out the problem, the repo version has to match the installed version exactly, so Python after it gets installed is 2.7.6150 not 2.7.6 or 2.7 or 2
15:01 ambientsound my current setup consists of a deployment script, virtualenv setup, nginx and uwsgi config files, and a git repo for the application
15:02 sporkd2 ambientsound: almost the same here, for some reason when I set the database = in the django mod for syncdb / migrate etc it still uses my local repo instead of my external postgres
15:02 sporkd2 repo=database
15:03 ambientsound django mod?
15:03 ambientsound do you mean config file?
15:03 ambientsound I've not come that far, still working out how to distribute db connection parameters (pillars?)
15:03 ambientsound this is a shared hosting setup though
15:06 ccase joined #salt
15:06 transtipper I have a question about upgrading salt on my minions
15:07 transtipper using cmd option from salt to run apt-get update prompts for salt config file changes and is interactive.
15:07 abe_music joined #salt
15:07 transtipper any ideas on how to accept the defualt which is not update the condiguration file for my minions?
15:08 mgw joined #salt
15:08 Gareth transtipper: any reason you're not using pkg.refresh_db?
15:08 transtipper not familiar with it.
15:09 transtipper do you have a reference link for me?
15:09 Gareth http://docs.saltstack.com/ref/modules/all/salt.modules.aptpkg.html#salt.modules.aptpkg.refresh_db
15:10 jeremyfelt joined #salt
15:10 ckao joined #salt
15:12 Katafalkas joined #salt
15:13 Katafalkas joined #salt
15:13 ndrei joined #salt
15:13 transtipper I'm not sure what this is accomplishing
15:14 transtipper Is it just updating the repo db?
15:16 Gareth Yup.  But its not interactive, updates it automatically.  If you want to upgrade the package and not be prompted then you should use the install or upgrade function.
15:17 rgbkrk joined #salt
15:17 transtipper I'll have to give this a go. Do I have to mess with a debconf answers file?
15:18 conan_the_destro joined #salt
15:18 Gareth Nope.  Shouldn't have to.
15:18 transtipper awesome
15:18 transtipper I'll give this a whirl.
15:19 ndrei joined #salt
15:24 whiteinge Katafalkas: did you get an answer to your question about waiting for a job to finish?
15:24 Katafalkas whiteinge: negative
15:24 Katafalkas I ended up doing while loop that checks till there is not jobs running with saltutil.running
15:25 ndrei joined #salt
15:25 pdayton joined #salt
15:26 whiteinge that is how salt's CLI does it too
15:26 whiteinge it's kind of a tricky thing
15:26 whiteinge another way is to watch salt's event stream for each minion to return
15:28 whiteinge a third (less elegant) way is to fire the job in async mode and repeatedly looking at the return for that job until it looks complete (possibly in combination with the saltutil.running/saltutil.find_job)
15:28 GradysGhost joined #salt
15:29 whiteinge if you fire the job off asyncronously you can get the JID in the return. (i need to get that added to the syncronous version too)
15:30 Mr_N joined #salt
15:30 elfixit joined #salt
15:30 transtipper Gareth: It's been running the update for a minute. I see a couple of flags that look like they will accomplish the auto settings:) Thanks!
15:31 transtipper I've got over 600 minions out there that are dying for an upgrade
15:31 Mr_N Well don't make the mistake I did and actually upgrade them -.-
15:31 transtipper ?
15:31 Mr_N Unless some really outstanding issues got fixed, it's really easy to break your deployment
15:31 Mr_N for example
15:32 Mr_N Multimastering, unless something changed since I was last in here, is entirely broken.
15:32 Mr_N (in the 2014.1 release)
15:32 naiyte joined #salt
15:32 rojem joined #salt
15:33 Mr_N I also have a pending issue on win_repo not working, even the verbatim example from the docs fails.
15:33 Mr_N (at least one other person has confirmed this problem, as well)
15:34 transtipper I'm running an old version on these guys, .15 something or other. We don't use it for anything to crazy, mostly just for doing a mass upgrade on a few packages that have to happen at the same time
15:34 Mr_N Ah, fairnuff.  Well, my warning stands.
15:34 transtipper I'm about half way with the salt deployment...
15:34 Mr_N Unless some big fixes have been made, I wouldn't voluntarily update to 2014.1 yet.
15:35 Gareth transtipper: 600...impressive :)
15:36 Mr_N Gareth: if our deployment matures, we're looking at ~2000 minions.
15:36 Gareth Mr_N: nice.
15:36 transtipper Thanks. It's a manual labor, but I'll get there. It's now part of our imaging process so it's a big more automated for new installs. The field machines though....ughhhh.
15:36 Mr_N I say this less to e-peen, and more to, "I really really want this to work, I promise, and am not grumbling out of a distaste for salt"
15:37 Mr_N transtipper: How did you incorporate it with your imaging?  Kickstart?
15:38 Mr_N (I'm curious because we've been hammering on the deployment problem for a while now, and all our existing solutions are a bit duct-tapey)
15:39 Katafalkas cheers whiteinge
15:39 transtipper Just a script that runs after the hostname has been set.
15:40 Mr_N Ah.  (not to different from kickstart then, that's just formalized as the %post section there)
15:40 transtipper I've not been into kickstart
15:40 transtipper I'll have to look into that
15:40 Mr_N I don't like it, but I've yet to find a better suggestion. (I haven't looked too hard.)
15:40 Mr_N Spacewalk is the tool we use to manage our kickstarts.
15:41 Mr_N Windows is all done via WDS.
15:41 Mr_N (we're primarily a SL/win2k* datacenter, so that divide is somewhat logical.)
15:42 transtipper Suse Linux?
15:42 Mr_N Scientific Linux
15:42 forrest joined #salt
15:43 transtipper Ahh, gotcha.
15:43 Mr_N It's a RHEL/CentOS fork or something.  I'm an absolute fool when it comes to OS pedigree, so don't ask me to say more lest I make a fool of myself :P
15:43 xmj isnt that the CERN fork of EL ?
15:43 Mr_N See?
15:44 * Mr_N hides in a corner
15:44 transtipper I was going to chuckle if it was SLES. I thought we were the last shop on earth to use Novell stuff:D
15:44 xmj [wiki] Scientific Linux (SL) is a Linux distribution produced by Fermi National Accelerator Laboratory and the European Organization for Nuclear Research (CERN).
15:44 Mr_N xmj: I had no doubt you were right.  I just didn't know offhand.
15:44 Mr_N I'm really really bad at keeping miscellanea in my head.
15:45 xmj Mr_N: i've upgraded three different hw servers and many containers running minions to 2014.1... no issues
15:45 Mr_N Do you multimaster?
15:45 xmj maybe i've just had the easy, off-the-shelf solutions to things
15:45 xmj nope
15:46 Mr_N I've had two big problems, as I mentioned, multimastering and win_repo, and have pushed issues for both, FWIW :/
15:46 xmj with fixes, too?
15:46 Mr_N The fix in my case is to "not use it."
15:46 Mr_N single mastering works.
15:46 Mr_N pkg.install works outside of win_repo
15:46 xmj well, the proper fix would be to make multimastering work :)
15:46 Mr_N Yes, but unfortunately, I'm being paid to admin a datacenter, not hack on salt :/
15:47 Mr_N as much as I might like it to be the other way around
15:47 Mr_N The best I can do is push issues, continue to use the service, and potentially if I get personal free time, dig in. (I'm moving across the country shortly, so that isn't happening.)
15:48 xmj ah
15:48 transtipper I'm just a lousy programmer.
15:49 xmj i always hack on things if they're easy :)
15:49 Mr_N There's just not enough time in the day...
15:49 Mr_N Easy or not doesn't matter.  It's just... time :/
15:49 Furao joined #salt
15:49 xmj nop there isnt
15:50 druonysus joined #salt
15:50 Mr_N I have to debug a set of PDU's whose batteries shit themselves, wire a UPS controller into a networking closet, figure out why some driver PPA is totally broken, get salt to properly configure a new class of machine, and set purchase reports for the last 2 years to HR
15:50 Mr_N and that's just the stuff that was supposed to be done yesterday before snow closed work off.
15:50 Mr_N I barely have time to come in here and poke about my issues being looked at :(
15:51 pdayton joined #salt
15:51 Mr_N / pick people better than meat salt's brains
15:51 Mr_N me at*
15:52 Nazzy_ sounds like you need more people :p
15:52 jcockhren Nazzy_: he nees minions ;)
15:52 jcockhren needs*
15:52 transtipper :D
15:52 thayne joined #salt
15:52 abe_music anyone familiar with the cookie trick to automate a download of java from oracle? it recently stopped working for me and was wondering if there's a new workaround
15:52 shoemonkey joined #salt
15:52 Nazzy_ are we talking the yellow kind or the DK imp kind?
15:52 abe_music the saltstack java formula uses that trick btw
15:53 Nazzy_ Oracle are evil, didn't ya know?
15:53 jcockhren abe_music: I don't use that. I just lock it at the version I want and install from s3
15:54 abe_music jcockhren: yeah, we're going to have to do something like...just worried about licensing issues and we can't do that for our customers
15:54 jcockhren ? java isn't free?
15:54 jcockhren and we can't distribute it?
15:54 abe_music Nazzy_: yeah, we fortunately support openjdk as well, but some of our customers refuse to use openjdk
15:55 abe_music jcockhren: no, you have to accept their license and terms of use...it's like the mysql connector jar stuff. you can't ship it, but people can grab it for free and use it
15:55 jcockhren ah.
15:55 abe_music it's crap :)
15:55 jcockhren so... you have to do it evey time or just for every version you download?
15:55 jcockhren b/c I think if you do it once....
15:56 jcockhren I dunno
15:56 rupsky joined #salt
15:57 alunduil joined #salt
15:57 abe_music jcockhren: not sure to be honest....i would assume each time you download you need to accept the terms, but that's legal mumbo jumbo i don't understand
15:58 abe_music at least with the cookie trick we were having our customers download directly from oracle and would give them a link to their terms with a blurb about "you accept the terms....blablabla"
15:58 KyleG joined #salt
15:58 Nazzy_ it's that stupid don't redist clause
15:58 KyleG joined #salt
15:58 jcockhren ugh
15:58 jslatts joined #salt
15:59 Nazzy_ Gentoo at least can ship an ebuild with fetch restrictions, ubuntu's solution was totally nuking oracle java from the repos
15:59 jcockhren :boom:
16:01 Mr_N Nazzy_: You have no idea :(
16:01 Mr_N (we need more people)
16:02 Mr_N That is, in fact, why I'm leaving this job to move across the country, because they essentially refused to hire help despite expanding the scope of the sysadmin team's responsibilities for 2 years.
16:03 frasergraham joined #salt
16:03 Nazzy_ that's cause people cost money :p
16:03 Mr_N (which is also why despite being hired as a programmer and migrated into a sysadmin position, I was doing devops work)
16:03 frasergr_ joined #salt
16:03 kickerdog joined #salt
16:04 Mr_N 3 steps removed from my intended role, and completely swamped for multiple years, is a good way to go insane, just FYI
16:04 darrend joined #salt
16:05 Mr_N That's more than enough griping from me. Food time ><
16:05 Nazzy_ yup
16:07 Networkn3rd joined #salt
16:09 madduck joined #salt
16:09 napper2 joined #salt
16:10 utz joined #salt
16:11 meteorfox joined #salt
16:11 ndrei joined #salt
16:13 Ahlee d
16:13 KyleG ayum it's a beautiful day
16:15 schimmy joined #salt
16:17 baniir joined #salt
16:20 joehillen joined #salt
16:21 krak3n`` joined #salt
16:22 mike25ro left #salt
16:25 UtahDave joined #salt
16:25 ipalreadytaken joined #salt
16:26 Nazzy_ *conflicts with ipalreadytaken*
16:27 schimmy joined #salt
16:28 googolhash joined #salt
16:28 smcquay joined #salt
16:29 xmltok joined #salt
16:29 krak3n`` joined #salt
16:30 schimmy1 joined #salt
16:30 druonysuse joined #salt
16:30 druonysuse joined #salt
16:30 Nazzy_ *sigh* I hate dealing with closed software vendors
16:30 krak3n`` joined #salt
16:30 Furao joined #salt
16:31 yomilk joined #salt
16:33 wal1ace joined #salt
16:33 wal1ace hello
16:33 TheRealBill_here joined #salt
16:34 themadcanudist joined #salt
16:34 wal1ace anyone here
16:34 themadcanudist hey guys, can i not use a #!mako|yaml sheband in reactor sls files? It appears to throw an error?
16:35 Nazzy_ wal1ace, nope, we're all in hiding
16:35 wal1ace lol i guess
16:36 themadcanudist in debug mode if I use #!mako|yaml in a reactor.sls file, the debug log shows "Failed to render"
16:36 themadcanudist ah, nm: https://github.com/saltstack/salt/issues/10449
16:36 Ahlee hrm.  I thought 0.17.x's reactor had a minion leave
16:36 xmltok joined #salt
16:37 Ahlee but, firing up eventlisten.py and disconnecting a minion, i don't see events on disconnect
16:37 oz_akan_ joined #salt
16:40 Ahlee guessing it made it into hydrogen but not before
16:40 sgviking joined #salt
16:41 xmltok joined #salt
16:41 krak3n`` joined #salt
16:42 xmltok joined #salt
16:43 Nazzy_ our of morbid curiosity, does anyone here use R1Soft/Idera's CDP product?
16:47 Nazzy_ *out of
16:48 napper2 joined #salt
16:48 pdayton joined #salt
16:49 ajw0100 joined #salt
16:52 Linz_ joined #salt
16:53 baniir joined #salt
16:55 novastar2 joined #salt
16:55 mgw joined #salt
16:57 Iwirada left #salt
16:59 seapasulli left #salt
17:00 luminous hello! I've got this sls I'm trying to cook up with some confusing pillar, can you see my error? http://paste.debian.net/hidden/12862718/  this executes cleanly, but nothing ends up in the file
17:00 luminous ><
17:02 vejdmn joined #salt
17:03 baniir_ joined #salt
17:06 thayne joined #salt
17:06 adyromantika joined #salt
17:18 kermit joined #salt
17:20 timoguin joined #salt
17:20 Nazzy_ luminous, that's certainly not how I'd write that code heh
17:21 carnedepassaro joined #salt
17:22 debian112 joined #salt
17:22 Nazzy_ I'd probably write something more along the lines of `for sk, sv in pillar.get('blah', {}).items(): for k, v in sv.items(): print sk, k, v
17:23 debian112 How do you run state.highstate for different environments, the default is base
17:23 Nazzy_ my guess is that your second pillar.get is failing, try adding debugging statements in the outer loop to see how it runs
17:24 Nazzy_ debian112, env=blah ? though generally you run highstate against a minion and I thought the config determines which environment that minion is in?
17:26 Nazzy_ luminous, actually, looking at it again, I'm certain your second pillar.get is failing, I doubt it will do variable interpolation so you're looking for the /literal/ config['section'] rather than config[section]
17:27 debian112 Nazzy, for instances if I want to run a single state I can run this: salt-call state.sls ssh environment_staging
17:27 debian112 Nazzy that works, but I am unable to do the same with state.highstate
17:31 ndrei joined #salt
17:32 diegows joined #salt
17:34 Nazzy_ debian112, I /think/ that's intended behavior ... specify the environment in top.sls
17:35 luminous Nazzy_: yea, I have been fiddling with that exact bit to try and get that correct
17:35 luminous Nazzy_: how would you have done this differently?
17:36 che-arne joined #salt
17:40 Nazzy_ luminous, as I say, I'd put .items() or .iteritems() on the outer loop to get the dict there rather than looking it up twice
17:42 seapasulli joined #salt
17:49 jalbretsen joined #salt
17:49 n8n joined #salt
17:49 luminous Nazzy_: ah, yes, I see your other message. thanks
17:50 luminous you are correct, I should bump that up one level
17:50 luminous thanks!
17:51 elfixit joined #salt
17:51 frasergraham joined #salt
17:53 Nazzy_ luminous, no problem :)
17:55 Mr_N So, I may simply be failing to find any useful reference to this functionality
17:56 Mr_N But is there any way to incorporate templating/dynamicism into the repo files?
17:56 Mr_N or should that explicitely be done at a higher level (pillar/states.)
17:56 Nazzy_ define repo files please
17:56 Mr_N I'm inclined to think the latter, but it'd be REALLY nifty to be able to tweak, say, a command line flag for a given install.
17:56 Mr_N win_repo, for instance.
17:57 Mr_N You define the custom repo with the things it administrates, with some install/uninstall paths/flags
17:57 Mr_N In the instance in question, one of the flags (for the salt minion) asks to specify the master
17:57 Mr_N I'd _LOVE_ if I could do this on the fly.
17:58 rawzone joined #salt
17:58 Nazzy_ I've never used win_repo :(
17:59 luminous Nazzy_: got it working! :D
17:59 Nazzy_ you can put templating in to your state files, but for the purposes of the master location you're stuck with the plain text master config
17:59 Nazzy_ luminous, sweet ^_^
18:00 djaime joined #salt
18:02 krow joined #salt
18:02 gadams999 joined #salt
18:05 googolhash joined #salt
18:10 snarfy^ joined #salt
18:10 vejdmn joined #salt
18:11 carnedepassaro joined #salt
18:14 cofeineSunshine joined #salt
18:15 jaimed joined #salt
18:16 bhosmer joined #salt
18:17 luminous Nazzy_: here's a slight variation on that. rather than looking for sections in blah, I'm now trying to grab sections from blah:config. thoughts on how that might work? I first tried getting config separately: {%- set config = pillar.get('dictionary:config', {}) %} but that and variations aren't yielding results
18:19 sroegner luminous: you need to use {%- set config = salt['pillar.get']('dictionary:config', {}) %}
18:19 luminous ah yes
18:19 Nazzy_ ah, yes, cause pillar is a normal dictionary *facepalm*
18:19 luminous there are _too_ many ways to access pillar
18:19 luminous I generally forget that
18:19 luminous thanks for the reminder sroegner
18:20 luminous UtahDave: this bit me again :P
18:20 vejdmn joined #salt
18:20 * luminous prays for a future pillar refactor where this is all simple and clean
18:21 kzx how do I implement a post-install step, say I want the python package to be installed and when it is actually installed I want to add it to %PATH on windows
18:21 mpanetta s/prays/pays/ :P
18:24 luminous mpanetta: if I get to a position where I can, I would surely see it through
18:24 mgw Has anyone had issues with LocalClient.cmd_iter not honoring the timeout, on 2014.1.0?
18:24 luminous kzx: use watch/require/etc
18:24 mpanetta :)  I was just being silly
18:24 kermit joined #salt
18:24 luminous I know
18:24 luminous :)
18:24 MindDrive joined #salt
18:24 mgw I'm having issues with all runners that use it blocking forever due to some minions being down
18:24 mgw even ctrl-c won't break out of the runner
18:24 kzx luminous: can I watch or require a package install ? just say - require: \n - pkg: 'Python 2' for example ?
18:24 pentabular1 joined #salt
18:24 luminous kzx: yep, you use the id of the state
18:24 luminous kzx: so if you have foo: pkg.installed....  you would use: require: - pkg: foo
18:25 GoKage joined #salt
18:26 naiyte joined #salt
18:26 kzx luminous: but will that run everytime package is check for presense or only when installed ?
18:27 borgstrom joined #salt
18:27 kzx in other words is it a level trigger or edge trigger (say I wouldn't want to keep editing the path every time I run the state, but only after the pacakge is actually installed) ?
18:30 luminous kzx: if you put require, you are just saying "this state needs that state", that's all.. so there's a dependency (helpful for ordering/etc). if you use watch, you will apply the one state with any updates/changes to the other
18:31 kickerdog left #salt
18:32 Nazzy_ kzx, it will check if the package is installed... if it is it returns success, otherwise it attempts to install it and returns success/fail based on that
18:32 djaime joined #salt
18:34 kzx luminous: alright, that makes sense
18:34 Nazzy_ kzx, so kinda like level trigger, but it's more accurate to think of states as "config enforcement" in that they're about trying to make your system match a specification
18:35 kzx Nazzy_: I see, yeah I guess I was wondering what happens if the package is detected as installed, that is considered a success so then the 'add to %PATH' state executes
18:36 kzx so it would make sense to make that idempotent in other words inside the 'add to %PATH' script/action to check if already added then don't add
18:36 Nazzy_ *nod*, so really you want to make sure the path contains blah, rather than blindly adding blah to it
18:37 NV joined #salt
18:38 kzx is there any way to have pre-post install action or commands, say run something only after package installed (say if it is an inneficient operation or something not idempotent)?
18:38 bhosmer joined #salt
18:38 arthabaska joined #salt
18:40 luminous kzx: there is a whole section on requisites and the like. I highly recommend checking it out. there are some points you'll wnat to be aware of
18:40 kzx luminous, Nazzy_: alright thanks for your help, I'll go read some more!
18:42 Nazzy_ kzx, no problem, good luck :)
18:45 luminous :)
18:47 ndrei joined #salt
18:48 kzx joined #salt
18:49 pulkit joined #salt
18:51 suckaplease joined #salt
18:52 pulkit hello
18:52 ipalreadytaken joined #salt
18:53 pulkit i am curious to work on salt but didn't know how to get started
18:54 Nazzy_ there's a quick start guide in the docs
18:54 KyleG pulkit: http://docs.saltstack.com/topics/tutorials/walkthrough.html
18:54 KyleG http://docs.saltstack.com/topics/tutorials/starting_states.html
18:54 KyleG etc
18:54 KyleG great place to start
18:55 musinsky_ does anyone know how to nest node groups?
18:55 Ahlee grr.  stupid tuple based versioning
18:56 Nazzy_ ahale, could be worse ... could be mIRC versioning lmao
18:56 ccase joined #salt
18:56 Nazzy_ or Crucial SSD versioning, that's really trippy
19:02 rgbkrk_ joined #salt
19:02 Nazzy_ (Crucial M4 drives use a 4 byte version for their firmware... the bug fix following 0009 was 0309, the next version after 0309 was 000F ... and for lulz they followed it with 000G)
19:03 rgbkrk_ joined #salt
19:04 sporkd2 has anyone successfully set an env var in the django module for syncdb?
19:06 ccase joined #salt
19:06 jdenning joined #salt
19:08 viod joined #salt
19:09 svs_ joined #salt
19:13 GoKage joined #salt
19:15 jtang1 joined #salt
19:20 ipmb joined #salt
19:20 johtso joined #salt
19:26 quickdry21 joined #salt
19:29 Thiggy joined #salt
19:29 allanparsons joined #salt
19:31 allanparsons how can i run a stalt module inside a state?
19:31 allanparsons i need to find out the latest revision number from a git repo so that i can later use it when creating a directory
19:35 GradysGhost joined #salt
19:36 GradysGhost Is there a way that I can use the 'watch' requisite (or something similar) to watch a file and then make an API call or run a system script or something in response to file changes?
19:36 GradysGhost As an alternative to simply restarting an associated service.
19:37 Daemonik__ GradysGhost, I don't know if Salt has any inotify facilities, but searching that term may help
19:40 UtahDave GradysGhost: the "watch" requisite doesn't watch the actual file.
19:40 UtahDave It "watches" the return status of a state that manages a file
19:40 Ryan_Lane funny enough, when I requested the "watch" feature I meant inotify support
19:41 johtso Is there any way to get salt to work when a minion is under very high load?
19:41 Ryan_Lane where the salt minion would inotify watch files/directories and trigger events when they were changed
19:41 johtso I
19:41 Ryan_Lane so that you could have a network-wide inotify and handle the events via the master reactor system
19:43 UtahDave Ryan_Lane: Yeah, I think that would be an awesome module
19:43 Ryan_Lane well, it would need to be baked into the salt minion ;)
19:43 Ryan_Lane it's a root daemon that's always running, it's the perfect spot for it
19:44 kballou joined #salt
19:44 vejdmn joined #salt
19:45 seapasulli left #salt
19:45 Ryan_Lane maybe I'll add a ticket for a notifiers system
19:46 Ahlee johtso: I run salt on the OS core, using cgroups for shielding.  Otherwise, not really, as it's just another process for the kernel to schedule
19:47 oraqol1 joined #salt
19:47 oraqol1 I hope you guys can help me with somethign
19:47 oraqol1 [ERROR   ] Salt request timed out. If this error persists, worker_threads may need to be increased.
19:47 oraqol1 Failed to authenticate, is this user permitted to execute commands?
19:47 oraqol1 just started happening randomly
19:47 allanparsons oraqol1 - what is the version(s) of our minion +master
19:47 oraqol1 i tried adding my user to salt-master and chowning /etc and /var stuff
19:48 allanparsons and what's the output of salt-key -L.  do you see your host in there?
19:48 oraqol1 salt 2014.1.0 for master
19:48 oraqol1 and minions
19:48 oraqol1 and I see all hosts I've added to salt-key -L
19:49 allanparsons from the master can you do a test.ping?
19:49 vxitch joined #salt
19:49 vxitch left #salt
19:49 allanparsons i had it happen randomly to me last week.  a reboot of the master fixed it.
19:49 oraqol1 no, it kicks the error message I mentioned previously when I run test.ping
19:49 oraqol1 ok, i'm going to try to reboot, thank you
19:49 allanparsons also, ports open?
19:49 Ahlee Is your master under any I/O distress?
19:50 jaimed joined #salt
19:50 oraqol1 all the dirs in /etc /var should be chowned to root by default correct?
19:50 johtso Ahlee, right, I suppose I need to make sure the salt minion has a high priority
19:50 oraqol1 no io stress
19:50 Ahlee That error was pretty common for me wthout the gitfs caching issue
19:50 johtso I can SSH into the box fine
19:50 oraqol1 oh, not for me, lol
19:50 Ahlee er, without the gitfs caching patch, not issue
19:50 Ahlee you're on zmq 3.x?
19:51 Ahlee (does 2014.x even work on 2.x?)
19:53 Ahlee https://github.com/saltstack/salt/blob/develop/salt/client/__init__.py#L1426-L1432
19:54 oraqol1 left #salt
19:57 Ryan_Lane https://github.com/saltstack/salt/issues/11330
19:58 suckaplease joined #salt
19:58 Ryan_Lane ^^ could be an interesting way to have a config file updated on one minion that triggers an update of services on other minions
19:59 Ahlee oh interesting Ryan_Lane
19:59 bhosmer joined #salt
20:01 UtahDave I like it
20:03 utz1 joined #salt
20:04 utz1 joined #salt
20:04 Teknix joined #salt
20:07 ggoZ joined #salt
20:08 Ahlee it kinda scares me a little bit
20:08 Ahlee so i'm all for it
20:08 Ryan_Lane :D
20:08 forrest I like it as well Ryan_Lane, +1'd it.
20:09 Ryan_Lane cool
20:10 ndrei joined #salt
20:10 utz joined #salt
20:14 allanparsons @oraqol1 - that reboot work?
20:14 allanparsons also, how can i store the result of a module in a variable?
20:14 alunduil joined #salt
20:14 allanparsons for re-use in state.sls files
20:15 Ahlee man.  You ever get those feelings after running a state "oh man, you did just like I told you to?'
20:15 rgbkrk joined #salt
20:17 Saint-N joined #salt
20:17 Saint-N heya
20:18 Saint-N so im having a weird issue... i've got a state that requires nfs-common to be installed... and it is but salt seems to think it isnt
20:18 Saint-N any idears?
20:19 Saint-N is it because it hasnt cached an answer for the installed state?
20:19 vejdmn joined #salt
20:20 forrest Saint-N, is salt doing the install of nfs-common?
20:20 Saint-N it wasnt
20:20 forrest ok, so there is your issue
20:20 Saint-N is now and that seems to be the issue
20:20 Saint-N yeah
20:20 forrest yep
20:20 forrest Salt only knows about stuff that it handles
20:20 Saint-N thats too bad
20:20 Saint-N but now i know so no biggie ;)
20:20 forrest hah
20:25 kermit joined #salt
20:25 utz1 joined #salt
20:25 cewood joined #salt
20:25 utz1 left #salt
20:26 kballou joined #salt
20:26 krow joined #salt
20:27 Ahlee so there's logic to prevent multiple states running, andybody save me some grepping and know off hand if there's logic to prevent simultaneous runners?
20:28 Ahlee i think i just made salt puke all over itself by trying to do fileserver.udpate twice
20:29 vxitch joined #salt
20:29 seapasulli joined #salt
20:29 vxitch trying to create a user with user.present is failing when i call highstate, with no indication as to why
20:29 viod joined #salt
20:29 vxitch how can i get more information?
20:31 dimeshake run the minion in the foreground with debug
20:31 utz joined #salt
20:32 vxitch 
20:32 vxitch okay
20:39 Yogi joined #salt
20:39 krow joined #salt
20:40 vxitch okay so the group already exists but the user doesnt, so useradd fails
20:41 vxitch http://hastebin.com/jeyejutome.vhdl
20:41 vxitch here it is with the state as well, http://hastebin.com/wemitokico.vhdl
20:42 vxitch what can i do to avoid that error?
20:42 NV joined #salt
20:43 utz left #salt
20:45 DaveQB joined #salt
20:51 debian112 any ideas here? I get this "Malformed topfile (state declarations not formed as a list)" even when I change the top.sls to something simple. I have created just a simple top file for testing. All the indention is correct
20:57 Ahlee hrm.
20:57 Ahlee when executing commands, it's coming back with the function state.sls is running as PID with jid <jid of the salt-run>
20:57 Ahlee salt -v -t 300 -G kernel:Linux state.sls <complex state> env=Staging test=True
21:00 Gareth UtahDave: ping
21:01 meteorfox joined #salt
21:01 jslatts does anyone here know what the expected behavior of the GitFS backend is when the git server is down? I thought it would cache, but in my tests it seems like it refuses to provisionn minions if it can't update from the git repo
21:01 Ahlee oh.  load of 50 on the masterwith ~70% in kernel
21:02 Ahlee that'll do it
21:03 Ahlee jslatts: gitfs fileroots update on an interval that defaults to 60 seconds
21:04 jslatts ahlee:and if the server is not available? like with recent DDoS of GH
21:04 Ahlee Then in 60 seconds you're gonna be in a world of hurt
21:04 jslatts lol
21:04 Ahlee you might try increasing
21:04 jslatts thats unfortunate
21:05 Ahlee that counter
21:05 Corey Ahlee: If GitHub is part of your critical deploy path, you're gonna have a bad time.
21:05 jslatts then i have to wait longer for changes... would be nice to have a failed git fetch just mean that it keeps using the cached version
21:06 Ahlee Corey: indeed.
21:06 Ahlee I'm old.  I refuse to trust any external infrastructure
21:06 jslatts Corey, Ahlee: not deploy, but we do use salt to provision
21:06 vxitch left #salt
21:07 jslatts and i was hoping to use gitfs to keep syndics in sync
21:07 jslatts i could tolerate GH outage for days as long as we could provision using the existing states (if they were cached)
21:08 faldridge joined #salt
21:08 Ahlee File an issue, tag @terminalmage requesting it
21:09 Ahlee he's been up and down the fileserver code recently
21:09 Ahlee and while wiating for that, create a local mirror and use it :)
21:09 Corey I'm teaching a class on git tonight. This should be borderline *hilarious*.
21:09 Ahlee Corey: still time to install gitorious or similar
21:13 timoguin joined #salt
21:13 utz joined #salt
21:14 jslatts Ahlee: local mirror doesn't solve my issue either. i'll look through the code and see how hopeless it is :)
21:15 manicouman joined #salt
21:16 Corey Ahlee: This is an intro. :-)
21:16 Corey It'll be mentioned but not critical.
21:19 conan_the_destro joined #salt
21:22 boakley joined #salt
21:22 boakley anybody here have much experience using salt on windows?
21:23 GoKage joined #salt
21:25 Gordonz_ joined #salt
21:25 boakley winrepo seems busted to me. I started out using the git repo at https://github.com/saltstack/salt-winrepo but almost none of those packages install except for notepad++
21:26 boakley So, I decided to just make my own files. However, the minions seem to insist on using the old definitions. I deleted winrepo.p, I've restarted the minions, and yet, when I call 'pkg.install' on one of my definitions, it still tries to download the busted url from the git repo
21:28 pentabular joined #salt
21:29 oz_akan_ joined #salt
21:34 wkf_ joined #salt
21:37 krow joined #salt
21:39 harobed joined #salt
21:39 allanparsons git.revision module doesnt allow for a remote repo?  (http://docs.saltstack.com/ref/modules/all/salt.modules.git.html)
21:44 kermit joined #salt
21:45 UtahDave hey, Gareth
21:45 Gareth UtahDave: hey :) question for you..
21:46 UtahDave Gareth: shoot!
21:47 Gareth UtahDave: not sure if you saw my comment on that issue you put in months ago, the one about having the generic DB state.  Started taking a look at it today, before I get too much further...do you think thats still a useful state to have?
21:49 UtahDave I'm not sure, exactly.
21:50 UtahDave something like that I personally would probably wait until a few people were clamoring for it.
21:51 UtahDave What were your thoughts as you started to dig into it?
21:52 foxx joined #salt
21:54 Gareth UtahDave: Seemed like it would be something useful, if you had a state defined and were using some database, wanted to switch to another database backend, you could continue using the same states and only have to change one value (in theory) in that state, eg. change mysql to postgres
21:54 UtahDave Yeah, that's true.
21:55 UtahDave I'm definitely not against it.
21:55 bhosmer joined #salt
21:56 Gareth UtahDave: can you think of any reasons not to do it?
21:56 zach_ Question for you guys: Is it possible to _SAFELY_ format a partition when you create an LVM with lvm.lv_present?
21:56 UtahDave Gareth: Nope. Just your precious time!  If you'll find it useful, then I'd go for it.
21:58 zach_ Here is what I have so far, unfortunately it does notformat the partition: http://pastebin.com/Dy8Hey0L
21:58 mgw joined #salt
22:02 johtso joined #salt
22:03 zooz joined #salt
22:04 babilen zach_: http://docs.saltstack.com/ref/modules/all/salt.modules.extfs.html (for example)
22:05 zach_ yea, I know how to do that
22:05 zach_ I only want it to format if it is not currently formatted
22:06 viod joined #salt
22:07 babilen zach_: I haven't used that particular module, but generally speaking salt doesn't do things twice if the goal/state has already been achieved
22:12 raadad joined #salt
22:12 raadad hey guys
22:13 raadad I get the following erro:  Invalid requisite type 'mysql_database.present' in state 'boomer_dev', in SLS 'mysql'
22:13 raadad this never ussed to occur :(, im using salt-bootstrap
22:13 raadad any help about how to write this in newever versions of salt would be appreciated
22:16 HeadAIX joined #salt
22:19 mapu joined #salt
22:20 raadad :(
22:20 ajw0100 joined #salt
22:24 manicouman joined #salt
22:26 techdragon is jenkins currently broken ? http://jenkins.saltstack.com/job/salt-pr-build/2514/console
22:27 UtahDave raadad: I think your sls is malformed
22:27 chuffpdx joined #salt
22:27 UtahDave can you pastebin that?
22:28 Heartsbane so is there a command the performs a yum update of all installed packages?
22:28 baffle raadad: Remove ".present". It should only be "- required:\n   - mysql_database: lolz"
22:28 mapu joined #salt
22:29 techdragon baffle you beat me too it.
22:29 techdragon raadad thats what you need to do :)
22:29 baffle Heartsbane: salt 'server' pkg.upgrade
22:29 Heartsbane thanks
22:30 raadad thanks guys!
22:30 raadad im not sure what you mean though
22:30 utz left #salt
22:30 raadad https://gist.github.com/raadad/8af106736ae1d691f2c5
22:30 raadad this is my sls file :(
22:30 HeadAIX joined #salt
22:31 baffle zach_: I've done some ugly things with cmd.run earlier to set up partitions.. Like this: http://pastebin.com/rXVxhF96
22:31 baffle zach_: It's not pretty. But might work for your use. :)
22:31 forrest raadad, think of it like this, you have a mysql_database right? It's called boomer_dev.
22:31 raadad yes
22:32 thayne joined #salt
22:32 forrest raadad so you wouldn't be able to do something else in the realm of mysql_database.X right? Since salt ONLY sees that item as if it's mysql_database.
22:32 baffle raadad: In your "mysql_database.present:" you have a "require:" line that has "mysql_database.present" in it. Remove .present from that.
22:32 forrest raadad, otherwise you'd have conflicting msyql_database IDs for boomer_dev
22:33 yomilk joined #salt
22:33 forrest raadad so Salt doesn't need to know that you're using mysql_database.present, JUST mysql_database for the require, the same as it doesn't need to use mysql_user.present, but only mysql_user
22:33 techdragon raadad - fixed it for you :-) https://gist.github.com/techdragon/c9146ef83c6cd607bf8d
22:33 baffle raadad: That state is called "mysql_database" not, "mysql_database.present". ".present" is the same as doing " - present" on the line below, just like the "- name:" or "- password:" fields.
22:34 baffle (Kindof. That was a really bad explanation.)
22:34 raadad sweet
22:34 raadad thanks alot guys
22:34 raadad you always help me out I reallhy appreciate it :D
22:35 forrest raadad, I've also commented on your gist
22:36 raadad ledgends! salt is an awesome product partly because of people like you guys!
22:38 techdragon UtahDave - is anyone around who can take a look at http://jenkins.saltstack.com/job/salt-pr-build/ ... i think it may be broken
22:39 UtahDave techdragon: why do you think that is broken?
22:42 techdragon UtahDave - http://jenkins.saltstack.com/job/salt-pr-build/2514/console http://jenkins.saltstack.com/job/salt-pr-build/2513/console http://jenkins.saltstack.com/job/salt-pr-build/2512/console http://jenkins.saltstack.com/job/salt-pr-build/2511/console http://jenkins.saltstack.com/job/salt-pr-build/2510/console through to http://jenkins.saltstack.com/job/salt-pr-build/2503/console all have the exact same jenkins plugin error
22:43 techdragon UtahDave - 11 consecutive runs with the same jenkins plugin error :-)
22:43 UtahDave techdragon: ah, ok.
22:43 conan_the_destro joined #salt
22:45 manfred techdragon: you make a strong case!
22:45 UtahDave techdragon: we got someone checking it. They were aware the PR builder got updated, but not aware of the errors.  Thanks!
22:45 bretep Hey guys! I don't know why I'm having a hard time doing this but I am. Can anyone of you help me? I need to use the contents of /var/lib/dbus/machine-id as a jinja variable. The only two things I can think of is either writing a custom grain or {% set m_uuid = salt['cmd.run_stdout']('cat /var/lib/dbus/machine-id') %}
22:45 bretep Is there a better way to do this?
22:46 techdragon manfred - I've got jenkins setup myself. I've found out a few of its quirks. I'm distrustful of it now. Jenkins may be the default CI tool of choice, but its far from the most 'sturdy'... its more like 'good enough for most'
22:46 manfred :)
22:47 ajw0100 joined #salt
22:48 techdragon Wish buildbot was easier to deploy & manage. It might be a much better tool for a lot of the 'bigger' users of Jenkins... but setting it up is a major pain. I hope Throughtworks open sourcing their "Go" CI server (its Java, but the name of the software is 'Go' )
22:48 techdragon improves the CI ecosystem a bit.
22:49 bhosmer_ joined #salt
22:50 yomilk joined #salt
22:50 Luke__ joined #salt
22:51 techdragon UtahDave - thanks, glad I could help. I had my fair share of Jenkins issues this week thanks to the github issues since the 12th.
22:51 techdragon lol
22:51 UtahDave :)
22:52 manicouman joined #salt
22:52 manfred bretep: is that the same as /etc/machine-id?
22:53 bretep More or less. One is managed by dbus the other is managed by systemd
22:53 manfred ahh, looks like eventually /etc/machine-id could be a symlink to /var/lib
22:54 krow joined #salt
22:56 * techdragon UtahDave will you guys manually issue rebuilds for those 11 failed jobs ?
22:56 techdragon UtahDave will you guys manually issue rebuilds for those 11 failed jobs ?
22:56 * techdragon accidentally finds a feature of his irc client.
22:57 UtahDave not sure
22:58 manicouman joined #salt
23:05 ndrei joined #salt
23:05 bhosmer_ joined #salt
23:15 manfred bretep: https://github.com/saltstack/salt/pull/11339
23:15 bretep Nice! Thank you!
23:18 forrest techdragon, let me know if you find an easy way to set up build bot
23:31 frasergr_ joined #salt
23:31 druonysuse joined #salt
23:36 seapasulli left #salt
23:39 xmltok_ joined #salt
23:39 allanparsons i cant seem to loop over pillar correctly:
23:39 allanparsons http://pastebin.com/7NqrfQmW
23:39 allanparsons i want to loop over every deploy: child and grab the elements and store in a local variable via  for loop
23:39 allanparsons rather than littering my code with pillar['...'] syntax
23:42 xmltok_ joined #salt
23:48 sat_user_1 joined #salt
23:56 krow joined #salt
23:58 thayne joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary