Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-05-15

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 uestra joined #salt
00:04 JordanRinke hmm keeps blowing up when I try to apply it
00:05 JordanRinke ttried a couple variants since I suck at yaml
00:05 schmutz_ joined #salt
00:05 JordanRinke http://pastebin.com/qSV2rJ1z
00:07 JordanRinke if i remove the - by name I get, allow_all_users is no a list, if I add - to file I get allow_all_users is not a dictionary
00:07 ahammond so, encoding regexs in yaml is pretty fugly. What's best practice for this? I'm using file.uncomment
00:07 JordanRinke I know it is a simple formatting issue
00:08 shwaiil Trying to learn PIllar. But, I've now finished trying to learn a masterless configuration. following this tutorial http://docs.saltstack.com/en/latest/topics/tutorials/pillar.html and running the command salt '*' pillar.items, it won't work: No minions matched the target. No command was sent, no jid was assigned.
00:09 shwaiil * I can of course create a master, minions etc but, I wonder if there's a tutorial for introducing pillar on a masterless configuration instead
00:09 ahammond shwaiil: do you perhaps want salt-call --local pillar.items
00:09 shwaiil salt-call pillar.items this worked instead
00:10 shwaiil ahammond, yeah, not using --local as I've changed the file_local property or whatever it was
00:10 shwaiil ahammond, can I still follow the tutorial you reckon ?
00:10 RandalSchwartz is there a way to have a pillar file include another file to *add* to lists
00:10 RandalSchwartz for example... for a given id, include a.sls that defines "role: a" and b.sls that defines "role: b"
00:10 ahammond shwaiil: right, so you should be using salt-call instead of salt. dunno about the tutorial, but give that a try.
00:10 RandalSchwartz is that "extend: ..."
00:10 RandalSchwartz or do I need to invert it: "role_a: True"
00:10 shwaiil ahammond, thanks buddy
00:11 shwaiil also, wht I want to study next is how passwords are stored
00:11 JordanRinke RandalSchwartz: ah got it, i typod it when putting it under file.replace which is why it didnt work and I started trying dumb things
00:11 shwaiil hwo do people generate the password hash etc
00:11 ahammond shwaiil also, the local stuff has to be set in the /etc/salt/minion
00:11 workingcats joined #salt
00:11 shwaiil ahammond, the local stuff ? what stuff ? the states, etc ?
00:11 ahammond shwaiil I generally move passwords around as pre-calculated hashes. otherwise I put them in pillars and protect access to the pillars
00:12 ahammond shwaiil try salt-call --local grains.items and confirm it works
00:12 shwaiil ok just a sec
00:12 shwaiil function grain.items is not available
00:13 shwaiil oh wait
00:13 shwaiil it's plural
00:13 shwaiil yeah works
00:13 ahammond then try it without the --local.
00:13 shwaiil yeah, I did without the --local
00:14 shwaiil salt-call grains.item host, for example also works. cool!
00:14 ahammond yup, but you almost never want to use host, use instead id
00:14 RandalSchwartz any thoughts on my "roles" thing?
00:14 ahammond and you want to make sure you're using a fqdn for the id.
00:15 shwaiil ahammond, you mind please tell me what you mean with, local stuff has to be set in the /etc/salt/minion ?
00:15 ahammond RandalSchwartz uh, just a sec
00:15 RandalSchwartz also - is it "role_a: True" for pillar['role_a'] to be true?
00:15 RandalSchwartz not quite sure of syntax
00:15 RandalSchwartz or would that make it literally "True" :)
00:15 RandalSchwartz which I hope is also true
00:15 ahammond shwaiil don't worry about it. you clearly already did it correctly
00:15 shwaiil * I've got /srv/salt/*.tls files and /srv/pillar/* where I'm putting the tutorial files
00:15 shwaiil ahammond, oh ok! thanks!
00:16 ahammond RandalSchwartz uh, I've never stored roles in pillars. I think that grains make more sense for that.
00:16 ahammond brb
00:16 shwaiil ahammond, sorry just one question
00:16 shwaiil when you mean protect the pillar files, you mean like chmod 0700 or something ?
00:17 layer3switch joined #salt
00:20 RandalSchwartz but how would you do it as grains
00:20 RandalSchwartz I presume same problem
00:20 RandalSchwartz Oh - grains not likely to use hierarchical includes
00:21 allanparsons @RandalSchwartz... not sure what you're trying to do
00:21 whiteinge RandalSchwartz: not sure I follow your role question. are you asking about having multiple role names, e.g. role_a, role_b, or a list of roles e.g. roles: [role_a, role_b]  ?
00:21 allanparsons but maybe Salt Mine
00:23 workingcats joined #salt
00:23 Outlander joined #salt
00:24 ajprog_laptop joined #salt
00:24 shwaiil Q: Why do we need to run "salt-call state.highstate" ? why do we need to mention "Highstate" ?
00:25 whiteinge RandalSchwartz: oh, sorry. you asked about *adding* to lists. extend isn't quite right for that. the best pillar option for that is to have that list in the jinja so it can be modified there. once you have all your list items appended, then write the list to yaml
00:26 whiteinge RandalSchwartz: if that list is accessed in multiple pillar files i find it useful to keep it outside the pillar file and use {% include_json .. %} or {% include_yaml .. %} to pull the values into jinja for processing
00:33 ashw7n joined #salt
00:34 mgw joined #salt
00:35 ashw7n joined #salt
00:36 CeBe joined #salt
00:36 n8n joined #salt
00:37 jeddi joined #salt
00:38 UtahDave joined #salt
00:43 ashw7n joined #salt
00:53 Joseph joined #salt
00:55 Joseph i have a question about the order of state enforcement. Say i have a state that is targeted two nodes. We'll call this state start_service. By default, we'll this state be executed sequentially across the two nodes meaning that it will be enforced on node 1 and THEN node 2. Or will this be executed concurrently on each node?
00:57 vbabiy joined #salt
00:57 whiteinge when you run ``salt '<target>' some.command`` that command hits everyone in <target> simultaneously. they each run the command and return the result to the master asyncronously and in parallel
00:57 Joseph same thing for state enforcement?
00:58 Joseph salt '*' state.highstate?
00:58 whiteinge yeah. that's just a plain 'ol regular execution command
00:58 whiteinge each minion will work on it in parallel
00:59 whiteinge if you need or want sequential state runs, check out the state.orchestrate runner
00:59 Joseph okay that's what i expected
00:59 Joseph so i would need to use the overstate functionality to sequence the state of a service across nodes
00:59 ashw7n left #salt
00:59 whiteinge http://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html
00:59 whiteinge exactly
00:59 Joseph i.e serviceX starts up on node1 only AFTER service X starts up on node2
00:59 Joseph :( unfortunatley i find the overstate documentation pretty sparse
01:00 Joseph any pointers to some detailed examples aside from the official documentaiton?
01:00 whiteinge that tutorial i linked is probably your best bet for now
01:01 Joseph okay yes i know about it
01:01 Joseph fair enough
01:01 Joseph thanks for the tip
01:01 n8n joined #salt
01:01 whiteinge we're having a documention-focused sprint next week. if you have any ideas for what additional info might be helpful there, i'd love it if you could file a ticket with suggestions
01:02 whiteinge it would be helpful to see that from the perspective of someone just getting started with the orchestrate runner
01:03 Joseph yes i am really stumped right now. I would love a service state dependency  example since i think that's like one of the most common situations
01:03 Joseph i'll think through what kind of info i am searching for and open a ticket for it
01:03 Joseph and oh btw i don't think the orchestrate documentation is accurate
01:03 Joseph i can't find that functionaltiy anywhere
01:04 Joseph orchestrate runner specifically
01:04 Joseph salt says the functions don't exist
01:04 Joseph and i am on 2014.1.3
01:04 druonysuse joined #salt
01:04 druonysuse joined #salt
01:04 whiteinge state.sls was renamed to state.orchestrate recently. ...and that is a replacement for the (pending deprecation) state.over
01:04 whiteinge :-P
01:05 UtahDave hey, druonysuse!
01:05 Joseph in development branch or 2014.1.3?
01:06 whiteinge Joseph: i belive it's named state.sls on the version you're running
01:06 rupsky_________ joined #salt
01:06 Gareth UtahDave hey :)
01:06 UtahDave hey, Gareth!
01:07 Gareth UtahDave: hows it going?
01:07 whiteinge Joseph: re: your question about the service state. state.orchestrate (or state.sls) doesn't distinguish on the actual states that are run. just that the state run as a whole was successful (i.e., there were no failures)
01:07 john3213 joined #salt
01:07 UtahDave pretty good!  At the openstack summit this week. it's keeping me pretty busy
01:08 Gareth ahh nice.
01:08 uestra joined #salt
01:08 Gareth UtahDave: giving a talk?
01:08 schimmy1 joined #salt
01:08 Joseph let's say i have three nodes that i am going to put together in a cluster. The way the cluster join works is that nodes must be added sequentially AND the slave daemon must be started ebefore another node can be added in.
01:08 Joseph Is there a way to do that with overstate?
01:09 RandalSchwartz whiteinge - try to have a way to test "is this machine a member of role X"
01:09 RandalSchwartz in the most salt-like way
01:09 RandalSchwartz I'm guessing it's gonna be more like "is_brochure_server: true"
01:09 RandalSchwartz but not sure how to write "true"
01:09 UtahDave I did a Salt demo spinning up 100 vms as docker hosts, starting up 2 docker containers running apache on each vm, and then automatically configuring an HA proxy server to proxy all the containers on their proper ports, etc
01:10 druonysuse hey UtahDave
01:10 Gareth UtahDave: very cool
01:10 workingcats joined #salt
01:11 UtahDave 15 minutes sounds like a long time, until you're up on a stage. :)
01:11 RandalSchwartz yeah - it's often a third of my preso time
01:11 whiteinge Joseph: yeah, basically just run the state to set up the slave daemon, then run a state to set up a node but have it require the slave daemon run, then another (for the sequential action) that requires both the slave daemon, and the first node.
01:12 kober joined #salt
01:12 UtahDave druonysuse: I released the first version of the Salt queue system recently
01:12 whiteinge Joseph: (if i understood you correctly)
01:12 Joseph okay that would require a lot of repetitive statements wouldnt it
01:12 druonysuse UtahDave: so the Salt and Docker stuff is coming along nicely?
01:12 druonysuse UtahDave: NICE
01:12 Joseph the size of the sls would grow linearly as the size of the cluster grows correct
01:12 Joseph i don't think jinja templating would save me here
01:12 druonysuse UtahDave: is it now an upstream thing?
01:12 john3213 left #salt
01:12 cruatta_ joined #salt
01:12 UtahDave druonysuse: yeah, it's in the develop branch. It will be in the next Salt release
01:13 druonysuse UtahDave: very cool
01:13 druonysuse UtahDave: any docs on it yet?
01:13 kober Is there a basic tutorial to get started deploying a simple WSGI application to a single server?  I'm trying to get a feel for salt and see if I could replace our chef and ansible scripts with it
01:13 kermit joined #salt
01:13 UtahDave druonysuse: there are fairly decent docstrings in the queue runner.  I still need to add an actual docs page with examples.
01:13 whiteinge RandalSchwartz: and the roles are defined in pillar? do you mean  {% if 'somerole' in salt['pillar.get']('roles') %}   (where roles is a list of strings)
01:14 kober Ideally I'd like to start with salt-ssh at first (or at least masterless) so that I'm not having to salt all the servers right away
01:14 druonysuse UtahDave: I will have to take a look at the doc strings in the runner
01:14 jeddi joined #salt
01:14 whiteinge Joseph: if they all need to be stood up sequentially, then yes. you could generate the .sls file dynamically.
01:14 elfixit joined #salt
01:15 whiteinge Joseph: another way to go might be to use the event system. e.g., fire a custom event every time a new system is brought up which signals the master to start a new one, when that one is up it fires a custom event, and so on.
01:16 RandalSchwartz I'm trying to figure out if I can have a.sls add a role "a", and "b.sls" add a role "b"
01:16 RandalSchwartz I presume "include: \n - a \n - b" would have "role: b" override "role: a"
01:16 RandalSchwartz or are they additive?
01:17 whiteinge your presumtion is correct. they override
01:17 RandalSchwartz that's why I'm guessing I need to instead go "role_a: true"
01:17 alunduil joined #salt
01:17 RandalSchwartz but what is "true" there?
01:17 whiteinge there's no good way to append to a list in pillar without using jinja
01:17 Joseph whiteinge: i was considering the reactor system
01:17 Joseph but that also has poor documentation :(
01:17 RandalSchwartz do I write true or True or something else?
01:18 whiteinge RandalSchwartz: ah, gotcha. yaml will be happy with true or True
01:18 RandalSchwartz and then, I'd write IF pillar['role_a']...
01:18 * whiteinge nods
01:18 RandalSchwartz ok - that makes sense
01:18 RandalSchwartz I'll probably write my roles as "is_brochure_site: true"
01:18 whiteinge that works
01:18 RandalSchwartz then it'll read good in the condtional
01:19 zain joined #salt
01:20 whiteinge RandalSchwartz: if you'd prefer the list approach there's two solid ways using either jinja or python (via an external_pillar module -- they're stupid-easy to write)
01:20 RandalSchwartz so in my state/top.sls, I'd have "include: \n ... \n {{ IF pillar['is_brochure_site' }} \n  - brochure \n {{ ENDIF }}"
01:20 RandalSchwartz or something like that
01:20 RandalSchwartz to pull in brochure/top.sls only when is_brochure_site is in pillar?
01:20 whiteinge yeah, that would do it
01:21 RandalSchwartz ok - starting to understand more of this
01:21 whiteinge Joseph: we definitely need more reactor examples. but #salt can help in the meantime if that'
01:21 whiteinge s the way you want to go :)
01:23 Joseph okay...fair enough....so how the heck do i get the tagging to work
01:23 Joseph http://docs.saltstack.com/en/latest/topics/reactor/#mapping-events-to-reactor-sls-files
01:23 Joseph i flunked the test
01:23 Joseph that section is as clear as mud to me
01:27 dangra joined #salt
01:27 Joseph "First, the reactor option needs to be set in the master configuration file. The reactor option allows for event tags to be associated with sls reaction files. Second, these reaction files use highdata (like the state system) to define reactions to be executed."
01:27 Joseph \so i understand what that's saying
01:27 Joseph my issue is how do i get from point A to point B
01:28 Joseph for example, there is no reactor section in /etc/salt/master
01:30 xzarth joined #salt
01:34 Luke__ joined #salt
01:37 Luke___ joined #salt
01:38 DaveQB joined #salt
01:39 whiteinge oh noes! he left :(
01:39 workingcats joined #salt
01:39 whiteinge damn my slow context swithcing :(
01:41 uestra joined #salt
01:45 jab416171 joined #salt
01:48 ajolo_ joined #salt
01:49 ckao joined #salt
01:59 lilmatt joined #salt
02:01 workingcats joined #salt
02:09 Outlander joined #salt
02:10 uestra joined #salt
02:12 feiming joined #salt
02:27 ashw7n joined #salt
02:37 akoumjian joined #salt
02:44 Furao joined #salt
02:51 mgw joined #salt
02:51 uestra joined #salt
02:54 gldnspud joined #salt
02:54 gamingrobot joined #salt
02:56 JonGretar joined #salt
03:02 feiming joined #salt
03:02 rupsky_________ joined #salt
03:04 canci joined #salt
03:06 Ryan_Lane joined #salt
03:09 ipalreadytaken joined #salt
03:10 MBroadhead joined #salt
03:10 thunderbolt joined #salt
03:10 abele joined #salt
03:14 malinoff joined #salt
03:14 rome joined #salt
03:19 lnxnut_ joined #salt
03:24 adizam joined #salt
03:27 frasergraham joined #salt
03:28 adizam joined #salt
03:32 ipalreadytaken joined #salt
03:34 AdamSewell joined #salt
03:41 malinoff joined #salt
03:54 uestra joined #salt
03:54 catpiggest joined #salt
04:09 malinoff Hi guys, could you please participate in my poll? It has only two questions and will not take a long time! https://docs.google.com/a/thumbtack.net/forms/d/1-O3Md8o86jKIW9n5gNZeMHwgC0CWkIQvwjyXe9I2Z3g/viewform
04:11 Furao answered
04:11 Furao damn python 2.6 with unittest v1
04:12 malinoff Furao, thanks!
04:15 fllr joined #salt
04:19 * whiteinge shakes his fist in the direction of CentOS
04:20 MBroadhead there ya go
04:21 manfred whiteinge: nothing is stopping you http://dl.iuscommunity.org/pub/ius/stable/CentOS/5/x86_64/repoview/letter_p.group.html
04:21 manfred http://dl.iuscommunity.org/pub/ius/stable/CentOS/6/x86_64/repoview/letter_p.group.html
04:21 manfred :P
04:22 whiteinge you have grosly, drastically, utterly underestimated how lazy i am
04:22 manfred jj:P
04:22 whiteinge :)
04:23 malinoff Well, pyenv can negotiate with CentOS
04:24 manfred or just use py 2.7 from ius
04:24 manfred doesn't even conflict with the python26 install, so it won't break yum
04:24 malinoff Or SCL
04:35 elfixit joined #salt
04:38 ccase joined #salt
04:40 ramteid joined #salt
04:44 Furao_ joined #salt
04:46 picker joined #salt
04:49 mephx joined #salt
04:55 uestra joined #salt
04:55 rupsky_________ joined #salt
05:02 rome joined #salt
05:11 mephx joined #salt
05:19 stephas joined #salt
05:21 ndrei joined #salt
05:24 ndrei_ joined #salt
05:36 redondos joined #salt
05:44 mephx joined #salt
05:46 Shenril joined #salt
05:53 occaton joined #salt
05:54 TyrfingMjolnir joined #salt
05:55 uestra joined #salt
06:00 millz0r joined #salt
06:00 schimmy joined #salt
06:05 schimmy joined #salt
06:07 andrej joined #salt
06:07 __number5__ anyone has a working postgresql state for ubuntu? service.running not working because the /etc/init.d/postgresql required an additional version parameter (e.g. /etc/init.d/postgresql start 9.1)
06:08 Furao __number5__: my state even support clustering and I never had to do this
06:08 Furao i just use service.running -name: postgresql
06:09 __number5__ weird
06:09 anuvrat joined #salt
06:10 Furao I sell (as a service) access to a large sets of formulas for ubuntu (soon debian and centos), maybe you'll be interested. monitoring, centralized logging, backup, stats, doc, testing process, etc
06:11 __number5__ Furao: good to know, thanks
06:16 n8n joined #salt
06:27 stanchan joined #salt
06:40 frasergraham joined #salt
06:41 schimmy1 joined #salt
06:41 frasergraham joined #salt
06:43 frasergr_ joined #salt
06:45 frasergraham joined #salt
06:46 frasergraham joined #salt
06:46 swissknife joined #salt
06:47 frasergr_ joined #salt
06:49 frasergraham joined #salt
06:50 frasergraham joined #salt
06:52 frasergraham joined #salt
06:53 TyrfingMjolnir joined #salt
06:54 frasergraham joined #salt
06:55 frasergraham joined #salt
06:56 frasergr_ joined #salt
06:56 uestra joined #salt
06:57 frasergr_ joined #salt
06:58 n8n joined #salt
06:59 ml_1 joined #salt
06:59 frasergr_ joined #salt
07:01 frasergraham joined #salt
07:03 frasergraham joined #salt
07:04 frasergraham joined #salt
07:06 frasergraham joined #salt
07:07 frasergr_ joined #salt
07:09 frasergraham joined #salt
07:10 harobed_ joined #salt
07:10 frasergraham joined #salt
07:11 martoss joined #salt
07:12 frasergraham joined #salt
07:14 TyrfingMjolnir joined #salt
07:15 frasergraham joined #salt
07:15 * babilen sets +b *!~frasergra@c-50-184-104-42.hsd1.ca.comcast.net$##fix_your_connection
07:15 babilen (or would)
07:16 frasergraham joined #salt
07:17 feiming joined #salt
07:17 frasergraham joined #salt
07:18 Ztyx joined #salt
07:19 frasergr_ joined #salt
07:21 frasergraham joined #salt
07:22 marnom joined #salt
07:23 frasergraham joined #salt
07:24 frasergr_ joined #salt
07:26 fraserg__ joined #salt
07:28 frasergraham joined #salt
07:28 topochan joined #salt
07:29 CeBe joined #salt
07:30 frasergraham joined #salt
07:31 frasergraham joined #salt
07:33 frasergr_ joined #salt
07:35 frasergraham joined #salt
07:37 frasergraham joined #salt
07:38 frasergr_ joined #salt
07:40 frasergraham joined #salt
07:41 wigit babilen: "/ignore *!*frasergra@c-50-184-104-42.hsd1.ca.comcast.net JOINS PARTS QUITS" might be the second best option.
07:41 cast joined #salt
07:41 Kenzor joined #salt
07:42 frasergraham joined #salt
07:42 feiming joined #salt
07:43 frasergr_ joined #salt
07:45 frasergraham joined #salt
07:45 ipalreadytaken joined #salt
07:46 frasergr_ joined #salt
07:49 frasergr_ joined #salt
07:50 bhosmer joined #salt
07:50 fraserg__ joined #salt
07:52 frasergraham joined #salt
07:55 swissknife joined #salt
07:55 linjan joined #salt
07:57 uestra joined #salt
07:57 n8n joined #salt
08:00 jalaziz joined #salt
08:03 swissknife1 joined #salt
08:06 malinoff Hi guys, could you please participate in my poll? It has only two questions and will not take a long time! https://docs.google.com/a/thumbtack.net/forms/d/1-O3Md8o86jKIW9n5gNZeMHwgC0CWkIQvwjyXe9I2Z3g/viewform
08:07 marnom malinoff: done
08:07 malinoff marnom, thanks
08:08 anuvrat joined #salt
08:08 babilen malinoff: So you decided against asking which distribution people use and what their default Python is?
08:08 swissknife1 left #salt
08:09 babilen malinoff: I simply use "the default", but don't require py2.6 support and I would guess that a lot of people share that sentiment.
08:10 cast struggling to remember what we have on our solaris hosts
08:10 cast [python version wise]
08:11 marnom salt -G 'os:Solaris' grains.item pythonversion or something perhaps? :)
08:11 ndrei joined #salt
08:12 malinoff babilen, this talk is not about distributions, but about pythons. If you don't know your python version, simply don't answer (or use google how to know the version, it's not that difficult)
08:13 cast screw it, we can upgrade them.
08:13 malinoff In contrast to your opinion, many people compile python manually. Many use pyenv.
08:14 malinoff And, as cast said, he may not know what is the version, but he definitely can say that he can upgrade
08:15 malinoff babilen, also, on windows there is no "default" python.
08:19 giantlock joined #salt
08:20 malinoff And finally, I don't want to know which distributions use python2.6/2.7/3 as default (I can find this information by myself), I want to know which versions are used by people
08:20 darkelda joined #salt
08:20 darkelda joined #salt
08:28 marnom is there a known workaround/solution to install packages and enforce a specific version, if you're installing using 'sources:'? Documentation states the version parameters are not supported if using 'sources:', though I'm wondering how this is supposed to work then
08:29 marnom issue is: monitoring agent is in base VM template I'm using, but is too old. Don't want to update template obviously, but would like Salt to push the updated version. Currently however it just checks if a package with this name is installed and then doesn't bother upgrading..
08:32 TyrfingMjolnir joined #salt
08:32 malinoff marnom, if you can use a repository with a newer version, you can configure this repo at first, and use "pkg.latest"
08:33 marnom malinoff: yeah I figured, but ideally I'd like to prevent putting up a custom repo just for this. It's not in any online repository that I could find.
08:33 jakubek_ is there any way to execute only one state from state file?
08:33 marnom and the limitation with 'sources:' seems a bit silly. dpkg --list shows the current installed version and it could get the new version from the .deb file... I don't see the (technical) limitation
08:34 marnom jakubek_: I think http://docs.saltstack.com/en/latest/ref/states/layers.html answers your question
08:35 malinoff marnom, so a package in "sources" has a newer version than installed one, but salt don't want to upgrade it?
08:35 marnom exactly, I suspect because when using 'sources:' you cannot use the 'version' parameter as mentioned on http://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html
08:36 malinoff It's strange... But as a workaround, you can try to remove this package at first, then install it from sources
08:36 slav0nic joined #salt
08:36 marnom malinoff: yeah that's what I use currently, a custom state I call manually on minions to remove the agent and then run a highstate to make sure latest version is isntalled
08:37 marnom malinoff: this is off course far from ideal.. and I'm not gonna 'order: first' a package removal and then reinstall the latest version each time, that causes noise in the highstate output (unnecesary changes)
08:37 marnom malinoff: I do appreciate your suggestion though :)
08:37 malinoff Yeah, but I can't imagine another way right now
08:38 malinoff You could debug the state with salt-call -l debug to see what's actually going on, and why don't your package manager update the package
08:38 marnom I guess I could always upload the .deb file to /tmp or something, and then use a cmd.run with a unless condition..
08:38 orbit_darren joined #salt
08:38 malinoff I think, it should, even if you can't specify the version
08:38 marnom malinoff: yeah I guess I'll have to dig into it some more, was wondering if anyone had ran into this
08:41 n8n joined #salt
08:48 N-Mi_ joined #salt
08:48 N-Mi_ joined #salt
08:51 wigit I have a state that looks like: https://gist.github.com/sollie/ef805d5c5392ee100a59 - when I call highstate it fails with "State mysql_query.run found in sls somesls is unavailable" - do I have to include something to get access to this? I use other mysql-states in other parts of my config (user and grant) without issue.
08:55 frasergraham joined #salt
08:56 JeroenH_ joined #salt
08:57 chiui joined #salt
08:58 uestra joined #salt
08:59 TyrfingMjolnir joined #salt
09:04 n8n joined #salt
09:11 n8n joined #salt
09:14 OffTheRails joined #salt
09:22 jeddi wigit: did you set up the minion config as per http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mysql.html#module-salt.modules.mysql
09:22 jeddi wigit: I've not used this feature, just noted that there is that setup configuration requirement.
09:26 swissknife joined #salt
09:27 wigit jeddi: yeah, I have other states that create users and grants
09:29 TyrfingMjolnir joined #salt
09:32 frasergraham joined #salt
09:38 bhosmer joined #salt
09:46 Outlander joined #salt
09:47 ninkotech_ joined #salt
09:48 bhosmer joined #salt
09:52 bhosmer_ joined #salt
09:58 shwaiil joined #salt
09:58 uestra joined #salt
09:59 bhosmer joined #salt
10:00 viq How do I modify my syslog.jinja to make it work? https://gist.github.com/viq/afbd5fe1150cf2aa6879
10:07 shwaiil Yo! :)
10:08 derelm joined #salt
10:11 viq ok, https://gist.github.com/viq/afbd5fe1150cf2aa6879 is better now, but it complains : Jinja variable the template 'base/syslog/syslog.jinja' (imported on line 1) does not export the requested name 'syslog'
10:13 shwaiil Q: Learner here. How do you guys deploy apps with Salt ? I think I saw a formula for checking out git branches ? Any suggestion, where to read about this ?
10:13 millz0r its easy shwaiil
10:14 millz0r i use either git or a debian package
10:14 millz0r for dev and prod environments
10:14 viq http://docs.saltstack.com/en/latest/ref/states/all/salt.states.git.html
10:14 shwaiil millz0r: I'm still in learning phase though.
10:14 viq that one has the git state description
10:14 shwaiil Where can I read about that ?
10:14 viq shwaiil: ^
10:14 shwaiil viq: oh ok : )
10:14 shwaiil Thank you!
10:14 millz0r you should take a look at some public salt formulas
10:14 sinenitore joined #salt
10:14 shwaiil How to deal with binary files that are not present in the repo ?
10:15 millz0r you can put them onto local repo
10:15 viq shwaiil: depends how you're distributing them
10:15 millz0r or just use file.manage to copy it from the salt master
10:15 shwaiil viq: what are the best practices ?
10:15 shwaiil millz0r: I see : )
10:15 viq millz0r: http URLs work too
10:15 millz0r aye
10:15 shwaiil Can we do rsync ? I mean salt probably work like that anyway, right ?
10:16 viq shwaiil: "like that" being ?
10:16 shwaiil * guys, attention that I'm like a total noob, just started learning salt yesterday
10:16 shwaiil viq: as in, only push new stuff or overwrite modified files that differ
10:16 viq shwaiil: well, kinda, you could write a state that would spawn rsync, yes
10:16 shwaiil imagining that you mention a directory and then he checkout for you
10:17 shwaiil viq: ok, sounds good :)
10:17 millz0r shwaiil: its easier and safer to use file.managed
10:17 viq I do believe so, but I don't think it can just copy the parts of the file that changed. The internal salt file transfer I mean
10:17 millz0r where you put a file on the salt master and it copies it over to minions
10:17 millz0r as part of the salt states
10:17 shwaiil viq: I think rsync, just overwrites it too.
10:18 viq Or create a package, put it in your repository, and tell salt to install a specific (or latest) version of the package
10:18 shwaiil millz0r: great! I won't do it for the moment, but I'll keep that in mind. So basically I can use "salt" as a deploy tool.
10:18 millz0r yes you can
10:18 viq shwaiil: no, rsync is able to transfer only the parts of the file that changed
10:18 shwaiil viq: ok : )
10:18 shwaiil Let's say, I'm working with a client that has is own servers, etc. Salt can still be useful to deploy my app right ?
10:19 viq Sure, if they'll let you install salt on them
10:19 shwaiil What I mean is, I don't know much about his manual configurations etc. And is probably different from my development server.
10:19 shwaiil viq: oh yeah, nice point.
10:19 viq Because salt also is remote execution, basically giving you root on those servers
10:20 shwaiil viq: yeah! for deploying then, I can just use file.managed then ?
10:20 sroegner joined #salt
10:21 viq shwaiil: at my previous job we put together a deployment solution using scripts (based on http://rerun.github.io/rerun/) with a panel configured in http://rundeck.org/
10:21 viq shwaiil: sure, you can use only file.managed. But it doesn't mean you won't be able to run anything else on the server - salt will still give you full root power
10:21 shwaiil viq: surely :)
10:21 viq Which may or may not be an acceptable option for people in question
10:22 shwaiil Not really sure, but in the beginners docs I think I saw a reference to how to run salt for non-sudo-privileged users
10:23 millz0r shwaiil: AFAIK salt-minion runs with root rights anyway
10:23 viq shwaiil: ish, kinda, if you configure it that way. It will have limited functionality then. Which may or may not be what you want
10:23 viq millz0r: I believe you can tell it to run as a different user
10:24 millz0r viq: I know you can run state as different user, but cant salt-minion application do it?
10:24 millz0r I never tried it
10:24 shwaiil yeah, I think so. So, in that case we could then use it just to deploy: upload files to a dir, check permissions, etc.
10:24 shwaiil But, I'm a total noob. So, not sure. I'll check that later.
10:25 viq millz0r: http://docs.saltstack.com/en/latest/ref/configuration/minion.html#user  - not that I've tried it either, I _do_ want salt to be able to manage my servers
10:25 millz0r oh cool
10:25 shwaiil The reason why I've mentioned this, is in the context of deploy apps, to client servers that are self managed or you don't know much about it.
10:25 shwaiil Using it as a deploy tool.
10:26 viq shwaiil: if all you want is a deploy tool, there may be things better suited for the job
10:26 shwaiil viq: no, just wondering about possibilities : )
10:26 * viq nods
10:29 shwaiil Salt needs more tutorials. Like a video tutorial, installing a LAMP server or something.
10:30 millz0r yes
10:30 millz0r it needs a lot of things to be honest
10:30 viq I'm not a big fan of video tutorial
10:31 millz0r first of all, fixing that annoying bug where you dont get any output for random reasons
10:31 viq What's the point of text scrolling by when it can be better explained and read on a web page?
10:31 millz0r unless thats been fixed in 2014.1? Im still on 2014.0
10:31 shwaiil viq: they're amazing! the problem is, when they're really boring or blurred.
10:31 millz0r viq: I agree
10:32 viq It's hard to copy-paste from a video. It's harder to "process" again and again a certain part in a video. With video you kinda have to do something about audio. Also, 15kB vs 150MB
10:33 frasergraham joined #salt
10:34 TyrfingMjolnir joined #salt
10:37 ChaosPsyke joined #salt
10:38 vbabiy joined #salt
10:52 sinenitore joined #salt
10:59 uestra joined #salt
11:09 __alex_ anyone experience with salt.modules.mongodb?
11:10 __alex_ there is user_exists and user_create, but a state should *ensure* a user exists, which is a mix of both, no?
11:13 __alex_ oops, salt.states.mongodb_user is what i'm looking for, nevermind
11:14 millz0r __alex_: there is a difference between salt modules and salt states, but I see you figured it out yourself :)
11:26 bhosmer joined #salt
11:28 shwaiil Q: When creating a pillar for users and groups, how do I store the passwords ?
11:30 [M7] joined #salt
11:30 babilen shwaiil: You store the hash in your pillar
11:31 shwaiil babilen: thanks for looking. to create the hash I use md5sum foo ?
11:31 babilen shwaiil: I would use sha512sum
11:32 shwaiil babilen: Ok! Sorry I'm learning salt. How to mention on my state or pillar that, it's a md5 or sha hash ?!
11:34 frasergraham joined #salt
11:37 jrdx joined #salt
11:38 andrein Hi guys, I'd like salt to manage the MOTD of my servers, listing the states that were applied to the server. For example if server A has the mysql + httpd states, the motd would say mysql and httpd. if server B only has the httpd state, the motd should only list httpd. Can someone point me in the right direction to accomplish this?
11:38 diegows joined #salt
11:40 babilen shwaiil: Use crypt (in Python) ... I'll be back later, but you want something that looks like "$id$salt$encrypted" (cf. "man 3 crypt")
11:40 babilen → lunch
11:40 shwaiil babilen: ok thanks
11:48 uestra joined #salt
11:48 shwaiil mkpasswd -m sha-512 "foo" is different from python -c 'import crypt; print crypt.crypt("foo", "$6$random_salt")'
11:51 andrein is there any way to target all minions matching a grain, except one/a few?
11:58 linjan joined #salt
11:59 babilen shwaiil: Sure, it should be different. "mkpasswd -m sha-512" is perfectly fine though (and you will see that it generates different hashes every single time)
12:00 jas- joined #salt
12:01 shwaiil babilen: Interesting :) Ok, as long as I copy as paste the given hash, this will work because the hashes apparently have a prefix that the system uses to uncrypt. Is this correct ?
12:01 shwaiil The reason why I say this is: $6$SALTsalt$xxxxxxxxxxxxxxx, where $6$SALTsalt$ is common
12:01 shwaiil So, I just need to care how to generate the hash, using mkpasswd or the python method.
12:02 babilen shwaiil: The entire string contains the salt and identifies the method (e.g. sha512) ... that allows the system to decide if the given hash is a valid one of the user-supplied password
12:02 shwaiil babilen: Thanks for your attention :)
12:02 uestra joined #salt
12:03 babilen shwaiil: Yeah, just copy the entire string -- I'd like to point out: https://github.com/saltstack-formulas/users-formula if you don't use that already
12:03 shwaiil babilen: I found this more clear ( https://gist.github.com/UtahDave/3785738 ) and because I'm learning, I'm creating the files myself, step by step.
12:03 shwaiil But, in the future I'll use the formula!
12:04 shwaiil Q: From what I'm reading, it appears to be a good practice, when creating users and groups, to set the uid and gid ?
12:05 babilen shwaiil: Sure -- and "python -c "import crypt; print(crypt.crypt('password', crypt.mksalt(crypt.METHOD_SHA512)))"" is the python method that I had in mind. mkpasswd is perfectly fine too though.
12:05 babilen shwaiil: Well, you typically want them to be the same on all systems.
12:06 shwaiil How do people know the nr to start from ? For example, 5000, 5001
12:06 babilen shwaiil: I mean you *really* want to use LDAP or Active Directory (MS LDAP) or ... something along those lines, but yeah ...
12:07 ndrei joined #salt
12:08 babilen shwaiil: That's system convention. Convention is to use UIDs from 0-100 for system users, but some systems would start "normal users" from, say, 1000 -- Check, say, /etc/adduser.conf for settings
12:08 shwaiil babilen: Thanks : )
12:08 babilen Debian uses 100-999 for system users and 1000+ for normal users for example
12:09 shwaiil Cool :)
12:10 bastion1704 joined #salt
12:11 tristianc joined #salt
12:15 ekristen joined #salt
12:16 ekristen anyone using https://github.com/saltstack/salt-contrib/blob/master/grains/ec2_tags.py
12:18 bastion1704 joined #salt
12:20 gear joined #salt
12:21 arthurlutz joined #salt
12:22 arthurlutz hi, a quick question about salt-ssh and sudo, I get ERROR: sudo expected a password, NOPASSWD required
12:22 arthurlutz or something about askpass
12:23 arthurlutz one fix is to add NOPASSWD in sudoer but how can I use askpass instead ? (pkg to install?)
12:25 arthurlutz or on which command do I have to add NOPASSWD
12:25 PI-Lloyd joined #salt
12:26 vbabiy joined #salt
12:26 Nazca joined #salt
12:26 Nazca joined #salt
12:26 jas- I am curious to know about line #178 in salt/crypt.py (https://github.com/saltstack/salt/blob/develop/salt/crypt.py#L178). It seems to get called from satl/master.py when shared secrets do not exist between minions and the master (based on evaluation of code flow only at this point). Can anyone shed some light on this process?
12:29 PI-Lloyd Hello, we're having a few issues with salt-cloud and LXC. We've created the relevant files in cloud.profiles.d and cloud.providers.d as per some documentation we've found, but the config in providers.d seems to break salt-cloud. Is there any further documentation on the correct format of the LXC configs, and are there any known issues with LXC provisioning via salt-cloud from a remote master?
12:32 rome joined #salt
12:34 frasergraham joined #salt
12:40 shwaiil Great, thinking I was doing everything properly, feeling like a scientist and then Booom!
12:40 shwaiil [ERROR   ] Specified SLS 'groups' in environment 'base' is not available on the salt master
12:41 faldridge joined #salt
12:42 vejdmn joined #salt
12:43 shwaiil hum changed file_client: local
12:43 shwaiil and file_roots: base: - /srv/salt
12:43 shwaiil wonder what's going on :T
12:45 shwaiil brb
12:47 ndrei joined #salt
12:48 bastion1_ joined #salt
12:56 jaycedars joined #salt
12:58 failed_array joined #salt
13:01 jrdx joined #salt
13:01 destr0 joined #salt
13:01 jrdx joined #salt
13:03 destr0 hi all
13:03 marnom arthurlutz: I don't know, I just made sure vagrant can use sudo without using a password and remove the vagrant account afterwards using salt
13:04 arthurlutz marnom: i have the same solution so far, it's just that since the password for the host are in the roster there could be a way with askpass (which I don't know)
13:04 lahwran joined #salt
13:06 dude051 joined #salt
13:08 hunter_ joined #salt
13:08 PI-Lloyd Anyone know if the lxc package is required on the salt master to provision containers on a remote lxc host?
13:08 dangra joined #salt
13:09 marnom PI-Lloyd: I've heard you it isn't required, though I don't use it myself
13:09 faldridge joined #salt
13:09 marnom PI-Lloyd: oops I accidently a word
13:09 PI-Lloyd lol
13:10 destr0 I'd prefer to have meta states and pillars and in each top.sls that includes all the requisite states and pillars. the problem i'm having is overloading/overriding a pillar
13:10 PI-Lloyd ok, so is the lxc driver part of the salt-cloud package? if so what version was it included?
13:10 marnom arthurlutz: I'm not aware of any method to do that
13:11 marnom PI-Lloyd: I'm sorry I don't know
13:11 destr0 an example of this would be: top.sls -> 'G:approle' - approle
13:11 PI-Lloyd Ok thanks, if anyone else knows how to solve this one please let me know - [WARNING ] The cloud driver, 'lxc', configured under the 'lxc-01-portsmouth' cloud provider alias was not loaded since 'lxc.get_configured_provider()' could not be found. Removing it from the available providers list
13:12 bhosmer joined #salt
13:13 destr0 approle would simply have includes in the state sls
13:13 destr0 but in the pillar, would contain data that would override any configs found in whatever states were included
13:13 fbaumgar joined #salt
13:13 cpowell joined #salt
13:14 destr0 if anyone can give me a hand with the preferred way to accomplish this, id appreciate it
13:14 ekristen where is the _grains directory suppose to be at?
13:15 arthurlutz ekristen: in your file_roots ?
13:15 arthurlutz ekristen: /srv/salt by default
13:15 racooper joined #salt
13:15 epcim joined #salt
13:15 ekristen arthurlutz: that is what I thought, but it doesn’t seem to be working
13:16 epcim_ joined #salt
13:17 arthurlutz sync_grains ?
13:18 arthurlutz ekristen: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.saltutil.html
13:18 hunter_ joined #salt
13:19 resmike joined #salt
13:19 ekristen arthurlutz: do you know where the files from _grains get sync’d to on the minion?
13:21 arthurlutz ekristen: /var/cache/salt/minion/files/base/ ?
13:22 cheus G'Day. Does anyone know if there's some kind of null watcher, eg a way of declaring a state that always reports no changes?
13:22 ekristen arthurlutz: I think I know what my problem is — checking
13:23 uestra joined #salt
13:25 XenophonF joined #salt
13:25 rojem joined #salt
13:25 destr0 anyone the preferred method to merge overload pillars?
13:26 XenophonF what's the best way to create a meta-state? i want to create a state that's otherwise a no-op, but depends on the successful completion of 0 or more required states
13:27 XenophonF for example, I need to configure a custom repository on FreeBSD and want to make sure that all other (generic) pkg.installed states depend on the repository config
13:27 XenophonF but i need a dummy intermediary state because I won't need the custom repo on Linux
13:27 destr0 xenophonf: thats pretty much what im trying to accomplish
13:28 XenophonF i could do a file.touch
13:28 XenophonF but i saw the test states and wondered if they would be more appropriate
13:28 XenophonF what's your approach, destr0?
13:29 destr0 in top.sls - i'm targeting grains with a single meta state
13:29 destr0 the meta-state sls just contains an include directive indicating requisite states
13:30 lz-dylan hey folks
13:30 destr0 the meta-pillar is where im trying to do most of the config handling
13:30 lz-dylan I'm trying to get saltstack to install elasticsearch from repo on an ubuntu instance
13:30 destr0 such as passing values to other states
13:31 lz-dylan since it's an external repo (packages.elasticsearch.org) apt-get considers it unauthenticated
13:31 jY in jinja.. is there anway to test if a dict has a key?
13:31 jslatts joined #salt
13:31 destr0 buy defining pillars with the same namespace
13:31 uestra joined #salt
13:31 destr0 the trouble im having is overloading a given namespace
13:31 lz-dylan I'm providing a gpg key in pkgrepo.managed / - key_url: tktktk
13:31 bhosmer joined #salt
13:31 lz-dylan but it doesn't seem to take
13:32 destr0 i feel its most appropriate to do such a thing in the pillar included
13:32 destr0 so far its an all or nothing approach
13:32 XenophonF this is what i've cooked up - http://pastebin.com/0hzfDg5r
13:33 lz-dylan in https://github.com/saltstack-formulas/elasticsearch-logstash-kibana-formula/blob/master/kibana/init.sls I can see that when someone else tried this they just copied the whole GPG file straight in manually -- is there a better way to do this that works?
13:33 XenophonF then i can do {{ package }}:\n  pkg.installed:\n    - require:\n      - file: repos
13:33 XenophonF and it should DTRT on FreeBSD, Linux, and Windows
13:35 mproper joined #salt
13:35 XenophonF even better would be if i could set {% repo_require = "    - require..." %} in the sls file
13:35 frasergraham joined #salt
13:35 XenophonF maybe i could try that
13:36 XenophonF then i wouldn't need the intermediary state
13:36 XenophonF Let me try that.
13:36 harobed_ joined #salt
13:38 marnom arthurlutz: I think a better way to improve the security of the vagrant/NOPASSWD setup would be to use a custom vagrant 'insecure key' instead of the default one, that should provide adequate protection during provisioning with Vagrant and then Salt can just enfore a removal of the user & sudo setup.
13:39 anuvrat joined #salt
13:39 arthurlutz marnom: I'm not sure we have the same use case but yes it seems like a good idea
13:40 marnom arthurlutz: perhaps not :) but was still thinking a bit about the security implications of NOPASSWD setup and thought of this :)
13:40 babilen What was the command again that allows me to run something on all minions and that would then group minions by return value?
13:40 lz-dylan also, does anyone know a way to specify an exact version in salt.states.pkgrepo?
13:42 XenophonF destr0: do you think something like this might work? http://pastebin.com/PytG8R2W
13:42 babilen lz-dylan: What do you mean by "exact version" ?
13:43 arthurlutz babilen: overstate ?
13:44 babilen lz-dylan: Repositories are simply repositories that contain certain packages (typically with a single version)
13:44 quickdry21 joined #salt
13:44 babilen arthurlutz: I might miss some context
13:44 lz-dylan babilen: I mean pegging the install request to a point release (1.1.1 in this case) and failing if it can't install that exact version
13:46 abe_music joined #salt
13:46 babilen lz-dylan: You wouldn't do that in your pkgrepo definition (that simply configured a repository) but in your pkg.installed -- look for "version" in http://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html#salt.states.pkg.installed
13:46 lz-dylan babilen: at the moment the 1.1 repo appears to contain 1.1.1 and 1.1.0. Since I'm trying to use Logstash an exact version match is pretty important, so if 1.1.2 gets pushed to the repo, I don't want to pull it.
13:46 lz-dylan babilen: that looks perfect. thank you!
13:46 babilen lz-dylan: Which package manager is this?
13:47 lz-dylan babilen: I'll have to refactor a bit but that'll work out.
13:47 lz-dylan babilen: apt
13:47 GradysGhost joined #salt
13:47 babilen lz-dylan: An apt repository can only contain a single version for each package.
13:47 Networkn3rd joined #salt
13:47 babilen lz-dylan: The package name for 1.1.1 and 1.1.0 would have to be different
13:47 destr0 XenophoF: i cant see why it wouldnt work - seems to make sense to me
13:48 danielbachhuber joined #salt
13:48 destr0 http://pastebin.com/xQzf27ge
13:48 lz-dylan babilen: are you sure? I get this from my salt-call run: https://gist.github.com/arubis/a0f2524f3899f57a7348
13:48 XenophonF thanks destr0
13:48 lz-dylan babilen: n.b. there's two repos configured (1.0 and 1.1) but that's still a lot more than two results
13:49 XenophonF i'm spinning up a test VM now
13:50 babilen lz-dylan: I no idea what they are doing there, but you should have *exactly* one version in a Debian repository.
13:50 lnxnut joined #salt
13:50 babilen +have
13:51 lz-dylan babilen: fair 'nuff. Looks like this'll work for me for the time being, at least!
13:53 babilen lz-dylan: Sure, but that repository layout is highly irregular and, quite frankly, utterly broken.
13:54 babilen lz-dylan: Either way: version and hold in pkg.installed should be what you are looking for
13:54 cheus XenophonF, I don't know if you already solved this but I had the same question and found a solution. It's a bit hacky but you could use a watch for a state that implements test.succeed_without_changes
13:54 diegows joined #salt
13:55 ashw7n joined #salt
13:55 XenophonF cheus: Thanks, I was considering that, too.
13:56 faldridge joined #salt
13:56 cheus XenophonF, I'm not in love with it, myself, but right now I don't see many other options to glue requisites together
13:57 babilen XenophonF: What are you trying to express?
13:57 ghartz joined #salt
13:58 jY what config option can i set to tell master where to find custom ext_pillars
13:58 mateoconfeugo joined #salt
13:59 mgw joined #salt
14:01 destr0 does anyone have a reasonable way to re-declare/overload/override pillar variables?
14:01 destr0 http://pastebin.com/xQzf27ge
14:01 destr0 as you can see in this example im trying to replace the default config with one stored in the meta-pillar
14:01 Guest39355 Hi Chaps, any clues on this: [WARNING ] The cloud driver, 'lxc', configured under the 'lxc-01-portsmouth' cloud provider alias was not loaded since 'lxc.get_configured_provider()' could not be found. Removing it from the available providers list
14:02 Guest39355 v2014.1.3
14:03 destr0 im having issues understanding the pillar compilation and which pillar config will take precedence and whether or not ordering plays a role
14:03 Guest39355 Has anyone actually been able to provision LXC containers at all?
14:03 manfred Guest39355: https://github.com/saltstack/salt/tree/2014.1/salt/cloud/clouds
14:03 manfred Guest39355: lxc isn't in 2014.1
14:03 manfred Guest39355: there is no tagged release with it yet
14:04 Guest39355 http://docs.saltstack.com/en/latest/topics/cloud/lxc.html
14:04 Guest39355 implies its included :-/
14:04 cheus destr0, Your lists in pillar/appserver/init.sls are probably causing you issues
14:04 manfred Guest39355: it isn't
14:05 manfred it should have a note somewhere
14:05 manfred that it won't be included until helium
14:05 destr0 cheus: that's exactly what's happening, but why?
14:06 dimeshake joined #salt
14:06 Guest39355 Thanks manfred
14:06 jforest joined #salt
14:06 manfred yw
14:06 cheus destr0, Lists can't merge (no keys to match up). What you most likely want to do is create a map.jinja in your pillar/appserver then do a jinja import. You can basically use the same pattern as map.jinja in formulas
14:07 destr0 cheus: i find that ridiculous, i expect salt to do the heavy lifting here, don't you agree?
14:08 destr0 cheus: more and more i find myself doing something in jinja templates that salt should be doing natively
14:09 cheus destr0, Well, that is your prerogative. You also don't have you jinja -- you could use any number of pillar backends that might offer more flexibility for extending things. I forget what it's called but I think reclass is specifically built for something like that
14:09 shwaiil Q: I'm getting this error: [ERROR   ] Specified SLS 'groups' in environment 'base' is not available on the salt master. I've setup a Masterless configuration. Changed /etc/salt/minion file_client: local,  file_roots: base: - /srv/salt. Then created /src/salt/top.sls where base: "*": - groups - users, also the /srv/pillar, with correspondent files. I wonder what I may be doing wrong ?
14:10 cheus s/have you/have to use/
14:10 shwaiil Anything else I need to change for the masterless pick up the correct environment base ?
14:10 shwaiil Any hint is appreciated! I can also pastebin my files etc
14:10 shwaiil if it's necessary.
14:11 shwaiil * I get the error on salt-call state.highstate
14:11 sroegner joined #salt
14:11 destr0 cheus: can variables simply be overwritten, or replaced…in the case i dont want to merge?
14:12 destr0 id prefer to use the same variable namespace
14:13 cheus destr0, Yes, but you'll have to test the order. I don't recall which one (states or pillar) takes the first found vs last found
14:13 destr0 the ordering, is what's a mystery right now - im trying to determine if the conditional checking should be performed at the pillar or meta-pillar
14:14 pgpus joined #salt
14:14 destr0 if 'key' in pillar then define this yaml block
14:15 shwaiil * oh, I think I may know what's going on, remember reading. So, on my pillar I've got a directory in the form /srv/pillar/groups/groups.sls the file should be init.sls or something right ?
14:15 shwaiil I'll change it and TIAS
14:15 cheus destr0, It's not a hard test. Set up two pillars have foo: bar, and foo:baz, respectively, then use pillar.items() to see whether foo reports baz or bar
14:15 marnom shadowsun: if you want to reference it as groups and not groups.groups.sls then yes
14:16 destr0 ill test and provide my test cases in a few
14:16 cheus destr0, I think it's first-found
14:16 cheus see http://docs.saltstack.com/en/latest/topics/pillar/ section 5.2
14:16 shwaiil marnom: thanks :) I guess on my /srv/salt/groups/groups.sls I've got the same problem, should be init.sls right ?
14:17 jaimed joined #salt
14:17 cheus destr0, Reverse that, last-found
14:17 marnom shwaiil: if you want to reference it as groups, yes. correct
14:17 pgpus i am looking to connect to 'oz akan' of rackspace, can ayone help?
14:18 pgpus ok will check back later - thanks
14:18 shwaiil marnom: thanks dude : ) http://cdn.memegenerator.net/instances/400x/15994544.jpg
14:18 destr0 {% if 'sources' not in pillar %} fails when sources is defined in the meta-pillar, the defaults are being applied
14:18 marnom shwaiil: haha that meme :D
14:18 marnom shwaiil: and you're welcome, glad I could help
14:18 destr0 this check is occurring in the requisite pillar
14:19 pgpus left #salt
14:21 derelm joined #salt
14:21 to_json joined #salt
14:22 dccc joined #salt
14:22 cro joined #salt
14:25 destr0 cheus: i reversed the include loggingapp to the top of the meta-pillar and had replacement variables below that include statement, i think that hierarchy only applies to top.sls files
14:25 destr0 because it did not honor the ordering
14:25 supplicant I'm getting the following error: no filter named 'yaml'; line 17 in template
14:26 kermit joined #salt
14:26 supplicant the documentation states that there is a yaml filter. is there something special I need to do to use it?
14:26 destr0 i guess the underlying question is when is all the pillar information available?
14:27 destr0 does saltstack step through each included state, then pull in the pillar?
14:27 destr0 or is all the pillar data pulled in from the getgo
14:28 cheus destr0, grains, pillar, state but that's a bit of an oversimplification
14:32 tyler-baker joined #salt
14:32 shwaiil Q: I'm getting an error Rendering SLS users failed, render error: while parsing a block mapping in "<unicode string>", line 10, column 8: - password: $6$SALTsalt$AjIVmuSpPa ...  ( http://pastie.org/private/d93aacwlblcsjnqwcnt2a )
14:32 raizyr joined #salt
14:32 shwaiil I wonder why ?
14:32 shwaiil is this related with the indentation ?
14:34 gq45uaethdj26jw6 joined #salt
14:34 millz0r yes
14:34 millz0r its wrong shwaiil
14:34 millz0r in the templates code statements are always unindented
14:35 millz0r the {% %} blocks
14:35 tedski you're also mixing 4 space and 2 space indents
14:35 tedski yaml requires continuity
14:35 tedski salt convention is 2 space indents with yaml
14:36 pass_by_value joined #salt
14:36 ipmb joined #salt
14:36 shwaiil millz0r: tedski thanks! 4 space and 2 space idents..hum ok
14:36 destr0 debug shows the dict rendering for the requisite dict happening last regardless of the order in the meta-pillar
14:37 millz0r destr0: tried order: last in state itself?
14:37 deares joined #salt
14:37 destr0 millz0r, its a meta-state
14:38 destr0 in top.sls contains a match against a grain with a single state
14:38 millz0r I see
14:39 millz0r not sure if that will help you but might take a look at overstate
14:39 destr0 i see meta-states in the way pup manifests are created
14:39 destr0 all your states and and all your specific config settings under one house
14:39 eriko joined #salt
14:40 destr0 the requisite states become arbitrary pkg and config inclusions with the obvious templating
14:40 millz0r Im not sure what meta-state is
14:41 mikkn joined #salt
14:41 kryss joined #salt
14:41 lilmatt joined #salt
14:41 destr0 i consider a state that simply includes other states
14:41 destr0 so rather than classifying all your states at the top, they're done in this state
14:42 mateoconfeugo joined #salt
14:43 millz0r ah
14:43 millz0r Im using a different approach now, I have distinct states for all my apps
14:44 millz0r and use a custom-built module to combine them in a top-style match for different machines, environments and setups
14:44 millz0r without having to specify a million top.sls files
14:45 faust joined #salt
14:45 millz0r https://github.com/gtmtechltd/salthiera
14:45 millz0r this specfically
14:46 brvko joined #salt
14:47 shwaiil Q: I found this post, where the state is using a different syntax then yuml http://www.heystephenwood.com/2013/11/using-saltstack-to-manage-linux-users.html ? It's using {% %}, looks so much better then yuml
14:47 shwaiil What is that ?
14:47 cheus Are extends not visible in show_low_sls() ?
14:47 shwaiil oh no, there's some yuml in the bottom
14:47 millz0r uhm shwaiil
14:47 mikkn shwaiil: It's just A LOT of Jinja in that one
14:47 millz0r the {% %} are python code blocks that you can incldue
14:47 shwaiil oh ok
14:48 mikkn {% %} are jinja operator tags, {{ }} are jinja echo tags
14:48 millz0r and {{ var }} are values of python variables that you set
14:48 shwaiil Thanks : )
14:48 thedodd joined #salt
14:51 shwaiil Ok! Just finished my first (ok you guys helped me), first users, groups pillars and states! On a Masterless node (should I call it differently? Masterless server, Masterless configuration, other ?!)
14:52 millz0r masterless minion is fine
14:53 repl1cant joined #salt
14:53 supplicant hmm, my version of salt doesn't support the yaml filter, damnit
14:54 millz0r supplicant: its easy to update
14:54 supplicant it's a lot harder to update than working around the problem by using mako
14:55 ggoZ joined #salt
14:55 supplicant also, updating isn't backwards compatible
14:55 supplicant so
14:55 millz0r thats true
14:55 jalbretsen joined #salt
15:00 pdayton joined #salt
15:01 elfixit joined #salt
15:02 anuvrat joined #salt
15:03 KennethWilke joined #salt
15:05 wincus joined #salt
15:05 frasergraham joined #salt
15:07 shwaiil Q: Ok, now trying to learn how to use this "formulas". Picked php-formula, for example. I'm checking it and I don't see where the version of php is being set ? https://github.com/saltstack-formulas/php-formula
15:07 saurabhs joined #salt
15:08 __hudson__ joined #salt
15:09 XenophonF babilen: Sorry, took a few phone calls there and had to step away from IRC.  I'm trying to deploy packages using formulas.  For FreeBSD, I need to configure a private package repository before doing the package deployments.
15:09 kryss__ joined #salt
15:09 cheus Bah. Wow. That was incredibly unintuitive; can anyone else confirm this finding? That extended states are not visible with the various salt.state.show_* functions?
15:10 XenophonF but i didn't want to have a bunch of {% if grains['os_family'] == 'FreeBSD' %} exceptions scattered through the rest of my states
15:16 kryss joined #salt
15:16 AdamSewell joined #salt
15:19 babilen XenophonF: Why is that a problem
15:19 babilen XenophonF: The idea would be to conditionally use a pkgrepo state that you (conditionally) require in your pkg.installed one
15:19 XenophonF I don´t like coding by exception.
15:20 babilen XenophonF: Then write one block for each os_family
15:20 XenophonF I want all subsequent pkg.installed states to depend on a single common "the repos are installed"\
15:20 XenophonF that way i don't have to remember to change the various exceptions later
15:20 XenophonF i dunno - coding style?
15:21 XenophonF let me test this out and i'll show you what i've cooked up
15:21 XenophonF brb gotta get son from school first :)
15:21 babilen Yes, just include the pkgrepo for FreeBSD and either list pkg.installed states later so that they are implicitly executed later or explicitly require that state in there. You could even set the particular repo based on os_family ... if you don't want to do that in the SLS file then create a map and have the logic in there.
15:22 wendall911 joined #salt
15:23 timoguin shwaiil: looks like it's just defaulting php5. the values for certain vars are getting setting in the map.jinja file: https://github.com/saltstack-formulas/php-formula/blob/master/php/map.jinja
15:23 conan_the_destro joined #salt
15:23 babilen XenophonF: I am thinking of something along the lines of: https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/map.jinja in which you define the os_family specific bits. You would also have an, optional, "pkgreponame" (or something better) in there.
15:23 timoguin map.jinja has become a convention for the formulas as a way to define distro-specific values
15:23 shwaiil timoguin: thanks! so this probably means that it's installing the latest ?
15:24 timoguin it's install the php5 package on debian, anda the php package on redhat
15:24 timoguin so yea, the latest in the package manager
15:24 babilen XenophonF: In your state you can then have logic such as {% if pkgrepo in map %} require: pkgrepo: {{ map.pkgreponame }} ...
15:25 shwaiil timoguin: what should I do, if I wanted a specific version, let's say 5.3 ?
15:25 martoss left #salt
15:26 ccase joined #salt
15:26 babilen shwaiil: There is, typically, only a single php5 version in a distribution.
15:27 timoguin shwaiil: so, all those values in map.jinja can be overriden with pillar data. that's what the last line does.
15:27 timoguin but yea, what babilen said. unless you resort to running your own apt/yum repo, in pinning certain versions using the package manager
15:27 timoguin *or pinning
15:28 jimklo joined #salt
15:28 shwaiil Oh I see. Interesting : )
15:30 __hudson___ joined #salt
15:33 tligda joined #salt
15:34 jgarr morning
15:34 jgarr just making sure my irssi is working...sometimes it locks up :)
15:35 ldlework joined #salt
15:37 ajolo_ joined #salt
15:40 che-arne joined #salt
15:48 frasergraham joined #salt
15:48 shwaiil Q: I got a requisite error from my state ( http://pastie.org/private/rqa6776t8tgr9ictygbya ). watch: file: /etc/php5/apache2/php.ini, guess it's because I need to set apache2 as service and running so the php.ini file is created ?!
15:49 dopp jgarr: if you're running it in screen, you may be accidently hitting ctrl-s (suspend the screen)
15:49 dopp ctrl-q will unsuspend
15:51 PI-Lloyd Is there any info on testing saltstack files in jenkins. Lint tests etc ? We want to build a CI system to test any changes to salt before they hit production but cannot find any info on building the tests.
15:51 ajolo__ joined #salt
15:52 timoguin PI-Lloyd: http://docs.saltstack.com/en/latest/topics/development/tests/index.html
15:52 miqui joined #salt
15:52 tligda shwaiil: You need to have a file state for the file that you are watching. That will get rid of that error. Even if the file state doesn't do anything other than confirm that the file exists, that's how salt knows about the file.
15:53 shwaiil tligda: oh ok ok interesting : )
15:54 mgw joined #salt
15:55 tligda shwaiil: Something like this: http://pastebin.com/Js4geBVq
15:56 shwaiil tligda: super :) thanks for your atention!
15:57 tligda shwaiil: You are welcome! Happy to help!
15:57 meteorfox joined #salt
15:58 meteorfox joined #salt
15:58 ipalread_ joined #salt
15:58 PI-Lloyd Thanks timoguin, are the tests in the test suite able to check for syntax in things like a top or init sls file? It's more a case of building tests to make sure that when someone creates a new config, that everything checks out, rather than pushing it live, it going awry, then us spending hours looking for a missing semicolon or what not.
15:59 timoguin PI-Lloyd: ah, no. those are for testing the salt code
16:00 timoguin PI-Lloyd: look at kitchen-salt
16:00 timoguin it's the best available for unit testing states
16:00 jgarr dopp: I'm running in tmux. I just tested and looks like those kb shortcuts work there too
16:03 PI-Lloyd Thanks again timoguin. Will take a gander at that now.
16:03 swebb joined #salt
16:12 saurabhs joined #salt
16:12 saurabhs1 joined #salt
16:12 Nexpro joined #salt
16:15 jas- I am curious to know about line #178 in salt/crypt.py (https://github.com/saltstack/salt/blob/develop/salt/crypt.py#L178). It seems to get called from satl/master.py when shared secrets do not exist between minions and the master (based on evaluation of code flow only at this point). Can anyone shed some light on this process?
16:15 schimmy joined #salt
16:16 redondos joined #salt
16:16 redondos joined #salt
16:16 smcquay joined #salt
16:16 joehillen joined #salt
16:17 schimmy1 joined #salt
16:17 hunter_ joined #salt
16:21 shwaiil Q: Ok, total noob here. About hashing passwords, where it says "salt" it's where I should put my secret keyword correct ? I've been leaving it like SALTsalt, didn't noticed! python -c "import crypt; print crypt.crypt('password', '\$6\$SALTsalt\$')"
16:21 shwaiil Any hint ? Thanks!
16:22 theo-slc joined #salt
16:22 jas- A quick grep shows it to be created by __gen_token() as defined on line #178 of crypt.py (https://github.com/saltstack/salt/blob/develop/salt/crypt.py#L178).  This seems to be a hard coded value that is seems to be used during the key exchange process to help protect the public keys the minions send up to the master node. I am really hoping someone can shed some light on this process as it seems to be a sort of achilles heel if a mitm
16:22 jas- scenario exists
16:22 theo-slc What hardware manufacturers provides the best support for next devices managed using the proxy minion?
16:23 theo-slc it is Cisco?
16:24 hunter_ joined #salt
16:25 jas- n/m it is a known issue https://github.com/saltstack/salt/issues/2239
16:26 lilmatt joined #salt
16:26 miqui_ joined #salt
16:28 rgbkrk joined #salt
16:28 timoguin theo-slc: Juniper, I think
16:28 theo-slc that's what I thought
16:28 theo-slc but I also heard that cisco was shipping with salt as an option
16:30 theo-slc Looks like Arista might also be supported
16:30 stephas joined #salt
16:34 bhosmer joined #salt
16:35 jgarr if I have dev prod base environments specified in my /etc/salt/master config. do the minions need those environments in their /etc/salt/minion config too?
16:36 arthurlutz joined #salt
16:37 forrest joined #salt
16:39 hunter joined #salt
16:40 swissknife joined #salt
16:40 timoguin jgarr: the minions only need the environment they belong to
16:40 timoguin that can be set in the minion config or the minion's pillar
16:41 timoguin or grains
16:44 RandalSchwartz {{ if pillar['is_brochure_site'} }} is bad syntax
16:44 RandalSchwartz I'm just testing whether it's true or absent
16:44 RandalSchwartz do I need to add the nutty " == true" to it?
16:45 RandalSchwartz Oh... not trying to print!
16:46 RandalSchwartz uh oh... next problem.. SaltRenderError: Jinja variable 'dict object' has no attribute 'is_brochure_sit\
16:47 RandalSchwartz the key may be present or absent... how do I get pillar['is_brochure_site'] to work properly
16:48 jgarr timoguin: so in pillar I would just need to set base and prod (for something in prod). I guess that makes sense
16:49 jgarr timoguin: thanks
16:49 timoguin base is a common env, so you don't have to set that one. otherwise yea
16:49 failed_array joined #salt
16:50 whiteinge RandalSchwartz: {% if 'is_brochure_site' in pillar %} or {% if pillar['is_brochure_site'] == True %}
16:50 whiteinge (first one is better for testing either true or absent)
16:51 RandalSchwartz no... == True fails too
16:51 whiteinge better (safer) version of the second: {% if pillar.get('is_brochure_site') == True %}
16:51 whiteinge ^^ doesn't fail if absent
16:51 RandalSchwartz .. SaltRenderError: Jinja variable 'dict object' has no attribute 'is_brochure_site'; line 4
16:51 jgarr timoguin: we'll one of my problems is I moved base to /srv/salt/states and it keeps getting changed back without setting it in pillar
16:52 jgarr maybe I should re-think that design, but it just made more sense to me to contain everything salt related in /srv/salt/{pillar,states} rather than just all in /srv
16:52 conan_the_destro joined #salt
16:52 jgarr I have other things in /srv which are also contained in folders (git, etc.)
16:52 jalaziz joined #salt
16:53 RandalSchwartz this worked exactly as I wanted: {% if pillar.get('is_brochure_site') %}
16:53 RandalSchwartz now I have the pattern down. :)
16:54 scooby2 joined #salt
16:54 jalaziz_ joined #salt
16:54 sroegner joined #salt
16:56 resmike joined #salt
16:56 giannello joined #salt
16:56 thayne joined #salt
16:58 jgarr timoguin: does pillar_roots matter for the minions? I was under the assumption that pillar data isn't copied to minions
16:58 timoguin jgarr: nah, pillar_roots is only for the masters. it'll send the minions what they need.
16:58 jgarr k, that's what I thought but I was setting it anyway just to be sure
16:59 sroegner_ joined #salt
17:01 ccase_ joined #salt
17:02 anuvrat joined #salt
17:05 RandalSchwartz heh... salt '*' service.restart salt_minion
17:05 RandalSchwartz and no responses... I wonder why. :)
17:07 jhulten joined #salt
17:11 Ryan_Lane joined #salt
17:11 resmike joined #salt
17:12 ndrei joined #salt
17:12 MechaXL joined #salt
17:13 kermit joined #salt
17:13 MechaXL So, I'm running into an error with the system locale
17:14 MechaXL i tried adding "- reset_system_locale: false", but that doesn't seem to work
17:14 MechaXL are there docs somewhere on exactly how to use that functionality?
17:14 MechaXL passing it in to the command line doesn't seem to work either
17:15 shwaiil Q: My state for mysql client and server. I got an error: The named service mysql-server is not available! http://pastie.org/private/zsrgextbe5x8vixwivw4na I wonder what I did wrong ? any hints ?
17:18 giannello a question about orchestration: let's say I have a formula for a web application, and this application has a "web" part (webserver+php) and a "database" part (mysql). I wrote 2 different sls, one for the web, one for the db, so I can use the right sls for the webserver server and the database server
17:19 giannello I can configure the servers in the topfile, and avoid running the highstate on boot, so I can execute the orchestrate runner to provision the machines in the right order
17:20 giannello is there any way to introduce a "virtual" requisite so that if I decide to deploy the two formulas on the same machine I don't have to use the orchestrate runner but I can just trigger an highstate?
17:20 cruatta joined #salt
17:20 XenophonF hm, how do i reference a jijna variable defined in one sls file from another?
17:21 fivethreeo joined #salt
17:22 ajprog_laptop joined #salt
17:23 XenophonF could i use an import?
17:25 destr0 joined #salt
17:26 resmike joined #salt
17:30 jhulten_ joined #salt
17:32 n8n joined #salt
17:34 ldlework left #salt
17:38 schmutz joined #salt
17:39 gq45uaethdj26jw6 anyone use salt-cloud with gogrid here before? I'm having an intermittent issue with provisioning to specific regions
17:40 shwaiil Q: My mysql-debconf state is not working. This is my full mysql client and server sls http://pastie.org/private/tf6hvyucoktgiocvskqljq I don't get any errors, but I can't login with the password I've got on my pillar. Any hints ?
17:40 shwaiil * I tried to change this by hard typing the password on the sls file, but no success
17:41 resmike joined #salt
17:42 thedodd joined #salt
17:49 ashw7n joined #salt
17:49 jaycedars joined #salt
17:51 picker joined #salt
17:52 XenophonF hm i think a jinja macro might be the way to go
17:54 resmike joined #salt
17:56 quickdry21 I seem to be having issues with the git state (2014.1.3). we are using a git tag for deployments, which is updated as required (git tag -f release). I'm using the git state with always_fetch: True, which to my understanding should always fetch the tags. However, when using salt to deploy, it is not fetching the latest version of the tags, and is checking out whatever commit the tag previously pointed to.
17:59 aw110f joined #salt
18:00 schmutz joined #salt
18:01 MechaXL Would there be any interest in a config file setting for reset_system_state?
18:01 MechaXL it would be nice if that could be globally overridden
18:01 MechaXL if you know that all of your machines can handle something other than pure ascii
18:02 tligda Has anyone used the idea of using salt to install salt? I'm trying to wrap my head around it and some assistance would be great.
18:02 tligda I'm looking at https://github.com/saltstack-formulas/salt-formula
18:04 tligda In that formula, when you do the salt-minion installation, it looks like the salt-minion is already installed and the salt-minion is overwriting its own minion file.
18:04 MechaXL_ joined #salt
18:05 tligda That sounds illegal, but is it?
18:05 forrest tligda, the conf is loaded on service restart, so you can drop the new one in just fine.
18:05 tligda forrest: Ahh, I see.
18:05 XenophonF how do i debug yaml rendering?
18:06 XenophonF i'm pretty sure i overlooked it in TFM
18:06 XenophonF i need to debug a jinja render problem with whitespace trimming
18:06 tligda forrest: So you can install salt-minion in a masterless configuration, use the states to overwrite the minion file, and when you restart, the salt-minion will be pointed to the salt-master and from then on the salt-minion will ignore its own state files?
18:07 anuvrat joined #salt
18:07 timoguin tligda: yuhp
18:07 tligda timoguin: Sweet. Thanks!
18:07 forrest tligda, what do you mean it will ignore its own state files? You mean the files that you used during the masterless setup? If so yes. The states would be downloaded from the master into the minion's cache
18:07 tligda forrest: Yes, that's exactly it.
18:07 tligda forrest: Thanks!
18:08 forrest np
18:08 n8n joined #salt
18:13 Nexpro joined #salt
18:15 forrest joined #salt
18:16 grantbow joined #salt
18:16 druonysuse joined #salt
18:17 derelm joined #salt
18:20 cruatta joined #salt
18:25 n8n joined #salt
18:26 kermit joined #salt
18:28 utz joined #salt
18:29 smcquay joined #salt
18:29 XenophonF is there any way to see how jinja renders the yaml?
18:30 Ryan_Lane joined #salt
18:30 shwaiil Q: Been trying for one hour now, can't figure out why I can't set the initial root password ? http://pastie.org/private/9nyt6kvs2yrivlzqxmqgw
18:31 shwaiil Any hints ?
18:31 rgbkrk joined #salt
18:31 ashw7n_ joined #salt
18:32 shwaiil * https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/server.sls
18:32 shwaiil followed this formula
18:33 AdamSewell joined #salt
18:41 whiteinge shwaiil: do you see the correct password when you run ``salt '*' pillar.get mysql:server:root_password`` from the CLI?
18:41 shwaiil whiteinge: thanks for looking! I'll check that. I'm a noob btw
18:42 shwaiil trying to learn salt, just a sec
18:42 whiteinge no worries :)
18:42 whiteinge and welcome!
18:42 HeadAIX joined #salt
18:42 shwaiil yeah, I can see it. But I'm seeing the sha512 hash
18:43 shwaiil maybe it's not supported in the way I did ?
18:43 shwaiil 'mysql-server/root_password': {'type': 'password', 'value': '{{ mysql_root_password }}'}
18:43 shwaiil change to password_hash instead ?!
18:43 shwaiil but, I tried to hard type a basic password like "root", didn't worked.
18:44 jaycedars joined #salt
18:45 whiteinge shwaiil: what OS?
18:45 shwaiil ubuntu 14.04
18:46 stanchan joined #salt
18:46 derelm joined #salt
18:47 whiteinge hm
18:48 shwaiil the error is ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
18:48 whiteinge i believe you set a plain password here
18:49 shwaiil Ok, I'll try to forget about the hash for the moment and use a plain password, to help debug.
18:49 whiteinge i'm a little fuzzy on how debconf works -- is it true that values set via debconf only apply when the package is installed?
18:50 mgarfias joined #salt
18:50 shwaiil whiteinge: apparently on Debian is during installation
18:52 lz-dylan Can I do a watch on a directory and have it trigger on changes to any of its contained files?
18:53 whiteinge any chance the pillar value was mis-configured during the package install? looking at this state, if you change the pillar value it won't have any affect if the package is already installed
18:53 whiteinge whereas the non-debian clause in that if-statement would
18:53 XenophonF I'm getting the error "The following packages failed to install/update" when applying a pkg.installed state.  :(
18:53 XenophonF i can install from the command line without any difficulty
18:53 hunter joined #salt
18:53 __hudson__ joined #salt
18:54 shwaiil whiteinge: I removed the clauses just left the debian commands
18:54 whiteinge shwaiil: i'd suggest trying the other way. remove the debian stuff and use the commands that shell out
18:55 shwaiil whiteinge: thanks, I'll try that :)
18:55 whiteinge XenophonF: what OS?
18:55 XenophonF FreeBSD
18:55 XenophonF am looking through the minion logs now
18:56 linuxlewis joined #salt
18:56 resmike joined #salt
18:56 XenophonF i dunno, might be an issue with the pkgng repo list
18:57 XenophonF yeah, looks like a pkgng config error on my part
18:57 shwaiil whiteinge: can it be related with the initial setup ? because now I get  error: 'Access denied for user 'root'@'localhost' (using password: NO)'
18:57 shwaiil using the non debian mysql root password state ( https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/server.sls )
18:59 resmike joined #salt
18:59 jforest so, will helium be 2014.2.0 ?
19:00 Gareth I heard 2014.5.0
19:00 jforest because of the month?
19:00 jforest sorta like ubuntu?
19:00 jcockhren jforest: yep
19:00 Gareth the month when feature freeze is I believe.
19:00 Gareth ..and the RCs begin.
19:01 jforest Gareth: thanks
19:01 whiteinge shwaiil: yeah, i'm thinking that initial setup went south and now you can't set the root password to something new
19:01 whiteinge !modules.mysql.user_chpass
19:01 wm-bot4 http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mysql.html#salt.modules.mysql.user_chpass
19:01 Ztyx joined #salt
19:01 whiteinge shwaiil: ^^ might be helpful instead
19:01 shwaiil Ok I'll sudo apt-get remove --purge mysql-server mysql-client mysql-common
19:01 whiteinge that works too :)
19:02 shwaiil It worked now! But, I do want to use the hash sha512.
19:02 shwaiil Can I still use it in this context ? http://pastie.org/private/snncxj44kwwbwf24w66eyw
19:03 shwaiil needs to be plain maybe ?
19:04 cruatta joined #salt
19:06 fivethreeo http://docs.saltstack.com/en/latest/ref/states/all/salt.states.mysql_user.html#module-salt.states.mysql_user is better no? :)
19:08 shwaiil fivethreeo: thanks! I'm learning so, there's loads to go through. In this case, not sure if you seen the pastie. I would remove the root password state or the debian debconf, and just add a state with root ID ?
19:08 whiteinge looks like the mysql.server formula sets the initial password and the mysql.user formula can be used to update existing users
19:10 fivethreeo But it only sests it on install
19:10 fivethreeo sets
19:11 shwaiil Ok, so I'll stick with the method I've been working with. fivethreeo, it's a nice tip though, I just got stuck because of an issue with the initial password that was setup. so nothing was working.
19:11 ghartz_ joined #salt
19:11 shwaiil Just wondering though, how I would use password hash sha512
19:14 whiteinge i'm not overly familiar with mysql. how do you use a password hash via the CLI?
19:14 mgarfias joined #salt
19:15 shwaiil whiteinge: there's this command called mkpasswd
19:15 shwaiil but I've used this other command from python.
19:15 schristensen joined #salt
19:15 shwaiil but at the moment I'm going to try the property http://pastie.org/private/wrvitpjcqjs9qm4was1wqq on mysql-debconf
19:16 shwaiil password to password_hash to see what happens
19:16 * whiteinge nods
19:16 whiteinge i see how to do it post-install. i'm not sure offhand how to do it during install
19:17 shwaiil Yes, so basically, it didn't worked. What I'll do is using plain password. It's ok!
19:17 shwaiil but before that I'm going to ask on #mysql if it's possible using  mysqladmin --user root password or mysql --user root --password
19:18 whiteinge cool. if you find the answer it would be nice to work that into the formula
19:19 shwaiil whiteinge: I'll do! Just a sec.
19:20 jcockhren is salt supported to run on pypy?
19:20 kober joined #salt
19:21 kober Hey!  Is there a "hello world" tutorial on getting started with Salt?  I basically want something that shows me how to git clone a repo, create a virtualenv, pip install the git clone, and start the app
19:21 kober Just a basic wsgiapp deploy story to get my feet wet
19:22 RandalSchwartz that's a lot more than "hello world"
19:22 RandalSchwartz that's a three act play :)
19:22 XenophonF hah
19:22 XenophonF kober: start with the tutorial on http://salt.readthedocs.org/
19:22 kober Hah, what would hello world be then?  I feel iike that would be the minimum needed to get started
19:23 RandalSchwartz my first hello world was make a file.managed in /tmp on the target
19:23 kober I guess if it cut out the git clone part I could install from my custom pip index instead
19:23 RandalSchwartz then made it a jinja to see how that worked
19:23 kober RandalSchwartz: ahh, so you started just making a file appear on a target server?
19:23 RandalSchwartz yes
19:23 kober I guess that makes sense since I don't even know how to do that :)
19:23 whiteinge kober: what OS are you on?
19:23 RandalSchwartz I even got bold and made a file.recurse then
19:24 RandalSchwartz yeah, start small
19:24 RandalSchwartz one change at a time
19:24 XenophonF kober: http://salt.readthedocs.org/en/latest/topics/tutorials/index.html
19:24 kober whiteinge: I'm running Linux
19:24 XenophonF start with the state tutorial
19:25 kober whiteinge: I'm running Ubuntu 14.04 natively but have virtual machines with virt-manager for CentOS if redhat is better
19:25 whiteinge kober: installing Salt from pip is easy but installing M2Crypto from pip (one of Salt's deps) can be awful
19:25 jtang1 joined #salt
19:25 whiteinge you'll likely have an easier time installing salt via the PPA or the RPM in EPEL
19:26 whiteinge pip can work but it might not be the best first impression :)
19:27 shwaiil whiteinge: about the hash. so, any of those commands I've mentioned on the non debian version or the debian debconf, they only support plain text passwords. This because mysql hash the passwords.
19:27 whiteinge ah
19:28 shwaiil I'm pretty sure that advanced users know how to solve this. But not me at the moment, unfortunately.
19:28 claytonk joined #salt
19:28 shwaiil So, if I keep the hash password on the pillar, for my mysql configuration. It would double hash it.
19:28 kober Thanks for the suggestions!  I'm going to go the RandalSchwartz route and make it as simple as possible, my end goal is git clone -> deploy but getting a file on there is probably a good start
19:28 shwaiil But, I may be wrong.
19:29 whiteinge shwaiil: a quick workaround could be to set the inital root password and run the mysql.server state. then change the permanent hashed password in pillar and run the mysql.user state
19:29 mik3 kober: bootstrapping it with curl is the easiest but doing that blindly is a security risk
19:29 kober I don't mine apt-get/yum installing salt, I'm hoping to go "masterless" or run with salt-ssh at first
19:29 kober I don't have pxe or anything setup for actually provisioning the boxes
19:30 mik3 is this just a test environment for you to get your feet wet?
19:30 kober so running the salt commands without provisioning the servers first would be most beneficial
19:30 whiteinge shwaiil: bah, i misspoke. nevermind that suggestion
19:30 kober Especially if I could learn to use salt-ssh to provision the servers to be master or minions
19:30 nhubbard is there a way to get a timestamp in a state sls? fighting jinja trying to get it
19:30 whiteinge shwaiil: the mysql.user formula doesn't have the "password_hash" argument (it is easily added though)
19:31 shwaiil whiteinge: you've got the url with the docs handy ?
19:31 claytonk whiteinge: I can help with that
19:31 kober RandalSchwartz: https://pbs.twimg.com/media/BnshcMvIgAE2FFg.jpg
19:31 whiteinge !modules.mysql.user_chpass
19:31 wm-bot4 http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.mysql.html#salt.modules.mysql.user_chpass
19:31 whiteinge ^^ module
19:31 shwaiil whiteinge: I think your suggestion makes a lot of sense to be honest. Like install with a root password temp and then, have the other state change the pw ? something like this ?
19:32 whiteinge yeah
19:32 whiteinge claytonk: that would be awesome
19:32 whiteinge this formula just needs an optional password_hash argument: https://github.com/saltstack-formulas/mysql-formula/blob/master/mysql/user.sls
19:33 supplicant running salt-call state.highstate on the master seems to be changing the key stored for it in /etc/salt/pki/master/minions/ whereas salt master state.highstate doesn't
19:33 claytonk it was on my todo for users.sls
19:33 supplicant anyone have any ideas about this?
19:33 shwaiil claytonk: you can do that ? That would be awesome!
19:33 shwaiil nice suggestion whiteinge
19:34 abe_music we've been encountering issues like the following while using overstate and large numbers of machines: https://gist.github.com/abemusic/36fc3d519694d8d40aec
19:34 abe_music any insight on what could be going on?
19:34 mateoconfeugo joined #salt
19:35 Ryan_Lane abe_music: weren't you at wikimedia's hackathon a while back?
19:35 toddnni joined #salt
19:35 claytonk shwaiil: sure but I'm a bit backlogged till Monday
19:35 bud joined #salt
19:35 abe_music Ryan_Lane: yeah, been at least two years, maybe three
19:35 abe_music Ryan_Lane: your name is familiar too
19:35 Ryan_Lane :D small world. you helped us fix an issue in an nginx module
19:35 shwaiil claytonk: that's ok, wasn't expecting that. Anytime, whenever possible, that's going to be really useful :)
19:36 ccase joined #salt
19:36 bud Has anyone used the LXC cloud provider with salt installed from develop? http://docs.saltstack.com/en/latest/topics/cloud/config.html#lxc
19:36 kober ok, so I'm looking at http://salt.readthedocs.org/en/latest/topics/tutorials/quickstart.html  and the first step is "run salt-call"  and it is showing to use the curl bootstrap, which is not recommended.  So if I want to do this via apt, what is the package I want to install to get salt-call?
19:36 abe_music Ryan_Lane: that's right! i also took down the SSL side of wikipedia for a few minutes too :-/
19:36 Ryan_Lane :D
19:36 abe_music that was a lot of fun
19:36 kober Is that part of salt-common?
19:37 Ryan_Lane abe_music: not too many people can get to say that ;)
19:37 mateoconfeugo joined #salt
19:37 abe_music Ryan_Lane: yeah i know, i definitely bring that up whenever i can...small claim to fame (if you can call it that!)
19:37 ajprog_laptop joined #salt
19:38 abe_music Ryan_Lane: would like to make it back out again sometime....been doing a lot of hackathons in Nashville though which are pretty fun too
19:38 bud Am I right assuming that the first code example from there must go in either /etc/salt/cloud.providers or /etc/salt/cloud.providers.d/lxc.conf?
19:38 Ryan_Lane abe_music: well, we'll be having salt document sprints, that could be fun to go to ;)
19:39 claytonk I've got a question about Salt SSH protocol. We're interested in possibly using it to update a Syndic's pillar data
19:39 abe_music Ryan_Lane: that in salt lake?
19:39 bud And I suppose that the target in there must match the minion name from the local master.
19:39 claytonk the Syndic will be at lower security zone in a DMZ than the Salt Master running on the Inside network
19:39 Ryan_Lane abe_music: the first one will be online
19:40 abe_music Ryan_Lane: that's cool...got any info on it so i can put it on my calendar?
19:40 Ryan_Lane abe_music: I'll likely host some further ones in the Lyft offices in SF
19:40 Ryan_Lane abe_music: this upcoming tuesday
19:40 Ryan_Lane 5/20
19:41 claytonk the firewall allows the master to route down to the DMZ syndic but the syndic will not be allowed to communicate upstream
19:41 Ryan_Lane whiteinge: do we have a specific sprint scope yet?
19:41 whiteinge kober: install the salt-master package and the salt-minion packaegau
19:41 Ryan_Lane intro docs, right?
19:41 whiteinge Ryan_Lane: yes sir! intro docs. we should start with your suggesting of pairing up and going through the tutorials
19:41 abe_music Ryan_Lane: awesome, i'll be traveling to chicago next week so can't guarantee anything, but would be glad to help if i can
19:42 Ryan_Lane abe_music: excellent
19:42 Ryan_Lane whiteinge: cool
19:42 claytonk the idea is to compartmentalize the pillar data between security zones
19:42 kober whiteinge: So right now I'm just on my laptop, and I have a remote machine I want to configure.  So I assume the master package needs to be on my laptop, but not the minion one?
19:42 abe_music Ryan_Lane: what time will this be kicking off? i might be able to recruit a couple of folks from my company that's been getting into salt
19:42 Ryan_Lane good question :)
19:43 Ryan_Lane whiteinge: any idea on starting time?
19:43 whiteinge kober: ah, yes. exactly right
19:43 Ryan_Lane have we announced the sprint anywhere?
19:43 claytonk so even if a syndic is compromised, it can't get all the keys to the kingdom on the master
19:43 whiteinge Ryan_Lane: i'll be around all day. http://www.saltstack.com/saltstack-events/salt-docs-sprint
19:44 Ryan_Lane ah. cool
19:44 kober Intro docs sound great! :)
19:44 Ryan_Lane whiteinge: you should always announce with local and UTC time ;)
19:44 kober I feel like I'm a few levels below what the intro docs assume right now
19:45 whiteinge kober: yeah, they need love. we need different intro docs for different audiences too. there's an open issue collecting thoughts on that
19:45 kober I would have liked "You need salt-master package that provides you these commands"     "Run this command to put a file on your remote server"
19:45 jraby joined #salt
19:45 * whiteinge nods
19:46 whiteinge Ryan_Lane: yeah, good call
19:46 adizam joined #salt
19:48 kober The intro docs should also link to the PPA and EPEL repos and recommend those over the curl script
19:49 kober http://www.saltstack.com/  doesn't have a download link at all from what I can tell
19:50 jraby hi guys, we're having a strange issue here: since a few hours, all minions (~50) have started authenticating over and over again against the master. The master gets the auth request, and logs a message saying that it accepted the auth.  However the same minion start to auth again a few seconds later.
19:50 jraby if we try to run a simple 'test.ping',  salt return with this:
19:50 jraby [ERROR   ] Salt request timed out. If this error persists, worker_threads may need to be increased.
19:50 jraby Failed to authenticate, is this user permitted to execute commands?
19:51 jraby We're running with the default 5 worker_threads  and they are all currently busy handling auth requests
19:51 whiteinge jraby: what salt version (master and minion(s))?
19:51 jraby 2014.1.1
19:51 jraby I just upgrade the master to 2014.1.3, same thing
19:52 kober Is 2014.1.1 preferred version?  My ubuntu 14.04 has 0.17.5 and I figured that was fairly recent
19:52 nkuttler jraby: are you running minion + master with -l debug? no other relevant output?
19:52 Ryan_Lane kober: that's old. you should use the salt ppa rathet than the ubuntu version
19:52 jraby the symptoms seem similar to https://github.com/saltstack/salt/issues/11840, but I have yet to find a workaround to get the stack back in shape
19:53 nkuttler i think i've only seen such timeouts when the master was unreachable
19:53 whiteinge jraby: that sounds like the auth flood bug that was fixed in 2014.1.3 (or was it 2014.1.4?). you need to upgrade the minions too for the fix, or set a few config options in the minion config
19:53 kober Ryan_Lane: Yeah, I was trying to find info on the PPAs on the site but it isn't discussed on readthedocs or on main saltstack.com website
19:54 jraby I'll try to upgrade a minion
19:54 Ryan_Lane kober: http://docs.saltstack.com/en/latest/topics/installation/ubuntu.html
19:54 jraby it is sad, I can't use salt to upgrade salt when it is hosed :(
19:54 jimklo joined #salt
19:54 RandalSchwartz that's why you should install metasalt :)
19:55 * whiteinge is intrigued and subscribes to RandalSchwartz's newsletter
19:56 Ryan_Lane heh, well there's always salt-ssh to fix salt-minion/master when it's having issues
19:56 jcockhren metasalt?
19:57 timoguin yea i was a googlin'...
19:57 RandalSchwartz heh
19:57 nkuttler only result 404s for me
19:57 mgw How could I limit access to a certain directory on the salt file server?
19:57 whiteinge jraby: workaround: http://paste.fedoraproject.org/102217/18384314
19:57 Ryan_Lane !metasalt
19:57 wm-bot4 such joke. much wow.
19:58 claytonk does salt-ssh use the salt:// protocol or can the salt-ssh package contain the files?
19:58 mgw Specifically, I want to use gitfs to provide yaml for a custom ext pillar
20:00 vejdmn joined #salt
20:01 kober So with the top.sls file (which I believe is the first file I should create), it seems like salt assume /srv/salt directory.  Is it bad practice to use the -c command a lot?
20:01 kober I want to store these files in git, so I think I'll always just clone and then salt-ssh -c <dir>
20:02 bud If anyone has time I have pasted the Salt Cloud configuration I use at the moment and the lxc provider and map - http://pastebin.com/9ZPACSig.
20:03 vbabiy joined #salt
20:03 rogst joined #salt
20:06 whiteinge kober: feel free to create /srv/salt. it won't be created by default. using -c is fine (i use it daily). of course, i'd suggest avoiding -c and salt-ssh until you get through a couple more turorials
20:07 HeadAIX_ joined #salt
20:08 nkuttler i have plenty of -c aliases in my working dirs
20:09 kober Yeah, looks like salt-ssh might be broken in the most recent release from the PPA, its trying to use zmq without importing it
20:09 Outlander joined #salt
20:09 kober "NameError: global name 'zmq' is not defined"
20:09 jcockhren salt-ssh uses zmq?
20:10 Corey jcockhren: No.
20:10 Corey Er.. I see.
20:10 Corey YEah, that's interesting.
20:10 ashw7n joined #salt
20:10 jcockhren yeah.
20:11 kober Seems like it does
20:11 kober http://paste.ofcode.org/JdPtKHVvENacFiSijeGtQA
20:13 Ryan_Lane joined #salt
20:13 whiteinge that's a bug. i believe it's been fixed
20:14 kober I'm using the PPA with version 2014.1.3
20:15 whiteinge salt-ssh has seen a lot of attention in the last two weeks or so. the version that will ship with helium should be much improved
20:15 utz joined #salt
20:16 kober ok, so if I want to use salt in the current state, I have to run some type of provisioning system to get the minion installed first?
20:16 XenophonF basically
20:16 XenophonF you have to bootstrap salt somehow
20:17 kober Yeah, I was hoping to bootstrap the server with salt-ssh
20:17 XenophonF i haven't tried that yet
20:21 eliasp XenophonF + kober: you know about: https://github.com/saltstack/salt-bootstrap
20:21 kober Yeah, I just don't want to have to have two systems for setting things up.   I could use ansible to install the minion and then use salt for the rest but seems like a round about way to get there
20:21 XenophonF I do know about salt-bootstrap
20:22 kober eliasp: I don't think that is the same thing.  What I have is a raw VM with a clean install.  Now I want to remotely manage and configure it
20:22 kober eliasp: but it doesn't seem like salt has something for that yet, it looks like I first have to manually ssh in, add the ppa, install the minion, and then it is ready for me to work on
20:23 XenophonF kober: that's what salt-bootstrap can do for you
20:23 kober eliasp: I would like to automate the preparation of the ppa and salt-minion install over ssh
20:23 eliasp kober: no, you should be able to launch trigger 'salt-bootstrap' via salt-ssh
20:24 XenophonF kober: wouldn't it be better to come up with a VM template that has salt pre-installed?
20:24 XenophonF that's the approach i'm taking
20:25 * eliasp doesn't like any type of image… that's usually just a huge binary-blob which goes stale rather fast
20:25 kober XenophonF: Yeah, that might make sense, I don't know how to make a VM template
20:25 kober the bootstrap thing sounds like it might be what I want once salt-ssh is functional
20:26 eliasp XenophonF: then I'd rather use an installer-script (Debian: FAI, RedHat: Anaconda, …) to prepare the bare-metal installation
20:26 XenophonF sure, absolutely
20:26 eliasp XenophonF: images just take a lot of storage and are a PITA to manage
20:26 XenophonF i tend to generate an image from an automated install
20:26 XenophonF that way i don't have to wait for the O/S to lay itself down
20:26 XenophonF but i can refresh the template quickly
20:27 kober So would it be better to downgrade to 0.17.5 so that I can use salt-ssh + bootstrap?
20:27 XenophonF definitely one of those more-than-one-way-to-do-it scenarios
20:27 XenophonF sorry kober, not following you, why is a downgrade necessary?
20:27 kober XenophonF: salt-ssh can't be launched in 2014.1.3
20:27 kober XenophonF: It has some runtime errors because of missing import statements
20:28 XenophonF well that's a bummer
20:28 XenophonF can you upgrade to 2014.1.4?
20:29 XenophonF i guess that's a silly question
20:29 mpanetta joined #salt
20:30 kober http://ppa.launchpad.net/saltstack/salt/ubuntu/pool/main/s/salt/  2014.1.3  is all I see there
20:30 kober Looks like .4 is on pypi though
20:31 kober I'll kill the apt installed package and try using a virtualenv + pip
20:31 XenophonF that stinks
20:32 XenophonF i'm going to create a debian vm real quick
20:32 kober Yeah, I might be trying to adopt salt a little too early in its stages, but I saw a few videos on it and it seemed pretty clean
20:32 XenophonF i have salt 2014.1.4 on my master (FreeBSD)
20:32 kober just a little rough around the edges
20:32 XenophonF let me see if i can get salt-ssh/salt-bootstrap working
20:36 aw110f for state sls files, do you need to indent when using jinja that have nested conditionals or loops?
20:37 aw110f https://gist.github.com/wongster80/dab98d35fb004d5d705f
20:37 aw110f Salt spits out: Jinja syntax error: unknown tag 'endif';
20:38 mgw is there any way a minion in 'base' saltenv could gain access to a file in another saltenv?
20:39 jrdx joined #salt
20:41 perfectsine joined #salt
20:43 JordanRinke Anyone use the salt-api?
20:43 jcockhren o/
20:44 whiteinge Ahem. I think you mean "The salt-api".
20:44 JordanRinke aw110f: does that if syntax work? I use grains['variable'] == 'whatever' with nests and no indents and it works for me
20:45 tristianc joined #salt
20:45 eliasp ok, that's going to be fun now… fixing 'test=True' for file.recurse… ETA: 6h :)
20:45 linuxlew_ joined #salt
20:45 anuvrat joined #salt
20:46 whiteinge neat
20:46 * whiteinge gives eliasp drinks and snacks to take on his long journey
20:46 JordanRinke jcockhren: you running the cherrypy version or wsgi in uwsgi or something?
20:47 whiteinge don't use the rest_wsgi module. it was a POC and needs to be pulled out
20:47 eliasp whiteinge: thanks ;)
20:48 kober .4 does seem to have the salt-ssh bug fixed
20:48 JordanRinke bah damnit I dont want to run cherrypy
20:48 XenophonF ah glad to hear it kober
20:48 whiteinge JordanRinke: you don't need to run the python server. it's just a regular wsgi app
20:48 kober Next problem: salt-ssh -c . '*' test.ping   gives the error: OSError: [Errno 13] Permission denied: '/etc/salt/pki/master/ssh'
20:49 kober I thought the -c was supposed to make it use my dir instead of /etc/salt
20:49 whiteinge JordanRinke: the python server is just one deployment option. if you have an existing server, use it instead
20:49 kober I guess thats just for the state files and not the pki files?
20:50 JordanRinke whiteinge: yeah, I am reading source/doc right now - wasn't sure how tightly it was integrated to cherrypy framework
20:50 bud Has anybody used salt-cloud from develop with lxc provider?
20:50 JordanRinke by default I would have looked at the wsgi one and skipped the cherrypy one all together
20:50 whiteinge JordanRinke: http://salt-api.readthedocs.org/en/latest/ref/netapis/all/saltapi.netapi.rest_cherrypy.html#deployment
20:51 JordanRinke yeah, im reading it now that I know the cherrypy stuff is the standard/well working
20:51 jcockhren JordanRinke: apparently I'm using rest_wsgi
20:51 whiteinge i am going to remove the rest_wsgi module during the merge to salt-core. it's a distraction
20:51 renoirb joined #salt
20:52 JordanRinke 8 byte token... whhaatt is that
20:53 kober Yeah, the docs say -c should make it so I can run without being root: http://docs.saltstack.com/en/latest/topics/ssh/#running-salt-ssh-as-non-root-user
20:53 whiteinge jcockhren: ooc what server do you run it with?
20:54 __hudson__ joined #salt
20:55 jcockhren whiteinge: nginx
20:56 jimklo joined #salt
20:56 vejdmn joined #salt
20:56 abele joined #salt
20:57 whiteinge jcockhren: fyi, i'll move that module into salt-contrib during the merge to salt-core. it won't disappear on you
20:57 nkuttler kober: doesn't seem to work for me either, it's looking in /etc/salt/pki/master/ssh
20:58 kober nkuttler: Yeah, thats the permission problem I'm getting
20:58 JordanRinke oohhh ok, just read the mk_auth stuff, looks like it actually makes a proper 32 digit hash - just isn't reflected in doc
20:58 JordanRinke err auth.mk_token, not mk_auth
20:58 kober I was thinking I might have to create a configuration file to tell it to look somewhere else, but since it is ignoring -c I don't know if that will be possible
20:59 XenophonF left #salt
20:59 kober and I'd prefer not hardcoding paths in the config
20:59 JordanRinke jcockhren: so what kind of things are you doing with the api?
20:59 ndrei joined #salt
21:00 savvy-lizard joined #salt
21:00 jcockhren JordanRinke: deployments largely
21:00 travisfischer joined #salt
21:01 budrose joined #salt
21:01 jcockhren gitlab to gitlab-ci. On passing tests, deploys in production
21:01 jcockhren s/in/to
21:01 JordanRinke oh nice, I was looking at running gitlab locally for some of our stuff as well
21:01 JordanRinke how you liking that?
21:01 HeadAIX joined #salt
21:03 whiteinge jcockhren: fyi, if you ever switch to the rest_cherrypy module the /run URL is identical to the rest_wsgi / URL. (i get that no-deps is a draw though)
21:04 jcockhren JordanRinke: I use gitlab for private repos. I works well and the monthly update are smooth (every 22nd of every month)
21:06 jcockhren whiteinge: should I be using the rest_cherrypy module?
21:06 whiteinge not if it's working for you and you don't have any reason to switch :)
21:07 whiteinge *any other reason
21:08 jimklo joined #salt
21:09 repl1cant so wait, rest_wsgi is going away? I was using it because the cherry api didn't give me all the functionality i wanted
21:09 repl1cant i also got it working fine under lighttpd w/ssl
21:09 timoguin he's moving it to the salt-contrib repo
21:10 repl1cant ah, k
21:11 anuvrat joined #salt
21:11 whiteinge repl1cant: what functionality were you looking for?
21:12 JordanRinke any way to auth a minion via the api? I don't see anything related to it - curious if anyone is doing that programatically
21:13 whiteinge !wheel.key.accept | JordanRinke
21:13 wm-bot4 JordanRinke: http://docs.saltstack.com/en/latest/ref/wheel/all/salt.wheel.key.html#salt.wheel.key.accept
21:13 RandalSchwartz at one point, I believed I could issue "salt" commands on any minion and it would just work
21:13 RandalSchwartz but I think it required a config change
21:13 RandalSchwartz can't seem to find that now
21:14 whiteinge RandalSchwartz: salt-call you mean?
21:14 RandalSchwartz no... I mean being able to say "salt \* test.ping" on any one of the minions as well.
21:14 RandalSchwartz having it act like I was on the master
21:15 eliasp RandalSchwartz: you're probably looking for 'peers'?
21:15 RandalSchwartz ok
21:15 eliasp RandalSchwartz: http://docs.saltstack.com/en/latest/ref/peer.html
21:16 RandalSchwartz no - this doesn't look like what I was doing
21:16 whiteinge peer is the only way to directly run a command on other minions from a minion.
21:16 RandalSchwartz I was able to actually just type normal salt commands anywhere, and it worked.
21:16 repl1cant whiteinge: I'm running multiple salt masters behind a VIP so the token funtionailty wouldn't work for me.
21:16 RandalSchwartz maybe that functionality was removed
21:16 repl1cant I forget why everything at /run wouldn't work but I figured running the cherry_py was just overkill for what I wanted, which was direct access to the salt api
21:16 RandalSchwartz the minion would do it by pushing a request to the salt-master, of course
21:17 JordanRinke repl1cant: looking at mk_token... tokens are written to file, you could rsync the tokens dir
21:18 whiteinge RandalSchwartz: you can collect data from other minions via Salt Mine. that's the only other thing i can think of that sounds familiar
21:18 repl1cant JordanRinke: hrm, or say a nfs share? i'm already doing that for keys w/multiple masters
21:18 whiteinge s/familiar/similar
21:18 eliasp RandalSchwartz: try putting "interface: your.salt.master.tld" in your "~/.salt" (has changed to something like ~/.config/salt... recently) on a minion and you should be able to do this again
21:18 aw110f JordanRinke: I tried the way you reference grains['variable'] == 'value', still complains about endif
21:19 JordanRinke shoot me that gist again?
21:19 whiteinge repl1cant: hm. /run should work for that. i'd be interested to know what it was if you remmeber. in any case no worries, the rest_wsgi module will live in salt-contrib if you'd prefer to stick with it
21:19 eliasp RandalSchwartz: I have my salt-shell separated from the master here as well, running both in separated Docker containers and so I'm able to spawn as many salt-shells as I want which then connect to the master
21:20 eliasp RandalSchwartz: regarding the location of ~/.salt: https://github.com/saltstack/salt/pull/12709
21:20 repl1cant whiteinge: it's been at least a month since i decided to go with it and that memory has already been purged ;-)
21:20 * whiteinge nods
21:20 swissknife joined #salt
21:21 aw110f I made it simpler over here https://gist.github.com/wongster80/233fed9ae698f2d08c6f and using a grain that is a key : value intead of a key : list
21:21 eliasp RandalSchwartz: for 2014.1.3 "~/.salt" still works
21:22 wendall911 joined #salt
21:22 eliasp RandalSchwartz: see also: https://github.com/saltstack/salt/issues/8009#issuecomment-26766199
21:23 gldnspud joined #salt
21:23 taterbase joined #salt
21:23 scalability-junk joined #salt
21:24 timoguin well... that info could help with my doc ticket about documenting ~/.salt
21:24 timoguin https://github.com/saltstack/salt/issues/11589
21:24 wiqd_ joined #salt
21:24 timoguin so it's just a config dir you point your minion to?
21:24 RandalSchwartz yeah, I guess publish.publish was it
21:24 slav0nic joined #salt
21:24 slav0nic joined #salt
21:25 simonmcc joined #salt
21:25 gamingrobot joined #salt
21:25 abele joined #salt
21:26 copelco joined #salt
21:26 CaptTofu joined #salt
21:26 kryss joined #salt
21:26 rcsheets joined #salt
21:26 aw110f JordanRinke: https://gist.github.com/wongster80/233fed9ae698f2d08c6f in case you missed it and thanks for the feedback by the way
21:27 goki joined #salt
21:28 JordanRinke aw110f: yeah that looks fine to me - what error are you getting again? I am curious if DFS_NAME_DIRS is actually getting populated as well.
21:28 n8n joined #salt
21:28 octarine joined #salt
21:28 JordanRinke it almost looks like line 10 and 11 should have their comment out swapped?
21:28 mihait joined #salt
21:29 aw110f Rendering SLS "dev:hadoop-config" failed: Jinja syntax error: unknown tag 'endif'; line 55, which references the last endif
21:29 whiteinge ah, it's the yaml-style comment for the first for-loop
21:29 kryss Hello! I'm reading a salt docs and not considering how to create a state which allow me to apply same variables to client-server backup solution (bacula), can you give me an advise?
21:29 whiteinge jinja will ignore the yaml comments
21:29 modafinil_ joined #salt
21:29 aw110f i have {% set DFS_NAME_DIRS = ['/home/hadoop', '/home/hadoop/image', '/mnt/hadoop-namenode'] %}
21:29 akoumjian joined #salt
21:30 JordanRinke yeah, the prob with jinja is it falls through, so the error it is reporting might not be the actual problem
21:30 JordanRinke notice what whiteinge said about the new comments though
21:30 munhitsu_ joined #salt
21:30 whiteinge aw110f: use jinja comments to comment out jinja constructs  {# ... #}
21:30 JordanRinke whiteinge: I believe he had the same error before commenting out those sections for testing
21:30 JonGretar joined #salt
21:31 whiteinge hm
21:31 JordanRinke *believe*
21:31 * whiteinge nods :)
21:31 thunderbolt joined #salt
21:31 sinenitore joined #salt
21:31 whiteinge aw110f: if that isn't it, pastebin the original version? i have a shell open to test locally
21:33 kober so if I pass --priv  it skips the permission problem for the pki folder but then I get permission problem on cache_dir
21:33 kober are none of those keyed off of the conf dir passed in -c?
21:33 kober and with a user/passwd set in my config, should it even be trying to look at the pki dir?
21:34 slav0nic joined #salt
21:34 slav0nic joined #salt
21:35 aw110f instead of trying the jinja style comments I simply removed the comments and it ran, but I think the way i was commenting the jinja constructs might have been what broke it
21:36 aw110f Thanks a bunch whiteinge: and JordanRinke:
21:37 jcockhren can't reactors live in gitfs backends? maybe a '_reactors' subdirectory?
21:37 kober am I trying to do extremely abnormal things or is salt just not very stable currently?  Everything I've tried has broke and all I want to do is put a text file on a remote server
21:37 jcockhren s/can't/can
21:37 RandalSchwartz will pkg.latest stop/start an associated service?
21:38 kober Do people just always provision their servers with some other system like ansible or pxe first, and then run everything as root?  Because both of those seem odd to me
21:38 eliasp jcockhren: according to the docs this doesn't seem to be supported yet: http://docs.saltstack.com/en/latest/ref/file_server/dynamic-modules.html
21:38 RandalSchwartz oh - probably if I use watch instead of require
21:39 jcockhren kober: I use salt-cloud to spin up the things
21:39 whiteinge jcockhren: you can put the .sls files anywhere but the only place for the config that maps event tags to sls files is in the master config
21:39 whiteinge (it would be awesome to be able to put that elsewhere though -- and not have to restart the master)
21:40 jcockhren whiteinge: In the reactor config, how would I point to an sls reactor file is it lives in a repo pulled with gitfs backend?
21:40 kober jcockhren: I'm just trying to copy a file from a directory to a clean ubuntu VM I created with virt-manager
21:41 whiteinge kober: you're going off the beaten path a bit. there are many ways to bootstrap salt on a new machine. i'd suggest installing via packages manually on the master and minion so you can play around a bit first though.
21:41 jcockhren /var/cache/salt...?
21:41 ipmb joined #salt
21:41 whiteinge kober: salt-ssh is beta at best on the version you're running. it will be ready in the next salt release
21:42 fivethreeo cloud-init has a salt module
21:42 kober whiteinge: yeah, I just want to bootstrap my server with salt itself
21:42 whiteinge jcockhren: ah, i see what you mean. yeah, you'd have to point to the cache dir :-/
21:43 kermit joined #salt
21:43 whiteinge jcockhren: file a ticket? it would be nice to have that fully supported
21:43 jcockhren cool
21:43 kober whiteinge: If I have manual steps then it isn't really giving me any benefits, since I can provision a clean server with fabric and ansible
21:43 kober whiteinge: without any manual steps
21:43 fivethreeo https://github.com/number5/cloud-init/blob/master/cloudinit/config/cc_salt_minion.py
21:44 kober I guess I'm confused at why bootstrapping a server with salt is off the beaten path
21:44 jcockhren kober: it depends on how you spent up the server it seems
21:44 kober I don't mind not using salt-ssh, but how do I get it bootstrapped without it?
21:45 kober jcockhren: Grabbed an iso, installed it on a server
21:45 kober jcockhren: I'm at the basics here, not trying anything crazy
21:45 jcockhren kober: my use case is using cloud providers. salt-cloud uses their APIs and boostraps it from there
21:46 ecdhe has anyone salted their raspberry pi?
21:46 gq45uaethdj26jw6 left #salt
21:47 jcockhren kober: there's a boostrap script that can be used for setting up salt initially (I think salt-cloud uses the same script)
21:47 jcockhren bootstrap*
21:47 AdamSewell joined #salt
21:47 kober jcockhren: We have bare metal machines that we install on, we want to move to Rackspace but we want to have our existing stuff automated first, so then we can push to either place
21:47 kober jcockhren: yeah, from what I saw, I needed to run that bootstrap script via salt-ssh
21:47 jcockhren kober: not actually
21:47 timoguin kober: or you can just run it over plain SSH
21:48 timoguin it's just a bash script
21:48 jcockhren ^
21:48 timoguin a POSIX script, actually
21:48 jcockhren https://github.com/saltstack/salt-bootstrap
21:48 jcockhren kober: ^
21:48 eliasp timoguin: with a '#!/bin/POSIX' shebang? ;)
21:49 RandalSchwartz is there a {{ }} that will expand to something like salt://path/to/thisfile
21:49 RandalSchwartz I'd really like to include that in my templates
21:50 RandalSchwartz I stared at the jinja runner the other day, but it has too much python for me to understand :)
21:52 RandalSchwartz can I merge -require: \n - pkg: tmux \n - pkg: zsh   somehow?
21:52 RandalSchwartz like with a list or something?
21:53 kober jcockhren: timoguin Ok, I'll try that, but seems like an odd approach to prefer running a curl command that runs a bash script as root, rather than just having salt-ssh be able to run a single apt-get install command to get the minion
21:53 cewood joined #salt
21:53 jcockhren kober: I misunderstand, I thought you wanted a way to bootstrap a bare metal machine without salt-ssh?
21:53 jcockhren without using*
21:54 jcockhren b/c salt can salt itself
21:54 kober jcockhren: I just want to get a minion on a server, I thought the correct route was salt-ssh but it doesn't seem to work at all right now
21:54 kober jcockhren: so just trying to find out what everyone uses to do this
21:55 whiteinge kober: the bootstrap script just just some platform detection then calls to the underlying package manager.
21:55 kober If curling a bash script is more common than using built-in salt commands, I will live with it, but it seems fairly dirty when the whole point of salt is to be able to remotely execute commands
21:56 whiteinge a salt-builtin way to run the bootstrap script is via: ``salt-run manage.bootstrap hosts="someuser@somehost"``
21:56 eliasp kober: if you don't trust the curl/sh combination, simply store teh script locally and push it to the hosts
21:56 kober I'd rather just current a top file that says pkg.install salt-minion
21:56 kober just create*
21:56 eliasp kober: see whiteinge's suggestion…
21:57 whiteinge that wraps calling ssh for you, then invokes the bootstrap script, which invokes apt
21:57 jcockhren did salt-ssh break or something? b/c what kober is saying was possible in 0.17+
21:57 whiteinge yeah, it broke
21:58 jcockhren aahh. ok. now I'm caught up
21:58 jcockhren haha
21:58 whiteinge will be fixed in helium :-P
21:59 kober Ok, I think my underlying problems are probably all wrapped up in the same bug, because if I try to make my local machine a master so that salt-run can work:   salt-master -c   gives me permission errors for /etc/salt as well
21:59 fivethreeo this should bootstrap salt in trusty using user-data in cloud init, https://gist.github.com/fivethreeo/0dfdd7199d8aae69851d
22:00 kober which was the same problem salt-ssh was having, I had to pass --priv even though I was trying to use username/pass not keyauth
22:00 whiteinge RandalSchwartz: (re: jinja) you can make variables for salt-paths. there isn't an automatic jinja thing to fetch files via salt paths. what's your end-goal there? i can speak more specifically
22:01 whiteinge RandalSchwartz: (re: combining require list items) no. there's just the one syntax for those list items
22:01 kober and salt-run doesn't seem to want to work without a master because it says:  [CRITICAL] Salt configured to run as user "root" but unable to switch.
22:01 timoguin salt-run is intended to only run on a master. runners are master-side scripts.
22:02 kober But I can't run a master without root?
22:02 timoguin you can. by default it runs as root.
22:02 timoguin which i don't like.
22:02 whiteinge kober: if you're setting up a full multi-host master and minion setup salt must be run as root on the minion and usually runs as root on the master
22:03 whiteinge timoguin is documenting all the good ways to run the master as non-root :)
22:03 timoguin http://docs.saltstack.com/en/latest/ref/configuration/nonroot.html
22:03 kober whiteinge: Yeah, I plan on running the minions as root, but see no reason to run master as root
22:03 timoguin lol, trying to at least
22:03 kober Especially because currently I'm running salt-master from pip, so I created a virtualenv for it
22:03 kober because the PPA is outdated compared to pypi
22:04 DaveQB joined #salt
22:04 kober but I guess that is a moot point now, since salt-ssh only made it one step further in .4 than in .3
22:04 RandalSchwartz thanks whiteinge
22:04 kober so I can probably go back to using .3 from PPA
22:05 jcockhren https://github.com/saltstack/salt/issues/12827
22:05 kober I should probably start taking notes on how to get started with salt, the quickstart guide didn't cover any of this
22:05 jcockhren whiteinge: ^
22:05 kober I would prefer to run masterless
22:06 kober So that devs could clone the config repo and run the commands on our servers
22:06 kober and so that it could be used to setup dev systems on vagrant
22:06 timoguin kober: did you see the masterless tutorial?
22:06 whiteinge kober: you're exactly the audience we're hoping to improve things for over the next weeks: https://github.com/saltstack/salt/issues/12446
22:06 forrest when is the documenation sprint anyways?
22:06 whiteinge tuesday
22:07 forrest tuesday ->?
22:07 whiteinge and another sometime in june
22:07 forrest oh just tuesday
22:07 forrest did you guys get any spaces set up?
22:07 whiteinge yeah, the 20th
22:07 whiteinge this one is virtual. the one in june will have physical locations
22:07 forrest cool
22:07 kober timoguin: Yeah, I got stuck on the very first step, trying to automate the bootstrap process of the minion
22:07 forrest I don't know if I'll be able to get Tuesday off
22:07 forrest might pop in in the evening
22:07 * whiteinge nods
22:08 timoguin same
22:08 whiteinge i'll be around most that day
22:08 forrest cool
22:08 CeBe left #salt
22:08 gothix joined #salt
22:08 kober timoguin: http://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html#bootstrap-salt-minion   wants me to do the curl command, I was hoping to be able to automate that via salt-ssh/salt-run/something
22:09 kober I don't want manual steps as part of the process for getting a server running
22:09 kober I was hoping the steps would be apt-get install salt-ssh,   git clone <config_repo>  salt-ssh -c . state.highstate     and be done
22:09 forrest whiteinge, what sort of requirements are there for the physical spaces in June?
22:09 whiteinge tbd
22:10 forrest ok, can you let me know? I might try to see if the company I work for wants to sponsor one here in Seattle
22:10 forrest if there isn't already a space
22:10 forrest documentation again in June right?
22:10 whiteinge forrest: bam! nice
22:10 whiteinge right
22:10 forrest cool
22:12 whiteinge kober: salt-run manage.bootstrap is that. it doesn't require a running daemon. just run it as root
22:12 whiteinge it just wraps ssh
22:12 jcockhren https://github.com/saltstack/salt/pull/12825 paired with https://github.com/saltstack/salt/pull/12620
22:13 jcockhren is gonna be awesome
22:13 whiteinge ooh
22:20 jcockhren I think the docs are done
22:22 tligda joined #salt
22:26 meteorfo_ joined #salt
22:26 meteorfo_ joined #salt
22:27 kballou joined #salt
22:27 diegows joined #salt
22:29 linuxlewis joined #salt
22:31 bhosmer joined #salt
22:34 eliasp meh, I can make my minion "hang" endlessly processing
22:34 eliasp salt MN1221-C0001 cmd.run "salt-call -c 'c:\salt\conf' -l debug state.single file.recurse name='C:\MaxQuant\' source='salt://win/repo/maxquant/' clean=True test=True"
22:35 eliasp let's see if the same happens when executing it directly on it (not through cmd.run)
22:35 ircleuser joined #salt
22:35 AdamSewell joined #salt
22:37 atomic_punk joined #salt
22:37 jbirdman joined #salt
22:38 RandalSchwartz whiteinge... I'd like to have ## this file is in salt at {{ somevar }} in my installed file
22:38 RandalSchwartz so that if I move it around, I don't have to remember to update that
22:38 RandalSchwartz or so I can just copy and paste for a new template :)
22:41 whiteinge there's the {{ sls }} variable which contains the salt path to the current sls file. i'm not sure that's what you're looking for though -- i don't quite see the full picture
22:41 RandalSchwartz yeah - that's perfect
22:41 RandalSchwartz No - not quite
22:41 whiteinge it doesn't have the salt:// prefix
22:41 RandalSchwartz I want the name of the file being templated
22:42 RandalSchwartz if I have salt://foo/thingy.jinja
22:42 RandalSchwartz I'd like it to say "/foo/thingy.jinja" at least
22:43 forrest why not just put that data in pillar?
22:43 RandalSchwartz uh what?
22:43 RandalSchwartz I'm trying to inform a reader of the file that this file is managed by salt, and it's ====>  over there
22:43 RandalSchwartz it's for humans
22:44 whiteinge oh, this is for a file.managed template
22:44 * whiteinge is catching up
22:44 RandalSchwartz yeah
22:44 forrest hm, maybe I am not understanding. What I meant was set the value in pillar, then reference it in the template with salt['pllar.get']('my_var')
22:44 RandalSchwartz see I'm already adding: "## this file is managed by salt... do not edit"
22:44 forrest ok
22:44 RandalSchwartz but I'd rather make that "## this file is managed by salt at {{ somevar }}"
22:45 RandalSchwartz without having to figure out where the hell I am under states/ :)
22:45 whiteinge i think we can make a pattern like that
22:45 * whiteinge tests
22:46 manfred does it not already have that?
22:46 manfred maybe not in the jinja file...
22:46 RandalSchwartz if it does, what's the varname? :)
22:46 manfred that is what i am about to go look for
22:47 ipalreadytaken joined #salt
22:48 manfred i know it has __sls__ which is the state file
22:48 manfred or at least that is in the low state data
22:48 whiteinge worst case: you can just pass that variable manually in the file.managed state via the context arg
22:49 AdamSewell joined #salt
22:49 RandalSchwartz yeah - but that means I have to type it somewhere else then
22:49 RandalSchwartz might as well have an emacs macro that can install it :)
22:49 RandalSchwartz I'm sure some part of the system knows what jinja source it is
22:51 manfred hrm, undefined
22:52 mateocon_ joined #salt
22:54 whiteinge oh! the args in file.managed are already in the jinja context
22:54 whiteinge RandalSchwartz: just use {{ source }}
22:54 RandalSchwartz aha!
22:54 manfred and {{ sls }} is the state
22:54 manfred yeah
22:54 manfred boo, that only works in the state file though
22:55 RandalSchwartz yes ... {{ source }} worked perfectly!  thank you
22:55 RandalSchwartz now to go edit all my other files
22:56 n8n joined #salt
22:56 RandalSchwartz ## this file is managed by salt at {{ source }} - do not edit!
22:58 faldridg_ joined #salt
22:58 alunduil joined #salt
23:03 savvy-lizzard joined #salt
23:03 Outlander joined #salt
23:03 kermit joined #salt
23:07 to_json joined #salt
23:07 conan_the_destro joined #salt
23:09 RandalSchwartz note to self: it's "template", not "tempate" :)
23:10 druonysuse joined #salt
23:10 druonysuse joined #salt
23:10 faldridge joined #salt
23:11 jbirdman joined #salt
23:13 manfred nice
23:14 manfred xfer: incoming file from Googled (0.0.0.0, irc.manfred), name: VIRUS.EXE_199, 125 bytes (protocol: dcc)
23:14 manfred xfer: file VIRUS.EXE_199 received from Googled (0.0.0.0): FAILED
23:14 manfred seems legit
23:14 faldridge joined #salt
23:15 viq joined #salt
23:16 swebb joined #salt
23:16 dimeshake RandalSchwartz very much enjoyed the llama book. just wanted to say thanks!
23:16 meteorfox joined #salt
23:16 cruatta joined #salt
23:16 RandalSchwartz you're most welcome
23:17 schimmy joined #salt
23:17 RandalSchwartz a bestseller, but one would never be able to make a living from that :)
23:17 RandalSchwartz tech books don't work that way
23:17 dimeshake right. lends a lot to the credibility department for consulting etc, though I'm sure
23:18 RandalSchwartz indeed
23:18 elfixit joined #salt
23:19 timoguin a book about llamas?
23:19 dimeshake well... sorta ;)
23:20 HeadAIX joined #salt
23:20 dimeshake O'Reilly publication on perl
23:21 JeroenH_ joined #salt
23:22 smcquay joined #salt
23:24 JeroenH_ joined #salt
23:25 TyrfingMjolnir joined #salt
23:26 AdamSewell joined #salt
23:26 JeroenH_ joined #salt
23:27 MBroadhead joined #salt
23:27 JeroenH_ joined #salt
23:32 dccc joined #salt
23:33 mateoconfeugo joined #salt
23:36 frasergr_ joined #salt
23:36 TyrfingMjolnir joined #salt
23:37 orbit_darren joined #salt
23:40 andrej joined #salt
23:41 TyrfingMjolnir joined #salt
23:44 ashw7n joined #salt
23:47 sgviking joined #salt
23:52 Outlander_ joined #salt
23:53 aw110f how can i match by regex in a jinja if statement?
23:53 aw110f {% if 'publisher_payment_qa-*' in grains['NODEGROUPS'] %}
23:58 tligda joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary