Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-07-16

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:04 bhosmer joined #salt
00:04 sectionme joined #salt
00:04 Hell_Fire joined #salt
00:04 gecos joined #salt
00:17 gzcwnk I am trying to run a semanage command in a state file and failing, how am I meant to do this please?  http://pastebin.com/dY2GGSLm
00:18 iggy is there any reason I couldn't/shouldn't use subprocess/popen in a module?
00:20 iggy also the multiprocessing module
00:21 rallytime joined #salt
00:22 _2_Lima134 left #salt
00:27 kballou joined #salt
00:28 conan_the_destro joined #salt
00:31 gzcwnk anyone know how to run a commnd in a state file?
00:31 ajprog_laptop1 joined #salt
00:38 gzcwnk n/ google is my friend, everntually.
00:40 dimeshake cmd.run? :)
00:43 rushmore anyone having trouble with the mysql or other db returners ?
00:44 active8 joined #salt
00:44 rushmore seems like it should be pretty straight forward from the docs yet I'm consistently getting return failures
00:45 rushmore ie: https://gist.github.com/colinreidbrown/cd65c64f792e6519c3dd
00:46 gzcwnk yeah got taht bit, its telling it what to run
00:47 gzcwnk do that with  -name :
00:47 gzcwnk not very obvious
00:53 mechanicalduck joined #salt
00:54 aquinas joined #salt
00:58 rallytime joined #salt
01:06 darrend joined #salt
01:11 quickdry21__ joined #salt
01:12 oz_akan joined #salt
01:14 mgw joined #salt
01:16 TyrfingMjolnir joined #salt
01:23 sectionme joined #salt
01:28 pjs is the branch 2014.1 kept current? ie, is it up to date with 2014.1.7?
01:29 rawzone joined #salt
01:30 pjs I'm using "-D -F -c /tmp git 2014.1.7" with bootstrap script and getting "error: pathspec '2014.1.7' did not match any file(s) known to git." .. this is on FreeBSD 10
01:32 RandalSchwartz ... http://docs.saltstack.com/en/latest/topics/releases/2014.1.7.html
01:33 RandalSchwartz weird.  still claims 2014.1.5 is the "real" release
01:33 pjs Yea, I saw that..
01:33 pjs that needs to be updated
01:38 pjs ahhh.. tag is v2014.1.7... drr
01:49 ilbot3 joined #salt
01:49 Topic for #salt is now Welcome to #salt | 2014.1.5 is the latest | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
02:09 rushmore left #salt
02:10 n8n joined #salt
02:11 n8n joined #salt
02:13 n8n joined #salt
02:14 n8n joined #salt
02:15 n8n joined #salt
02:17 n8n joined #salt
02:18 n8n joined #salt
02:19 n8n joined #salt
02:20 n8n joined #salt
02:21 Andrevan joined #salt
02:21 n8n joined #salt
02:22 n8n joined #salt
02:23 Taiki joined #salt
02:24 sectionme joined #salt
02:24 n8n joined #salt
02:25 mgw joined #salt
02:26 n8n joined #salt
02:27 n8n joined #salt
02:28 n8n joined #salt
02:29 n8n joined #salt
02:30 n8n joined #salt
02:32 talwai joined #salt
02:32 sdebot joined #salt
02:32 n8n joined #salt
02:32 talwai Do branches relate to environments for ext_pillar: git remotes the same way they do for gitfs_remotes?
02:34 talwai As in if I make separate branches for different environments and each branch has the same directory structure, will a minion in the 'dev' environment say be able to intelligently pull pillars from the 'dev' branch of my ext_pillar?
02:34 n8n joined #salt
02:35 n8n joined #salt
02:37 n8n joined #salt
02:39 n8n joined #salt
02:39 manfred talwai: they should
02:40 n8n joined #salt
02:42 n8n joined #salt
02:43 KyleG joined #salt
02:43 KyleG joined #salt
02:43 ndrei joined #salt
02:43 n8n joined #salt
02:44 n8n joined #salt
02:45 yomilk joined #salt
02:45 n8n joined #salt
02:45 yomilk joined #salt
02:45 arthabaska joined #salt
02:46 n8n joined #salt
02:47 n8n joined #salt
02:59 ramishra joined #salt
03:22 pdayton joined #salt
03:25 sectionme joined #salt
03:30 pdayton joined #salt
03:33 quickdry21__ joined #salt
03:44 pdayton joined #salt
03:44 garthk joined #salt
03:59 tkharju3 joined #salt
03:59 ml_1 joined #salt
04:00 anuvrat joined #salt
04:07 kachi8 joined #salt
04:11 tkharju4 joined #salt
04:15 rawzone joined #salt
04:25 sectionme joined #salt
04:36 acabrera joined #salt
04:44 ramishra_ joined #salt
04:45 TyrfingMjolnir joined #salt
04:52 ramteid joined #salt
04:53 felskrone joined #salt
05:00 m1crofarmer joined #salt
05:10 Ryan_Lane joined #salt
05:15 badon joined #salt
05:25 bhosmer joined #salt
05:26 sectionme joined #salt
05:28 badon_ joined #salt
05:38 Barrin6 joined #salt
05:49 hardwire joined #salt
05:56 Ryan_Lane joined #salt
06:10 picker joined #salt
06:12 krow joined #salt
06:16 CeBe joined #salt
06:21 oz_akan joined #salt
06:22 badon_ joined #salt
06:27 wpot joined #salt
06:27 sectionme joined #salt
06:41 Ryan_Lane joined #salt
06:46 aquinas joined #salt
06:46 chiui joined #salt
06:48 Kenzor joined #salt
06:53 anuvrat joined #salt
06:57 krow joined #salt
07:00 ndrei joined #salt
07:04 ml_1 joined #salt
07:07 xzarth joined #salt
07:11 felskrone joined #salt
07:13 alanpearce joined #salt
07:21 wonhunawks joined #salt
07:22 oz_akan joined #salt
07:23 ndrei joined #salt
07:23 jhauser joined #salt
07:26 matthiaswahl joined #salt
07:27 matthias_ joined #salt
07:28 sectionme joined #salt
07:30 giannello joined #salt
07:30 matthia__ joined #salt
07:34 Nexpro1 joined #salt
07:37 cDR_ joined #salt
07:38 babilen joined #salt
07:44 linjan joined #salt
07:45 Damoun joined #salt
07:49 laubosslink joined #salt
07:53 babilen joined #salt
07:53 babilen joined #salt
07:56 oz_akan joined #salt
08:03 yomilk joined #salt
08:03 darkelda joined #salt
08:03 darkelda joined #salt
08:07 sectionme joined #salt
08:17 martoss joined #salt
08:19 martoss1 joined #salt
08:29 scalability-junk joined #salt
08:35 TheThing|24-7 joined #salt
08:39 TheThing|24-7 joined #salt
08:39 yomilk joined #salt
08:43 Damoun joined #salt
08:56 chiui joined #salt
08:57 oz_akan joined #salt
09:09 elfixit joined #salt
09:10 giantlock joined #salt
09:16 yomilk joined #salt
09:18 LordOfLA|Broken joined #salt
09:20 TyrfingMjolnir joined #salt
09:23 synical joined #salt
09:23 synical joined #salt
09:25 poogles joined #salt
09:26 stephanbuys joined #salt
09:32 Micromus_ joined #salt
09:35 Micromus_ I'm wondering what is the right way to organize my managed config in a mixed environment, I'm having centos, suse and debian 6+7 boxes
09:35 Micromus_ I'm starting off with getting openssh managed, but for each distro the configs differ, so is the "right" way to have say a common/debian7/openssh state, and so on?
09:36 mosen joined #salt
09:45 TheThing|24-7 joined #salt
09:45 dzen you could have a templated state that says the template configuration filename depends on the distro name + version ?
09:45 dzen http://docs.saltstack.com/en/latest/topics/tutorials/states_pt3.html
09:45 dzen or this
09:46 dzen it should help you
09:58 oz_akan joined #salt
09:58 GnuLxUsr_ joined #salt
09:59 Micromus_ dzen: yes, could probably easily do if debian: use common/openssh/debian7/sshd.conf and so on
09:59 Micromus_ and if nececarry, get some common variables from pillars (?)
10:00 dzen or file:///your/path/{{ grains['os'] }}/sshd.conf
10:00 dzen :p
10:05 tkharju joined #salt
10:07 workingcats joined #salt
10:17 torrancew joined #salt
10:21 TheThing|24-7 joined #salt
10:28 yomilk joined #salt
10:28 Lomithrani joined #salt
10:47 bhosmer joined #salt
10:47 giannello_ joined #salt
10:47 mike25de left #salt
10:49 bhosmer_ joined #salt
10:54 bhosmer joined #salt
10:55 pdayton joined #salt
10:57 babilen joined #salt
10:58 oz_akan joined #salt
10:58 t0rrant joined #salt
11:03 Kenzor joined #salt
11:04 giantlock joined #salt
11:07 krow joined #salt
11:10 aubsticle_ joined #salt
11:12 krow joined #salt
11:12 ajprog_laptop1 joined #salt
11:14 Micromus_ dzen: just wondering what is the best practice, there are probably 10000 ways of doing it, but some are probably better than others
11:14 Micromus_ what do other people do :)
11:15 dzen Micromus_: having 2000 ifs are not a good choice, imho
11:15 TheThing|24-7 joined #salt
11:17 mosen can you have a pillar for the source location?
11:17 martoss1 left #salt
11:18 ndrei joined #salt
11:19 Micromus_ dzen: agreed, i like your grains['os'] var directly in the file path, makes for easy changes and future expansion
11:19 Micromus_ assuming i will get notified if that file does not exist if it's missing
11:20 rawzone joined #salt
11:22 TyrfingMjolnir joined #salt
11:22 Kenzor joined #salt
11:23 Kenzor_ joined #salt
11:23 rallytime joined #salt
11:26 toastedpenguin joined #salt
11:26 yomilk joined #salt
11:27 rawzone joined #salt
11:27 Andy-ds1 joined #salt
11:27 viq I believe salt run will error out in that case
11:28 viq Also, you can give a list of sources, and they will be searched in the order listed, and first match will be applied
11:28 ggoZ joined #salt
11:32 vbabiy joined #salt
11:34 aubsticle__ joined #salt
11:38 Andy-ds1 HI. Can I check if a service is running, if the "service psad status" is not returning "*  psad is running ".  Plase have a look at the screeshot http://imgur.com/FoIq89L
11:38 diegows joined #salt
11:40 ajprog_laptop1 joined #salt
11:45 bhosmer_ joined #salt
11:46 logix812 joined #salt
11:47 hobakill joined #salt
11:49 CeBe joined #salt
11:50 claytron joined #salt
11:54 giannello_ Andy-ds1, the service check is based on the return code of "service XXXX status", not on the output
11:54 giannello_ just execute "service psad status" then "echo $?" to see the return code
12:03 zooz joined #salt
12:03 jas-_ joined #salt
12:11 matthew-parlette joined #salt
12:13 Andy-ds1_ joined #salt
12:13 Andy-ds1_ thanks giannello_  already did that. The code is "1"  (dead) for psad and "0" for others. However, I think that this happens because psad is waking up every 5 minute to read the logs and update the firewall.
12:16 baoboa joined #salt
12:16 robertkeizer joined #salt
12:19 che-arne joined #salt
12:19 giannello_ if it runs as a service, it should have at least a "helper" process...weird
12:19 giannello_ anyway, I have the same problem with tinyproxy - it's always considered "stopped"
12:21 oz_akan joined #salt
12:24 TheThing|24-7 joined #salt
12:26 bhosmer joined #salt
12:27 ramishra joined #salt
12:29 alanpearce joined #salt
12:34 alanpear_ joined #salt
12:35 ndrei joined #salt
12:38 alanpearce joined #salt
12:38 luminous hello! to anyone familiar with external pillars.. I have a build process which uses reclass as an ext_pillar. While running the initial steps of the build process, reclass is noted as unavailable. After a highstate it is seen as available
12:39 luminous so I have been applying some of the base state.sls that would run in highstate, but this seems to do nothing
12:39 luminous ...ext_pillar is still unavailable
12:39 luminous is there anything else that state.highstate does, maybe that state.sls does not, which would lead to this behaviour where the ext_pillar is not made available?
12:40 alanpearce joined #salt
12:42 bhosmer joined #salt
12:42 hopthrisC is there some kind of chroot integration anywhere in salt?
12:43 hopthrisC (or planned)
12:44 babilen luminous: Does running saltutil.refresh_pillar *or* saltutil.sync_all fix the issue like highstate does?
12:44 viq hopthrisC: in what sense?
12:44 babilen (cf. http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.saltutil.html )
12:44 luminous babilen: I can certainly try
12:45 jslatts joined #salt
12:46 hopthrisC viq: i don't know, like an option to cmd.run
12:47 hopthrisC i've searched the docs, but me not finding anything doesn't mean much...
12:49 luminous babilen: nope :(
12:58 bhosmer joined #salt
13:12 TheThing|24-7 joined #salt
13:14 diegows joined #salt
13:14 mpanetta joined #salt
13:15 racooper joined #salt
13:15 FeatherKing joined #salt
13:18 tinuva is salt supported on CentOS 7 yet? According to the docs I only see RHEL5/6 ect supported
13:18 entry joined #salt
13:19 ajprog_laptop1 joined #salt
13:26 entry left #salt
13:26 fishb joined #salt
13:31 dude051 joined #salt
13:32 vejdmn joined #salt
13:35 jaimed joined #salt
13:36 eliasp Micromus_: in a mixed environment, you might also want to use http://docs.saltstack.com/en/latest/ref/states/all/salt.states.augeas.html to just set specifc config values instead of always supplying a full config template…
13:37 babilen luminous: Not sure what else it might be then, sorry
13:38 oz_akan joined #salt
13:38 picker joined #salt
13:41 aquinas joined #salt
13:43 diegows joined #salt
13:44 racooper tinuva,  EPEL 7 beta has salt 2014.1.7. https://fedoraproject.org/wiki/EPEL/epel7beta-faq
13:49 blarghmatey joined #salt
13:50 elfixit1 joined #salt
13:59 luminous babilen: yea, I'm rackin' my  head on this one
13:59 luminous it's kept me at bay for a while now, on and off, but I'm determined to figure it out this time around
14:03 dude^2 joined #salt
14:05 blarghmatey joined #salt
14:07 Ahlee_ Seeing some oddness in grains.setval: https://gist.github.com/jalons/da2012e9051de28a6ecd
14:09 smcquay joined #salt
14:10 jeremyBass joined #salt
14:10 RandalSchwartz left #salt
14:10 hobakill eliasp, got my windows repo thing figured out. thanks for all the help yesterday.
14:10 eliasp hobakill: awesome! have fun with it
14:10 masterkorp Hello
14:11 hobakill eliasp, next task is trying to figure out how to do pkg.installed in states. wheee!
14:11 ajprog_laptop1 joined #salt
14:13 luminous hobakill: YAY!
14:17 maboum_ HI, with salt-cloud, I want to specify my private ip in the map file so it override the profile file info. Is that possible?
14:18 Ahlee_ so it appears grains.setval doesn't allow the letter h
14:19 Ahlee_ well, more accurately, if you specify h, h is the only value that comes through
14:19 masterkorp on jinja maps, how can i make lists ?
14:20 masterkorp http://pastie.org/private/gmulfy7js0dsendyhlto6a
14:20 masterkorp i want something like this
14:20 masterkorp and that gives me
14:20 masterkorp Rendering SLS "base:sensu" failed: Jinja syntax error: expected token ':', got ',
14:20 masterkorp how can i make lists ?
14:24 luminous masterkorp: {%- set foo = ['bar', 'baz', 'qux'] %} ?
14:24 masterkorp http://pastie.org/private/pjsqkeokj7y3w3ofgfryiq
14:24 masterkorp ok, this works
14:25 masterkorp luminous: just figured it out, its the standard array convention, thank you sir
14:25 luminous :)
14:25 luminous masterkorp: jinja.pocoo.org has more
14:25 luminous goodluck!
14:25 hobakill luminous, YAY! is right  - i was about to force our devs off of .NET cuz i couldn't figure this stupid thing out. :) really appreciate all the support from the room.
14:27 racooper forcing devs off of .Net is a positive step in any situation.
14:27 ipmb joined #salt
14:27 hobakill racooper, no joke.
14:28 ramishra joined #salt
14:29 luminous HAH
14:30 luminous hobakill: keep at it, you will love this stuff even more, and it'll make your life worthwhile again in ways that might not (yet) make sense
14:30 luminous :P
14:30 matthiaswahl joined #salt
14:34 dude051 joined #salt
14:36 kermit joined #salt
14:39 gamedna joined #salt
14:39 nmistry joined #salt
14:39 pclermont joined #salt
14:42 pclermont Hi, using salt 2014.1.4, I have a cmd that uses the “creates” ( http://pastebin.com/qxD4U7MW ). but this is never respected, the command is runned every time I salt-call state.highstate.
14:44 alanpearce joined #salt
14:46 pclermont if there is another aproach, then please share.
14:46 ccase joined #salt
14:47 notbmatt joined #salt
14:47 jalbretsen joined #salt
14:47 eliasp pclermont: "creates" is not supported in 2014.1, it will be supported in the upcoming release
14:48 berto- joined #salt
14:48 pclermont eliasp: thanks, I saw the helium notice, since I am new, I thought it refered to a previous version. Thanks
14:48 eliasp pclermont: you could either deploy the cmd state from 'develop' using http://docs.saltstack.com/en/latest/ref/file_server/dynamic-modules.html or use something like "- unless: test -e /your/file/path"
14:49 mechanicalduck joined #salt
14:49 kballou joined #salt
14:52 pclermont eliasp: nice link, I will read more on that subject.
14:52 eliasp pclermont: when using dynamic module distribution to deploy newer versions of modules/states/etc., you should always be aware that there might be incompatibilities/breakage/etc, so give it thorough testing if you do this
14:59 conan_the_destro joined #salt
15:01 rushm0r3 joined #salt
15:01 thedodd joined #salt
15:03 rallytime joined #salt
15:12 davet joined #salt
15:12 Eureka_ joined #salt
15:13 alff joined #salt
15:13 alff hi everyone
15:13 davet1 joined #salt
15:14 aquinas joined #salt
15:14 vejdmn joined #salt
15:15 jcsp joined #salt
15:16 rushmore joined #salt
15:17 alff i think i wouldn’t unique here with my question but i’ll try) Do i have any chance dinamicaly change some data of minion in grain or pillar while highstate is running?
15:19 scoates any of you have any tricks to get your syntax checkers to stop complaining that the dunder dicts aren't defined?
15:20 eliasp scoates: [19:24:33] <Ryan_Lane> eliasp: export PYFLAKES_BUILTINS="__salt__,__opts__,__grains__,__pillars__"
15:20 davet joined #salt
15:20 TheThing|24-7 lol
15:20 vejdmn1 joined #salt
15:21 eliasp … to lazy to clean this copy'n'paste up… ;)
15:22 gq45uaethdj26jw6 joined #salt
15:23 torres joined #salt
15:23 gq45uaethdj26jw6 so, I managed to fill up the disk on my master, and have accumulated about 2 gigs of cache data in /var/cache/salt/master/jobs, can I safely delete the contents of that directory?
15:23 scoates elfixit: thanks. was hoping for a more generalized case. I'm using Sublime Text + the python syntaxy stuff there.
15:24 scoates oops sorry elfixit; I meant eliasp
15:24 vejdmn joined #salt
15:29 Eureka_ gq45uaethdj26jw6: I think you are looking for "salt-run cache.clear_all" (ran on master)
15:33 penguin_dan joined #salt
15:34 gq45uaethdj26jw6 Eureka_: I don't think that clears the job cache on the master
15:36 ramishra joined #salt
15:36 gq45uaethdj26jw6 the issue actually seems to be that my FS is literally out of inodes...
15:36 xet7 joined #salt
15:36 pdayton joined #salt
15:37 salticus joined #salt
15:38 Eureka_ gq45uaethdj26jw6: Ouch! you are hitting the "too many files open" issue. This should help you possibly. https://confluence.atlassian.com/display/CONF26/Fix+'Too+many+open+files'+error+on+Linux+by+increasing+filehandles
15:40 kachi8 joined #salt
15:42 gq45uaethdj26jw6 Eureka_: don't think its an issue with open files, lsof says 526 descriptors open, /proc/sys/fs/file-max says I have 377595 available. It's an FS issue. df -i returns "-              524288 524288     0  100% /", and they are all being used in /var/cache/salt/master/jobs. I just don't know if I'm gonna bork the system by clearing that directory out.
15:42 cofeineSunshine joined #salt
15:42 cofeineSunshine joined #salt
15:44 gq45uaethdj26jw6 presumably it's safe to delete a cache directory, but I have a lot of minions up, and was hoping to get some verification first....
15:45 TheFlipside joined #salt
15:49 Eureka_ gq45uaethdj26jw6: Not sure =/ ive not ran into that issue yet and didnt find anything immediately that would say yes or no.
15:49 gq45uaethdj26jw6 no worries, thanks for the help
15:49 kaptk2 joined #salt
15:50 tligda joined #salt
15:52 vu joined #salt
15:54 m1crofarmer joined #salt
15:55 rushmore is there a reason why a mysql returner would always fail with "too many values to unpack" error ?
15:56 ekristen joined #salt
15:57 wendall911 joined #salt
15:57 gq45uaethdj26jw6 Eureka_: that seemed to work
15:57 vu joined #salt
15:58 Eureka_ gq45uaethdj26jw6: Thanks for letting me know ;) now i wont be paranoid if i run into that too ;)
16:01 dstokes morning guys :)
16:02 Eureka_ g-morning
16:02 vejdmn joined #salt
16:03 vu_ joined #salt
16:07 KyleG joined #salt
16:07 KyleG joined #salt
16:08 vejdmn joined #salt
16:09 vu joined #salt
16:10 luminous what is in the salt minion's cache?
16:11 luminous eg, if you use saltutil.clear_cache to empty the minion's cache.. what is the result?
16:15 dstokes is there any way to configure salt-master to run something when a minion fails, via the reactor system or something similar? musing about automated rollbacks when deployments fail
16:16 rojem joined #salt
16:16 Theo-SLC joined #salt
16:16 rushmore dstokes: i believe so, we were discussing that in the user group here last week
16:17 rushmore *here as in the user group in my city, not in this chatroom.
16:17 dstokes i don't see anything in the default events triggered by salt, and there are several fail points in deploy, so checking every state and triggering an error event from the minion seems impractical..
16:17 Theo-SLC I'm putting together a state file to configure mongo.  I'm getting stuck on setting the initial user and password for the database.  It requires starting mongo with auth off, setting the password, and then restarting mongo with auth on.  I don't know if salt can do that.  Perhaps there is an easier method?
16:17 dstokes rushmore: did you guys come up with anything?
16:18 rushmore it had something to do with transactional state files
16:18 dstokes Theo-SLC: salt can do that http://docs.saltstack.com/en/latest/ref/states/all/salt.states.service.html
16:19 dstokes rushmore: hmm.. sounds cryptic ;)
16:19 rushmore lol. i don't remember exactly because we didn't dive into it but someone was actually doing it in production.
16:20 kivihtin joined #salt
16:20 steve___ joined #salt
16:22 eliasp transactional states would be awesome, but I doubt that's something which is easy to implement
16:23 dstokes the best i can come up with atm is run deploy, check exit code and run rollback if exit !== 0
16:24 bhosmer joined #salt
16:26 Theo-SLC dstokes: thanks.  I think i'll need to it this way.  1, perform a cmd to test the mongo user/pass in pillar 2.  If test fails perform watch to stop service 3.  when service stops perform watch to set password against pillar. 4.  when previous command runs perform watch to start mongo service.
16:26 Theo-SLC I hope I'm not doing this the hard way. :)
16:27 TheThing|24-7 joined #salt
16:27 luminous eliasp: I've been thinking about the same
16:27 luminous where state over time is stored in persistence layer, and used to guide the future
16:27 luminous state == system state
16:27 dstokes Theo-SLC: haven't done too much mongo dev. are creds defined in a file or added via cli?
16:28 Theo-SLC dstokes: they will be defined in a pillar and then propagated to the database and application settings.
16:29 dstokes i meant outside of salt, i.e. `mongo add-creds u p` or `echo "u p" > mongo.conf`
16:31 dstokes pretty sure either way you only need two commands: `update config, watch config + restart mongo` or `add creds onlyif test for creds fails, watch add cred state + restart mongo`
16:32 rushmore dstokes: https://github.com/saltstack/salt/pull/6376
16:33 rushmore you could emulate a transaction state by running through test first, if test passes run new state, exit 1, rollback file.restore_backup
16:34 rushmore but im pretty sure there's an easier way
16:36 masterkorp simonmcc: hello
16:37 masterkorp simonmcc: could you update your kitchen-salt to 0.0.19 ? :p
16:38 masterkorp since it its 0.0.19 already on master
16:38 eliasp meh… that's ugly… when having a "broken" include statement (very likely due to import in included file which fails), state.highstate reports the whole state as "No matching sls found for 'mystate' in env 'dev'" … but nothing about the actual problem which lies within the included SLS
16:38 simonmcc masterkorp: sure :)
16:38 masterkorp thanks i am building from your git
16:39 masterkorp love the dependancies addon
16:39 TheThing|24-7 joined #salt
16:39 masterkorp can't wait for the gitshelf support
16:40 simonmcc masterkorp: kitchen-salt-0.0.19.gem was just pushed to ruby gems :)
16:40 masterkorp thank you sirrrr
16:41 simonmcc masterkorp: the dependencies solves a slightly different problem than gitshelf
16:42 masterkorp true, but its a start
16:42 masterkorp also, can i give a relative path ?
16:42 masterkorp like :path => "../myother-formula" ?
16:44 simonmcc I think so, yes
16:45 chrisjones joined #salt
16:47 masterkorp applying the TIAS methodology
16:49 rushm0r3 joined #salt
16:49 joehillen joined #salt
16:50 xet7_ joined #salt
16:51 scoates_ joined #salt
16:54 TheThing|24-7 joined #salt
16:54 che-arne|2 joined #salt
16:56 troyready joined #salt
16:59 chrisjones joined #salt
16:59 vejdmn joined #salt
16:59 codysoyland It seems that Salt Mine data does not propagate up to master-of-master machines in a syndic setup. Is this a bug? I would expect all masters should get all Mine data.
17:00 aubsticle_ joined #salt
17:00 vbabiy_ joined #salt
17:01 catpig joined #salt
17:02 mschiff anybody has configured schedule: via pillar data? salt '*' pillar.item schedule will show data for a specific client, but it will not execute highstate... (version 2014.5.7)
17:04 bhosmer joined #salt
17:05 Ryan_Lane joined #salt
17:06 whytewolf mschiff, I am using pillars to set scheduled highstate updates. https://gist.github.com/whytewolf/d72078fc44e191dee066 (been working since version 2014.1.4)
17:07 dimeshake joined #salt
17:07 kivihtin joined #salt
17:07 mschiff whytewolf: thanks. I have exactly the same with 2 minutes. What does it need to enable the scheduling?
17:07 mschiff I tried a pillar refresh already
17:09 seanz joined #salt
17:09 whytewolf only way i was able to tell it was working is that running a job would sometimes conflict with a job that was already running. couldn't find them in the job list
17:09 kermit joined #salt
17:10 seanz Greetings. I've got a salt state that installs Java and then runs a service that depends on Java. Even though I clearly have the service depend on the Java installation, the Java packages are only checked before the service during the first highstate.
17:10 seanz On subsequent highstates, Java is checked after the service is verified as running.
17:10 seanz That doesn't make sense to me - is there a known reason for this particular behavior?
17:10 forrest joined #salt
17:10 test joined #salt
17:11 seanz So far it hasn't broken the highstate, but it is odd that salt would seemingly selectively honor the dependency chain like that.
17:11 tkharju2 joined #salt
17:12 n8n joined #salt
17:12 mgw joined #salt
17:12 RandalSchwartz joined #salt
17:13 RandalSchwartz the file states seem to be a hodgepodge of options
17:13 RandalSchwartz I'd really like to use file.blockreplace with a source:
17:13 RandalSchwartz but I can't :(
17:13 picker joined #salt
17:14 ajolo joined #salt
17:15 cro left #salt
17:17 aw110f joined #salt
17:18 forrest blockreplace is always so weird to me, why not just manage the whole file?
17:19 mschiff whytewolf: works here too now. There was old salt-minion process hanging around... I had to kill that manually
17:19 yomilk joined #salt
17:19 RandalSchwartz well - I want to ensure a number of known_hosts are inserted.
17:20 RandalSchwartz but I don't want to overwrite the rest of the file
17:20 azylman joined #salt
17:20 RandalSchwartz I did that with file.append, but now I need to add one more, and it's gonna start getting messy.
17:20 eliasp RandalSchwartz: have a loog at augeas: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.augeas.html
17:20 eliasp s/loog/look/g
17:21 tkharju2 joined #salt
17:21 eliasp but hmm ok… for known_hosts this might still be a bit tricky
17:22 RandalSchwartz looking
17:23 RandalSchwartz I bet we don't have that python module
17:24 RandalSchwartz and that looks like it's for /etc/hosts
17:24 RandalSchwartz I'm trying to update ~root/.ssh/known_hosts
17:25 eliasp RandalSchwartz: augeas is agnostic… that's something to abstract config files… see: http://augeas.net/
17:25 RandalSchwartz ahh.  not aware.
17:25 eliasp s/config files/file\/data structures/g
17:25 logix812 joined #salt
17:26 eliasp RandalSchwartz: you can use so-called "lenses" to make Augeas aware of a certain file/config type… e.g. here's a known_hosts lense: https://github.com/hercules-team/augeas/blob/master/lenses/known_hosts.aug
17:26 RandalSchwartz doesn't look like there's a freebsd port of the python binding though
17:26 cpowell joined #salt
17:26 RandalSchwartz just the ruby bindings
17:27 eliasp :(
17:30 vbabiy joined #salt
17:34 conan_the_destro joined #salt
17:35 RandalSchwartz regarding 2014.1.4 vs 7 on freebsd... I see that the latter package is definitely missing about 7 things that have the word "egg-info" in them
17:35 RandalSchwartz now - the question is, is my python broken, or the 2014.1.7 port
17:35 linjan joined #salt
17:36 forrest more like freebsd is broken :P
17:37 dimeshake low blow!
17:37 phx freebsd is never broken!
17:38 agliodbs joined #salt
17:38 jnials joined #salt
17:38 agliodbs is there a way I can check which minions are matched by a current top file?
17:38 agliodbs I want to make sure certain minions are excluded
17:41 seanz left #salt
17:41 racooper you could check your targeting with test=True parameter maybe?
17:43 agliodbs parameter to what command?
17:44 racooper are you trying to run a state?
17:44 TheThing|24-7 joined #salt
17:44 racooper salt <target> state.highstate test=True
17:44 agliodbs racooper: thank you!
17:44 tkharju3 joined #salt
17:45 racooper I'm sure there's an easier way but that's what I can come up with off the top my head.
17:45 saurabhs joined #salt
17:45 agliodbs that's easy
17:45 dur joined #salt
17:45 agliodbs now I have to figure out why my E match doesn't match
17:45 racooper good luck. back later.
17:47 Thiggy joined #salt
17:48 ndrei joined #salt
17:49 Thiggy One of my environments is taking a really long time to run test.ping when I target minions by grain. manage.down doesn't report any down minions. https://gist.github.com/jthigpen/7593c9de480e962c3025
17:49 Thiggy any idea where I should start looking to debug?
17:50 kermit joined #salt
17:51 Thiggy targeting based on minion name ( web\* ) the same test.ping returns in ~.5s
17:51 dimeshake Thiggy: run salt-minion in the foreground on one of the troublesome minions and see what it's doing when you call it
17:52 Thiggy It seems less like the minions taking a long time to run and more like the saltmaster waiting for something else that never returns. I'll do that though.
17:52 dimeshake you can do the same on the master, though
17:52 Thiggy My first thought was a key for a minion that no longer existed.
17:52 dimeshake to test as well
17:52 Thiggy Oh that's a good idea. Lemme try that.
17:54 agliodbs overstate.sls is supposed to support regex matches, no?
17:54 TheThing|24-7 joined #salt
17:54 n8n joined #salt
17:55 ndrei joined #salt
17:55 wendall911 joined #salt
17:55 arthabaska joined #salt
17:59 joshpaul joined #salt
17:59 laubosslink joined #salt
18:01 agliodbs shouldn't overstate.sls and top.sls match minion ids by default?
18:01 jnials joined #salt
18:02 n8n joined #salt
18:02 giannello joined #salt
18:03 Thiggy @dimeshake I don't see anything bizarre in the output. The minions return quickly and it displays the output almost immediately, then it just hangs for N seconds, and then exits.
18:03 dimeshake interesting. did you run it with -l debug as well?
18:03 rojem joined #salt
18:03 Thiggy My other salt environment which is almost identical runs the same command in .5s
18:04 Thiggy I ran it with -l trace
18:04 Thiggy https://gist.github.com/jthigpen/7593c9de480e962c3025 <-- I updated that with the saltmaster output
18:04 Thiggy Sorry meant to link that
18:05 Theo-SLC dstokes: I was wasting time.  I just found http://docs.saltstack.com/en/latest/ref/states/all/salt.states.mongodb_user.html
18:05 dstokes Theo-SLC: nice!
18:05 dimeshake Thiggy: may still be worth trying one of the minions in the foreground with debug/trace a swell
18:05 Thiggy on it
18:07 jnials_laptop joined #salt
18:07 chrisjones joined #salt
18:07 taterbase joined #salt
18:09 UtahDave joined #salt
18:11 azylman_ joined #salt
18:13 agliodbs so I ahve a top.sls file which works perfectly in the test environment, but when we try it in production, it doesn't match anything.
18:13 agliodbs the stuff in top.sls is suppsoed to match the minion ids by default, correct?
18:15 UtahDave agliodbs: yep!
18:15 victorpoluceno_ joined #salt
18:15 agliodbs is there some way to interrogate the salt master to ask it where it thinks top.sls is located?  I suspect that it's using the wrong top.sls
18:15 Thiggy @dimeshake ok wacky, it appears somehow I got 2 salt-minion processes running at once on a minion, and it was waiting for the second one to respond or something weird like that.
18:17 dimeshake theeeere we go. wacky indeed
18:18 UtahDave agliodbs: look at your   'file_roots'  option in your master config
18:19 agliodbs that's set correctly, but clearly it's not working
18:19 aboe joined #salt
18:19 agliodbs which is why I want to interrogate the salt-master
18:19 UtahDave agliodbs: did you restart the salt-master after making the change?
18:19 jnials joined #salt
18:19 UtahDave agliodbs: try   salt 'minion-id' state.show_top
18:19 TheThing|24-7 joined #salt
18:20 agliodbs UtahDave: yes, we did
18:20 talwai joined #salt
18:20 rojem joined #salt
18:21 agliodbs zilch
18:21 druonysus joined #salt
18:21 druonysus joined #salt
18:23 agliodbs in the test environment, it returns the list of modulce
18:23 agliodbs modules
18:24 TheThing joined #salt
18:24 TheThing joined #salt
18:25 agliodbs is there some dependency which would cause regex matching to silently fail?
18:25 schimmy joined #salt
18:25 UtahDave I don't think so
18:26 TheThing joined #salt
18:26 UtahDave agliodbs: can you pastebin your top.sls?  (sanitized)
18:26 thedodd joined #salt
18:26 ckao joined #salt
18:27 UtahDave laubosslink: what version of salt are you on?
18:28 agliodbs UtahDave: http://salt.privatepaste.com/3da62b034b
18:29 poogles joined #salt
18:30 agliodbs UtahDave: on some testing, this seems to be an issue with pcre syntax.
18:31 agliodbs UtahDave: those regexes work when I test them in python though
18:31 UtahDave agliodbs: can you provide me an example of a minion name that works in your test environment and one from your production environment that doesn't?
18:32 agliodbs uatdb01a
18:33 UtahDave laubosslink: can you pastebin the scheduler section of your master config?
18:33 nmistry_ joined #salt
18:35 agliodbs UtahDave: both test and prod are salt 2014.1.4
18:37 UtahDave laubosslink: is it possible to use jinja in the master config?  I've never seen that before.
18:38 UtahDave laubosslink: so looking at the docs here: http://docs.saltstack.com/en/latest/topics/jobs/schedule.html    I think you need to put saltenv  in kwargs.   like the   test: True option in a couple of the examples
18:41 UtahDave laubosslink: try something like this:  http://pastebin.com/dymj8HLf
18:43 teskew joined #salt
18:43 superted666 joined #salt
18:45 UtahDave laubosslink: yeah, you're right. that should be it
18:46 UtahDave you can pass in multiple arguments.
18:46 UtahDave plus  "args"  and "kwargs" are pythonisms
18:47 n8n joined #salt
18:47 UtahDave laubosslink: if you'd like to submit a pr to explain that better in the docs, that would be great.
18:48 eliasp any idea why this happens? http://pastebin.kde.org/pwldhbpuv … it fails to import from 'map.jinja' which is located in the same directory as the SLS which has the import statement in it…
18:48 eliasp laubosslink: a "Pull-Request" on GitHub to contribute improvements/bugfixes
18:48 anuvrat joined #salt
18:49 eliasp laubosslink: https://help.github.com/articles/using-pull-requests
18:49 otter768 joined #salt
18:49 UtahDave laubosslink: I'm sorry.  PR is short for "pull request"
18:49 RandalSchwartz interesting - the 2014.1.4 fbsd package has eggs, but not the 2014.1.5 (built by them) nor the 2014.1.7 package (built by me)
18:51 UtahDave eliasp: I'm not sure on that.  whiteinge, does anything there look obvious to you?
18:52 * eliasp goes to explore the source whether the Jinja renderer possibly needs to get some options passed to it where to look for imports…
18:53 forrest eliasp, try {% from "samba/map.jinja" import samba with context %}
18:53 eliasp forrest: that was the default but didn't work as well…
18:53 madphoenix joined #salt
18:53 Kenzor joined #salt
18:53 forrest did you get the same error?
18:53 madphoenix Hi all.  Is there an easy way to check from the minion's side whether it's key has been accepted by the master?
18:54 madphoenix programmatically, that is
18:54 eliasp forrest: yes, exactly the same error (just with the varying path)
18:54 forrest eliasp, can you please pastebin your map file then
18:54 eliasp forrest: it's just this one: https://github.com/saltstack-formulas/samba-formula/blob/master/samba/map.jinja
18:54 forrest eliasp, or are you using the pre-made formula?
18:54 forrest awesome
18:55 eliasp I placed it in the 'formulas' sub-directory of my gitfs states repo
18:55 eliasp just cloned the samba-formula to it and dropped the .git directory
18:55 forrest then did you already try {% from "formulas/samba/map.jinja" import samba with context %} ?
18:55 eliasp forrest: I think I already did… will retry
18:55 forrest ok
18:56 john5223 joined #salt
18:58 eliasp same with samba/samba/map.jinja (see my git repo filestructure: http://pastebin.kde.org/pppda5hup)
18:58 eliasp it's included in departmentserver.sls
18:58 eliasp trying now with a prefixed formula
19:00 eliasp the result with "formulas/samba/samba/map.jinja" is now simply "Data failed to compile:\nNo matching sls found for 'departmentserver' in env 'base'" ;-/
19:00 eliasp so it looks like the import path is only accepted when absolute, but then it fails now for some other reason which is not properly handled…
19:01 forrest eliasp, can you try to just run the samba formula and not your departmentserver and see if it works then?
19:01 forrest I don't have time right now to spin up a vm to play with it unfortunately
19:02 eliasp hmm, not much better… "salt MN1221-S0002 state.sls formulas.samba.samba.config test=True" → "No matching sls found for 'formulas.samba.samba.config' in env 'base'"
19:02 allanparsons joined #salt
19:03 eliasp "salt MN1221-S0002 cp.list_states | grep samba" → http://pastebin.kde.org/pihqveokb
19:04 eliasp I feel like "No matching sls found for 'formulas.samba.samba.config' in env 'base'" might also be returned in case a SLS is invalid
19:04 dude051 joined #salt
19:04 forrest can you try fixing the directory structure so there is only one samba directory just to test it?
19:05 eliasp yep, will try that to see if it changes something
19:08 kaptk2 joined #salt
19:10 eliasp hmm: http://pastebin.kde.org/pljwwx9ze
19:10 eliasp this gets more and more weird
19:10 eliasp ;)
19:10 joehillen joined #salt
19:10 forrest you created an env just for samba now?
19:12 eliasp git branch to keep the experiments out of my regular states…
19:12 eliasp as long as I just use state.sls that should be just fine without any further things like adding it to top.sls etc.
19:13 eliasp meh… will do it temporarily in my 'base' environment to isolate this issue
19:15 eliasp ok… bug in state.sls … something I might have to investigate too
19:15 eliasp having it in my base environment and only 1 samba directory in the root of my GitFS repo it looks good
19:16 eliasp but that's not what I want in the end, as I want to be able to address the formulas as formulas.fooo to keep them out of my toplevel namespace
19:16 eliasp so I'll have to see whether I can find the issue within renderers/jinja.py
19:20 skullone joined #salt
19:20 skullone does Salt have a concept similar to $environments in Puppet, where a node can be classed as dev, qa, prod etc, and pull modules from a specific directory?
19:21 allanparsons @skullone you can use gitfs
19:21 allanparsons and pull from a branch
19:21 allanparsons so just make a dev branch, a prod branch, etc.
19:21 UtahDave skullone: yeah, the top.sls file provides that mapping
19:22 eliasp skullone: http://docs.saltstack.com/en/latest/ref/states/top.html and http://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html
19:23 skullone ah, i missed the states/top documentation
19:23 skullone thats exactly what im looking for, thank you :)
19:23 eliasp skullone: if you decide to use GitFS, I'd recommend you to keep your top.sls in a separate repository which just provides the top.sls and nothing else…
19:24 eliasp skullone: this makes things way easier, as top.sls will be merged from all environments before it is evaluated
19:24 allanparsons +1 for eliasp
19:24 eliasp skullone: so this means you'd have to keep your top.sls consistent across all your branches which gets quickly rather messy
19:25 allanparsons me and @dstokes spent an afternoon troubleshooting that one.
19:25 eliasp by keeping it separate, you just have in your top.sls git repository a single branch/environment and that's it
19:25 eliasp allanparsons: had a hard time back then when I started using GitFS to understand what's the actual issue… I should probably file a PR to place this in the docs where appropriate
19:26 allanparsons i can too
19:26 eliasp allanparsons: that'd be great… don't have much time right now
19:26 skullone we run puppet right now, and running into many bugs with multiple environments
19:26 skullone heavily leaning towards salt at this point
19:26 skullone and i dislike the ruby'isms in puppet
19:26 allanparsons oh god
19:26 allanparsons i spent like 10 days on puppet
19:26 allanparsons and ripped it out
19:26 allanparsons for salt
19:26 eliasp skullone: coming from Puppet as well… spend 6 months with Puppet when I found out about SaltStack… after playing with it for ~1.5 months I scrapped all my Puppet efforts
19:26 allanparsons and the never looked back
19:27 skullone doing simple shit, like concating to a file from multiple strings in puppet.. is ... awful
19:27 felskrone joined #salt
19:27 skullone simple things like appending autofs entries took me a wek to get right
19:28 skullone FU puppet DSL
19:29 skullone our puppet support bill jumped to $40k also.. peh
19:29 eliasp ugh
19:29 allanparsons any time i see a "pricing" nav button on open source software, i close the browser
19:30 eliasp I don't think it's wrong to sell services next to a FLOSS project… I think it's wrong to redirect the Community to the commercial pages first…
19:30 eliasp if both just co-exist… perfect
19:30 skullone yah, even as a customer, i can't even download updates from Puppet's site without going through their sales pitch
19:30 DammitJim joined #salt
19:30 eliasp if FLOSS-Users/the community is constantly nagged to "buy services" … that's rather unattractive to me
19:31 DammitJim anyone from the salt team would like to come to FOSSCON?
19:31 DammitJim we would love to have you here in Orlando
19:31 UtahDave DammitJim: I bet we would!
19:31 DammitJim I think Chef and Puppet are giving talks
19:31 DammitJim I just found that out
19:31 eliasp don't leave the field to them! ;)
19:32 DammitJim apparently someone @ salt was contacted 3 times this year with no answer
19:32 forrest is it air conditioned DammitJim ?
19:32 DammitJim totally
19:32 DammitJim it's HOT and HUMID here now
19:32 forrest yea
19:32 DammitJim and I'm about to implement salt instead of Chef or Puppet and I was very disappointed that you guys aren't even going to have a booth
19:32 DammitJim who can I talk to to get this set up?
19:33 forrest DammitJim, I'll run the booth for those slackers, cardboard sign that says 'salty'
19:33 Corey DammitJim: Uh... FOSSCON is in Philly. :-)
19:33 DammitJim LOL
19:33 DammitJim Corey, you are right
19:33 DammitJim this is FOSSETCON
19:33 DammitJim ugh
19:33 Corey DammitJim: Glad to hear it, given that there's a very good chance I'll be giving the FOSSCON keynote.
19:34 DammitJim whoa!
19:34 DammitJim good luck, Corey when is FOSSCON?
19:34 forrest Corey, note to self, avoid fosscon keynote...
19:34 forrest :P
19:34 allanparsons speaking of FLOSS
19:34 eliasp forrest: found some suspicious lines in salt/utils/templates.py regarding the template loading… will see if I can identify the actual issue
19:34 allanparsons i spent like 4 hours looking for the download link for Kaltura
19:34 RandalSchwartz heh
19:34 forrest eliasp, cool
19:35 allanparsons and i think the purposely make their github repos cryptic
19:35 agliodbs joined #salt
19:35 forrest allanparsons, you mean these? http://www.kaltura.org/downloads
19:35 otter768 joined #salt
19:35 RandalSchwartz anyone gonna be at OSCON?
19:35 RandalSchwartz I'll be there
19:35 forrest DammitJim, Now I want to submit a talk for that con, but I'm all tapped out of conference funds for this year :\
19:35 allanparsons forrest - no their kmc server
19:36 allanparsons kaltura media server / cms or whatever it is
19:36 allanparsons here's their hilarious github repo: https://github.com/kaltura
19:36 forrest RandalSchwartz, Unfortunately no, it's too pricey
19:36 DammitJim forrest, you don't have to talk, but I think it would be good if salt had a booth or something
19:36 otter768 joined #salt
19:36 john5223 so is salt-master a zeromq server in itself? i tried to setup halite with salt-master...and now im seeing in logs it cant find zeromq... it says Bad address
19:36 UtahDave RandalSchwartz: we're going to have some people at OSCON!
19:37 forrest DammitJim, yea best to talk to people who actually work for salt then, slap UtahDave around, I know he wants to go to Florida
19:37 UtahDave RandalSchwartz: I was reading through some Python docs and I leaned about the Schwartzian transform.  :)
19:37 DammitJim dammit UtahDave !
19:37 DammitJim Schwartzian transform sounds like creating a black hole
19:37 UtahDave DammitJim: can you pm me info?
19:37 eliasp john5223: yes, the saltmaster runs an "embedded" ZeroMQ
19:37 DammitJim sure UtahDave
19:38 UtahDave DammitJim: it's basically the decorate, sort, undecorate
19:38 DammitJim oohhh lala
19:38 DanGarthwaite joined #salt
19:38 john5223 seeing this in upstart log: [WARNING ] Caught signal 15, stopping the Salt Master
19:39 eliasp john5223: if there's nothing besides that, try increasing the log-level (-l debug)
19:39 Bryanstein joined #salt
19:39 Bryanstein UtahDave, ping
19:40 Bryanstein DammitJim, you there?
19:40 UtahDave hey, Bryanstein
19:40 DammitJim si
19:40 DammitJim UtahDave, Bryanstein is the organizer for FOSSETCON
19:40 n8n joined #salt
19:40 Bryanstein Hey UtahDave...can I chat with you via pm for a sec?
19:40 DammitJim you guys can talk details... I'm just the guy interested in salt to be here ;)
19:41 UtahDave Bryanstein: yeah, that would be great
19:41 * forrest hands DammitJim his poking stick
19:41 DanGarthwaite Hi all.  Struggling to understand salt mine configuration (again).  sync_all didn't actually update pillar.  saltutil.refresh_pillar did, and yet new minions still aren't running the new mine_function.
19:42 VictorLin joined #salt
19:43 john5223 eliasp: weird..its back now that im in debug.. thanks for the response though
19:43 DanGarthwaite mine runs don't emit and event?  I couldn't find one.
19:44 eliasp john5223: check if you have a 2nd instance running… somebody reported yesterday that *buntu packages had an issue where the service was started once via Upstart, once via classic SysV init-script
19:46 DammitJim poke
19:46 DanGarthwaite Example: http://pastie.org/9397212
19:47 DanGarthwaite ... I'm thinking I'll have to run salt-minion non-forking debug to figure this one out...
19:48 scoates why does the master config file have 2 ports (publish_port and ret_port) but the minion config file only has master_port ?
19:49 DanGarthwaite The publish port is unidirectional.  The other port is for the back channel.
19:49 DanGarthwaite So minions connect to the master's ret_port.
19:49 scoates ok, thanks.
19:50 smcquay joined #salt
19:50 ipmb joined #salt
19:51 john5223 elaiasp: its fine now. i just didnt realize how long it took for master to come up. first time running salt today
19:53 dude051 joined #salt
19:54 DanGarthwaite ok - I think it is clear that mine_interval is not set the way I think it is.
19:54 DanGarthwaite I thought it could be set as a top level pillar.  Is it instead an implied option for each mine_function definition?
19:55 DanGarthwaite Or is it not configurable via pillar?
19:55 john5223 eliasp: actually...im seeing 9 salt-master processes, is that normal?
19:56 eliasp john5223: check, if they all belong to a single parent-process (htop, pstree, …)
19:56 eliasp john5223: if they do, it's fine
19:56 DanGarthwaite repasted pastie with pillar conf: http://pastie.org/9397231
19:56 eliasp john5223: if there are 2 or more top-level processes… something's wrong
19:56 john5223 htop > hide userland threads still shows 9
19:57 eliasp they are actual subprocesses, not only threads
19:57 john5223 oh ok
19:57 druonysuse joined #salt
20:00 john5223 elaisp: ok looks like its all one processes spawning subprocesses... i think im good
20:00 john5223 just need to wait for the start up time
20:01 john5223 *one processes  :)
20:01 DanGarthwaite IRC banner's rev number is a bit behind.
20:03 q1x joined #salt
20:03 q1x evening gents
20:04 rojem joined #salt
20:04 q1x I have a state that manages the salt master config file. That way I can include salt-formulas as gitfs remotes via pillar data
20:04 ingwaem joined #salt
20:05 q1x however, if I add a new formula and want to use it on a minion, the state.highstate fails because the master has not yet reconfigured itself
20:06 agliodbs joined #salt
20:06 q1x how can I make sure that state is run on the master before any other states are run during a state.highstate?
20:06 vejdmn joined #salt
20:07 ndrei joined #salt
20:07 eliasp q1x: http://docs.saltstack.com/en/latest/ref/states/overstate.html
20:08 n8n_ joined #salt
20:10 q1x eliasp: thanks, I'll have a look at that :-)
20:10 john5223 anyone here use ubuntu juju? any thoughts on juju+salt?
20:11 snuffeluffegus joined #salt
20:11 DanGarthwaite Anyone know if mine_interval is minion config level only?
20:13 DanGarthwaite ah - it _is_ minion level only.  I can't put it in a pillar.
20:13 rushm0r3 joined #salt
20:17 rushm0r3 joined #salt
20:18 Eliz joined #salt
20:18 rushm0r3 joined #salt
20:19 vejdmn joined #salt
20:19 gothix_ joined #salt
20:19 Eliz I have a quick question: I am writing an Execution Module and I came to a point where I'd like to request a file over salt:// using fileclient, but as far as I can tell you can't request a file to be returned from the function, only saved to a file on the filesystem?
20:25 bhosmer_ joined #salt
20:26 VictorLin joined #salt
20:27 rushm0r3 joined #salt
20:27 DanGarthwaite ok - now how do you configure salt-minion via a sls and reload the configuration?  Is it safe to service.restart salt-minion in the middle of a state.highstate?
20:29 rushm0r3 joined #salt
20:29 agliodbs joined #salt
20:30 jslatts joined #salt
20:30 rampantmonkey joined #salt
20:31 ccase joined #salt
20:32 rampantmonkey joined #salt
20:34 DanGarthwaite . o O ( is that a cricket chirping? )
20:34 eliasp DanGarthwaite: see https://github.com/saltstack/salt/issues/6792
20:34 eliasp where "full system reboot" could be just the restart of the minion itself…
20:34 DanGarthwaite Thanks elisap.  This is just a config option for the salt-minion.
20:35 eliasp DanGarthwaite: wait, sorry… we're talking about Linux… restart should work there
20:35 DanGarthwaite There _might_ be a way to drop a file in minion.d _and_ set the minion's config option at runtime?
20:35 talwai What's the most secure way to store ssh keys for spinning up EC2 instances with salt-cloud for example? I'm thinking of just storing them on my gitfs backend but don't know if there are obvious vulnerabilities with this approach
20:36 eliasp talwai: that's what Pillars are for: http://docs.saltstack.com/en/latest/topics/tutorials/pillar.html
20:38 wonhunawks_ joined #salt
20:38 talwai eliasp: That was my instinct. So something like the top answer here: http://serverfault.com/questions/538218/deploy-ssh-key-from-master-to-minion-via-salt-pillars ??
20:39 rushm0r3 joined #salt
20:39 eliasp talwai: basically yes… I don't have any salt-cloud experience, so I can't tell how this applies to salt-cloud, but I assume it's not really different at all
20:42 azylman joined #salt
20:43 skullone so, the saltstack event system... this blows away anything puppet has
20:44 bhosmer joined #salt
20:46 rushm0r3 joined #salt
20:48 DanGarthwaite service.full_restart salt-minion seems to work.   service.restart salt-minion fails catastrophically and leaves the node without salt-minion running.
20:48 rushm0r3 joined #salt
20:50 DanGarthwaite Scary:  salt \* -b5  service.full_restart salt-minion
20:50 rlarkin joined #salt
20:51 eliasp DanGarthwaite: don't even think of this when you have windows minions ;)
20:52 eliasp before I ran into https://github.com/saltstack/salt/issues/11726 it took me 1.5h to restart all minions here in the department manually ;)
20:52 eliasp s/ran into/reported/g
20:53 DanGarthwaite I have two - but I use salt-ssh for them.  Much cleaner.
20:53 RandalSchwartz what's wrong with "ntpdate:\n service:\ - enable: True"
20:54 eliasp RandalSchwartz: ntpdate is usually a oneshot, while ntpd is the one which runs continuously…
20:55 RandalSchwartz fbsd needs "ntpdate_enable=YES"
20:55 RandalSchwartz so I figure this would edit that
20:55 RandalSchwartz ... No function declared in state "service" in sls ntpd
20:55 RandalSchwartz that's the error
20:56 RandalSchwartz service -l lists both ntpd and ntpdate
20:56 DanGarthwaite ugh - I ahve some old debian boxes that don't grok full_restart.   service.restart worked on half, failed on some, returned nothing on one.
20:57 ipmb joined #salt
20:58 non7top joined #salt
20:59 RandalSchwartz so I'm still not sure why this is being treated differently than the others.
20:59 yomilk joined #salt
20:59 DanGarthwaite I'm down the rabbit hole now.  salt-minion is warning that ZQ is < 3.2.  Latest available is 2.2
20:59 XenophonF joined #salt
21:00 XenophonF hey all - how does watch/watch_in work with the file.accumulated state?
21:00 RandalSchwartz is it using the id "ntpd" as something special?
21:00 DanGarthwaite I take that back - I think there is an update.
21:00 non7top Guys, I'm trying to get into the pillar thing, want to set different value for variable for different hosts, tried like this http://pastebin.com/8XhTnLQu but it doesn't work
21:01 DanGarthwaite Did you sync the pillars to your minions?    salt \* saltutil.refresh_pillar
21:01 DanGarthwaite Get used to typing that.  :)
21:01 RandalSchwartz every time I begin to think I understand this, I'm baffled by the error message.
21:02 eliasp RandalSchwartz: care to nopaste your SLS?
21:02 eliasp if you provide your pillars via git, also think of "salt-run git_pillar.update …"
21:03 RandalSchwartz ... http://pastebin.com/MPSFyF18
21:03 talwai I want to reference the contents of a pillar id from another pillar id, and essentially create a flat dictionary which includes key-value pillars from a couple of other pillar ids. Here's what I mean: http://pastie.org/9397383
21:03 talwai Any thoughts on how to do this?
21:04 DanGarthwaite Is ntpdate a service on the system?  I've not seen that.
21:05 azylman joined #salt
21:05 RandalSchwartz I copied those lines directly from another working file.  Just changed the id
21:05 martoss joined #salt
21:06 RandalSchwartz and deleted the pkg and watch, because I don't need those
21:06 RandalSchwartz (might eventually add a watch on the ntp.conf when I manage that
21:06 DanGarthwaite Does /etc/init.d/ntpdate exist?
21:07 RandalSchwartz well.. this is fbsd... so /etc/rc.d/ntpdate, but yes
21:07 smkelly Anybody seen this error on FreeBSD before or have any idea where to go about solving it? https://gist.github.com/smkelly/db08db78d2d1315c5666
21:07 RandalSchwartz smkelly - I suspect building python things on fbsd is broken right now
21:07 RandalSchwartz I had to roll back to an older package
21:07 XenophonF RandalSchwartz: you can set ntpd_sync_on_start="YES" to get the same effect as running ntpdate at boot time
21:08 XenophonF it's the "-g" flag to ntpd
21:08 XenophonF that's the default on some linux distributions (e.g., CentOS)
21:08 RandalSchwartz XenophonF - how do you write that in an SLS?
21:08 smkelly RandalSchwartz: interesting.
21:08 RandalSchwartz the py27-salt package is missing eggs
21:09 RandalSchwartz both the one I built yesterday (2014.1.7)
21:09 RandalSchwartz and the one on the main package repo (2014.1.5)
21:09 RandalSchwartz good thing I had an older one still in  my cache
21:09 pdayton joined #salt
21:09 martoss1 joined #salt
21:10 pdayton joined #salt
21:10 XenophonF RandalSchwartz: Let me post my config.  I have a separate file.blockreplace state that handles all of the Salt-driven changes to /etc/rc.conf, and I have accumulators elsewhere that add to it as needed.
21:10 XenophonF that way, everything Salt puts into rc.conf (and make.conf, and periodic.conf) go into a single managed-by-salt section
21:12 RandalSchwartz the only difference between ntpd.sls and others is I have no pkg to install
21:12 RandalSchwartz maybe that messes up the hash parsing?
21:13 diegows joined #salt
21:13 khaije1 joined #salt
21:13 RandalSchwartz when I empty the file, it parses the empty file OK. :)
21:14 smkelly RandalSchwartz: so you used an older package or built an older version from ports?
21:14 XenophonF RandalSchwartz: here's the config I'm using for both FreeBSD and CentOS 6/7
21:14 XenophonF http://paste.debian.net/110163/
21:15 RandalSchwartz I used a package I built a few weeks ago
21:16 RandalSchwartz I couldn't figure out how to build an older package from ports... poudriere overwrote it during startup
21:16 XenophonF RandalSchwartz: I had to downgrade to Salt 2014.1.4 on FreeBSD as well.
21:16 XenophonF Luckily, I had an older version of the FreeBSD ports tree checked out.
21:16 smkelly I guess that is what i'll do, get me an older ports tree
21:16 XenophonF What I'm doing now in Poudriere is building against multiple Ports trees: production, testing, development
21:17 XenophonF i'm manually syncing testing to production
21:17 RandalSchwartz is salt barfing because there's only one key under the ID?
21:18 XenophonF Is that in regards to the package install?
21:18 XenophonF If so see my config
21:18 XenophonF I keep a list of packages to install in map.jinja
21:18 XenophonF On FreeBSD that package list is set to None
21:18 XenophonF so it skips the entire package installation state
21:19 XenophonF goes right to service.running and its antecedants
21:19 KyleG FreeBSD <3
21:19 KyleG We need more salt BSD users
21:19 XenophonF i use the pattern {% if blah.packages %}...{% for package in blah.packages %}... idiom a lot in my state files.
21:20 XenophonF esp. since the FreeBSD base system has a lot of stuff built in
21:20 talwai I want to reference the contents of a pillar id from another pillar id, and essentially create a flat dictionary which includes key-value pillars from a couple of other pillar ids. Here's what I mean: http://pastie.org/9397383
21:20 XenophonF God bless the FreeBSD releng team.
21:20 XenophonF anyway
21:20 talwai Any Ideas?
21:20 XenophonF Regarding the Salt packages on FreeBSD, something's screwed up
21:20 RandalSchwartz I keep getting No function declared in state "service"
21:21 RandalSchwartz what the hell does that mean?
21:21 XenophonF that means in your ntpdate state
21:21 XenophonF you didn't tell it which service state to be in
21:21 XenophonF that should read:
21:21 RandalSchwartz I only want service.enable to be true
21:22 XenophonF ntpdate: service.running or ntpdate: service.enabled
21:22 XenophonF "enable: True" is only used with service.running
21:22 XenophonF but like I said, you can just pass "-g" to ntpd or set "ntpd_sync_on_start" in /etc/rc.conf and get the same behavior
21:23 RandalSchwartz the problem that ntpdate doesn't keep running
21:23 RandalSchwartz service status shows it as stopped
21:23 XenophonF it isn't supposed to
21:23 XenophonF ntpdate runs and stops
21:23 RandalSchwartz right.  but I want it to be *enabled*
21:23 XenophonF right
21:24 XenophonF use the service.enabled state
21:24 RandalSchwartz it's service.enable
21:24 RandalSchwartz not enabled
21:24 XenophonF http://docs.saltstack.com/en/latest/ref/states/all/salt.states.service.html#salt.states.service.enabled
21:24 RandalSchwartz at least that what I was using elsewhere
21:24 RandalSchwartz Oh!
21:24 RandalSchwartz maybe I've been using the wrong one
21:25 XenophonF that's possible
21:25 RandalSchwartz ahh - I've enable mostly because I've been using running :)
21:25 XenophonF yup yup
21:26 RandalSchwartz No - even service: \n - enabled: True fails
21:27 XenophonF "- enabled" isn't an argument
21:27 kermit joined #salt
21:27 XenophonF it's the function name
21:27 XenophonF the state is service
21:27 XenophonF sorry the state is "service.enabled"
21:27 XenophonF a/ka/
21:27 XenophonF service:
21:27 XenophonF - enabled
21:28 RandalSchwartz finally
21:28 RandalSchwartz this is one of the most frustrating parts of salt
21:29 XenophonF http://docs.saltstack.com/en/latest/ref/states/highstate.html#state-declaration
21:29 RandalSchwartz I'm sure people who read python can translate the yaml into what it's doing underneat
21:29 RandalSchwartz but I can't
21:29 XenophonF http://docs.saltstack.com/en/latest/ref/states/highstate.html#function-declaration
21:30 XenophonF http://docs.saltstack.com/en/latest/ref/states/highstate.html#function-arg-declaration
21:30 RandalSchwartz oh - -enable: True is an argument to *running*!
21:30 XenophonF Yes! You got it!
21:30 RandalSchwartz geez
21:31 XenophonF I know Python from other projects and YAML from Minecraft server configs, and it still took me a while to figure out how Salt uses YAML serialization
21:31 XenophonF it's just Lisp, re-invented again
21:31 smkelly That is my issue with all config mgmt tools. They are abstracted enough that I have no idea what is happening underneath
21:31 XenophonF file.managed: blah blah blah is really a function call
21:32 XenophonF YAML renders directly to Python code underneath.
21:32 TheThing joined #salt
21:32 XenophonF Jinja is just a text macro system on top.
21:32 XenophonF They could have used the C preprocessor to do the same thing.
21:32 RandalSchwartz or m4!
21:32 RandalSchwartz (ala sendmail)
21:32 XenophonF exactly
21:32 XenophonF god help us all
21:33 * smkelly has code in the freebsd m4
21:33 * smkelly isn't sure how he feels about that
21:33 XenophonF one of the first things I did with Salt on FreeBSD was figure out how to rip sendmail out and replace it with Postfix ;)
21:33 XenophonF that's why a lot of Salt's documentation looks like function call signatures
21:34 XenophonF because in actuality, that's what the YAML is
21:34 smkelly I've tried Puppet and ansible so far on FreeBSD. I'm hoping Salt fits my style and needs, but the part where the port is busted is kind of a hinderance
21:34 KyleG smkelly: Don't you have a build box?
21:34 KyleG We have a central server for all the package building
21:34 KyleG using poudriere
21:34 smkelly Kind of.
21:34 KyleG Works great
21:34 XenophonF I don't think it's the port itself.
21:35 XenophonF I checked on svnweb and the only things that changed since 2014.1.4 are version number bumps and minor adds/removes to pkg-plist.
21:35 RandalSchwartz is there a way in poudere to use an older version of the ports tree
21:35 XenophonF yes
21:35 RandalSchwartz XenophonF - I checked the same thing
21:35 jbirdman joined #salt
21:35 RandalSchwartz except with git :)
21:35 RandalSchwartz grabbed the 3GB git download
21:36 XenophonF yikes
21:36 smkelly FreeBSD ports is svn
21:36 XenophonF smkelly, there's a Git replica
21:36 smkelly TIL.
21:36 XenophonF I think there's a mercurial replica too
21:36 quickdry21__ joined #salt
21:36 XenophonF and they might still be synching with cvs
21:36 smkelly I need to get my src bit back :/
21:36 RandalSchwartz service.running and service.enable*d* not ran properly
21:36 RandalSchwartz s/not/now/
21:36 XenophonF ah good
21:36 XenophonF so regarding the Salt port
21:37 XenophonF I see that Python revved as well
21:37 XenophonF so maybe it's a Python bug
21:37 XenophonF maybe it's a setuptools bug
21:37 XenophonF maybe it's a problem in bsd.python.mk
21:37 XenophonF I haven't had a chance to check
21:37 XenophonF or post a PR or ask on freebsd-ports@
21:38 XenophonF I was going to email the salt port maintainer too
21:38 jslatts joined #salt
21:38 XenophonF but haven't - i've been dealing with much higher-priority visa and travel issues this week
21:38 XenophonF anyway, regarding poudriere and multiple ports trees
21:38 smkelly I have a Global Entry interview tomorrow if that counts for anything :)
21:39 XenophonF oh good luck!
21:39 XenophonF Assume that poudriere keeps everything under /var/poudriere
21:39 RandalSchwartz there was a update to python 2.7.8 just a few days ago
21:39 XenophonF yeah but that post-dates the salt 2014.1.5 update, and that port is broken too
21:39 XenophonF that's why i kindof wonder if it's the ports make infrastructure that broke
21:39 RandalSchwartz oh, and one that removed support for USE_PYDISTUILS=easy_install have been removed
21:40 RandalSchwartz that was on jul 8
21:40 RandalSchwartz I wonder if that was the threshold
21:40 azylman_ joined #salt
21:40 XenophonF poudriere keeps checked out ports trees under /var/poudriere/ports
21:40 XenophonF you can tell poudriere to maintain more than one ports tree (man poudriere for the details)
21:40 RandalSchwartz aha!  there it is
21:40 XenophonF what i did was check out a tree named "development" using svn
21:40 RandalSchwartz FOUND THE SALT BUG
21:40 XenophonF great!
21:40 RandalSchwartz it has USE_PYDISTUTILS=yes
21:41 RandalSchwartz which stopped support on jul 8
21:41 smkelly ahhh
21:41 RandalSchwartz so it's specific both to timeframe and py-salt
21:41 smkelly nice
21:41 * smkelly tries
21:41 XenophonF i have an older ports tree with salt 2014.1.4 in it that i copied to /var/poudriere/ports/production
21:42 RandalSchwartz just wondering what to replace that with
21:42 XenophonF poudriere keeps those configs in /usr/local/etc/poudriere.d
21:42 XenophonF specificially /usr/local/etc/poudriere.d/ports/$TREENAME
21:42 XenophonF so I copied /usr/local/etc/poudriere.d/ports/development/ to /usr/local/etc/poudriere.d/ports/production
21:43 XenophonF and I updated the "mnt" and "method" files in the .../production/ folder
21:43 XenophonF set method to "manual" which isn't valid and will cause "poudriere ports -u -p production" to fail, which is OK
21:44 XenophonF the mnt file has the full path to the ports tree, so that now contains /var/poudriere/ports/production
21:44 XenophonF then to bulk build you use something like
21:44 XenophonF poudriere bulk -p production -j freebsd:10:x86:64 -f /usr/local/etc/pkglist
21:44 XenophonF or poudriere bulk -p production -j freebsd:10:x86:32 sysutils/py-salt
21:44 XenophonF etc.
21:45 RandalSchwartz Oh... no, it's just USE_PYDISTUTILS=easy_install that is broken
21:46 khaije1 does salt-ssh supports using password-less ssh-key-auth? Does it also support ssh-key-auth where prompted for a ssh-key password?
21:50 bhosmer_ joined #salt
21:53 XenophonF RandalSchwartz: so why did easy_install break?
21:59 Damoun joined #salt
21:59 matthiaswahl joined #salt
22:02 rojem joined #salt
22:03 druonysuse joined #salt
22:07 bhosmer_ joined #salt
22:12 oz_akan joined #salt
22:18 afk-DanGarthwait Thanks everyone, g'night.
22:18 diegows joined #salt
22:18 afk-DanGarthwait left #salt
22:18 alff joined #salt
22:22 anuvrat joined #salt
22:31 dude051 joined #salt
22:44 yomilk joined #salt
22:49 hardwire joined #salt
22:49 Hollinski joined #salt
22:51 zz_fxdgear joined #salt
23:00 yomilk joined #salt
23:00 matthiaswahl joined #salt
23:03 XenophonF for those of you grepping through the IRC logs, here's a follow-on to my paste above, combining Pillar and Jinja templating to generate file.accumulated states - http://paste.debian.net/110177/
23:05 savvy-lizard joined #salt
23:12 anuvrat joined #salt
23:13 DanGarthwaite joined #salt
23:14 rjc joined #salt
23:15 mosen joined #salt
23:26 ajprog_laptop1 joined #salt
23:28 jrdx joined #salt
23:28 RandalSchwartz it's annoying that cron.file always reports the file changed
23:28 RandalSchwartz bad diff
23:35 DanGarthwaite left #salt
23:35 mgw joined #salt
23:36 RandalSchwartz 825 lines of SLS written in the past few days
23:36 nadley joined #salt
23:48 Luke joined #salt
23:48 joehillen joined #salt
23:48 smcquay joined #salt
23:49 che-arne joined #salt
23:51 n8n joined #salt
23:51 yomilk joined #salt
23:52 diegows joined #salt
23:53 N-Mi joined #salt
23:53 N-Mi joined #salt
23:59 mosen joined #salt
23:59 logix812 joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary