Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-09-30

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:02 cpowell joined #salt
00:07 mapu joined #salt
00:10 aparsons_ joined #salt
00:10 jonatas_oliveira joined #salt
00:11 jslatts joined #salt
00:11 aparsons joined #salt
00:11 ninkotech joined #salt
00:11 KennethWilke joined #salt
00:13 LBJ_6 joined #salt
00:16 johngrasty joined #salt
00:19 KyleG joined #salt
00:19 KyleG joined #salt
00:19 saurabhs left #salt
00:23 jonatas_oliveira joined #salt
00:26 johngrasty joined #salt
00:27 jonatas__ joined #salt
00:34 aparsons_ joined #salt
00:45 TyrfingMjolnir joined #salt
00:57 bhosmer joined #salt
00:59 kusams joined #salt
01:15 kusams joined #salt
01:21 ajolo joined #salt
01:25 mpanetta joined #salt
01:27 mpanetta joined #salt
01:30 tafa2 joined #salt
01:30 tafa2 evening
01:31 aparsons joined #salt
01:31 tafa2 I was wondering if anyone has tried puppet or chef as well as saltstack - I'm leaning towards salt but wanted to know if there are any cons vs the other 2?
01:32 QuinnyPig tafa2: Yes, most of us have tried the others. :-)
01:32 iggy I know some people run them concurrnently while they are moving from one to the other
01:32 tafa2 cool
01:32 QuinnyPig tafa2: For what it's worth, I spent four months this year as a traveling trainer for Puppet Labs. Have any specific questions? :-)
01:32 tafa2 QuinnyPig wow haha
01:32 tafa2 what you doing in here?
01:32 QuinnyPig tafa2: I was contributor 15 to Saltstack!
01:33 tafa2 oh nice!
01:33 QuinnyPig These days my contributions mostly consist of telling UtahDave that he's doing it wrong.
01:33 iggy we all do that!
01:33 Ryan_Lane tafa2: http://ryandlane.com/blog/2014/08/04/moving-away-from-puppet-saltstack-or-ansible/
01:33 UtahDave I heard that!!
01:33 UtahDave :)
01:33 Ryan_Lane tafa2: I don't have an opinion vs chef
01:33 tafa2 Ryan_Lane thanks
01:33 Ryan_Lane but salt is *much* nicer than puppet imo
01:33 tafa2 looking at the other 2
01:34 tafa2 salt was the only that had a get started now guide
01:34 tafa2 for the impatient
01:34 tafa2 (like me :P)
01:34 Ryan_Lane ordered execution, lots of built-in modules, good orchestration, reasonable docs
01:35 Ryan_Lane I'm still not happy with the docs, but at least they're thorough
01:35 iggy one place where salt is still a little lacking is that area between getting started and nauseating amount of detail in some of the docs
01:35 tafa2 the grains states etc have me a lil confused
01:36 iggy but the big thing to remember there is... there's no right (or even best) way to do something
01:36 tafa2 true...
01:36 iggy there's "the way that works best for you"
01:36 ajolo_ joined #salt
01:37 tafa2 what is baffling me is how u just send a command to a bunch of slaves
01:37 tafa2 without writting out a state
01:37 tafa2 or SLS?
01:37 iggy cmd.run
01:37 tafa2 ah ok
01:37 tafa2 i thought u have to put that into an sls
01:37 iggy salt '*' cmd.run "apt-get install bash"
01:38 tafa2 haha u read my mind
01:38 iggy yeah
01:38 iggy we've all been doing that 4 times a day for the last week
01:38 tafa2 that simple cool
01:39 tafa2 and ive read about the security
01:39 tafa2 using keys etc
01:39 tafa2 is that all on ssh?
01:39 iggy well, for me, that's all handled by google
01:39 iggy ssh keys
01:40 iggy but you don't really need them
01:40 tafa2 oh sorry i meant the connection between the master and the slaves
01:40 iggy the minions run, they connect to the master, then they idle like 90% of people on irc.... until you highlight them
01:40 iggy then they perk up
01:40 tafa2 is all encrypted by default correct?
01:40 VictorLin joined #salt
01:41 iggy I... am on a private network, so...
01:41 iggy 98% sure yes
01:45 LBJ_6 joined #salt
01:49 tafa2 anyone know for sure?
01:49 cztanu joined #salt
01:52 nitti joined #salt
01:52 Ryan_Lane tafa2: encrypted, yes
01:52 active8 joined #salt
01:52 tafa2 Ryan_Lane awsome
01:52 tafa2 over ssh?
01:52 Ryan_Lane also, you can call execution modules as well
01:52 Ryan_Lane for instance
01:53 Ryan_Lane salt '*' pkg.install 'bash' refresh=True
01:53 Ryan_Lane which will apt-get update && apt-get install bash
01:53 Ryan_Lane tafa2: it's encrypted 0mq
01:53 Ryan_Lane not ssh
01:53 Ryan_Lane you /can/ use salt-ssh, but meh
01:54 Ryan_Lane I dislike ssh as a transportation method. ssh is a massive pain in the ass
01:54 Ryan_Lane ok. gotta run
01:55 tafa2 thanks Ryan_Lane
01:55 Ryan_Lane yw
01:55 Ryan_Lane check out the other blog posts I've been writing lately too
01:55 Ryan_Lane I go into ways to handle bootstrapping, writing basic modules, etc
01:58 ITChap joined #salt
02:01 mr_chris joined #salt
02:08 mr_chris joined #salt
02:16 johngrasty_ joined #salt
02:17 zekoZeko joined #salt
02:18 johngrasty joined #salt
02:26 otter768 joined #salt
02:26 anotherZero joined #salt
02:36 anotherZero joined #salt
02:42 desposo joined #salt
02:43 kusams joined #salt
02:46 bhosmer joined #salt
02:46 aqua^lsn joined #salt
02:49 oz_akan joined #salt
02:58 Singularo joined #salt
03:06 murrdoc joined #salt
03:06 yomilk joined #salt
03:07 murrdoc topic needs updatings
03:07 murrdoc lhttps://github.com/saltstack/salt/blob/develop/doc/topics/releases/2014.1.11.rst is latest
03:09 johngrasty joined #salt
03:22 semarie joined #salt
03:26 neilf_____ joined #salt
03:26 malinoff joined #salt
03:27 murrdoc joined #salt
03:30 bezeee joined #salt
03:31 rap424 joined #salt
03:32 aparsons joined #salt
03:33 akoumjian joined #salt
03:33 jpaetzel joined #salt
03:33 aparsons_ joined #salt
03:34 hasues joined #salt
03:38 anotherZero joined #salt
03:38 aparsons joined #salt
03:53 aparsons joined #salt
03:54 Ryan_Lane joined #salt
04:01 mpoole joined #salt
04:02 uzomg joined #salt
04:05 aparsons joined #salt
04:07 semarie joined #salt
04:08 aparsons joined #salt
04:18 kermit joined #salt
04:20 jonatas_oliveira joined #salt
04:28 Shenril joined #salt
04:32 mosen joined #salt
04:35 bhosmer joined #salt
04:35 pppingme joined #salt
04:37 aparsons joined #salt
04:38 mgw joined #salt
04:39 mgw left #salt
04:45 felskrone joined #salt
04:50 ramteid joined #salt
04:50 jonatas_oliveira joined #salt
04:54 ginger_tonic joined #salt
04:55 ramishra joined #salt
04:56 pdayton joined #salt
04:57 aparsons joined #salt
05:02 bkrram joined #salt
05:03 bkrram I'm trying to set a state to install the leveldb package from an rpm under file_roots
05:03 bkrram After runnng state.highstate, it shows a failure to install but on the minion, it actually does install the package
05:04 bkrram The minion log shows :
05:04 bkrram 2014-09-30 10:29:34,657 [salt.state                                  ][ERROR   ] Installed Packages:
05:04 bkrram leveldb.i686 changed from absent to 1.7.0-2.el6
05:04 bkrram So why is it saying that it was an error?
05:06 bhosmer joined #salt
05:19 big_area joined #salt
05:37 jalaziz joined #salt
05:40 catpiggest joined #salt
05:41 linjan joined #salt
05:43 nnion joined #salt
05:45 jonatas_oliveira joined #salt
05:55 irctc023 joined #salt
05:56 vvk99 joined #salt
05:59 rdorgueil joined #salt
05:59 rdorgueil joined #salt
06:02 bkrram Any ideas on why the package install is showing as failed??!
06:04 uber joined #salt
06:11 Ryan_Lane joined #salt
06:23 bhosmer joined #salt
06:27 mechanicalduck joined #salt
06:32 mechanicalduck_ joined #salt
06:34 vvk99 joined #salt
06:36 flyboy joined #salt
06:36 n8n joined #salt
06:39 jonatas_oliveira joined #salt
06:42 mamm0nth joined #salt
06:45 kingel joined #salt
06:47 yurei joined #salt
06:53 oz_akan joined #salt
06:55 masm joined #salt
06:58 oyvjel joined #salt
06:58 wnkz joined #salt
06:59 mechanicalduck joined #salt
07:02 Sweetshark joined #salt
07:08 krissaxton joined #salt
07:08 jdmf joined #salt
07:11 babilen bkrram: Could you paste your state to http://refheap.com ?
07:13 alanpearce joined #salt
07:13 bkrram babilen: The issue got resolved. I did not have the right package name for it to check for a successful install.
07:13 bkrram I should have have :    - sources:
07:13 bkrram - leveldb.i686: salt://leveldb-1.7.0-2.el6.i686.rpm
07:13 bkrram But I has only leveldb: instead
07:14 alanpearce joined #salt
07:18 eliasp joined #salt
07:19 lcavassa joined #salt
07:22 wnkz_ joined #salt
07:25 babilen bkrram: That is exactly what I suspected. Great that you figured it out.
07:27 jdmf joined #salt
07:33 DaveQB joined #salt
07:33 alanpearce joined #salt
07:38 rdorgueil joined #salt
07:41 martoss joined #salt
07:42 akafred joined #salt
07:53 CeBe joined #salt
07:53 oz_akan joined #salt
07:55 ndrei joined #salt
07:59 darkelda joined #salt
07:59 darkelda joined #salt
08:05 rdorgueil joined #salt
08:07 krissaxton joined #salt
08:10 SheetiS joined #salt
08:12 bhosmer joined #salt
08:14 Katafalkas joined #salt
08:16 ndrei joined #salt
08:20 ndrei joined #salt
08:23 intellix joined #salt
08:24 ndrei joined #salt
08:24 ninkotech__ joined #salt
08:27 jonatas_oliveira joined #salt
08:28 ndrei joined #salt
08:32 ndrei joined #salt
08:32 ggoZ joined #salt
08:33 wnkz joined #salt
08:34 ndrei joined #salt
08:36 ndrei joined #salt
08:41 ndrei joined #salt
08:41 wnkz joined #salt
08:47 timbermaniac joined #salt
08:48 wnkz_ joined #salt
08:49 himate joined #salt
08:54 oz_akan joined #salt
08:57 briner hello, I'm a bit a confused on how to instruct salt to comment a line and uncomment an other line of a same file
09:00 himate joined #salt
09:02 yomilk joined #salt
09:05 wnkz_ Hi, I'm trying 'salt.modules.dockerio' and I'm having trouble mapping ports ; command line seems to ignore the 'ports' parameter: "docker.create_container 'foo/www:0.0.2' hostname="foo" ports="({'2000':'80'})" tty="True""
09:07 yomilk joined #salt
09:08 urtokk joined #salt
09:09 _mel_ joined #salt
09:09 urtokk joined #salt
09:12 jhauser joined #salt
09:13 felskrone joined #salt
09:13 dwfreed wnkz_: from the code, it looks like it needs to be a list instead of a tuple, and you can't remap ports
09:13 dwfreed this is the code that handles processing that: https://github.com/docker/docker-py/blob/master/docker/client.py#L150
09:13 viq briner: you'll need two separate state IDs for that
09:14 wnkz_ dwfreed: my container is exposing port 80 ; I just want this port to be available on port 2000 on my host
09:14 dwfreed docker-py doesn't allow for that
09:15 wnkz_ dwfreed: so what is the "ports" option about: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.dockerio.html#salt.modules.dockerio.create_container
09:15 dwfreed just listing the ports you want to be exposed
09:15 wnkz_ I mean ; it's just another parameter like hostname or so ? :(
09:15 dwfreed see my link
09:16 dwfreed things that work: ['80']; [('80', 'tcp')]; {'80/tcp': {}}
09:18 wnkz_ dwfreed: this is so weird that docker-py isn't allowing this Oo
09:18 wnkz_ dwfreed: thank you very much anyway
09:19 dwfreed wnkz_: see also this, which suggests it is possible, but you just need to drop enclosing the dict in a tuple: https://github.com/docker/docker-py#port-bindings
09:20 dwfreed oh, I see
09:20 dwfreed create_container != start
09:20 dwfreed in create_container, you define all the ports that can ever be exposed
09:20 wnkz_ dwfreed: yes !
09:20 dwfreed in start, you define how those ports are mapped to ports on your host
09:21 wnkz_ yeah but create does create _and_ start
09:21 wnkz_ oh ..
09:21 wnkz_ no it does not
09:23 yomilk joined #salt
09:24 che-arne joined #salt
09:28 felskrone joined #salt
09:30 wnkz_ dwfreed: "port_bindings must be formatted as a dictionary of dictionaries" how would you write this dictioception ? :s
09:31 feth joined #salt
09:32 feth Hello !
09:32 feth I'm not sure I anderstand https://github.com/saltstack/salt/blob/develop/salt/returners/couchdb_return.py#L81
09:32 feth "a = b" does not generate a copy per se, or ?
09:33 feth If I'm not alone wondering, I'll open an issue
09:33 _mel_ hi. if i start something like this: salt '*' state.sls bacula, i got errors like: [INFO    ] jid 20140930113149771989 minions set([ ........']) did not return in time. do i need more cpu power on the saltmaster?
09:33 dwfreed wnkz_: https://github.com/saltstack/salt/blob/develop/salt/modules/dockerio.py#L863
09:34 dwfreed wnkz_: {'80/tcp': {'HostPort': 2000}} should get you what you want
09:35 dwfreed that module needs *a lot* more docs
09:36 wnkz_ dwfreed: indeed ; this is working ; could not think of a simpler syntax :D
09:37 dwfreed for that, it makes more sense just to pass what's given on the command line straight to docker-py
09:37 hjubal joined #salt
09:37 hjubal joined #salt
09:42 dwfreed ah, I see
09:42 krissaxton joined #salt
09:43 dwfreed when it's used as a state function, things aren't so pretty
09:43 dwfreed https://github.com/saltstack/salt/pull/9570 is why that format is needed
09:49 oyvjel joined #salt
09:51 adam_ joined #salt
09:55 bhosmer joined #salt
09:57 bkrram joined #salt
09:57 stephanbuys joined #salt
09:59 adam_ Where can I find the .sls file on the minion, that is executed when I call "sudo salt-call state.sls foobar"?
10:00 babilen adam_: /srv/salt/foobar.sls
10:00 adam_ It's not there
10:01 babilen Okay
10:01 babilen Why do you think that it should?
10:02 adam_ Does the minion store/cache .sls files received from the salt server?
10:02 yaiba joined #salt
10:02 stephanbuys adam_: nope, it gets sent the appropriate "low state"
10:03 stephanbuys which is the compiled form of the state, with the appropriate grains/pillars mixed in
10:03 stephanbuys its JSON
10:04 adam_ I see... is there at least a way for the minion to see the JSON it gets through low state?
10:05 yomilk joined #salt
10:05 babilen adam_: What are you trying to achieve/debug/do ?
10:06 stephanbuys going out on a limb here but you should be able to see the details by monitoring the actual events (on 0mq), look at "Knowing What events are being fired" on http://docs.saltstack.com/en/latest/topics/reactor/
10:06 stephanbuys disclaimer, this is a guess
10:07 adam_ I'd like to debug my state module, so I want to see the input it gets whether the input is wrong or the module is broken
10:08 stephanbuys adam_: the easiest way to do that is to (from the master), run your command with: -l debug , that will show you the compiled YAML
10:09 stephanbuys you _might_ even see the lowstate on the minion if you run with it interactively: salt-minion -l debug
10:09 adam_ yes, I just don't have access to the master, it is managed by another guy
10:09 babilen heh
10:09 Katafalk_ joined #salt
10:09 babilen adam_: Fire up local VMs and test it there.
10:10 stephanbuys ^^^ good suggestion
10:11 babilen https://gist.github.com/babilen/e9479fdfbcca431db208 is something that I wrote some time ago for dirty testing in vagrant -- Made a bunch of changes, but it should work.
10:12 adam_ well, thanks a lot
10:12 babilen (it abuses docker a little and I typically use kvm these days (virtualbox is too excruciatingly slow))
10:12 krissaxton joined #salt
10:12 adam_ the problem is, I don't have the expertise to set up such a master-minion scene
10:13 babilen You can naturally change the docker specific part and use any other vagrant box. I just couldn't stand waiting minutes for the "vagrant up" to finish. You will have to fire it up with "vagrant up --provider=docker --no-parallel
10:13 babilen "
10:13 babilen It's already setup. You only have to copy your states into /srv/salt/file_roots/ and you are done
10:14 babilen s/setup/set up/
10:14 adam_ stephanbuys: I tried "salt-minion -l debug" but didn't see anything when calling the state
10:16 adam_ babilen: setting this environment up doesn't solve my problem: I'd like the see the .sls file my master (which I can't ssh to) is sending
10:16 wnkz_ I think there is a problem with http://docs.saltstack.com/en/latest/ref/states/all/salt.states.dockerio.html#salt.states.dockerio.running ; or at least with the documentation. The doc says "Ensure that a container is running. If the container does not exist, it will be created from the specified image. (docker run)" ; the fact that I got a "could not be resolved to an existing container" error message determined that was a lie
10:16 wnkz_ .
10:16 giantlock joined #salt
10:16 jonatas_oliveira joined #salt
10:16 stephanbuys yeah, wasn't sure about that approach, perhaps you will have more luck tracing the events (as per the earlier suggestion), but babilen is right, you should get your own VM setup if you want to do proper debugging
10:16 babilen adam_: Well, why wouldn't it? It would allow you to reproduce the entire setup locally
10:17 babilen wnkz_: Can you run it locally?
10:17 adam_ I just don't know what does the .sls file contain on the master, so I can't reproduce
10:18 wnkz_ babilen: what do you mean? Directly on the minion ?
10:18 babilen wnkz_: Yes, can you run the commands salt is running directly on the minion? (if you don't know those commands run the minion in debug mode with "salt-minion -ldebug")
10:19 babilen adam_: Well, you obviously need some cooperation with the person who is running the master.
10:19 wnkz_ babilen: well ; I was already looking at the logs ; but it's dockerio local API calls
10:19 babilen Ah, okay ..
10:20 adam_ yes, you're absolutely right. I just wanted to do some debugging, since he becomes available
10:20 wnkz_ babilen: only thing I have is some python traceback in the minion's log ; not even on the console
10:20 babilen wnkz_: I'm not too familiar with the dockerio implementation in salt, but I had hoped that tracing what salt is doing would allow us to figure our why you run into this problem. You simply very little information to use (neither your states, output, minion logs, ...) and I thought that investigating along those lines would give us something to work with.
10:20 stephanbuys adam_: did you check http://docs.saltstack.com/en/latest/topics/event/index.html ?
10:21 babilen wnkz_: *You simply provided ...
10:22 stephanbuys wnkz_: can you give us the state you're calling in your .sls file? (or perhaps the output from the console? pastebin?)
10:22 babilen wnkz_: The traceback would at least give us something to google for ...
10:23 wnkz_ babilen: the only thing bothering me is that .running is suppose to create the container if it does not exists ; but the error message I have is about a container non existing container .. this is somehow frustrating since .installed followed by .running works perfectly fine
10:23 wnkz_ babilen: yes, give me a sec
10:24 babilen wnkz_: Well, it might be/have been a bug in salt. So defining a requisite from .running to .installed would solve this particular problem (even though the documentation seems to imply that this wouldn't be necessary)
10:25 wnkz_ babilen: this is what's bothering me ; I _can_ make this work but either the doc is wrong or there is a bug in the state or I made a mistake
10:25 babilen wnkz_: Yes, so give us something to work with.
10:26 babilen (states, output, logs, salt versions, ...)
10:31 wnkz_ babilen: https://gist.github.com/wnkz/279e7057c475a0f55680
10:31 wnkz_ 2014.1.10 both master and minion
10:33 ndrei joined #salt
10:33 babilen thanks
10:35 babilen So, you are running into https://github.com/saltstack/salt/blob/2014.1/salt/modules/dockerio.py#L343 -- question is why
10:36 bhosmer joined #salt
10:38 bkrram joined #salt
10:39 nnion joined #salt
10:39 babilen wnkz_: Documentation for 2014.1 does not imply that the container would be build.
10:40 krissaxton joined #salt
10:40 wnkz_ babilen: well .. by default I use: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.dockerio.html#salt.states.dockerio.running
10:40 babilen Yes, that is documentation for develop not 2014.1
10:42 babilen 2014.1 simply says: "Ensure that a container is running. (`docker inspect`)
10:42 babilen https://github.com/saltstack/salt/blob/2014.1/salt/states/dockerio.py#L597
10:42 chiui joined #salt
10:43 diegows joined #salt
10:45 ze- anyone using salt -b option ?
10:46 ramishra joined #salt
10:46 babilen ze-: Plenty of people use it. Do you?
10:46 babilen wnkz_: It should probably be easier to browse documentation for the various active branches
10:47 bkrram joined #salt
10:47 istram joined #salt
10:47 snuffeluffegus joined #salt
10:47 ze- babilen: trying to use a % of minions, but i get a usage. any idea about the format ?
10:49 babilen "25%"
10:49 ze- ok, stupid me. the problem was not there, but on the following args. thanks. :)
10:49 babilen ze-: What did you try, what happened and what did you expect to happen? Could you paste relevant commands and output to http://refheap.com and give us the URL?
10:50 ze- fixed. forgot to pass the '*', just had salt -b 20% saltutil.sync_all
10:50 babilen ze-: And a tip for the future: "Does anyone ..." is typically not the question you want to ask when you try to get help on IRC. The answer to that question is typically "Yes" so just ask your real question and provide as much information about it as you can so that people who *do* know the answer will answer.
10:50 ze- but as it was the first time i was trying with %, i wrongly assumed there was something wrong with that part. :)
10:51 flyboy82 hey guys, can anyone point me to the correct syntax for populating a mine with grains from my minions?
10:51 babilen There is also a social aspect in that people might not tell you "yes, I know that" only to find out (oh the humiliation) that they can't actually answer your question.
10:52 babilen flyboy82: http://docs.saltstack.com/en/latest/topics/mine/ (and you run an execution function)
10:54 flyboy82 thanks babilen
10:55 flyboy82 grains _is_ an execution module
10:55 yomilk joined #salt
10:55 Katafalk_ joined #salt
10:55 bkrram joined #salt
10:56 Katafal__ joined #salt
10:56 babilen flyboy82: indeed
10:56 krissaxton joined #salt
10:56 ramishra_ joined #salt
11:04 flyboy82 babilen, so if I wanted let's say a bunch of grains from every single minion, I'd have to put in my mine_functions eg. grains.get: [fqdn cpu_model num_cpus]   etc?
11:11 flyboy82 there's no syntax examples for using grains.get apart from CLI...
11:12 bkrram joined #salt
11:13 babilen flyboy82: I guess that you would require mine function aliases to do that, wouldn't you?
11:19 ramishra joined #salt
11:38 bkrram joined #salt
11:39 gmcwhistler joined #salt
11:42 ggalvao joined #salt
11:42 jslatts joined #salt
11:43 bhosmer_ joined #salt
11:46 CeBe1 joined #salt
11:47 jonatas_oliveira joined #salt
11:48 flyboy82 babilen: only if you're running 2014.7 ....
11:55 bhosmer joined #salt
11:59 intellix joined #salt
12:00 valentinbud joined #salt
12:04 n8n joined #salt
12:05 bkrram joined #salt
12:11 wnkz joined #salt
12:14 wnkz_ joined #salt
12:17 bhosmer joined #salt
12:17 chiui joined #salt
12:24 drags joined #salt
12:32 rdorgueil joined #salt
12:36 cpowell joined #salt
12:37 alanpearce joined #salt
12:37 logix812 joined #salt
12:38 CycloHex joined #salt
12:39 JPaul joined #salt
12:39 jaimed joined #salt
12:39 CycloHex I'm trying to make sure my git repo will only be cloned once automatically, and form then on i'd like to be able to control when it updates.. I tried doing this with an if statement filtering on grains. however when I try to run this sls (in which I include another file) it says  State include..gittest found in sls prod.init is unavailable
12:40 CycloHex under my include I tell the sls to change my grain value to something else and he does that... But I'm breaking my head over the unavailable error :s
12:42 vejdmn joined #salt
12:45 Katafalkas joined #salt
12:45 hietler joined #salt
12:49 miqui joined #salt
12:50 alanpearce_ joined #salt
12:52 flyboy82 any way for a template that's to be ran on a minion, to get access to grains of other minions? (apart from mine)
12:52 krissaxton joined #salt
12:52 jY flyboy82: pretty sure the mine is the only way to do it
12:53 flyboy82 thought so... problem is I can't get multiple grains.get unless i have 2014.7
12:54 flyboy82 and use aliases for the different args
12:56 kingel joined #salt
13:00 JPaul joined #salt
13:01 racooper joined #salt
13:02 ericof joined #salt
13:04 fbettag how can i negate a check for a grain?
13:04 fbettag like i want to set ssmtp.sls for all hosts that don't have role:mailserver set
13:04 tafa2 joined #salt
13:04 fbettag simply "if 'mailserver' not in ..."?
13:06 micah_chatt joined #salt
13:07 PK joined #salt
13:09 prosper_ joined #salt
13:09 PK Hi
13:11 DaveQB joined #salt
13:11 jslatts joined #salt
13:11 eagen joined #salt
13:24 kusams joined #salt
13:25 prosper_ joined #salt
13:26 ramishra joined #salt
13:27 nitti joined #salt
13:28 ajolo joined #salt
13:29 CycloHex fbettag, you have to use jinja for that
13:30 PK Is anyone facing salt master zombie process issue?
13:32 semarie_ joined #salt
13:40 fbettag CycloHex: thanks got it already =)
13:41 maboum joined #salt
13:41 maboum left #salt
13:43 hietler joined #salt
13:45 kusams Hi....i am using "Halite" for my salt master on AWS instance...the application is running but i am not sure how to login as ec2-user...is there any config that i need to set?
13:46 oz_akan joined #salt
13:46 dude051 joined #salt
13:47 rdorgueil joined #salt
13:47 rdorgueil joined #salt
13:47 CycloHex kusams: http://docs.saltstack.com/en/latest/topics/tutorials/halite.html#configuring-halite-permissions
13:48 ggalvao hey folks, I kind of asked this yesterday but could not get around the solution yet.
13:48 CycloHex this means you create a user; adduser testuser
13:48 ggalvao I have setup mysql config files on minions but each minion will have a different password. I have written a custom module that gets the password from where it is stored
13:48 mapu joined #salt
13:49 CycloHex kusams: then make sure the lines of the link i passed are in the conf. then you can login with the user testuser
13:49 ggalvao I would like to know how I can call that module and set the mysql.password variable
13:49 ggalvao I tried to {{ my_custom_module.my_custom_function }} on the password field but apparently you cannot do this
13:49 CycloHex why wouldn't you be able to do this, ggalvao
13:50 ggalvao https://gist.github.com/anonymous/45b41f95d409b3e44c9f
13:53 kusams CyloHex:I will try it...and do i need to create testuser on my master ?
13:53 Supermathie joined #salt
13:55 perfectsine joined #salt
13:57 hobakill joined #salt
13:59 CycloHex kusams, I think so, yes. because halite will be ran from your master
14:00 ggalvao custom modules need to be referenced by salt.custom_module, right?
14:00 giantlock joined #salt
14:03 ramishra_ joined #salt
14:05 CycloHex ggalvao, modules are the 'things' you use when using command line from the master.. If you'd like to use 'things' in state files (sls) you should write states, not modules
14:05 fbettag what does a regexp in a topfile look like? '.*\.(foo|bar)\.org$' doesn't work :/
14:06 fbettag pillars
14:06 ggalvao I am not using them in a state file, CycloHex. I want to reference it in a conf file
14:06 ggalvao it's a managed file
14:06 CycloHex the conf file is managed, ggalvao ?
14:06 Katafalkas joined #salt
14:06 ggalvao yeah
14:06 ggalvao it seems my friend has found the solution
14:06 CycloHex do you have -template: jinja in the
14:07 CycloHex file.managed: thingy
14:07 CycloHex ah, ok
14:07 ggalvao when you call a custom module you need to reference the 'salt' variable -->  salt['file.group_to_gid']
14:07 CycloHex someone here told me this yesterday that it's best to reference everything like so
14:07 CycloHex salt['grains.get']('grain') same for pillats
14:09 jergerber joined #salt
14:09 ggalvao yeah
14:09 ggalvao but it didn't work
14:09 ggalvao perhaps you cannot reference this stuff inside managed files
14:10 Katafalk_ joined #salt
14:10 ggalvao I wonder how I could set the variable on /etc/salt/minion any other way
14:10 ggalvao oh
14:11 ggalvao let me check the -template flag
14:12 rmnuvg joined #salt
14:12 ggalvao thanks a bunch, CycloHex
14:13 CycloHex yw
14:13 mgw1 joined #salt
14:13 wm-bot4 joined #salt
14:14 to_json joined #salt
14:15 fe92 joined #salt
14:15 jms joined #salt
14:16 jms is it valid to do file.manged: for a  directory?
14:17 KennethWilke joined #salt
14:18 semarie joined #salt
14:18 Supermathie jms: file.directory (you may also want makedirs: True of file.managed or file.directory)
14:18 kusams thanks, CycloHex
14:20 TheThing joined #salt
14:20 giantlock joined #salt
14:21 bezeee joined #salt
14:21 jms looking at the documentation, file.directory does not appear to manage the contents of the directory
14:22 Supermathie No it doesn't, but it wasn't apparent that's what you wanted to accomplish
14:23 Supermathie Maybe you want file.recurse?
14:23 mattmb joined #salt
14:25 rypeck joined #salt
14:26 kingel joined #salt
14:26 mattmb anyone know how http://docs.saltstack.com/en/latest/topics/targeting/grains.html#precedence works?
14:27 mattmb I'm not seeing the same precedence as described...
14:27 ckao joined #salt
14:28 aquinas joined #salt
14:29 cpowell Good Morning everyone
14:30 cpowell Would anyone know of a way to simply copy a file from the master to a minion in a state?
14:30 ggalvao good morning :)
14:30 ggalvao use the file.managed state, cpowell
14:30 cpowell I don't want to manage the contents. Just copy the file if it does not exists
14:30 rockey cpowell: http://docs.saltstack.com/en/latest/ref/cli/salt-cp.html
14:30 ggalvao oh
14:31 cpowell and I don't want it over-written
14:31 ggalvao what rockey said
14:31 cpowell rockey: I saw that, but how would I use it in a state?
14:33 rockey cpowell: now you're asking for a whole different thing :)
14:33 ggalvao cpowell, http://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.copy
14:33 ggalvao the file.copy does exactly that
14:33 rockey gah, to slow :)
14:33 ggalvao salt.states.file.copy(name, source, force=False, makedirs=False)
14:33 ggalvao If the source file exists on the system, copy it to the named file. The named file will not be overwritten if it already exists unless the force option is set to True.
14:33 cpowell ggalvao: file.copy appears to only copy files that are local on the minion
14:34 linjan joined #salt
14:34 cpowell if the source is salt://path to file, it says the source file is not present
14:34 ndrei joined #salt
14:35 rockey http://docs.saltstack.com/en/latest/ref/file_server/index.html
14:35 rockey stateless tho
14:35 cpowell right
14:35 rockey looks like you cant do exactly what you want
14:35 ggalvao cpowell, that sucks.
14:36 ggalvao you could, ultimately, write a custom module
14:36 jslatts joined #salt
14:36 cpowell I will look into it later. It seems like a pretty trivial thing
14:36 krissaxton joined #salt
14:36 tafa2 joined #salt
14:37 ggalvao guys, what is the best practice concerning dealing with the master?
14:37 ggalvao when I want to issue commands from the master it seems not to be a good thing logging into the master. How do you control the master?
14:38 tafa2 0o
14:38 * tafa2 is curious about that too
14:39 cpowell so the file.managed has a check_cmd feature, so I could test if the file exists and only run if it doens't. But its in 2014.7.0 :(
14:39 Supermathie cpowell ggalvao, file.managed with replace=False
14:40 cpowell Supermathie: Perfect!
14:40 CycloHex ggalvao, why would it not be a good idea to log in on the master?
14:40 ggalvao the master will be one of our servers, CycloHex
14:41 ggalvao is the salt usual practice logging onto the master?
14:41 rallytime joined #salt
14:41 faust joined #salt
14:41 CycloHex ggalvao: here, at my environment, we log in to the master-server using ssh... don't think it'll cause an problems.
14:41 ggalvao hm
14:41 ggalvao I see
14:42 CycloHex not sure... I do think it's ok to login to it
14:42 CycloHex how else would you be able to issue commands from there?
14:42 Supermathie yeah, other than 'holy crap access to the salt daemon means a LOT OF ACCESS to other systems' I'm not sure why you would be worried to log in to it?
14:42 ggalvao I thought that too. Some guys here at the team are anxious about it
14:42 ekristen joined #salt
14:42 CycloHex Supermathie, how to control master then?
14:42 Supermathie ggalvao, because they don't like command lines? make a web UI :)
14:42 ggalvao but yeah. to me it makes sense
14:42 ggalvao nah, they like the command line
14:42 ggalvao :p
14:43 ggalvao idiosyncrasies, I guess
14:43 trevorj ggalvao: just secure it well. Use two factor auth through SSH if you're that worried.
14:43 cpowell set up ssh keys, disable password auth, add whitelists to iptables..
14:43 cpowell you can go on
14:43 ggalvao yeah. i'll suggest that
14:43 ggalvao :)
14:43 ggalvao thanks for the feedback, guys
14:44 trevorj ggalvao: yubikeys work well for this purpose
14:44 trevorj ggalvao: IMO
14:44 ggalvao trevorj: ty! I'll look into it
14:46 xmj joined #salt
14:48 xmj joined #salt
14:48 StDiluted joined #salt
14:50 Ozack joined #salt
14:51 thedodd joined #salt
14:52 CycloHex anyone here experienced with jinja? I try to match a grain for a specific value, if a == 1 ;do this. elif a ==2; do that. endif this if-loop is nested in another if that checks if a != 15
14:52 conan_the_destro joined #salt
14:54 faust joined #salt
14:55 prosper_ joined #salt
14:55 dccc_ joined #salt
14:57 intellix joined #salt
14:57 Guest21569 joined #salt
14:57 totte joined #salt
14:57 jslatts joined #salt
14:58 ggalvao CycloHex: http://jinja.pocoo.org/docs/dev/templates/#list-of-builtin-tests
14:58 ggalvao check this
14:58 ggalvao {% if foo.expression is equalto 42 %}
14:58 ggalvao the foo attribute evaluates to the constant 42
14:58 ggalvao {% endif %}
14:58 claytron joined #salt
14:58 CycloHex I just found my mistake, thanks anyway, ggalvao
14:59 CycloHex I used a wrong syntax :d
14:59 CycloHex {% elif salt['grains.get']('git_code_clone') == '4' %}
14:59 CycloHex the '' around 4 shouldn't have been there
15:00 ggalvao oh :)
15:03 anotherZero joined #salt
15:08 SheetiS joined #salt
15:11 wendall911 joined #salt
15:13 linjan joined #salt
15:14 krissaxton joined #salt
15:16 bbradley has anyone successfully used the gpg renderer in salt?
15:16 bbradley there is a '-n' in front of my decrypted data.
15:16 mechanicalduck_ joined #salt
15:17 bbradley so plaintext: 'text'. decrypted plaintext: '-ntext'.
15:18 bbradley that could be something in the code intepreting a newline and converting '\' to '-'.
15:18 btorch left #salt
15:18 bbradley interpreting
15:22 hasues joined #salt
15:24 jeffspeff is anyone familiar with how pkg.install uses the package name and install_flags to install an MSI package on a windows minion?
15:24 MTecknology I'm not understanding what's breaking. I have a state http://dpaste.com/0X5MVR3, I get the error Name /srv/fritz/keys/9760 in sls sys.files.fritz is not a dictionary. I'm confused because... of course it's not a directory. It's a file that I want created that doesn't exist yet. The path leading up to it does exist. Any thoughts?
15:25 bezeee joined #salt
15:26 MTecknology oh, duh..
15:26 MTecknology directory != dictionary
15:26 jeffspeff from the cmd on a windows machine, i can execute "msiexec /quiet /lv c:\\install_osce.log /fav PAR_TrendMicro.msi" and it works fine. from salt, trying to use  "/quiet /lv c:\\install_osce.log /fav"  as the install flag and 'salt://win/repo/trendmicro/PAR_TrendMicro.msi' as the installer doesn't work
15:26 MTecknology I still don't get why it's not a dictionary, but at least I'm reading the issue correctly now
15:27 StDiluted ]\
15:27 MTecknology I had an extra hyphen... so list instead of dictionary
15:28 StDiluted oops, sorry, cat stepped on laptop
15:29 tafa2 So, im still pondering installing salt and had a question basically.... I have a lot of custom deployment scripts for fresh servers... I understand salt can do a lot package and service management out of the box, but how easy would it be to get the master to send over my bash script to multiple slaves and execute it?
15:29 StDiluted it’s very easy to do that
15:30 tafa2 exactly what I wanted to hear :)
15:30 StDiluted but it doesnt give salt a lot of control over the eventual state of the machine
15:30 Skos joined #salt
15:30 MTecknology It's as easy as letting your cat step on your laptop
15:30 mattmb joined #salt
15:30 tafa2 MTecknology lol
15:30 Skos joined #salt
15:30 tafa2 StDiluted I get that
15:30 Skos Hi
15:30 tafa2 but I thought I would make the transition slowly
15:30 StDiluted sure
15:30 StDiluted to do what you’re talking about you just need a cmd.script state
15:31 MTecknology Best thing you can do is migrate to salt states in the transition. :)
15:31 StDiluted yeah I definitely agree on that
15:31 StDiluted you can convert the script to salt states
15:31 tafa2 oho
15:31 tligda joined #salt
15:31 MTecknology I'm almost done migrating 180 unique servers from being managed by custom chaotic scripts across many systems to being managed by salt only.
15:32 tafa2 nice!
15:32 Skos I get lost... I forgot when state sls files are propagated from master to minions (to /var/cache/salt/minion/files/) when I call: salt '*' state.sls myState.sls
15:32 tafa2 so im assuming with salt in a called like install apache, I can do all the usual built in salt stuff but also my custom commands?
15:32 Skos I've changed a folder of my 'myState.sls' file, but on minion it can be seen still under an old name
15:33 MTecknology You'll need one salt to push files down (file.recurse) and then a state to run those scripts (cmd.run or cmd.script) that depends on the previous file state
15:33 jalbretsen joined #salt
15:33 tafa2 Can't do it in one state?
15:33 tafa2 Or command?
15:33 tafa2 grains, states - bit confusing at this point
15:34 StDiluted think of grains as facts about the server
15:34 MTecknology Wouldn't make sense. Give me a second to write something
15:34 StDiluted like, OS, amount of ram, etc
15:34 StDiluted pillars are variables
15:34 to_json joined #salt
15:34 StDiluted and states are the instructions for installing packages or running comands, or maintaining files, or editing config files, etfc
15:34 StDiluted etc*
15:35 tafa2 oh nice thats StDiluted
15:35 tafa2 *thanks
15:35 MTecknology ah, cmd.script I guess actuall downloads the file
15:35 StDiluted yep
15:36 tafa2 so pillars are variables that can be obtained from grains and what is required to correctly run ur states?
15:36 StDiluted no, pillars are separate from grains
15:36 StDiluted pillars are variables
15:36 StDiluted themselves
15:36 MTecknology I'd personally do something like this - http://dpaste.com/102TFPJ
15:36 MTecknology pillars are for things like passwords, keys, host specific data, etc.
15:37 tafa2 aaaaah
15:37 tafa2 ok
15:37 StDiluted grains are… facts. Like, ‘this server runs Debian’. Pillars contain information like… database addresses and usernames and passwords for that database
15:37 tafa2 cool
15:37 MTecknology On any minion,  salt-call grains.items  and  salt-call pillar.data
15:37 tafa2 MTecknology, you can source directly from the master?
15:38 MTecknology hm?
15:38 tafa2 -source: salt://path
15:38 StDiluted yes, you can pull files directly from the master
15:38 MTecknology yup, if path is in file_roots
15:38 tafa2 so you can dl things directly from the master?
15:38 tafa2 awesome!
15:38 tafa2 no more scping all over the place! nice!
15:38 vejdmn joined #salt
15:38 MTecknology The master needs to give the data to the minion, the minion can't grab whatever it wants
15:39 tyler-baker_ joined #salt
15:39 MTecknology in this case, that state makes sure anything in custom_sbin_scripts on the master is in /usr/local/sbin on the minion
15:39 Ahrotahntee Good morning everyone
15:39 tafa2 I thought it would be something along the lines, of writting a state that pushes the .sh file over and then runs it
15:39 tafa2 but thats even better
15:39 tafa2 MTecknology thats all contained in one state?
15:40 * tafa2 is the new n00b in town
15:40 MTecknology yup
15:40 tafa2 ooooh
15:40 tafa2 and can it output?
15:40 iggy I would definitely consider this a transitional kind of thing though
15:40 iggy it's not standard practice with salt
15:40 MTecknology In my example, one state pushes all files down, the other state executes one of those scripts, and that state depends on the state that gets file there finishing
15:41 tafa2 *can it output what the script is doing as well in real time?
15:41 steve1 joined #salt
15:41 MTecknology real time meaning?
15:41 StDiluted morning Ahro
15:41 MTecknology yes, you can get the output when salt finishes
15:41 tafa2 nice
15:42 MTecknology just start using it in a small lab
15:42 MTecknology You might be surprised how easy it is to convert your scripts to salt states.
15:42 tafa2 bash to salt state
15:42 tafa2 hmmm
15:43 tafa2 sed? awk? append lines to conf files? wipe? makepasswd all built in?
15:43 MTecknology file.sed
15:43 StDiluted hey iggy, regarding what you said to me yesterday about not upgrading a production machine (or rather it may have been murrdoc).. the system I’m currently fooling with is not production, though it will be soon.
15:43 MTecknology file.append
15:43 MTecknology file.absent
15:43 tafa2 0o
15:43 iggy a little of both
15:43 MTecknology tafa2: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html
15:43 tafa2 yeah I was just going to say
15:44 tafa2 probably time for me to read the docs
15:44 StDiluted there’s states for just about everything
15:44 iggy I think he was trying to impress upon me "common sense isn't all that common"
15:44 StDiluted iggy: ah. yes well, that’s definitely true
15:44 tafa2 thanks guys I really appreciate it
15:45 tafa2 oh
15:45 tafa2 one more thing
15:45 MTecknology I wonder how many states this one box is up to...
15:46 tafa2 so a lot of my scripts interface with an API, basic example is create the DNS entry for the hostname over with our DNS provider, can the master run scripts locally as part of the state?
15:47 iggy tafa2: if whatever service you are using standard (rfc 2136) dns updates... there's a state for that
15:47 n8n joined #salt
15:47 iggy if not, custom modules are pretty easy to write
15:47 tafa2 its basically a curl query
15:48 iggy or you can stick with the cmd.run route for things
15:48 StDiluted (assuming you know python) lol
15:48 tafa2 0o
15:48 tafa2 hmmm
15:48 StDiluted the cmd.run would be the minion running the command
15:48 iggy yeah, well, there's that
15:48 StDiluted not the master
15:48 tafa2 can I do cmd.run on the master?
15:48 n8n joined #salt
15:48 tafa2 dont want the API keys flying all over the place for our DNS servers
15:49 StDiluted you can use the salt reactor to cause the master to do things in reaction to things on the minion
15:49 tafa2 0o
15:49 * tafa2 takes notes
15:49 iggy I've assumed in orchestrate calls that the master can be called upon to do things
15:49 MTecknology tafa2: warning: the reactor system is scary until you get used to it
15:50 tafa2 StDiluted so like when state X is over run this API call to add the hostname to dns nice
15:50 StDiluted I havent gotten into the orchestrate calls yet, so yeah that’s not something I have played with yet
15:50 tafa2 hmmm
15:50 tafa2 ok
15:50 tafa2 time to get my hands dirty
15:50 tafa2 thanks gents :)
15:50 StDiluted tafa2: yes. that is definitely possible.
15:50 MTecknology salt is used to clean wounds
15:50 StDiluted i set up a reactor state to add a minion to monitoring once it has come up
15:51 MTecknology clean the wounds (disorganized and chaotic scripts) with salt!
15:51 GrueMaster joined #salt
15:51 tafa2 StDiluted exactly - my deployment script does that with statuscake for example
15:52 tafa2 and new relic agents actually...
15:52 tafa2 0o adding a repo and installing via pkg for newrelic would so easy with salt
15:52 * tafa2 likes
15:53 MTecknology Hm... there's an MD5 render thingy somewhere. I can't remember where or how to use it. I have a variable that I want printed as MD5. Anyone able to shed some knowledge my way?
15:54 n8n joined #salt
15:54 zooz joined #salt
15:54 zooz hi people
15:54 zooz is there a way to convert a float to an int inside jinja template?
15:54 stephanbuys1 joined #salt
15:55 zooz I have a line:
15:55 zooz ES_HEAP_SIZE={{ int((60 * grains['mem_total']) / 100) }}
15:55 zooz but int() function does not exist
15:56 trevorj zooz: try |int
15:57 troyready joined #salt
15:57 ajolo joined #salt
15:57 rallytime joined #salt
15:57 zooz trevorj, do you mean? ES_HEAP_SIZE={{ |int((60 * grains['mem_total']) / 100) }}
15:57 trevorj zooz: no, jinja templates can have modifiers that are accessed like a pipe
15:58 SheetiS zooz: (60 * grains['mem_total'] / 100)|int
15:58 zooz ah, let me try that
15:58 SheetiS something like that
15:58 trevorj zooz: SheetiS beat me to it, just like that ;)
15:58 SheetiS parentheses might mess it up a bit
15:58 eunuchsocket joined #salt
15:58 SheetiS but that's how jinja expects it
15:58 SheetiS you can also use // as your division operator
15:58 SheetiS and I think it returns int
15:59 trevorj That's a better way.
15:59 n8n joined #salt
15:59 zooz great, used // operator
15:59 zooz thanks
16:00 SheetiS http://jinja.pocoo.org/docs/dev/templates/ has some good jinja information that often helps in Salt, but is sometimes outside of the salt documentation scope.
16:01 GrueMaster Is there a BKM for getting Salt/Halite working through an Apache server?  I have multiple services that I need to run from a central system (each has their own http service).  We have Jenkins running fine, along with a few other tools.
16:01 ajolo_ joined #salt
16:03 UtahDave joined #salt
16:03 UtahDave left #salt
16:04 MTecknology There has to be some sort of md5 filter somewhere...
16:06 kivihtin joined #salt
16:06 perfectsine joined #salt
16:07 SheetiS GrueMaster: I'd imagine that you could just try a couple of proxypass lines (e.g. ProxyPass / http://localhost:<halite_port>/ and ProxyPassReverse / http://localhost:<halite_port>/) on a virtualhost in your apache config.
16:08 GrueMaster Ok, will experiment.  Thanks.
16:08 SheetiS As long as you don't need a prefix, I imagine it works automagically.  I haven't tried a prefix to see if it still works with one.
16:09 felskrone joined #salt
16:09 smcquay joined #salt
16:13 krissaxton joined #salt
16:13 murrdoc joined #salt
16:14 n8n joined #salt
16:16 MTecknology Okay... md5sum is available in a module... how do I get to it inside of the state? :S   https://github.com/saltstack/salt/blob/develop/salt/modules/hashutil.py#L40
16:19 MTecknology SHIT! I just realized that by not having a massive pile of if statements, all keys are getting down to every box. Damnit... I spent a long time trying to make things clean and pretty and now I can't do it.
16:19 SheetiS {% set md5sum = salt['hashutil.md5sum'](string) %}
16:20 krissaxton joined #salt
16:20 MTecknology SheetiS: You're idea works in some places, but in this case, although it makes for a very pretty and logical and easy to follow pillar, adds security concerns. Bummer. I really loved that idea.
16:20 MTecknology Also... Thanks! :D
16:21 MTecknology However, I just realized that, because states are rendered minion side, the plain text password will make it to the box as well.
16:21 desposo joined #salt
16:21 MTecknology I need two pillars, one with the giant plain text passwords that a special box here will have and another pillar with the hash values.
16:22 MTecknology So... I need to hash that data myself. :(
16:22 * MTecknology takes a break. :(
16:23 StDiluted what’s the best way to install the develop branch on a system that’s currently running the ubuntu packages of hydrogen
16:25 TheThing joined #salt
16:26 prosper_ joined #salt
16:26 murrdoc thats a good question
16:26 murrdoc virtual env ?
16:27 prosper_ joined #salt
16:28 spookah joined #salt
16:28 prosper_ joined #salt
16:29 aparsons joined #salt
16:29 SheetiS MTecknology: all might not be lost as pillar is generated on Master.  You could so some of your logic there.  I hate doing too much Jinja on pillar as your master(s) might hate you, but you could even run the md5sums there.
16:29 SheetiS Though that could again become computationally expensive.
16:30 rihannon joined #salt
16:31 giantlock joined #salt
16:33 prosper__ joined #salt
16:33 snuffeluffegus joined #salt
16:34 jslatts joined #salt
16:34 StDiluted murrdoc: not looking to run both at once, want to replace the existing hydrogen with the develop branch
16:34 possibilities joined #salt
16:34 StDiluted i suppose i could jsut bring up a new box
16:36 murrdoc oh
16:36 murrdoc make a package
16:36 murrdoc setup a local repo
16:36 murrdoc apt-get upgrade!
16:36 jonatas_oliveira joined #salt
16:36 murrdoc or <package_manager> upgrade
16:36 StDiluted hm
16:36 murrdoc or remind utah dave he needs to the ppa for nightly builds going
16:37 elfixit joined #salt
16:38 StDiluted lol, that would be nice
16:38 murrdoc it used to be there
16:38 murrdoc https://launchpad.net/~saltstack
16:38 jonatas__ joined #salt
16:39 prosper_ joined #salt
16:42 Eladner joined #salt
16:43 krissaxton joined #salt
16:43 Eladner Hello, all.
16:44 Eladner Quick salt question.   I'm using salt to coordinate running a sequence of jobs that runs on multiple computers (both Linux and Windows).
16:45 intellix joined #salt
16:45 Eladner I've noticed occasionally that long running jobs (> 2-3 hours) that produce large logs (>5-6mb) sometimes doesn't return the log to the master.   Is there a configuration issue or something else I should be looking at?
16:48 rdorgueil joined #salt
16:48 rdorgueil joined #salt
16:48 SheetiS Eladner: does it show up in the job list if you do a 'salt-run jobs.list_jobs'?  If so, you can lookup the JID listed there with 'salt-run jobs.lookup_jid <JID>' and possibly see your output.
16:48 SheetiS once it completes.
16:50 rap424 joined #salt
16:51 thedodd joined #salt
16:51 Eladner I'll have to check that.  One pain I've encountered is how to run a job, then find the job id of the job that just got launched, then monitor it's log.
16:52 SheetiS salt-run jobs.active should show active jobs.
16:53 Gareth morning morning
16:53 wnkz joined #salt
16:54 ggoZ joined #salt
16:54 mpanetta joined #salt
16:56 Eladner true..  even after salt returns, though, finding the last job becomes an exercise in grep/sed/awk to parse the job list.
16:56 Eladner if you launch a job async, is there an easier way to get the job_id from salt directly?
16:57 laxity joined #salt
16:57 SheetiS -v, --verbose from the cmd line on salt 'target' <action> says that it will provide the jid
17:00 krissaxton joined #salt
17:00 Eladner so...  jobid=$(salt --verbose --async pasmsw8dclad02 cmd.run "dir" | awk '{ print $NF }')
17:01 Eladner for example..
17:01 SheetiS Yeah that looks good
17:01 SheetiS Then you can do whatever you want with the jobid variable
17:01 madduck joined #salt
17:03 Eladner ok.. I'm re-running my job sequence again to see if it fails to return the output.  At that point, I can see if the job had any output returned from the minion.
17:03 hardwire joined #salt
17:03 bhosmer_ joined #salt
17:03 Eladner On a related note, is there a minion side log to check for issues/errors?
17:03 murrdoc yup
17:04 murrdoc its configured in /etc/salt/minion
17:04 Eladner ah.. minor detail I omitted..  minion in this case is a windows box.
17:04 murrdoc reboot the machine
17:05 murrdoc :)
17:05 SheetiS haha
17:05 Eladner lol
17:05 SheetiS Eladner: It should still be configurable in your minion's config file.
17:05 murrdoc there is an equivalent minion config for windows that specifies where the log is
17:05 ramishra joined #salt
17:05 Eladner I hear ya.  I feel like I should use hand santizer after working on a windows box.
17:06 Eladner understood.. I'll do some googling.  Not a windows guy by any stretch.
17:07 murrdoc http://docs.saltstack.com/en/latest/ref/configuration/minion.html
17:08 aparsons joined #salt
17:08 MTecknology SheetiS: How can I run the md5sum there?
17:08 cpowell joined #salt
17:09 johtso joined #salt
17:09 SheetiS {% set md5sum = salt['hashutil.md5sum'](string) %} <== This jinja should work from a pillar for any given 'string' variable.
17:10 wt joined #salt
17:10 SheetiS The command will be run from the master since it's in the pillar.
17:10 Eladner Gotcha.. thanks murrodc..
17:10 SheetiS Then you can do something like this: hash: {{ md5sum }}
17:10 SheetiS or whatever logic you need
17:11 johtso is there a nicer way to do something like this? {{ [salt['pillar.get']('hostname'), salt['pillar.get']('ec2_tags:name'), salt['pillar.get']('id')]|reject|first }}
17:11 johtso and is there a neat way to test evaluation of a bit of template, possibly from the command line?
17:12 chrisjones joined #salt
17:13 jeffspeff is there a way to push a configuration change to minions?
17:14 iggy jeffspeff: write a state and run a highstate on them?
17:14 SheetiS bbiab running to lunch.
17:15 to_json joined #salt
17:15 jeffspeff iggy, i'm extremely new at salt. if that's the method recommended, i'll do some reading on states and highstates
17:16 jeffspeff right now, i'm just tyring to use salt to manage applications on windows workstations remotely
17:17 Supermathie Eladner, I think the default log level on Windows is none
17:17 murrdoc its warning in the *nix yeah
17:18 MTecknology SheetiS: how do I keep a minion from seeing the value of string?
17:19 conan_the_destro joined #salt
17:20 Supermathie MTecknology, pull it from a web service rather than do it in the template? (also curious)
17:20 iggy jeffspeff: well, the state system is part of the core of salt, so you should have stumbled across some of it already (possibly unknowingly)
17:20 iggy how are you running salt now? What commands do you use on a regular basis?
17:21 perfectsine joined #salt
17:22 murrdoc1 joined #salt
17:22 MTecknology SheetiS: right now I'm picturing one pillar which is a dictionary of all passwords for all devices (since one particular server actually needs all of that plain text), and another pillar with a giant stack of if's for each individual host that has something like {% if grains['id'] == 'host' %}passwd: {% salt['hashutil.md5sum']('string_from_other_pillar') %} {% endif %}
17:22 murrdoc joined #salt
17:23 jeffspeff iggy, I've seen states mentioned quite a bit in the dogs. currently, i'm using "salt-run winrepo.genrepo" "salt '*' pkg.refresh_db " and "salt '*' pkg.install 'blah'" commands the most. also using grains to select particular systems
17:24 ggalvao joined #salt
17:24 perfectsine joined #salt
17:24 iggy okay
17:25 iggy that's a decent start and you can convert that into states pretty easy
17:25 linjan joined #salt
17:26 iggy the beauty of states is you set all this state as you go, then when you do things like add a host later, it automatically gets all that setup instead of you having to remember what all packages it's supposed to have
17:27 eunuchsocket has anyone written wrapper scripts around salt-run that make it easy to show the result of the last highstate (ie without looking up JID)?
17:27 StDiluted can someone explain to me what the external_auth stuff in this formula: https://github.com/saltstack-formulas/ec2-autoscale-reactor does?
17:28 bhosmer joined #salt
17:28 StDiluted I’ve looked up the docs for external_auth and it’s sort of unclear what the config does
17:29 StDiluted does that add a user for salt api called ‘myuser’?
17:29 StDiluted or is ‘myuser’ one taht exists on the system already, which gets auth’d by PAM?
17:30 iggy eunuchsocket: salt -v should show jid
17:31 eunuchsocket iggy: yeah but that's still a lot of typing or cutting pasting
17:31 jeffspeff iggy, so the minion will check in and see which states have been assigned to it and if it hasn't executed that state then it will go ahead and run it?
17:31 eunuchsocket iggy: it'd be nice if i could run "salt-last" and see the result of the last state run
17:32 iggy jeffspeff: that's what highstate does, yes
17:32 jeffspeff sweet
17:32 StDiluted jeffspeff: the minion doesnt check in, it’s more like, the master initiates a highstate run on the minion periodically, and the master checks the state of the minion to make sure it’s how it’s supposed to be, and if it’s not, it fixes it.
17:32 jeffspeff i've been wondering how to handle the scenario of certain minions not being online when i run a command
17:32 iggy so yeah, any time I spin up a new instance, the first 2 things it does is A. install salt-minion B. salt-call state.highstate
17:33 StDiluted yeah, make a state, and then call highstate via cron or wahtever, every so often
17:33 Ryan_Lane joined #salt
17:33 StDiluted then when the minion comes online, it gets the state applied
17:33 StDiluted iggy, are you familiar with the external_auth config in /etc/salt/master?
17:34 big_area joined #salt
17:34 jeffspeff ok, thanks. I'm reading http://docs.saltstack.com/en/latest/topics/tutorials/starting_states.html  i'm sure i'll probably have some syntax questions here shortly.
17:34 iggy might be interesting to add functionality to salt-minion to be able to run a highstate immediately upon (re-)conneciton to master
17:35 bezeee joined #salt
17:35 mikepea_ joined #salt
17:35 EWDurbin joined #salt
17:35 trevorj iggy: can do that with a reactor
17:36 iggy StDiluted: not really... there's only 2 of us here now, and we mostly trust each other... it's on the list though someday
17:36 StDiluted sort of like salt-cloud’s starting_states
17:36 iggy trevorj: good point
17:36 StDiluted iggy: ah. I’m setting up the ec2 reactor, and it looks like it needs some external_auth config
17:36 StDiluted for the API
17:36 StDiluted so I’m trying to figure that out
17:37 trevorj StDiluted: It just uses PAM
17:37 MTecknology hm.. What did I do wrong here? http://dpaste.com/0D2RS91   I'm sure it's silly, but I'm being blind..
17:37 MTecknology Should that be {{ }} ?
17:37 trevorj MTecknology: yes
17:38 StDiluted trevorj: I get that. my question is, is the user listed in the external_auth a user that is already on the system?
17:38 trevorj StDiluted: yes, to auth against pam it has a be a real user
17:38 StDiluted that’s what i figured. ok
17:38 StDiluted just the docs are rather sparse around that config
17:38 trevorj StDiluted: yeah, they are
17:39 MTecknology trevorj: thanks
17:40 trevorj MTecknology: anytime
17:40 MTecknology {% if center == '1220' %}emar_hash: {{ salt['hashutil.md5sum']('foobar') }} {% endif %}     Jinja variable 'dict object' has no attribute 'hashutil.md5sum'; line 24
17:40 MTecknology *grumble*
17:40 trevorj There's no salt module called hashutil.md5sum
17:41 murrdoc http://d35lb3dl296zwu.cloudfront.net/uploads/photo/image/18156/VRG_1112.jpg
17:41 trevorj s/module/function/
17:41 MTecknology md5_digest.. oops   https://github.com/saltstack/salt/blob/develop/salt/modules/hashutil.py#L40
17:41 trevorj It's md5_digest
17:41 trevorj Yeah
17:41 iggy StDiluted: that seems odd... external_auth is to allow system users to run salt calls on minions
17:41 murrdoc salt sys.doc module for the win
17:41 MTecknology I feel like I need to take a break and start using my noggin a bit more.
17:42 MTecknology trevorj: thanks again :)
17:42 smcquay so salt versioning. 2014 is year, what is 1 and 11?
17:42 babilen month
17:43 babilen (and point release)
17:43 iggy specifically month of tagging the release
17:43 smcquay but we're neither in january nor november. is this salt from the future?
17:43 mpanetta_ joined #salt
17:43 smcquay oh, I see. so that's why it's still january?
17:43 iggy it goes through testing after the tag and then gets release after the tests pass
17:43 babilen smcquay: http://docs.saltstack.com/en/latest/topics/releases/version_numbers.html + http://www.saltstack.com/salt-blog/2013/10/27/salt-version-numbers
17:44 MTecknology firefox is at version, what, 1541356623?
17:44 smcquay ah, there's the docs I was looking for. thanks!
17:44 babilen yw
17:44 MTecknology trevorj: Yay!  Jinja variable 'dict object' has no attribute 'hashutil.md5_digest'; line 24
17:44 MTecknology I bet I know why....
17:45 MTecknology I wonder if 2014.1.10 doesn't have that in it yet
17:45 dgarstang joined #salt
17:46 MTecknology nope.. bummer :(
17:46 trevorj MTecknology: throw it in _modules
17:46 MTecknology ah, ya, I suppose it only needs to be on the master :)
17:46 dgarstang So... I may have the opportunity to switch from Chef to salt soon. Wondering if salt has as good a community of s/cookbooks/salt term for modules/ as chef?
17:47 blackhelmet joined #salt
17:47 iggy dgarstang: github.com/salt-formulas
17:47 iggy aside from the pretty impressive list of built in state modules
17:47 babilen dgarstang: https://github.com/saltstack-formulas (working on it)
17:47 dgarstang iggy: 404
17:47 iggy what babilen said
17:47 * iggy always forgets the "stack"
17:48 trevorj dgarstang: I wish I could say Salt formulae are equivalent at this point in time
17:48 dgarstang so...
17:48 dgarstang what I like about chef (and there's plenty of things I don't like) is that I can go welch other people's cookbooks and build up a system stack very quickly without having to write any code.
17:48 iggy yeah, "as good as" is subjective
17:49 dgarstang true
17:49 iggy salt is a younger project, so it's not going to have all the corner cases covered like puppet/chef
17:49 luminous you have to learn and code any CMS you use
17:49 dgarstang poo.
17:49 trevorj dgarstang: Salt's public formulae selection is pretty early compared to Chef's cookbook selection
17:49 trevorj dgarstang: With time it will get there.
17:49 luminous you have a lot of flexibility with what you do
17:49 iggy but at $new_job, we've only had to write 2 custom formulas (and minorly edited about 5 others)
17:50 dgarstang luminous: the plan is for me to write as little code as possible. it's not efficient use of my time to write code.
17:50 * geekatcmu has yet to encounter a CM where I didn't end up extending it.  It's part of the job.
17:50 trevorj geekatcmu: agreed
17:50 luminous you have to express your needs..
17:50 luminous you can't get around that
17:50 geekatcmu Yep
17:50 babilen dgarstang: http://docs.saltstack.com/en/latest/ref/modules/all/index.html + http://docs.saltstack.com/en/latest/ref/states/all/index.html
17:50 hybridpollo joined #salt
17:50 dgarstang geekatcmu: had to write very little code with chef, certainly from a systems perspective. the core application of course
17:51 luminous what you are talking about is cohesion and interoperability between modules in the ecosystem
17:51 iggy you could setup a pretty simple mean/lamp/etc stack with minimal code
17:51 trevorj dgarstang: with salt you don't generally write code, you just write yaml rules
17:51 geekatcmu "Yay, new CM+Cloud will make all sysadmins irrelvant!"  Right up until the "dev" part of devops realizes *they* will have to write all the required support.
17:51 iggy it's mostly when you starting going beyond all the basics
17:51 luminous dgarstang: LAMP means something very different from shop to shop
17:51 geekatcmu Yes, ye sit does.
17:52 geekatcmu single-host lamp stack is irrelevant for anything but the most trivial development efforts.
17:52 dgarstang yet to work for a LAMP company
17:52 geekatcmu I've never worked for a LAMP company, but I've dealt with plenty of LAMP stacks.
17:52 giantlock joined #salt
17:53 geekatcmu And if your LAMP stack isn't single-host, setting it up (the first time) is non-trivial regardless of your CM
17:53 dgarstang but even from systems perspective, trivial case.. the sudo cookbook for chef, lets you template who has sudo on what systems based on environnment, qa, prod etc.
17:54 luminous dgarstang: use https://duckduckgo.com/?q=!gh+salt+formula+sudo
17:54 dgarstang i just don't want to look at runy anymore. :(
17:54 luminous see what you find :)
17:54 dgarstang ok. what about forumula dependancies?
17:54 geekatcmu Hire someone else to do it.
17:54 geekatcmu Or mann up.
17:55 geekatcmu I don't want to clean dog crap out of the yard, but it's me or pay someone else to do it.
17:55 murrdoc save https://launchpad.net/~saltstack/+archive/ubuntu/salt-daily
17:55 murrdoc :)
17:55 murrdoc would it be appropriate to make an issue for this.
17:57 druonysus joined #salt
17:58 jaimed joined #salt
18:00 aparsons_ joined #salt
18:02 StDiluted hmmm, brand new box with Ubuntu 14.04, salt 2014.7.rc2, and some configuration set up doesn’t want to start up after reboot. Can’t SSH in. weird.
18:02 n8n joined #salt
18:03 n8n joined #salt
18:04 viq joined #salt
18:04 rdorgueil joined #salt
18:04 n8n joined #salt
18:05 StDiluted wtf
18:06 Eladner StDiluted: dumb question, but did you install openssh_client?
18:07 n8n_ joined #salt
18:08 rallytim_ joined #salt
18:08 luminous dgarstang: I agree with geekatcmu's last few messages
18:08 Glen_ joined #salt
18:09 jalaziz joined #salt
18:12 n8n joined #salt
18:13 kermit joined #salt
18:13 to_json joined #salt
18:13 StDiluted Eladner: haha yes. It’s AWS, so it’s there by default.
18:15 StDiluted maybe I am runnign into a bug in the RC?
18:15 StDiluted Fresh 14.04 AWS instance. Ran the salt-bootstrap shell script. It installed. service salt-master stop, and it’s just hanging there
18:16 StDiluted whoa
18:17 StDiluted xen:balloon: reserve_additional_memory: add_memory() failed: -17
18:17 StDiluted what is the RAM requirement for rc2?
18:18 joeyparsons joined #salt
18:19 StDiluted hm, wtf
18:19 StDiluted won’t start the salt-master
18:19 MTecknology I just found a bit of a security problem in salt. I can't create an issue out of it because our entire network is currently in a destroyed state.
18:19 MTecknology Lovely.
18:20 StDiluted what’s up MT
18:20 luminous what does destroyed mean?
18:20 Ahrotahntee it means there was nothing left to bury
18:22 bgdnlp joined #salt
18:22 giannello joined #salt
18:23 jcockhren seriously MTecknology? damn
18:23 ajolo joined #salt
18:24 Eladner StDiluted: what version of Xen?
18:24 StDiluted Eladner: wahtever AWS is using
18:24 bgdnlp hi. I'm running salt masterless on a server by calling 'salt-stack --local' from cron. Is there a simple/standard way to determine if salt changed anything or not? I want to email the output if something was changed, but be silent otherwise
18:25 utahcon I run a command, then I run "echo $?" and get a 1 == that is false, right? I should be able to an unless on that command and it would run, right?
18:25 spiette joined #salt
18:25 murrdoc smpt returner http://docs.saltstack.com/en/latest/ref/returners/all/salt.returners.smtp_return.html
18:25 bgdnlp 1 is false, yes
18:25 utahcon ok
18:26 babilen MTecknology: Please elaborate
18:26 StDiluted I wonder if this is an AWS problem I’m seeing
18:27 liquidstone joined #salt
18:27 jcockhren AWS is rebooting all their things
18:27 troyready joined #salt
18:27 rypeck I'm on salt version 2014.1.10 - I'm trying to use the pillar.get function as specified here - http://docs.saltstack.com/en/latest/topics/pillar/#pillar-get-function in the following salt state - https://gist.github.com/RyPeck/00a998f379e907750145 - Can the templating engine handle variables in the get function?
18:27 babilen StDiluted: Amazon are maybe still busy with XSA-108 (am waiting patiently like the rest of us mere mortals)
18:27 bgdnlp murrdoc: that is not for me, is it? because I'm not sure how I would use that
18:27 StDiluted babilen: a brand new instance i brought up is failing to allocate memory
18:27 funzo joined #salt
18:28 vejdmn joined #salt
18:28 babilen StDiluted: Sounds like Amazon are having problems rather than anything that could be contributed to what you did, doesn't it?
18:28 Ryan_Lane please don't elaborate on security issues in the IRC channel :)
18:28 aparsons joined #salt
18:28 Ryan_Lane http://docs.saltstack.com/en/latest/security/index.html
18:29 Ryan_Lane ^^ report that way, please
18:29 rallytime joined #salt
18:29 babilen Right, sorry for not making the "Please make sure you don't break it for all of us" obvious.
18:29 Ryan_Lane unless you want the script kiddies to win
18:29 Ryan_Lane also, please don't create a public github issue forit
18:30 Ryan_Lane because that's the same as disclosing in IRC :)
18:30 murrdoc listen to the man, he maketh the sense
18:30 Ryan_Lane MTecknology: ^^
18:30 murrdoc bgdnlp:  you could, make the salt runs use a returner like smpt_returner and add more logic in it to check for success/failure and email if necessary
18:31 murrdoc its probably overkill
18:31 murrdoc but u could do that
18:31 babilen rypeck: Yes, but not like that
18:31 rypeck babilen: I was wondering if I was doing it wrong - care to steer me in the right direction?
18:32 babilen rypeck: Use something along the lines of: {% set value = salt['pillar.get']('pillar_name:%s'|format(var), default %}
18:32 gmcwhistler joined #salt
18:32 babilen rypeck: Let me double check that with the jinja templating guidelines  -- http://jinja.pocoo.org/docs/dev/templates/
18:32 bgdnlp murrdoc: I could redirect the output and do it in a shell script, problem is, it reports success/failure, but doesn't report number of actual changes. I get the same success failure report, changes or not
18:32 babilen rypeck: http://jinja.pocoo.org/docs/dev/templates/#format
18:32 utahcon so now I have run my state, and the test command now returns a 0, but the unless is still firing :|
18:32 rypeck babilen: what do you call the two different delimiters in jinja?
18:33 rypeck do {% and {{ have names?
18:33 babilen rypeck: I lovingly call them George and Hannibal
18:33 utahcon {% is called "curly bracket percent"
18:33 murrdoc bgdnlp:  http://docs.saltstack.com/en/latest/ref/states/failhard.html maybe
18:33 utahcon or "mustache percent"
18:33 rypeck babilen: So I can feed format variable names?
18:33 utahcon {{ is "double stash"
18:34 rypeck haha really?
18:34 murrdoc log{
18:34 murrdoc no ?
18:34 babilen rypeck: "feed format" ?
18:34 druonysuse joined #salt
18:34 druonysuse joined #salt
18:34 utahcon that is what I call them... as of when you asked the question
18:34 ipmb joined #salt
18:34 utahcon so why is my unless firing on both 0 and 1?
18:34 utahcon I am confused
18:35 bgdnlp maybe pastebin the whole thing?
18:36 rypeck babilen: thanks
18:36 utahcon I am
18:36 bgdnlp murrdoc: thanks, but that's only on failure. I want to know if it changed something, succesfully or not. as in, if a file changed and salt updated it, that is not a failure, but I want to know about it. If it didn't change, salt still says it was succesful
18:36 babilen rypeck: You are welcome :)
18:36 murrdoc the state was successful
18:37 murrdoc i think the comment field of the job output will show what it did
18:37 murrdoc so you could technically iterate the job json that is returned
18:37 murrdoc and get the information you need and log that as needed
18:37 bgdnlp I was afraid of that :)
18:38 murrdoc u could also do that in bash
18:38 murrdoc with http://docs.saltstack.com/en/latest/ref/output/all/salt.output.txt.html#module-salt.output.txt
18:38 bgdnlp but.. json? how do I get json out of it? I only see the human readible format
18:39 murrdoc http://docs.saltstack.com/en/latest/ref/output/all/salt.output.json_out.html#module-salt.output.json_out
18:39 bhosmer joined #salt
18:39 murrdoc + http://stedolan.github.io/jq/
18:39 murrdoc + bash == win
18:40 KyleG joined #salt
18:40 KyleG joined #salt
18:40 StDiluted ok, seriously, wth is going on here. bring up a new c3.large, and all i get is xen errors about allocating memory in the log, meanwhile there are 3.4G free.
18:40 StDiluted can’t stop or start salt-master
18:40 bgdnlp murrdoc: great., thank you, didn't know about that. I think you put me on the right track
18:41 trevorj StDiluted: Was it you that was getting salt-bootstrap hanging on service stop?
18:41 thedodd joined #salt
18:41 StDiluted trevorj: yes
18:41 trevorj StDiluted: I had that issue before, it's a bug in the bootstrap script
18:41 trevorj StDiluted: Latest version fixes it
18:41 StDiluted thought i was using the latest
18:41 StDiluted i was jsut trying salt-master stop
18:41 StDiluted or salt-master start
18:41 StDiluted well, service salt-master stop
18:41 trevorj StDiluted: yeah, it hangs to even run 'stop salt-master'
18:42 StDiluted and service salt-master start
18:42 StDiluted hm ok
18:42 trevorj StDiluted: I looked into it and figured out why it was happenning
18:42 GrueMaster left #salt
18:42 trevorj StDiluted: but, it's been a minute, I don't remember exacty why anymore
18:42 babilen murrdoc: ah, jq looks quite useful
18:42 to_json joined #salt
18:42 StDiluted jq is great
18:42 prosper_ joined #salt
18:43 StDiluted trevorj: something in the init script I’m guessing?
18:43 utahcon OK, here we go
18:43 utahcon http://pastie.org/9608075
18:44 trevorj StDiluted: multiple salt-minions were started on one box
18:44 utahcon well, that onlyif should be an unless...
18:44 trevorj StDiluted: and/or masters
18:44 prosper_ joined #salt
18:44 StDiluted utahcon, yeah I as gonna say, unless, not onlyif
18:45 StDiluted trevorj: yeah, there are a ton of salt-master processes started
18:45 trevorj StDiluted: well that's normal as salt master uses multiprocessing
18:46 StDiluted yeah, i knew that, so that’s why iwasn’t too worried
18:46 trevorj StDiluted: but, when I had the bug, pstree showed master proces running that were not spawned as a part of the running master
18:46 trevorj StDiluted: ie, a zombie master
18:46 mpanetta_ damn zombies are everywhere
18:47 trevorj git the shotgun jimmy
18:47 SheetiS Salt-zombies... That sounds like fun.
18:47 mpanetta would killall be the equivalent of a shotgun in unix parlance? heh
18:47 StDiluted lemme bring it back up and see if that’s what is going on
18:47 StDiluted what was the fix, trevor? which salt bootestrap should i use
18:48 trevorj StDiluted: use latest from bootstrap.saltstack.org
18:48 trevorj StDiluted: stop all salt processes, verify they are all stopped, then run the bootstrap
18:48 trevorj StDiluted: by verify I mean with ps
18:50 wt joined #salt
18:50 utahcon StDiluted: changed the onlyif to unless and it gets skipped (the output of the test is 1) http://pastie.org/9608084
18:51 vu joined #salt
18:51 utahcon with my manual test after the failure of unless: http://pastie.org/9608086
18:52 utahcon cmd.run only runs if everything in unless is false... right?
18:52 utahcon seems buggered up
18:53 StDiluted no, it runs the command if unless returns true
18:53 diegows joined #salt
18:53 StDiluted I’m not sure it’s runnign it the second time, are you?
18:54 prosper_ joined #salt
18:54 MTecknology Heh.. I just realized I can create a dictionary object with jinja and then look up the value. That would be much cleaner than 178 if's
18:54 StDiluted I think it’s telling you there, that the unless execution was successful, and that it didn’t re-run the command
18:55 StDiluted trevorj: i thought i was using the latest from bootstrap.saltstack.org
18:55 bgdnlp "only run the named command if the command passed to the unless option returns false"
18:55 SheetiS MTecknology: indeed.  dictionary.update() can be your friend :D
18:55 bgdnlp that's unless
18:55 StDiluted i just followed the instructions here: http://docs.saltstack.com/en/latest/topics/releases/releasecandidate.html
18:55 SheetiS and false should be an exit code of 1
18:55 wallmani left #salt
18:55 SheetiS when talking about cmd.run
18:56 StDiluted ah, sorry, i confused myself
18:56 babilen MTecknology: I do that in python typically, mind pasting your solution in jinja?
18:56 favadi joined #salt
18:57 MTecknology babilen: will do once I test it
18:58 jhauser joined #salt
18:59 StDiluted trevorj: all the processes called salt-master are showing up in the same process tree
18:59 trevorj StDiluted: 'stop salt-master' hangs right
18:59 StDiluted yeah
19:00 trevorj StDiluted: if you look in the master log, is it giving you an error
19:00 trevorj StDiluted: Mine was, something about os.fork iirc
19:01 StDiluted https://gist.github.com/dginther/6277b56ac3b4df503c4f
19:01 utahcon bgdnlp: so if I run the command on the cli and then immediately following run "echo $?" and that is a 1, then the cmd.run in my unless _should_ run, right?
19:02 bgdnlp yes. are you sure you have the brick name right?
19:02 jalaziz joined #salt
19:02 babilen MTecknology: ta
19:03 kballou joined #salt
19:03 utahcon "Comment: unless execution succeeded" << cmd.run should run, or no?
19:03 bgdnlp utahcon: I'd replace all variable things with actual names and see if it runs fine like that
19:03 utahcon bgdnlp: fair enough
19:03 to_json joined #salt
19:04 MTecknology babilen: SheetiS: http://dpaste.com/2QRKYKS
19:05 murrdoc joined #salt
19:05 MTecknology The new version seems to work perfect and is MUCH cleaner and prettier (in my opinion)
19:05 bgdnlp also, there was a way to run only a certain sls using 'salt-call --local'... maybe I can find it again
19:06 murrdoc salt-call —local sys.dod state
19:06 murrdoc :D
19:06 murrdoc salt-call —local state.sls path/to/state
19:06 murrdoc i meant sys.doc
19:06 SheetiS MTecknology: I like that a lot better than a ton of if statements.  I try and avoid that whenever possible.
19:06 utahcon <facepalm> problem is a salt version issue... 2014.1.10 does support a list of unless apparently
19:06 utahcon single unless only
19:07 MTecknology It'd be nice if I could actually just load a different pillar file as a variable but not actually have it as a pillar var.  Something like this would kick butt. http://dpaste.com/3YGDZ66
19:07 babilen MTecknology: yeah, agree. been doing this in python (as I needed more logic in places), but you can naturally do it directly in jinja.
19:07 SheetiS If you happen to like yaml for whatever reason, you can also {% load_yaml as emar_keys %}<yaml of your dict>{% endload %}
19:08 MTecknology In this case, yaml and python are pretty much the same
19:09 SheetiS yeah since it is fairly simple
19:09 SheetiS nested dicts is where yaml might pay off
19:09 MTecknology Did you take a look at the example of what would make me really really happy?
19:09 feth 9/win 84
19:10 MTecknology I'm thinking of creating an issue for it as a wish list that will probably never be closed since it's probably only me interested in it and I don't want to do it. I don't want to make clutter, though.
19:10 jcockhren lol "clutter"
19:10 jcockhren very thoughtful this MTecknology guy
19:10 jcockhren ;)
19:11 MTecknology My issues have been decent so far, no?
19:11 SheetiS MTecknology: can't you do {% from 'whatever.sls' import <variable> [with context] %}?
19:11 SheetiS wouldn't that get you where you want to be?
19:11 giannello joined #salt
19:11 MTecknology uhm... it might. I've never seen this before
19:11 SheetiS you can import macros that way which get you jinja blocks if needed
19:12 SheetiS http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html#include-and-import <== I am not sure this is well-supported in pillars though.
19:13 MTecknology What's '[with context]'?
19:14 smcquay joined #salt
19:14 MTecknology oh, I think I get it. Still confused a bit, but I think I get it (and probably don't need it)
19:15 SheetiS The documentation words it like this: "In the case that the included file performs checks again grains, or something else that requires context, passing the context into the included file is required:"
19:16 floWenoL_ "Unable to determine upstream hash of source file" cant i omit the hash?
19:17 StDiluted floWenoL_: no, upstream hash is required
19:17 floWenoL_ even if the file comes from the local filesystem
19:17 StDiluted best way around it is to use a separate cmd.run to curl the file down
19:17 StDiluted oh
19:17 floWenoL_ or i cat do that
19:17 StDiluted you can
19:17 StDiluted hash not required for a salt://
19:17 floWenoL_ its not salt://
19:18 floWenoL_ its local fs of the minion
19:18 floWenoL_ ssl certs i dont want to have them on the master
19:18 floWenoL_ those i want to be required to copy them manually
19:18 floWenoL_ into the server
19:19 floWenoL_ but i want to automate the copy process into the right places
19:19 Supermathie floWenoL_, alternatively, stage the encrypted copy on the master, copy it to the client, require intervention to decrypt
19:19 StDiluted oh, yeah, i see. so where are you copying from
19:19 MTecknology SheetiS: TemplateNotFound: emar_keys.sls  Apparently I need to specify the whole path. I was assuming relative.
19:19 vejdmn joined #salt
19:19 floWenoL_ StDiluted: something like - source: /root/file goes here
19:20 totte joined #salt
19:20 StDiluted ohh, yeah, i dont think you can do that
19:20 SheetiS MTecknology: it should be relative to the pillar root
19:20 totte joined #salt
19:20 SheetiS if in a pillar
19:20 MTecknology SheetiS: do what?
19:20 floWenoL_ StDiluted: i can with an extra state :P a cmd.run to copy with cp and a managed state to enforce perms
19:20 SheetiS so if it is in /srv/pillar/foo/emar_keys.sls i believe you import 'foo/emar_keys.sls'
19:21 SheetiS assuming /srv/pillar as a pillar root
19:21 MTecknology SheetiS: I mean sys.centers.emar_keys.sls ..or sys/centers/emar_keys.sls  instead of just emar_keys.sls
19:21 MTecknology that is indeed the pillar root
19:21 SheetiS yeah you have it right
19:21 StDiluted floWenoL_: yeah I guess you could try that
19:21 MTecknology ah, I meant full path as in relative from root of pillar, my miswording
19:23 StDiluted floWenoL_: i just meant that the - source: statement can’t refer to a local filesystem on the minion, I don’t think
19:23 UtahDave joined #salt
19:23 * MTecknology crosses fingers
19:23 UtahDave left #salt
19:23 bhosmer joined #salt
19:23 MTecknology Dangit!
19:23 MTecknology Jinja variable the template 'sys/centers/emar_keys.sls' (imported on line 5) does not export the requested name 'emar_keys'; line 7
19:24 SheetiS It's looking for a {% set variable %}
19:24 luminous MTecknology:  RE loading pillar in more flexible ways, I recommend a serious look at reclass. It'll likely make your life a lot easier
19:24 glyf joined #salt
19:26 MTecknology SheetiS: oh... so in the pillar I'm loading, I'll need to {% set emar_keys = { long_list_of_keys } %} \n emar_keys: {{ emar_keys }}
19:26 MTecknology luminous: I'll take a look at it
19:26 SheetiS MTecknology: you could also wrap the portion of the pillar you want to share as a macro
19:27 vejdmn joined #salt
19:27 SheetiS I've not messed with reclass
19:27 SheetiS but I've heard good things.
19:28 MTecknology I've never messed with any of this
19:28 MTecknology SheetiS: the last thing I mentioned seems to be working perfect. :D
19:28 SheetiS good deal
19:29 MTecknology now... is that the best way?
19:29 MTecknology Lemme share both sls files I have... second here
19:29 vejdmn joined #salt
19:31 MTecknology Here we are.. http://dpaste.com/0XVEJXT
19:31 SheetiS MTecknology: that looks so much cleaner than 18723812831 IF statements :D
19:32 hjubal joined #salt
19:32 MTecknology and I keep the actual passwords out of that file so an error keeps passwords from being spit out.
19:32 hjubal joined #salt
19:32 MTecknology like this..
19:32 MTecknology http://dpaste.com/0D2RS91
19:32 jergerber joined #salt
19:33 Supermathie Do state templates get processed on the master or minion?
19:33 SheetiS states on minion
19:33 MTecknology SheetiS: I can safely say this now... You lead me down a rabbit hole of headaches. On the other side has emerged a lovely pile of sexy and awesome. THANKS!!! :D
19:33 MTecknology states on the minios; pillar on the master
19:34 SheetiS I always think a little pain in the short-term for a better long-term solution can be a good thing.  I'm glad you have ended somewhere you are happy with. :)
19:34 * MTecknology hugs all those that have suffered him these last few days.
19:34 Supermathie MTecknology, so how does the state file you pasted keep the knowledge of the secret on the master?
19:35 Supermathie I've missed a bunch
19:35 MTecknology Supermathie: those are pillars, not states
19:35 jalaziz joined #salt
19:35 Supermathie ah I saw .sls and assumed states. Haven't gone into pillars yet
19:38 Supermathie Hey, would people like to see a saltstack-users Discourse instance?
19:38 Vye basepi, In regards to #16233, is that discussion something that happens after 2014.7 is released? I planned on contributing this feature, but want it to be acceptable.
19:39 basepi Vye: Nah, it's just a discussion for a day when I'm working in office, rather than from home. If I don't get back to you in a couple of days, ping me.  =)
19:40 Vye basepi, sweet. I wasn't sure what timeline to expect. Will do. Thanks.
19:40 SheetiS MTecknology: are the mds pretty quick on that?  I would think they are since it only calculates the appropriate md5 per minion.
19:41 MTecknology SheetiS: I really have no clue, but I would assume the same based on exactly what you said.
19:42 MTecknology Even if it had to calculate them all, I imagine I wouldn't be able to measure the extra time
19:42 KennethWilke joined #salt
19:43 hasues joined #salt
19:45 thayne joined #salt
19:48 StDiluted trevorj: sigh. latest bootstrap is hanging at install_ubuntu_restart_daemons
19:50 mechanicalduck joined #salt
19:50 trevorj StDiluted: lemme guess, stop salt-master also hangs
19:50 StDiluted dunno yet
19:51 StDiluted it hasn’t finished bootstrapping
19:51 trevorj StDiluted: it never will if it's hung
19:51 StDiluted sigh
19:53 StDiluted well, it seems the bootstrap is f’ed for ubuntu
19:53 StDiluted not sure how I’m supposed to test the RC, i guess I’ll install it from scratch
19:54 trevorj StDiluted: did you check what I asked before?
19:54 aparsons joined #salt
19:54 StDiluted only error i had was: https://gist.github.com/dginther/6277b56ac3b4df503c4f
19:54 trevorj StDiluted: ah, if you mean to paste me something, make sure you prefix with my name
19:55 trevorj StDiluted: otherwise I won't notice it
19:55 StDiluted ok, sorry
19:55 trevorj StDiluted: Yeah, that's the error I had
19:57 trevorj StDiluted: Did you just add the salt-api stuff into your master config
19:57 trevorj StDiluted: here's what's going on I think I remember now
19:57 StDiluted no, this is a fresh install, no api stuff
19:57 trevorj StDiluted: if you run salt-api, it errors out correctly?
19:57 trevorj StDiluted: correct*
19:57 StDiluted yes
19:58 thedodd joined #salt
19:58 trevorj StDiluted: add a rest_* section to your master config file
19:58 StDiluted but this is before i even was trying to run api
19:58 bezeee joined #salt
19:58 StDiluted I’ll try
19:58 trevorj StDiluted: yeah, I know, it's stupid
19:58 StDiluted hm, ok
20:01 aparsons_ joined #salt
20:04 druonysuse joined #salt
20:04 ggalvao anyone had this kind of problem on debian?
20:04 ggalvao The following packages have unmet dependencies:
20:04 ggalvao salt-minion : Depends: salt-common (= 2014.1.10+ds-1~bpo60+1) but it is not going to be installed
20:04 ggalvao Depends: python-zmq (>= 13.1.0) but it is not going to be installed
20:04 ggalvao E: Unable to correct problems, you have held broken packages.
20:04 StDiluted trvorj: better. [ERROR   ] Not starting 'salt.loaded.int.netapi.rest_cherrypy'. Options 'ssl_crt' and 'ssl_key' are required if SSL is not disabled.
20:04 jcockhren ggalvao: totally had that
20:04 ggalvao in a clean deb install it worked out of the box
20:04 ggalvao but on another machine it is giving me this
20:04 trevorj StDiluted: haha, yeah, disable ssl now
20:04 ggalvao I don't understand "it is not going to be installed"
20:04 trevorj StDiluted: or preferably enable it
20:05 jcockhren yeah. for me I was upgrading salt
20:05 Prime_ joined #salt
20:05 jcockhren after a while, a abandoned that system packaging and started using pip
20:05 jcockhren s/a/I/
20:05 zooz joined #salt
20:05 ggalvao so you basically didn't solve that apt-get problem? :D
20:06 ggalvao hehe
20:09 trevorj ggalvao: this is happenning because a package is blocking an installation of a dependency
20:09 trevorj ggalvao: "is not going to be installed" means that it's being blocked
20:10 Supermathie ggalvao, "E: Unable to correct problems, you have held broken packages."
20:10 Supermathie sounds like a pinned package yeah
20:10 ggalvao I'll look deeper onto the apt-get logs, I guess
20:10 ggalvao into*
20:10 timcharper joined #salt
20:10 ggalvao thanks, guys
20:11 babilen ggalvao: Please paste the output of "apt-cache policy salt-common python-zmq" and your entire command and output on http://paste.debian.net
20:11 timcharper has anybody seen a salt-master runaway process issue? I just upgraded to overcome a salt-cloud map bug, and now whenever a new instance connects to my master, the master spins forever
20:11 * babilen guesses you forgot a "-t wheezy-backports"
20:11 Supermathie ggalvao, apt-mark showhold
20:12 ggalvao Supermathie: returns nothing
20:12 possibilities joined #salt
20:12 ggalvao babilen: will do
20:13 ggalvao babilen: http://paste.debian.net/123879/
20:13 timcharper using 2014.1.10-1precise1
20:13 hjubal left #salt
20:13 babilen ggalvao: You sure you are on squeeze? Which command did you use for installing?
20:14 ggalvao babilen: http://paste.debian.net/123880/
20:15 Supermathie ggalvao, 7.6 == wheezy
20:15 babilen ggalvao: Okay, first and foremost: You are on wheezy so you want to use "deb http://debian.saltstack.com/debian wheezy-saltstack main" as documented on http://docs.saltstack.com/en/latest/topics/installation/debian.html#wheezy-stable
20:15 ggalvao O_O
20:15 ggalvao damn
20:15 ggalvao lack of attention here
20:15 Supermathie ggalvao, Is it plugged in? :D
20:15 ggalvao haha
20:16 ggalvao I switched something on my fabric script
20:16 babilen ggalvao: Secondly you have to tell apt-get to prioritise packages from wheezy-backports higher than those from wheeze so you have to use "apt-get -t wheezy-backports install salt-minion"
20:16 ggalvao I made some fabfiles to automate this installation
20:16 ggalvao babilen: thanks, that is not documented, though!
20:18 babilen ggalvao: It's how backports work on Debian (the python-zmq package would otherwise not be pulled in from there) -- aptitude would eventually offer it as a suggestion though
20:19 ggalvao yup
20:19 ggalvao I am gonna rerun my fab script on docker here
20:19 ggalvao it should probably run clean
20:19 ggalvao refactoring stuff made me switch stuff around
20:19 ggalvao sorry about that, guys :~
20:19 ggalvao wasting your time on this lol
20:21 ggalvao it worked cleanly now. thanks, guys
20:21 babilen Oh, don't worry about that. Just keep in mind that apt simply sees the priorities as reported by apt-cache policy and that the package with the highest priority is the installation candidate. You therefore have to temporarily raise the priorities of packages in wheezy-backports with "-t NAME" (raises it to 990)
20:24 babilen See apt_preferences(5) for further details on that (if you care)
20:24 murrdoc yeah the preferences file stuff is dope
20:25 bbradley hey i just wanted to mention that responses on github issues and here is really fast. and greatly appreciated.
20:25 bbradley is->are
20:26 babilen Ah, the beauty of congruence
20:27 StDiluted trevorj: it doesn’t seem that salt-master wants to run
20:27 StDiluted this is really frustrating me
20:27 StDiluted no error
20:27 StDiluted salt-api runs ok now
20:27 Ahlee is it writing anything to the log?
20:27 wnkz_ joined #salt
20:28 StDiluted no
20:28 vejdmn joined #salt
20:28 StDiluted nothing in the log from salt-master
20:28 murrdoc nuke vm
20:28 murrdoc recreate
20:28 micah_chatt joined #salt
20:28 StDiluted have done that three times now
20:29 StDiluted same problem every time
20:29 vejdmn joined #salt
20:29 murrdoc are u trying to build develop ?
20:29 murrdoc or the rc
20:30 StDiluted literally, create fresh Ubuntu 14.04 LTS vm -> run salt-bootstrap.sh -M -N git v2014.7.0rc2 -> then try to start or stop salt-master
20:30 StDiluted rc2
20:31 murrdoc damn
20:31 StDiluted the whole point of this is so i can try the ec2-autoscale reactor formula
20:31 Ahlee and what log level
20:32 Ahlee and, *shrug* install the 2014.1.7 stable version and go about your day
20:32 StDiluted ah, there is a stable version?
20:33 Ahlee stable for salt or stable? ;)
20:33 manfred StDiluted:  that reactor doesn't work with 2014.1, it is meant to be used with 2014.7
20:33 yomilk joined #salt
20:33 StDiluted yes, that’s why I’m trying to install 2014.7
20:33 StDiluted exactly why
20:33 manfred you should have ssh_args: git v2014.7 or something to install that version in your cloud configuration file
20:33 Ahlee so snarkiness aside, yo'ure running the 2014.7.0rc2 master with debug and nothing's hitting the log?
20:34 manfred take that -M -N git v2014.7.0rc2 for ssh_args:
20:34 manfred in /etc/salt/cloud
20:34 aparsons joined #salt
20:34 StDiluted manfred: I’m jsut trying to bootstrap the master
20:34 manfred ahh ok
20:34 StDiluted not trying to bring up salt-cloud machines yet
20:35 manfred uhh, curl -L https://bootstrap.saltstack.com | sh -s — -M -N git v2014.7.0rc2
20:35 manfred that isn't working?
20:35 StDiluted bootstrap works fine
20:35 StDiluted installs fine
20:35 StDiluted all set.
20:35 StDiluted when i try stop salt-master
20:35 StDiluted or start salt-master
20:35 StDiluted it hangs
20:35 jeffspeff I don't know if it's just me or if these docs are a bit ambigous. On http://docs.saltstack.com/en/latest/topics/targeting/nodegroups.html  the 3rd example referring to using nodegroups in your top.sls file. is it saying that "group1" is the nodegroup or that "webserver" is the nodegroup?
20:36 manfred StDiluted: i think that might have been a known issue… one second.
20:36 manfred StDiluted: what are you running to start or stop it?
20:36 StDiluted I’ve tried service salt-master stop and stop salt-master
20:36 StDiluted it is in upstart
20:36 StDiluted it did that by itself
20:37 manfred instead of server, do initctl stop salt-master or just stop salt-master
20:37 manfred so that it uses the upstart stuff instead of the service shim script
20:37 manfred i think that is what I had to do.
20:37 StDiluted i tried stop salt-master
20:37 StDiluted I’ll try initctl
20:37 MTecknology I just utilize salt to hose a web application. My backup system wasn't doing what it was supposed to. Web app has been lost to /dev/null. Dang.
20:38 StDiluted Mteck, seems like you are having some real issues today
20:39 Supermathie everybody forgets to test restores
20:39 Supermathie once.
20:39 peters-tx joined #salt
20:39 StDiluted initctl start salt-master hangs
20:39 MTecknology StDiluted: This one was just really dumb on my part.
20:40 MTecknology Supermathie: I didn't forget. I've been racing so hard since I started here that I haven't had time to address making sure I'm backing up all data that I need to. I'll get to it... eventually. :(
20:40 Ahlee jeffspeff: it's saying to apply the webserver state to the nodegroup "group1"
20:40 Supermathie MTecknology, *fistbump* *knowingnod*
20:40 jeffspeff Ahlee, thank you
20:41 mgw joined #salt
20:41 StDiluted sigh
20:41 StDiluted i give up
20:41 dstokes_ joined #salt
20:43 MTecknology How many states on one minion is considered a lot of states?
20:43 MTecknology Is 1,042 considered a lot?
20:43 timcharper MTecknology: that sounds like a lot to me. We're <100
20:43 StDiluted that’s way more than i have
20:43 babilen yeah, likewise
20:45 MTecknology I have one box with 1,042 states, ~200 boxes with 130-250 states, and the rest have ~40
20:47 babilen What the hell is that one box doing?
20:47 bbradley anyone have an idea of where i could get started for testing salt states?
20:48 bbradley a tutorial or such
20:48 trevorj bbradley: I made a docker salt launcher
20:48 geekatcmu dns, dhcp, IPAM, full lamp stack, KDC, Samba share, OpenAFS server, and, uhm, ZNC bouncer?
20:48 trevorj bbradley: There are quite a few on github already, I plan on releasing mine, for now it's just on the docker registry
20:49 trevorj bbradley: basically, you spawn up a docker instance with a salt minion, mount /srv/salt and /srv/pillar from the host as a volume
20:49 bbradley i mean something like unittest.
20:49 babilen bbradley: I'm testing most in boxes managed with vagrant (used vbox, horribly slow (as always) and am now using docker containers and kvm/libvirt boxes instead)
20:49 MTecknology babilen: It's a file server for a bunch of facilities that don't have their own dedicated box and ... it does a whole lot more than just that
20:49 babilen MTecknology: Sounds like it, yeah
20:49 bbradley puppet-rspec is to puppet as x is to salt.
20:49 bbradley what is x?
20:50 rypeck bbradley: doesn't exist yet afaik.
20:50 bbradley k
20:50 rypeck Would be happy for someone to correct me.
20:50 brandon_ joined #salt
20:50 MTecknology the 200 that run 130-200 do the exact same thing as the one that runs 1,042, those are just dedicated to a few facilities each. This is the one for facilities that don't have the need for a local dedicated box.
20:50 babilen likewise
20:50 SheetiS you have to say it in a pythonic way though: x is None
20:51 bbradley i use vagrant for practical salt state testing.
20:51 babilen rypeck: Yeah, I am also looking for it, but there were no replies on the mailing list either.
20:51 rypeck https://github.com/saltstack/salt/issues/802
20:51 rypeck https://github.com/saltstack/salt/issues/15836
20:51 rypeck If I have a data structer in python - how can I print that in YAML just like how I'd represent it in salt?
20:52 jhauser joined #salt
20:52 bbradley thanks for the responses.
20:52 babilen I'd really love to see some regression testing and an effort to implement testcases for fixed bugs, but didn't really get much inspiration from the ML
20:53 babilen rypeck: http://pyyaml.org/wiki/PyYAMLDocumentation#DumpingYAML
20:53 rypeck babilen: that doesn't quiet do it - I just happened upon this bit of that
20:53 rypeck http://pyyaml.org/wiki/PyYAMLDocumentation#Dictionarieswithoutnestedcollectionsarenotdumpedcorrectly
20:53 babilen But then you can write states and pillars in pure Python if you prefer that. Just use "#!py" in the first line.
20:54 jeffspeff windows salt-minion 0.17.5-2 is newer than 2014.1.10 right? the file creation date is a few days after the other.
20:54 rypeck default_flow_style=False makes the magic happen!
20:54 babilen indeed
20:54 bbradley i found the sections in the docs on unit and integration testing. that's what i was looking for i suppose.
20:54 babilen rypeck: Sorry, I should have remembered that. I've been there before.
20:54 martoss joined #salt
20:54 rypeck babilen: I'm parsing an existing file to get all of the defaults into a pillar - so if a use wants to manage the file he can add the configuration option to a pillar - if he doesn't it will fall back to the default.
20:54 forrest joined #salt
20:54 trevorj rypeck: salt reads block style yaml correctly
20:54 trevorj rypeck: it just looks funky
20:54 rypeck This may be the wrong way to go about it. *shrug*
20:54 rypeck trevorj: yea I know - I just didn't want block style yaml.
20:55 trevorj rypeck: haha, I don't blame you, it's gross looking
20:55 nitti joined #salt
20:55 babilen rypeck: A pillar is really nothing else than a dictionary. If you have the code in Python already then just implement a run() function that returns a dictionary and you are set.
20:55 MTecknology Someday I'll have the chance to go through and clean up a lot of my states and make them pretty. I have pillars, states, data, reactors, etc. I have pillars and states in git. I need to get data into reactors and then bigger data into its own collection. I also need to review them all to make sure they're all sane and pretty.
20:55 babilen s/than/but/
20:55 MTecknology someday...
20:55 babilen today!
20:55 kusams hi...can we use ldap authentication for halite?
20:55 rypeck babilen: I wrote the code to parse out the defaults from an input - i'd rather not have custom code in this.
20:56 rypeck babilen: but I gotta get there some day.
20:56 martoss1 joined #salt
20:56 MTecknology I go home in 30min and I'm attempting to recreate the web app I just destroyed from scratch before that happens. I'll be going from php to python too.
20:56 babilen rypeck: Sure, I was simply saying that there is no point in converting an already existing dictionary to yaml just for salt to parse that back into a dictionary.
20:56 trevorj kusams: halite uses PAM, so if you have ldap auth configured in pam it'll work as is
20:57 babilen MTecknology: Just clean one state each day and it'll take you three years to finish your 1042+ states ...
20:57 CaptinHokk joined #salt
20:57 babilen MTecknology: Anything we can do to help?
20:57 MTecknology babilen: Jinja2 baby!!! :D
20:58 MTecknology 15:50 < MTecknology> the 200 that run 130-200 do the exact same thing as the one that runs 1,042 <--- the difference is the number of facilities. LOOPS!
20:58 kusams trevorj thanks
20:58 babilen MTecknology: Okay, one year then.
20:58 aparsons joined #salt
20:59 MTecknology babilen: This channel (especially SheetiS) has helped to an insane level the last few days. The rest is probably pretty easy. When I catch up with fires, I'll be able to start sorting through them. Should take me about 3-5 days of effort.
20:59 babilen +1
20:59 aparsons_ joined #salt
20:59 lkannan joined #salt
21:00 MTecknology Then it'll be a task of going through and making sure that everything being done on every server is actually being managed by salt (including making sure the right things are being backed up)
21:00 babilen MTecknology: Sorry, I've not been entirely serious. I should note that it is 11pm here and that I've been off work for six hours already. I genuinely just wanted to know if there's anything this channel can provide in order to ease your situation right now (as it sounds as if you had a bad day)
21:01 MTecknology I had an amazing day! :D
21:01 MTecknology Full of challenges, learning, and it finished off with the excitement of seeing an amazing solution go into place that should last the test of time.
21:03 StDiluted manfred: is there a way to do an autoscale reactor in 2014.1?
21:04 manfred there is not
21:04 perfectsine joined #salt
21:04 babilen Okay, I might have misinterpreted "I just utilize salt to hose a web application. My backup system wasn't doing what it was supposed to. Web app has been lost to /dev/null. Dang." and "I just found a bit of a security problem in salt. I can't create an issue out of it because our entire network is currently in a destroyed state.". Forgive me.
21:04 manfred it requires the request_instance portion of the server image creation process to be split out
21:04 manfred which was done in 2014.7
21:05 ekkelett joined #salt
21:07 ekkelett to those awake: anyone have experience with passing multiple m_name arguments to a module through states.module?
21:07 manfred you can't do that in 2014.1
21:07 manfred you could do it by overridding everything in names: in 2014.7
21:08 manfred but each one of those is a seperate state
21:08 ekkelett ah, interesting
21:08 ekkelett Yeah, I imagine I'll just have to create some more states then for each parameter I want the module to run
21:08 timcharper I FOUND THE ISSUE to my runaway process
21:09 manfred ekkelett:  http://docs.saltstack.com/en/latest/ref/states/highstate.html#names-declaration check the last example in that seciont, you would be overriding name: <module> as well as m_name in that
21:09 timcharper rm -rf /var/cache/salt
21:09 manfred ekkelett:  theoretically, if you are just passing a list of names on the command line, you could just make a yaml list in the state file
21:09 timcharper It might help if that solution were more prominent in the documentation
21:09 timcharper I've been searching for an answer for this all morning
21:09 timcharper and out of desperation tried that
21:10 timcharper (after reading through the source code)
21:10 manfred ekkelett:  there is not a specific way to, provide a list of services to pass one by one to the service.restart module
21:10 manfred ekkelett:  you would need to use the service.running: full_restart: or whatever option it is for that, and then pass all your serivce in the names: option
21:10 ekkelett I see, so the problem is not limited to the particular module in question.
21:10 ekkelett yeah
21:11 ekkelett as far as I can see it doesn't seem like postgres.create_extension likes to be given a list in - names:
21:11 ekkelett well, * m_name:, unsurprisingly
21:11 manfred -names: is specific for states
21:12 manfred if you are using the module state, names: is the list of modules to use, not the list of m_names:
21:12 bhosmer joined #salt
21:12 glyf joined #salt
21:12 ekkelett yes, and thus one must use -m_name: if you want the argument to be passed to the module, as I understood.
21:12 snuffeluffegus joined #salt
21:12 ekkelett exactly, yip.
21:12 manfred names: logically creates one state for each name provided to it, and expands it in the low_state data
21:13 ekkelett fair enough. could've used templating I suppose, that way it wouldn't be somewhat odd, but it's a short list and thus.. copy/paste seems relatively decent.
21:13 manfred yar
21:14 cpowell joined #salt
21:15 ekkelett thanks for your speedy and useful insight, manfred. I've just been playing around with salt for two days, but it's neat-o.
21:15 manfred np :)
21:15 hasues joined #salt
21:15 ekkelett (and the debug messages are much more friendlier than those in ansible, but that's a sidenote)
21:15 druonysus joined #salt
21:17 vejdmn1 joined #salt
21:18 snuffeluffegus joined #salt
21:21 n8n joined #salt
21:24 giannello joined #salt
21:24 scryptic1 joined #salt
21:26 scryptic1 When I spin up an instance on rackspace with salt-cloud, is there a way for me to automatically store the rackspace uri or rackspace node id as grains for the new vm?
21:29 carmony basepi: this bug where the "no matching sls found" error message covers up any other including or editing erros
21:29 carmony is really annoying :P
21:33 basepi That stupid error. It annoys everybody. =\
21:36 babilen ... to put it mildly
21:36 timcharper left #salt
21:36 iggy I thought it seemed a bit better when I was using 2014.7 for a while
21:37 mechanicalduck_ joined #salt
21:37 iggy or maybe I was hitting just the right kind of bugs
21:42 micah_chatt joined #salt
21:46 micah_chatt_ joined #salt
21:48 wt joined #salt
21:54 nitti joined #salt
21:56 kermit joined #salt
21:56 n8n joined #salt
21:59 gzcwnk :)
22:03 murrdoc anyone here keep their passwords encrypted ?
22:03 murrdoc in salt pillars that is
22:03 murrdoc not in general
22:03 murrdoc :)
22:04 carmony when is 2014.7.0 due for release?
22:05 iggy 2014.12
22:05 murrdoc :D
22:05 murrdoc its rc2 already
22:06 murrdoc i expect it in a month
22:06 murrdoc if u are planning to start stuff in salt
22:06 murrdoc like we are
22:06 bhosmer joined #salt
22:06 murrdoc we been using 2014.7
22:07 possibilities joined #salt
22:12 krissaxton joined #salt
22:12 iggy Yeah, I don't expect much (if anything) to change in the 2014.7 branch in the next 2 weeks or so
22:13 glyf joined #salt
22:17 kusams joined #salt
22:17 DaveQB joined #salt
22:18 elfixit joined #salt
22:20 jalaziz joined #salt
22:21 perfectsine joined #salt
22:24 Katafalkas joined #salt
22:27 chrisjon_ joined #salt
22:31 druonysuse joined #salt
22:31 druonysuse joined #salt
22:36 avn joined #salt
22:39 rypeck What's the status of the Halite project? No activity on it since May.
22:39 iggy seems to be low priority
22:39 iggy take note that I do not have an @ next to my name
22:40 murrdoc ./nick @murrdoc
22:40 lionel_ joined #salt
22:40 murrdoc send us pull requests and we can move it faster
22:40 murrdoc ./nick murrdoc
22:40 iggy I looked at it, it seemed to fill a rather narrow use case
22:41 murrdoc it needs to be like foreman
22:41 murrdoc or better
22:41 jeffspeff in the salt minion config file, what's the difference between setting "startup_states" to "highstate" and "top"?
22:42 jeffspeff i've made a top.sls file but i'm not exactly sure what a "highstate" is
22:42 iggy for people with <100 servers, visualizing the output from the command line tools is probably sufficient
22:42 iggy for people with >1000 it's probably useless as is
22:42 iggy not useless, let's say overwhelming
22:43 Katafalkas joined #salt
22:43 iggy jeffspeff: highstate runs everything that matches the minion in the top.sls file
22:43 jeffspeff iggy, then why have a setting for running top if highstate does just that?
22:44 kalessin joined #salt
22:44 oz_akan joined #salt
22:44 iggy off the top of my head?
22:44 rypeck jeffspeff: so you can execute a different top file.
22:45 iggy have a sort if inbetween top file
22:45 rypeck Says so right in the documentation - http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.top
22:46 iggy so you could have a more minimal top file than your regular one to get minions to a certain starting point, but maybe not all the way to the final expected state
22:46 n8n joined #salt
22:46 jeffspeff rypeck, that's for the command. the minion config file statement doesn't seem to accept options to specify a specific file.
22:47 iggy I would say stick with startup_states: highstate for now
22:47 rypeck Ah gotcha nvm.
22:47 jeffspeff nvm, i found how that works. the option to specify the specific file is a few options down
22:47 jeffspeff # top file to execute if startup_states is 'top'
22:47 jeffspeff #top_file: ''
22:52 roo9 joined #salt
22:54 tafa2 joined #salt
22:55 murrdoc anyone setup their own ci yet
22:56 murrdoc for the salt modules
23:01 notbmatt joined #salt
23:02 CheKoLyN joined #salt
23:03 jpaetzel joined #salt
23:06 perfectsine joined #salt
23:08 yomilk joined #salt
23:10 krissaxton joined #salt
23:16 thehaven joined #salt
23:20 badon joined #salt
23:30 glyf joined #salt
23:31 rattmuff joined #salt
23:34 otter768 joined #salt
23:34 kusams joined #salt
23:40 CeBe1 joined #salt
23:40 mosen joined #salt
23:47 lude1 joined #salt
23:47 jeffspeff i'm trying to write a state to use file.replace. i want to replace multiple lines in the same file and i'm unsure on the correct yaml syntax. should i do 'file.replace:' ' - path: blah' ' - pattern: ' etc. or shoult it be 'path\to\file:' ' file.replace:' ' - pattern: ' ' - repl:'   ?
23:52 aparsons joined #salt
23:57 iggy you need a unique identifier first
23:57 iggy people tend to use the filename if it makes sense
23:58 TheThing joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary