Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-08-07

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 claytron joined #salt
00:05 ramishra joined #salt
00:06 conan_the_destro joined #salt
00:09 jcl left #salt
00:17 rihannon joined #salt
00:18 TheThing joined #salt
00:18 rgarcia_ joined #salt
00:19 bonezed is salt aware of other linux distros? I've only seen mention of redhat and debian based systems
00:20 icebourg joined #salt
00:20 druonysus joined #salt
00:24 robawt bonezed: openSUSE is a first class Salt citizen, as is FreeBSD
00:24 DaveQB joined #salt
00:25 manfred and smartos
00:25 manfred and gentoo
00:25 robawt manfred++
00:25 manfred and archlinux
00:26 manfred and windows
00:26 robawt yeah tom is a big arch user, should've thought of that
00:26 manfred tom used to be an arch trusted user
00:26 manfred https://www.archlinux.org/fellows/#thatch
00:26 manfred back in the day, he and techhat ran arch in production
00:27 manfred and used salt to kick off puppet runs
00:27 manfred that is supposedly why/how salt started
00:29 mosen ah thats why theres puppet executions
00:29 manfred yes
00:29 manfred though
00:29 bonezed thanks robawt
00:29 manfred there is also chef execution and configuration
00:29 TheThing joined #salt
00:29 manfred and now, there is some ansible inventory rendering for salt rosters
00:36 bezeee joined #salt
00:46 mosen is there anything like filter_by but for os release? or otherwise just use if/else in the jinja template?
00:48 manfred mosen: link to filter_by?
00:48 manfred grains.filter_by?
00:49 mosen oh sorry, for grains
00:50 mosen I'm still working out best practice for map.jinja by reading all the formulas, but im still not sure if you have to merge stuff in based on a different grain
00:50 mosen sorry i meant, how you would merge pillar data on some other condition
00:51 manfred all I do is just an pkg.installed  {% if grains['os_family'] == 'RedHat' %} .. httpd ... {%elif ...os_family == 'Debian' %} apache2
00:51 manfred etc
00:51 manfred stuff like that
00:51 mosen ahh ok
00:51 manfred in the salt-formulas, they usually uses a map.jinja to assign the local vairables
00:51 mosen not moving package name to packages.jinja or something
00:52 manfred you could do that
00:52 mosen and then exporting a variable called package_name, something like that, then referencing it by the jinja variable
00:52 manfred a lot of the formulas do it https://github.com/saltstack-formulas/libvirt-formula/blob/master/libvirt/map.jinja
00:52 mosen yep like that
00:52 skullone hrm interesting, salt seems to use a PTR lookup on its IP for its minion_id, instead of using the system hostname
00:52 manfred it makes sense to do that for formulas
00:52 skullone is that normal?
00:52 manfred but when I am writing my own, I don't usually
00:53 manfred i just wrapp the name in jinja
00:53 mosen also, whats the deal with convention of using the dict key 'lookup' there
00:53 manfred skullone: how are you seeing this?
00:53 mosen vs just merging with pillar.get libvirt
00:53 manfred mosen: that I have no idea
00:54 manfred whiteinge: ^^ can you answer that for the lookup in your libvirt formula?
00:54 * whiteinge looks
00:54 manfred whiteinge: line 27 https://github.com/saltstack-formulas/libvirt-formula/blob/master/libvirt/map.jinja#L27
00:54 manfred i have no idea what that is used for
00:55 mosen whiteinge: i mean mostly the convention of using the key "lookup" instead of merging pillar data from just 'libvirt'
00:55 whiteinge (still reading the chat log) the lookup stuff allows you to override any of the values in the mapfile using pillar
00:55 whiteinge oh
00:55 whiteinge gotcha
00:55 manfred oh, cool
00:55 manfred whiteinge: i was unaware of that, that is awesome
00:56 mosen my jinja map looks like spaghetti at the moment :)
00:56 whiteinge the reason for the 'lookup' name is to avoid unintentional collisions and to make it clear that part of the pillar is intentionally only for the lookup table in the map file
00:56 whiteinge in hindsight i should have used either 'mapfile' or 'lookup table' for both
00:57 mosen whiteinge: should all variables be abstracted away from the formula and into the map?
00:57 manfred whiteinge: does that fall under this stuff? https://github.com/saltstack/salt/issues/14723
00:57 manfred whiteinge: where pillars aren't really ordered
00:57 whiteinge mosen: i'd suggest only putting static, _usually_ os-specific values in the mapfile
00:57 whiteinge and putting everything else in pillar.example
00:58 mosen whiteinge: ok so, user configurable stuff with reasonable defaults just in the formula, and the pillar.example to show some example values
00:59 whiteinge manfred: i'm not sure i follow that issue description. if something should be ordered it should be in a list, if order doesn't matter it should be in a map
00:59 whiteinge mosen: yeah
01:00 whiteinge manfred: oh, ryan's probably talking about the keys in the top file
01:00 manfred yeah
01:00 manfred that thing
01:00 mosen yes sir whiteinge
01:00 mosen thanks a bunch, I'll keep working on my baby formula
01:01 whiteinge np
01:01 manfred well, where it doesn't load them in order, and then does a pillar.update() through a top file that is a dictionary that is not ordered, so you get random ordering for pillars across environments
01:01 manfred meh
01:01 manfred it will get figured out
01:01 whiteinge manfred: offhand, i'd say having a bunch of pillar files that override one another is the path to madness
01:01 ajprog_laptop1 joined #salt
01:01 manfred i agree
01:01 whiteinge manfred: i'd suggest putting a lookup table in a single pillar file
01:01 manfred but I can see how it would be usefull
01:03 whiteinge manfred: i can see how you could _make_ it useful but since it's so hard to get right, i'd avoid the pattern altogether
01:03 whiteinge lookup tables provide the same thing but localized in a single file (or occasionally two files)
01:04 whiteinge manfred: see the example here for a pillar-specific lookup table: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.match.html#salt.modules.match.filter_by
01:04 manfred whiteinge: i would point Ryan to that :P
01:05 manfred but he logged out
01:05 whiteinge i'll leave a comment
01:05 whiteinge didn't realize that was his use-case at first read
01:06 Bryanstein joined #salt
01:06 manfred he is doing one main environment
01:06 manfred and then overwritting that with data in the dev environment
01:06 manfred but there isn't an order, so he gets mixed pillars
01:07 mosen yeah im not totally clear on pillar structure apart from mirroring the states as much as possible
01:07 manfred i just decided to have servers in different environments to only fall into one set of pillars and states in the top files, crossing environments becomes iffy and annoying
01:07 manfred and isn't really the usecase currently
01:08 BrendanGilmore joined #salt
01:11 whiteinge manfred: makes sense. i kind of avoid environments. can't make 'em fit my mental model
01:12 mosen coming from puppet there is often the problem of duplicate resource definitions like redefining the apache package everywhere as a dependency which is kinda remedied by 1. using someone elses module as a dependency and 2. never managing dependencies inside your manifests. So what happens with dependencies in SaltStack, like two formulas that depend on a single pkg?
01:12 manfred it kind of fits what I want to do... but I don't actually have multiple environments, cause I don't currently administer one system, I do a ton of them and just help clients do it.  If I had my way, i wouuld have dev/qa environments, and the prod and merge the states and pillars through using gitfs
01:13 manfred mosen: there is not a good dependency module in formulas yet
01:13 manfred so ... imo ... there is not a good answer to your question, or really a good way to use formulas
01:14 manfred I want a way to say... i included this formula in gitfs... and from inside of that, I can include another formula, without having to add it to my gitfs_remotes
01:14 manfred so you automatically handle those dependencies
01:14 manfred that would also answer how you can handle iptables.rules, without using the iptables state, since that is still kind of ... meh ...
01:14 whiteinge mosen: just saw your question about filter_by and os_release. yeah, filter_by takes a grain argument. you can filter by any grain
01:14 mosen whiteinge: ahh right, all good!
01:15 icebourg_ joined #salt
01:16 Ryan_Lane joined #salt
01:17 whiteinge manfred: in a pinch a while back i've used git submodules with formula repos to keep a single installation "in check". i know that's not a real answer but it is a simple workaround
01:17 * whiteinge nods at Ryan_Lane
01:17 manfred yeah, that was the way I thought to use it
01:18 mosen ahh dependency management
01:19 Ryan_Lane just write everything yourself and use formulas as a guide ;)
01:19 Ryan_Lane formulas are always way too complicated
01:19 manfred ^^ that is what I do
01:19 whiteinge Ryan_Lane: i've been told i should point you toward the following as a possible alternative to #14723
01:19 whiteinge http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.match.html#salt.modules.match.filter_by
01:19 whiteinge ^^ avoids environments by providing the same kind of workflow with a lookup table
01:20 Ryan_Lane ew
01:20 manfred Ryan_Lane: more of the way that ^^ could be used instead of depending on pillars to be loaded in order
01:20 Ryan_Lane please, please no
01:20 manfred the way formulas use them
01:20 manfred heh
01:20 Ryan_Lane I actively avoid anything that make my states or top files look like code
01:20 * manfred forces Ryan_Lane to use lookup tables with cvsfs
01:21 Ryan_Lane I put some jinja in that loads pillar files if they exist and *that* is way uglier than I'd like
01:21 manfred bitkeeperfs?
01:21 bhosmer joined #salt
01:21 Ryan_Lane I'd really love an argument to the toploaders like "ignoremissing: True"
01:22 manfred what do you mean?
01:22 Ryan_Lane one sec
01:22 manfred i don't know that I follow what that would do, in comparison to how you could just say, load base first, then overwrite with the stuff in dev, if the server matches a type in the dev environment top file section
01:23 manfred i grok the whole ordering loading in the pillars topfiles, across environments
01:23 whiteinge Ryan_Lane: fair enough. that said, a lookup table is just a dictionary. you don't need to make it with jinja. yaml/json/etc work just as well.
01:23 mosen hah i thought id seen Ryan_Lane somewhere
01:23 Ryan_Lane https://gist.github.com/ryan-lane/351b7c03bc84830f4109
01:23 Ryan_Lane that's so ugly. I need to check to see if the file exists, when naming them by a grain
01:23 mosen your blog post made quite an impact
01:23 Ryan_Lane mosen: :)
01:23 Ryan_Lane thanks
01:24 manfred blog post?
01:24 Ryan_Lane manfred: http://ryandlane.com/blog/2014/08/04/moving-away-from-puppet-saltstack-or-ansible/
01:24 manfred ahh
01:24 manfred i remember you talking about this
01:24 mosen That's what i was talking about yesterday. Everyone who was in hte process of converting to salt came out of the woodwork
01:25 mosen I didnt feel like the lone ranger anymore hehe
01:25 manfred Ryan_Lane: there was an article in san antonio about some legislature yesterday about making the city more viable for companies like yours and uber
01:25 manfred i am excited ( i hope)
01:26 mosen Ryan_Lane: just on ycombinator it seemed like there was a ton of support
01:32 bezeee joined #salt
01:34 jslatts joined #salt
01:35 aquinas joined #salt
01:43 CeBe1 joined #salt
01:56 druonysuse joined #salt
01:56 druonysuse joined #salt
01:58 shannonman joined #salt
02:02 Comradephate joined #salt
02:05 savvy-lizard joined #salt
02:06 scoates joined #salt
02:07 malinoff joined #salt
02:11 faddat joined #salt
02:14 bezeee joined #salt
02:14 Ryan_Lane joined #salt
02:30 Singularo joined #salt
02:31 dude051 joined #salt
02:40 jpaetzel joined #salt
02:49 otter768 joined #salt
02:57 rojem joined #salt
03:03 jchen joined #salt
03:06 jchen joined #salt
03:09 bhosmer joined #salt
03:11 jchen joined #salt
03:12 ramishra joined #salt
03:13 jaimed joined #salt
03:21 manfred how did I sneak into 10th place... https://github.com/saltstack/salt/graphs/contributors
03:24 shannonman joined #salt
03:38 mway joined #salt
03:40 rgarcia_ joined #salt
04:00 skullone manfred: i changed the PTR on a host, reinstalled salt, it it picked up the new PTR, but the system hostname was the same
04:01 skullone ill do some more testing tomorrow, but its just a different way of determining hostname than i would use :p
04:01 manfred it shouldn't use the ptr
04:01 skullone the way i discovered it, a host had twp PTR records, and salt picked one of the duplicates which was a leftover host someone didnt clean up
04:01 manfred systemd system or upstart or sysvinit?
04:01 skullone upstart, centos6
04:01 manfred output of hostname?
04:02 manfred that is the hostname it should pickup
04:02 skullone the hostname was the correct name
04:02 manfred ¯\(°_o)/¯
04:02 skullone yah
04:02 manfred it should be the output of hostname
04:03 skullone shrug, it led me finding a duplicate PTR record, but i then i turned my question to why salt got the minion_id that way anyways :p
04:03 manfred skullone: https://github.com/saltstack/salt/blob/develop/salt/grains/core.py#L1081
04:03 manfred iirc that is what is used
04:03 Ryan_Lane joined #salt
04:04 skullone ill set a PTR, and test a python script using its gethostname()
04:16 mosen joined #salt
04:22 yetAnotherZero joined #salt
04:26 LordOfLA joined #salt
04:26 ntropy_ joined #salt
04:27 whiteinge_ joined #salt
04:27 zartoosh__ joined #salt
04:28 Hazelesque_ joined #salt
04:28 manytrees_ joined #salt
04:28 Kelsar_ joined #salt
04:29 steveoliver_ joined #salt
04:30 mirko_ joined #salt
04:30 btorch_ joined #salt
04:30 mikkn_ joined #salt
04:30 ze-_ joined #salt
04:30 alaskabe1r joined #salt
04:30 Heartsbane_ joined #salt
04:30 nkuttler_ joined #salt
04:30 eofs_ joined #salt
04:30 sashka_u1 joined #salt
04:30 Ahlee_ joined #salt
04:31 AnswerGu1 joined #salt
04:31 analogby1e joined #salt
04:32 mschiff_ joined #salt
04:33 herlo1 joined #salt
04:34 seblu42 joined #salt
04:34 jbub_ joined #salt
04:34 UForgotten_ joined #salt
04:34 goodwill_ joined #salt
04:34 atoponce joined #salt
04:34 z3uS| joined #salt
04:34 vereteran joined #salt
04:34 grep_awez joined #salt
04:35 a1j joined #salt
04:37 unknown007 joined #salt
04:38 marcinkuzminski joined #salt
04:39 codysoyland joined #salt
04:41 harkx joined #salt
04:41 N-Mi joined #salt
04:41 pressureman joined #salt
04:43 athe joined #salt
04:43 anteaya joined #salt
04:44 Singularo joined #salt
04:45 chutzpah joined #salt
04:45 unknown007 joined #salt
04:47 TheThing joined #salt
04:52 ramteid joined #salt
04:58 bhosmer joined #salt
05:11 thayne joined #salt
05:22 pastacino joined #salt
06:13 cym3try joined #salt
06:21 mariusv joined #salt
06:21 mariusv joined #salt
06:23 scarcry joined #salt
06:24 MrTango joined #salt
06:27 naquad joined #salt
06:29 chiui joined #salt
06:39 Hell_Lap joined #salt
06:47 Miouge joined #salt
06:47 bhosmer joined #salt
06:54 sectionme joined #salt
06:57 xsteadfastx joined #salt
07:03 jgelens joined #salt
07:04 Jarus joined #salt
07:04 cb joined #salt
07:07 matthiaswahl joined #salt
07:10 linjan joined #salt
07:11 ml_1 joined #salt
07:15 ramishra_ joined #salt
07:16 Ainieco joined #salt
07:16 Ainieco hello
07:18 Ainieco is there a way to forbid minion to autorun itself as daemon on startup?
07:18 Ainieco i'm doing masterless setup so salt-minion daemon is really not neccessary
07:19 Ryan_Lane joined #salt
07:23 Ryan_Lane joined #salt
07:26 ramishra joined #salt
07:40 intellix joined #salt
07:45 ml_1 joined #salt
07:46 pastacino joined #salt
07:58 alanpearce joined #salt
07:59 che-arne joined #salt
08:06 ajw0100 joined #salt
08:12 darkelda joined #salt
08:13 snuffeluffegus joined #salt
08:21 ntropy refer to your OS startup scripts and tools to manage them to disable salt-minion from starting up
08:29 canci joined #salt
08:36 bhosmer joined #salt
08:48 che-arne|2 joined #salt
08:50 ggoZ joined #salt
08:55 Ainieco ntropy: does it mean that it's not possible to forbid salt from creating these startup script in first place?
08:55 hotsnow joined #salt
08:59 martoss joined #salt
09:03 che-arne joined #salt
09:05 che-arne joined #salt
09:06 Ainieco how can i create state to restart nginx using salt.modules.nginx.signal if specific file changes?
09:07 Ainieco using cmd.wait if straightforward but i'm not sure how to use salt.modules.nginx.signal within state
09:09 Miouge joined #salt
09:10 goudale joined #salt
09:15 che-arne|2 joined #salt
09:21 TheRealBill joined #salt
09:26 goudale Hi all
09:26 david_a joined #salt
09:27 Ainieco ah, the proper way to do it is view service.running
09:27 goudale I have an AWS EC2 poll of virtual machines, all having unhuman hostname that I am not allowed to modify
09:28 goudale so I want to give every machine a more readable human name.
09:28 goudale Should I set it as a pillar, a grain, or simply as a minion id ?
09:41 babilen goudale: minion_id seems to be appropriate or you could add an extra grain ..
09:52 _mel_ joined #salt
10:02 giannello joined #salt
10:02 jhauser joined #salt
10:05 Miouge joined #salt
10:06 bhosmer joined #salt
10:12 xintron I want to setup nginx with a few sites. I create nginx and nginx.<site>. If I want to have the nginx service reloaded if any nginx.<site> is updated (file etc)?
10:13 xintron If I have the service.running in `nginx/init.sls` I can't really use `watch: - file: nginx.<site>.state`
10:13 xintron (I guess the actual question is: how do I solve looping dependencies)
10:17 thayne joined #salt
10:22 xintron Maybe it's possible with extending in every nginx.<site> state?
10:40 agend joined #salt
10:45 giannello xintron, include nginx.init in the site sls and notify: - service: nginx ?
10:45 giannello sorry
10:45 giannello watch_in: - service: nginx
10:46 xintron ah, that's a better solution yeah. Thanks
10:47 goudale thanks babilen
10:51 viki joined #salt
10:56 Hemebond joined #salt
10:56 Hemebond Is there an appropriate way to access a file in the minions cache?
10:57 Hemebond *cache from a script?
11:02 mprymek joined #salt
11:02 mprymek hi! Is it possible to make master listen on both ipv4 and ipv6?
11:11 Vivi-1 joined #salt
11:13 Guest80896 joined #salt
11:13 Miouge joined #salt
11:13 Vivi-1 left #salt
11:15 agend joined #salt
11:15 gmeno joined #salt
11:34 cm_ joined #salt
11:41 thayne joined #salt
11:43 analogby1e mprymek: http://docs.saltstack.com/en/latest/ref/configuration/master.html#ipv6 :)
11:45 mprymek analogby1e: if I set interface to "::", it would disable listening on ipv4 or not?
11:47 analogby1e mprymek: "::" means both protocols, not only salt, but in all other programms I've seen, too... I don't think there is something like a catchall listen address for ipv6 only
11:47 scarcry mprymek: I use ipv6: True in master because all my minions run IPv6 but when I was investigating how to run salt dualstack I was in the same bind as you..never find out if running dualstack is possible though
11:48 mprymek analogby1e: it's catchall for ipv6 only
11:49 mprymek scarcry: ok, thx. I have only one server without v6, so I must solve it's connection rather than salt :)
11:49 Hemebond Just enabled ipv6: "WARNING: Unable to bind socket, error: [Errno 98] Address already in use"
11:49 scarcry mprymek: if you're in that sitution then yes, I'd try "fixing" that servers connection :)
11:49 sinwave joined #salt
11:49 mprymek Hemebond: ipv6 works ok for me. I was just thinking about dualstack
11:50 Hemebond I restarted again and now it appears to be listening on ipv4 and ipv6
11:50 Hemebond Without an error.
11:50 scarcry Hemebond: can you pastebin the relevant section of your master then ?
11:51 Hemebond Literally just set ipv6: True
11:51 scarcry Hemebond: and you didn't specify interface? ?
11:51 Guest32217 joined #salt
11:51 analogby1e mprymek: I used dualstack until halite was released, which does not work using ipv6 (or used to, anyway)... since I filed that bug I left ipv6 alone so far
11:51 scarcry which salt release?
11:52 Hemebond No, no interface.
11:52 Hemebond Ah, apparently I should do that.
11:52 analogby1e I specified the interface as stated in the docs... I actually updated the docs to reflect how I got it working
11:52 scarcry according to the comments in master yes you should
11:52 scarcry I'm still running 2014.1.4, not on latest ..running it on smartos
11:53 totte joined #salt
11:58 bhosmer joined #salt
12:04 dvestal joined #salt
12:05 goudale joined #salt
12:10 sectionme joined #salt
12:14 bhosmer_ joined #salt
12:16 goudale so now, I have one pillar per minion that set some values, mostly the same keys
12:16 goudale so I think those values should be grains instead ?
12:19 middle joined #salt
12:24 middle Anyone know how to troubleshoot this message: [salt.crypt       ][DEBUG   ] Failed to authenticate message
12:24 middle Getting about 1 per second on the master
12:24 middle New minions not able to connect
12:25 linjan joined #salt
12:28 gmeno joined #salt
12:29 jeddi middle: restart master?   enable debug level logging on master
12:29 jeddi what's salt-key tell you?
12:31 Lomithrani joined #salt
12:37 unknown001 joined #salt
12:37 gmeno jeddi, salt-key tells you the state of known minions (Accepted, Rejected, Unaccepted)
12:40 miqui joined #salt
12:42 cym3try joined #salt
12:43 arochette joined #salt
12:49 nyx joined #salt
12:50 active8 joined #salt
12:53 mway joined #salt
12:53 nyx_ joined #salt
12:54 middle joined #salt
12:58 middle jeddi:  the message above is from debug mode in salt-master.  I get this even when the new minion is off.  I think the message is unrelated to the new minion.  I'm going to reboot everything to see if it clears up
13:01 Lomithrani Hi everyone , does anyone here manage casssandra's cluster with salt ? How do you do your backup / repairing and such ?
13:02 bhosmer joined #salt
13:06 mpanetta joined #salt
13:07 alanpearce joined #salt
13:07 mpanetta joined #salt
13:08 racooper joined #salt
13:08 rojem joined #salt
13:09 FeatherKing joined #salt
13:10 DaveQB joined #salt
13:12 denstark joined #salt
13:19 jshambo joined #salt
13:20 gmeno joined #salt
13:20 darkelda joined #salt
13:21 jshambo left #salt
13:21 mapu joined #salt
13:26 mpanetta joined #salt
13:27 masterkorp Guys how do you test vm environments with salt ?
13:29 denstark that is the most generic question ever
13:31 masterkorp true
13:31 masterkorp i want to teast the salt reactor system locally how do it ?
13:32 Lomithrani Well I'd say you set VMs locally install minion on all of them , install the master on one and point the minion of all the vm to the master ?
13:33 Lomithrani Not really sure that is your question though
13:33 masterkorp how can i test that consitently ? i want to be able to run tests and test from the machine boot (a fresh machine)
13:34 masterkorp i am using kitchen-salt locally
13:36 Lomithrani Sorry I don't really understand what you want to do , and I'm not sure I'd be able help if I did I don't know what kitchen-salt is.
13:37 masterkorp how do you test your formulas in a isolated way ?
13:41 gmeno joined #salt
13:41 wangofett masterkorp: are those different from pillars?
13:41 kermit joined #salt
13:42 dude051 joined #salt
13:42 masterkorp i don't get it, want to be able to destroy vms and quickly set them up
13:42 masterkorp and try diferent pillar data and so on
13:42 TheThing joined #salt
13:43 dimeshake i use a vagrant box as a minion with a pre-signed key
13:43 Miouge joined #salt
13:44 fbretel joined #salt
13:45 fbretel hi all, is there actually a workaround for UnicodeDecodeError when using UTF8 in pillar data ?
13:46 masterkorp i love kitchen-salt
13:46 robinsmidsrod joined #salt
13:46 masterkorp https://github.com/sethvargo/chefspec
13:47 aquinas joined #salt
13:47 masterkorp also something this
13:47 aquinas left #salt
13:50 masterkorp *like this
13:50 cmhamill joined #salt
13:54 masterkorp I just had an idea
13:54 masterkorp I need help with the name
13:54 masterkorp what would be a cool name for salt testing tool ?
13:55 masterkorp earth »
13:55 masterkorp earth ?
13:55 masterkorp earth the salt testing tool
13:56 mklauber joined #salt
13:57 kaptk2 joined #salt
13:57 Comradephate joined #salt
13:58 rallytime joined #salt
14:00 dvestal joined #salt
14:02 mklauber Hey all, I'm trying to simplify my user creation state.  This is my current state: https://gist.github.com/mklauber/ea281111d03b4b6096a2.  I created ca-ssh-dir and ca-ssh-key because you can't have more than one file record.  Is there a better way to handle this?
14:02 jforest halite
14:02 dccc joined #salt
14:03 jforest http://en.wikipedia.org/wiki/Halite
14:03 jforest rock salt baby
14:06 sectionme joined #salt
14:06 housl joined #salt
14:07 ipmb joined #salt
14:12 blarghmatey joined #salt
14:12 Lomithrani Is it possible to do backupŝ with salt , for example instead of sending a file to a minion copying a file from a minion to the master
14:12 Lomithrani ?
14:14 mklauber Lomithrani: At the very least, you coud set it up via cmd.run and scp.
14:15 Lomithrani true , but that doesn't seem very clean.
14:16 mklauber Fair enough, I'm just figuring out salt for the first myself, so there's probably a better suggestion.
14:16 icebourg joined #salt
14:16 Lomithrani I can see backup argument in file managed but the backup is done on the minion not on the master
14:17 Lomithrani I want my master to backup my database , in case the minion has a problem
14:18 FeatherKing Lomithrani: minionfs with a cp.push will let you push a file to the master
14:18 FeatherKing it doesnt seem to really work in states that well though, i am playing with it now
14:18 FeatherKing but you can schedule it through cron or something like salt 'minion-to-backup' cp.push /path/to/file
14:19 FeatherKing would push it to the master
14:19 mklauber My other thought would be to setup a mount point to the master on the minion, and just do a local copy.
14:19 mklauber but FeatherKing sounds better
14:19 FeatherKing from the command line it works fine
14:19 FeatherKing i am trying to put it into a state and its not great
14:19 FeatherKing there is no cp function in states
14:20 FeatherKing http://docs.saltstack.com/en/latest/topics/tutorials/minionfs.html
14:20 Lomithrani Thanks I'll give it a look
14:20 FeatherKing np
14:22 mklauber FeatherKing, is there a good way to setup a file and symlink to that file in the same state key?  I'm currently doing this: https://gist.github.com/mklauber/214ee247943e01a1afc7
14:22 mklauber But I'd prefer to have them both be in services-api.ini
14:23 FeatherKing becase of how that stuff gets rendered you cant have two functions in the same code block
14:23 FeatherKing you cant have file.managed and then file.symlink because it makes a dictionary and then there are two 'file' keys
14:24 mklauber That's what I'd gathered, just wasn't sure there was a simple solution I'd missed.
14:24 diegows joined #salt
14:24 FeatherKing i should say, you cant have two of the same function
14:24 mklauber Yep.
14:24 FeatherKing but yeah
14:32 Lomithrani salt Cassandra01 cp.push /etc/cassandra/Dockerfile  returns me 'False' , while the file do exist on Cassandra01 , any idea why FeatherKing?
14:32 FeatherKing did you enable the file_recv in the master config and restart the master?
14:33 Lomithrani nope I haven't ;) going to check that
14:33 FeatherKing by default this is all disabled
14:33 FeatherKing the steps are in that link i sent
14:34 cpowell joined #salt
14:35 robinsmidsrod joined #salt
14:36 jslatts joined #salt
14:41 Vivi-1 joined #salt
14:42 Vivi-1 joined #salt
14:43 Vivi-1 left #salt
14:51 cym3try joined #salt
14:54 Gareth morning
14:54 jpl1079 joined #salt
14:55 davet joined #salt
14:56 Lomithrani I get :# State cmd.cp found in sls operations.backup is unavailable is that normal ?
14:56 Gareth what OS?
14:56 Lomithrani smartOs
14:56 Lomithrani oh no
14:56 Lomithrani debian actually on this one
14:57 Gareth shouldn't be normal.
14:57 conan_the_destro joined #salt
14:57 Gareth Lomithrani: what does salt-call sys.doc cmd return?
14:58 Gareth and how did you install salt?
14:58 Lomithrani apt-get install salt i guess
14:58 Gareth Lomithrani: note, it should return a ton of output so no need to paste it :)
14:58 Lomithrani from the repo
14:59 Lomithrani should I do salt-call sys.doc on the minion or master ?
14:59 Lomithrani minion I guess
14:59 ericof joined #salt
15:00 icebourg joined #salt
15:00 Gareth actually there is no cmd.cp....Do you mean file.cp?
15:00 Lomithrani well it returns a bunch of stuff
15:00 Gareth file.copy rather.
15:00 Lomithrani http://docs.saltstack.com/en/latest/ref/modules/all/
15:01 Lomithrani I thought I could cmd.foo.bar
15:01 icebourg joined #salt
15:01 Lomithrani with foo being any module
15:01 Lomithrani and bar any function of the module. That's what babilen told me a few days ago
15:01 Lomithrani for instance I use cmd.state.sls
15:01 Lomithrani But then again it's in a reactor so it might be different in a state.
15:02 Gareth yeah.
15:02 babilen Lomithrani: *When* do you get that?
15:02 Ozack1 joined #salt
15:03 babilen Never ask a question and omit the "When I do ..." part :)
15:03 Gareth Lomithrani: If you want to use from cmd, eg. run the cp command, cmd.run and friends is probably want you want.
15:04 masterkorp What is the "best" method to defined defalts for the pillar data on a template ?
15:04 mechanicalduck joined #salt
15:04 babilen Lomithrani: And there is no cp in http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.cmdmod.html
15:04 mechanicalduck_ joined #salt
15:04 Lomithrani Well when I execute an state through    #salt Cassandra01 state.sls operations.backup        and inside my backup.sls in operations directory I have a cmd.cp.push
15:04 toastedpenguin joined #salt
15:05 toastedpenguin left #salt
15:05 Lomithrani babilen there is no state either , but cmd.state.sls did work the way you tought me last time.
15:05 toastedpenguin joined #salt
15:05 babilen Lomithrani: Plase don't throw reactors, states and execution modules together. Your command executes states in operations.backup and uses the sls function in the state execution module for that.
15:05 Lomithrani (but then again it was in a reactor now it's in a state so I don't know the real difference in behavior)
15:06 babilen It's a massive difference ;)
15:06 Gareth Lomithrani: so you want to execute a un*x cp command from within a state?
15:06 Lomithrani So how can I execute a cp.push in a state file then ?
15:07 kballou joined #salt
15:07 Lomithrani yeah I want to backup a file from a minion to my master actually
15:07 babilen Lomithrani: In a state you don't want to call execution modules, but actual states. Let me check if there is one for the cp module, but it would surprise me to be honest.
15:07 Lomithrani featherKing led me to cp.push that seem to do the trick but now I have to do it in a state
15:08 FeatherKing Lomithrani: what i was trying to do was call the module.run in a state and i think that would work but i havent finished it yet
15:08 Lomithrani So if you have another idea for me to transfer a file from a minion to my master I'll take it :)
15:08 FeatherKing module.run to call cp.push
15:08 FeatherKing is where i was headed
15:08 babilen Gareth: No, Lomithrani is trying to use http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.cp.html#salt.modules.cp.push (which is an execution module) as a state (which obviously fails)
15:08 masterkorp What is the "best" method to defined defalts for the pillar data on a template ?
15:09 Gareth babilen: Nod.  Just trying to get to the bottom of what Lomithrani is trying to do :)
15:09 mechanicalduck joined #salt
15:09 UtahDave joined #salt
15:10 Lomithrani The real bottom is trying to backup my cassandra database somewhere else than on the minion itself. Obviously I won't find a state who does that :p so I'm trying to backup files
15:11 jemejones joined #salt
15:12 gmeno joined #salt
15:14 btorch_ morning
15:15 gmeno joined #salt
15:15 btorch anyone has any idea why this happens when calling salt ? http://goo.gl/0WCF5E
15:15 DanGarthwaite joined #salt
15:16 davet joined #salt
15:17 masterkorp btorch: ok, that 0bin looks awesome
15:17 Gareth btorch: I think your sed line might be missing a /
15:19 Gareth UtahDave: morning :)
15:19 btorch well the sed works, what I meant is that salt keeps on showing it running all the time even when there is nothing to be done
15:19 UtahDave morning, Gareth!
15:19 btorch I tried using - quiet: true as well to the state and still nothin
15:20 btorch I also tried using unless and onlyif but I don't think I either got those right or just didn't work
15:21 icebourg joined #salt
15:22 icebourg joined #salt
15:22 Lomithrani babilen : so any Idea on what would be the best way to backup files of a minion on the master  ?  i got the suggestion of using cmd.run to do a scp on the minion , but there should be a cleaner way to do that shouldn't it ?
15:23 masterkorp gst
15:23 masterkorp erro
15:24 danielbachhuber joined #salt
15:26 scristian hi all, I configured an amazon server with salt then I created an AMI. all instances have the minion ID of the initial server. Is there any way to have this a random id at each boot ? thank you
15:26 ramishra joined #salt
15:26 mklauber left #salt
15:27 scristian or have their internal ip as the ID of the minion
15:27 thayne joined #salt
15:28 babilen Lomithrani: Why don't you configure actual backup solutions rather than trying to shoehorn one with salt?
15:29 Ozack1 joined #salt
15:30 Lomithrani Because my internship finish in 5 days =) And I thought salt could manage that . I could file.managed a script with salt-call cp.push in it but that's more or less the same as cmd.run scp . But then as usual you probably are right :)
15:31 babilen (i.e. something like backuppc, bacula, dirvish, obnam, bup, ...)
15:32 babilen If you are looking for something snapshot based that is easy to configure use dirvish and if you don't need snapshots obnam. Or integrate the box in whatever backup infrastructure is already available (you guys might already be running bacula, backuppc, ...)
15:34 Lomithrani well I already have the whole snapshot thing from cassandra , plus the way cassandra works it's pretty secure , but I wanted to add a layer of backup by saving those snapshot on my master 'just in case'
15:34 UtahDave Lomithrani: how much data are you talking about?
15:35 Lomithrani that will be a lot I guess. If I recall we are around 15millions view/day so that generates a lot in my cassandra
15:35 Lomithrani and it's growing so I have to plan for a lot
15:35 babilen I still don't think that it is a good idea to use salt for that.
15:35 Lomithrani I don't really know the volume it triggers though
15:36 Lomithrani babilen : then I'll trust you on that and tell it to my boss :)
15:36 Ozack1 joined #salt
15:38 babilen I mean that's just my "gut feeling", but I don't think that implementing this on top of the cp module is a good idea.
15:38 babilen (or would even perform well)
15:39 Ozack2 joined #salt
15:39 penguin_dan joined #salt
15:39 UtahDave Lomithrani: There is cp.push that will let you push a file or files up to the master, but I don't think we've really tested the performance characteristics of that.
15:40 babilen exactly
15:40 BrendanGilmore joined #salt
15:40 ramishra joined #salt
15:41 Lomithrani anyway , it seem to be recommended to do the backup on the minion , I should rather think to spread my cassandra cluster around multiple datacenter with the right replication factor so all my datas are present in each datacenter , and keep the backups on the minion so it's easier for the recovery.
15:42 Lomithrani plus , if I centralized the backup it kinda defeat the purpose , because 1 machine is much more suceptible to break than many datacenters
15:42 Lomithrani (especially if it's on one data center)
15:42 TheThing joined #salt
15:45 robinsmidsrod joined #salt
15:48 conan_the_destro joined #salt
15:52 tligda joined #salt
15:53 dvestal joined #salt
15:57 Ozack1 joined #salt
16:00 thayne joined #salt
16:07 mklauber joined #salt
16:08 ramishra_ joined #salt
16:08 ipmb_ joined #salt
16:08 ramishra_ joined #salt
16:12 fivethre1o joined #salt
16:12 mattmtl joined #salt
16:16 robinsmidsrod joined #salt
16:17 mklauber Is Salt 2014.7.0 out?
16:17 mklauber And has it made it to the ubuntu ppa?
16:17 madphoenix If the same host is matched in multiple pillar environment top files, how does salt decide which environment to serve pillar data from?
16:18 bmatt madphoenix: it doesn't; it serves from each of them
16:18 bmatt foo.sls is interpreted in the foo environment, bar.sls is interpreted in the bar environment, etc
16:19 KyleG joined #salt
16:19 KyleG joined #salt
16:21 mugsie joined #salt
16:22 blarghmatey joined #salt
16:22 UtahDave mklauber: no, not yet. I'm fixing a windows bug I found before we release the RC.
16:22 martoss joined #salt
16:22 mklauber Ok.  But halite should be supported on 2104.1.10 correct?
16:24 madphoenix bmatt: thanks.  what i'm trying to do is use different gitfs branches, specified as ext pillars, to work on pillar data related to saltenv gitfs branch
16:24 madphoenix but it seems like the only way to isolate a host in a single ext_pillar gitfs environment is to remove it from the topfile in the master branch
16:24 madphoenix does that seem correct?
16:24 madphoenix (remove it from master's top.sls and add it to the pillar branch's top.sls"
16:26 UtahDave mklauber: yep
16:27 gmeno joined #salt
16:28 KaaK joined #salt
16:28 mklauber Can Halite be run without tls?
16:28 cmhamill Is there any way to access the salt.util.network.calculate_subnet function in a jinja context? (i.e. while templating a pillar or sls file?)
16:32 UtahDave mklauber yes
16:33 berto- is gitfs integrated for pillar data as well?
16:33 mklauber UtahDave: I'm having difficulty getting it to start up.  I added the code from the tutorial to my master config file, and in the logs I see "Halite: Starting up ..." but it's not binding the port according to netstat
16:34 mklauber I've tried upping the loglevel, but that's all I've been able to find
16:34 KaaK can pillar data be set from a state? I'm really only finding examples of retrieving pillar data from states
16:35 KaaK My interest is in extending my existing pillar data that feeds to my salt formulas -- to keep down the 'reinvinting the wheel' that my formulas are already taking care of
16:36 schimmy joined #salt
16:36 KaaK For example, instead of creating users in a state explicitly -- setting that data in the appropriate pillar, and letting the user state formula do its thing
16:36 troyready joined #salt
16:38 smcquay joined #salt
16:41 schimmy joined #salt
16:42 babilen berto-: You can use external git pillars: http://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html#using-git-as-an-external-pillar-source
16:43 babilen KaaK: User creation from pillar data is done in https://github.com/saltstack-formulas/users-formula
16:43 babilen And no, you cannot set pillar data from a state.
16:43 KaaK babilen, I am using exactly that formula
16:43 Ozack1 joined #salt
16:43 babilen Well, I mean you could write states that tinker with your pillar data directly and then refresh the pillar on the master and something like that, but that's just insanity!
16:43 KaaK what I am seeing emerge however; is I have a ton of states that do their own thing for creating users
16:44 babilen Don't do that ;)
16:45 KaaK lots of code duplication -- when what should ideally happen is when states need to manage users, they should interact with user formula through its previously-existing pillar data interface
16:45 babilen You can add requirements on user states from the users formula (don't have my examples here right now), but then defining things twice doesn't really bother salt. It gets a bit tricky if they define different things though.
16:46 babilen KaaK: Yes, so create *all* users you need with the users-formula and introduce suitable requisites on it in the other states.
16:46 KaaK i guess the patter i see (perhaps correctly or incorrectly) is that instead of extending the user formula state -- what i *really* need to do is extend the user formula's pillar data
16:48 KaaK right now I just use the user formula to manage my _real_ users, and have to manage role/system users from their respective states
16:48 babilen Why extend it? I find it perfectly okay to write states that require usage of the users-formula with specific data points in the pillar
16:49 KaaK the problem is that extending the user formula doesn't create new users for me. the users formula basically defines a pillar data interface and then uses that interface + data to create users
16:50 babilen But then, otoh, it isn't really that easy in the end. If a service requires a specific user because you want to run that service as that user you should, IMHO, define it directly next to the service definition.
16:50 KaaK which as far as I can see necessitates the extention of pillar data (that it is operating on) _not_ the formula itself
16:51 UtahDave mklauber: I'm sorry, I'm not very knowledgeable on the details of halite.  whiteinge and pass_by_value might be better able to help you.  You might catch them on the mailing list if they're not here right now
16:51 babilen I know, I am using the users-formula for a lot of things, but only for human users. System users are created by the package's postinstall scripts and I simply define a "user.present" state that I require in the other service related states.
16:51 KaaK babilen, fair enough
16:52 babilen KaaK: I mean typically most distributions aren't so clueless to not normalise the names of system users and make those available ...
16:52 babilen Even Arch people got around to do it ;)
16:52 babilen (informally rather)
16:53 ramishra joined #salt
16:53 KaaK pardon the ignorance, but in what manner do you mean normalise?
16:53 babilen uid 1234 is always user "foo"
16:53 KaaK ahh
16:54 babilen (cf. /usr/share/doc/base-passwd/users-and-groups.txt.gz on Debian for example)
16:54 KaaK looks like an excellent read -- thanks!
16:54 chrisjones joined #salt
16:55 babilen That way you could even define a user www-data that shares the "normal" attributes with the one that is present on the system (or would be created by a postinstall script). You would need this if you want to create additional directories or manage files that belong to that user and you want to require it
16:56 forrest joined #salt
16:56 intellix joined #salt
16:56 babilen Just make sure that you set attributes identically so that the user created by salt (if you, for some reason, install the package that would create it later) so that it simply turns into a "no-op" later. But then I would require the pkg.installed from the user state.
16:57 babilen For non-system users I have no problem in writing states that require the user-formula and specific data in the user-formula pillar.
16:58 babilen KaaK: Are you on Debian?
16:58 KaaK babilen, Debian and Ubuntu
17:02 babilen Okay - You have certain users that are managed by base-files and that are simply present on every system. Those are discussed in the text I mentioned earlier. Other postinstall scripts typically don't hardcode UIDs in their scripts and simply call "adduser --system ..." or the like. You can easily express the same logic in salt.
17:02 fbretel left #salt
17:03 notpeter_ joined #salt
17:03 babilen This is, obviously, distribution specific and you should therefore define that based on, say, os_family (or even os if necessary)
17:04 babilen In the end I try to make those states "no-ops" for salt by making sure that the Debian package is installed first. It is also no problem to define the same thing over and over again unless you use different settings for the same user.
17:05 whiteinge cmhamill: no. but that's something that should definitely be exposed as an execution module ala: https://github.com/saltstack/salt/blob/143f655/salt/modules/network.py#L711
17:06 whiteinge mklauber: what version of halite did you install (and how) and what server are you using?
17:09 * robawt highfives whiteinge
17:10 * whiteinge highfives robawt right back
17:10 ml_1 joined #salt
17:11 mklauber whiteinge: pip install halite, version is 0.1.17
17:12 whiteinge mklauber: and which server?
17:13 mklauber master?  I assumed that's the only place you can put it.
17:13 m1crofarmer joined #salt
17:13 schmutz joined #salt
17:14 whiteinge mklauber: i mean which web server
17:14 mklauber oh sorry CherryPy
17:14 whiteinge ok. and you're running with SSL disabled, right?
17:15 mklauber correct.
17:16 whiteinge pastebin your halite config?
17:16 mklauber here's my halite config:  https://gist.github.com/mklauber/ffcebd82241ed44fc22a
17:16 whiteinge :)
17:16 forrest mklauber, were you following through the instructions in the documentation for the install?
17:16 mklauber forrest:  http://docs.saltstack.com/en/latest/topics/tutorials/halite.html
17:17 forrest mklauber, hmm that's quite annoying, some people have no issues when going through there, and some do have issues. When you figure it out can you please create an issue (or a PR) so we can update it again?
17:18 mklauber forrest: Will do.  I'm noticing a strange behavior.  It seems that the top level process is crashing I get a <defunct> in the process list.
17:18 forrest mklauber, interesting
17:18 mklauber THe children still exist and are running.
17:19 mklauber I also don't seem to be getting any logs.
17:20 herlo okay, why am I getting this error? http://fpaste.org/123945/14074319/
17:20 herlo forrest: I feel like I'm going around in circles here.
17:20 Ryan_Lane joined #salt
17:20 blarghmatey joined #salt
17:20 herlo I checked the syntax and it appears it should be correct. I've done both onlyif and unless. So strange that it's not working.
17:22 herlo UtahDave: ^^
17:27 UtahDave herlo: you have to specify the state in your require.   - require:\n  - cmd: mv_ssl.conf
17:27 ryan__ joined #salt
17:27 chrisjones joined #salt
17:27 * goodwill slaps herlo
17:27 herlo wait, what?
17:28 m1crofarmer joined #salt
17:28 bhosmer_ joined #salt
17:29 herlo so the error message isn't clear. I wish it had a line number or something.
17:29 * herlo slaps goodwill
17:29 herlo UtahDave: I was looking at the mv_ssl.conf state itself, I couldn't see anything wrong with it. Had I a line number, it would have been easier to see. :-/
17:30 goodwill herlo: SLAP FIGHT!!!
17:31 herlo goodwill: slaps giving! :)
17:31 UtahDave true
17:36 schmutz joined #salt
17:38 patarr so i have a machine that got assigned the wrong minion name because the master had it wrong in the hosts file.
17:38 JoeHazzers joined #salt
17:38 patarr How can I update this? I changed the entry in /etc/hosts but it's not reflected when I test.ping
17:40 jY edit /etc/salt/minion_id
17:41 thayne joined #salt
17:41 berto- babilen: thanks for the ext_pillar URL with git example.  can i use that for per-environment pillars, similar to using gitfs for states?
17:41 UtahDave patarr: the easiest way would probably to delete the minion's key from the master and reaccept the key again.  as well as jY's comment
17:46 aw110f joined #salt
17:47 babilen berto-: Just like in GitFS branches in pillars are mapped to environments (which I strongly dislike)
17:48 xintron Is there any way to specify the minimum version for an apt package using pkg.installed?
17:48 babilen xintron: That sounds like some seriously broken setup
17:49 babilen s/some/a
17:49 cpowell joined #salt
17:49 xintron babilen, The problem is that I'm depending on another repository which has a newer version than in debians repos
17:50 xintron I just want to enforce that I get the package from the other repo and not the debian main one
17:50 babilen xintron: So configure that repository and use fromrepo in the pkg.installed state
17:50 babilen Which package is that btw?
17:50 xintron babilen, nginx and redis-server
17:51 babilen And you need something newer than the 1.6.0-1~bpo70+1 nginx in wheezy-backports or do you simply want to make sure that you install it from wheezy-backports?
17:51 gmeno joined #salt
17:51 herlo UtahDave: https://github.com/saltstack/salt/issues/14829
17:51 herlo UtahDave: just FYI and so you can tag it for me. :)
17:52 UtahDave thanks, herlo!
17:52 herlo UtahDave: no problem, now get to work! :D
17:52 ckao joined #salt
17:53 xintron babilen, True, the redis-server and nginx seems to be in a decent state (regarding versions).
17:54 xintron babilen, But wouldn't the use of wheezy-backports make upgrades etc on the server fetch from there since all versions there will be newer?
17:55 bezeee joined #salt
17:55 babilen xintron: And 2:2.8.6-1~bpo70+1 is the redis-server version in wheezy-backports. Sounds as if you want to configure that repo using a suitable pkgrepo state (e.g. http://paste.debian.net/114233/ ) and use fromrepo wheezy-backports
17:57 druonysus joined #salt
17:57 druonysus joined #salt
17:57 babilen xintron: No, packages in wheezy-backports are not installed by default because it is configured as NotAutomatic: yes and ButAutomaticUpgrades: yes -- See "man 5 apt_preferences" for details
17:57 babilen You therefore have to explictly request them (but you get updates once installed from there)
17:57 xintron Oh, sweet
17:58 xintron Thanks!
17:59 babilen You are welcome! If you have more Debian specific questions we should probably continue discussing it in #debian though :)
17:59 xintron Yeah, ofc
17:59 srage joined #salt
18:06 ramteid joined #salt
18:08 mklauber What's the mostly likely reason I'm getting "Halite: Unavailable"
18:10 cpowell joined #salt
18:10 babilen .oO( halite is unavailable )
18:10 babilen mklauber: When I do ... I get ... http://paste.debian.net/... but I expected ...
18:11 mklauber babilen: Fair enough.
18:14 mklauber When I do "service salt-master stop; pip install halite CherryPy; vim /etc/salt/masters.d/halite = https://gist.github.com/mklauber/5ea1a3f2541b29b79902; service salt-master start" I get Halite: Unavailable, but I expect python to be listening on port 8080
18:14 mklauber https://gist.github.com/mklauber/5ea1a3f2541b29b79902
18:16 elfixit joined #salt
18:16 mklauber my master file:  https://gist.github.com/mklauber/60ff487d03c00c8aaaa0
18:17 mklauber Is there anything I can do to increase my logging level for Halite?
18:25 saurabhs joined #salt
18:29 cpowell joined #salt
18:30 schmutz joined #salt
18:30 martoss joined #salt
18:36 mklauber When I run service salt-master start I expect to see "Halite: Starting up ..." in the logs, but I get "Halite: Unavailable".  But when I start a python shell "import halite" does not error out.
18:38 forrest mklauber, did you try to manually start halite yet?
18:39 jalbretsen joined #salt
18:39 mklauber No.  I was following the tutorial, which indicated it should startup with salt-master.
18:39 forrest mklauber, it should
18:39 forrest :P
18:39 forrest check out the readme docs
18:39 forrest https://github.com/saltstack/halite
18:39 forrest if you scroll down about 1/3 of the way
18:39 forrest there's an example using all 3 servers to manually start halite
18:40 forrest maybe that will provide some more info
18:40 mklauber kk
18:47 FeatherKing so will 2014.7 really be called 2014.8 now?
18:48 cym3try joined #salt
18:50 funzo joined #salt
18:51 mklauber forrest: So running server_bottle indicates "ImportError: No module named wsgiserver2"
18:53 Ozack1 joined #salt
18:53 forrest mklauber, hmm, isn't that a cherrypy issue?
18:53 mklauber Looks like
18:53 mklauber THe import statement is nowhere in halite.
18:54 Eliz joined #salt
18:54 mklauber forrest: Alright, I'm going to try one of the others instead.  would you recommend gevent or paste?
18:54 Nazzy joined #salt
18:54 forrest mklauber, I think when I originally set my test up (last year) I used gevent.
18:55 mklauber forrest: kk.  THanks for all your help
18:55 toastedpenguin1 joined #salt
18:56 forrest mklauber, yea np, sorry I couldn't be more help. It's been a loooooong time since I wrote that doc
18:56 mklauber No worries.  You work at Salt then?
18:56 forrest mklauber, nope, I just like documentation
18:57 mklauber hahah you are true internet hero.
18:57 forrest woo
18:57 forrest really it's more because I'm an idiot, and if it isn't documented I'll probably forget
18:58 Ozack2 joined #salt
19:01 mklauber Woo! Thanks forrest.  Going to gevent solved things.
19:01 forrest mklauber, awesome
19:02 mr_chris joined #salt
19:03 Colttt joined #salt
19:03 Colttt Hello..
19:03 forrest Hi.
19:03 Colttt Are german speaking users Herr?
19:04 Colttt s/Herr/here/
19:04 manfred FeatherKing: no, beacuse it was tagged in july.
19:05 FeatherKing :)
19:05 FeatherKing im ready for it
19:06 forrest Colttt, I know there are a few users that speak German, but I don't know if they are around right now.
19:07 Colttt forrest: thx for this information..
19:08 forrest babilen, are you around?
19:09 Colttt my english is not the best, i would like to know what are the difference/pro/contra between salt and puppet..
19:09 xintron Doesn't test=True work with salt-call?
19:09 jemejones left #salt
19:09 Colttt because my company need a system-management-system..
19:10 babilen forrest: I am, yes
19:10 forrest babilen, do you speak German? I can't remember. I know you live there
19:10 babilen I do
19:10 forrest babilen, could you give Colttt a quick rundown on the differences between Puppet and Salt?
19:10 Colttt And it looks like they will use puppet and I search a few arguments for salt and against puppet
19:10 babilen But, unfortunately, I can't really provide a comprehensive discussion of salt vs puppet at the moment as I have an appointment soon.
19:10 forrest babilen, ahh ok
19:11 forrest Colttt, well, there are some great articles online that I can at least point you at http://blog.smartbear.com/devops/a-taste-of-salt-like-puppet-except-it-doesnt-suck/
19:11 Colttt Was heisst Dennis appointment?
19:11 forrest Colttt, also http://ryandlane.com/blog/2014/08/04/moving-away-from-puppet-saltstack-or-ansible/ talks about moving away from puppet to Salt
19:11 babilen Colttt: Nun, salt ist auf jeden Fall neuer und sehr viel aktiver. Puppet ist älter und hat somit sicher für einige Anwendungsbereiche bereits Lösungen gefunden die es so in salt noch nicht gibt.
19:12 Colttt Babilen: ich meine : was heisst denn appointment?
19:13 Vivi-1_ joined #salt
19:13 quantumriff joined #salt
19:14 Colttt Babilen: mein Institut über legt evtl Puppe ein zu setzen, ich bräuchte jetzt ein paar facts die für Salt und gegen puppet
19:14 babilen Colttt: Häufig wenn man Vergleiche zwischen salt, ansible und Puppet liest werden folgende Punkte besonders hervorgehoben: Puppet ist langsam in der Benutzung und Bugs werden wohl auch eher langsam behoben. Darüberhinaus ist puppet *sehr* Ruby spezifisch was dazu führt, dass eigentlich alle Benutzer Ruby lernen müssen und es gibt keine besonders mächtigen DSLs (domain specific languages). Salt hingegen macht vieles einfacher
19:14 quantumriff Quick networking/firewall question.. on my salt-master.. I should see the same number of connections on port 4505 and 4506, right?
19:14 quantumriff one port is master to minion, and the other is minion to master?
19:16 babilen Colttt: Klar, Ich verstehe, dass es hier sicher zu Diskussionen kommt aber Du wirst nicht darum herumkommen ein paar Artikel auf Englisch zu lesen die diese Frage diskutieren. Ich kann Dir auch nur empfehlen einfach mal dasselbe Problem in beiden zu lösen (z.B. Installation von lighttpd mit SSL Zertifikation, ...) und die Lösung dann zu vergleichen.
19:16 peters-tx joined #salt
19:17 babilen Colttt: Was mir persönlich an salt gefällt ist: 1. Es ist sehr schnell 2. Probleme werden in der Community schnell behoben und man kann direkt mit den Entwicklern sprechen
19:18 chrisjones joined #salt
19:18 babilen Colttt: 3. Dinge die einfach sind kann man schnell in Python implementieren 4. Es gibt bereits viele Lösungen (formulas) für verschiede Programme 5. Wenn man was kompliziertes machen will kann man es selber in Python implementieren (schöner code eigenltich)
19:18 babilen (sorry, nun was anderes zu tun)
19:18 babilen Ausserdem mag Ich kein Ruby)
19:19 Colttt babilen: ok, trotzdem danke..
19:19 Colttt Eins aber noch arbeiten Puppet und Salt unterschiedlich?
19:19 mprymek_ joined #salt
19:32 sinwave joined #salt
19:33 mklauber does salt by default print log messages from halite?  I see the startup message, but I'm not seeing log messages from anything that doesn't start 'salt.*' Do I need to use the log_granular_levels?
19:36 gmeno joined #salt
19:39 Corey Hi. My name's Corey, and I'm starting a project with a client that's using Salt. How do I salt?
19:41 Ryan_Lane joined #salt
19:41 bmatt Corey: first, google "salt configuration management tutorial" :)
19:45 dimeshake the walkthrough is great, Corey - gets you a good idea of what's going on quickly
19:50 srage joined #salt
19:54 forrest bmatt, dimeshake Corey is trolling you guys
19:54 bmatt you don't say
19:55 forrest just making sure :P
19:55 techsoldaten_alt joined #salt
19:56 dimeshake :}
19:56 borgstrom joined #salt
20:00 v0rtex can anyone explain why sometimes calling highstate may not actually give me any results/output and why jobs.lookup_jid is also blank for the job?
20:00 user__ joined #salt
20:00 skullone is it normal the the 'osmajorrelease' grain to be multi-line?
20:01 skullone running centos 6.5, and 6 and 5 are on different lines :p
20:01 FeatherKing v0rtex: what about jobs.active
20:01 FeatherKing is t still running?
20:01 jhauser joined #salt
20:01 forrest v0rtex, because some sort of task is taking a long time to return (usually package repo updates, installations, etc.)
20:01 forrest v0rtex, try using -t 60
20:02 forrest for a 60 second timeout
20:02 bezeee joined #salt
20:03 techsoldaten_alt left #salt
20:04 v0rtex FeatherKing, forrest: it was a config file update and the file was updated correctly as expected - just no data back
20:04 v0rtex FeatherKing, forrest: it's not listed in jobs.active
20:04 troyready joined #salt
20:05 v0rtex according to two guys on my IT team it happens periodically for them and a subsequent highstate call shows that everything is up to date
20:05 chrisjones joined #salt
20:06 FeatherKing maybe check the minion log
20:06 FeatherKing ive had to go look up the results many times but ive never had one work and not show results
20:07 FeatherKing are the minions over a WAN
20:07 mway v0rtex: FYI, that happens to me possibly 10-20% of the time, where it will just not return any output, but a subsequent call shows that the previous call was successful. Haven't found a workaround/cause yet, but just so you know, you're not the only one.
20:08 mway v0rtex: What version of Salt are you using?
20:08 v0rtex mway: we're on 2014.1.7
20:09 v0rtex FeatherKing: minions are on internal network
20:09 v0rtex in this case all we did was change a zone file and call highstate to update on the nameserver
20:09 mway v0rtex: has the no-response issue been a historical or recent one?
20:10 FeatherKing how many minions
20:11 v0rtex mway: one of my guys says he's seen it at least for several versions since he started trying to use salt
20:12 v0rtex FeatherKing: we have 12 minions up and 5 down at the moment
20:13 bezeee joined #salt
20:13 FeatherKing i miss output all the time but i have never seen the jid lookup be empty
20:13 FeatherKing i guess i wont be much help, i was going to suggest more workers, but not for the few of minions
20:13 forrest the job might not be active any longer, just check the job log itself
20:13 mway FeatherKing, v0rtex: it'd probably be empty by the time he checked it if it were a quick job
20:13 FeatherKing no
20:13 FeatherKing im talking about the job cache lookup
20:13 FeatherKing 24 hour default stored
20:14 mway ah, sorry, thought you meant jobs.active
20:14 mway :)
20:14 FeatherKing ah no
20:14 FeatherKing salt-run * jobs.lookup_jid <jid>
20:14 FeatherKing should always have the output if its finished
20:14 FeatherKing but he is seeing nothing
20:14 v0rtex that's correct - job done but job data empty
20:16 Corey forrest, bmatt, dimeshake: I'm not very good with the computars. :-(
20:20 dimeshake neither am i corey, neither am i
20:21 user__ joined #salt
20:21 srage joined #salt
20:21 j-saturne joined #salt
20:24 v0rtex FeatherKing, forrest, mway: I'm seeing a bunch of messages in the minion logs saying "SaltReqTimeoutError: Waited 60 seconds" ...related perhaps?
20:24 ericof joined #salt
20:24 v0rtex that message shows up twice for every 10 minutes that goes by
20:25 dude051 joined #salt
20:27 adhok joined #salt
20:28 forrest Corey, I thought that was the point of the suit?
20:29 forrest v0rtex, Could be, I've gotta run to a meeting. Best of luck
20:31 druonysuse joined #salt
20:31 FeatherKing v0rtex: when i was seeing a lot of those messages the other day i had to delete the key on my master and re-accept
20:31 FeatherKing but my master was being ddos'ed by all my minons
20:32 FeatherKing but i would think that message is related, especially if it is timing out on sending the highstate results back
20:32 FeatherKing you coudl run a minion in debug
20:36 TheThing joined #salt
20:36 mr_chris left #salt
20:41 adhok just a heads up, on your documentation page, the pdf link just returns a single page pdf with your company logo on it.  The epub works though.
20:43 Luke joined #salt
20:45 druonysuse joined #salt
20:45 druonysuse joined #salt
20:46 Damon joined #salt
20:46 srage_ joined #salt
20:47 whiteinge adhok: thanks for the heads-up
20:50 TheThing joined #salt
20:50 aquinas joined #salt
20:51 bhosmer_ joined #salt
20:52 chrisjones joined #salt
20:52 Hemebond left #salt
20:53 gmeno joined #salt
20:54 adhok the epub states that you don't support 14.04 yet, is that accurate or just a wee bit old?
20:54 UtahDave adhok: Yeah, we do indeed support Ubuntu 14.04
20:55 adhok kk thanks
21:00 mklauber left #salt
21:01 lwh joined #salt
21:01 taterbase joined #salt
21:01 herlo UtahDave: forrest: whiteinge: Help me to see what I am doing wrong here. I've got a dhcp formula in place, but it's not running! Aaahhhh!!!
21:01 herlo http://ur1.ca/hxjzp
21:01 bhosmer joined #salt
21:03 whiteinge herlo: put a space after the dash in ``- installed``
21:03 bhosmer joined #salt
21:04 herlo ugh
21:04 rojem joined #salt
21:04 herlo no error though...
21:05 herlo whiteinge: you have failed me again
21:06 herlo whiteinge: and nothing seems to have changed. hmm
21:07 gmeno joined #salt
21:08 yomilk joined #salt
21:09 ipmb joined #salt
21:09 whiteinge herlo: run that state with ``salt-call -l debug state.sls <whatever>``. you'll be able to see exactly what salt is running at the CLI
21:09 herlo fine! :D
21:09 whiteinge ^^ that is the most straightforward way to debug
21:09 herlo indeed
21:11 herlo whiteinge: what is the '<whatever>' supposed to be here? /usr/bin/salt-call -l debug dhcp/init.sls saltenv=dev test=true <-- this is what I tried.
21:11 herlo got Function dhcp/init.sls is not available
21:12 Ozack1 joined #salt
21:13 scarcry herlo: just leave out init.sls in that line I reckon so try: salt-call -l debug dhcp state.sls saltenv=dev test=true
21:13 * whiteinge slaps herlo
21:13 * herlo isn't this smart.
21:13 herlo scarcry: what does 'state.sls' do there?
21:14 whiteinge herlo: ``salt-call`` is the same thing as ``salt`` but without the target (because you're running it directly from the minion)
21:14 herlo right
21:14 whiteinge so run whatever command you were running from the master but from the minion
21:14 whiteinge using salt-call instead of salt
21:14 herlo so I was using state.hightstate. state.sls is a command of some sort?
21:14 herlo this is what I am asking
21:14 whiteinge !modules.state.sls | herlo
21:14 wm-bot4 herlo: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.sls
21:15 whiteinge !modules.state.highstate | herlo
21:15 wm-bot4 herlo: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.highstate
21:15 herlo whiteinge: I think I've run this before once...
21:15 herlo Function dhcp is not available
21:15 herlo [root@pdx-stg-master dev]# /usr/bin/salt-call -l debug dhcp state.sls saltenv=dev
21:16 whiteinge anatomy of a salt command:  salt <target> <module>.<function> [arguments]
21:16 herlo whiteinge: am I on the right track now?
21:16 whiteinge herlo: closer. if you had been running highstate, stick with highstate but use salt-call to kick it off
21:16 herlo whiteinge: I understand that, I figured state.highstate was useful enough.
21:16 herlo whiteinge: yes, that's how I do it always.
21:16 bhosmer_ joined #salt
21:17 herlo whiteinge: getting 'Function dhcp is not available ' consistently.
21:17 tcotav shouldn't syntax be
21:17 herlo whiteinge: /usr/bin/salt-call -l debug dhcp state.sls saltenv=dev <-- this!
21:17 tcotav salt-call -l debug state.sls dhcp saltenv=dev
21:17 herlo ugh, order
21:17 whiteinge herlo: stop running state.sls and start running state.highstate. that's what i'm telling you.
21:17 tcotav with dhcp after state.sls?
21:17 srage joined #salt
21:17 herlo whiteinge: I wasn't running state.sls, someone else told me to do that.
21:18 tcotav I use state.sls to focus on one state at a time fwiw
21:18 tcotav but I think syntax is as I listed above
21:18 tcotav (or at least it works that way for me)
21:18 whiteinge herlo: that was me and it was just an example. the point i was trying to make is: use salt-call for debuggin stuff. didn't mean to derail things.
21:18 herlo whiteinge: I'm not using salt at all, just salt-call. I don't run a mater
21:18 herlo master
21:19 herlo so I've been doing that from the beginning. :)
21:19 whiteinge <facepalm>
21:19 UtahDave herlo: the only way your top file will be evaluated and used is if you use  state.highstate
21:20 whiteinge herlo: so do that but with MORE LOGGING so you can see what's going on
21:20 herlo UtahDave: yes, I am aware. God this is hard. I had that the whole time.
21:20 herlo whiteinge: I am -l debug is in place
21:20 whiteinge grrrr
21:20 herlo get an error I already fixed, it's like a cached thing
21:20 whiteinge you said it wasn't doing anything...
21:21 herlo whiteinge: yeah, the order
21:21 herlo whiteinge: I fixed the order -- uses state.sls dhcp and it worked. state.highstate was doing nothing
21:22 herlo UtahDave: whiteinge: http://ur1.ca/hxk4c
21:22 herlo You can see the diff at the bottom showing I don't have the } anymore but salt thinks I do for some reason.
21:23 Ryan_Lane joined #salt
21:26 whiteinge herlo: double check file directly and not git. salt has a predictable place for caching files: /var/cache/salt/minion/files
21:26 * herlo clears the cache
21:26 srage joined #salt
21:27 babilen (and it also looks as if you haven't actually committed your change)
21:28 herlo whiteinge: hmm -- Dont' see 'files' file.
21:28 herlo less /var/cache/salt/minion/
21:28 herlo extmods/           extrn_files/       highstate.cache.p  highstate.p        module_refresh     pkg_refresh        proc/
21:28 whiteinge looks like salt is not caching your files then. probably because you're running masterless and it doesn't need to
21:29 herlo right
21:29 herlo that file is clean of the }
21:29 herlo whiteinge: ^^
21:30 patarr thank jY and UtahDave
21:32 whiteinge herlo: please pastebin the following:    salt-call -l debug state.show_highstate
21:32 herlo sure
21:33 tcotav bounce your salt-minion
21:34 herlo whiteinge: http://ur1.ca/hxk6u
21:34 scarcry herlo: have you tried restarting your salt-minion?
21:34 tcotav ^
21:34 scarcry tcotav: beat me to it
21:34 tcotav running masterless, I've had a bit of file stickiness now and again
21:35 herlo tcotav: it's not running http://ur1.ca/hxk6z
21:35 * scarcry has never run salt masterless
21:35 herlo tcotav: don't need it to run...
21:35 kermit joined #salt
21:35 tcotav eh?
21:35 tcotav to handle your salt-call --local ?
21:36 herlo don't use --local
21:36 tcotav oh
21:36 tcotav sorry
21:36 v0rtex is it possible to use the file.symlink state without it attempting to change ownership of the symlink?
21:36 herlo :)
21:36 * tcotav will stop half following thread now :(
21:36 herlo scarcry: tcotav: I've started the salt-minion, no change.
21:36 bhosmer joined #salt
21:36 herlo scarcry: tcotav: Just in case that made a difference.
21:37 v0rtex it creates the symlink fine but then it tries to change ownership and therefore causes the state to fail
21:37 v0rtex it's an NFS mount where it's creating it so...yeah
21:38 herlo v0rtex: chown on a symlink? That's weird.
21:38 v0rtex herlo: yeah my state doesn't specify a user or group but it tries to set it to root:root apparently
21:39 v0rtex herlo: the message I get for the file.symlink state says: "Failed to set ownership of symlink /mnt/source/dc/library/DDM to root:root"
21:40 skullone is there a way to declare sub-states from within a state? say you had an exim state, inside the exim state, can you have an exim::av state? (similar to puppet)
21:40 herlo v0rtex: the ownership of symlinks is always root.root. I don't see a reason to change that. But it is weird that it's even trying.
21:40 herlo skullone: yes
21:40 ajprog_laptop1 joined #salt
21:40 herlo skullone: you do something like this. dhcp/init.sls -- dhcp/server.sls would be its subclass.
21:40 herlo inside server.sls, you can do
21:41 herlo an include
21:41 skullone ah ok
21:42 herlo skullone: http://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html
21:42 herlo might help
21:42 herlo whiteinge: so no luck from me.
21:42 whiteinge herlo: (meatspace distraction) i see a completely different error in that show_highstate output. conflicting ID
21:43 whiteinge looks like the machine you're running that on is matching multiple environments. is that right?
21:43 herlo whiteinge: right, because you are not using saltenv=dev
21:44 herlo whiteinge: yes, only one environment 'on purpose'
21:45 whiteinge herlo: please re-run with the env param and pastebin that
21:45 herlo whiteinge: thought I had.
21:45 herlo ugh, guess not. Hang on
21:46 chrisjones joined #salt
21:46 herlo whiteinge: guess what. It looks like it was an error with the git tree. Somehow git had two directories nested within each other. I was editing one and running the other. GAh!
21:47 whiteinge glad you found it
21:47 v0rtex so if anyone has any insight, here's the salt state: http://hastebin.com/isijerican.mel and here's the result: http://hastebin.com/dujigidere.pas
21:48 herlo whiteinge: I'm not. It was so annoying. Thought it was salt this whole time.
21:48 v0rtex the symlink is definitely created successfully at least...I just don't want it to fail due to trying to change ownership
21:48 skullone how complex do people like their config management to get? ive found a LOT of people made their puppet manifests needlessly complex
21:48 tcotav I make mine so ridiculously complex that only I can decode them.  job security.
21:49 herlo skullone: needlessly? Mine are pretty complex, but mostly it allows me to separate data from the rules.
21:49 tcotav (I was kidding)
21:49 skullone well, seperating data from the rules is fine
21:49 insanejudge joined #salt
21:49 whiteinge herlo: you're not glad you found it? why do you hate salt, herlo? why?
21:49 skullone in fact, thats ideal, IMHO
21:49 skullone doing conditionals and such isnt very complex, but some puppet manifests are simply unreadable
21:50 skullone maybe its more a fault of puppets DSL
21:50 herlo whiteinge: I love salt, I hate my fat fingers.
21:50 herlo whiteinge: I now have more work to do. If I fail to figure something out, I can give up after a while. :)
21:51 herlo whiteinge: you should have not tried as hard to help me, gah!
21:51 whiteinge haha
21:51 whiteinge herlo: if i don't try hard then it makes it more difficult to get beers out of you later
21:53 herlo true
21:53 herlo whiteinge: I have some wonderful bitch beers here. Come on by next week.
21:53 whiteinge ...all part of my master plan
21:53 whiteinge ooh
21:53 herlo whiteinge: that way I can call you a bitch while you drink it. :)
21:54 * whiteinge weighs the pros and cons of such a situtation carefully....
21:54 dmick doesn't matter, had beer
21:56 herlo whiteinge: drunk bitches get more beer. :)
21:56 herlo YAY!!!!!!!!!!!!!!! IT FINALLY WORKS!
21:57 whiteinge \o/
21:57 Ozack2 joined #salt
22:02 bezeee joined #salt
22:07 Ryan_Lane hey everyone. any update on the RC?
22:08 che-arne|2 joined #salt
22:08 forrest Ryan_Lane, not that I've heard
22:09 adhok left #salt
22:09 gmeno joined #salt
22:10 joehillen joined #salt
22:11 dvestal_ joined #salt
22:17 Comradephate joined #salt
22:17 bhosmer joined #salt
22:19 bhosmer_ joined #salt
22:19 DaveQB joined #salt
22:20 TheoSLC joined #salt
22:21 TheoSLC Hello ye saltine's
22:21 ipmb joined #salt
22:22 jpsteinmetz joined #salt
22:22 TheoSLC I just had a system go down due to the minion cache size growing to 3.5gb in size.
22:22 forrest TheoSLC, inside of /var/cache/salt?
22:22 TheoSLC forrest: yes
22:22 forrest TheoSLC, hmm, I've been seeing several people have that issue over the past month or two
22:23 TheoSLC forrest: hundreds of old .war files were in there
22:23 forrest lol
22:23 forrest that's awesome
22:23 forrest I assume you blamed Java then? :P
22:23 jpsteinmetz quick question. i've just learning salt using a masterless windows minion. i have a simple batch script (that echos a message) as an installer. when this batch script executes during pkg.installed it yields a failed result from salt. is this a bug?
22:23 TheoSLC lol.  I would like to.  in this case i blame salt.
22:23 berto- Does an update to the salt master configuration require a restart or is there some way to reload the master’s configuration?
22:23 TheoSLC Does salt manage it's own cache at all?
22:24 forrest berto-, have to restart
22:24 berto- forrest: thanks.
22:24 forrest TheoSLC, I don't honestly know, I've never run into that
22:24 forrest berto-, np
22:24 TheoSLC forrest: I can't find any settings for cache size or expiration it in the config.
22:24 forrest jpsteinmetz, the batch script is part of the installer? Or is it the installer itself? I don't know exactly how the windows minion treats the expected result.
22:25 TheoSLC forrest: it would give me such heartburn if I had to start monitoring and cleaning up the salt cache on my own.
22:26 jpsteinmetz forrest- the real installer is a python script that exits 0 normally, i created the simple batch script as a replacement to test if it was the python script or scripts in general. so the batch script exits normally and does nothing, but it is set as the installer itself in the sls
22:26 forrest TheoSLC, I agree
22:26 forrest jpsteinmetz, interesting, I'm not quite sure then, I don't have enough familiarity with the windows minion, sorry :(
22:26 forrest TheoSLC, I know there is the keep_jobs value that clears out jobs...
22:27 forrest but that's a master setting
22:27 bezeee joined #salt
22:28 forrest whiteinge, is there a setting for minions to clear out the cache directory? TheoSLC is having a bunch of cached files hang around.
22:28 jpsteinmetz forrest: okay, for my python script, is there anything special about the way it would be executed that could cause the result to be false as well?
22:28 TheoSLC salt-run cache.clear_all  will clear it all
22:29 forrest TheoSLC, yea but if should be cleaning up itself
22:29 aquinas joined #salt
22:29 forrest jpsteinmetz, Not that I can think of. Have you tried installing an actual package just to confirm the functionality is operating as expected?
22:29 forrest TheoSLC, https://github.com/saltstack/salt/issues/6759
22:30 forrest there should be a way to auto clear though
22:30 berto- how can i verify a reactor is ... reacting?  ;)
22:30 forrest so the minion config just cleans it up after x amount of time
22:31 jpsteinmetz forrest: i haven't tried a package hosted on git or anything but i have tried 'salt-call pkg.install' for the package in question. when i do i get the output 'local:\n    -----------'
22:36 noob joined #salt
22:36 TheoSLC forrest: a grains cache exiration exists.  We just need the same thing for files.
22:36 jsm joined #salt
22:37 druonysuse joined #salt
22:40 stevednd Is there a way to tell salt to always run with -v?
22:41 stevednd other than just doing a shell alias?
22:42 TheoSLC I asked for a file cache expiration here https://github.com/saltstack/salt/issues/5057
22:43 forrest jpsteinmetz, I don't know what the expected output back from a windows server is, you have to have the package repo thing configured.
22:43 forrest TheoSLC, cool
22:44 srage joined #salt
22:44 jpsteinmetz forrest: hrm, yea i'm using the local winrepo i set up (per the docs). i just tried setting up a pkg for python itself (copying the sls file from salt-winrepo) and im' getting the same failed result
22:45 forrest jpsteinmetz, ok then at this point the only suggestion I can make is to restart the service, but turn on debug logging
22:45 jpsteinmetz forrest: the installer definitely gets run though, in the case of my python script i could see the output when i enabled debug logging
22:45 forrest jpsteinmetz, that's odd
22:46 jpsteinmetz forrest: i'll try restarting the salt service
22:47 forrest ok
22:48 jpsteinmetz same result
22:49 forrest jpsteinmetz, yea I'm not sure then past trying to figure out via reviewing the logs more, I'm really not familiar with the windows side, I've never set it up
22:49 forrest jpsteinmetz, it might be worth creating a post on the mailing list if you've gone through all the windows docs already
22:50 jpsteinmetz forrest, ok. i'll look over the docs again and make a post. thanks for your effort
22:50 vu joined #salt
22:50 Guest41718 hey, i'm getting started with salt - looking great so far. one thing i'm wondering is where to store actual values for sensitive config (e.g. passwords). it seems they should go in a pillar, but you wouldn't want to have "password: myplaintextpw" in a (private) github repo would you?
22:50 forrest jpsteinmetz, np, sorry I couldn't be of more help
22:50 Guest41718 the other options that come to mind are A) store the sensitive values on laptop and have a script that sed's the necessary pillar files on the salt master server whenever there are chages; or B) manually setting them on the salt master server
22:51 Guest41718 none of these seem great.. so wondering what most people do
22:51 forrest Guest41718, We store our pillar data exclusively on the master in those situations
22:52 forrest Guest41718, you could have pillar files which only contains those passwords, then you don't have to update them except for when the password changes
22:52 chrisjones joined #salt
22:54 Guest41718 yeah that seems like the most secure option. but the downside of keeping that data only on the salt master server is if e.g. the hard drive fails then you lose not only the passwords but you also have to remember the file structure you setup. i guess the answer to that is restore from backup :)
22:57 forrest Guest41718, probably keep a second secure location as well
22:59 Guest41718 forrest: ok, related question: how do you push updates (new/changed state files) to your salt master? do you set up a git bare repo on the salt master w/ an after-receive hook to checkout the contents? and whenever you make changes to that repo, you git push to salt master?
22:59 clinta joined #salt
23:00 savvy-lizard joined #salt
23:00 forrest Guest41718, we use gitfs: http://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html
23:01 forrest Guest41718, it updates every minute, it's pretty awesome
23:03 mosen joined #salt
23:03 Guest41718 forrest: oh, *that's* what that's for :)
23:03 forrest Yea
23:03 forrest hook it up to your state repos, and bam, updates automatically pulled in and available
23:03 Guest41718 sweet
23:03 Guest41718 i'll check that out
23:03 Guest41718 thanks for your help!
23:04 forrest yea np
23:07 bhosmer joined #salt
23:08 Ryan_Lane I have a really great PR about to come in :)
23:08 forrest Ryan_Lane, for?
23:08 forrest DAT PR HYPE
23:08 Ryan_Lane cloudwatch
23:08 * forrest watches hype deflate
23:08 Ryan_Lane that will also let you query cloudwatch's current resources and generate state files
23:09 mosen mornin saltines
23:09 Ryan_Lane so, if you manually added a bunch of cloudwatch alarms and want to now manage them via salt, you can import all your current alarms as states
23:10 forrest Hey mosen
23:10 forrest Ryan_Lane, that seems cool for AWS users
23:10 Ryan_Lane yep
23:10 Ryan_Lane orchestration FTW
23:10 dmick joined #salt
23:10 Ryan_Lane I think I'm going to need to submit a talk for orchestration + masterless config management for the next saltconf :)
23:10 ggoZ joined #salt
23:10 forrest Ryan_Lane, that would be very cool
23:11 dlam joined #salt
23:13 Ryan_Lane https://github.com/saltstack/salt/pull/14839 \o/
23:14 Ryan_Lane even remembered to get the documentation added in with it. heh
23:14 forrest Ryan_Lane, can you take Helium out of the versionadded and do 2014.7?
23:14 forrest I don't think we're using the helium versionadd tag any longer, someone (rallytime I think) has been taking them out.
23:14 Ryan_Lane are we really using 2014.7? :D
23:14 forrest Ryan_Lane, *shrug*
23:15 forrest I'm just saying I saw helium being deprecated
23:15 Ryan_Lane it's 8 already, and there's no RC
23:15 forrest you should do 2014.8 :P
23:15 forrest boom
23:15 forrest setting the standard
23:16 Ryan_Lane I'll make it easier for them to do a search/replace ;)
23:16 forrest lol
23:21 mosen rlane the blog post is only missing the script which converts all puppet dsl into salt states :)
23:21 Ryan_Lane heh. that would be really hard :)
23:21 mosen yeah, not really possible. back to transcribing
23:22 Ryan_Lane oh. you could probably render the puppet code into its internal state, and go from there.
23:23 forrest hmm
23:23 insanejudge puppet has enough trouble with that as is...
23:23 forrest lol
23:23 Ryan_Lane some folks at wikimedia were doing that for two puppet versions to ensure the upgrade would go OK
23:23 mosen yeah back into resource types
23:23 Ryan_Lane and showing diffs of the internal states
23:23 forrest that sounds monotonous.
23:23 Ryan_Lane yep
23:24 Ryan_Lane they had some tooling to automatically test every node and mark any errors. it was actually pretty cool
23:24 insanejudge there's a point where you're essentially writing ruby with a thin puppet wrapper
23:24 Ryan_Lane (without actually running puppet on the node, this happened on the master)
23:25 mosen I always ran noop, then reviewed changes
23:25 Ryan_Lane I'm pretty sure this tool was written in python, which is hilarious
23:25 mosen but not where i was looking at the compiled catalog :)
23:30 rsimpkins joined #salt
23:31 rsimpkins My /var/cache/salt/master/jobs/ directory is getting clogged up with a bazillion jobs. Is there a recommend way to clean those up on a regular basis? Say, remove all jobs older than 30 days?
23:31 mosen I'm still learning, and i see pillar doesnt merge two sls because one key or the other takes precedence if defined the same. So what's the best pattern? fully declare everything for each different node/group etc?
23:32 forrest rsimpkins, http://docs.saltstack.com/en/latest/ref/configuration/master.html#keep-jobs
23:34 rsimpkins forrest: Thank you. I should have thought to google for something like that. :)
23:34 forrest mosen, yea that seems to be what a lot of people have done. You could also look at reclass: https://github.com/madduck/reclass if you need fine grained control over individual minions
23:34 forrest rsimpkins, yea np, keep in mind that value is in hours, so I don't know why the cache wasn't clearing for you already :P
23:36 rsimpkins forrest: I ran a lot of jobs very fast.
23:36 rsimpkins forrest: Thousands upon thousands.
23:37 forrest rsimpkins, oh ok, I thought you were saying the existing jobs were more than a month old
23:37 forrest that makes sense
23:37 rsimpkins Which that setting was in minutes... but I'll figure something out.
23:37 rsimpkins s/which/wish
23:38 nbarnett joined #salt
23:39 forrest rsimpkins, yea I don't know if it supports decimal values
23:39 forrest you might have to look and see if it does
23:41 mosen forrest: alrighty!
23:49 aquinas joined #salt
23:49 mrwooster joined #salt
23:51 mrwooster Hi, sorry if this is a silly question.  I am trying to get setup with Saltstack, but I cant work out how to run salt commands from my local machine?  I have setup a salt master and a salt minion (2 different cloud machines), but how do I communicate with the salt master from my local laptop without SSHing into it directly?
23:52 forrest mrwooster, unless you're using the API in some fashion, you can't
23:52 forrest you need to connect to the master to run commands
23:52 mosen i thought 'salt' connected to the master? I have a lot to learn :)
23:53 mrwooster forrest, ah, ok.  I guess I am used to using chef where I can communicate with the server from my local machine
23:53 forrest mosen, the minions connect to the master.
23:53 yidhra joined #salt
23:53 mosen forrest: i know that much!
23:53 forrest mosen, ok
23:54 mosen but youre right, there's not really any host param on 'salt', or anything like that
23:54 forrest mrwooster, yea salt is not set up like that.
23:54 forrest mosen, right
23:55 mosen but through netapi you can shove events on the zmq?
23:57 Ozack1 joined #salt
23:58 schimmy joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary