Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-10-11

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 phblj I did see 2014.7.0 will have privkey config parameters.  Was there a way to specify ssh keys before?
00:04 maze left #salt
00:04 SheetiS phblj: are you running salt as root?
00:05 phblj I am
00:05 SheetiS If so does ~/.ssh/config refer to root's home when you say it (if not, it should)
00:06 SheetiS When I was testing gitfs with salt, it worked to github as long as all the pertinent stuff were configured in root's .ssh folder.
00:06 phblj ah... that's almost undoubtably it.  I'll make sure
00:07 phblj thanks much
00:07 aparsons joined #salt
00:07 phblj yep!
00:08 phblj it's always something simple.  very much appreciated-- I would have continued tracing python forever
00:09 SheetiS phblj: glad to help.
00:19 druonysus joined #salt
00:19 druonysus joined #salt
00:25 aparsons joined #salt
00:44 DaveQB joined #salt
00:46 kusams joined #salt
00:51 n8n joined #salt
00:53 cads joined #salt
00:54 aparsons joined #salt
00:54 elfixit joined #salt
00:57 bhosmer joined #salt
01:00 invsblduck joined #salt
01:12 invsblduck hi!
01:12 invsblduck the pillars be givin' me grief!!
01:13 invsblduck if i include pillar file from another pillar file, i can't `salt[pillar.get]()' (or even access the `pillar' dictionary) for variables in the included file?
01:15 invsblduck eg., pillar1.sls includes tree `foo:bar:baz' and in pillar2.sls i include pillar1.  then when i try to "{{ salt['pillar.get']('foo:bar') }}" in pillar2.sls, i get empty data!
01:16 invsblduck ( i should say pillar1.sls *contains* tree `foo:bar:baz' )
01:18 SheetiS invsblduck: since they are both in the pillar, this sounds right to me.  You could import_yaml the other if it were pure yaml, or you could store what you needed access to as a variable in pillar1.sls and then do a {% from 'pillar1.sls' import foo with context %} and then could foo.get() later on
01:19 druonysus joined #salt
01:19 ek6 joined #salt
01:19 druonysus joined #salt
01:20 gmcwhistler joined #salt
01:23 invsblduck SheetiS: ahh, i bet it has to do with the fact that i'm trying to access the file from within jinja.
01:26 SheetiS Accessing pillar data from within the pillar is always a little bit weird (at least to me) as the pillar dictionary is being built at the time you access it (especially with imports).  I try to avoid it when possible.
01:26 SheetiS s/when possible//
01:27 n8n joined #salt
01:35 invsblduck SheetiS: yea...that was my first thought (accessing the data before it's available), but it must have to do with the order of jinja processing
01:35 invsblduck not familiar enough with salt guts yet
01:36 sroegner_ joined #salt
01:37 n8n joined #salt
01:38 kusams joined #salt
01:42 Voziv joined #salt
01:45 Voziv left #salt
01:49 aparsons joined #salt
01:50 hasues joined #salt
01:52 aranhoide joined #salt
01:57 aparsons joined #salt
01:57 nbe joined #salt
01:57 acabrera joined #salt
01:59 nbe I'm a total salt newbie - making the transition from Chef. I have a quick question for the group - how do you assign grains individually to minions and get them to update without reloading the client? Within chef - an attribute change takes effect almost immediately with no client interruption.
02:10 ramishra joined #salt
02:10 ndrei joined #salt
02:12 kusams joined #salt
02:16 TOoSmOotH joined #salt
02:23 iggy nbe: salt minionid grains.set
02:23 badon_ joined #salt
02:23 iggy without knowing more about what you are actually trying to do
02:25 Outlander joined #salt
02:29 Nexpro1 joined #salt
02:40 n8n joined #salt
02:42 bhosmer joined #salt
02:43 TyrfingMjolnir joined #salt
02:45 TOoSmOotH joined #salt
02:45 bhosmer_ joined #salt
02:52 n8n joined #salt
03:08 n8n joined #salt
03:35 SheetiS joined #salt
03:37 sroegner_ joined #salt
03:45 scoates joined #salt
03:55 jalaziz joined #salt
03:57 UForgotten joined #salt
04:00 kusams joined #salt
04:13 otter768 joined #salt
04:29 ndrei joined #salt
04:34 bhosmer joined #salt
04:44 patarr joined #salt
04:44 patarr joined #salt
04:46 invsblduck joined #salt
04:50 ndrei joined #salt
05:07 NV joined #salt
05:10 jeremyb joined #salt
05:11 kedo39 joined #salt
05:20 why joined #salt
05:35 ndrei joined #salt
05:38 sroegner_ joined #salt
05:44 ek6 joined #salt
05:56 TheThing joined #salt
06:00 kedo39 joined #salt
06:11 deepz88 joined #salt
06:18 jhulten joined #salt
06:23 bhosmer joined #salt
06:34 Outlander joined #salt
06:47 cberndt joined #salt
06:48 astol joined #salt
07:17 ek6_ joined #salt
07:22 ek6 joined #salt
07:36 Nexpro joined #salt
07:37 ek6_ joined #salt
07:38 sroegner_ joined #salt
07:41 hardwire joined #salt
07:44 aquinas joined #salt
07:49 aquinas_ joined #salt
08:12 bhosmer joined #salt
08:44 bhosmer joined #salt
08:54 SheetiS joined #salt
08:57 badon_ joined #salt
09:08 smcquay joined #salt
09:14 chiui joined #salt
09:34 ramishra joined #salt
09:39 sroegner_ joined #salt
09:42 Outlander joined #salt
09:43 linjan joined #salt
10:01 bhosmer joined #salt
10:03 tyler-baker joined #salt
10:03 viq joined #salt
10:04 viq joined #salt
10:11 agend joined #salt
10:12 bhosmer joined #salt
10:22 CeBe joined #salt
10:33 agend joined #salt
10:34 mik3 joined #salt
11:12 DaveQB joined #salt
11:35 stephanbuys joined #salt
11:40 sroegner_ joined #salt
11:44 mapu joined #salt
11:50 bhosmer_ joined #salt
11:54 stephanbuys joined #salt
12:01 thehaven joined #salt
12:03 thehaven joined #salt
12:15 esharpmajor joined #salt
12:16 esharpmajor Hi, new to Salt and taking a look at the docs - with Puppet, it's possible to use an external CA - eg IPA, AD - is Salt able to act in a similar way? The docs seem to imply that master/minion authentication is via TLS-style certificates
12:43 ndrei joined #salt
12:54 viq esharpmajor: asymmetric keys, but not certificates, AFAIK, so not really
12:54 smcquay joined #salt
12:55 intellix joined #salt
12:56 vbabiy joined #salt
12:57 stephanbuys joined #salt
13:01 linjan joined #salt
13:05 babilen Guest97152: You might want to reconfigure your client. You've been nick cycling for ages in here.
13:17 ramishra joined #salt
13:17 wnkz__ joined #salt
13:23 scoates joined #salt
13:24 esharpmajor @viq thanks, was hoping that IPA would save me a deployment step ;)
13:25 dccc_ joined #salt
13:27 bhosmer joined #salt
13:39 DaveQB joined #salt
13:39 bhosmer joined #salt
13:41 sroegner_ joined #salt
13:41 SkyRocknRoll__ joined #salt
13:41 fxhp joined #salt
13:45 vejdmn joined #salt
13:47 teebes joined #salt
13:48 viq esharpmajor: there are ways to pre-generate and pre-accept the keys, AFAIK, especially if you're using salt-cloud to provision machines in cloud
13:51 mechanicalduck joined #salt
14:05 viq esharpmajor: http://docs.saltstack.com/en/latest/topics/tutorials/preseed_key.html
14:11 TyrfingMjolnir joined #salt
14:57 TyrfingMjolnir joined #salt
15:13 Nazca__ joined #salt
15:24 vbabiy joined #salt
15:24 ndrei joined #salt
15:28 bhosmer joined #salt
15:38 dccc_ joined #salt
15:38 ckao joined #salt
15:41 sroegner_ joined #salt
15:45 pfallenop joined #salt
15:46 SheetiS joined #salt
15:50 elfixit joined #salt
15:59 default joined #salt
16:04 bbradley joined #salt
16:06 bassam joined #salt
16:06 bassam hello, I'm trying to understand how people configure a salt-master to deploy and manage docker containers on coreos. From what I can tell I'm not able to run salt-minons on coreos. what do people do in this case?
16:07 default Can someone translate that so I can feel like i'm helping out?
16:07 tkharju joined #salt
16:07 iggy bassam: you could try salt-ssh
16:07 iggy I think that's really the only way for now
16:08 iggy I would certainly like to see that change at some point
16:08 eliasp bassam: after all, you shouldn't change much "inside" your containers… they're not much more than an application binary… so your containers should ship with all required things already in their image
16:08 eliasp bassam: persistent data should be provided as a bind-mount volume to your containers from the outside
16:08 iggy hmm, actually, coreos has python installed, it might be possible to install via pip/etc
16:09 eliasp bassam: the CoreOS configuration itself can be done via 'etcd' for which I believe there's some Salt support
16:09 eliasp bassam: http://www.saltstack.com/salt-blog/2014/3/21/etcd-comes-to-salt
16:10 bassam eliasp, thanks. iggy, I tried salt-bootstrap on coreos and it failed. does it attempt a pip install?
16:10 iggy I've not actually tried it
16:10 eliasp for CoreOS (as long as you don't build your own CoreOS images), it's more or less the same as for containers… it's a static image which might be replaced by an update at any point
16:10 eliasp so if you want to modify what applications are available on one of your CoreOS hosts, you'd have to deploy a custom CoreOS build
16:11 iggy I _think_ the docker modules (if that's what you're looking at) aren't really meant for coreos
16:11 eliasp bassam: see also: https://coreos.com/docs/sdk-distributors/sdk/modifying-coreos/
16:11 eliasp iggy: exactly… that's why bassam should look into hooking up his etcd with Salt
16:11 eliasp etcd is the configuration provider for CoreOS
16:12 bassam I am planning to use etcd, but I wanted the salt-master to build, pull and run containers as needed
16:13 iggy one of the things I don't like about the whole docker/coreos/etc paradigm is they basically just gloss over the fact that (at least for now) docker is pretty useless for anything that isn't basically stateless
16:13 bassam iggy, I thought docker volumes helped with stateful containers
16:13 iggy so to actually run any kind of useful stack, you're going to have non-coreos servers in your stack running bits that coreos/docker just cant handle
16:13 iggy "help"
16:14 eliasp iggy: yeah… Docker is either usable for small development environments to rapidly provide a development/test environment or for very large-scale deployments where building your own images all the time is no overhea
16:15 eliasp iggy: the major problem with Docker is "cargo cult"… a lot of people suddenly start praising/using it without actually understanding what it means to use it in terms of change-management workflows, infrastructure security etc.
16:15 iggy it's painful as hell to run things like master/slave postgres, file servers, etc in docker containers (again, I say that's how things are now, with the expectation that at some point it should get easier)
16:15 eliasp I love Docker for some very specific use-cases… but that's it
16:16 iggy yeah
16:16 iggy we might end up using it for some of our frontend type stuff
16:17 iggy and it's great for hosting little things like wsgi servers running apps
16:17 bassam I'm curious, what is the typical configuration for salt-docker? just running docker.io on ubuntu?
16:18 iggy but it's (currently) still easier to run traditional infrastructure to deal with things that don't scale horizontally well
16:19 eliasp iggy: agreed… the actual amount of work to properly implement a Docker based deployment is really huge… I'd say not worth the effort below a few thousand affected hosts
16:19 eliasp iggy: it's surely doable below that, but then given "affordable" time not in a proper way
16:19 dccc_ joined #salt
16:20 ajolo_ joined #salt
16:22 bassam looks like python was removed from recent coreos builds
16:23 eliasp bassam: yeah… all CoreOS tools are written in Go and the only reason Python was still around was, because major parts of Gentoo (which is the underlying distribution) is mostly Python based)
16:23 eliasp bassam: but as a regular CoreOS image doesn't have any package management, as it's just a static disposable image, there was no need for Python/Portage anymore
16:24 eliasp bassam: that's why you'd have to add any required packages in a custom CoreOS build (see link above)
16:25 bassam this is an interesting alternative -- https://github.com/coreos/toolbox. Essentially a container could access the host system and manage docker on it
16:26 bassam more context: https://github.com/coreos/portage-stable/issues/59
16:26 eliasp bassam: looks more like a debugging too to me
16:28 eliasp bassam: my feeling is, that whenever you bypass 'etcd', you're going to introduce inconsistencies in your CoreOS cluster… but maybe the guys over at #coreos can tell you more about proper CoreOS management approaches
16:28 eliasp bassam: I've only played a bit with it ~1 year ago but never used it in a production environment
16:28 bassam eliasp
16:29 bassam eliasp: I am planning to use the salt-etcd external pillar support. are you saying just use coreos fleet/etcd and not salt?
16:30 eliasp bassam: I wanted to say: feed your etcd through Salt…
16:30 eliasp bassam: sure, etcd can also be used as an external pillar
16:31 bassam eliasp: got it. thanks.
16:33 eliasp got to go… have a nice day
16:35 dude051 joined #salt
16:43 dude051 joined #salt
16:43 tkharju joined #salt
16:49 StDiluted joined #salt
16:51 acabrera joined #salt
16:52 mbaechtold joined #salt
16:53 martinp joined #salt
16:53 kingel joined #salt
17:03 TheThing joined #salt
17:03 kingel joined #salt
17:16 schimmy joined #salt
17:16 bhosmer joined #salt
17:19 schimmy1 joined #salt
17:20 klotho joined #salt
17:20 Mso150 joined #salt
17:39 steve1 joined #salt
17:42 sroegner_ joined #salt
17:43 cmthornt1n joined #salt
17:44 sklik joined #salt
17:57 kusams joined #salt
18:08 schimmy joined #salt
18:13 invsblduck joined #salt
18:16 mechanicalduck_ joined #salt
18:26 kedo39 joined #salt
18:27 ajprog_laptop1 joined #salt
18:30 ajolo_ joined #salt
18:43 ajolo__ joined #salt
18:50 ndrei joined #salt
19:01 kingel joined #salt
19:05 bhosmer joined #salt
19:06 schimmy joined #salt
19:09 Mso150 joined #salt
19:10 schimmy1 joined #salt
19:13 Mso150 joined #salt
19:29 astol joined #salt
19:30 bhosmer joined #salt
19:37 RobSpectre joined #salt
19:43 sroegner_ joined #salt
19:46 gmcwhistler joined #salt
20:00 micah_chatt joined #salt
20:02 kingel joined #salt
20:04 desposo joined #salt
20:04 sklik left #salt
20:07 nitti joined #salt
20:10 ndrei joined #salt
20:19 madpickle joined #salt
20:20 dude051 joined #salt
20:20 madpickle is there a reason why "sudo salt-call --local pillar.items" won't return my pillars? /srv/pillar/top.sls, et al. exist?
20:21 viq madpickle: -l debug to the rescue?
20:21 madpickle running it in "-l debug" shows salt loading it
20:21 madpickle the machine i run salt-call on is also a master to one minion; when salt '*' state.highstate is invoked the very same  works fine with the minion
20:22 madpickle funnily enough it worked fine on my master machine earlier today; there is seemingly nothing out of the ordinary with the pillars
20:22 madpickle (for they work fine when sent to the minion)
20:22 viq madpickle: which version of salt? I saw people mentioning bug with the salt-call --local on I think 2014.1.11
20:23 madpickle salt-call 2014.1.11 (Hydrogen)
20:23 madpickle !@#!@#
20:23 viq madpickle: also, why not run minion on the master?
20:23 madpickle viq: no reason not to beyond wondering why the heck salt-call isn't working
20:23 madpickle it's been a very frustrating couple of hours --- if it never worked to begin with it'd be easier to diagnose
20:23 viq I think .12 solves / will solve that, but not sure
20:24 madpickle but let me revert to an older point release -- thanks, viq.
20:24 viq madpickle: or upgrade ;)
20:24 viq .12 seems to be out already
20:25 madpickle oh humm
20:25 madpickle https://github.com/saltstack/salt/pull/16212
20:25 madpickle yes you are right, viq. There is indeed an issue with .11
20:26 * viq is an experienced lurker ;)
20:34 rap424 joined #salt
20:39 Outlander joined #salt
20:50 phblj joined #salt
20:54 bhosmer joined #salt
20:55 kusams joined #salt
20:58 invsblduck joined #salt
21:01 schimmy joined #salt
21:04 schimmy1 joined #salt
21:12 micko joined #salt
21:12 schimmy joined #salt
21:13 rubenb_ joined #salt
21:14 rubenb_ Hi, has anyone used RC3 with the new DigitalOcean API?
21:14 rubenb_ (+salt-cloud )
21:17 cberndt joined #salt
21:17 schimmy joined #salt
21:18 babilen rubenbn: I would hope that the developer of that module used it at least once. Have you tried it? Did you, perfchance, encounter a problem?
21:19 kingel joined #salt
21:19 Mso150 joined #salt
21:20 Outlander joined #salt
21:22 rubenbn babilen: More than one.
21:24 rubenbn The major issue is that I can't deploy VMs, the minor issue is that I cannot update dns
21:31 rubenbn Hm, the major issue seemed to be caused by the provider, not salt-cloud.
21:34 crane hey ho, i'm still trying to write a formula. atm i'm stuck with a problem that salt can't find my var in map.jinja what i don't understand https://dpaste.de/Tdyo
21:35 crane the var he cant find is torrc_src
21:35 peters-tx joined #salt
21:35 crane exact error which is thrown: Rendering SLS "base:tor.config" failed: Jinja variable 'dict object' has no attribute 'torrc_src'; line 9
21:38 viq joined #salt
21:42 aranhoide joined #salt
21:44 sroegner_ joined #salt
21:47 babilen crane: Could you attach the entire error to that paste please?
21:47 crane babilen: hi, sure i can :)
21:48 babilen crane: It might be a clash between "tor" (as in the SLS file) and "tor" (as in the dictionary/map you import)
21:48 crane babilen: https://dpaste.de/HTdA
21:48 crane hmm okay
21:49 crane babilen: not sure about that. https://github.com/saltstack-formulas/openssh-formula/blob/master/openssh/config.sls looks similiar to it
21:49 babilen Does it work if you remove the torrc entry?
21:50 babilen Yeah, it would have surprised me as well, but I can't really quite see anything else :)
21:51 crane is there a way to comment it out instead of removing it?
21:51 babilen And you have a trailing "," on line 13 that shouldn't be there
21:52 crane which file?
21:52 babilen line 13 in your paste
21:52 babilen the map.jinja entry
21:52 babilen },
21:53 crane ah i see
21:53 crane but that was not the problem ^^
21:53 babilen Okay :)
21:54 babilen But you can reference all other entries in that map without problems?
21:54 crane he is not mumbeling about anything else
21:55 babilen You are also indenting deeper than I use to (4 vs 2), but that is probably not the problem either, but something similar caused problems for me before in a different context.
21:55 bbradley crane: are you also getting something like:
21:55 babilen (i.e. the block for the private key for example)
21:55 bbradley Jinja variable 'salt.loaded.int.render.jinja.SaltDotLookup object' has no attribute 'pillar.get'
21:56 dirkraster joined #salt
21:56 crane bbradley: can i see multiple errors? i thought there would be only one at a time?
21:57 kusams joined #salt
21:57 bbradley maybe. i did something to where i saw something similar to what you had and what i just said in one output.
21:58 bbradley are you using a development version of salt?
21:59 bbradley i am getting that kind of error using salt-ssh from pip.
21:59 babilen I'm sure that crane would have mentioned if (s)he is using a non-standard version, but ... : are you?
22:00 crane babilen: he is correct ;) and nope. it the bootstraped stable version
22:01 crane so i excluded now the torrc part from my file and it looks like it is going to run
22:02 babilen Oh, how I don't like pastebins that doesn't make it easy to copy entries without line numbers
22:03 crane should i open a git repo? :)
22:03 babilen No, they have a raw mode. It is just ... unnecessary.
22:13 klotho joined #salt
22:14 schimmy joined #salt
22:15 babilen Sorry, I can't test it at the moment.
22:16 crane i think a will try and error untill you find the time ^^
22:16 crane or i solve the problem
22:16 crane i hope nr 2 is happening
22:19 schimmy1 joined #salt
22:23 zesty joined #salt
22:25 seblu joined #salt
22:33 blast_hardcheese joined #salt
22:42 pdayton joined #salt
22:43 bhosmer joined #salt
22:59 acabrera joined #salt
23:02 hasues joined #salt
23:07 kingel joined #salt
23:10 scoates joined #salt
23:14 kedo39 joined #salt
23:32 invsblduck joined #salt
23:33 bbradley crane: what is the command you use to run your states?
23:33 crane bbradley: salt-call --local state.highstate
23:33 crane i'm testing it within a vagrant vm
23:44 aquinas joined #salt
23:44 aquinas_ joined #salt
23:45 sroegner_ joined #salt
23:48 wnkz joined #salt
23:53 ndrei joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary