Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-09-21

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:18 jslatts joined #salt
00:24 iamtew oh joy, here I've been swearing for hours why I can't get the lxc provider working on my machines, and now I see I'm running an older version :|
00:25 * XenophonF empathizes.
00:26 ph8 joined #salt
00:26 iamtew so, seems like latest in EPEL is 2014.1.10, so how would go about installing 2014.7.0? using "pip install..." perhaps?
00:27 kingel joined #salt
00:27 XenophonF latest on pypi is 2014.1.10
00:28 XenophonF https://pypi.python.org/pypi/salt
00:29 iamtew right, I see. do I need to install it manually from the git repo then?
00:29 XenophonF instructions at http://docs.saltstack.com/en/latest/topics/releases/releasecandidate.html
00:30 iamtew ah right, the bootstrap script. I'll give it a go, cheers :)
00:31 XenophonF good luck!
00:31 XenophonF IIRC masters have to be upgraded before minions, but don't quote me on that
00:32 iamtew no worries, I'll just run this on a test vm
00:32 * XenophonF nods.
00:32 iamtew breakage expected and encouraged!
00:32 iamtew as we say in the office.. :)
00:32 * XenophonF grins.
00:32 * XenophonF enjoys the third person perhaps a little too much.
00:33 * iamtew finds the third person does give a new perspective on things
00:33 * XenophonF is about to start a Windows build of v2014.1.10.
00:35 XenophonF On which O/S are you testing the Salt RC, iamtew?
00:37 mrlesmithjr joined #salt
00:38 mrlesmithjr joined #salt
00:39 iamtew XenophonF: centos7
00:41 iamtew haven't used salt so much, been trying to get some time over the last couple of weeks to sit down with it.. so now finally this weekend I had a couple of hours to kill, so finally getting my head around most of the basics :)
00:41 dccc joined #salt
00:41 XenophonF cool!
00:42 XenophonF I'm running it on FreeBSD and CentOS 7, myself.
00:42 iamtew I have an old desktop computer acting as home "server", but I want to run multiple things on it in containers, it's not powerful enough for virtual machines
00:42 XenophonF The LXC stuff sounds really interesting.
00:42 XenophonF I've been meaning to dive into it.
00:42 iamtew and the lxc provider looks sweet, as I can easily run a "complete" OS in a lxc container
00:42 XenophonF I've been using jails on FreeBSD for a long time, and I'd love to see how LXC compares.
00:43 iamtew contrary to docker, which seems more about single services.. not my cup of tea
00:43 rawtaz hm, there's no ssh-salt port for freebsd :<
00:43 iamtew I haven't touched any of the BSD's in long time.. we ran a lot of NetBSD in the early 2000's when I was doing sysadmin at a school
00:44 XenophonF salt-ssh got merged into salt IIRC
00:44 XenophonF but I can't get it to work for regular keyboard auth
00:44 rawtaz XenophonF: you have jails in freebsd, as you probably know (speaking of containers)
00:44 holms how can i restart service? that relaod option doesn't work
00:44 holms and i can't use watch in here
00:44 iamtew back then we ran our servers on NetBSD and Slackware and rolled it with CFengine :)
00:45 rawtaz XenophonF: yeah, and if i install that it'll pull in zeromq and other stuff that i dont need or want, thats why im looking for the ssh-specific package :)
00:45 rawtaz XenophonF: hm but if it got merged then i might be looking in vain i guess
00:45 XenophonF yow, NetBSD and Slackware!  I cut my baby teeth on them.  :)
00:45 rawtaz iamtew: thats nice to hear :)
00:46 XenophonF ah gotcha rawtaz
00:46 XenophonF I've met Pat Volkerding.  He's a great guy.
00:47 rawtaz XenophonF: do you remember where you saw that salt-ssh was perhaps merged into the regular salt packages?
00:47 rawtaz oh nice
00:47 rawtaz yeah slackware to me is the oldest still actively maintained linux distro. much respect for that.
00:47 XenophonF rawtaz, let me check svnweb.  i think it was this summer.
00:47 rawtaz very nice of you, thanks :)
00:47 holms XenophonF: maybe you can help me a bit :)? i'm unable to restart service with this code: http://i.imgur.com/k2FvKMT.png
00:47 rawtaz i guess that if it was then distros probably wont bother to have a separate salt-ssh on their own
00:49 XenophonF sure hang on a sec holms
00:50 XenophonF rawtaz, maybe i'm conflating your question about salt-ssh with the sysutils/py-salt and sysutils/py-salt-cloud merge
00:50 rawtaz oh, perhaps :)
00:50 rawtaz i think the debian repo has a separate salt-ssh package
00:51 XenophonF hm, i'm all sorts of confused b/c i still see a separate salt-cloud in ports
00:51 XenophonF maybe it's an old version, 0.8 something
00:52 rawtaz hm i dont. i just see salt and salt-api in http://www.freshports.org/search.php?query=salt&amp;search=go&amp;num=10&amp;stype=name&amp;method=match&amp;deleted=excludedeleted&amp;start=1&amp;casesensitivity=caseinsensitive
00:52 XenophonF my ports tree is likely outdated
00:52 XenophonF i switched to poudriere a while back
00:52 XenophonF sysutils/py-salt is dependent on sshpass
00:52 rawtaz ah yes, thats true. 0.8 ones
00:52 XenophonF hey i gotta split but holms, i'll check on your issue later
00:52 XenophonF brb
00:53 rawtaz thanks XenophonF, take care :)
00:54 holms anyone
00:54 holms can help me with service reload?
00:54 holms must be simple
00:54 rawtaz holms: what are the symptoms of the problem?
00:54 holms there's default nginx config
00:54 holms which is removed
00:55 holms and it's obviosly service is not restarted
00:55 holms http://i.imgur.com/k2FvKMT.png
00:55 iamtew XenophonF: yeah, same here, got started with slack.. after a few years and new jobs, bigger deployments, I've shifted towards centos
00:56 rawtaz iamtew: do you like centos7 or do you like so many others think it's horrible? :)
00:56 rawtaz lots of peeps dont like systemd for example, it seems
00:56 iamtew ah yes, systemd.. well, I've been running fedora on my laptops for the last few years so I'm so used to systemd
00:56 iamtew I quite like the service management of it, but I'm not so pleased to see that it's brining the whole kitchen sink with it..
00:57 iamtew there's this one though, so there might be hope! http://uselessd.darknedgy.net/
00:57 holms *sigh* well i guest cmd.run will do then
00:57 rawtaz kind seems to be straight against the unix philosophy :)
00:57 iamtew rawtaz: I haven't ran centos7 in production really, so I'm sure I will find plenty of things to complain about then :)
00:57 rawtaz iamtew: whats the kitchen sink you talk about?
00:57 rawtaz mm
00:59 iamtew rawtaz: well systemd is not only a new init anymore, all the extra thing they put in there like hostnamed, logind, localed, systemd-fsck..
01:00 rawtaz i see
01:00 holms how do you restart nginx in salt =/
01:00 holms without watch
01:02 * rawtaz &
01:21 oz_akan joined #salt
01:34 iamtew ugh.. so I ended up spinning up a fresh machine, installing the 2014.7.0rc2 candidate, copy/pasted settings from here: http://makina-corpus.com/blog/metier/2014/salt-cloud-can-now-spawn-lxc-containers-or-how-saltstack-made-lxc-containers-managment-easy/
01:35 iamtew and it tells me it succeeds, but I can't see the container running..
01:35 iamtew how annoying
01:35 iamtew more hacking tomorrow, too tired.. *yawn*
01:36 iamtew g'night
01:46 mpanetta joined #salt
01:46 bhosmer joined #salt
01:46 mpanetta joined #salt
01:48 ilbot3 joined #salt
01:48 Topic for #salt is now Welcome to #salt | 2014.1.10 is the latest | Help us test the 2014.7 RC! http://bit.ly/salt-rc | SaltStack is hiring! http://www.saltstack.com/careers | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
01:52 mrlesmithjr joined #salt
01:53 jut joined #salt
02:00 TyrfingMjolnir joined #salt
02:16 kingel joined #salt
02:20 XenophonF hey holms you still around?
02:20 holms yeah
02:20 holms just used cmd.run for now
02:20 holms couldn't find how this would work otherwise
02:21 XenophonF so you have nginx installed by default, and then you have a package installed, or something?
02:21 XenophonF i'm a little confused
02:21 holms http://i.imgur.com/k2FvKMT.png
02:21 holms that's about it
02:21 holms after copying configs
02:21 holms this directive doesn't reload nginx
02:22 holms and i cant' use `watch` in here
02:23 XenophonF why can't you use "watch"?
02:23 XenophonF that's exactly what you need to do
02:23 holms requirement is to take
02:23 holms configs from repo
02:23 holms and copy them to location
02:24 holms so basically i'm cloning git repo
02:24 holms and with cp command, copying files to location
02:24 holms that's the only way now
02:24 holms in ansible you have notify subdirective which does something
02:24 holms under any directive
02:24 XenophonF salt has the same concept
02:24 holms in here seems to be it's not designed to be more flexible on this
02:25 XenophonF that's exactly what watch does
02:25 holms so you can watch something except files?
02:25 XenophonF yes, definitely
02:25 XenophonF hang on let me give you a real example from my salt states
02:25 XenophonF just a sec
02:25 holms let's say i have copy_v2engine_nginx_configs:
02:25 holms directive ) that's my id name
02:25 holms under it, there's cmd.run
02:26 holms how can i "watch" when this will be called?
02:26 XenophonF - watch:
02:26 XenophonF - cmd: copy_v2engine_nginx_configs
02:26 holms hmz
02:26 holms question is how to know what to specify instead of 'cmd'
02:26 holms or what does cmd represents )
02:27 XenophonF well, you can only have one cmd state with the name copy_v2engine_nginx_configs
02:27 holms or you always need to know if it's cmd or file or pkg?
02:27 XenophonF you always need to know
02:27 holms okay
02:27 XenophonF hang on let me show you how i do it with apache
02:27 holms and does this
02:27 holms directive which will have watch subdirective
02:28 holms should be before or after directive which will be watched?
02:28 holms or it doesn't matter?
02:28 hotbox joined #salt
02:29 XenophonF the order of directives within the SLS file don't matter
02:29 XenophonF the order of the directives within the watch: clause don't matter
02:29 XenophonF Salt automatically builds the dependency tree for you.
02:29 QuinnyPig XenophonF: Uh... that's not true. :-)
02:29 holms and something like - cmd: copy_*_nginx_configs would be nice, i have few of them in loop
02:29 XenophonF like Make
02:29 QuinnyPig XenophonF: As of 0.17 it's lexigraphically deterministic. States execute top down.
02:30 XenophonF thanks for the correction, QuinnyPig, I didn't know that and have been assuming it's indeterminate
02:30 pviktori_ joined #salt
02:30 XenophonF and coding appropriately ;)
02:30 XenophonF ok holms, here's apache/map.jinja
02:30 XenophonF https://bpaste.net/show/32d025857588
02:30 QuinnyPig XenophonF: No worries. It used to be that way. :-)
02:31 XenophonF and here's apache/init.sls
02:31 XenophonF https://bpaste.net/show/36ccad85600a
02:31 holms i see
02:31 lionel joined #salt
02:32 borgstrom joined #salt
02:32 holms thanks for clarifying :)
02:32 holms thing this will do then
02:32 CryptoMer joined #salt
02:33 XenophonF and here's apache/mod_security.sls
02:33 XenophonF https://bpaste.net/show/5612e3946c01
02:33 XenophonF which includes a git example for you
02:33 XenophonF and here's apache/mod_ssl.sls
02:34 XenophonF https://bpaste.net/show/239b8d6d2c47
02:34 XenophonF last but not least
02:34 XenophonF here's apache/vhosts.sls
02:34 XenophonF https://bpaste.net/show/cd9e2e4c92f5
02:35 holms hmz
02:35 XenophonF so i make heavy use of require, watch, require_in, and watch_in to ensure proper dependency ordering
02:35 aurynn joined #salt
02:36 XenophonF basically, if any of the required packages rev
02:36 XenophonF or if any config file changes
02:36 XenophonF or if the git checkout changes
02:36 XenophonF or whatever
02:36 XenophonF the apache service will get restarted
02:37 XenophonF i also do the git checkout directly into /usr/local/etc/apache24 (config dir on FreeBSD)
02:37 XenophonF so i don't have to check out then move files around
02:37 n8n joined #salt
02:37 XenophonF fewer moving parts, which feels safer to me
02:38 redondos joined #salt
02:40 XenophonF there are a few places where i conditionally require pkg: apache (who knows---maybe there's a platform where apache comes installed by default), but i'm slowly replacing them with absolute references to file: apache (which will always be there, because i'm always going to push that general apache config file)
02:40 spookah joined #salt
02:41 XenophonF if you were to graph the dependency tree, it'd look like a short root made out of pkg: apache and file: apache, branching out widely to most of the other apache-related states, then converging all on service: apache via mostly watches (which will signal apache to restart)
02:41 aurynn left #salt
02:41 XenophonF basically, in salt, if the state signals that it changed for whatever reason, the watching state will do/re-do whatever it is that it does
02:41 holms impressive :)
02:41 XenophonF and that's generic, if I understand it correctly
02:42 XenophonF this is the key bit of documentation
02:42 XenophonF http://docs.saltstack.com/en/latest/ref/states/requisites.html
02:43 XenophonF i haven't really used prereq (mentioned at above URL) yet
02:43 XenophonF oh haven't seen the 2014.7.0 stuff yet either
02:43 XenophonF onfail, onchanges, etc.
02:43 XenophonF interesting
02:45 XenophonF holms, thanks for the complement
02:45 XenophonF this is v2 of my apache state
02:45 XenophonF i'm working on v3
02:45 holms XenophonF: your welcome :) most important part in here is not overdoing things
02:46 holms someone after you will want to kill you if things becomes messy
02:46 XenophonF which replaces the vhost templates with file accumulators
02:46 XenophonF yeah
02:46 holms i'm kind'a wondering. sls-cloud vs boto..
02:46 holms any opinions?
02:46 XenophonF well part of the reason for the complexity is that i'm trying to write a replacement for apache-formula
02:46 holms ah that how it is
02:46 holms i think for formulas that's accetable :D
02:46 XenophonF someone else will have to take that one, because i don't use either
02:47 XenophonF yeah, for the formula too i want to be able to extend the apache formula with formulas for other web apps
02:47 XenophonF like (hypothetically---dunno if these already exist) owncloud-formula or django-cms-formula or plone-formula or whatever
02:48 XenophonF in theory, i could have a file: owncloud_vhost_www.example.com_conf state that extends the file: apache_vhost_www.example.com_conf state via an accumulator
02:49 XenophonF so you'd get a stock vhost config with stuff like servername, serveraliases, sslcertificatefile, etc.
02:49 XenophonF then have whatever else you need added to make that web app work with apache
02:52 XenophonF holms, did any of that help?
02:52 holms ofcourse
02:52 holms it works
02:52 holms :)
02:52 XenophonF sorry, i can kind of get carried away a little :)
02:52 XenophonF good glad to hear it works
02:52 holms thanks for that
02:54 kermit joined #salt
02:57 ramishra joined #salt
02:57 catpig joined #salt
02:58 XenophonF well this is driving me crazy, salt.states.group.present's "addusers" argument isn't working for me
02:58 XenophonF maybe because this is freebsd...
03:08 anotherZero joined #salt
03:12 XenophonF oh duh, of course it's because this is freebsd
03:13 XenophonF that must have been why i had a patched copy of the groupadd module in states/_modules :-/
03:13 XenophonF hopefully i have a backup copy...
03:13 otter768 joined #salt
03:14 wnkz joined #salt
03:18 ramishra joined #salt
03:33 bhosmer joined #salt
03:39 mrlesmithjr joined #salt
04:02 bhosmer joined #salt
04:03 snuffeluffegus joined #salt
04:05 kingel joined #salt
04:11 mrlesmithjr joined #salt
04:28 pdayton1 joined #salt
04:35 ramishra joined #salt
04:46 ramishra joined #salt
05:02 catpigger joined #salt
05:05 pdayton joined #salt
05:16 aquinas joined #salt
05:16 aquinas_ joined #salt
05:18 ramishra joined #salt
05:22 ramishra joined #salt
05:22 SheetiS joined #salt
05:22 bhosmer joined #salt
05:26 snuffeluffegus joined #salt
05:32 ramishra joined #salt
05:33 ramishra joined #salt
05:51 kingel joined #salt
05:59 catpiggest joined #salt
06:16 felskrone joined #salt
06:32 ramishra_ joined #salt
06:39 laxity joined #salt
06:42 anitak joined #salt
06:47 n8n joined #salt
06:50 n8n joined #salt
06:53 Sweetsha1k joined #salt
07:04 zergutzu joined #salt
07:06 blackhelmet joined #salt
07:11 bhosmer joined #salt
07:17 zergutzu joined #salt
07:20 zergutzu_ joined #salt
07:31 zergutzu joined #salt
07:34 SheetiS joined #salt
07:37 kingel joined #salt
07:38 ifmw joined #salt
07:43 oyvjel joined #salt
07:55 kingel joined #salt
08:06 agend joined #salt
08:35 claytron joined #salt
08:50 zergutzu joined #salt
08:52 kiorky joined #salt
08:52 knot left #salt
09:00 bhosmer joined #salt
09:00 peno joined #salt
09:02 intellix joined #salt
09:04 yomilk joined #salt
09:10 yomilk joined #salt
09:27 bhosmer joined #salt
09:28 zergutzu joined #salt
09:32 felskrone joined #salt
09:36 zergutzu joined #salt
09:37 viq joined #salt
09:55 bhosmer joined #salt
10:01 kingel joined #salt
10:11 anitak joined #salt
10:14 mechanicalduck_ joined #salt
10:18 sectionme joined #salt
10:23 n1ck3 joined #salt
10:28 kingel joined #salt
10:46 peters-tx joined #salt
10:49 bhosmer_ joined #salt
10:58 n1ck3 Hey everyone. I was wondering if anyone could point me in the right direction. I am on an OS X minion and trying to use pkg.installed and it is failing. Full output here: http://pastebin.com/EXx7ZZzY. I have tried googling it without any luck. Has anyone else run into this?
11:30 huleboer joined #salt
11:41 mechanicalduck joined #salt
12:06 ramishra joined #salt
12:09 ramishra_ joined #salt
12:10 active8 joined #salt
12:10 CeBe joined #salt
12:15 bmonty joined #salt
12:18 kingel joined #salt
12:23 mrlesmithjr joined #salt
12:30 ramishra joined #salt
12:38 bhosmer_ joined #salt
12:38 acabrera joined #salt
12:50 derelm joined #salt
12:51 kingel joined #salt
13:07 pdayton joined #salt
13:27 kingel joined #salt
13:36 blackhelmet joined #salt
13:37 ndrei joined #salt
13:37 ndrei_ joined #salt
13:38 SpX joined #salt
13:39 TOoSmOotH joined #salt
13:45 bmonty joined #salt
13:46 rypeck joined #salt
13:56 zergutzu joined #salt
14:01 jslatts joined #salt
14:05 acabrera joined #salt
14:07 bmcorser joined #salt
14:16 rawtaz feedback: in http://docs.saltstack.com/en/latest/topics/installation/freebsd.html#post-installation-tasks under the rc.conf code snippet, you probably want to remove the "+ " at the beginning of that code line. people should preumsably not add that plus and space character
14:17 Ancient joined #salt
14:18 ckao joined #salt
14:23 TOoSmOotH joined #salt
14:27 bhosmer_ joined #salt
14:33 StDiluted joined #salt
14:33 bhosmer joined #salt
14:35 duruk joined #salt
14:37 martoss joined #salt
14:37 TOoSmOotH joined #salt
14:37 fii joined #salt
14:38 fii Evening all
14:39 fii Added Salt to theforeman and when I run foreman-node I see the ENC. Also able to run salt via theforeman
14:39 ndrei joined #salt
14:39 fii Only problem is I don't see any salt modules/states in theforeman
14:39 fii Wondering if there's anything else we need to do plzz
14:42 n1ck3 joined #salt
14:43 martoss left #salt
14:46 rawtaz how does version numbers work in salt? there's references to versions like 0.17.0 in the docs, but in other places there's references to versions like 2014.1.10 and 2014.7.0rc2. how should one know how they relate?
14:47 ramishra joined #salt
14:47 iamtew rawtaz: check these pages, http://docs.saltstack.com/en/latest/topics/releases/version_numbers.html && http://docs.saltstack.com/en/latest/topics/releases/
14:48 rawtaz hmm. thanks a lot. must have missed that when i checked the toc
14:48 rawtaz this makes it clearer
14:49 iamtew understandable, the ToC is like 300km long :P
14:49 rawtaz haha :D
14:49 ninkotech__ joined #salt
14:53 rawtaz ive been digging into salt over the past couple of days, but honestly i think that for small environments where you dont need or want a master-minion setup, and where you want a push model like salt-ssh, and where you dont want to run salt as root, ansible is unfortunately WAY WAY easier to get going with
14:54 viq rawtaz: why wouldn't you want to run master-minion setup?
14:54 rawtaz viq: why would i want to have a dedicated master?
14:54 rawtaz i have no reason to have it that way. it's just an unnecessary additional dependency
14:54 viq Because it makes things much easier and consistent, I would say
14:55 rawtaz at the cost of depending on an additional node being the server
14:55 viq But I guess I see your point
14:55 babilen rawtaz: Any node can be the master.
14:55 babilen (just saying)
14:55 rawtaz i have a small use case. i just want to automate/orchestrate the few machines i manage in various places (theyre all spread out really). so to me the cleanest and simplest is if i can just have a repo with my states/playbook, and run them from/on my laptop or wherever i want to
14:57 rawtaz ansible's way where you just clone its git repo to have ansible, and then just write a playbook (Storing it anywhere), and then just run ansible and it reaches out to the nodes over ssh to do its work, is way simpler than with salt where there are limitations to salt-ssh (at this point, its evolving of course), and where you install salt as root and have to do additional configuration to make it run as non-root
14:57 babilen rawtaz: Don't get too hung up on the master/minion setup. IMHO it really doesn't matter that much. I'd recommend to implement the technically most challenging setup with both and then compare your solution. You will have a much better idea as to which one you like.
14:57 rawtaz it just seems overly complex for small use cases (and i think the root by default is annoying)
14:57 kingel_ joined #salt
14:57 fii rawtaz: Have you tried pxe booting servers with ansible ?
14:57 toastedpenguin joined #salt
14:57 rawtaz fii: no
14:58 iamtew rawtaz: download this formula and run your own computer as master? https://github.com/saltstack-formulas/salt-formula
14:58 iamtew :D
14:59 rawtaz iamtew: yeah but then this lappy has a role of a master, so when i move around and i might want to tweak stuff on another machine ill have to make a master install on that one just to run salt from there instead
14:59 babilen There was a *really* in-depth comparison of Ansible and Salt somewhere written by someone working on moderately complex setups. It was publicised in this community a while back, but I can't quite remember it.
15:00 rawtaz let me put it this way; the "management node" should be wherever i move or have the state files :)
15:00 iamtew babilen: talking about the blog post from the guy working for Lyft?
15:00 babilen rawtaz: I would *much* rather investigate is what you want to automate/orchestrate can be done easily with both.
15:00 babilen iamtew: That might very well be it, yes.
15:00 rawtaz babilen: i think that in a more complex environment, especially where there's total sense in running one or more servers, and it's within one organization, salt is definately the beter in the long run :)
15:00 iamtew this one, http://ryandlane.com/blog/2014/08/04/moving-away-from-puppet-saltstack-or-ansible/
15:01 iamtew got quite a lot of attention when it was posted
15:01 rawtaz for example i love the PyObjects renderer <3
15:01 rawtaz ansible's playbooks dont have separate renderers, thats a big downside to it
15:01 rawtaz yeah that article is good
15:01 babilen iamtew: Yes, perfect. I saw it everywhere for some time, but for some reason my google-fu just failed me :)
15:01 ninkotech joined #salt
15:02 rawtaz :)
15:02 babilen rawtaz: I write a lot in Python (pillars and, less so, states) these days. I love that salt is so easily extendable.
15:02 rawtaz yeahh
15:02 fredvd joined #salt
15:02 babilen Anyway, you should naturally use the tool that makes the job at hand easiest. If that is Ansible then so be it.
15:03 rawtaz im just annoyed by the fact that it's built to run as root by default, that it requires non-standard configuration to not do so, that salt-ssh is a second citizen so far, and that it has more dependencies and you "must" install a master if you want it to work fully
15:03 rawtaz babilen: both have their pros and cons :)
15:03 rawtaz but you are right in that. and that one should give both a shot before deciding
15:04 rawtaz i appreciate the discussion. thats why i ventilated in the first place, to hear your input :)
15:05 iamtew yeah I didn't really get in to ansible
15:05 rawtaz i do have the possibility to set up a server to be the master, but it makes me uncomfy to involve several different organizations on it, creating that dependency, and also it just feels unnecessary since imo the "push your states from anywhere you want" seems to be the minimalistic and simplest approach
15:05 rawtaz i think once salt-ssh is complete it's basically good to go. then its just the root thing left, and it can be worked around
15:06 rawtaz iamtew: dont ;) it's too easy to get started with that you might start liking it :-)
15:06 TOoSmOotH joined #salt
15:06 iamtew shoouldn't you just be able to install salt-minion and use salt-call?
15:06 rawtaz but youll probably be annoyed when you are stuck with jinja in your playbooks
15:06 rawtaz iamtew: you mean masterless minions?
15:06 iamtew yeah
15:07 iamtew rawtaz: I got annoyed with ansible when I had to update my server list and include all servers and different settings etc..
15:07 rawtaz iamtew: that part you dont need to do with salt due to it having set itself up with the master i take it?
15:08 iamtew yeah I do something like "yum install -y salt-minion && echo "master: master.hostname.tld" > /etc/salt/minion && systemctl start salt-minion.service"
15:08 iamtew and done
15:09 rawtaz iamtew: but salt-call is something that should be run on that minion, right? so it's not really "management node commanding minion"?
15:09 iamtew rawtaz: yes, salt-call is like salt, but executes your state on the node you executed it on
15:09 rawtaz salt definately seems easiest with a master :)
15:09 iamtew I made these tiny scripts to test a master-minion setup quickly: https://github.com/iamtew/kvickstart-saltstack
15:10 rawtaz iamtew: yeah. and the state stuff needs to be on that minion. so essentialy if i want to control a masterless minion from my lappy, keeping the state stuff on the lappy, i will need to coordinate the minion over ssh or something similar
15:10 iamtew if I want to make some sort of testing, I just spin up two machines and use those scrtips, and ready to go
15:10 rawtaz haha, kvickstart :-)
15:10 iamtew yeah, exactly, you need to access the minion somehow
15:10 viq rawtaz: some people push states and run salt locally
15:10 rawtaz viq: push via e.g. git you mean?
15:11 viq yeah
15:11 rawtaz yeah
15:11 viq but I just saw that masterless minions were mentioned, sorry
15:11 rawtaz no, thanks for joining in with your suggestions/opinions
15:11 iamtew rawtaz: yeah because everything is named "quick start" these days and I like to avoid conflicts! :D
15:11 rawtaz yours is better :>
15:11 iamtew naming conflicts*
15:11 rawtaz kviqstart is nice too i think
15:12 rawtaz eh
15:12 rawtaz perhaps not when you're english speaking
15:12 viq k-viq-start, eh? ;)
15:12 iamtew ha!
15:12 iamtew :D
15:12 rawtaz kiwistart might be the simpler version :)
15:12 martoss joined #salt
15:13 rawtaz with that nice bird as the logo
15:13 viq If you're from Australia/NZ ;)
15:13 rawtaz hehe
15:13 ndrei joined #salt
15:13 iamtew yeah, the bird, or the all blacks
15:13 iamtew hehe
15:14 ninkotech_ joined #salt
15:14 viq Or after mishearing kiwistar, and since the fruit is fuzzy abbreviated to **
15:15 iamtew rawtaz: kviqstart is too extreme though, like people who change their family name to Lövquist or stuff like that..
15:15 iamtew that's not how it's spellt darnit! :PO
15:15 viq iamtew: I may steal it though :P
15:15 iamtew go for it :)
15:19 ramishra joined #salt
15:20 acabrera joined #salt
15:20 ndrei joined #salt
15:30 arnoldB is there a way to get salt to give me the list of all environments (file_roots + gitfs_remotes) and states available (including gitfs_remotes)?
15:33 arnoldB hm salt.fileserver.<foo> has some functions
15:36 anitak joined #salt
15:48 ninkotech_ joined #salt
15:48 iamtew hm, how annoying, I can't get gitfs_remotes working
15:49 iamtew is it an issue to keep the top.sls in a remote git repo or something?
15:49 iamtew I don't have any problem to access this repo as the root user (which salt-master is running as) normally on the command line
15:50 babilen iamtew: That should not be a problem at all.
15:50 sectionme joined #salt
15:51 babilen Could you run the master manually with "salt-master -ldebug" and check for errors? Do you have gitpython (or whatever provider you want to use) installed?
15:51 iamtew yeah I have gitpython
15:51 babilen Also define "working" -- What did you do exactly and why do you think that it isn't working?
15:52 iamtew well I get only one red message saying: Comment: No Top file or external nodes data matches found
15:52 iamtew when I normally should have a few things going on
16:02 rawtaz peeps
16:03 kingel joined #salt
16:06 cpowell joined #salt
16:09 sectionme joined #salt
16:11 iamtew *facedesk* malformed url to the git-repo
16:12 intellix joined #salt
16:12 iamtew I was using ssh:// when I should've just used git://
16:14 babilen iamtew: Found it in "salt-maste -ldebug" ?
16:14 babilen +r
16:14 zergutzu joined #salt
16:15 teebes joined #salt
16:15 bhosmer joined #salt
16:16 jhauser joined #salt
16:17 iamtew ah, no..
16:17 StDiluted joined #salt
16:17 iamtew I just tried to clone the repo
16:18 iamtew and noticed the url was bad
16:21 iamtew hm, not it started doing the same again
16:22 n1ck3 joined #salt
16:25 babilen iamtew: You should remove the salt gitfs cache files in /var
16:26 rawtaz iamtew: YOU are bad. bad to the bone :-)
16:29 iamtew babilen: how do I clear it in a good way? shutdown daemons and empty /var/cache/salt ??
16:31 babilen iamtew: Just remove the gitfs directory in thre
16:32 faust joined #salt
16:32 iamtew ah, no.. now I get it, I found the issue
16:32 ninkotech_ joined #salt
16:32 iamtew so I'm using the salt-formula to manage master and minion config file
16:33 iamtew but since the change two weeks ago it puts all the config under /etc/salt/master.d/master
16:33 iamtew instead of /etc/salt/master
16:33 iamtew so all my gitfs setting was in /etc/salt/master.d/master but not in /etc/salt/master and thus wasn't picked up
16:44 Daviey joined #salt
16:49 n1ck3 Does anyone know why pkg.installed does not work on OS X minions (using brew). The stack trace says: KeyError: 'user.list_groups'. Is it just ne?
16:54 zergutzu joined #salt
17:03 zergutzu joined #salt
17:14 zergutzu joined #salt
17:15 sectionme joined #salt
17:15 kingel joined #salt
17:26 sectionme joined #salt
17:26 dccc joined #salt
17:33 ifmw joined #salt
17:35 bhosmer joined #salt
17:39 acabrera joined #salt
17:43 duruk joined #salt
17:54 iamtew meh, why can't I use center() in jinja template in saltstack..
17:54 pdayton joined #salt
17:54 iamtew fails and tells me: Comment: Unable to manage file: Jinja syntax error: Encountered unknown tag 'center'.; line 9
17:55 sectionme joined #salt
17:58 fii left #salt
18:00 zergutzu joined #salt
18:03 snuffeluffegus joined #salt
18:04 bhosmer joined #salt
18:12 perfectredneck joined #salt
18:14 teebes joined #salt
18:19 zergutzu joined #salt
18:20 elfixit joined #salt
18:23 zergutzu_ joined #salt
18:25 bhosmer joined #salt
18:30 teebes joined #salt
18:55 n8n joined #salt
19:00 kingel joined #salt
19:01 n8n_ joined #salt
19:03 StDiluted joined #salt
19:21 capricorn_1 joined #salt
19:24 teebes joined #salt
19:25 sectionme joined #salt
19:31 scoates joined #salt
19:43 martoss joined #salt
19:45 sectionme joined #salt
19:48 Aaron42 joined #salt
19:50 Aaron42 hello, newbie Salt learner here looking for assistance - any time appreciated. Anyone know why pkg.refresh_db is "unavailable" when I try to call it in an SLS?
19:51 viq Aaron42: on what platform?
19:52 Aaron42 Ubuntu 14, latest
19:53 viq do you have python-apt installed?
19:53 Aaron42 if I run salt '*' pkg.refresh_db it works fine. Just when I use an SLS it chokes.
19:53 bhosmer joined #salt
19:53 Aaron42 so I assume that means the right packages are there.
19:54 viq oh
19:54 viq Because modules != states
19:54 viq http://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html
19:55 viq or you could use http://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html
19:56 Aaron42 OK I see. The modules are the underlying functionality used to reach a state
19:57 viq yeah
19:57 Aaron42 I think the one I want is pkg.uptodate - but there's not a lot of detail in the doc to say what it does
19:57 Aaron42 I presume equivalent to pkg.refresh_db and pkg.upgrade
19:58 viq Aaron42: also it's not available in stable versions yet
19:59 viq Actually seems just pkg.upgrade, to have pkg.refresh_db you need to set refresh=True
19:59 Aaron42 ah interesting
19:59 viq See that "New in version 2014.7.0" ? As you see in topic, there is Release Candidate of it, but it's not officially out yet
20:00 Aaron42 got it. My goal is just to update the system, seems a pretty core use case
20:01 viq salt \* pkg.upgrade refresh=True
20:02 viq Why from SLS?
20:04 bhosmer joined #salt
20:04 timoguin Aaron42: pkg.latest in an SLS should run a refresh first as well.
20:05 Aaron42 well my thinking is that a goal when setting up a new server is to update the packages, so it will go in top.sls.
20:06 viq But do you want to upgrade all packages every time you're running highstate?
20:06 timoguin I think of upgrades as more of an ad-hoc thing
20:06 timoguin what viq said.
20:07 JPaul joined #salt
20:07 timoguin if you put it in an sls you can specifify that SLS to run on minion startup every time
20:07 timoguin probably better outside of highstate if you want to run highstate regularly
20:07 Aaron42 ok, maybe not in highstate then. Goal would be a standard set of states that get run once on a new server - update packages, install users, etc.
20:07 babilen Aaron42: You will get the latest packages with pkg.installed if you set "refresh=True", but then I'd just use pkg.install and refresh explicitly.
20:08 Aaron42 this is to catch OS upgrades and the like
20:08 babilen Aaron42: I really wouldn't make an upgrade part of the highstate. You want to do that explictly and controlled not whenever you run a highstate.
20:08 timoguin Aaron42: if you really want to call pkg.refresh_db and pkg.upgrade in an SLS you can use module.run to call them.
20:09 timoguin You just can't call them directly from the sls because they're not state modules
20:09 Aaron42 ok that's interesting
20:09 timoguin That applies to any non-state module you want to run.
20:09 Aaron42 it seems like the new pkg.uptodate state does exactly what I want - just looking for the best way to do it before it ships.
20:10 viq Aaron42: why run them only once, instead of constantly ensuring, that server is in a known desired state, part of which is making sure certain users and packages are present or not?
20:10 viq Aaron42: also, I believe you can tell kickstart/preseed to upgrade packages upon installation
20:11 babilen I'd think of highstate as "invariants that will be ensured to always be true" and upgrades are really more of an explicit change of configuration. Your highstate should, IMHO, be a no-op if you didn't change any states and changes that are due to a changing environment (e.g. package upgrades) should be performed planned an manually.
20:12 babilen viq: You definitely can make it part of a preseeded Debian (et. al) install
20:12 babilen s/an/and
20:12 Aaron42 right - I'm still learning e.g. exactly when highstate is run, so not completely on top of the philosophy of where things go.
20:13 timoguin basically whenever you tell it to run. with no configuration, it won't run unless you call it.
20:13 timoguin if you set startup_states: highstate, it'll run on minion startup
20:14 babilen Sure, a highstate is run manually or can be run every k minutes/hours/days on a set schedule. The point is that you don't want it to really change anything unless you made an explicit change.
20:14 timoguin Aaron42: salt-cloud can also run highstate or a set of SLS files after firing up new minion
20:14 timoguin so that's a kind of out-of-band, only ran when the machine is created
20:14 Aaron42 I see, that would be useful. I've got a DigitalOcean image that connects to the master automatically at startup, so going to highstate would be good
20:14 timoguin yea salt-cloud works very well with DO
20:16 Aaron42 yep I set up something by hand as a learning exercise. In case anyone's interested, http://www.aaronbell.com/lets-make-salt-minions-on-digitalocean/
20:16 Aaron42 thanks for all the info, much appreciated!
20:21 babilen Enjoy your experience and feel free to ask any questions. (although I'll head off now as I have to work tomorrow)
20:29 geekatcmu joined #salt
20:31 mrlesmithjr joined #salt
20:33 JPaul joined #salt
20:35 eliasp joined #salt
20:35 ksk joined #salt
20:35 ksk hey gyus
20:36 ksk im runnig salt on a few containers now, and do upgrades using salt. however sometimes not all CTs respond and i dont find it very easy to determine if  thats the case on the commandline
20:36 ksk is there any cool way/tool for doing so?
20:36 ksk addressing them one by one instead of "do all"?
20:40 mrlesmithjr joined #salt
20:44 geekatcmu joined #salt
20:45 ksk like, if i do "-L" and one does not respond (or does not exist) salt says nothing
20:49 elfixit joined #salt
20:50 Aaron42 all the responses from the minions are stored in the job list
20:51 Aaron42 I always run salt with -v to show the job ID. Then I can look at responses afterwards with salt-run jobs.lookup_jid <job id number>
20:51 Aaron42 http://docs.saltstack.com/en/latest/topics/jobs/
20:52 Aaron42 this helped me when my command timed out before minions were responding.
20:56 ksk so i will have to script around that, okay. thanks
21:01 babilen ksk: http://docs.saltstack.com/en/latest/ref/clients/ might be of interest to you
21:03 teebes joined #salt
21:10 n1ck3 Good evening. I am having trouble running pkg.installed from a sls on an OS X minion. Does anyone have experience running OS X minions?
21:13 babilen No, sorry. It *might* however make it easier to help you if you were to elaborate on what you tried and if you could pastes of your configuration and debug output from master/minion when you run it (minion in particular I guess). Use a nice pastebin such as http://refheap.com or http://paste.debian.net
21:13 skarn joined #salt
21:14 n1ck3 babilen: I did that. Here's the pastebin link: http://pastebin.com/EXx7ZZzY
21:17 n1ck3 it all boils down to a: "KeyError: 'user.list_groups'" when it is trying to install packages with brew.
21:18 aquinas joined #salt
21:19 aquinas_ joined #salt
21:20 floWenoL joined #salt
21:20 floWenoL hi any date set for the RC to become final?
21:27 yetAnotherZero joined #salt
21:27 Sacro joined #salt
21:27 Sweetshark joined #salt
21:28 Hipikat joined #salt
21:29 Micromus joined #salt
21:29 redondos- joined #salt
21:29 HuleB joined #salt
21:30 jY- joined #salt
21:30 Daviey_ joined #salt
21:31 ropes joined #salt
21:31 rostam joined #salt
21:31 stevednd joined #salt
21:31 timoguin joined #salt
21:32 StDiluted joined #salt
21:32 monokrome joined #salt
21:34 babilen n1ck3: I don't necessarily see it right now. Given that you had this problem for a while I'd ask on the ML and/or file a bug about this. Is it normal for salt to run as your user on OSX (or am I misinterpreting the output) ?
21:37 Karunamon joined #salt
21:37 joehh joined #salt
21:41 aurynn joined #salt
21:41 n1ck3 babilen: Yeah, brew should be run as regular users. Unfortunately thats a quirk of brew. They really don't like running brew as root. I am invoking salt-call with sudo but then salt runs brew as my user.
21:41 n1ck3 babilen: Yeah, i'll file a bug about this. Sorry my ignorance, but what is the ML?
21:41 mrlesmithjr joined #salt
21:42 bhosmer_ joined #salt
21:43 mrlesmithjr joined #salt
21:44 babilen mailing list
21:45 n1ck3 babilen: ok, i'll do that. Thanks for the pointers.
21:47 anotherZero joined #salt
21:47 aurynn left #salt
21:53 holms guys can i use wildcards in file.absent :)?
21:55 bhosmer joined #salt
21:55 hotbox joined #salt
21:56 mrlesmithjr joined #salt
22:00 yomilk joined #salt
22:03 bhosmer joined #salt
22:07 mrlesmithjr joined #salt
22:10 yomilk joined #salt
22:12 kingel joined #salt
22:17 mrlesmithjr joined #salt
22:20 mrlesmithjr joined #salt
22:21 DaveQB joined #salt
22:23 ze- joined #salt
22:23 mage_ joined #salt
22:23 Twiglet_ joined #salt
22:23 devx joined #salt
22:23 whitepaws joined #salt
22:25 KaaK_ joined #salt
22:27 rubenb Hi, I just set up  some salt stuff at home (behind NAT) and the external hosts seem down in salt-call manage.status. Yet they could check in for the first time (so I could accept the key)
22:30 n8n joined #salt
22:30 wnkz_ joined #salt
22:31 Outlander joined #salt
22:33 rubenb @self. Yes, one should not make typoes in the publish_port-forwarding.
22:34 wnkz_ joined #salt
22:41 Outlander joined #salt
22:41 rigor789|away joined #salt
22:43 kingel joined #salt
22:43 sectionme joined #salt
22:47 ndrei joined #salt
22:50 teebes joined #salt
22:53 simmel_ joined #salt
22:55 diegows joined #salt
22:58 n8n joined #salt
23:01 sectionme joined #salt
23:03 jayfk joined #salt
23:04 mpanetta joined #salt
23:07 mpanetta joined #salt
23:08 jeffrubic joined #salt
23:10 jeffrubi` joined #salt
23:29 mrlesmithjr joined #salt
23:30 mrlesmithjr joined #salt
23:31 bhosmer_ joined #salt
23:48 bhosmer joined #salt
23:50 cpowell joined #salt
23:51 ampex joined #salt
23:57 mrlesmithjr joined #salt
23:59 holms rm -rf *.jar
23:59 holms in salt?

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary