Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-07-07

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 otter768 joined #salt
00:04 jalbretsen joined #salt
00:05 dccc joined #salt
00:17 xDamox Has anyone tried salt-cloud with the vsphere provider?
00:23 xDamox joined #salt
00:25 Shenril joined #salt
00:27 dccc joined #salt
00:31 flebel joined #salt
00:51 yomilk joined #salt
00:54 gzcwnk is there away to do a test ie I want to see what output a grain has, specificially osrelease
00:54 dccc joined #salt
00:57 gzcwnk n/m found it....salt vuwunicopatch02 grains.item os osrelease oscodename
01:02 bhosmer joined #salt
01:02 jv115 joined #salt
01:04 jv115 left #salt
01:07 oz_akan_ joined #salt
01:22 dccc joined #salt
01:25 jv115 joined #salt
01:26 jv115 left #salt
01:27 jv115 joined #salt
01:32 garthk joined #salt
01:33 jv115 joined #salt
01:33 jv115 left #salt
01:49 dccc joined #salt
01:54 davet1 joined #salt
01:56 elfixit1 joined #salt
01:58 davet2 joined #salt
01:59 bhosmer joined #salt
02:02 davet joined #salt
02:05 bchung joined #salt
02:07 otter768 joined #salt
02:09 davet1 joined #salt
02:10 ccase joined #salt
02:11 dccc joined #salt
02:12 mogman1 joined #salt
02:25 mogman1 I'm wondering if anyone can help me out.  I'm trying to spin up a new minion on EC2 using salt-cloud and then manage it, but I'm running into problems with the minion and master not communicating.
02:26 mogman1 I can successfully create the instance, the master even receives the minion's key successfully.  But after that, the minion always shows as "down" and I'm about out of ideas on where to look for what's going wrong.
02:29 mogman1 What's bizarre is that according to the minion log, it successfully responds to a single 'test.ping' request from the master as a part of the initialization process.  But after that, it never responds to commands.
02:30 jv115 joined #salt
02:31 jalaziz joined #salt
02:40 krow joined #salt
02:41 dccc joined #salt
02:41 mogman1 An oddity I'm noticing in the salt-minion log is that it is logging the output to 'iptables --help' for any command I seem to run locally.
02:56 jv115 left #salt
02:57 ramishra joined #salt
02:59 fllr joined #salt
03:05 ml_1 joined #salt
03:10 dccc joined #salt
03:13 Ryan_Lane joined #salt
03:14 yomilk joined #salt
03:16 bhosmer joined #salt
03:17 chongzhi joined #salt
03:17 chongzhi hello
03:19 yetAnotherZero joined #salt
03:21 chongzhi i have a problem that transfer file by saltstack very slow .any  suggest thx~
03:26 lust joined #salt
03:28 mateoconfeugo joined #salt
03:30 jv115 joined #salt
03:33 zain_ joined #salt
03:33 mateoconfeugo joined #salt
03:34 mateoconfeugo joined #salt
03:36 dccc joined #salt
03:40 Voziv joined #salt
03:44 mgw joined #salt
03:45 catpigger joined #salt
03:53 malinoff joined #salt
03:55 mosen joined #salt
03:59 aqua^^ joined #salt
04:02 dccc joined #salt
04:03 NV joined #salt
04:04 jeddi joined #salt
04:04 joehh joined #salt
04:20 jv115 joined #salt
04:24 dude051 joined #salt
04:28 dccc joined #salt
04:41 yomilk joined #salt
04:43 jv115 joined #salt
04:49 zain_ joined #salt
04:54 dccc joined #salt
04:56 felskrone joined #salt
04:57 NV joined #salt
04:59 yomilk joined #salt
05:01 jnials joined #salt
05:04 bhosmer joined #salt
05:04 yomilk_ joined #salt
05:09 krow joined #salt
05:10 jv115 left #salt
05:10 zain_ joined #salt
05:11 schimmy joined #salt
05:17 dccc joined #salt
05:21 jv115 joined #salt
05:21 jv115 left #salt
05:26 zain_ joined #salt
05:26 therealGent joined #salt
05:29 jnials joined #salt
05:29 m____s joined #salt
05:32 ramteid joined #salt
05:32 dude051 joined #salt
05:34 taterbase joined #salt
05:40 yomilk joined #salt
05:42 dccc joined #salt
05:46 zain_ joined #salt
05:55 krow joined #salt
05:57 picker joined #salt
06:06 jnials joined #salt
06:06 yomilk joined #salt
06:08 dccc joined #salt
06:10 yomilk joined #salt
06:12 chiui joined #salt
06:19 ajw0100 joined #salt
06:28 ramishra_ joined #salt
06:30 fllr joined #salt
06:32 bhosmer joined #salt
06:34 dccc joined #salt
06:37 mgw joined #salt
06:51 patrek joined #salt
06:52 bhosmer joined #salt
07:00 fllr joined #salt
07:00 dccc joined #salt
07:03 ml_1 joined #salt
07:16 Kenzor joined #salt
07:18 ndrei joined #salt
07:26 dccc joined #salt
07:30 martoss joined #salt
07:31 fllr joined #salt
07:32 martoss1 joined #salt
07:32 _fllr_ joined #salt
07:38 slav0nic joined #salt
07:39 alanpearce joined #salt
07:48 anuvrat joined #salt
07:55 felskrone joined #salt
07:58 felskrone1 joined #salt
08:04 linjan joined #salt
08:07 felskrone joined #salt
08:08 rjc joined #salt
08:11 jhauser joined #salt
08:11 darkelda joined #salt
08:12 dccc joined #salt
08:13 Miguel_london joined #salt
08:16 alanpearce joined #salt
08:19 mariusv joined #salt
08:19 mariusv joined #salt
08:23 Lomithrani joined #salt
08:24 TheThing joined #salt
08:29 felskrone1 joined #salt
08:31 fllr joined #salt
08:34 ml_11 joined #salt
08:38 ggoZ joined #salt
08:40 dccc joined #salt
08:40 bhosmer joined #salt
08:43 ndrei joined #salt
08:47 yomilk joined #salt
08:52 ramishra joined #salt
08:53 jdmf joined #salt
08:58 chiui joined #salt
09:04 TheThing joined #salt
09:05 dccc joined #salt
09:22 anuvrat joined #salt
09:24 mateoconfeugo joined #salt
09:25 alanpearce joined #salt
09:28 giantlock joined #salt
09:31 fllr joined #salt
09:33 dccc joined #salt
09:40 linjan_ joined #salt
09:47 linjan joined #salt
09:59 TheThing joined #salt
10:01 dccc joined #salt
10:02 ggoZ joined #salt
10:08 Lomithrani Where does the result of highstate got written ? Isn't it possible to tail it so we know where we are in a highstate with many states inside ?
10:13 mapet joined #salt
10:18 davidone good morning
10:20 Outlander joined #salt
10:20 mapet Hi. I would like to refer to the second IP of a system. The IP shows up in grains ipv4 as the second. How can i refer to it to? i already tried {{ grains['ipv4'](1) }} and {{ grains['ipv4'][1] }}. Is this possible? What would be the right syntax?
10:26 dccc joined #salt
10:31 fllr joined #salt
10:31 babilen mapet: I would write that in Python, but yes, that is possible.
10:32 babilen Lomithrani: I don't think that is possible. There was a discussion about this on the mailing list and you can listen to events, but that only gets you as far.
10:32 mapet i am not that experienced in python yet. maybe you can point me in the right direction.
10:33 babilen mapet: What do you *really* try to achieve? Is the "second IP" specific to one interface?
10:33 mapet we are using freebsd which names the interface after their driver
10:34 mapet as we are using different machines with different interfaces we have a mix of names
10:34 mapet so i want to use the second ipv4 address
10:34 mapet as this is fixed
10:34 mapet i want to set ip-addresses for memcached configs in rc.conf
10:35 mapet so it would like "memcached11211_default_args="-c 8192 -m 4096 -d -l {{ grains['ipv4'](1) }}"" except the bad syntax
10:35 mapet ;)
10:38 N-Mi joined #salt
10:38 babilen Okay, it is just that "second" is not a very precise definition and I wouldn't want to rely on that order in my configuration.
10:39 babilen There might be some other invariant that you can use to get the "right" IP address in order to ensure that salt doesn't break just because the IP you want is suddenly the third or there is only one or so ...
10:41 alanpearce joined #salt
10:43 giantlock joined #salt
10:43 babilen mapet: And make that "grains['ipv4'][1]"
10:46 mapet babilen: thanks. i will use this for now. as we are just starting with salt, maybe we will see if we can rename the interfaces to one standard and work with that
10:48 viq joined #salt
10:49 babilen mapet: Well, there might simply be another invariant (they might all be in the same netblock) that you can use
10:49 babilen It simply doesn't happen very often that IPs are randomly assigned and all over the place.
10:50 yomilk joined #salt
10:50 malinoff mapet, how would you find "the second IP address" manually?
10:50 malinoff I mean, without salt
10:51 mapet malinoff: it's assigned to a dedicated interface
10:51 malinoff mapet, what is a dedicated interface? Does it have a specific name?
10:53 mapet no. it's the second on this host. but as these are using different drivers on the hosts, they have different names (eg. igb, bce, bge)
10:53 malinoff mapet, there is no "second" interface
10:54 malinoff mapet, that interface may be shown after another with ifconfig, but it does not mean it is "the second"
10:54 malinoff What you're describing is named "unmanaged content"
10:54 malinoff And the resolution is simple: you can not automate unmanaged content
10:55 dccc joined #salt
10:55 malinoff You should have your own naming rules. For example, "if the interface name ends with 0, it is the main interface, if it ends with 1 it is the second, etc."
10:56 malinoff If you have naming rules, that content became "managed"
10:57 viq mapet: I wasn't here for the beginning of conversation, the naming looks like you're on BSD ?
10:57 mapet i see
10:57 mapet viq: yes
10:57 viq mapet: AFAIK on BSD you can assign name/description/group to an interface, maybe you'd be able to work with that
10:58 malinoff viq, yes, this is another naming rule which moves the content from unmanaged to managed state
10:58 mapet viq: yeah, but we haven't looked into that until now
10:59 xmj you can technically rename devices to eth# if you need to
10:59 xmj (though you probably shouldn't)
10:59 malinoff You have a lot of options to have a managed content - you can have a specific file (e.g. /etc/interfaces) formed like "eth10: main\neth0: second" and read it
11:00 malinoff you can have such mapping on the salt-master side and pass such information to pillars
11:00 mapet haven't looked into pillars yet
11:00 malinoff The general idea is that you can't manage unmanaged content
11:01 malinoff How you make unmanaged content to be managed is your choice
11:01 the_lalelu joined #salt
11:02 malinoff mapet, also, you can create a custom grain like "secondary_iface" in a minion config
11:06 babilen mapet: And all of these IPs are on different networks?
11:07 mapet babilen: no, it's one network
11:07 babilen mapet: So you have 44.444.44.44 on one host and 12.34.56.78 on another while 98.87.65.43 on a third with absolutely no logic to it?
11:07 mapet malinoff: have to finetune the minion grains yet :)
11:08 malinoff mapet, you can add custom grains directly from the master
11:08 malinoff so it shouldn't be a big problem :)
11:08 babilen mapet: So you are really interested on the IP that is in that specific network, aren't you? I mean you don't care if it is the first, second or third, but you want the one that is in, say, 10.10.10.10/24 ?
11:09 jhauser joined #salt
11:09 Lomithrani babilen: thanks for the response, too bad as my state takes like 10-20 minutes to finish its quite frustrating not to know how things are going before it totally ends
11:10 elfixit joined #salt
11:11 babilen Lomithrani: Set "state_events=True" and use eventlisten to listen to incoming events ...
11:15 mapet babilen: right. The IP of the sepcific host in that network to bind memcache to it
11:16 ml_1 joined #salt
11:17 Lomithrani babilen: can't find state_events in minion or master conf is that normal ?
11:20 adrianduke joined #salt
11:22 adrianduke hi all, after googling around for a while I can't seem to find a solution to following: I am using salt + docker, I have some mysql queries I want to run inside a docker container, but I don't know what the containers IP is until it starts...
11:22 adrianduke if the container is already running, using "{{ salt['cmd.run']("docker inspect mysql | grep IPAddres | awk -F '\"' '{print $4}'") }}" works just fine, but in my case the state file is also supposed to start the container as well
11:23 adrianduke that leaves me with needing to delay the renderrer from executing my salt.cmd.run, or finding another way to get the docker IP... any ideas?
11:23 dccc joined #salt
11:23 adrianduke sorry forgot to say, during highstate I get "Error: No such image or container: mysql"
11:24 malinoff adrianduke, use requisites to start a docker container and wait until it is ready to work with
11:24 malinoff to start a docker container at first*
11:24 babilen Lomithrani: Yes, that is normal
11:25 adrianduke malinoff: I am using requisites, the problem is that salt is evaluating the salt.cmd.run before it runs any of its contents
11:25 babilen Lomithrani: Well, if your state takes that long the *only* way to get more detailed information is to fire events during the state run. What monster have you created that a single state takes 30 minutes?
11:26 malinoff adrianduke, i don't know much about docker, but does it have some sort of command which will block and wait until a container is up? Something like "docker wait mysql"?
11:28 babilen mapet: And you need that IP for a file on the minion?
11:28 adrianduke mailnoff: here is a gist: https://gist.github.com/anonymous/c2e6da03fa374d1e3424
11:29 mapet babilen: yup
11:29 Lomithrani babilen: not a monster , but it build my scala app so lot of dependencies to download and quite a long  time to compile aswell
11:29 adrianduke you can see the connection_host: is having the salt.cmd.run evaluated when salt renders all the sls files together, but at that point there is no docker container named 'mysql' so it will always fail
11:30 malinoff Lomithrani, if the list of dependencies is static, you must write a state which intended to run only once - on creation of a new server
11:30 babilen mapet: Will this IP be used in other contexts? Can you think of a suitable name for that IP address?
11:31 Lomithrani malinoff: of course it runs only once on creation and at each new push on my git repo
11:31 malinoff adrianduke, if you run "docker inspect mysql | grep IPAddres | awk -F '\"' '{print $4}'" RIGHT AFTER "salt state.sls" ends, will you receive the same error?
11:31 babilen Lomithrani: In that case I can't really think of much that can be done apart from integrating reporting to salt into the build systemd itself.
11:31 fllr joined #salt
11:31 malinoff Lomithrani, does it change on push?
11:31 malinoff i mean, the dependency list
11:32 adrianduke malinoff: no
11:32 Lomithrani malinoff: it may
11:32 adrianduke works fine if I could stagger the sls files being run, or enable some form of lazy evaluation on the salt.cmd.run
11:32 adrianduke would work fine*
11:33 Lomithrani but it's not really a big deal I will just have to tell my boss "don't worry sometimes it takes time" as everything works so far it only requires patience ^^
11:33 * babilen pokes mapet
11:33 arknix joined #salt
11:34 babilen mapet: Either way (as you will probably see this later): I would either write an external grain (if that datum is useful in other contexts) or a pillar in Python and classify the IP addresses in there with IPy)
11:34 mapet babilen: it would be the only host. i thought about using context
11:34 adeduke joined #salt
11:35 jrdx joined #salt
11:35 adrianduke my nick is now adeduke
11:35 adeduke so does salt have any form of lazy evaluation in SLS files?
11:36 bhosmer joined #salt
11:36 malinoff adeduke, i think the problem is that the argument is evaluated before the state is even applied
11:36 adeduke or possibly a way of running additional SLS files after another has finished
11:36 adeduke yeah thats what I think
11:37 malinoff adeduke, don't know how to deal with it, sorry
11:37 malinoff never tried by myself
11:37 adeduke ok thanks for your help in any case :)
11:37 malinoff the first sysadmin's thought is to add "sleep n" to cmd.ru
11:37 malinoff n
11:37 malinoff but it's dirty
11:38 adeduke lol guess it depends if the evaluation of salt.cmd.run is sync or async, I'll try it in any case
11:39 adeduke lol its sync
11:40 masterkorp hello everyone
11:41 masterkorp i would like to generate a template that is a yaml file
11:41 malinoff adeduke, of course it is sync
11:41 masterkorp and like so, how could i dump the pillar data directly into it ?
11:42 malinoff masterkorp, {{ pillar['something'] }}
11:42 masterkorp hmm, on file: contents: ?
11:42 babilen mapet: http://paste.debian.net/108510/ would be an idea for a pillar .. You can implement something along those lines as external pillar too.
11:43 thayne joined #salt
11:44 babilen mapet: Feel free to write more extensive logic with IPy in memcached_address() -- https://pypi.python.org/pypi/IPy/
11:44 masterkorp malinoff: http://pastie.org/private/qekdklcw0nuq8myz6iya
11:44 masterkorp output
11:44 masterkorp http://pastie.org/private/v0p9seu8chcrzksimq29kg
11:44 masterkorp state
11:44 malinoff adeduke, one of work arounds may be to have a separate cmd.run state which will not call {{salt...}}, but that command directly
11:45 babilen mapet: http://paste.debian.net/108511/ rather
11:45 malinoff adeduke, and set a variable anywhere on the filesystem
11:45 mapet babilen: thanks.
11:45 malinoff damn, that won't work either
11:45 malinoff i really don't know
11:45 adeduke yeah, really tricky one
11:45 malinoff salt should support 'proxy' arguments :(
11:46 adeduke or just lazy evaluation would be simple enough
11:46 adeduke only evaluate the cmd when you need to
11:46 masterkorp malinoff: it does not even touches the file :(
11:46 malinoff one thing i can say - if you split states to different sls files and run them separately with salt state.sls, this should work
11:46 dccc joined #salt
11:46 malinoff adeduke, the problem is that it is jinja template, and it must be processed at first
11:47 adeduke yeah
11:47 malinoff adeduke, because it is intended that jinja will generate a yaml structure
11:48 adeduke yeah
11:48 malinoff masterkorp, can you use a non-colored outputter? Can't really understand what's going on because of all those [36m
11:50 masterkorp malinoff: http://pastie.org/private/fiaadob476oeqqzwdazgw
11:51 malinoff masterkorp, if you use a common text like "this is a test string" instead of {{ salt['pillar.get']...}}, will the file be created with this contents?
11:51 malinoff content*
11:53 masterkorp malinoff: yes, http://pastie.org/private/lmgeuggvvj3zfeliki6ow
11:55 babilen Can I use file.managed (the state) from an execution module that I write or would I have to re-implement all its functionality locally?
11:56 babilen I'd like to use the "replace" functionality, but haven't seen any examples of execution modules calling states (rather than other modules)
11:56 malinoff masterkorp, i see that there were something managed
11:56 malinoff masterkorp, is it the pillar content?
11:57 masterkorp yeah it would be, but the file is not touched
11:58 masterkorp i got to /etc/salt/cloud and I see the standard salt cloud file
11:58 malinoff masterkorp, but salt says that it is managed
11:58 malinoff maybe you're seeing a wrong server?
11:58 masterkorp inded it does
11:58 masterkorp malinoff: no, i am using kitchen-salt
11:59 masterkorp its a vagrant box
11:59 masterkorp the rest of the state is there
11:59 masterkorp just not that file
11:59 malinoff oh god, kitchen & vagrant just to launch a vm
11:59 malinoff but nvm
12:00 malinoff i'm "grumpy malinoff"
12:00 masterkorp it runs the state its easy to do cold start
12:00 malinoff masterkorp, I really don't know what's going on. Salt says it's managed, you say it is not.
12:01 malinoff I'd rather believe salt :)
12:01 malinoff you can try to run a single state.sls just for that file.managed
12:02 malinoff and see if it is really managed
12:02 masterkorp malinoff: http://pastie.org/private/0yqag9obj4uep4etdtmmq
12:02 malinoff # This file should normally be installed at: /etc/salt/cloud
12:02 malinoff lol
12:03 masterkorp heh, its the standard file
12:03 masterkorp maybe its overridden ?
12:04 malinoff masterkorp, what if you delete /etc/salt/cloud and run that state again?
12:07 brandon joined #salt
12:07 darkelda joined #salt
12:08 masterkorp hmm
12:09 masterkorp malinoff: lol, it was a type
12:09 masterkorp the could file
12:09 masterkorp thanks
12:09 malinoff jeeeeeez
12:12 dccc joined #salt
12:17 bhosmer joined #salt
12:19 bhosmer_ joined #salt
12:19 z3uS joined #salt
12:20 vbabiy joined #salt
12:21 jaimed joined #salt
12:25 alanpearce joined #salt
12:27 chiui joined #salt
12:28 greyhatpython joined #salt
12:28 greyhatpython joined #salt
12:28 xmj_ joined #salt
12:28 gwmngilfen|afk joined #salt
12:29 jY joined #salt
12:29 eofs_ joined #salt
12:29 Ch3LL__ joined #salt
12:30 zemm_ joined #salt
12:30 baffle_ joined #salt
12:30 ze-_ joined #salt
12:30 ampex_ joined #salt
12:30 rockey_ joined #salt
12:30 codekobe_ joined #salt
12:30 N-Mi joined #salt
12:30 N-Mi joined #salt
12:30 nickg_ joined #salt
12:30 logandg_ joined #salt
12:30 jcristau joined #salt
12:30 rcsheets_ joined #salt
12:31 JordanTesting joined #salt
12:31 cruatta_ joined #salt
12:31 bezaban joined #salt
12:31 bmcorser joined #salt
12:31 snoozer_ joined #salt
12:31 luminous_ joined #salt
12:31 codekobe_ joined #salt
12:31 rcsheets_ joined #salt
12:31 JordanTesting joined #salt
12:31 bmcorser joined #salt
12:31 Corey joined #salt
12:31 Jarus joined #salt
12:31 synical joined #salt
12:31 Schmidt joined #salt
12:31 xmj joined #salt
12:31 jgelens joined #salt
12:31 gamingrobot joined #salt
12:31 fllr joined #salt
12:31 mfournier joined #salt
12:31 alanpearce joined #salt
12:32 dwfreed joined #salt
12:32 ndrei joined #salt
12:32 dimeshake joined #salt
12:32 bretep joined #salt
12:33 eightyeight joined #salt
12:33 manfred joined #salt
12:33 schristensen joined #salt
12:33 UForgotten joined #salt
12:33 user136 joined #salt
12:35 Kenzor joined #salt
12:36 ramishra joined #salt
12:38 bhosmer joined #salt
12:39 ninkotech__ joined #salt
12:39 ninkotech_ joined #salt
12:40 dccc joined #salt
12:42 martoss1 left #salt
12:45 arknix joined #salt
12:47 m____s joined #salt
12:50 bhosmer joined #salt
12:53 fllr joined #salt
12:54 ninkotech__ joined #salt
12:54 ninkotech_ joined #salt
12:55 fllr joined #salt
12:56 colinbits joined #salt
12:56 mpanetta joined #salt
12:56 pviktori joined #salt
12:56 bhosmer_ joined #salt
12:58 johngrasty Hey all. I ran into an issue with the SMF module on SmartOS. I think I found a fix, but I am both a salt and python newbie (!). If any of you experienced users get a chance, I would appreciate your thoughts. https://github.com/saltstack/salt/issues/13983
12:58 scalability-junk joined #salt
12:59 Lomithrani left #salt
13:00 oz_akan_ joined #salt
13:05 ndrei joined #salt
13:05 diegows joined #salt
13:07 racooper joined #salt
13:07 dccc joined #salt
13:07 yomilk_ joined #salt
13:09 pholbrook joined #salt
13:09 mapu joined #salt
13:11 Kenzor joined #salt
13:12 bhosmer joined #salt
13:16 mpanetta joined #salt
13:17 miqui joined #salt
13:24 CeBe joined #salt
13:27 jeddi joined #salt
13:29 TheThing joined #salt
13:30 aquinas joined #salt
13:30 quickdry21 joined #salt
13:31 fllr joined #salt
13:35 dccc joined #salt
13:40 Hell_Fire_ joined #salt
13:40 Deevolution joined #salt
13:41 arknix joined #salt
13:42 ipmb joined #salt
13:47 Lomithrani joined #salt
13:48 kermit joined #salt
13:53 vejdmn joined #salt
13:54 linjan joined #salt
13:57 kaptk2 joined #salt
13:58 dccc joined #salt
14:02 taterbase joined #salt
14:05 jalbretsen joined #salt
14:05 thayne joined #salt
14:05 mway joined #salt
14:06 TheThing joined #salt
14:07 elfixit1 joined #salt
14:07 fllr joined #salt
14:13 Ch3LL__ left #salt
14:22 chiui joined #salt
14:24 arknix joined #salt
14:24 dccc joined #salt
14:29 arknix joined #salt
14:32 giantlock joined #salt
14:35 ninkotech joined #salt
14:36 johngrasty Quick question: What is the best way to distribute SSL keys and certs to webservers using salt?
14:36 blarghmatey joined #salt
14:38 Kenzor joined #salt
14:39 babilen johngrasty: Place them in a pillar that targets only the minion and then use file.managed with contents_pillar to write it.
14:39 johngrasty babilen: Thanks!
14:39 babilen (that way they will only be accessible to the minion in question and, naturally, the master)
14:40 johngrasty That was exactly my concern.
14:41 babilen johngrasty: Let me know if something is unclear or if you run into problems. The pillar would have to use the "foo: |\n    ----- BEGIN ..." form (that is |, then newline, then indentation by two spaces, then file content)
14:41 johngrasty babilen: Gotcha. I will try it out right now.
14:44 Lomithrani - tgt: ({{ data['id'] }} | 'LbForge*' )                           is that proper ?
14:44 Lomithrani (pcre)
14:47 oz_akan_ joined #salt
14:51 dccc joined #salt
14:53 mateoconfeugo joined #salt
14:54 Gareth morning
14:54 masterkorp halo
14:55 Lomithrani haaha poor you my monday is almost over =)
14:55 rallytime joined #salt
14:55 babilen hehe, five more minutes :D
14:55 nahamu Lomithrani, johngrasty: you're both using salt on SmartOS. You can compare notes if you need to. :)
14:56 Lomithrani johngrasty: I'll be glad too , as my config runs pretty smoothly now :)
14:56 johngrasty nahamu: I hadn't realized that. :-D Maybe I will stop buggin you so much!
14:56 nahamu johngrasty: oh, feel free to bug me.
14:57 Lomithrani johngrasty: haha I bothered him quite a lot aswell :D he basically saves my life once a week
14:57 nahamu I just spend more time on the packaging and the poking around in the source than in the actual writing of states these days.
14:57 nahamu I just thought it would be good for you two to be aware of each other. I'm not trying to hide from helping. ;)
14:59 greenleaf joined #salt
15:02 Heartsbane joined #salt
15:02 Heartsbane joined #salt
15:04 dude051 joined #salt
15:08 pdayton joined #salt
15:11 ajprog_laptop1 joined #salt
15:11 conan_the_destro joined #salt
15:12 bhosmer joined #salt
15:14 philipah joined #salt
15:15 Kalinakov joined #salt
15:17 Lomithrani nahamu: btw I found out what the problem was on my opssmf I had set the service as a foreground program but forgot to add "-f" on the start exec method
15:18 johngrasty babilen: Thanks for the help. That worked perfectly. Once I knew where to look, I even found an example in the docs.
15:18 Lomithrani so it was infenitly forking and taking all the resources
15:18 ramishra joined #salt
15:19 Lomithrani babilen: why is it best using pillar instead of states? (I personnally just use a file.managed in a state for my ssl key)
15:19 dccc joined #salt
15:21 johngrasty Lomithrani: Here's what babilen told me: "(that way they will only be accessible to the minion in question and, naturally, the master)"
15:21 thedodd joined #salt
15:23 teskew joined #salt
15:23 Lomithrani johngrasty: by whom may my state be accessible ? then is my question. I felt like my  way only the minion and the master had access to my ssh key aswell
15:23 wendall911 joined #salt
15:23 analogbyte joined #salt
15:24 Lomithrani I must admit I haven't used pillar yet because I didn't see anything I couldn't do with states :/
15:24 doddstack joined #salt
15:24 johngrasty Lomithrani: Still wrapping my head around salt architecture. I think other minions would be the answer.
15:25 Lomithrani even though they aren't targeted by the states ? damn that could be troublesome I might have to get a look at the pillars aswell
15:30 luminous joined #salt
15:31 UtahDave joined #salt
15:32 Lomithrani https://www.refheap.com/87933   is my pcre wrong ? it doesnt seem to trigger highstate on my LbForge* instances but does on itself though
15:33 Emantor joined #salt
15:37 teskew joined #salt
15:38 bhosmer joined #salt
15:38 bhosmer__ joined #salt
15:41 babilen Lomithrani: The key could be accessed by other minions
15:42 babilen (ah, johngrasty mentioned that already)
15:43 tligda joined #salt
15:44 Lomithrani babilen: well then yes I guess I'll have to look into that pillar stuff
15:46 ajolo_ joined #salt
15:46 alanpearce joined #salt
15:48 dccc joined #salt
15:52 zain_ joined #salt
15:52 Joseph joined #salt
15:53 mateoconfeugo joined #salt
15:56 active8 joined #salt
15:58 mgw joined #salt
15:58 thayne joined #salt
16:00 m1crofarmer joined #salt
16:00 arknix joined #salt
16:06 ekristen joined #salt
16:07 mpanetta_ joined #salt
16:07 meteorfox joined #salt
16:08 jslatts joined #salt
16:11 zain_ joined #salt
16:12 th3rt joined #salt
16:14 dccc joined #salt
16:15 BigEndianBecause Good morning/afternoon everyone.  If I have two services,  one that is in status "running" (but not truly ready) and another service that depends on a the "running" but not ready service how can I make the 2nd service wait to start until the 2nd one is in a ready state? Is there any kinda of hard time limit I can place on the 2nd service before it starts?
16:16 BigEndianBecause In other words,  is there a good way to make the 2nd service wait for a set amount of time until the 1st service is ready.
16:17 manfred BigEndianBecause: sounds like your first service needs to be actually be written better by the upstream
16:18 BigEndianBecause I'm inclined to agree with you.  But that's not really an option right now so I was hoping to find a temporary solution.
16:18 zain_ joined #salt
16:18 manfred it shouldn't exit the 'service <whatever> start' process until it is startd
16:18 manfred i do not have a solution for you unfortunately
16:18 manfred BigEndianBecause: only option i can think of, is write a wrapper script that startes the service, and then sends an event to the reactor, that will then start the second service on the machine
16:19 BigEndianBecause That actually sounds like a good idea.
16:21 babilen BigEndianBecause: Is there any way to test if the first service is ready? And what kind of shitty program is that?
16:22 troyready joined #salt
16:26 schimmy joined #salt
16:28 toastedpenguin joined #salt
16:30 bhosmer joined #salt
16:31 BigEndianBecause babilen,  I think I could test the service's status by tailing the log file.  The service will remain unnamed.  I suspect that part of our problem is that the service is at least one version behind current production head.
16:31 BigEndianBecause :-)
16:32 manfred BigEndianBecause: i think leveraging the reactor is your best option
16:32 babilen yeah, tailing the log file sounds, well, even worse
16:32 manfred you can use the reactor to kick off the second half of a state run
16:32 manfred http://docs.saltstack.com/en/latest/topics/reactor/
16:33 babilen Using the reactor still assumed that you are able to figure out the point in the time that the service is truly ready .. why not simply incorporate that in the init script?
16:34 thedodd joined #salt
16:35 KyleG joined #salt
16:35 KyleG joined #salt
16:35 manfred babilen: that is what should happen via upstream
16:35 manfred babilen: https://github.com/saltstack/salt/blob/2014.1/salt/master.py#L630
16:36 BigEndianBecause There are a lot of things we could do to fix it,  including fixing the init script.  We were trying to solve this problem temporarily using only salt,  but our current kludge involved an echo "sudo service 2ndservice start" | at now +3 minutes. I was trying to not do << that.
16:36 CheKoLyN joined #salt
16:36 BigEndianBecause I like the idea of using the salt reactor.  I think that should fix the problem quite nicely for the time being.
16:36 BigEndianBecause #salt came through again.  Thanks guys.
16:37 manfred BigEndianBecause: let us know how it works, and if you could also provide an example we could use inthe reactor documentation that would be awesome
16:37 bhosmer joined #salt
16:39 babilen manfred: It's rather that my normal intuition is to "fix what is broken" :)
16:41 dccc joined #salt
16:41 BigEndianBecause manfred:  I'll let you know what works.  If I'm able to provide an example I will do that as well.
16:41 manfred sounds good
16:42 UtahDave thanks, manfred!
16:42 luminous hello! salt is basically, amongst other things, an async task framework (like celery) yea? so what would you do to 'run any importable python function' as a task, in an effort to replace celery?
16:43 bmatt luminous: execution modules are, more or less, what you're looking for
16:43 luminous I have thought of this some, and I would imagine a generic module that could run an importable python function.. seems simple, no? are there any better suggestions/methods/etc?
16:44 luminous I've also thought to use the existing jobs runner.. paired up with that generic module
16:44 KyleG joined #salt
16:44 KyleG joined #salt
16:44 KyleG joined #salt
16:44 KyleG joined #salt
16:45 KyleG1 joined #salt
16:45 KyleG1 joined #salt
16:46 KyleG joined #salt
16:46 KyleG joined #salt
16:48 joehillen joined #salt
16:51 Sacro whooooooooop, My First Pull Request (tm)
16:51 luminous :D
16:51 mpanetta joined #salt
16:51 luminous bmatt: to my knowledge, there is no existing, generic module that could run any python function as an async task, making its result easily retrievable/etc
16:52 bmatt luminous: nor to mine, but I'm not sure salt is the best answer for a distributed python execution environment
16:52 bmatt (rather, an arbitrary execution environment)
16:54 shaggy_surfer joined #salt
16:56 funzo joined #salt
16:57 manfred luminous: there isn't anything that just runs python functions remotely, you could use cmd.script though
16:57 manfred but for just a function, i think you want something more like pyro
16:59 bhosmer joined #salt
16:59 luminous I'm not looking for distributed task processing though, which both celery and pyro are pretty good at
16:59 luminous I'm simply looking to run a task (python function) outside of another process (async)
17:00 luminous and I need to be able to easily retrieve the results (collect log during run, and then after complete)
17:00 manfred salt does not include a way to pass a python function, it can only pass a script and execute it
17:00 luminous it seems salt is better suited for that
17:00 chrisjones joined #salt
17:00 luminous manfred: right, which is why I believe we would need a generic module to do that.. to import and call the function
17:01 luminous is this all jsut crazy talk?
17:01 UtahDave luminous: Yeah, you could totally do that.
17:01 manfred ^^
17:01 manfred jsut pass a python function as a multiline yaml string
17:02 ml_1 joined #salt
17:03 luminous UtahDave: would it then make sense to use the jobs runner for scheduling/running and retrieving results after the fact?
17:03 luminous I see needing two parts to this.. 1) a wrapper to the jobs runner that my apps can use, and then 2) the generic module
17:03 azylman joined #salt
17:04 luminous 1 would provide the means to easily run/call and look up results/status, kill/etc the task through the jobs running
17:04 luminous 2 would be the means to import and execute the task
17:04 dccc joined #salt
17:05 forrest joined #salt
17:06 UtahDave luminous: the only problem with the jobs runner is that it will have lots of extra info in there from all the other Salt jobs going on
17:08 luminous UtahDave: yea, my wrapper would need to do some filtering
17:08 luminous so maybe I would also need to track the jobs the apps need to care about
17:08 luminous or is there a means for tagging jobs?
17:08 schimmy joined #salt
17:12 KyleG joined #salt
17:12 KyleG joined #salt
17:12 UtahDave luminous: Hm. I'm not sure if there's a way to tag a job, but you can definitely look at the source of the job
17:16 CheKoLyN joined #salt
17:16 druonysus joined #salt
17:19 mpanetta_ joined #salt
17:24 m____s joined #salt
17:25 manfred luminous: are you going to want to pass the python function in in a state, or in an actual executtion module?
17:29 aw110f joined #salt
17:30 manfred i guess you could just transfer a file, and then import and run an expected function inside that file
17:30 dccc joined #salt
17:33 luminous manfred: the expectation is that, which ever host the function runs, it is an importable function - so I have to ensure it is already available
17:34 manfred ahh ok
17:35 manfred i don't see why would couldn't make it do something like salt \* python.run something.something.function var1 var2, and it does an import something.something.function, and runs something.something.function(**kwargs)
17:38 krow joined #salt
17:39 masterkorp Guys any documentation on having salt based test environments?
17:39 Deevolution Hello everyone.  I have a test setup (Vagrant) with a single box with both master and minion on it.  I can run commands (via the salt CLI) when run as root, but any non-root user gets the following error: "Failed to connect to the Master, is the Salt Master running?"  Anyone have any ideas?
17:39 masterkorp i would like to have a local openstack or something test setup
17:41 UtahDave Deevolution: if you modify your master's config you can let other non-root user run salt commands.  Look for the   client_acl   config option
17:41 Deevolution Is that error an ACL error?
17:42 ipalreadytaken joined #salt
17:49 kermit joined #salt
17:49 miqui joined #salt
17:53 synical joined #salt
17:53 jgarr joined #salt
17:53 Deevolution UtahDave: It appears the actual problem was that the non-root users did not have access to the /var/run/salt/... directories.  After I fixed that it appears to be looking for acl/external auth correctly.
17:53 Deevolution Thanks.
17:54 UtahDave ah, ok.  thanks for the update!
17:54 jgarr does salt have a way to provision bare metal? (that's not cobbler)
17:55 timoguin not really. there's the salt genesis project, but i don't think it's been touched in a long time
17:57 jgarr timoguin: that's a bummer. I know it's not something a lot of people need so I understand
17:58 jgarr timoguin: it just rules salt out at my work :-/
17:59 felskrone joined #salt
18:00 UtahDave jgarr: Yeah, that's on our roadmap, but it hasn't been implemented yet.
18:00 dccc joined #salt
18:03 jgarr UtahDave: is it planned like puppet/razor with tftp and small linux + puppet agent or more like cobbler with custom command/kickstart files?
18:03 jgarr or is that too far out?
18:04 JohanR joined #salt
18:05 UtahDave jgarr: I believe the plan is to get the salt-minion running on it as early as possible and do all the configs from there.
18:05 JohanR Anyone have a tips of how to handle large folders with different modes?
18:05 shaggy_surfer joined #salt
18:05 UtahDave jgarr: But I don't think it's ironed out yet.
18:06 UtahDave jgarr: there's also plans to have an option to integrate with OpenStack's Ironic, if desired.
18:08 tkharju1 joined #salt
18:09 BigEndianBecause left #salt
18:09 jgarr UtahDave: ok thanks, I'll keep an eye on it and if it ever becomes testable I'm sure I'll give it a shot
18:10 UtahDave jgarr: cool!   Like I said, it's been something we've wanted to do for a long time, we've just had to finish up some other things first.
18:11 Deevolution left #salt
18:11 Deevolution joined #salt
18:11 jgarr UtahDave: so far my biggest complaint about my new job is I implemented salt at my last work and it's all puppet here
18:12 jgarr at least they have something, but it just feels old/over engineered etc
18:12 jgarr spending a year with salt and ansible spoiled me
18:12 UtahDave :)
18:13 auser joined #salt
18:14 thedodd joined #salt
18:15 mpanetta joined #salt
18:15 a1j http://www.anekdot.ru/i/caricatures/normal/14/6/21/2.jpg
18:18 bmatt all grain functions are run at every minion startup, right?
18:21 schimmy1 joined #salt
18:22 bhosmer joined #salt
18:23 Ryan_Lane joined #salt
18:24 UtahDave bmatt: yep
18:24 dccc joined #salt
18:24 bmatt are they run synchronously?
18:24 Topic for #salt is now Welcome to #salt | 2014.1.5 is the latest | SaltStack doc sprint this Thurs!! Sign up here: http://goo.gl/19BbGM | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
18:25 UtahDave bmatt: Uh, probably.
18:26 bmatt hm. so I've written a grain module that wraps cdpr
18:26 bmatt but CDP packets are typically sent every 60 seconds
18:26 bmatt I'm not sure what a better answer is
18:27 bmatt blocking minion startup for as many as 60 seconds might be surprising
18:27 UtahDave bmatt: Yeah, it will block
18:28 UtahDave bmatt: does it need to be a grain? Could it be an execution module?
18:28 bmatt it certainly could, but it gets harder to use the returned data
18:28 bmatt that'd require a tightly-coupled state module, and would prevent use in formulas
18:29 ckao joined #salt
18:29 jnials joined #salt
18:29 bmatt well, maybe it's not hard. but I don't know how. :)
18:30 UtahDave bmatt: how often would the grain need to be updated?
18:30 bmatt UtahDave: as often as a host's network switch port changes
18:30 bmatt so, not often.
18:30 jnials_laptop joined #salt
18:31 UtahDave so maybe you could have the execution module get the info as it's needed and available and drop a grains file in /etc/salt/grains.d/   and then run a sync_grains.
18:31 bmatt yeah, I'd thought about caching the data - but would you accept that upstream? ;)
18:31 bmatt brb lunch
18:32 UtahDave bmatt: well, if it's an execution module, then it would only get run when you want it to be
18:33 jslatts joined #salt
18:36 mateoconfeugo joined #salt
18:40 toofer joined #salt
18:41 miqui joined #salt
18:49 toastedpenguin joined #salt
18:49 krow joined #salt
18:49 ramteid joined #salt
18:50 dccc joined #salt
18:50 mateoconfeugo joined #salt
18:57 kermit joined #salt
18:59 talwai_ joined #salt
19:00 TheThing joined #salt
19:04 vejdmn joined #salt
19:05 oz_akan__ joined #salt
19:06 hltbra_ joined #salt
19:07 hltbra_ I had two minions connected to a master, one of the minions was terminated, but the master didnt remove it, and when I send commands, master thinks it should send to terminated minion also. How can I remove that minion from the master? Is there any automatic way?
19:11 rjc joined #salt
19:12 kballou joined #salt
19:13 oz_akan_ joined #salt
19:13 forrest hltbra_, use salt-key -d <name>
19:13 hltbra_ forrest: is there any automatic way to remove minions that do not reply anything?
19:14 forrest hltbra_, not that I'm aware of, that would really suck for users who were experiencing network issues or other problems I'd imagine.
19:14 hltbra_ ok. thanks, forrest
19:14 forrest hltbra_, yea np, if you find an automatic way to do it let me know
19:14 hltbra_ sure
19:15 ndrei joined #salt
19:16 mapu joined #salt
19:16 jslatts joined #salt
19:17 jalaziz joined #salt
19:20 jnials joined #salt
19:20 dccc joined #salt
19:20 kballou joined #salt
19:21 eliasp meh: seems my 2nd correction to the text-block usage still doesn't work, as "code-block:: text" seems to be "unknown" … https://github.com/saltstack/salt/pull/14003
19:22 eliasp according to "ack -h -o 'code-block::\s+\w+' | sort -u" the following code-block types exist throughout the salt sources: http://bpaste.net/show/443867/
19:22 eliasp does anyone know which of them are "valid"? at which point are they evaluated to be rendered in the docs?
19:24 kermit joined #salt
19:26 krow joined #salt
19:26 therealGent joined #salt
19:26 jcristau joined #salt
19:26 schimmy joined #salt
19:27 arknix joined #salt
19:28 schimmy1 joined #salt
19:31 zain_ joined #salt
19:32 dyim joined #salt
19:32 zain__ joined #salt
19:34 dyim left #salt
19:40 ghanima joined #salt
19:40 ghanima hello all
19:40 ghanima I just recently upgraded my salt infra to 2014_01_05-1
19:40 ghanima and for some reason since the upgrade I can't seem to get my custom grains file on the minions to load. I used the default location /etc/salt/grains
19:41 ghanima Has anything changed that would prevent this from being dynamically scanned when the file is updated
19:42 smcquay joined #salt
19:43 notpete__ Hi folks,
19:44 notpete__ Anyone know if it's possible to plumb additional networks with salt-cloud using the openstack provider (rackspace)
19:49 dccc joined #salt
19:50 aquinas joined #salt
19:51 krow joined #salt
19:52 jcristau joined #salt
19:53 arknix joined #salt
19:54 tkharju2 joined #salt
19:56 dvogt joined #salt
19:57 zotka joined #salt
19:57 tkharju3 joined #salt
19:58 tkharju joined #salt
19:59 jslatts joined #salt
19:59 zotka quick question, using cp. get_file, the file has jinja logic in it. How can I tell the minion that it needs to do read it as a jinja file?
19:59 bmatt UtahDave: I'll still probably contribute the cdpr execution module, but it sounds like trying to get the data into a grain is misguided
20:00 bmatt my hope was cdpr -> grain -> pillar -> formula
20:00 zotka what I have found in the docs is template=jinja, but thats for my command string
20:00 UtahDave bmatt: Yeah, if it's going to block that long, it probably wouldn't work.
20:00 aquinas joined #salt
20:01 UtahDave zotka: on the terminal or in an sls file?
20:01 zotka terminal
20:01 zain_ joined #salt
20:02 UtahDave hm.  so template=jinja only templatizes the command string and not the file itself?
20:03 UtahDave zotka: would file.manage_file work for what you're trying to do?   http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.file.html#salt.modules.file.manage_file
20:03 martoss joined #salt
20:03 martoss1 joined #salt
20:05 zotka lemme give it a shot
20:05 zotka thanks
20:11 higgs001 joined #salt
20:12 dccc joined #salt
20:13 _gothix_ joined #salt
20:23 tkharju joined #salt
20:24 ironwilliamcash joined #salt
20:25 bemehow joined #salt
20:25 ironwilliamcash Hi all, I'm trying to use an SLS file to work with Chocolatey. I can get it installed, but cannot get it to install any packages, does this not work within an SLS file?
20:26 schimmy joined #salt
20:26 forrest ironwilliamcash, you can install packages from within sls files no problem. Could you please gist your state?
20:26 kivihtin joined #salt
20:27 ironwilliamcash we're trying to use the Chocolatey module to manage the packages, that way we don't have to have a local copy of the the latest version of the software
20:27 laubosslink joined #salt
20:28 ironwilliamcash Chocolatey manages this and there seems to be chocolatey salt module, but I can't get it to do more than install chocolatey itself
20:29 TheThing joined #salt
20:29 schimmy1 joined #salt
20:29 forrest ironwilliamcash, yea so modules are command line only when you try to run the commands, you will want to use http://docs.saltstack.com/en/latest/ref/states/all/salt.states.module.html and the inside of that reference the chocolatey module
20:29 forrest ironwilliamcash, you could also write the chocolatey state if you feel up to it :P
20:29 yidhra joined #salt
20:30 arknix joined #salt
20:30 TheThing joined #salt
20:30 ironwilliamcash forrest, haha figured I'd have to write some more code ;) I'll look into running just the commands first though as it might be simpler
20:30 kermit joined #salt
20:30 ironwilliamcash forrest: thanks for the info
20:30 forrest ironwilliamcash, yea the module state should work to call the chocolatey module, but if you decide to write it that would be cool too
20:30 forrest yea np
20:32 druonysus joined #salt
20:32 mpanetta So...  Is there any way to pass the cert option to the pip state?
20:37 adeduke joined #salt
20:40 bemehow_ joined #salt
20:43 dccc joined #salt
20:45 mpanetta Nevermind, we just added it...
20:46 veb joined #salt
20:48 babilen laubosslink: What are you really trying to do?
20:56 Kenzor joined #salt
21:00 UtahDave laubosslink: you can use jinja in your top.sls and loop through the directories and create an entry for each minion
21:00 forrest joined #salt
21:01 shaggy_surfer joined #salt
21:02 UtahDave np!
21:02 zain_ joined #salt
21:05 forrest joined #salt
21:05 dccc joined #salt
21:08 bhosmer_ joined #salt
21:08 bhosmer_ joined #salt
21:08 aw110f joined #salt
21:08 happytux joined #salt
21:10 TaiSHi *waves*
21:10 TaiSHi How's everyone in this beautiful afternoon?
21:11 N-Mi joined #salt
21:11 N-Mi joined #salt
21:11 yomilk joined #salt
21:12 deny[all] joined #salt
21:14 dualinity joined #salt
21:14 dualinity hey salty people!
21:14 forrest hi
21:15 dualinity :)
21:15 dualinity I'm wondering if it would be possible to use salt as a distributed computing service?
21:15 dualinity it seems so, am I right?
21:15 dualinity thought it does not seem to be its main purpose?
21:16 bhosmer joined #salt
21:16 TaiSHi dualinity: not understanding what you'd like to achieve
21:17 dualinity I'd like to interact with other people who would sign up for a service
21:17 dualinity a website would send out requests to users
21:17 dualinity using salt
21:18 dualinity those people would then do some number crunching with the sent data and return an answer
21:18 dualinity I hoped salt would be simple/lightweight/secure to facilitate just that?
21:19 druonysus joined #salt
21:19 druonysus joined #salt
21:19 jhauser joined #salt
21:23 avn_ joined #salt
21:25 Teknix joined #salt
21:26 mateoconfeugo joined #salt
21:29 bhosmer joined #salt
21:30 UtahDave laubosslink: let me see if I have an example.
21:30 avn_ Hi all. Have a question, can I bootstrap salt master via salt-ssh? (I should checkout repo with my states, and run salt-ssh on it from any machine where salt is installed?)
21:30 Joce joined #salt
21:31 dccc joined #salt
21:32 Ryan_Lane1 joined #salt
21:36 UtahDave hey, TaiSHi!
21:37 TaiSHi Hey Dave, how're you doing ?
21:37 UtahDave dualinity: Yeah, I think you could build an application on top of Salt to do what you're talking about
21:37 UtahDave good!
21:37 UtahDave avn_: yeah, you could do that
21:37 ghanima I just recently upgraded my salt infra to 2014_01_05-1 and for some reason since the upgrade I can't seem to get my custom grains file on the minions to load. I used the default location /etc/salt/grains Has anything changed that would prevent this from being dynamically scanned when the file is updated
21:37 TaiSHi UtahDave / dualinity: and implement raet when it's stable
21:37 dualinity UtahDave: would it still be secure with some kind of silly layer?
21:37 Hell_Fire joined #salt
21:38 dualinity just sending some commands?
21:38 TaiSHi dualinity: heh, raet is secure, but isn't stable
21:39 dualinity hmm
21:39 dualinity I don't need something stable just yet, I'm in the early stage
21:39 avn_ UtahDave: does "local" configuration on host from which I bootstrap can be a obstacle?
21:40 dualinity basically the idea is that I have a simple cross platform engine of some sorts. I'd like to send a command line argument to the client which would then use the engine to compute the result and return
21:40 UtahDave dualinity: everything is encrypted over the wire with Salt
21:41 UtahDave avn_: I'm not sure exactly what you mean, but you should be able to use bootstrap a master.  have you looked at bootstrap.saltstack.com   ?
21:42 ghanima UtahDave: any thoughts? you nomarly have alot of good suggestions with the problems I sometimes face
21:42 zain_ joined #salt
21:42 Theo-SLC joined #salt
21:43 UtahDave ghanima: have you tried starting up the minion in a terminal in debug mode?  That's a good way to check for stacktraces.   sudo salt-minion -l debug
21:43 dualinity I'm sorry to say it but for so much documentation I feel like it is overly comlpex
21:43 eliasp documentation of salt.states.git says regarding SSH authentication for git: "[…]  it is also possible to pass private keys to use explicitly."  … is it somehow possible to pass the keypair as pillars? so I'd use a centrally defined keypair for git access across all minions? or do I have to write the keys temporarily to identity files, use them and wipe them after the git clone/pull?
21:43 dualinity complex*
21:43 dualinity the explanations that is
21:44 dualinity RAET: you shouldn't introduce a metaphor before you explained anything about it :/
21:44 UtahDave dualinity: don't worry about RAET
21:45 UtahDave dualinity: Well, Salt was built to do many things, but not specifically what you're wanting to do.  Many people build applications on top of Salt and I think you could definitely do what you're wanting to do
21:45 toastedpenguin joined #salt
21:45 dualinity UtahDave: yea I just arrived to that exact same conclusion
21:45 UtahDave dualinity: but it will require you to become a bit more familiar with how Salt works in order to pull that off
21:45 UtahDave dualinity: it's doable, but it's not point and click
21:46 eliasp laubosslink: split?
21:46 UtahDave yeah.    .split()
21:46 dualinity UtahDave: thanks for the support though! would you know of a tutorial or something that is closest to it?
21:47 dualinity so far what I've found does not seem closely related (what I've seen is mostly host machines controlling slave machines)
21:47 dualinity all owned by the same person
21:47 UtahDave dualinity: I'd start with just using salt in general, then I'd read this on writing your own execution modules:  http://docs.saltstack.com/en/latest/ref/modules/index.html
21:48 ghanima UtahDave: sooo... I fired up the debug and there are  no errors but its odd... when I do a saltutil.sync_grains from the minion debug I don't see any attempt to load /etcf/salt/grains
21:48 eightyeight joined #salt
21:48 ghanima UtahDave: did something change where the default custom grains path is not in /etc/salt/grains
21:49 ghanima I basing that off of the following link: http://docs.saltstack.com/en/latest/topics/targeting/grains.html
21:49 Luke_ joined #salt
21:49 avn_ UtahDave: no. I mean bootstrap master on EC2 instance, having only repo with my states (and addition repo with pillar), so can I use any other mahine to do this bootstrap (from another salt managed network for example)
21:50 UtahDave ghanima: Yeah, /etc/salt/grains should work.  Can you pastebin your sanitized /etc/salt/grains?
21:50 kermit joined #salt
21:51 alexthegraham joined #salt
21:51 alexthegraham Anyone got a sec to take a look at a 7-line state and tell me what I'm doing wrong?
21:52 alexthegraham Super simple, just missing some detail...
21:52 UtahDave alexthegraham: pastebin what you have
21:52 alexthegraham https://gist.github.com/alexthegraham/94abaa3da239c8226b7d
21:52 alexthegraham I want to enforce permissions on the /scr directory, but only if it exists.
21:52 ghanima UtahDave: http://paste.ubuntu.com/7762248/
21:52 UtahDave that file.missing isn't going to work
21:52 dualinity UtahDave: wow man, great job managing the channel :) good luck with it
21:53 dualinity UtahDave: I'll look into it more very soon, thanks so far
21:53 UtahDave dualinity: :)  luckily we have a  lot of great people helping out.
21:53 UtahDave dualinity: you're welcome.  Let me know if you need any help as you go along.
21:53 alexthegraham I tried using 'require: - /scr', but that didn't work either ("recursive requisite")
21:53 dualinity UtahDave: Thanks, bye!
21:54 alexthegraham (rather, I tried using 'require: - file: /scr')
21:54 UtahDave ghanima: Ah, delete the grains:    line and dedent everything
21:54 UtahDave alexthegraham: what are you trying to accomplish there?
21:54 alexthegraham @UtahDave I want to enforce permissions on the /scr directory, but only if it exists.
21:55 alexthegraham @UtahDave if it doesn't exist, I don't want to create it.
21:56 UtahDave alexthegraham: try    - file -s /scr
21:56 TaiSHi UtahDave: you're like "the man" on #salt
21:56 vlcn joined #salt
21:57 jnials_laptop joined #salt
21:58 UtahDave ha ha. thanks, TaiSHi.   I don't get as much time to help out in here as I used to.
21:58 Gareth UtahDave is a sentient, cybernetic being directly tied into the Salt docs.
21:58 dccc joined #salt
21:58 forrest Gareth, the Davinator?
21:59 UtahDave Luckily we have a lot of awesome people who help out in here, too.  Like Gareth and forrest and many others.  :0
21:59 forrest manfred is #1 right now based on number of messages
21:59 forrest that talkative slacker
21:59 Gareth forrest: DaveAI perhaps?
21:59 forrest oh I like that
21:59 forrest maybe just DaveI
22:00 Gareth +2
22:00 Gareth er
22:00 Gareth +1
22:00 forrest lol
22:00 ajolo joined #salt
22:00 forrest +1 from Gareth, +1 from Gareth's headphones
22:01 UtahDave manfred++
22:01 vlcn evening guys.  I'm having an issue with my master suddenly not starting.  Seems like an issue related to the master job cache?
22:01 vlcn this is what I get from salt-master in trace mode: https://gist.github.com/kelchm/888c792193c4d6965e78
22:01 UtahDave vlcn: have you run out of inodes?
22:01 vlcn UtahDave, nope
22:02 alexthegraham UtahDave: that change (https://gist.github.com/alexthegraham/94abaa3da239c8226b7d) appears to give the same results
22:03 dvogt joined #salt
22:03 UtahDave alexthegraham: what version of Salt are you on?  I think "unless" might only be available in develop as of yet
22:04 dvogt left #salt
22:04 vlcn UtahDave, if I use sctrace on the process I see this: https://gist.github.com/kelchm/1dff60f6a6ac0a78a93f
22:04 vlcn and it just continues seemingly endlessly
22:04 UtahDave how big is your job cache, vlcn?
22:04 tligda joined #salt
22:04 alexthegraham @UtahDave: 2014.1.5 for both master and minion.
22:05 UtahDave alexthegraham: you could also use jinja to test for that directory so that the file.directory state doesn't appear in the rendered file if that directory doesn't exist
22:05 chrisjones joined #salt
22:07 vlcn UtahDave, I'm still waiting on 'find . -type f | wc -l' to return, but it seems like it must be an insane number.
22:08 vlcn assuming that is the problem, is there a certain way to clear out the job cache?
22:09 UtahDave vlcn: yeah, you can just rm that whole directory
22:10 jpaetzel joined #salt
22:10 UtahDave alexthegraham: try this:  https://gist.github.com/UtahDave/c63948358ff0df94f927
22:14 alexthegraham @UtahDave: no dice. All systems return 0 states enforced, regardless of whether /scr exists or not.
22:15 UtahDave alexthegraham: what's the ouput of  state.show_highstate  if /scr exists versus if /scr doesn't exist?
22:16 bhosmer joined #salt
22:17 scalability-junk joined #salt
22:23 aquinas joined #salt
22:24 dccc joined #salt
22:24 alexthegraham @UtahDave: added a comment to your Gist. No states are enforced w/ that if statement. Removing the if statements enforces the state for all minions.
22:26 jslatts joined #salt
22:30 yomilk joined #salt
22:34 mgw joined #salt
22:34 jhauser joined #salt
22:38 alexthegraham @UtahDave: am I just thinking about how to accomplish this incorrectly? Is there some other method I should be using?
22:38 Eureka_ joined #salt
22:39 Eureka_ Hi All, Anyone have a good way to notify when a system has finished a highstate when they are automatically brought up?? I figured I could make it send an email but that seems like a lame solution o.0
22:40 TaiSHi +1 to that Eureka_
22:40 tkharju1 joined #salt
22:44 xt maybe an IRC bot? https://github.com/torhve/saltibot
22:45 Eureka_ That might be a good idea. Ill look into that =) Thank you.
22:48 alexthegraham Eureka: I like xt's suggestion.
22:48 Joseph joined #salt
22:48 Joseph i am on salt 2014.15.
22:49 Joseph I can't seem to get psutil module to work
22:49 Joseph when i do a salt call i get iptables --help output
22:49 Joseph very ood
22:49 Joseph known issue?
22:51 Eureka_ Joseph: the iptables thing is a known issue. Its fixed for the next release already. It wont break anything you have going its just annoying and fills up the logs.
22:51 alekibango joined #salt
22:53 avn_ Have another question, how I can hook gits with states and pillar, into fresh bootstrapped master on EC2?
22:53 avn_ (Can I do that automatically?)
22:57 veb joined #salt
22:59 Outlander joined #salt
22:59 bhosmer joined #salt
23:01 Joseph Eureka_: {'minion-1.obt.data': "'ps.cpu_percent' is not available."}
23:01 Joseph i have psutil installed on all nodes
23:01 Joseph why is the function not available?
23:01 dccc joined #salt
23:02 forrest yea that's a known issue Josephn for the iptables --help output
23:02 Eureka_ Not sure, i dont have that running on my system at the moment. What are you running from the server?
23:02 druonysuse joined #salt
23:02 druonysuse joined #salt
23:02 forrest Pretty sure it's this one https://github.com/saltstack/salt/issues/13527
23:03 Joseph forrest: that's one problem and yes i am seeing that
23:03 Ryan_Lane joined #salt
23:03 Joseph forrest: but what i don't understand is why salt fails when a salt call succeeds
23:10 Eureka_ Joseph: Can you send me exactly what you are running from the master?
23:10 Outlander joined #salt
23:11 Joseph salt '*' ps.cpu_percent --output=raw
23:11 Joseph salt-call on the minion works just fine
23:13 bmatt is there a canonical return "type" (dict, base stdout, etc) from an execution module?
23:13 bmatt er, s/base/bare/
23:13 Eureka_ Joseph: Its working on my system. it looks like. What versions minion/master are you running?
23:13 bmatt like, is it improper for an execution module to parse some command's output and return a dict?
23:14 Joseph salt 2014.1.5
23:15 Joseph Eureka_: verified that its the same version on all nodes including master
23:16 Eureka_ Joseph: thats odd. That is exactly what I am using. I am on CentOS 6.5 64-bit
23:16 Joseph Eureka_: i am on centos 6.4 64 bit
23:16 Joseph doubt the minor version difference should matter
23:16 Eureka_ Joseph: I agree.. Going to test some stuff on my end.
23:16 Joseph Eureka_: thanks
23:18 Eureka_ Joseph: Looks like I am using psutils 0:1.17-34.el6
23:19 Joseph Eureka_:  i am using Version: 2.1.1
23:19 Joseph i just took whatever is the latest version from pip
23:19 Joseph according to salt documentation
23:19 Joseph psutil Python module, version 0.3.0 or later
23:20 Eureka_ Joseph: ahh. i installed via yum from the base repo package "psutils"
23:20 Eureka_ Joseph: maybe try killing the pip version and using the yum version?
23:20 Joseph Eureka_: certainly worth a try
23:20 veb joined #salt
23:20 Joseph Eureka_: man i love python but their package management is just awful
23:20 Eureka_ Joseph:  yeah... brb meeting
23:20 horus_plex Joseph++
23:21 Joseph horus_plex: seriously they can't even handle fricking http proxies correctly drives me crazy
23:24 forrest Joseph, there was discussion on that at pycon this year, and they've actually already come a long way since pycon 2013
23:24 Joseph Eureka_: no luck....i got the psutil from the epel repo
23:24 Joseph python-psutil-0.6.1-1.el6.x86_6
23:24 forrest so they're trying
23:25 Joseph forrest: thats good to hear. I am sympathetic. Package management is one of the most painful things to get right. Yum is probably one of the best and it still sucks in its own special way
23:25 Joseph Don't even get me started on apt [shudders]
23:28 arknix joined #salt
23:32 happytux joined #salt
23:33 conan_the_destro joined #salt
23:36 veb joined #salt
23:38 chromakode joined #salt
23:46 talwai joined #salt
23:46 talwai How to sync all SLS files from master to minion after running salt-cloud -p for the first time?
23:51 z3uS joined #salt
23:52 chromakode hey all, what's the best practice for storing things like ssh private keys in pillars? is there any way to keep them as separate files rather than embedding them in YAML?
23:54 shaggy_surfer joined #salt
23:59 yomilk joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary