Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-08-12

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:02 gmeno joined #salt
00:05 oz_akan joined #salt
00:10 patrek joined #salt
00:34 martoss1 joined #salt
00:43 napper joined #salt
00:49 otter768 joined #salt
00:52 melinath joined #salt
00:52 bhosmer joined #salt
00:53 dude051 joined #salt
00:55 mpanetta joined #salt
00:55 bhosmer_ joined #salt
00:56 andrej Hmmm .... what determines whether a fqdn grain actually has the domain for a box attached or not?
00:57 to_json joined #salt
00:57 mpanetta joined #salt
01:01 dude051 joined #salt
01:02 scooby2 joined #salt
01:07 dstokes omg rc1 :D
01:25 andabata joined #salt
01:26 aquinas joined #salt
01:45 MatthewsFace joined #salt
01:47 ilbot3 joined #salt
01:47 Topic for #salt is now Welcome to #salt | 2014.1.7 is the latest | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
01:48 thayne joined #salt
01:53 napper joined #salt
02:01 jY andrej: https://github.com/saltstack/salt/blob/develop/salt/utils/network.py#L297
02:02 rallytime joined #salt
02:07 mpanetta joined #salt
02:11 yano joined #salt
02:17 mordonez joined #salt
02:22 oz_akan joined #salt
02:28 ex4n1m0 joined #salt
02:29 aparsons joined #salt
02:37 Luke joined #salt
02:38 Luke joined #salt
02:40 oz_akan joined #salt
02:41 bhosmer joined #salt
02:52 oncallsucks joined #salt
02:56 VictorLin joined #salt
03:02 dancat I am trying to do a require on a sls file but the file is not found even after an include, the file is in a different directory 'package1' and the file is named 'init.sls'
03:03 jY dancat: and how are you including it?
03:04 dancat include:
03:04 dancat - package1
03:05 jY what does init.sls look like?
03:06 dancat the sls works independent of the 'other' and it looks like:
03:06 possibilities joined #salt
03:06 dancat package1:
03:07 dancat pkg.installed:
03:07 dancat - names:
03:07 dancat etc
03:07 dancat names of packages
03:08 icebourg joined #salt
03:09 dancat the included file is in a different directory
03:09 dancat is that it?
03:09 icebourg joined #salt
03:10 funzo joined #salt
03:10 icebourg joined #salt
03:12 icebourg joined #salt
03:13 jY run the master in debug mode
03:13 icebourg joined #salt
03:13 jY might find the reason there
03:13 toastedpenguin joined #salt
03:22 dancat jY: is it possible to run salt-call in a debug mode?
03:23 dancat says requisites not found
03:30 ajw0100 joined #salt
03:47 Outlander joined #salt
03:48 schimmy joined #salt
03:52 schimmy joined #salt
03:56 kivihtin joined #salt
04:11 mosen joined #salt
04:15 ajprog_laptop joined #salt
04:17 melinath joined #salt
04:22 ajprog_laptop2 joined #salt
04:23 jalbretsen joined #salt
04:27 kivihtin joined #salt
04:30 bhosmer joined #salt
04:32 johngrasty_ Anybody know what the -l does on mount -l here: https://github.com/saltstack/salt/blob/develop/salt/modules/mount.py#L36
04:32 possibilities joined #salt
04:32 bhosmer_ joined #salt
04:39 exanimo_ joined #salt
04:42 felskrone joined #salt
04:44 alanpearce joined #salt
04:46 vlcn joined #salt
04:52 ramteid joined #salt
04:52 Lomithrani joined #salt
04:59 valentinbud joined #salt
05:02 mordonez joined #salt
05:08 thayne joined #salt
05:15 ramishra joined #salt
05:17 ramishra joined #salt
05:28 TyrfingMjolnir joined #salt
05:30 ramishra joined #salt
05:30 mordonez joined #salt
05:32 mordonez joined #salt
05:35 ramishra joined #salt
05:45 alanpearce joined #salt
05:48 Sauvin joined #salt
05:53 jY dancat: salt-call state.highstate -l debug
05:59 colttt joined #salt
06:00 colttt good morning
06:00 jalaziz joined #salt
06:02 TyrfingMjolnir joined #salt
06:19 bhosmer joined #salt
06:22 melinath joined #salt
06:27 notpeter_ joined #salt
06:31 Damoun joined #salt
06:32 urtokk joined #salt
06:37 melinath_ joined #salt
06:37 _r00k joined #salt
06:40 melinath joined #salt
06:40 dvestal joined #salt
06:44 mordonez joined #salt
06:46 alanpearce joined #salt
06:47 ph8 Hi all, in some cases issuing a "network.ipaddrs" to all of my nodes (about 15 atm) only returns responses from 4 or 5. Any idea why this might happen?
06:49 melinath joined #salt
06:52 matthiaswahl joined #salt
06:57 matthiaswahl joined #salt
06:58 Hell_Fire joined #salt
06:59 Outlander left #salt
07:02 ramishra joined #salt
07:03 melinath joined #salt
07:03 alanpearce joined #salt
07:14 ml_1 joined #salt
07:17 valentinbud joined #salt
07:21 Damoun joined #salt
07:24 sectionme joined #salt
07:25 linjan joined #salt
07:26 CatPlusPlus joined #salt
07:26 ex4n1m0 joined #salt
07:27 ramishra joined #salt
07:27 intellix joined #salt
07:27 mordonez joined #salt
07:33 cym3try joined #salt
07:33 MrTango joined #salt
07:35 rogst joined #salt
07:36 david_a joined #salt
07:38 TyrfingMjolnir joined #salt
07:49 babilen ph8: You might run into a timeout. It could be that the job still completed and you can get its entire output as detailed on http://docs.saltstack.com/en/latest/topics/jobs/ -- You could, for example, raise the timeout and simply wait longer for a reply or "wake" them with a "test.ping".
07:59 ramishra joined #salt
08:01 mosen can you tell salt to wait indefinitely until the jid is finished?
08:08 bhosmer joined #salt
08:08 fejese Hi :) Could anyone point me into the right direction to find something like functions in salt? We have a setup where there's a shared state that goes through 'global' pillar data to set up things. But this leads to problems if more of these definitions need to be applied. I'd like to rather create a 'function' that can be called with the required pillar data thus they don't have to defined with the same name every time so I can avoid name collision.
08:10 mosen I'm just starting with salt but maybe an ENC could solve that problem? the guys were recommending 'reclass'
08:10 darkelda joined #salt
08:12 valentinbud joined #salt
08:15 fejese mosen: that's seems a bit of an overkill for me :) however I'll look into it, thanks
08:16 babilen fejese: I really don't follow. Pillar data is *always* specific to each minion.
08:17 mosen babilen: i think he means redefining parts of pillar data because keys dont get merged
08:18 babilen Write more intelligent pillars!
08:18 fejese mosen: exactly
08:18 babilen So, implement the logic needed in the pillar so that each minion works with the data it is supposed to use
08:18 fejese well, yes, I kinda inherited it and looking for restructuring it however I need to find smaller steps for the transitions.
08:20 babilen AFAIK there are no functions in salt. It all boils down to some dictionaries. You can, however, write complex code in Python, pydsl, mako, jinja ... to generate those and tailor them to your needs. It sounds as if you have the states in place already, but simply need to work on the pillars which is why I suggest to approach it from that angle.
08:20 fejese For example we have a top-level 'users' pillar key. It is defined for each role in a separate pillar file. However now we'd want to create dev envs where one node would serve multiple role so they would need to use the 'users' defined for db and web nodes as well.
08:21 fejese Actaully I'm looking at custom states and it might be just enough for what I need right now
08:21 babilen But then this is all just based on the little information you gave us and it would probably be easier if you could come up with a small example that exemplifies all aspects of the problem.
08:22 babilen But yeah, it is about time that salt pillars learn proper data merging -- https://github.com/saltstack/salt/issues/2466 + https://github.com/saltstack/salt/issues/3991
08:22 fejese I know, I know, I already recognise those issue numbers :)
08:23 babilen So do we all ;)
08:23 babilen Unfortunately I mostly bring them up when most of upstream is sleeping so they don't feel horrible enough to sit down and implement it right away :)
08:23 fejese Thanks anyway!
08:28 mordonez joined #salt
08:29 ramishra joined #salt
08:34 linjan joined #salt
08:40 linjan joined #salt
08:41 TheThing joined #salt
08:46 CeBe joined #salt
08:48 intellix joined #salt
08:52 TyrfingMjolnir joined #salt
08:57 jhauser joined #salt
08:58 CeBe1 joined #salt
09:01 vbabiy joined #salt
09:08 mndo_ joined #salt
09:09 ex4n1m0 joined #salt
09:14 aquinas joined #salt
09:26 mortis_ is there any way i can ask a minion what its current state is? like ...the result of the last run (highstate)?
09:26 valentinbud joined #salt
09:28 ramishra joined #salt
09:28 mordonez joined #salt
09:30 AirOnSkin joined #salt
09:31 AirOnSkin If you uncomment the default file server config in /etc/salt/master (for /srv/salt) and restart the daemon, shouldn't that create the /srv/salt directory?
09:33 duncanmv joined #salt
09:34 duncanmv joined #salt
09:35 duncanmv Is it possible to use LocalClient as non-root? I can't, and I can reproduce it with the salt command on the cli: http://paste.debian.net/114856/
09:44 duncanmv I am very confused how eauth pam is supposed to work
09:49 modafinil_ joined #salt
09:50 valentinbud joined #salt
09:50 Striki joined #salt
09:50 mihait joined #salt
09:51 neilf__ joined #salt
09:52 ikanobori joined #salt
09:52 fxdgear joined #salt
09:52 hillna_ joined #salt
09:53 simonmcc_ joined #salt
09:53 codekobe_ joined #salt
09:54 akoumjian joined #salt
09:54 taterbase joined #salt
09:54 gamingrobot joined #salt
09:55 kwmiebach_ joined #salt
09:56 pwiebe_ joined #salt
09:56 goki joined #salt
09:56 Nazzy joined #salt
09:56 Nazzy joined #salt
09:56 octarine joined #salt
09:56 bhosmer joined #salt
09:57 scristian joined #salt
09:57 bhosmer_ joined #salt
09:57 manytrees_ joined #salt
09:57 modafinil_ joined #salt
09:58 whiteinge joined #salt
09:58 wiqd joined #salt
09:58 gldnspud_ joined #salt
09:58 munhitsu_ joined #salt
09:58 JordanTesting joined #salt
09:58 copelco joined #salt
09:58 abele joined #salt
09:59 mitrectfbot joined #salt
09:59 giantlock joined #salt
09:59 akitada joined #salt
10:00 ikanobori joined #salt
10:00 rcsheets joined #salt
10:00 CaptTofu_ joined #salt
10:00 imanc joined #salt
10:01 mihait joined #salt
10:01 fxdgear joined #salt
10:01 codekobe_ joined #salt
10:01 hillna_ joined #salt
10:13 alanpearce joined #salt
10:14 koyd joined #salt
10:19 mndo_ joined #salt
10:20 ex4n1m0 joined #salt
10:26 mosen joined #salt
10:29 mordonez joined #salt
10:32 koyd joined #salt
10:41 greyhatpython joined #salt
10:41 greyhatpython joined #salt
10:46 koyd joined #salt
10:49 yidhra joined #salt
10:50 ggoZ joined #salt
10:52 mechanicalduck joined #salt
10:57 ramishra joined #salt
11:01 ex4n1m0 joined #salt
11:11 bhosmer joined #salt
11:13 Damoun joined #salt
11:14 alanpearce joined #salt
11:17 Outlander joined #salt
11:19 jcsp joined #salt
11:27 joehh duncanmv: yes, I run it as nagios user quite often
11:30 ramishra joined #salt
11:30 mordonez joined #salt
11:34 alanpearce joined #salt
11:43 bhosmer joined #salt
11:45 bhosmer_ joined #salt
11:48 ramishra joined #salt
11:48 jaimed joined #salt
11:52 colttt what is the different between Saltstack and Saltstack Enterprise?
11:56 AirOnSkin coltttt: as far as I understood it it's mostly the paid support
11:57 diegows joined #salt
12:00 intellix joined #salt
12:00 AirOnSkin If you uncomment the default file server config in /etc/salt/master (for /srv/salt) and restart the daemon, shouldn't that create the /srv/salt directory? Because it didn't for me...
12:01 bhosmer joined #salt
12:06 colttt AirOnSkin: nothing more?
12:06 viq AirOnSkin: no, I believe that part is left to the user
12:12 jms joined #salt
12:12 gmeno joined #salt
12:21 hobakill joined #salt
12:23 Damoun joined #salt
12:30 laxity joined #salt
12:31 mordonez joined #salt
12:31 mpanetta joined #salt
12:33 mpanetta joined #salt
12:33 martoss joined #salt
12:34 agronholm joined #salt
12:35 amontalban Anyone knows why I'm getting this error: http://pastebin.com/yyy3DyXz
12:35 agronholm hi! am I supposed to be able to run salt tasks as a normal user after adding the appropriate privileges in salt configuration? it's complaining about having no write access to /var/cache/salt/master
12:36 ramishra_ joined #salt
12:36 amontalban $SALTCALL event.fire_master \'{"branch": ${BRANCH}}\' 'gitpush'
12:36 agronholm or is this normal and I should just grant the user write access to that directory?
12:36 TheThing agronholm: Solution to all linux errors: sudo chmod -R 777 /
12:36 TheThing <_<
12:36 TheThing >_>
12:36 agronholm TheThing: :P
12:38 Sp00n hurrdurrr
12:44 miqui joined #salt
12:47 t0ku joined #salt
12:47 AirOnSkin viq: thanks for the reply. i thought something went wrong there. :)
12:49 icebourg joined #salt
12:50 t0ku hi there, how do you typically pre seed a minion with an accepted key when it is deployed with salt-cloud? we want to build an automatic scaling app, which fires up machines using salt-cloud, but salt-cloud being run on the master. any ideas?
12:50 t0ku *salt-cloud is NOT being run on the master
12:54 cpowell joined #salt
12:55 marnom joined #salt
12:57 oz_akan joined #salt
12:58 alanpear_ joined #salt
12:59 gmeno joined #salt
12:59 alanpear_ joined #salt
13:01 joehh agronholm: Which version are you using?
13:01 joehh having set client_acl appropriately on a debian system, I'm able to run particular salt commands as other users (nagios) in my case
13:02 agronholm salt-master                         2014.1.10+ds-1trusty1
13:03 joehh it should be pretty similar to mine then (debian wheezy)
13:03 joehh I'm now seeing the same as you
13:03 agronholm ?
13:03 agronholm what did you do
13:04 joehh tested with a user not in client_acl
13:04 joehh I've just added them and am retesting
13:05 racooper joined #salt
13:06 joehh taking longer than I want to restart (too many files in job cache...)
13:07 marnom joehh: I noticed CPU/memory impacts that also... 1cpu / 512mb vs 2cpu's/2GB RAM made a huge difference on my salt-master restart times
13:08 joehh works now
13:08 joehh agronholm: can you paste your client_acl setting?
13:08 agronholm joehh: I just checked it -- ehm, seems like this particular user was missing
13:08 agronholm sorry about the noise :)
13:08 agronholm I'll test again now
13:09 agronholm hrm, still no go
13:09 agronholm http://bpaste.net/show/brbYTjZ1KrhqT3TKTZph/
13:09 FeatherKing joined #salt
13:10 mechanicalduck joined #salt
13:10 agronholm http://bpaste.net/show/3nCGNeFTEWaDPellG0VD/
13:10 thayne joined #salt
13:11 agronholm joehh: what do your permissions in /var/cache/salt look like?
13:11 agronholm mine are owned by root.root, chmodded 0550
13:11 agronholm err
13:11 agronholm 0770
13:11 joehh paste looks fundamentally identical to mine
13:12 agronholm and /var/cache/salt?
13:12 joehh /var/cache/salt 755
13:12 joehh root:root
13:12 agronholm but the subdirectories there
13:13 agronholm specifically master
13:13 agronholm is that 755 too?
13:13 joehh http://paste.debian.net/115111/
13:13 agronholm I see
13:13 joehh yes
13:13 agronholm different permissions
13:13 agronholm I wonder how that happened
13:14 joehh very odd - have you ever installed without packages or with packages earlier than
13:14 agronholm than what?
13:14 joehh coming - looking up vcs for packaging
13:15 agronholm this machine is a recent reinstall of ubuntu trusty
13:15 joehh 2014.1.5+ds-1trusty1
13:15 agronholm I think I got 2014.1.10 straight out of the box
13:15 agronholm are you a salt developer?
13:15 joehh mid june... for 2014.1.5+ds...
13:16 joehh no, debian/ubuntu packager for salt
13:16 joehh so this is particuarly interesting for me :)
13:16 agronholm I'm using the official salt ubuntu packages from launchpad
13:17 elfixit joined #salt
13:17 joehh they're the ones :)
13:17 joehh I'm bringning up a trusty box to see if there is anything there
13:17 agronholm okay
13:17 joehh I suspect there will be a difference
13:18 joehh guess at this point is some sort of different default umask or similar due to running under upstart
13:19 duncanmv joined #salt
13:19 duncanmv joined #salt
13:20 agronholm but installation doesn't happen under upstart
13:20 agronholm hm
13:20 transmutated joined #salt
13:21 agronholm right, the /var/cache stuff doesn't get created during installation I suppose
13:21 duncanmv Is it possible to use LocalClient as non-root? I can't get it to work. I can reproduce it with the salt command on the cli: http://paste.debian.net/114856
13:21 joehh yes - that is where I'll look next
13:22 joehh duncanmv: talking with agronholm about equivalent issue now
13:22 joehh should be able to use LocalClient as non-root
13:22 duncanmv I was expecting that because salt-master runs as root, any user can connect to it and authenticate using pam against itself or other user with certain permission defined in /et/salt/master
13:22 duncanmv I wrote a small web ui, against salt-api, then I rewrote it using LocalClient and after a reboot everything stopped working :-(
13:23 joehh check perms on /var/cache/salt/master
13:23 TheThing ^ sudo chmod -R 777 /var
13:23 agronholm joehh: chmodding those 0755 doesn't yet fix the issue but gives me a different error
13:23 duncanmv i thought for a moment that having the master and minion running on the same machine was a problem, so I moved the minion away but it persist
13:23 joehh works with me having 755, doesn't for agronholm having 750
13:23 duncanmv I would not 777 /var...
13:23 joehh interesting
13:23 TheThing ( ¬‿¬)
13:23 agronholm Failed to connect to the Master, is the Salt Master running?
13:23 joehh neither
13:23 TheThing duncanmv: Always 777 everything
13:23 TheThing ( ¬‿¬)
13:23 agronholm I suspect further chmodding needs to be done
13:24 agronholm TheThing: shut your hole.
13:24 duncanmv the point is, salt is packaged, if permissions are wrong, I have to fix the package
13:24 agronholm yeh
13:24 duncanmv the point is, ls /var/run/salt gives permission denied for a normal user
13:24 duncanmv but I am not sure WHAT are the expected permissions for that directory
13:24 agronholm same here
13:24 TheThing <_<
13:24 TheThing >_>
13:24 TheThing when in doubt
13:25 TheThing okay I'll stop
13:25 joehh for /var/run/salt
13:25 joehh drwxr-xr-x  4 root        root          80 Jun 13 15:11 salt
13:25 joehh under /var/run/salt/master
13:25 joehh drwxr-xr-x  2 root root 120 Aug 12 23:10 master
13:25 agronholm seems like it's all 755
13:26 duncanmv joehh: is that a vanilla salt install from a distro?
13:26 * duncanmv checks the spec for the openSUSE package
13:26 toastedpenguin1 joined #salt
13:26 joehh http://paste.debian.net/115113/
13:26 joehh duncanmv: yes - debian from packages
13:26 joehh for ref, I'm the packager for debian/ubuntu
13:27 duncanmv /var/run/salt drwxrwx---  4 root root   80 Aug  9 15:08 .
13:27 joehh heopfully you use one of them... :)
13:27 duncanmv │drwxrwx---  2 root root  120 Aug 12 15:10 master
13:27 agronholm joehh: the perms on the sockets look the same here
13:27 agronholm but the dirs are 0770 and not 0755
13:27 agronholm but I still can't connect to master
13:27 agronholm even after chmodding
13:28 * duncanmv was panicking because I am in a beach without internet access and I bought like 4 100MB EU roaming plans to google this problem and move forward :-)
13:28 agronholm ah
13:28 agronholm now it works
13:28 joehh agronholm: what did you do?
13:28 agronholm forgot to chmod the actual /var/run/salt directory itself
13:28 snuffeluffegus joined #salt
13:28 whiteinge duncanmv: if the salt master is running as root and you want to use LocalClient as non-root you need to include eauth credentials when calling LocalClient methods (i didn't see 'em in your pastebin)
13:28 tempspace Mornin'
13:28 agronholm so I chmodded 0755 three directories: /var/run/salt, /var/run/salt/master and /var/cache/salt/master
13:29 agronholm that did it
13:29 agronholm strangely, salt complained about not being able to connect to the master while it should've complained about the missing socket permissions
13:30 duncanmv whiteinge: what I do is run a script as "duncan" to do a call with eauth pam and credentials for a user "test" to get_token, and then use that token forward. test has access to .*. That should work right?
13:30 joehh Good to hear about the success - I've just got to figure out how to get ubuntu to set them right
13:31 mordonez joined #salt
13:32 duncanmv mmm /var/run/salt is not mentioned by the package, is it may be created by the daemon itself? https://build.opensuse.org/package/view_file/devel:languages:python/salt/salt.spec?expand=1
13:33 whiteinge duncanmv: yeah, that should work. are you using the salt.auth.Resolver() class?
13:33 duncanmv rpm -qf /run/salt
13:33 duncanmv file /run/salt is not owned by any package
13:33 duncanmv ok, so the directory is created by salt itself, may be it is creating it with the wrong permissions?
13:34 * duncanmv will stop the daemons, delete the dirs and restart the daemons
13:35 duncanmv confirmed it is the daemon who creates it as rwxrwx---
13:35 joehh duncanmv: yes, that is the case
13:35 dvestal joined #salt
13:35 joehh what init system controls salt-master in opensuse?
13:35 joehh is it systemd?
13:36 duncanmv whiteinge: I use APIClient::get_token
13:36 duncanmv where I am running the master, yes...
13:36 duncanmv the minion is running on SLE, so it is still init.d
13:37 duncanmv but on SLE I checked it is also drwxrwx---
13:37 duncanmv is that a bug on salt itself?
13:38 whiteinge duncanmv: looks like that wraps salt.auth.Resolver, so you should be good. (side-note, APIClient() is not intended for public use; see the docstring at the top)
13:39 duncanmv I read somewhere in github that APIClient was the API where everyone should go at some point :-)
13:41 linjan joined #salt
13:41 whiteinge that's not currently on the roadmap. not to say it won't happen at some point but for now people working in that class is concerned with maintaining backward-compat.
13:42 whiteinge s/is/are not
13:42 whiteinge bleh. rephrased: modifications to that class are not done with backward-compat in mind
13:43 duncanmv ok, should the package create /var/run/salt with the right perms, or is it a bug on the daemon that should create it with the right perms?
13:43 duncanmv it would be cool to have some API that transparently uses LocalClient or salt-api indirectly :-)
13:44 KaaK is there any sort of authorization control for the event reactor? I'd like to react to a deploy event -- but preferably only when triggered by a specific minion
13:46 agronholm joehh: one more wrinkle: [WARNING ] jid_dir (/var/cache/salt/master/jobs/30/e39346f9f5b240782dd60148be4c3a) does not exist
13:46 agronholm when executing a job
13:46 agronholm or whatever it is that running salt is called
13:46 duncanmv ok, what do I do with the permissions? is it a bug on the daemon or packaging should take care of it?
13:46 whiteinge duncanmv: i agree. and that is on the roadmap. :)
13:47 agronholm duncanmv: <agronholm> so I chmodded 0755 three directories: /var/run/salt, /var/run/salt/master and /var/cache/salt/master
13:47 whiteinge duncanmv: see https://github.com/saltstack/salt/blob/develop/salt/client/netapi.py and https://github.com/saltstack/pepper/blob/master/pepper/libpepper.py
13:47 agronholm duncanmv: I believe this problem is caused by the wrong umask in the salt-master process
13:48 duncanmv agronholm: I did that and it works here too, but the question is whether the daemon should do it right from the beginning
13:48 whiteinge duncanmv: er. copy-and-paste error. that first link should be: https://github.com/saltstack/salt/blob/develop/salt/netapi/__init__.py
13:49 duncanmv Now I have to research some timeouts I get. I am running Flask on top of tornado so that I can have a websocket to certain events, but I am not sure if I can just call salt operation using tornado without some special ceremonies before.
13:50 duncanmv libpepper looks like APIClient() a lot
13:50 agronholm duncanmv: I'm not familiar with the salt python api -- does the salt call block?
13:50 agronholm or does it return a future
13:51 alanpearce joined #salt
13:51 duncanmv there are both
13:51 duncanmv but I am not sure how to hook the minion_async api with tornado
13:51 agronholm tornado works well with futures
13:52 duncanmv I don't do python that often to feel comfortable without google, and with this roaming plan I don't get very far
13:52 agronholm http://www.tornadoweb.org/en/stable/gen.html
13:53 duncanmv mmmm nope, the async API return jids
13:54 agronholm is there any way to add callbacks for when they're done?
13:54 ramishra joined #salt
13:55 duncanmv I am not sure, I will research that
13:55 duncanmv anyone reporting the bug about permissions or should I?
13:55 agronholm joehh seems to be doing something about it
13:56 duncanmv you mean PR?
13:56 jalbretsen joined #salt
14:01 giantlock joined #salt
14:01 mpanetta joined #salt
14:01 hotbox joined #salt
14:01 kaptk2 joined #salt
14:02 ajprog_laptop joined #salt
14:03 tk75 joined #salt
14:03 ipmb joined #salt
14:03 duncanmv whiteinge: it would also be cool that async apis use futures and wrap all the jid thing in a transparent way
14:03 mechanicalduck joined #salt
14:04 AirOnSkin With salt, is there something in state configuration with which you can achieve a process like: copy an archive to the client, extract it, execute a command and after completion delete the archive and the extracted files ?
14:04 to_json joined #salt
14:05 AirOnSkin I know you can do all these single steps, but I'm not sure what happens if you delete the archive afterwards when at the beginning there is a 'file exists' statement...
14:05 joehh duncanmv, agronholm: at this point I see it as a packaging bug, but that is partly because I can do something about it if it is...
14:05 joehh have either of you created a github issue?
14:06 kt76 joined #salt
14:06 agronholm joehh: would you mind checking the umask in your running salt-master process?
14:06 agronholm I haven't
14:06 housl joined #salt
14:06 joehh have done - 022 on both debian and ubuntu (only checked minions at this point)
14:07 joehh been interupted...
14:07 agronholm what's 18 in octal?
14:07 agronholm (gdb) call umask(0)
14:07 agronholm $1 = 18
14:07 penguin_dan joined #salt
14:07 agronholm 022 it seems
14:08 t0ku left #salt
14:09 joehh https://github.com/saltstack/salt/issues/14918
14:13 dude051 joined #salt
14:14 duncanmv joined #salt
14:14 Ozack joined #salt
14:14 wendall911 joined #salt
14:15 dude051 joined #salt
14:15 duncanmv ok guys, I have to shut the internet off. Thanks for all the help
14:15 Sp00n no dont, I'm not finished with it yet!
14:15 srage_ joined #salt
14:16 joehh no worries - get back to the beach
14:17 aquinas joined #salt
14:19 srage joined #salt
14:22 alanpearce joined #salt
14:22 tyler-baker joined #salt
14:22 tyler-baker joined #salt
14:25 srage joined #salt
14:25 Aroldo3571 joined #salt
14:32 bhosmer joined #salt
14:32 mordonez joined #salt
14:34 rallytime joined #salt
14:35 dvestal joined #salt
14:35 martoss joined #salt
14:38 jnials joined #salt
14:40 vejdmn joined #salt
14:42 dvestal_ joined #salt
14:43 repl1cant joined #salt
14:45 icebourg joined #salt
14:45 rojem joined #salt
14:46 icebourg joined #salt
14:48 funzo joined #salt
14:49 amontalban Anyone knows why a event.fire_master fails with this message?
14:49 amontalban http://pastebin.com/yyy3DyXz
14:49 cnelsonsic joined #salt
14:53 martoss1 joined #salt
14:55 conan_the_destro joined #salt
14:55 conan_the_destro joined #salt
14:57 felskrone joined #salt
15:01 jnials joined #salt
15:02 thayne joined #salt
15:04 jsm joined #salt
15:06 kballou joined #salt
15:06 dude051 joined #salt
15:07 UtahDave joined #salt
15:09 analogbyte hello, is there a eta for 2014.7 yet? the .7 refers only to the month of the feature freeze?
15:09 vejdmn joined #salt
15:10 dharper_ii hello, Is it possible to have custom modules placed in sub-directories within the _modules dir
15:10 UtahDave analogbyte: the RC for 2014.7 will most likely be cut today.
15:11 UtahDave dharper_ii: I believe so, but I haven't tested that behavior myself.
15:12 dharper_ii it does not seem to work.., will look at the code. Any ideas where to start looking?
15:12 SheetiS joined #salt
15:12 mrothe joined #salt
15:13 Gareth morning
15:13 UtahDave dharper_ii: I'd start with the sync_modules function in salt/modules/saltutil.py
15:13 UtahDave morning, Gareth!
15:13 dharper_ii great thanks!
15:14 bhosmer joined #salt
15:15 Gareth UtahDave: hey :) hows it going?
15:15 ramishra joined #salt
15:15 UtahDave Very good! you?
15:16 UtahDave Er, very well, I mean!
15:16 dharper_ii @UtahDave: The sync works fine, it is durring the discovery of the function when one tries to do a "salt '*' sudir.modulename.function"
15:17 dharper_ii do you know where that code lives?
15:17 Gareth doing good :)
15:19 kermit joined #salt
15:19 jaimed joined #salt
15:21 ramishra joined #salt
15:22 danielbachhuber joined #salt
15:23 jeddi joined #salt
15:23 UtahDave dharper_ii: I'm not sure Salt supports having the modules in subdirectories.
15:23 superted joined #salt
15:24 TheThing joined #salt
15:24 redondos- joined #salt
15:24 superted Hey guys... Don't suppose salt logs any internal metrics? be really nice for me to get a feel of how many commands per day etc the servers are pushing. Mean response times of minions etc etc
15:25 UtahDave superted: Have you looked at the job cache?  Everything is logged there and kept for 24 hours by default
15:25 superted I'm aware of it, are there any tools to report on it?
15:25 dccc joined #salt
15:26 superted If not i could write something, just wondering if it's something someone has already done!
15:27 UtahDave superted: you can look at the jobs by running   salt-run jobs.list_jobs
15:27 UtahDave I don't know of any kind of reporting tool being built around that.  That would be really cool.
15:27 jnials joined #salt
15:28 superted Just taking a look now, wasn't aware of this :)
15:28 UtahDave superted: http://docs.saltstack.com/en/latest/topics/jobs/    There's a bunch of info around the jobs.
15:29 UtahDave superted: You can also set up an external job cache, which allows you to keep the entire job cache in a database or other datastore, then it might be even easier to build reporting on top of that
15:30 superted Yea, we've been looking at that as we fancy setting up a second salt master. If we point them both at reddis or something then we could like you say, build a report from the data.
15:30 superted Okay, i'll get the job cache into reddis then see if i can come up with something, thanks for the heads up
15:30 to_json joined #salt
15:32 UtahDave You're welcome!  I'd love to see what you do with the reporting
15:33 mordonez joined #salt
15:34 dharper_ii @UtahDave: that is fine... if that is the case, I would want to issue a pull request that allows that to happen
15:35 dharper_ii that being said, if you know where in the code base that the discovery of _modules occurs when one calls salt via 'salt * xxx' that would be extremely helpful
15:35 jnials joined #salt
15:35 tinuva anyone know of formulas available for managing selinux and firewalld?
15:36 kballou joined #salt
15:38 davet joined #salt
15:38 mpanetta joined #salt
15:38 FeatherKing is there a preferred method for managing iptables? i see an iptables state module but will the inserts run once during a highstate? or will they insert a new rule each time the state gets run?
15:38 mpanetta joined #salt
15:38 manfred FeatherKing: depends on which distro you are using and how complex your iptables rules are
15:39 manfred FeatherKing: if you are using anything that doesn't have iptables --check, you really shouldn't use the iptables state, because then we are just regex matching against iptables-save, which has problems
15:39 manfred if you are on rhel/centos 7 , or ubuntu 12.04 or newer, you should be fine
15:40 FeatherKing looks like i lack check
15:40 FeatherKing centos 6.5
15:40 FeatherKing so maybe i will manage a file with iptables-save output?
15:40 manfred i would just use jinja and template /etc/sysconfig/iptables
15:40 FeatherKing ah right
15:41 FeatherKing ty as usual manfred:
15:41 manfred np
15:42 orion__ joined #salt
15:42 ksalman can I copy this file, loader.py, on my current master to get this functionality, or will i need to copy it to all the minions as well?
15:42 ksalman https://github.com/Nibbler999/salt/commit/bab2331d6e8b0492e744c496bb8837894b5e8620
15:42 stevednd joined #salt
15:43 ksalman i am guessing the latter
15:43 CatPlusPlus_ joined #salt
15:45 UtahDave ksalman: Yeah, that would be on the minion side
15:45 jnials joined #salt
15:45 ksalman thanks >.<
15:47 mndo_ joined #salt
15:48 ramishra_ joined #salt
15:48 ramishra_ joined #salt
15:52 psicodelico joined #salt
15:52 psicodelico Hi
15:52 mndo_ joined #salt
15:52 psicodelico Can  I use yum.groupinstall in state?
15:52 aquinas joined #salt
15:53 smcquay joined #salt
15:53 KyleG joined #salt
15:53 KyleG joined #salt
15:55 amontalban UtahDave: are you around?
15:55 UtahDave yep!
15:55 manfred pressureman: you can use module.run to do it, but i don't see anything about using it with the pkg.installed state
15:55 amontalban I'm having an issue while trying to use a event.fire_master
15:56 amontalban More specifically when trying to use a bash variable inside the event
15:56 UtahDave amontalban: can you pastebin what you've been doing so far? and the result?
15:56 possibilities joined #salt
15:57 amontalban UtahDave: sure!
15:57 psicodelico UtahDave: Can  I use yum.groupinstall in state?
15:59 chitown joined #salt
15:59 UtahDave psicodelico: right now the pkg state doesn't handle the groupinstall well. It can't check if all the packages are already installed. I believe terminalmage has plans to parse the packages in the groupinstall to check if they're all installed, but that hasn't been implemented yet
15:59 UtahDave So you'd have to use the module.run state   with  pkg.groupinstall
15:59 UtahDave The only problem with that is that it will attempt to do the groupinstall every time you run that state.
16:00 Outlander joined #salt
16:00 amontalban UtahDave: Script is here http://pastebin.com/6227ETPx and error message is http://pastebin.com/yyy3DyXz
16:00 stevednd are there any builtin states/modules for modifying an xml file?
16:01 TheThing joined #salt
16:01 jhauser joined #salt
16:01 amontalban psicodelico UtahDave why not run the module pkg.groupinstall inside SLS?
16:01 amontalban Should work?
16:02 UtahDave stevednd: I don't think so. I think the closest you would get is file.managed.  But that will treat it as just a text document, not as an xml document
16:02 psicodelico it is only for mate-desktop in Fedora
16:03 UtahDave amontalban: yeah, that's what I meant, but it will run every time.
16:03 amontalban UtahDave: oh :)
16:04 SheetiS joined #salt
16:04 psicodelico everytime?
16:04 jtanay hi guys
16:04 manfred psicodelico: yes, every time you do a state run, it will run yum groupinstall <group>
16:04 jtanay do you know if the "yaml_utf8" still works in the last salt version ?
16:04 manfred psicodelico: module.run is not stateful
16:04 stevednd UtahDave: yeah, that's what I was afraid of. Not sure I want to put in the effort to write up a module and associated states for doing that, but there are quite a few xml config files I need to ensure have the correct values
16:05 manfred psicodelico: in the next feature release of salt, you will have onlyif and unless that you could use to check if a package is installed, and only run the module if they aren't installed
16:05 psicodelico after install workstatation I run state.hightstate
16:05 amontalban psicodelico: what you can do is put an if before that definition of groupinstall
16:06 amontalban That checks if the group is installed
16:06 amontalban It's a little ugly
16:06 amontalban But should work I think
16:06 UtahDave stevednd: The more I think about that, I think it would be interesting to have an xml module and state.
16:07 stevednd UtahDave: I think it's something that maybe can have a core framework, because I then think about what if I need to modify a yaml config file, or some other well known format that has nesting
16:08 tligda joined #salt
16:08 UtahDave stevednd: Maybe an easy way to take a python data structure and then dump it to xml or yaml, etc.
16:08 stevednd xml is obviously pretty beastly, but being able to use xpath should be able to take care of most of it I would think
16:08 UtahDave true
16:08 gothix_ joined #salt
16:08 jsm joined #salt
16:09 UtahDave I avoid xml at all costs, so I'm not sure the best way to implement nor use that, unfortunately.  :)
16:09 Damoun joined #salt
16:09 stevednd The only problem with the dump is when it needs to be injected into specific places
16:09 stevednd yeah, I try to avoid that as well, but there's plenty of apps out there that use it as their configuration choice unfortunately
16:10 UtahDave yep.
16:11 bhosmer joined #salt
16:12 dude051 joined #salt
16:12 psicodelico Thanks
16:14 ericof joined #salt
16:14 thayne joined #salt
16:15 chitown joined #salt
16:15 gothix_ joined #salt
16:16 psicodelico amontalban: matePackage:     pkg.groupinstall:         - mate-desktop
16:16 gothix_ left #salt
16:17 psicodelico result : too many function declared in state "pkg" in sls mate-desktop
16:17 manfred psicodelico: that state doesn't exist
16:17 tyler-ba- joined #salt
16:17 manfred and if it did, that wouldn't work
16:18 gothix_ joined #salt
16:18 tyler-baker joined #salt
16:18 tyler-baker joined #salt
16:18 manfred !states.module.run | psicodelico
16:18 wm-bot4 psicodelico: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.module.html#salt.states.module.run
16:18 manfred use that
16:21 tyler-baker joined #salt
16:22 active8 joined #salt
16:22 MatthewsFace joined #salt
16:22 tyler-baker joined #salt
16:23 ipmb joined #salt
16:25 IOMonster joined #salt
16:27 napper joined #salt
16:28 psicodelico ahh ok
16:29 psicodelico Thanks
16:29 sectionme joined #salt
16:30 panchisco joined #salt
16:31 aparsons joined #salt
16:32 schimmy joined #salt
16:32 aw110f joined #salt
16:33 schimmy1 joined #salt
16:34 vejdmn joined #salt
16:34 mordonez joined #salt
16:36 to_json joined #salt
16:39 bhosmer_ joined #salt
16:39 martoss joined #salt
16:40 amontalban UtahDave: sorry to bother you, but did you have chance to look at the error I sent you before?
16:42 avienu joined #salt
16:43 UtahDave yeah.  have you verified that command works from the cli?
16:43 forrest joined #salt
16:44 amontalban UtahDave: yeah it works
16:44 amontalban The problem is that I don't know how to escape that variable $BRANCH
16:44 amontalban No matter how I do it it fails with the same error
16:44 amontalban Seems like it's getting it is parsing as string
16:45 UtahDave whiteinge: do you have an idea how to escape ${BRANCH} here?  http://pastebin.com/6227ETPx
16:45 Damoun joined #salt
16:46 stevebrownlee joined #salt
16:48 ramishra joined #salt
16:50 bmatt UtahDave: why are you escaping the outer single quotes in $2?
16:50 ramishra_ joined #salt
16:51 bmatt what about "{'branch': ${BRANCH}}" ?
16:51 mndo joined #salt
16:51 ramishra_ joined #salt
16:51 tligda joined #salt
16:54 jhulten joined #salt
16:54 aparsons joined #salt
16:54 UtahDave amontalban: have you tried bmatt's suggestion?
17:00 aparsons joined #salt
17:02 chrisjones joined #salt
17:06 bhosmer joined #salt
17:06 whiteinge UtahDave:  another take (not the only one) is the following
17:07 whiteinge #!/bin/bash
17:07 whiteinge CMD=$(printf 'salt '\''%s'\'' test.arg someminion pillar='\''{release %s, feat: feat4, prefix: %s}'\'' '\''%s'\''' "$1" "$2" "$3" "$4")
17:07 whiteinge eval "$CMD"
17:07 whiteinge (sorry for the half-example i'm in a meeting)
17:08 ml_1 joined #salt
17:08 to_json joined #salt
17:08 mndo joined #salt
17:08 whiteinge amontalban: the above is verbose but it tends to be pretty robust
17:11 giantlock joined #salt
17:11 JasonSwindle joined #salt
17:11 JasonSwindle Howdy, all.
17:12 pssblts joined #salt
17:12 TheThing joined #salt
17:13 amontalban whiteinge: thanks will test it and let you know
17:14 ajolo joined #salt
17:14 kaiserpathos joined #salt
17:15 thayne joined #salt
17:17 martoss joined #salt
17:20 Ryan_Lane joined #salt
17:22 tligda joined #salt
17:24 gothix joined #salt
17:28 melinath joined #salt
17:28 aparsons joined #salt
17:31 taterbase joined #salt
17:31 aparsons joined #salt
17:33 ramishra joined #salt
17:34 elfixit joined #salt
17:34 mordonez joined #salt
17:35 catpig joined #salt
17:38 amontalban whiteinge and UtahDave it worked like a charm! Thank you guys!
17:40 rypeck joined #salt
17:40 ramishra_ joined #salt
17:41 tligda UtahDave: My problem yesterday turned out to be one of the states included in my role/init.sls did not exist. However, the error message only told me that 'role' failed. I logged an issue for it: https://github.com/saltstack/salt/issues/14912
17:46 gothix I would like to know about running tests in a file.managed state and only apply if the condition is false - are there docs?
17:47 forrest gothix, you mean just a standard if statement with jinja in the managed file?
17:47 forrest or in the state?
17:48 forrest you can always use 'not' inside of jinja statements
17:48 Ryan_Lane what's going on with the RC?
17:48 Ryan_Lane I see a tag was cut
17:48 forrest lol
17:48 Ryan_Lane wikimedia is asking me now too :)
17:49 Ryan_Lane everyone's chomping at the bit for the new release
17:49 gothix forrest, no i mean in a file.managed state using "test"
17:49 tligda UtahDave: Oh, and thanks for the help yesterday! :)
17:49 Ryan_Lane I'm going to be annoying till it's released, you realize :)
17:50 forrest gothix, file.managed doesn't support test
17:50 Ryan_Lane UtahDave: any idea? :)
17:50 forrest Ryan_Lane, I'm not the one working on the RC, doesn't bother me :P
17:50 gothix how do i tell what it supports
17:50 dvestal joined #salt
17:51 gothix forrest, so i have to use jinja then
17:51 manfred Ryan_Lane all they have said is 'any second now'
17:51 jnials joined #salt
17:51 forrest gothix, well, most likely, but what are you trying to accomplish?
17:53 schmutz joined #salt
17:53 ramteid joined #salt
17:53 gothix forrest, i want to create a file profile.d file but not if a certain account exists
17:54 gothix forrest, because the user account will have it in there .bashrc
17:54 Damoun joined #salt
17:57 Ryan_Lane manfred: excellent
17:58 ckao joined #salt
17:58 Ryan_Lane manfred: any idea if debs will be available for the RC?
17:58 forrest Ryan_Lane, that would be a question for Joehh
17:58 manfred Ryan_Lane: i do not know, i think joehh wanted to make another ppa for rc stuff
17:59 Ryan_Lane that would be nice
17:59 forrest gothix, hmm, wouldn't that user account only exist on certain systems?
18:00 gothix prod  possibly
18:01 forrest ok, then I'd probably look at it from that perspective, so basically only applying that file.exists if it is (or is not) in a specific group
18:02 rap424 joined #salt
18:07 dvestal joined #salt
18:08 mapu joined #salt
18:09 Ryan_Lane is there any way I can use salt-call for grains to get something without it printing local: ?
18:10 dstokes Ryan_Lane: `salt-call grains.get | grep -v "local:"`
18:10 Ryan_Lane heh. yeah, I know that ;)
18:10 Ryan_Lane I was hoping I could just pass in an arg
18:10 agronholm left #salt
18:11 dstokes not that i know of ;)
18:11 forrest Ryan_Lane, yea a few people have been asking for that. I wish there was a way to pull the data out
18:11 dstokes Ryan_Lane: you might try `--output json`
18:12 Ryan_Lane it still prints local
18:12 Ryan_Lane --out txt | sed 's/local: //' works
18:12 forrest lol
18:12 forrest that's a crappy solution
18:12 Ryan_Lane yep
18:13 Ryan_Lane this is what I'm doing: salt-call register_instances myelb `salt-call grains.get --out txt ec2_instance-id | sed 's/local: //`
18:13 Ryan_Lane which is surely less than ideal ;)
18:13 Ryan_Lane maybe I'll just wrap this in a state and call the state
18:14 Ryan_Lane yeah, I'll definitely do that
18:14 forrest heh
18:14 forrest should publish that up on the contribs
18:14 Ryan_Lane this is a way to ensure a node is fully up before its added to an ELB for an autoscaling group
18:14 forrest ahh
18:15 Ryan_Lane disable the process for the autoscaling group to add to the load balancer, let the node fully run salt, then have the node add itself to the ELB
18:16 dariusjs joined #salt
18:16 aparsons joined #salt
18:17 aparsons_ joined #salt
18:17 dariusjs hey, is there something special I need to do to enable modules, if I run sys.doc I have lot missing ie most of these new ones alt.modules.puppet
18:18 martoss joined #salt
18:20 possibilities joined #salt
18:20 cpowell joined #salt
18:20 forrest dariusjs, the software has to be installed on a minion to use the module, so if you want to use the 'at' module, 'at' needs to be installed.
18:21 dariusjs cheers, thought i had a hang of this concept so far, will dig further
18:21 forrest dariusjs, yea np, make sure to restart the service after you install stuff, then it can reload the modules
18:23 dariusjs oh, I figured out my problem ... I'm dyslexic, been looking at salt modules that are in the dev version 2014.7.0.  and i'm running 2014.1.7, just didnt notice the version difference
18:23 forrest ahh ok
18:23 forrest yea that happens
18:23 forrest whiteinge, did you ever figure out if it would be possible for us to have the stable release docs on the site?
18:25 jnials joined #salt
18:25 oz_akan joined #salt
18:26 aparsons joined #salt
18:31 whiteinge forrest: possible? very.
18:31 UtahDave Ryan_Lane: :)  Sorry about that. We've been on the cusp of releasing the RC for several weeks. We've just been polishing it up. Our QA team has been working overtime finding and helping us fix bugs.
18:31 Ryan_Lane cool :)
18:32 whiteinge forrest: still on the roadmap. just a matter of time. i'll try to make it coincide with the 2014.7 release
18:33 koyd UtahDave: we appreciate the effort, please let people know their work is valued! :).
18:33 tligda UtahDave: My < $0.02, don't rush it! Get it right!
18:33 forrest whiteinge, Ok cool, I wasn't badgering you, just asking to see if there was any luck figuring it out
18:33 forrest UtahDave, I'm happy to make Ryan_Lane wait so there aren't as many bugs
18:33 Ryan_Lane :D
18:33 forrest IRC becomes terrible when a release is buggy
18:34 whiteinge forrest: nah, you're good. i needed a smiley somewhere in my reply
18:34 forrest whiteinge, cool
18:35 UtahDave We just brought on someone to manage our QA process, too. We're still getting him spun up on everything.
18:35 forrest nice
18:35 forrest UtahDave, I assume he writes Python to help work on the tests as well?
18:35 mordonez joined #salt
18:36 Carl_ joined #salt
18:37 UtahDave forrest: I believe so. He's also going to be working on having jenkins automate nightly builds and various things like that. Triage bug reports. The list is pretty long, actually. Hence a QA team.
18:38 forrest UtahDave, nice
18:38 Carl_ I have a schedule in my minion config to run highstate. How can I tell if it is actually running? I am on version 2014.1.10
18:40 Gareth Carl_: If you set your minion to log at the info level and you'll see it in the logs.
18:41 Carl_ Roger that, I will look into what level my minion config is set to.
18:41 Carl_ Thank you
18:41 Gareth Carl_: fyi, http://docs.saltstack.com/en/latest/ref/configuration/minion.html#minion-logging-settings
18:42 Carl_ Ok, I see this is defaulted to warning. I will change that to Info. Thanks again for the help
18:43 Gareth no worries
18:48 Carl_ For what it's worth, I think that info should be included on this webpage: http://docs.saltstack.com/en/latest/topics/jobs/
18:49 mapu joined #salt
18:49 Gareth Probalby a good idea.
18:49 forrest Carl_, If you could create an issue for that on github that would be great.
18:52 melinath joined #salt
18:53 repl1cant joined #salt
19:04 TyrfingMjolnir joined #salt
19:11 oz_akan joined #salt
19:12 helderco joined #salt
19:13 helderco Hey guys… how do you send a list (output from a module) to a template in file.managed?
19:16 TheThing joined #salt
19:17 peters-tx joined #salt
19:17 forrest helderco, there's not really a clean way I can think of doing that, what module are you using, and what goal are you trying to achieve.
19:18 helderco forrest: I’m using my own module that returns the list of projects I have of a certain type (fpm, uwsgi….)… I want to send that list to a template for iteration.
19:20 helderco TypeError: cannot concatenate 'str' and 'tuple' objects
19:20 forrest did you write the managed file in python then?
19:20 forrest you could always do that and just import salt/your module
19:21 helderco The managed file is a config file in yaml… I wrote the module in python that returns the list of projects that I want to build the config for in that config file
19:21 kermit joined #salt
19:23 agermont joined #salt
19:24 orion__ left #salt
19:25 possibilities joined #salt
19:26 bhosmer joined #salt
19:28 geekmush3 joined #salt
19:28 cpowell joined #salt
19:28 jhauser joined #salt
19:31 agermont Hi! Is there an easy way to get the last state.highstate results? In particular for highstate runs executed by the scheduler (I can use 'salt-run jobs.lookup_jid <id>' for jobs started manually).
19:32 forrest agermont, did you already run salt-run jobs.list_jobs?
19:33 babilen … and salt-run jobs.lookup_jid $JID
19:33 agermont yes, but I only see jobs i started manually. not those using the scheduler
19:33 agermont and since i do not have the job id i cant use jobs.lookup_ji
19:34 forrest right
19:34 babilen Oh, are they not all listed?
19:35 forrest agermont, did you create the scheduled job on the master or minion?
19:35 agermont on the master
19:35 forrest ok
19:36 forrest what about adding jid_include: True?
19:36 agermont babilen, i only see jobs i started manually
19:36 mordonez joined #salt
19:37 agermont forrest, i didn't see that parameter, i'll try it right away. Thanks!
19:37 forrest also, I assume there isn't anything in the master log?
19:38 forrest agermont, yea np, I don't honestly know what that option does, it's not explained
19:38 forrest agermont, but worth a shot :P
19:39 aparsons joined #salt
19:39 forrest agermont, if it works, or there is additional details in the log, can you create an issue to document it?
19:40 babilen All I could find where some comments in the code
19:41 forrest babilen, yea on the module?
19:41 Ryan_Lane joined #salt
19:41 forrest babilen, it still isn't explained though from what I've found so far.
19:42 aparsons joined #salt
19:42 babilen in salt/util/schedule.py, but only in-line comments rather than something that would make it into the salt docs. There is a mention of it on http://docs.saltstack.com/en/latest/topics/jobs/schedule.html (in the example) but it is never discussed anywhere
19:42 babilen yeah
19:43 forrest agermont, looks like it just adds additional log output
19:43 forrest log.debug('schedule: This job was scheduled with jid_include, adding to cache (jid_include defaults to True)')
19:43 babilen "if 'jid_include' not in data or data['jid_include']:" (and other code) seems to indicate that it will be logged unless it is set to False (but it's been a long day)
19:44 forrest babilen, I agree
19:44 forrest it seems to be dropping it into the cache with that
19:44 babilen yeah
19:44 forrest default says it is set to True though
19:44 agermont ok, i tried it, but i do not see the jobs listed
19:45 babilen I think you would have to explicitly set it to False to prevent logging
19:45 forrest babilen, I agree, that seems... odd
19:45 babilen agermont: You would need -ldebug
19:45 forrest agermont, can you turn debug logging on?
19:45 forrest babilen, ++
19:45 agermont on the minion?
19:45 forrest no the master
19:46 forrest babilen, you shouldn't NEED to do that though
19:46 forrest if it just drops the job into the cache, debug logging shouldn't be required.
19:46 dvestal_ joined #salt
19:46 babilen Just trying to make sense of the behaviour we are seeing. I agree that it should be easier to check the status of scheduled jobs.
19:47 forrest babilen, yea there's no disagreement, I just find it odd it isn't dropping those, debug logging isn't needed to log jobs, lol
19:49 agermont OK, I see many debug messages when the minion runs but no job id
19:50 babilen /o\
19:51 jslatts joined #salt
19:52 possibilities joined #salt
19:52 oz_akan joined #salt
19:53 iamtew good evening people
19:53 forrest hi
19:54 iamtew I'm trying to salt a master here, so I installed using the bootstrap script, so now I have both a master and minion running there, and accepted its keys
19:54 iamtew and then I was looking at this formula, https://github.com/saltstack-formulas/salt-formula, but I'm not entirely sure how to get it in there in a nice way
19:55 forrest iamtew, What is it that you're trying to do?
19:55 iamtew do I first need to manually configure the master to use this formula, then have it run and overwrite its configuration files?
19:55 nyx joined #salt
19:55 iamtew ok so basically I got a freshly installed CentOS machine here, and I want to do as much configuration and management of it using the orchetration and tooling from salt
19:55 iamtew which I think should be possible, yes?
19:56 forrest yea, is your master also a minion
19:56 iamtew yes, both salt-master and salt-minon is installed and running
19:56 iamtew and I accepted the key using 'salt-key -A'
19:57 iamtew and now I'm not sure how this salt-formula is supposed to work, how I should install it on the system
19:57 forrest ok, so you cloned this repo, and then put the files onto your system?
19:58 iamtew no, I was thinking I could use gitfs
19:58 forrest you could, but you should still clone that repo, don't use it directly
19:58 iamtew ok, I will just clone it
19:59 babilen If you include the GH repositories directly you essentially give everybody who can push there root on your systems
19:59 forrest iamtew, you could always fork
19:59 forrest but I don't like relying on github
19:59 babilen (nor can you check if you like the changes that come in or control when they happen)
20:00 iamtew right, that's all clear
20:00 babilen I mirror them locally to our infrastructure that we manage with gitolite. But the important bit is: Whatever you do, don't pull directly from upstream but from a repo you control.
20:00 iamtew yeah, I was planning on putting a fork on my own git server actually
20:01 iamtew this first run is mostly as a test case to get my hands dirty :)
20:01 babilen sure
20:01 oz_akan joined #salt
20:02 babilen I'm trying to simplify some grown infrastructure that we use to distribute private keys via pillars. I would like to allow our operators to simply change the context of files in git or somewhere and have those files read via Python and distributed via pillars. Can I do that?
20:03 babilen I don't really like to include long strings in a Python module, but it would be an option (ugly though)
20:04 skullone its kind of interesting that states and pillars get their own environments and targeting
20:04 babilen Essentially I would like to write something like: if os.path.exist(path/to/grains['id'].key): return {'key': open(....).read()}
20:04 skullone seems like duplication of work, but i can see the benefit of states and pillars using different targeting
20:04 jslatts joined #salt
20:05 babilen It is necessary if you want data to be private and only available to specific minions
20:05 skullone well, something like "file_root" i was thinking would apply to the state and pillar data, but you define them seperate
20:06 babilen states should work in a variety of situations and you should use specific data in pillars to make them do what you want
20:06 skullone then you target them seperately in their respective top files
20:06 babilen exactly
20:06 skullone tripped me up at first, i thought the pillar lookups would pull from the environment defined in the state top file
20:08 asdf__ joined #salt
20:08 asdf__ left #salt
20:15 ggoZ joined #salt
20:16 QiQe joined #salt
20:17 QiQe Hello evryone, do you know if is it already possible to install salt on CentOS 7 ?
20:18 zach have you tried it?
20:18 zach Seems like an unreasonable question
20:18 schimmy joined #salt
20:19 babilen Salt should just convert every box to Debian during the initial installation.
20:19 QiQe yes, I've tried from epel, didnt work, because centos 7 use python 2.7
20:20 babilen So do all my masters and they run fine - What is the actual problem you run into?
20:20 forrest python 2.7 works perfectly fine.
20:20 forrest Every ubuntu system is running that
20:20 Ryan_Lane does centos 7 not include python 2.7?
20:20 forrest it does
20:20 forrest unless they reverted
20:20 babilen "because centos use python 2.7"
20:20 forrest but last time I checked, they FINALLY got around to upgrading.
20:20 Ryan_Lane heh
20:21 babilen Can I read files in pillars?
20:21 schimmy2 joined #salt
20:21 QiQe yes it does, but the salt pkg on epel is still using python 2.6
20:21 babilen I'm not sure and I don't think I can (as the master will not necessarily cache them), but it would make a bunch of things easier
20:22 Ryan_Lane QiQe: ah, that would indeed be a problem
20:24 jsm joined #salt
20:24 babilen They specifically depend on python2.6 ?
20:24 forrest wait, did they include python2.7, but remove 2.6?
20:24 forrest or is it just a defaults issue
20:25 troyready joined #salt
20:25 iamtew I just installed it on CentOS 7, seems to work fine.. daemons are running and I see no errors.
20:26 iamtew although the machien isn't doing much at the moment, so it might not be representative
20:26 ksalman how do i find out which salt version will include this change? https://github.com/Nibbler999/salt/commit/bab2331d6e8b0492e744c496bb8837894b5e8620
20:27 babilen QiQe: What is the actual error you run into when you do what? Please use a pastebin such as http://paste.debian.net or http://refheap.com to show your commands and their output.
20:27 forrest ksalman, well, it was in develop yesterday, so the only real way is to review the tags as they are created and see if thi change is in
20:28 babilen I just checked salt-master-2014.1.10-4.el7.noarch.rpm and it doesn't seem to depends on py2.6 specifically
20:29 QiQe nevermind, I found the error,I had installed the wrong version of salt from epel after update it works
20:30 QiQe thanks guys
20:30 ksalman forrest: how did you find out if it was in develop? i am sure there's a better way then browsing the file in the repositry and looking for the change =)
20:30 forrest ksalman, https://github.com/Nibbler999/salt/compare/fix-custom-grains-override
20:31 aparsons joined #salt
20:31 forrest ksalman, then https://github.com/saltstack/salt/pull/14901
20:31 forrest when it gets merged, it will be into develop
20:31 forrest sorry, poorly worded on my part
20:32 ksalman thanks
20:32 forrest ksalman, is this your coworker?
20:33 forrest I like his reasoning for the response to Tom: Sometimes the core grains are wrong and need to overwritten.
20:33 forrest lol
20:33 ksalman NIbbler999? no
20:33 ksalman haha
20:33 forrest core grains are wrong? Clearly an issue with Salt! :D
20:33 forrest you could always just put that into your own copy though
20:33 forrest might take some work
20:34 ksalman the problem is that the change needs to go on all the minions
20:34 ksalman it's doable, yea
20:34 forrest so?
20:34 forrest make it a managed file
20:34 forrest in a state
20:34 forrest after you get the first one working
20:34 forrest and just apply it everywhere, then use 'at' to restart the minion 1 minute later
20:34 forrest boom, changed applied to all minions
20:34 ksalman true
20:35 forrest just keep the original somewhere so you can upgrade easily
20:35 ksalman the core grain ins't wrong per se.. though osmajorrelease gives the correct value, i.e major release for osmajorrelease
20:35 ksalman on Scientific Linux i get an array of major and minor release
20:35 ksalman err.
20:35 ksalman it gives the correct value for RedHat
20:36 ksalman but not on Scientific Linux
20:37 mordonez joined #salt
20:37 forrest ksalman, yea but that's a 5 minute fix with a custom grain
20:38 ksalman forrest: a custom grain that isn't called osmajorrelease, yea
20:39 ksalman I can just do that , I suppose. It's not a big deal really
20:40 forrest ksalman, yea, who knows if it will actually go in
20:40 forrest I would suggest not waiting around though
20:40 ksalman okay
20:40 forrest could be a month before the changes in develop are in an actual release
20:40 ksalman yea, you are right
20:41 ksalman i should just go ahread with a grain that's called something else, since I need it right now. I could always updated the state file later
20:41 forrest yea
20:48 pssblts joined #salt
20:59 bhosmer joined #salt
21:02 tligda joined #salt
21:03 srage_ joined #salt
21:07 chrisjones joined #salt
21:08 chrisjones joined #salt
21:10 rojem joined #salt
21:19 vejdmn joined #salt
21:26 jnials joined #salt
21:29 jnials joined #salt
21:31 jnials joined #salt
21:31 jnials_laptop joined #salt
21:34 kermit joined #salt
21:37 aparsons joined #salt
21:37 mordonez joined #salt
21:38 helderco joined #salt
21:38 toastedpenguin joined #salt
21:41 rojem joined #salt
21:43 aparsons joined #salt
21:43 FeatherKing joined #salt
21:45 ajprog_laptop joined #salt
21:47 Outlander joined #salt
21:50 Luke joined #salt
21:52 aparsons joined #salt
21:59 tligda joined #salt
22:00 bhosmer joined #salt
22:01 TheoSLC joined #salt
22:01 TheoSLC Hiya
22:01 TheoSLC Question - When are salt minion keys generated.  on startup of service?  Also, are they every automatically regenerated?
22:01 econnell1 joined #salt
22:02 viq joined #salt
22:03 econnell1 is there a way to decouple the id of the server from the certificate?  for example, have a certificate with a dn of something like "web" but have an id of something like "web-10"
22:03 aparsons joined #salt
22:04 aw110f joined #salt
22:04 forrest econnell1, you can set the ID of the server in the minion conf if you want to
22:04 bhosmer_ joined #salt
22:04 econnell1 when i do that, auth fails
22:04 forrest TheoSLC, it's just generated on startup of the service as far as I'm aware.
22:04 forrest econnell1, after restarting the service?
22:04 econnell1 let me backtrack a bit…
22:04 forrest econnell1, did you clear out the certs?
22:05 forrest inside of /etc/salt/pki
22:06 econnell1 i'm trying to set up an autoscaling group on aws and i want to be able to access the minions from the master… rather than all the autosigning and sns notification mess, i'd like to authenticate a predefined cert on the master, have all cluster members use that cert, but be identified separately for things like running commands
22:06 TheoSLC forrest: I just checked the code. it's generated any time get_keys is called and the path for keys is not set yet
22:06 forrest TheoSLC, gotcha
22:06 forrest that's good to know, thanks
22:06 forrest econnell1, that won't work, each minion has it's own PKI data which is generated. If they all had the same cert, the master would think they're all the same system.
22:07 TheoSLC I have a weird situation where keys are being overwritten during startup.  My master accepts one keys, then the minion generates a new key.
22:07 forrest TheoSLC, really?? That's quite odd
22:07 skullone TheoSLC: does the minion have the right ID in the minion_id file?
22:07 TheoSLC I just created a bug report for it.  https://github.com/saltstack/salt/issues/14934
22:08 TheoSLC skullone: yes
22:08 skullone is there a chance another minion has the same ID?
22:08 econnell1 right, that's why i was asking if the cert could be used only for authentication and have some other parameter used to uniquely identify the system
22:08 TheoSLC skullone: nope
22:08 skullone i had a similar issue where i had two hosts, and a messed up A/PTR record somewhere
22:09 forrest econnell1, unfortunately not, you still need unique keys for each minion.
22:09 TheoSLC skullone: in this case they are new hostnames generated by AWS ec2.  No duplicates
22:09 JasonSwi_ joined #salt
22:10 TheoSLC skullone: I don't have a recond in the minion log of the keys being generated twice.
22:10 TheoSLC that's the other weird thing.
22:10 TheoSLC this has happened twice now.
22:11 aparsons joined #salt
22:17 aparsons joined #salt
22:21 ipmb I'm having some issues getting salt-cloud booted minions to talk to my master
22:21 ipmb I get SaltReqTimeoutError: Waited 60 seconds
22:21 ipmb Waiting for minion key to be accepted by the master.
22:22 ipmb I can ping the master and the key is accepted and I verified the fingerprint on both ends
22:23 forrest ipmb, can you telnet to the master from the minion on 6505/6506?
22:23 ipmb yeah, I just was going to check that
22:23 forrest and is this on AWS? If so check your aws firewall stuff. That's been the issue in 100% of these situations from what I've seen
22:24 ipmb argh!
22:24 ipmb somebody setup iptables on this server :P
22:24 ipmb fixed!
22:24 forrest cool
22:24 TheoSLC ipmb: the jerk.
22:24 ipmb yeah, exactly ;)
22:25 ipmb security-schmurity
22:26 whiteinge Ahlee_: fyi https://github.com/saltstack/salt/issues/7997#issuecomment-48151023
22:27 whiteinge haven't tested but looks like a nice way to avoid atd
22:32 possibilities joined #salt
22:34 aparsons joined #salt
22:36 ipmb hmm, I have a state failing with State postgres_extension.present found in sls packages.postgresql is unavailable
22:36 ipmb but I can run the extension modules via salt-call
22:37 forrest ipmb, which release are you on?
22:38 ipmb salt-minion 2014.1.10 (Hydrogen)
22:38 forrest ipmb, https://github.com/saltstack/salt/tree/v2014.1.10/salt/states/postgres_extension.py
22:38 forrest doesn't exist in 2014.1.10
22:38 mordonez joined #salt
22:39 ipmb that would explain it
22:39 ipmb module.run then I suppose
22:39 forrest ipmb, https://github.com/saltstack/salt/issues/14938
22:39 forrest I opened an issue for the documentation at least
22:39 forrest yea module.run go
22:40 ipmb :) thanks
22:40 forrest or you could try adding it to _states
22:40 forrest might be worth a shot
22:40 DaveQB joined #salt
22:41 ruio joined #salt
22:42 ruio Hi everyone! Long time since I've been in IRC, hope I remember the correct etiquette :D
22:42 forrest hi
22:45 mosen joined #salt
22:46 ruio I started learn saltstack a couple of days ago so I'm still a newbie but I couldn't be able to find a solution for using pillar in salt masterless with vagrant
22:47 ruio Anyone has an hint? I looked at the vagrant docs but they embed the pillar key,value in the vagrant config file
22:47 melinath_ joined #salt
22:49 skullone forrest: do you get paid to answer questions here? :p
22:49 forrest skullone, no
22:49 skullone you should!
22:50 forrest skullone, that would be cool, I have a few projects I need to finish up to bring in some alternative revenue, then I might be able to do so.
22:50 forrest skullone, I appreciate the sentiment though!
22:53 bhosmer joined #salt
22:55 ajolo joined #salt
22:56 forrest ruio, sorry I missed your question, so you just want to use pillar itself with your masterless setup?
22:57 forrest ruio, the pillar is treated the same way whether it's in a master setup or not. Take a look at this stuff I wrote: https://github.com/gravyboat/hungryadmin-sls it operates on a masterless minion
22:57 forrest it's a simple example, but it has the full file structure.
22:57 ruio Yes, I'm configuring a local vagrant machine. Everything is fine but al my parameters are embedded. I want to move that infos for using pillar
22:57 ruio Thanks for the link
22:58 forrest ruio, yea np, it uses a bit of an 'older' style where I set a lot of values at the top instead of referencing them directly
22:58 forrest but it gives you an idea of how to do what I believe you are looking for
22:58 forrest you can reference data from within a pillar by using something like - name {{ salt['pillar.get']('myapp:arg', 'default') }}
22:59 aparsons joined #salt
23:05 ruio Ok, I'm trying :D
23:05 napper joined #salt
23:06 forrest cool
23:07 to_json joined #salt
23:08 catpig joined #salt
23:08 Jarus joined #salt
23:08 Damoun joined #salt
23:14 dvestal joined #salt
23:20 cb joined #salt
23:25 ruio @forrest: awesome, worked perfectly!
23:26 forrest ruio, Awesome!
23:26 MatthewsFace ugh, why am I seeing this after a salt update?
23:27 MatthewsFace State pkg.installed found in sls security.iptables is unavailable
23:27 MatthewsFace The pkg is installed...
23:27 mosen you use anything for salt monitoring forrest?
23:28 ruio One more question: what's the difference between salt states and modules? I suppose you use modules when you want to create script to execute on the salt master or I'm missing something?
23:28 forrest mosen, in what sense?
23:29 mosen forrest: hmm highstate job result logs
23:29 forrest ruio, https://github.com/gravyboat/salt-book/blob/master/en/chapter02-masterlessminion/chapter02.rst#the-difference-between-salt-states-and-salt-modules
23:29 forrest mosen, oh, no we don't
23:29 ruio Thanks again forrest!
23:30 forrest ruio, basically the execution modules are what you'd use on the command line, the states are invoked from within files, they use the execution modules
23:30 forrest ruio, yea np, the explanation there isn't amazing, still need to clean it up
23:31 ruio I starred the repo :D
23:31 forrest cool, I need to stop slacking and get it done :P
23:33 bhosmer joined #salt
23:34 bencc joined #salt
23:34 Ozack joined #salt
23:34 _r00k_ joined #salt
23:35 catpig joined #salt
23:39 mordonez joined #salt
23:47 Ozack joined #salt
23:49 aparsons joined #salt
23:52 dvestal_ joined #salt
23:53 possibilities joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary