Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-08-21

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:01 steveoliver joined #salt
00:06 bhosmer joined #salt
00:10 possibilities joined #salt
00:10 rojem joined #salt
00:15 bhosmer joined #salt
00:23 mosen joined #salt
00:33 dalexander joined #salt
00:37 yomilk joined #salt
00:52 davet joined #salt
01:00 capitalfellow joined #salt
01:01 mgw joined #salt
01:03 conan_the_destro joined #salt
01:06 mechanicalduck joined #salt
01:09 Ryan_Lane joined #salt
01:09 diegows joined #salt
01:12 davet joined #salt
01:16 badon joined #salt
01:20 bhosmer joined #salt
01:21 vejdmn joined #salt
01:23 pentabular joined #salt
01:26 rojem joined #salt
01:28 a1j joined #salt
01:35 Thiggy joined #salt
01:37 aw110f joined #salt
01:45 joehoyle joined #salt
01:45 icebourg joined #salt
01:47 ilbot3 joined #salt
01:47 Topic for #salt is now Welcome to #salt | 2014.1.10 is the latest | Help us test the 2014.7 RC! http://bit.ly/salt-rc | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
01:49 basepi joined #salt
01:53 dalexander joined #salt
01:58 mordonez joined #salt
01:59 dalexander joined #salt
02:03 kelseelynn joined #salt
02:03 kelseelynn left #salt
02:04 capitalf_ joined #salt
02:07 aw110f joined #salt
02:10 rojem joined #salt
02:13 Hell_Lap joined #salt
02:16 possibilities joined #salt
02:26 joehoyle joined #salt
02:29 schimmy joined #salt
02:31 schimmy1 joined #salt
02:43 a1j joined #salt
02:48 ramishra joined #salt
02:49 ramishra_ joined #salt
02:53 pastacino joined #salt
02:57 jeffrey4l_ joined #salt
02:58 jeffrey4l joined #salt
02:59 Furao joined #salt
03:08 bhosmer joined #salt
03:11 ramishra joined #salt
03:19 ramishra joined #salt
03:24 Thiggy joined #salt
03:24 baconbeckons joined #salt
03:27 baconbeckons joined #salt
03:28 baconbeckons i’m having trouble using the official nginx-formula. When I try to install nginx, i get an error in nginx.package because jinja doesn’t find install_from_ppa
03:29 panchisco joined #salt
03:29 yomilk joined #salt
03:30 manfred are you using the formula from gitfs, or did you manually git clone the formula?
03:30 baconbeckons manfred: i’m running masterless in vagrant so i did a git subtree
03:30 manfred when?
03:30 manfred cause that stuff was reverted https://github.com/saltstack-formulas/nginx-formula/pull/42 and fixed
03:31 baconbeckons just today
03:32 baconbeckons maybe i’m not using the formula right?
03:33 manfred i haven't tried it, it just looks like they said that bug was fixed
03:33 manfred ¯\(°_o)/¯
03:35 baconbeckons if i’m trying to use a formula, i should be able to just add it in my top.sls if i don’t need to do anything else with it, right?
03:36 manfred nah, you still need to check out the pillar.example
03:37 gzcwnk :)
03:37 gzcwnk 30mins to home time
03:38 elfixit joined #salt
03:40 Ryan_Lane joined #salt
03:40 marsen joined #salt
03:46 marsen joined #salt
03:46 marsen joined #salt
03:49 Ryan_Lane joined #salt
03:51 Hell_Lap joined #salt
03:53 marsen joined #salt
03:53 baconbeckons @manfred i forgot to map pillar in vagrant
03:53 baconbeckons thanks :)
03:53 icebourg joined #salt
03:58 marsen joined #salt
03:58 kermit joined #salt
04:01 yomilk joined #salt
04:02 DaveQB joined #salt
04:03 marsen joined #salt
04:08 joehoyle joined #salt
04:08 marsen joined #salt
04:08 rannick joined #salt
04:10 joehoyle_ joined #salt
04:13 marsen joined #salt
04:17 marsen joined #salt
04:22 marsen joined #salt
04:27 marsen joined #salt
04:27 ajw0100 joined #salt
04:32 marsen joined #salt
04:37 marsen joined #salt
04:42 marsen joined #salt
04:44 mosen joined #salt
04:44 Ryan_Lane joined #salt
04:47 marsen joined #salt
04:50 rannick joined #salt
04:51 jaimed joined #salt
04:52 marsen joined #salt
04:54 felskrone joined #salt
04:57 marsen joined #salt
04:57 bhosmer joined #salt
05:02 marsen joined #salt
05:02 bhosmer joined #salt
05:03 schimmy joined #salt
05:07 schimmy1 joined #salt
05:07 malinoff joined #salt
05:09 marsen joined #salt
05:14 marsen joined #salt
05:19 marsen joined #salt
05:26 ajolo joined #salt
05:30 schimmy joined #salt
05:35 joehoyle joined #salt
05:42 ramishra joined #salt
05:43 Sauvin joined #salt
05:44 jchen joined #salt
05:47 Katafalkas joined #salt
05:47 AnswerGuy joined #salt
05:48 ramishra joined #salt
05:50 colttt joined #salt
05:50 capitalfellow joined #salt
05:53 rannick joined #salt
05:53 Ryan_Lane joined #salt
05:58 MrTango joined #salt
05:59 orion_ joined #salt
06:09 Katafalkas joined #salt
06:11 wenjie joined #salt
06:18 jinlin joined #salt
06:20 panchisco joined #salt
06:22 ramishra joined #salt
06:28 martin_ joined #salt
06:30 catpigger joined #salt
06:30 badon joined #salt
06:44 marsen joined #salt
06:45 elfixit joined #salt
06:46 heller_barde joined #salt
06:46 lcavassa joined #salt
06:51 heller_barde joined #salt
06:54 rannick joined #salt
06:54 heller_barde joined #salt
06:57 heller_barde joined #salt
06:57 patrek joined #salt
06:58 rofl____ can i use source for file.managed through different environments?
07:06 intellix joined #salt
07:07 jhauser joined #salt
07:08 jeffrey4l joined #salt
07:09 heller_barde joined #salt
07:13 alanpearce joined #salt
07:15 martoss joined #salt
07:16 ml_1 joined #salt
07:16 timb_dp joined #salt
07:22 babilen rofl____: What do you mean by "through different environments" ?
07:23 rofl____ babilen: calling a base sls from dev environment
07:23 rofl____ in file.managed source://
07:23 rofl____ i did find it in the docs :)
07:23 rofl____ ?saltenv=base
07:23 rofl____ - source: salt://common/services/elasticsearch/files/elasticsearch_1_3.yml.jinja?saltenv=base
07:27 babilen Splendid :)
07:28 babilen Would have been more obvious if you had phrased that "from a different environment" :)
07:28 rofl____ sure
07:28 rofl____ not enough coffee
07:28 rofl____ or maybe to much
07:28 Hell_Lap joined #salt
07:31 marnom joined #salt
07:39 marnom how exciting, a release candidate for Helium :) gonna test this right away
07:42 verwilst joined #salt
07:52 _1_samstorbacka joined #salt
07:54 rannick joined #salt
07:54 ml_1 joined #salt
08:02 cym3try joined #salt
08:03 Skos joined #salt
08:04 badon_ joined #salt
08:08 marnom anyone been playing with the vSphere provider yet in the Salt RC?
08:13 babilen I'm sure that somebody tried it, yeah
08:13 calvinh joined #salt
08:13 darkelda joined #salt
08:14 rofl____ how will the backwards compat be for Helium?
08:14 marnom It's a bit unclear how to set up profiles for the provider (at least for me at the moment..) so I was wondering if anyone could perhaps shed some light on it
08:15 marnom rofl____: so far it seems to work, only updated my master and can still communicate with my minions which are on stable release
08:15 rofl____ marnom: excellent
08:15 dober_ joined #salt
08:15 marnom rofl____: mind you, I've only just started testing, so might still show issues once I redeploy some VMs etc
08:16 calvinh hey guys is there any way to modify the $PATH env variable of the user that executes the salt states on the minion? it seems like salt doesn't find binaries in /usr/local/bin/
08:18 ramishra joined #salt
08:26 calvinh ok i guess i just found the solution in the init-script of the salt-minion
08:26 babilen calvinh: It's set correctly on Debian, which distribution do you use?
08:27 calvinh the minion is on debian 7.5, the line in the initscript of the minion looks like this: PATH=/sbin:/usr/sbin:/bin:/usr/bin
08:28 babilen I get "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" for cmd.run "echo $PATH"
08:30 calvinh hugh that's weird, shouldn't be an issue with my version i guess
08:31 babilen Do you get the same output?
08:31 calvinh salt-minion 2014.1.10 (Hydrogen)
08:31 babilen Likewise
08:32 calvinh that's the output i get: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
08:33 tinuva joined #salt
08:33 babilen Which does contain /usr/local/bin -- What is the actual problem you are facing?
08:34 babilen Argh, sorry ... I'll be back in a second/minute
08:34 calvinh yea that's the weird thing, PATH looks right but cmd.run "which cpanm" has an empty output
08:35 calvinh although cpanm lies here /usr/local/bin/cpanm
08:37 ckao joined #salt
08:37 ramishra_ joined #salt
08:40 calvinh i'm using "which cpanm" in an "unless" before installing cpanm via "curl -L http://cpanmin.us | perl - --sudo App::cpanminus"...took me some time to understand why this is executed everytime
08:45 Skos Is it possible to distinguish environments in ext_pillar when I execute state.sls? It seems there is: __opts__['environment'] == None instead of for example 'dev', when I execute: salt '*' state.sls projects/my_proj dev
08:47 martoss joined #salt
08:51 sectionme joined #salt
08:55 rannick joined #salt
09:08 felskrone1 joined #salt
09:09 patrickcp_ hi guys, does anyone know how to run a reactor state after a prior job has completed?
09:18 funzo joined #salt
09:19 alanpearce joined #salt
09:25 dsolsona joined #salt
09:25 thayne joined #salt
09:28 cym3try this is something very silly, but i am creating a directory state with clean: True and in another state i am definining a file inside this directory with the require_in. however salt keeps cleaning the directory including this file and then puts the file back in the directory. what am i doing wrong?
09:31 che-arne joined #salt
09:43 martoss joined #salt
09:44 N-Mi joined #salt
09:48 notpeter_ joined #salt
09:50 cym3try im an idiot, i havent actually used the require_in (which solved the problem)
09:52 ggoZ joined #salt
09:56 rannick joined #salt
09:59 yomilk joined #salt
10:02 calvinh joined #salt
10:08 thehaven joined #salt
10:10 mosen joined #salt
10:10 jeffrey4l joined #salt
10:14 dwfreed joined #salt
10:14 peters-tx joined #salt
10:19 bhosmer joined #salt
10:21 Twiglet_ joined #salt
10:25 ajprog_laptop joined #salt
10:27 Sp00n joined #salt
10:31 Katafalkas joined #salt
10:38 Sp00n is there a way to get all items from a grain instead of specifying static lists? eg: instead of [0,1] some sort of wild card or do i need to look in to loops or something?
10:44 calvinh_ joined #salt
10:45 ramishra joined #salt
10:52 martoss hey folks, when extending an sls, can I also replace watches somehow? Assume i have a - watch: - file: basefiles and wanna replace this by a - watch: - git: basefiles. Or is the recommended way to invert control of the watch statement?
10:52 mechanicalduck joined #salt
10:52 bhosmer joined #salt
10:54 bhosmer joined #salt
10:54 martoss Sp00n: What do you mean by wildcard? I dont't get your question. Are jinja filters what you're looking for?
10:56 Sp00n Thats a good question, they may not be but what I am doing is trying to template a config file with a pillar, inside the pillar i want to get all the ip addresses for one for one of the config options, this works: {{ salt['grains.get']('ipv4')[1] }} but I only get the single address, I want to have all of the addresses within the ipv4 grain
10:56 Sp00n does that make any more sense?
10:56 rannick joined #salt
10:58 malinoff Sp00n, salt['grains.get']('ipv4') returns list. If you want to filter values within, you should iterate and filter them by yourself
10:58 rawzone joined #salt
10:59 Shenril joined #salt
10:59 malinoff Sp00n, how would you do that in python or any other language?
11:00 Sp00n I have no idea, i am not a programmer
11:00 Sp00n the list it returns isn't formatted correctly for the config file
11:01 malinoff so you should iterate over it and compile what you need by yourself
11:01 Sp00n right...
11:01 ramishra_ joined #salt
11:01 Sp00n do you have an example I can look at?
11:01 Sp00n perchance
11:02 ramishra_ joined #salt
11:02 malinoff {% for ipaddress in salt['grains.get']('ipv4') %} {% if not ipaddress.startswith('10') %} something {{ ipaddress }} {% endif %} {% endfor %}
11:03 Sp00n oh I had begun to write something like that so i was on the right track haha
11:03 Sp00n thanks
11:04 malinoff Sp00n, you should definitely learn some python
11:04 Sp00n yes I should
11:04 Sp00n its on my list of "things i should be looking at"
11:04 malinoff Sp00n, put it on the first position
11:04 Sp00n lol
11:05 malinoff if you're a sysadmin and you know let's say bash and perl, python will amaze you
11:08 mosen it is great
11:19 Katafalk_ joined #salt
11:21 ladistwo joined #salt
11:28 jslatts joined #salt
11:31 diegows joined #salt
11:31 yomilk joined #salt
11:32 ladistwo left #salt
11:32 adsisco joined #salt
11:33 adsisco http://goo.gl/LfJvgP, whats wrong with my sls file? it says it is not formed as a list
11:33 Peter___ joined #salt
11:34 ladisone joined #salt
11:34 malinoff adsisco, well, everything is wrong
11:34 ladisone left #salt
11:34 babilen adsisco: I would strongly recommend to not use URL shortener when referencing pastebins and I am unable to see your paste unless I disable ad blocking (which I will not do). Please use a different pastebin such as http://refheap.com or http://paste.debian.net
11:35 malinoff adsisco, you can't unite states within a single id like you do
11:35 bhosmer joined #salt
11:35 bhosmer_ joined #salt
11:35 malinoff adsisco, http://docs.saltstack.com/en/latest/topics/tutorials/starting_states.html
11:36 adsisco http://paste.debian.net/116670/
11:36 ladisone joined #salt
11:38 martoss joined #salt
11:38 adsisco malinoff: how would you represent the states then?
11:39 malinoff adsisco, using "name" argument for each function
11:40 martoss Sp00n: Hows should the ip list look like afterwards? you can e.g. use the join filter in jinja.
11:40 fr65 joined #salt
11:40 malinoff http://paste.debian.net/116672/
11:41 malinoff but it is also wrong
11:41 Sp00n martoss, the line malinoff gave me, once i removed the spaces, worked a treat :)
11:42 martoss Sp00n: kk
11:42 malinoff Sp00n, if you do not actually do any logic within forloop, you can just do {{ salt['grains.get']('ipv4') | join(",") }}
11:43 malinoff http://jinja.pocoo.org/docs/dev/templates/#join
11:43 Sp00n is there a benefit to doing it that way over the former?
11:43 adsisco malinoff: it says conflicting id...
11:44 malinoff adsisco, https://groups.google.com/forum/#!topic/salt-users/ONes7jCbEa0
11:46 malinoff adsisco, my suggestion is to not unite these states at all
11:46 adsisco ok
11:49 ramishra joined #salt
11:49 tmh1999 joined #salt
11:50 martoss malinoff, Sp00n yep, one can also do simple checks with filters but for more complex ones a for loop as suggested is better. Filters are more compact though.
11:51 adsisco if i don't unite the states, i'll have to call them separately using a bash script to install on salt minions?
11:52 gildegoma joined #salt
11:54 sectionme joined #salt
11:57 rannick joined #salt
12:00 rjc joined #salt
12:00 _mel_ joined #salt
12:02 Peter___ Hi, is there a way to make one state to use few different pillars at demand? For example I have in two different pillars with users like users_db and users_http. I would like to have one state file that will iterate over one or another pillar.
12:02 Peter___ something like that: http://paste.debian.net/116676/
12:04 babilen Peter___: https://github.com/saltstack-formulas/users-formula might be of interest
12:05 babilen Peter___: How will you decide which pillar data to use?
12:06 andebe joined #salt
12:07 ramishra joined #salt
12:07 Peter___ exactly this is one of the issue: I though about some variable in loop pillar.get('users', {}).items(). users can be replaced by users_db or users_http but I'm not sure about that.
12:09 babilen Peter___: What do you mean by "replaced" ? You should simply target the right data to the minions to begin with and you won't need completely different pillars for that. So if you have minions that should get the "db users" users then you would target them with, say, "- users.db" in your pillar's top.sls
12:11 andebe Hi! Gurus - is host.present supposed to remove all comments from /etc/hosts file? Docs do not seem to mention this "feature"
12:13 JinLin_Gan joined #salt
12:13 TheThing joined #salt
12:16 rypeck joined #salt
12:18 Peter___ babilen: lets assume that I have one host and want to use only one state for users. Simplest way would be to create state for db and state for http (same pillars or even without). But is there a way to do it within one state? Grains cannot be used as this is one host.
12:19 babilen If you have one host why don't you simply target it with a suitable pillar that will cause the creation of *all* users that you want to create on that box?
12:21 Peter___ because I need to have flexibility to create users from db or from http.
12:21 babilen from db?
12:21 babilen I have the feeling as if I am missing quite a bit of picture here.
12:23 babilen But sure, you can write identical states that differ in the pillar they draw their data from. You could even loop over two pillar names, pillar.get the one you want to work with and feed data therein to states that will create the users.
12:25 babilen I mean you could easily use "salt['pillar.get'](LOOP_ELEMENT, {})" in your state and loop over ['users_db', 'users_http'] and then define those pillars with users_db: and users_http: respectively.
12:25 jinlin joined #salt
12:26 babilen In the end you probably rather want some way to merge data drawn from multiple sources when compiling your *one* pillar that you hand to the users formula (or similar states). The best way to do that really depends on your needs and setup.
12:26 ntropy joined #salt
12:31 Peter___ ok, I'll keep trying. Maybe different approach from my side is required. Thanks for your help.
12:31 sirtaj joined #salt
12:32 hellerbarde joined #salt
12:33 jaimed joined #salt
12:33 masterkorp joined #salt
12:36 mikkn joined #salt
12:44 mechanicalduck_ joined #salt
12:49 _mel_ Hi. ca i use a variable defined in a state via {% set var = ... %} in an if statement later in the state file?
12:54 bhosmer joined #salt
12:56 cpowell joined #salt
13:01 rojem joined #salt
13:01 blarghmatey joined #salt
13:03 Katafalkas joined #salt
13:05 ericof joined #salt
13:07 mapu joined #salt
13:07 FeatherKing joined #salt
13:14 babilen _mel_: You should
13:15 vejdmn joined #salt
13:15 andebe To answer my own question - host.present uses host.list_hosts and that does not display comments
13:16 andebe Now, is there any reasonable way to update and keep comments in /etc/hosts file?
13:23 vejdmn1 joined #salt
13:25 ramishra joined #salt
13:29 vnico joined #salt
13:29 jinlin_gan joined #salt
13:31 vnico hi, there is any API method that provides the output of salt-key?
13:34 rojem joined #salt
13:51 capitalfellow joined #salt
13:52 diegows joined #salt
13:53 SheetiS joined #salt
13:54 dsolsona joined #salt
13:54 sectionme joined #salt
13:56 dude051 joined #salt
14:06 ipmb joined #salt
14:09 gildegoma joined #salt
14:09 orion_ joined #salt
14:10 blarghmatey joined #salt
14:13 quickdry21 joined #salt
14:15 kt76 joined #salt
14:16 jeffrey4l joined #salt
14:18 blarghmatey joined #salt
14:18 kt766 joined #salt
14:19 gildegoma joined #salt
14:22 Ozack1 joined #salt
14:22 manfred vnico: have you tried through salt-api? i would be supprised if it returned private keys through that though...
14:23 manfred since private
14:24 vnico manfred: os.listdir("/etc/salt/pki/master/minions") :)
14:24 ramishra joined #salt
14:24 vnico manfred: i only need the hostnames controlled by a master
14:25 aquinas_ joined #salt
14:25 Katafalkas joined #salt
14:25 whiteinge vnico: look at the key wheel module
14:26 ajprog_laptop joined #salt
14:26 Thiggy joined #salt
14:26 jaimed joined #salt
14:27 whiteinge !wheel.key.list_all
14:27 wm-bot4 http://docs.saltstack.com/en/latest/ref/wheel/all/salt.wheel.key.html#salt.wheel.key.list_all
14:28 vnico whiteinge: nice :), that's even better as already supports glob matching
14:28 seanz left #salt
14:28 masm joined #salt
14:28 Katafalkas joined #salt
14:28 ipmb_ joined #salt
14:30 nomad_fr joined #salt
14:31 schimmy joined #salt
14:33 bernieke joined #salt
14:39 ramishra_ joined #salt
14:41 goudale joined #salt
14:42 conan_the_destro joined #salt
14:42 goudale Hi all
14:43 goudale I have a question that as little to do with salt and more with general sysadmin
14:43 sectionme joined #salt
14:43 manfred !wheel.key.list_all | whiteinge
14:43 wm-bot4 whiteinge: http://docs.saltstack.com/en/latest/ref/wheel/all/salt.wheel.key.html#salt.wheel.key.list_all
14:43 rallytime joined #salt
14:44 cym3try how can i iterate over a pillar list? so far i have only managed to iterate over a dictionary using pillar.get('attribute', {}).items())
14:45 manfred cym3try: just like in python
14:45 goudale Do you know any software that would log every command users entererd on servers ? I only know SnoopyLogger which wraps around execve(), not the best solution so far
14:45 manfred cym3try: {% for something in pillar.get('attr', []) %}
14:45 manfred goudale: auditd
14:45 manfred and log to a remote server
14:46 manfred goudale: http://security.blogoverflow.com/2013/01/a-brief-introduction-to-auditd/
14:46 wendall911 joined #salt
14:46 manfred goudale: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/sec-Understanding_Audit_Log_Files.html
14:47 thayne joined #salt
14:48 mechanicalduck joined #salt
14:48 cpowell joined #salt
14:49 goudale manfred: much thanks
14:49 manfred np
14:50 mbroadhead joined #salt
14:52 KaaK joined #salt
14:52 cym3try manfred: thanks. what if i want to get a particular item, such as salt '*' pillar.item mylist[1] (does not work)
14:53 schimmy1 joined #salt
14:53 manfred cym3try: yeah, doesn't work that way
14:54 manfred salt '*' pillar.get mylist:1
14:55 KaaK can pillar items be set programatically? I've got a value -- a component release number -- that I would like to update when new releases are built by my CI environment
14:56 KaaK currently, the only way i see to do that is with grains, but I feel like it goes against the idea of grains -- static, immutable data
14:56 manfred KaaK: ext_pillars can do that
14:57 manfred http://docs.saltstack.com/en/latest/topics/development/external_pillars.html
14:57 jalbretsen joined #salt
15:04 felskrone joined #salt
15:04 icebourg joined #salt
15:06 goudale joined #salt
15:11 oz_akan joined #salt
15:14 rawkode joined #salt
15:18 KaaK manfred, currently, the pattern I envision is upon a successful build, having my CI update the build number in either pillar or grains -- then calling highstate afterwards to assert that my component's state is up-to-date with the new build number.
15:19 KaaK i guess i dont immediately see how i could feed inputs into an ext_pillar
15:19 KaaK just from looking at the expected function signature for the ext_pillar function
15:20 gildegoma joined #salt
15:21 csa 'salt <HOST> cp.list_master' with gitfs throws an 'Error in function _file_list:'
15:21 csa AttributeError: 'list' object has no attribute 'rstrip'
15:21 csa is this a known bug?
15:23 ramishra joined #salt
15:23 sroegner joined #salt
15:24 conan_the_destro joined #salt
15:26 berserk joined #salt
15:26 cpowell joined #salt
15:27 fridder joined #salt
15:27 sroegner Hi all
15:28 sroegner is there a place somewhere where i could pick up salt-[minion|master]-2014.1.5-1.el6.noarch RPMs ?
15:29 tinuva joined #salt
15:29 sroegner i am having some exotic issues with using overstate in anything newer and need to get back into production before reproducing and reporting them
15:33 herlo joined #salt
15:36 TheThing joined #salt
15:37 ajprog_laptop joined #salt
15:39 conan_the_destro joined #salt
15:39 babilen sroegner: No idea, but that release was problematic as it caused communication errors between the master and minions. Did you restart both the master and minions after upgrading to .10 ?
15:40 sroegner babilen: thanks for that bit - i bare-metal rebuild from scratch all the time so no upgrade
15:41 csa sroegner: did you try rpmfind.net?
15:41 sroegner yes, no find
15:42 csa sroegner: got a hit for the source rpm at http://rpm.pbone.net/index.php3/stat/4/idpl/26578607/dir/redhat_el_6/com/salt-master-2014.1.5-1.el6.noarch.rpm.html
15:42 babilen Aren't there official archives for packages in EPEL comparable to snapshot.debian.org ?
15:43 babilen Ah well, /me shuts up as he has no idea about RHEL/EPEL/...
15:43 sroegner babilen: thats what i was wondering but doesn't seem to be the case
15:45 babilen http://dl.fedoraproject.org/pub/epel/6/x86_64/ has .7
15:46 bezeee joined #salt
15:46 sroegner which also has my problem
15:47 sroegner overstate fails to enter the next stage if nothing changed in stage 1
15:47 sroegner i rely on overstate for orchestration so this is a killer to my stuff
15:48 babilen Sure
15:48 skyler I occassionally get this error when wgetting bootstrap.saltstack: OpenSSL: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
15:48 skyler Anyone else had this happen?
15:53 goudale How can i test for a state in a template ? I woud like to write something like {% if 'foobar' in state %}{% endif %} that would be included only if the minion as the foobar state
15:53 berserk joined #salt
15:53 joehillen joined #salt
15:53 wajim joined #salt
15:53 wajim Yo guys
15:54 che-arne joined #salt
15:54 wajim I need some help with google compute engine and node js. any good references?
15:56 babilen wajim: http://docs.saltstack.com/en/latest/topics/cloud/gce.html + https://github.com/saltstack-formulas/node-formula
15:56 wajim nice
15:56 wajim thanks dude
15:57 babilen I have no idea how good that formula is though (never used it)
15:57 tkharju joined #salt
16:05 mpanetta joined #salt
16:06 mpanetta joined #salt
16:12 FeatherKing anyone ever used a syndic with ssh tunnel port forwarding?
16:13 smcquay joined #salt
16:14 troyready joined #salt
16:15 KyleG joined #salt
16:15 KyleG joined #salt
16:15 tmh1999 joined #salt
16:15 TheThing joined #salt
16:17 mechanicalduck joined #salt
16:21 che-arne joined #salt
16:29 ajolo joined #salt
16:29 thayne joined #salt
16:32 aparsons joined #salt
16:33 Gareth morning
16:35 JasonSwindle joined #salt
16:37 JasonSwindle joined #salt
16:38 Hell_Lap joined #salt
16:38 dsolsona joined #salt
16:39 smcquay joined #salt
16:40 forrest joined #salt
16:44 n8n joined #salt
16:45 chrisjones joined #salt
16:48 berserk joined #salt
16:49 possibilities joined #salt
16:50 rap424 joined #salt
16:51 Ryan_Lane joined #salt
16:52 n8n joined #salt
16:55 cpowell joined #salt
16:55 pass_by_value joined #salt
16:56 jslatts joined #salt
16:57 aparsons joined #salt
16:58 patrek joined #salt
16:58 aw110f joined #salt
16:58 viq wheee! which machines require a reboot due to having kernel upgraded: salt -v -G kernel:linux cmd.run_stdout 'cat /var/run/reboot-required' | grep -B1 restart | grep : | tr -d : | sort
17:00 forrest viq, should tweet that to @saltstack
17:01 aparsons joined #salt
17:01 mechanicalduck joined #salt
17:01 viq Ugh, does it fit in 140 chars?
17:02 viq I guess I'll see ;)
17:03 jslatts joined #salt
17:04 viq forrest: @saltstackinc you mean?
17:05 pass_by_value In [1]: len("wheee! which machines require a reboot due to having kernel upgraded: salt -v -G kernel:linux cmd.run_stdout 'cat /var/run/reboot-required' | grep -B1 restart | grep : | tr -d : | sort")
17:05 pass_by_value Out[1]: 184
17:05 forrest viq, yeah
17:05 Ryan_Lane that would actually be a very nice function for some salt module
17:05 forrest viq, cut the spaces, redo the text, it will fit
17:06 Ryan_Lane well, without all the shelling and piping :)
17:06 Ryan_Lane maybe the pkg module?
17:08 viq I had to play around a bit to have that info. On debian done by default after installing update-notifier-common, on centos 6+ done with yum-plugin-post-transaction-actions and in /etc/yum/post-actions/kernel_notifier.action putting kernel*:install:echo "System restart required" > /var/run/reboot-required ; logger -t update-notifier -p daemon.warning "System reboot required"
17:08 viq One day I'll get around to requesting pkgng module redone to support pkg.list_upgrades
17:09 Ryan_Lane yeah, it would be nice to be able to call a salt module and just get back a true/false :)
17:09 Ryan_Lane pkg.reboot_needed
17:10 viq yeah, or just a list of those that would return true
17:10 gnord joined #salt
17:10 viq I am thinking of doing that in a grain which would check for /var/run/reboot-required, but that would require learning python first :P
17:10 Ryan_Lane ah, it's a list of packages?
17:11 Ryan_Lane I think there's also a package for ubuntu/debian you can use that'll let you know if a reboot is actually needed after a package is upgraded
17:11 viq update-notifier-common  ?
17:11 viq Well, what that package does is it has some hooks that if kernel is updated it writes to /var/run/reboot-required
17:12 Ryan_Lane ah. ok
17:12 viq (and one more file, but I don't care about that right now)
17:12 * Ryan_Lane nods
17:12 viq Also I made them log to syslog, which ends up in logstash, so I can find them that way too ;)
17:13 Ryan_Lane cool
17:13 Ryan_Lane ah. it seems that debian-goodies also includes a check-restart command
17:13 Ryan_Lane which will tell you which services should be restarted, too
17:13 Ryan_Lane err checkrestart
17:14 ajprog_laptop joined #salt
17:14 jinlin_gan joined #salt
17:14 viq yeah, I've seen it, but that's much further up the line, first I want something that will tell me which machines need to be rebooted.
17:14 viq I can worry about not restarted services later
17:15 * Ryan_Lane nods
17:16 viq Also, still amused at our salt states repo stats ;)
17:16 felskrone joined #salt
17:16 viq Me: 437 commits / 14726 ++ / 2477 --
17:16 Ryan_Lane heh
17:16 viq next person (pretty much the only other person doing anything there): 174 commits / 2844 ++ / 1623 --
17:16 forrest viq, for your company repo?
17:16 viq forrest: aye
17:16 forrest nice
17:17 intellix joined #salt
17:18 tmh1999 joined #salt
17:19 mechanicalduck joined #salt
17:20 viq Enough for today, time to head home
17:20 forrest viq, later
17:21 vejdmn joined #salt
17:22 disdain joined #salt
17:23 bhosmer joined #salt
17:23 SheetiS joined #salt
17:27 mhubbard joined #salt
17:28 martoss joined #salt
17:28 mechanicalduck joined #salt
17:29 rojem joined #salt
17:36 vmdsch joined #salt
17:36 vmdsch left #salt
17:36 NV joined #salt
17:37 ajolo joined #salt
17:39 AdamSewell joined #salt
17:41 carmony I think I need to make a pull req for my summary highstate output, its my favorite thing now
17:42 forrest carmony, you have a summary tool?
17:42 arthabaska joined #salt
17:44 davet joined #salt
17:44 carmony forrest: https://gist.github.com/JustinCarmony/f41f9946da3a21228291
17:44 arthabaska hi all, often from my saltmaster in a dev environment (all idle servers), a majority of minions will timeout in the default 5s, even with just test.ping. if I raise the timeout to, say, 60s, they all eventually trickle in. Is there anything I can check to fix this?
17:45 arthabaska (then, on subsequent commands, they're all "awake" and respond immediately)
17:45 carmony arthabaska: is it like they are slow to "wake up" after being idle ?
17:45 mhubbard carmony: Sweet. Missed having that when I came over from ansible.
17:45 arthabaska carmony bingo
17:45 carmony arthabaska: There is a bug in GitHub that they are trying to track down
17:45 orion_ joined #salt
17:46 forrest carmony, you should make it so that's an option you can pass through man
17:46 carmony arthabaska: we have the same issue, ultimately the work around I did was make a cronjob that runs test.ping every 5 minutes
17:46 forrest carmony, so --summary or something, because that's great
17:46 arthabaska carmony ah, wow thanks. do you know the issue #?
17:46 aparsons_ joined #salt
17:46 SheetiS carmony: I like how that looks
17:47 sectionme joined #salt
17:47 carmony arthabaska: let me see if I can find it
17:48 aparson__ joined #salt
17:49 patarr joined #salt
17:49 patarr joined #salt
17:49 chrisjones joined #salt
17:50 vejdmn joined #salt
17:50 catpiggest joined #salt
17:51 jslatts joined #salt
17:51 catpig joined #salt
17:52 arthabaska carmony was it https://github.com/saltstack/salt/issues/14343 ?
17:53 druonysus joined #salt
17:53 carmony arthabaska: I think that is the one
17:55 arthabaska cool, seems like an odd one
17:58 aw110f Hi, how can I run a command only if there are changes in a directory?
18:00 forrest aw110f, what about cmd.wait? http://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html#salt.states.cmd.wait
18:00 druonysuse joined #salt
18:00 druonysuse joined #salt
18:01 aw110f Hi forrest: I have this http://pastebin.com/KtqfwK5r but it isn't working
18:02 yomilk joined #salt
18:02 aw110f sorry http://pastebin.com/4b4cu2Sh
18:02 Ryan_Lane aw110f: requisites only work against managed files
18:03 forrest aw110f, yep Ryan is correct.
18:03 aw110f what if i don't use require, see last pastebin
18:03 Ryan_Lane watch is also a requisite :)
18:04 forrest still doesn't work
18:04 aw110f oh
18:04 forrest aw110f, you can only watch/require things that salt knows about
18:04 aw110f i see
18:04 forrest aw110f, it doesn't know about all those random files in there unless they are managed or handled by salt in some way
18:04 * Ryan_Lane wants https://github.com/saltstack/salt/issues/11330
18:04 forrest Ryan_Lane, yeah
18:05 Ryan_Lane if salt could trigger events on inotify events, this would work
18:05 forrest Ryan_Lane, man, I was going to set up the reactor at home last night, then realized you have to be running a master to do so
18:05 forrest bleh
18:05 Ryan_Lane I'd love if it could also monitor udev events
18:05 Ryan_Lane I thought reactors also worked via minions?
18:06 Ryan_Lane what's the point of being able to send local events if you can't react locally?
18:06 rallytime joined #salt
18:06 Ryan_Lane there's lots of stuff that's master only that shouldn't be
18:06 Ryan_Lane filesystem support, but instance. no master no s3fs/gitfs/etc
18:09 smcquay joined #salt
18:10 forrest Ryan_Lane, I don't know, I didn't dive into the code too much last night
18:10 forrest was working on some other stuff, but I want to use the reactor, from a masterless minion
18:10 ollins joined #salt
18:10 edward__ joined #salt
18:10 Ryan_Lane yeah, it would be nice to be able to do so
18:11 Ryan_Lane being able to react to changes in etcd, would be nice for instance
18:11 aw110f so how can i formulate the state where i already have this http://pastebin.com/n16CCLTC
18:11 forrest Ryan_Lane, Right, my blog just runs on a masterless minion, and I have it down to single run deploy, but if I could use the reactor, it would auto update
18:12 forrest aw110f, did you already try - file: {{ HOME_DIR }}/{{ APP_NAME }}/webapp/config ?
18:12 forrest Ryan_Lane, damn you and your usage of spaces
18:12 forrest bleh
18:12 forrest bleh
18:12 forrest you're passing your awful habits on
18:12 Ryan_Lane :D
18:12 forrest underscores people, underscores!
18:13 Ryan_Lane no way. it's nice when the ids read like documentation
18:13 forrest my ids do read like documentation
18:13 troyready joined #salt
18:13 forrest install_specific_package, start_specific_service, etc.
18:13 jslatts joined #salt
18:15 diegows joined #salt
18:21 aw110f http://pastebin.com/5C3ZdZfC this worked, gotta watch the other state that manages (file.recurse) the directory
18:22 mbroadhead_ joined #salt
18:22 aw110f Thanks forrest: and Ryan_Lane:
18:22 Ryan_Lane yw
18:23 Ryan_Lane aw110f: if you're fully managing the directory you probably want to also use the clean argument
18:23 Ryan_Lane otherwise it'll add/modify files, but never remove any
18:23 elfixit joined #salt
18:24 aw110f ah good to know
18:25 JasonSwi_ joined #salt
18:25 forrest aw110f, yeah np
18:29 martoss joined #salt
18:30 davet joined #salt
18:30 occupant joined #salt
18:32 Katafalkas joined #salt
18:34 rallytim_ joined #salt
18:35 kt766 hmm, what is the best way to match a condition like "apache is installed" then do "X" ?
18:36 forrest kt766, just use pkg.installed, then require:\n   - pkg: apache ?
18:36 forrest or do you not want to do that?
18:36 mway joined #salt
18:37 rallytim_ joined #salt
18:37 mway is it possible to use custom execution modules inside pillar?
18:37 berserk joined #salt
18:37 kt766 won't "require:\n - pkg: apache" install apache if it is not installed?
18:37 mway @kt766 no, that will only require a pkg.* state with the ID 'apache'
18:38 forrest kt766, well, coupled with the pkg.installed state it would
18:38 forrest kt766, you don't want to install apache?
18:38 kt766 it's already there, I just want to push out certain collected configuration if it is ...
18:38 rallytime joined #salt
18:38 kt766 s/collected/collectd
18:39 rojem joined #salt
18:39 forrest kt766, hmm, I feel like you might be approaching this the wrong way.
18:39 mway RE execution modules in pillar, the pillar 'salt' dict has all the builtin execution modules, but doesn't seem to pick up on ones provided through _modules in file_roots
18:39 kt766 forrest, probably!
18:39 forrest kt766, why would you not have a your specific app/configuration file states simply include the apache states?
18:40 forrest *no a
18:40 kt766 because it would be a lot more work than just matching against whether apache was installed or not? :)
18:41 kt766 (we are just getting started with salt here)
18:41 Ryan_Lane kt766: you should describe your entire system with salt
18:41 Ryan_Lane configuration management can't be done piecemeal
18:41 kt766 Ryan_Lane, we're working on it
18:42 Ryan_Lane it'll drive you insane :)
18:42 forrest kt766, has anyone talked to you yet about modular design with salt? Or have you looked at the best practices documentation?
18:42 SheetiS Ryan_Lane: so true.  I'm still trying to convince management of that around here.
18:42 forrest heh
18:42 forrest yeah the one downside
18:42 forrest all the things, or none of the things :P
18:43 joehoyle joined #salt
18:44 Katafalkas joined #salt
18:44 Thiggy joined #salt
18:46 thayne joined #salt
18:46 orion_ joined #salt
18:47 orion__ joined #salt
18:48 orion_ joined #salt
18:49 orion_ joined #salt
18:51 jalaziz joined #salt
18:52 Thiggy joined #salt
18:53 gnord left #salt
18:55 berserk joined #salt
18:56 tessellare joined #salt
18:56 tessellare left #salt
19:00 ml_1 joined #salt
19:02 Bertie_ joined #salt
19:03 davet joined #salt
19:09 rojem joined #salt
19:09 Urit joined #salt
19:10 joehoyle joined #salt
19:15 orion_ joined #salt
19:16 ipmb joined #salt
19:18 roolo joined #salt
19:18 kt766 joined #salt
19:21 thayne joined #salt
19:22 n8n joined #salt
19:22 kermit joined #salt
19:27 Sypher joined #salt
19:29 Urit Can anyone help me with the correct syntax for file.managed source with S3? I'm using masterless mode and the docs say I can do this: "Both HTTPS and HTTP are supported as well as downloading directly from Amazon S3 compatible URLs with both pre-configured and automatic IAM credentials (see s3.get state documentation)." but it sure doesn't look like s3:// is supported according to the code/results. I can do salt-call s3.get just fine, t
19:32 Katafalk_ joined #salt
19:33 possibilities joined #salt
19:36 KyleG joined #salt
19:40 jslatts joined #salt
19:40 KyleG joined #salt
19:40 KyleG joined #salt
19:41 forrest Urit, I'm not particularly familiar with the syntax, did you set up http://docs.saltstack.com/en/latest/ref/file_server/all/salt.fileserver.s3fs.html ?
19:42 Urit Since this is a masterless minion, no. Access works fine with a master and I would just use the salt:// syntax then.
19:42 gothix joined #salt
19:42 forrest Urit, gotcha
19:43 Urit I actually think that line in the docs is a flat out mistake, since I just went through the code and there is nothing that references S3 in any way in file.get_managed (in modules)
19:43 Urit Or, any way to load the S3 handler even
19:44 Urit The only way would be to go via salt:// and s3fs from what I can tell
19:44 berserk joined #salt
19:44 forrest Urit, you may be correct, if you can confirm that would you mind creating an issue so we can A. look at adding that feature and B. fix the docs?
19:45 Urit Sure
19:45 Katafalkas joined #salt
19:47 mgarfias is it possible for helium to build out EC2 VPCs?  I cant remember if that was supposed to happen or not
19:47 d2dchat joined #salt
19:48 pass_by_value joined #salt
19:49 bhosmer_ joined #salt
19:51 forrest mgarfias, I don't remember off the top of my head :\
19:52 forrest mgarfias, are you using salt-cloud?
19:52 aparsons joined #salt
19:53 mgarfias yes
19:53 mgarfias i'd like to automate the full build out if possible
19:54 aparsons joined #salt
19:54 forrest mgarfias, I thought that it was in for a while
19:54 forrest http://docs.saltstack.com/en/latest/ref/clouds/all/salt.cloud.clouds.ec2.html
19:54 forrest http://salt-cloud.readthedocs.org/en/latest/topics/aws.html
19:55 Ahlee anybody seen salt on windows eat up 64k tcp ports?  Looks like it got into a reboot loop
19:56 Ryan_Lane joined #salt
19:56 forrest Ahlee, lol
19:56 forrest that is all
19:56 Ahlee er, restart loop, was holding the TCP connections open for the timeout
19:56 mgarfias doesn't look like it :(
19:56 forrest manfred, are you around?
19:56 Ahlee forrest: yeah yeah yeah.
19:56 manfred yar
19:57 forrest manfred, is the EC2 VPC driver not in salt cloud?
19:57 forrest for helium
19:57 forrest manfred, I thought that it was in there
19:57 forrest but mgarfias is saying no dice
19:57 manfred no idea
19:57 forrest ok
19:57 forrest damn
19:57 forrest I was hoping you'd know so we didn't have to look at the code
19:57 forrest mgarfias, to the repo! :P
19:58 mgarfias at least its not ruby
19:58 pass_by_value left #salt
20:00 mgarfias only ref i see to vpc is in ec2.py in _request_eip()
20:00 mgarfias dont think that'll create a new VPC :)
20:01 forrest mgarfias, did you check develop?
20:01 forrest since the docs are still built from there, maybe there's a shift
20:01 forrest also, you're looking at the salt repo, not the salt-cloud repo right?
20:01 mgarfias ahhh
20:01 mgarfias correct, salt
20:01 forrest I accidentally confused someone when they were looking at the old repo a while back
20:01 forrest ok cool
20:01 mgarfias salt-cloud very clearly says depricated :)
20:02 mgarfias oh, was looking at develop :(
20:02 forrest mgarfias, I'd say make an issue then to add it, or get it documented if it does exist somewhere magical
20:04 pssblts joined #salt
20:04 mgarfias wait, didn't see this boto thing.
20:04 mgarfias oh nevermind
20:05 Ryan_Lane https://github.com/saltstack/salt/issues/15152 I'll buy someone a six-pack if they fix that for me :)
20:05 mgarfias looked for vpc and subnet
20:05 Ryan_Lane mgarfias: the boto_* modules aren't via salt-cloud
20:05 Ryan_Lane they're state and execution modules
20:05 mgarfias ooooooh
20:06 mgarfias ok, that makes sense
20:06 Ryan_Lane and you're expected to run them via salt or salt-call
20:06 mgarfias i guess i still ahve a chicken/egg problem
20:06 Ryan_Lane how so?
20:06 mgarfias i'd like to automate the build out
20:06 * Ryan_Lane is doing this right now
20:06 Ryan_Lane I really need to finish that blog post
20:06 Ryan_Lane (I wrote the boto_* modules)
20:06 forrest Ryan_Lane, lol
20:06 mgarfias i guess i could use salt-call to create it locally
20:07 mgarfias i was thinking i needed a master to create all the things
20:07 Ryan_Lane I run salt-call locally for orchestration
20:07 Ryan_Lane I run masterless
20:07 Ryan_Lane I publish artifacts to S3
20:07 * JasonSwi_ really seeing how slow vagrant can be vs docker....
20:07 Ryan_Lane and use IAM policies to allow nodes to access their artifacts in S3
20:07 mgarfias plese write this post
20:08 forrest lol
20:08 Ryan_Lane then the launch configuration for my autoscaling groups installs salt, pulls the artifacts, then runs salt-call state.highstate
20:08 forrest gonna need to grease Ryan_Lane's palm
20:08 Ryan_Lane :D
20:08 Urit Ryan_Lane: how do you get the nodes to get their stuff from S3? I actually was just asking about that
20:08 forrest some guy was asking me about the salt book yesterday on twitter
20:08 Ryan_Lane I make a public artifact for salt
20:08 Urit ahhhh
20:08 forrest I wanted to be like 'look man, I work 8 hours a day at my normal job, I would love to write more!'
20:08 Urit yeah I was trying to pull from a private bucket, that's the problem
20:09 Ryan_Lane it's a virtualhost, and it has all the python requirements in the vhost
20:09 forrest Urit, awesome
20:09 tcotav there's a salt book?
20:09 Ryan_Lane after pulling salt, it can pull everything else necessary since it has boto in its virtualenv
20:09 Ryan_Lane whoops. I meant to say virtualenv, not virtualhost
20:09 forrest tcotav, basepi is writing a 'closed source' one, I'm working on an open source one
20:10 forrest tcotav, but I only have two of 10-11 chapters 'done'
20:10 forrest I'm working on it, slowly
20:10 tcotav slaaaaaaaaaaaacker :-p
20:10 tcotav I should write a partially open one to split the difference
20:10 forrest tcotav, lol
20:11 Urit Ryan_Lane: so you download salt, get boto, then use boto pull the rest of the files in if they're in a private bucket, then basically just work off of a local copy of everything?
20:11 Ryan_Lane Urit: I pre-create a salt venv
20:11 Urit Close enough :)
20:11 Ryan_Lane with all the python dependencies needed
20:11 Urit Right
20:11 Ryan_Lane (which includes boto)
20:11 Ryan_Lane yep, that's exactly what I do
20:12 Ryan_Lane this is also my deployment process, too
20:12 Ryan_Lane I push in git hash artifacts
20:12 Urit ok, great. That actually helps a ton, thanks.
20:12 Urit I'm actually doing this the harder way (masterless windows minions, urk)
20:12 Ryan_Lane I pull them down and use links to point at the current one
20:12 Ryan_Lane ah. heh
20:12 jkaye joined #salt
20:12 Urit but it's effectively the same thing - pull files from private bucket, set up stuff,
20:15 ndrei joined #salt
20:17 basepi tcotav: forrest: there's also one coming out from O'Reilly that Tom is a coauthor on.
20:17 forrest basepi, oh really?
20:17 forrest that's cool
20:17 jchen whats it called i woudl get
20:18 forrest I wish it wasn't o'reilly, but whatever.
20:18 basepi forrest: don't like O'Reilly?
20:18 forrest basepi, no
20:18 tcotav basepi: that's very cool.  I'll have to pick it up.
20:18 kt766 most of their books are just filler, but a few are great
20:19 tcotav forrest: why not?  you don't like animals?
20:19 forrest tcotav, lol
20:19 kt766 the first several chapters are usually how to download and compile something
20:19 forrest tcotav, no, mostly I feel that 90% of the o'reilly books are super old school in how they teach
20:19 forrest they also go too in-depth on topics
20:19 kelseelynn joined #salt
20:19 basepi forrest: interesting. I think it depends very much on the book, I've had good and bad.
20:19 forrest basepi, totally could
20:20 * basepi goes afk
20:20 tcotav I guess I've spent more $$$ on packt than anything recently
20:20 forrest basepi, bye
20:20 forrest tcotav, yeah that's where basepi is publishing
20:20 vejdmn joined #salt
20:20 basepi tcotav: assuming everything happens as expected, mine will be packt
20:20 blarghmatey joined #salt
20:20 basepi Now I'm actually leaving. =P
20:21 tcotav basepi: nice -- they seem to have their stuff together and put out pretty tight books
20:21 tcotav basepi: later :)
20:21 vejdmn joined #salt
20:21 basepi Nice. =D
20:21 basepi Later.
20:21 forrest I just don't like the pricing
20:22 tcotav too much $$$, iyo?
20:22 forrest you can't realistically expect people to pay 40 bucks for a book, what about users in places like India and Russia? How can they afford the books?
20:22 tcotav I kind of agree there
20:22 forrest tcotav, I understand why they are expensive
20:22 forrest but still
20:22 forrest they're super niche
20:22 blarghmatey joined #salt
20:22 forrest so the chance you make a LOT of money is minimal
20:22 tcotav its a bigger problem in publishing, fwiw
20:22 forrest tcotav, yeah
20:22 tcotav but mostly, I agree with you.  I do okay financially and I'm still pretty picky about my book investments
20:22 forrest tcotav, as am I
20:23 kt766 oh the "Internet Core Protocols" and "DNS and BIND" were great books ...
20:23 tcotav unless I can get the company to pay and then I don't care so much :D
20:23 tcotav yeah, it seems like the older ora books were invaluable
20:23 tcotav but I haven't bought any new ones in quite some time
20:23 vejdmn joined #salt
20:24 tcotav I had multiple copies of the perl camel books
20:26 blarghmatey joined #salt
20:28 forrest I guess I just like very concise books
20:28 forrest I want to go from point A to point B
20:28 eightyeight ok. i have in interesting scenario: i have a backup server that runs backuppc. it has an /etc/backuppc/hosts config file to know what to back up
20:28 forrest so that's how I'm writing my book, everything you're doing has an overall goal of setting up functionality you would use.
20:29 eightyeight i would like all new salted servers by default, unless excluded, to get backed up to this server
20:29 forrest eightyeight, use the reactor
20:29 eightyeight is there something in salt where the backup server could query the master, asking for a lists of hosts to backup?
20:29 eightyeight forrest: checking
20:29 viq I would actually have said mine system
20:29 forrest viq, mine might work better in this scenario, I thought he was saying as soon as the system is provisioned
20:30 eightyeight so, on every highstate, the backup server gets the most up-to-date list of servers to backup
20:30 forrest it would kick off the reactor hook
20:30 eightyeight when the system gets provisioned, it highstates
20:30 forrest viq, I thought you went home?
20:30 viq Iam home :P
20:30 eightyeight but, i want the list updated on every highstate (which currently is every 4 hours)
20:30 forrest it's almost 11 in Germany
20:30 kt766 eightyeight, or you could set a grain on the minions to be backed up
20:30 aw110f joined #salt
20:30 forrest kt766, Yeah that could work as well.
20:30 eightyeight kt766: can the backup server get thos grains from the master?
20:31 viq forrest: that it is. I never claimed the hours I live by are sane :P
20:31 forrest viq, 2330 isn't that late, just a bit late to be on IRC
20:31 viq eightyeight: via mine or publish, yes
20:31 forrest viq, you should be doing something fun :D
20:31 eightyeight viq: can you point me to the docs on it?
20:31 viq forrest: yeah, upgrading my home router/server and thinking of reviving a remote box I build packages on ;)
20:33 viq eightyeight: moment, I have to find again which extension in firefox I need to convince to show the google search on the docs page :P
20:33 Katafalk_ joined #salt
20:33 forrest viq, sounds like a good place for some salt..
20:35 dude051 joined #salt
20:35 viq forrest: yeah, but I am right now in a bit uncomfortable situation of again having to figure out where to run it, as a dedicated server I had had a hard drive failure so I didn't renew it, and I don't know yet whether to get another one, and whether I'll be replacing my home router/server box
20:35 vejdmn joined #salt
20:35 forrest viq, ahh yeah that makes sense
20:36 forrest alright I've gotta head to a meeting
20:36 viq eightyeight: so here's some info about mine http://docs.saltstack.com/en/latest/topics/mine/
20:36 eightyeight viq: thx. also found https://stackoverflow.com/questions/17158665/how-to-get-a-list-of-all-salt-minions-in-a-template
20:36 viq eightyeight: and publish http://docs.saltstack.com/en/latest/ref/peer.html
20:37 bhosmer_ joined #salt
20:37 sectionme joined #salt
20:38 viq eightyeight: main difference is: publish will get you responses that are valid right this moment, so machines that are not responding at this instant will not be on the list; mine has cached data, so a machine you removed half an hour ago will still be on the list
20:39 savvy-lizard joined #salt
20:39 Katafalkas joined #salt
20:42 vejdmn joined #salt
20:44 savvy-lizard joined #salt
20:46 rannick joined #salt
20:53 FeatherKing is there an execution module to change the master on a windows minion
20:55 Ryan_Lane https://github.com/saltstack/salt/pull/15157 :(
20:55 dude051 joined #salt
20:56 dude051 joined #salt
20:56 spiette joined #salt
20:57 gzcwnk morning
20:57 gzcwnk :)
20:58 schimmy joined #salt
20:58 manfred Ryan_Lane: stop breaking salt :P
20:58 Ryan_Lane heh
20:59 Ryan_Lane I really need that bug fixed :(
20:59 Ryan_Lane I wonder if we could have a reload_grains global state argument as well?
20:59 manfred gotta find another way to load them.
21:00 Ryan_Lane realistically in my particular use case I need to reload the grains and not necessarily the modules
21:00 drawks hrm I have a weird issue. I wrote a an external pillar source. and it appears to work fine. I.E. salt '*' -t 60 -v test.ping
21:00 schimmy1 joined #salt
21:00 drawks returns from all hosts
21:01 drawks and pillar.items shows my pillar k:v set on all hosts
21:01 perfectsine joined #salt
21:01 drawks but if i try and use a coumpound target like salt -C 'I@roles:FOO2' test.ping it targets the correct hosts, but the minions never return
21:02 Ryan_Lane can someone re-open https://github.com/saltstack/salt/issues/15125 ?
21:02 Ryan_Lane since its fix was reverted?
21:03 aparsons joined #salt
21:03 Ryan_Lane oh
21:03 Ryan_Lane I can reopen it
21:04 dude051 joined #salt
21:05 Ryan_Lane hm. that test failure does look bad. it looks like states were reordered?
21:05 pentabular joined #salt
21:06 lietu joined #salt
21:07 dalexander joined #salt
21:08 berserk_ joined #salt
21:10 joehoyle joined #salt
21:12 viq joined #salt
21:16 Urit Is there any way to do a string replace in a jinja template? This doesn't seem to work because apparently "replace" is undefined despite it being a core thing according to jinja's template docs: {% set winpath=replace(item['Key'], '/', '\\') %}
21:17 babilen Urit: You'd use it like: ...|replace(...)
21:18 Urit hm ok, I tried it and it didn't work, but maybe I was doing it wrong
21:18 babilen "{{ "Hello World"|replace("Hello", "Goodbye") }}" is the example from the docs
21:18 Urit yes, but I'm doing it inside a {%%} block
21:18 Urit rather than {{}}
21:18 capitalfellow joined #salt
21:19 babilen So use "winpath=item['key']|replace('/','\\')"
21:19 Ryan_Lane1 joined #salt
21:19 Urit yeah, trying that now
21:19 n8n joined #salt
21:19 Urit huh, cool, that worked. I tried it before inside {{}} inside the {%%} and that didn't work obviously
21:24 tru_tru joined #salt
21:25 Katafalk_ joined #salt
21:27 sawgs joined #salt
21:28 orion__ joined #salt
21:33 Thiggy joined #salt
21:39 n8n joined #salt
21:45 snuffeluffegus joined #salt
21:45 bhosmer joined #salt
21:49 intellix joined #salt
21:51 Ozack1 joined #salt
21:52 JasonSwindle joined #salt
21:53 MatthewsFace joined #salt
21:54 kalessin joined #salt
21:54 ggoZ joined #salt
21:55 aparsons joined #salt
21:56 Corey http://www.theonion.com/video/salt-lake-city-hoping-to-boost-tourism-by-remindin,36744/ <-- Oh yes.
21:56 Katafalkas joined #salt
21:56 forrest Corey, no way man, I want to live right next to the steel factory or whatever it is 3 blocks from the capitol.
21:59 aw110f joined #salt
21:59 sectionme joined #salt
21:59 bezeee joined #salt
22:01 druonysus joined #salt
22:02 rannick joined #salt
22:05 kermit joined #salt
22:05 bray joined #salt
22:06 mhubbard joined #salt
22:07 mr_chris joined #salt
22:09 bray i have a collection of states i want to run when i call them explicitly using "salt state.sls foo". i also want foo (which includes other states) to conditionally be run when i call state.highstate - depending on e.g. the presence of a file on the minion. any ideas?
22:09 sectionme joined #salt
22:09 bezeee joined #salt
22:10 bray for example, the first time a minion is set up via state.highstate, i want foo to run, setting up some file. but all state.highstates after that shouldn't run foo since the file exists. but i still want to be able to run it explicitly by calling state.sls foo
22:15 MoonHead joined #salt
22:16 MoonHeadHead joined #salt
22:17 MoonHeadHead ?
22:18 rannick joined #salt
22:18 captzeb joined #salt
22:19 captzeb When was HAPROXY module added?
22:19 captzeb *haproxyconn
22:19 miles32 joined #salt
22:19 manfred 2014.7
22:20 viq joined #salt
22:20 captzeb Thanks!
22:21 ajprog_laptop joined #salt
22:21 forrest 2014.7 still isn't released as a heads up
22:22 manfred it is in rc1 though
22:22 manfred finally
22:22 forrest ?
22:22 forrest it's been there for a while
22:22 forrest where have you been?
22:22 forrest :P
22:22 manfred heh
22:25 miles32 somebody ought to update the haproxyconn page to say "not available in release yet even though this page looks all official documentationy"
22:25 manfred it says available in 2014.7
22:26 manfred oh
22:26 manfred it doesn't
22:26 manfred that should be added
22:26 miles32 boom
22:26 manfred i could have sworn I put that in when I wrote the module...
22:26 manfred ¯\(°_o)/¯
22:29 forrest manfred, damn you manfred
22:29 miles32 I should probably figure out how to refresh the haproxy without disconnecting anybody
22:29 miles32 that would suck
22:30 manfred https://github.com/saltstack/salt/pull/15162/files
22:32 miles32 now that's service
22:33 forrest manfred, you have too many dots
22:33 manfred not my fault, i coppied it from somewhere else... first result of git grep was wrong apparently
22:34 forrest should fix that one too
22:34 manfred salt/utils/schedule.py:    ... versionadded:: 2014.7.0
22:34 manfred salt/utils/schedule.py:    ... versionadded:: 2014.7.0
22:34 forrest weird.
22:34 manfred the only other instance of 3 dots in the whole repository... is the one I found
22:34 forrest good job
22:35 forrest fix both!
22:35 manfred done
22:35 miles32 so who does the actual pulling?
22:35 miles32 (learning moment)
22:35 manfred the saltstack employees
22:36 forrest yup
22:36 manfred and pedro
22:36 forrest pedro basically works for salt :P
22:40 miles32 I'm conflicted about doing the work for them
22:40 miles32 but then, I don't mind having it freely accessible
22:41 wackycaptain joined #salt
22:41 manfred don't even get me started :P
22:42 druonysus joined #salt
22:46 Urit there are so many things in 2014.7.0 I want to use :( webhooks, s3 clients
22:47 forrest Urit, well, the goal is to thoroughly test 2014.7.0
22:47 manfred webhooks can be used already?
22:47 manfred http://salt-api.readthedocs.org/en/latest/ref/netapis/all/saltapi.netapi.rest_cherrypy.html#saltapi.netapi.rest_cherrypy.app.Webhook
22:47 forrest so then people aren't getting screwed like previous releases
22:47 Urit Well, sorta, manfred
22:47 Urit I mostly want this thing: https://github.com/saltstack-formulas/ec2-autoscale-reactor
22:48 Urit and it doesn't seem to work with the salt-api thing pre-2014.7
22:48 manfred that won't work
22:48 Urit I know, forrest. I'm just griping because of cool features that aren't quite stable yet.
22:49 manfred because you need cloud_cache
22:49 manfred which i just helped add
22:49 forrest Urit, for sure, I'm not blaming you at all
22:49 DaveQB joined #salt
22:50 Urit Actually, I may as well just ask: What's a recommended way to let get autoscaled EC2 clients to get their keys accepted?
22:50 Urit using 2014.1
22:51 manfred there isn't a good way
22:51 manfred well
22:51 gzcwnk joined #salt
22:51 Urit What's the least-bad way? :D
22:51 manfred you could use cloud-init to send a webhook to the salt-master, that renders a reactor that accepts the key with wheel.key
22:51 Urit hm
22:52 manfred or you could modify that ec2-autoscale-reactor, to add another step to accept it
22:52 manfred that would be the way I would do it
22:52 manfred instead of telling it to bootstrap the server, just tell it to accept the minion
22:52 Ryan_Lane or you could write a reactor that just queries for the node via boto
22:52 manfred or that
22:53 bhosmer joined #salt
22:53 Ryan_Lane (and accepts it if it's valid)
22:53 Urit yeah, I can get salt installed fine via cfn-init, it's just the key acceptance that's the problem
22:53 manfred webhooks/salt-api
22:53 manfred the way to do it realtime
22:54 Urit actually, is there a reactor event fired when a minion first connects?
22:54 manfred other than that... scheduler that checks for new minions in the api, and check if they are trying to check in
22:54 manfred there is, but just an auth one
22:54 Urit May as well trigger on that
22:54 Ryan_Lane auth happens a lot
22:54 Urit point
22:54 manfred yeah, then go check the api, and if it is in there, and it isn't authed already
22:55 manfred but yeah, lots of those
22:55 Ryan_Lane you could call a webhook from the minion itself
22:55 Urit yeah, that's what I'd do probably
22:55 whiteinge we worked with a client that did this recently
22:56 jkaye joined #salt
22:56 Urit that also lets me put the hook call at a precise point
22:56 whiteinge we matched on the auth event and examined the event data for 'pend', then called a runner which made a boto call to sanity-check the new instance and accept the key if it looked ok
22:56 Urit (the point AFTER the salt client is installed)
22:57 scalability-junk joined #salt
23:02 Ryan_Lane whiteinge: last time I tried that I had major master instability
23:02 Ryan_Lane I guess it was a really old version of salt, though
23:02 rawzone joined #salt
23:02 ajprog_laptop joined #salt
23:02 Ryan_Lane I used the py renderer and tried making a call to LDAP to see if a node existed. it slowed things down so much that the master couldn't accept new auth requests
23:03 Ryan_Lane and then everything stopped working
23:03 Ryan_Lane I'd imagine I had all the threads in a waiting state
23:03 jsm joined #salt
23:05 g3cko joined #salt
23:09 whiteinge Ryan_Lane: yeah, the reactor use to call runners in the same process that other reactions were processed in so it would block. fixed now
23:09 Ryan_Lane oh. awesome
23:11 whiteinge the reactor still renders all the .sls files in a single process so you have to get that rendered as fast as possible (e.g., the #py renderer could still cause problems here), but the process that the reactor file kicks off is in a new worker process -- that should be true for wheel/runner/localclient
23:13 Ryan_Lane whiteinge: hm, so you shouldn't do the boto call in the renderer, then?
23:13 whiteinge Ryan_Lane: no
23:13 Ryan_Lane it should be a runner call that does the lookup and the wheel call to accept the key?
23:14 whiteinge exactly right
23:14 Ryan_Lane that's actually much easier
23:14 Ryan_Lane the reactor in that situation is very simple
23:14 miles32 what's the upgrade path for masters/minions, can they be done on an as available basis or do I need to do it all at once. Or just spool up a new master for upgraded clients to transition too
23:15 Ryan_Lane in fact, you don't need a #!py reactor, then
23:15 whiteinge yeah, it keeps the reactor .sls files clean and forces you to put the real work in reusable modules
23:15 whiteinge or reusable sls files (orchestrate or state files)
23:16 Ryan_Lane maybe soon I'll write a boto autoscale reactor
23:16 Ryan_Lane it sounds simple enough
23:16 whiteinge cool
23:16 Ryan_Lane are events documented anywhere, or is it necessary to listen for them and print them?
23:16 dalexander joined #salt
23:17 forrest oh whiteinge since you're around. Is there any way to mimic the reactor on masterless minions? Manfred was suggesting using the vent system.
23:17 forrest *event
23:17 whiteinge Ryan_Lane: (not comprehensive) http://docs.saltstack.com/en/latest/topics/event/master_events.html
23:17 Ryan_Lane oh. nice
23:18 manfred forrest: i said... you could use it... if you wrote something to listen to the eventsystem on a minion, which nothing currently does in salt
23:18 manfred :P
23:18 Ryan_Lane hm. do you get IP address info with the events?
23:18 forrest manfred, I didn't feel like typing all that
23:18 forrest manfred, JEEZ :D
23:18 whiteinge i've been thinking it would be nice to be able to call execution/wheel/runner modules from orchestrate files. that would let you write complex reactor things without having to write python
23:19 whiteinge Ryan_Lane: it varies by salt-cloud provider afaik
23:19 Ryan_Lane I'm not using salt-cloud ;)
23:19 Ryan_Lane I mean the auth event
23:19 whiteinge oh. no
23:19 whiteinge only the id and pubkey
23:20 Ryan_Lane so an attacker that knows boto names could generate an auth event and I'd be owned
23:21 whiteinge trying to remember how we got the IP
23:21 Ryan_Lane I think with salt cloud the webhook gives you an IP
23:22 Ryan_Lane then salt-cloud uses ssh to connect to the minion
23:22 Ryan_Lane which installs salt, then it generates a minion request, which is accepted on the master
23:23 whiteinge yeah. and you have something similar with the salt-api webhook and SNS
23:23 whiteinge (looking at the code)
23:23 baconbeckons joined #salt
23:23 whiteinge bah, now i remember. we had minions connecting through a VPN and we were keying off the VPN creds
23:23 Ryan_Lane why isn't IP available in all events?
23:24 whiteinge so my suggestion to Urit was half-baked. (sorry)
23:24 baconbeckons i’m testing my salt code and it is very slow when i run salt-call state.highstate. i think that this is partially because it always running apt-get update among other things. is there a way to speed this up for when i’m trying to test my salt states?
23:25 whiteinge Ryan_Lane: i think that would be a nice addition for certain events. (for already-authed minions we have the grains cache)
23:27 whiteinge forrest: (missed your question) with masterless minions you're not running the minion daemon, right?
23:28 forrest whiteinge, It's running
23:28 rannick joined #salt
23:29 whiteinge what all does that buy you? the scheduler. what else?
23:29 whiteinge (i haven't put much thought into running in this config)
23:29 forrest Uhh that's all I can think of, this is just for my shitty little blog server
23:29 forrest so I was hoping to avoid installing the master if there was a way to make it work
23:30 * whiteinge nods
23:30 Ryan_Lane without the master sshing into a node I can't see how it's possible to verify a node is who it says it is...
23:30 Ryan_Lane sigh
23:33 Ryan_Lane hm. I wonder if an instance can update its own tags and only its own tags
23:33 Urit Even if the master sshes in, it won't have seen the key before Ryan_Lane
23:33 Urit so I'm not sure that it could say it truly is that node or not
23:33 Ryan_Lane Urit: you'd do a boto lookup for the name
23:33 bhosmer_ joined #salt
23:33 Ryan_Lane then ssh into the IP address associated with it, then check the public key
23:33 Urit right but if you're already spoofing boto...
23:34 Ryan_Lane you wouldn't be spoofing boto
23:34 Urit ah I see where the chain of trust is
23:34 Ryan_Lane if node x can search for tags (which is common, since you can't limit tag searches to a specific resource), node x could make an auth request for a new node
23:34 Urit right
23:34 Ryan_Lane before it's up
23:36 drawks argggg having an embarassingly hard time troubleshooting a few salt issues
23:36 Ryan_Lane another approach would be to put a token into the launch configuration, then to make a webhook from the node that included the token
23:36 drawks i made an external pillar module and it seems to work fine if i run salt in the forground. but when it is daemonized salt reports an err2 file not found whenever i attempt to collect pillar items
23:37 Ryan_Lane meh. too much work
23:37 yomilk joined #salt
23:39 drawks aha! figured it out
23:40 mpanetta Hey, have any of you used the salt cloud states yet?
23:41 bhosmer joined #salt
23:44 manfred yes
23:44 manfred i helped write parts of it
23:44 manfred what info are youlooking for?
23:46 mapu joined #salt
23:46 whiteinge Ryan_Lane: are you making use of the reactor somewhere besides $DAYJOB since you're running masterless there?
23:47 Ryan_Lane I'd like to run a master for remote execution
23:47 whiteinge ah
23:47 Ryan_Lane and reactors and such
23:47 Ryan_Lane and maybe salt-api
23:48 manfred if only someone would make something use the minions event system ...
23:48 * forrest looks at manfred
23:48 manfred i am working on something tonight already :P
23:49 * forrest watchs manfred slowly, but eagerly raise his hand
23:49 avi__ joined #salt
23:49 manfred fine
23:49 forrest :P
23:49 forrest nah don't do it if you don't want to man
23:49 forrest I'm just messing with you
23:49 avi__ Hi, I'm doing a study on topics of bug reports (issue reports, some related to salt stack) and I am looking for volunteers for a 10 minute survey. If you're interested just msg me and I can email it to you or give you a URL.
23:52 mhubbard joined #salt
23:57 delinquentme joined #salt
23:57 delinquentme Does salt carry some kind of functionality to report on how long it took for a requested server to spool up + when its actually answering back to salt-master?

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary