Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2014-11-06

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 MTecknology I don't want to set up other user accounts on the system that have the ability to become root.
00:00 viq MTecknology: I wonder if you could somehow integrate http://passwordstore.org/ with salt and the gpg renderer
00:00 catpigger MTecknology, almost same situation for me, i do almost all the linux stuff, i dont see the point of using sudo/su in our situation. we just have the passwords in keepassx on a network share
00:00 catpigger with a very strong passphrase
00:00 iggy but... but... but... you're using salt... it should be easy to enable sudo, etc...
00:00 MTecknology viq: that sounds kinda like a password management system I made once :P
00:01 viq catpigger: have a look at http://passwordstore.org/ ;)
00:01 catpigger iggy, yeah but lets say it takes me 2 hours to do it and 30min to explain it to my colleague. in that time i couldve installed salt on another server
00:01 * iggy shudders
00:01 catpigger or fixed 30 inconsistencies
00:01 catpigger or moved one function from an out-of-support OS to a current one
00:01 catpigger it's a god-awful mess, gotta start somewhere ;)
00:01 MTecknology We use pleasantpass; some customized version of keepass is used to access it
00:02 MTecknology our active directory credentials are used for accessing that one
00:02 catpigger viq, that looks very good
00:02 MTecknology I personally use keepassx for most things (not shared)
00:02 StDiluted hm, restarted salt-master after switching logging to debug and now it isnt spiking
00:02 catpigger the single-user nature of keepassx, whilst not a disaster for us, is a nuisance
00:02 StDiluted so it seems it’s a long term thing
00:02 renoirb Hi all!
00:03 catpigger but with pass that should not be a problem
00:03 catpigger iggy, i could also instead of activating sudo do something to backup /etc from all servers regularly.....
00:03 MTecknology catpigger: I pretty much want the root passwords set up so I can leave a document that says something like "I rage quit. What do you do now? Step one: Don't Panic"
00:03 catpigger you get the picture ;)
00:03 renoirb Is there a more hands-on example of a custom grain, and how to reuse?
00:03 StDiluted renoirb: i have written a custom grain
00:03 MTecknology I personally have salt distribute my shared key. :P
00:04 catpigger MTecknology, me too. well and no matter how i may or may not feel now or in the future about $employer, i consider it basic professional ethics that of course the boss has all keys
00:04 renoirb I am unsure if in _grains/foo.py how I can refer to another grain, and how it gets executed. You have this flow covered in your grain, StDiluted ?
00:04 MTecknology yup
00:04 catpigger the company should not go bankrupt if i get hit by a bus
00:04 StDiluted renoirb: https://github.com/dginther/ec2-tags-salt-grain
00:04 renoirb My use case is to read the __grains__['id'] parse it and generate a role list based off it
00:05 MTecknology I manage ~500 unique servers and all of the processes running on them. They'll be fucked anyway... :P
00:05 renoirb Thanks  StDiluted
00:05 catpigger haha
00:05 catpigger yeah me too
00:05 catpigger still
00:05 catpigger that's just basic due diligence
00:05 StDiluted renoir: I didnt use any other grains in mine
00:05 catpigger the boss has all the keys (or can get them if he so chooses), it's his servers, not mine
00:05 MTecknology I feel like I should be able to create a dictionary and then pick the best match from the grain...
00:05 StDiluted but I am pretty sure grains are available to custom grains
00:06 renoirb that’s what I trying to figure out. I have next to no experience with Python.
00:06 StDiluted renoirb: that’s essentially what I was doing though, creating roles from EC2 tags
00:06 catpigger plus if i do ever quit i dont wanna get calls for the next 3 months asking "whats this password?"
00:06 StDiluted but I believe you have it right, __grains__[‘id’]
00:06 renoirb But, StDiluted, calling  httplib.HTTPConnection("169.254.169.254", 80, 10 )  is clever!!
00:06 aparsons joined #salt
00:07 MTecknology I don't want 30 if statements... I want a dictionary and a selection from that list based on best match... I don't think jinja can do that, though
00:07 murrdoc joined #salt
00:07 seydu joined #salt
00:07 geekatcmu Jinja works perfectly well extracting data from a dictionary.
00:07 StDiluted renoirb: actually an updated version is in the salt-contrib
00:08 renoirb at aws_access_key_id='' you could use `os.environ['FOO']`, or use __pillar__ ... instead of hardcoding them. But then again, how can we be sure if we have access to __salt__, __grains__, __pillar__ and so on.
00:08 StDiluted https://github.com/saltstack/salt-contrib/blob/master/grains/ec2_tag_roles.py
00:08 renoirb oh!
00:08 MTecknology geekatcmu: but just grabbing the data isn't what I'm after .. how would I write this bit?
00:08 StDiluted that’s a much more elegant way to do it, though it requires boto
00:09 renoirb yeah, i’m not on EC2 but rather on an OpenStack cluster. i wonder if It would work for me.
00:09 renoirb an http call to 169... and parsing a file is great though
00:09 iwishiwerearobot joined #salt
00:10 StDiluted ah, well, if you have a way of tagging and getting tags inside openstack
00:10 StDiluted or if python does
00:10 dstokes there anyway to force a login shell w/ cmd.run?
00:11 StDiluted viq: restarting salt-master made the cpu spikes go away
00:11 StDiluted I’ll monitor and see if they come back
00:11 kickerdog joined #salt
00:12 steve1 left #salt
00:15 troyready joined #salt
00:17 TheThing joined #salt
00:20 anotherZero joined #salt
00:20 MTecknology I have the passwords picked out... what's the best way to get the hash for the salt state? I really really really don't want to have to set the root password 28 times and then copy the result from shadow.
00:21 MTecknology it'll work... it'll just be quite less than fun
00:23 iggy dstokes: for what purpose? getting a "normal" environment?
00:24 rattmuff joined #salt
00:25 MugginsM joined #salt
00:29 kickerdog1 joined #salt
00:31 MTecknology I just generated them all by hand... now to copy the plain text version into our password management system... by hand... :(
00:31 catpig joined #salt
00:31 MTecknology I'd so much prefer no password on root
00:32 catpig ok, so i added /srv/salt/kernel/kernel.sls, and in top.sls i simply listed "- kernel" but it doesnt work.. where's my error?
00:32 geekatcmu manage /root/.ssh/authorized_keys and move on?
00:32 srage joined #salt
00:32 geekatcmu No root password needed.
00:32 dstokes iggy: yeah, sourcing rvm basically
00:33 MTecknology bleck... pain in the rectum; but... oooh well, it'll be nice to avoid the template default :)
00:33 srage_ joined #salt
00:35 iggy dstokes: nope, you're stuck doing it all via env:
00:35 catpig joined #salt
00:35 dstokes iggy: got it, thx
00:36 iggy CatPlusPlus: - kernel.kernel
00:36 catpig iggy, ah cheers
00:36 iggy err... that totally went to the wrong person
00:36 Guest59758 joined #salt
00:39 anotherZero joined #salt
00:39 catpig joined #salt
00:40 kiorky joined #salt
00:40 aparsons joined #salt
00:42 SheetiS joined #salt
00:45 MTecknology ah, ya... that's nice
00:46 MTecknology 29 unique root password; now I need to disable root ssh login using passwords
00:49 MTecknology oh... I already have a state for that... it's not being applied to all servers yet
00:52 Ryan_Lane 29 root passwords? :D
00:52 Ryan_Lane that's horrifying :D
00:53 MTecknology why's that?
00:53 Ryan_Lane well, root passwords scare me to begin with
00:54 MTecknology true... good point
00:54 MTecknology but what about if you have to have them?
00:54 Ryan_Lane and ssh via password scares me too
00:54 iggy yeah, we already beat this horse to death again
00:54 Ryan_Lane I can't think of a reason to need them :)
00:54 Ryan_Lane well, I actually can, because I worked for the government
00:54 MTecknology I don't and won't allow root login via ssh using a password; console access only
00:55 Ryan_Lane root + grub password for single user and console access
00:55 MTecknology It's for the day when I finally snap and rage quit $employer. :P
00:55 Ryan_Lane in which case it's more secure to have one password for each class/group of system
00:56 TTimo joined #salt
00:56 iggy their reasoning is asinine... you could just as easily "salt '*' rm -rf /" on your way out
00:56 iggy but hey, it's their time they're wasting
00:57 MTecknology I considered no root password and leaving them a guide on how to boot to a systemrescuecd, chroot, and set the password... but that would be incredibly ugly
00:57 MTecknology iggy: it's me wanting to give them an option for me never showing up again.
00:58 MTecknology I won't destroy server, but I could see myself getting up from a meeting, walking out, and not coming back.
00:59 dooshtuRabbit joined #salt
01:00 aqua^mac joined #salt
01:01 MTecknology Ryan_Lane: alternatively... I could encrypt my private key somewhere and give them the password for the file and the password for the key on my way out... but then I'd have to explain how to use it.
01:02 Ryan_Lane well, ssh key + passwordless sudo
01:02 Ryan_Lane multiple people could have that access, based on a group
01:02 Ryan_Lane then if you leave, another person still has access
01:02 MTecknology my personal key is in the authorized_keys file for root on every box
01:02 Ryan_Lane add multiple keys? :)
01:03 iggy I think the problem is that there isn't anyone else to give access to at the moment
01:03 Ryan_Lane why not ssh as normal user and passwordless sudo?
01:03 MTecknology nobody around here knows how to use shared keys :(
01:03 geekatcmu And that key has a good password on it already, so just give them the private key and, yes, the envelope with the password in it.
01:03 MTecknology Ryan_Lane: because I'm the only admin; that extra step would be a hassle for me. :P
01:04 MTecknology there's also the "hit by a bus" option...
01:04 Ryan_Lane :D
01:04 geekatcmu Or, better yet, create a reall root key that you never use, give them the password to it.
01:04 geekatcmu Also, lots of dithering because you don't want to have to use sudo is kind of childish.
01:04 MTecknology that's an option too
01:05 SheetiS MTecknology: The 'bus factor' at your job sounds scary to me.  1 bus should never be able to eliminate all the knowledge :(
01:05 MTecknology LOL!!!!
01:05 geekatcmu SheetiS: welcome to IT
01:05 godzilla74 joined #salt
01:05 MTecknology SheetiS: indeed... I can't begin to describe how bad it is here.
01:07 MTecknology geekatcmu: not sure how you think I'm dithering because I don't want to use sudo... I don't want to use sudo, I'm the only admin, I don't use it.
01:07 SheetiS geekatcmu: I'll never work anywhere again where I'm the only guy.  Even if I am the only guy who knows Salt really at my current place of employment, I have other admins interested, and my boss already can update the pillars repo for formulas I have in place to change configs.
01:08 MTecknology app admins that have local access and sudo rights, yes, sudo is used for that
01:08 geekatcmu "I'm the only guy today" is never a good reason for not doing things the right way.
01:08 MTecknology I'm having a hard time caring what your opinion is.
01:08 geekatcmu That's fine, too
01:09 alex-mesos joined #salt
01:09 Ryan_Lane however you feel is the right way is likely the right way for you ;)
01:09 Ryan_Lane I'm personally just offering alternatives :)
01:09 iggy I don't think everybody realizes that we already had this whole conversation about an hour ago
01:09 iggy and someone sounds like they're tired of hearing it
01:10 iggy or just cranky
01:10 MTecknology Are we calling me cranky?
01:10 MTecknology I'm always cranky.
01:10 SheetiS I was driving home from work during that hour, but I think we all get tired and cranky from time-to-time.  Goes with the territory some days.
01:10 BrendanGilmore joined #salt
01:10 MTecknology I haven't had my bottle yet today because I'm working a 12hr shift... I WANT MY BOTTLE!!!!
01:11 iggy I carry a flask for days like that
01:11 MTecknology that's instant-fired if I get caught with it here
01:11 SheetiS hmm, while we don't have bottles or flasks at work, we do have usually 1-2 random beer choices on tap.
01:12 MTecknology SheetiS: I want to punch you in the kidney.
01:12 MTecknology (out of jealousy)
01:12 iggy me too
01:12 iggy or the liver
01:12 iggy just to give it a double beating
01:12 MTecknology liver - I like that better
01:13 cpowell joined #salt
01:13 MTecknology I need to update salt on 180 windows servers...
01:13 SheetiS Hmm now I am scared to go to saltconf.  Won't make it home... ;-)
01:13 MTecknology ah, nope... I have windows boxes at 2014.1.10! My day just got a bit happier.
01:14 MTecknology also, the root password thing is taken care of and I'm pushing a highstate to 500 boxes.
01:14 MTecknology I really should start doing this in batches of 20
01:14 MTecknology -b 20 is just so much extra effort... :P
01:14 SheetiS MTecknology: I always use batches.
01:15 MTecknology I would have, I just forget it this time around.
01:15 SheetiS Something about a 20 load average on my salt-master just sets off my OCD
01:15 MTecknology load average: 18.19,
01:15 MTecknology funny
01:15 nickjj joined #salt
01:16 SheetiS and if it runs that way long enough, it also sets off my Nagios... ;-)
01:16 MTecknology I haven't managed to get net-snmp and spectrum working properly together, so I actually don't get alarms... ever
01:16 MTecknology that's on my to do list
01:17 MTecknology 45min left until go home time! Then I put in 8hr 45min tomorrow. Then I take Friday off to go hunting for three days! :D
01:19 SheetiS well I may head back out again.  Just had to pop on for a bit to get some work done
01:19 MTecknology SheetiS: but, I'll miss you!
01:21 SheetiS I might be back around later on, but my son goes to bed soon, so I should spend a little more time w/ him while I can.
01:21 MTecknology I wonder how many processes will break by forcing no root ssh logins using passwords across all servers.
01:21 MTecknology I saw two processes break. (obviously means they were broken to begin with)
01:23 mapu joined #salt
01:25 kickerdog joined #salt
01:26 mapu joined #salt
01:27 bhosmer joined #salt
01:28 mapu joined #salt
01:31 mapu joined #salt
01:34 mapu joined #salt
01:37 mapu joined #salt
01:39 mapu joined #salt
01:40 mapu joined #salt
01:40 TTimo joined #salt
01:43 mapu joined #salt
01:46 mapu joined #salt
01:47 nickjj joined #salt
01:48 mapu joined #salt
01:51 mapu joined #salt
01:52 meylor joined #salt
01:53 MTecknology WOOHOOO!!! Time to go home! :D
01:54 notpeter_ joined #salt
01:54 mapu joined #salt
01:56 malinoff joined #salt
02:02 mapu joined #salt
02:03 nitti joined #salt
02:04 mapu joined #salt
02:05 cberndt joined #salt
02:06 godzilla74 joined #salt
02:06 mapu joined #salt
02:09 MTecknology I don't suppose we could be adding a feature that says if greater than x minions in execution, use batch of size z...
02:13 mapu joined #salt
02:13 forrest joined #salt
02:15 Nexpro joined #salt
02:15 Nazca joined #salt
02:21 rypeck joined #salt
02:24 BrendanGilmore joined #salt
02:30 DaveQB joined #salt
02:37 batang_munti joined #salt
02:41 l0x3py joined #salt
02:42 higgs001 joined #salt
02:48 iggy I need to do more formula work... those PRs get merged in minutes
02:56 mosen joined #salt
02:59 perfectsine joined #salt
03:02 zlhgo joined #salt
03:05 felixdeschamps joined #salt
03:05 felixdeschamps Hi all
03:05 felixdeschamps had a question about the use of onfail, hoping it's not a bug and not intended behavior either
03:07 felixdeschamps when using onfail, i have noticed that if the condition that onfail is supposed to trigger on doesn't trigger, then onfail ends up looking like a failed block (rather than simply not being ran) and the whole thing appears to be failed. Does anybody know if that is by design? (or should be considered a bug)
03:08 iggy felixdeschamps: first off... are you using 2014.7 (i.e. the as yet unreleased version)
03:08 felixdeschamps yes. 2014.7.0rc7
03:08 meylor joined #salt
03:09 iggy so the main state is successful, but the onfail runs anyway and fails?
03:10 felixdeschamps main state is successful, onfail doesn't run, but the message for the onfail block basically says 'One or more requisite failed'
03:12 iggy I wouldn't expect that, but I've not tried it, so...
03:12 felixdeschamps yeah, threw me off. the whole sls is considered to be in a 'failed' state basiclaly
03:12 Mso150_o joined #salt
03:12 iggy either way, I'd search for a ticket and if there isn't one, open one
03:12 iggy if they say it's expected, tell them to update the docs to indicate that
03:13 felixdeschamps sounds good. i will do that. thanks iggy
03:16 bhosmer joined #salt
03:16 possibilities joined #salt
03:24 murrdoc joined #salt
03:25 AviMarcus joined #salt
03:28 racooper joined #salt
03:29 Ryan_Lane joined #salt
03:29 Ryan_Lane joined #salt
03:30 gwb joined #salt
03:30 murrdoc joined #salt
03:32 kermit joined #salt
03:32 bezeee joined #salt
03:34 felixdeschamps Looks like it's been bugged already https://github.com/saltstack/salt/issues/16370
03:40 anotherZero joined #salt
03:42 jalbretsen joined #salt
03:44 jalaziz joined #salt
03:52 mgw joined #salt
03:57 MugginsM joined #salt
04:05 Ssquidly joined #salt
04:06 Ssquidly joined #salt
04:08 snuffeluffegus joined #salt
04:08 Ssquidly joined #salt
04:09 kickerdog joined #salt
04:10 Ryan_Lane joined #salt
04:13 possibilities joined #salt
04:22 mgw joined #salt
04:28 higgs001 joined #salt
04:28 lude joined #salt
04:43 psidox joined #salt
04:45 ajolo joined #salt
04:52 kickerdog joined #salt
04:52 ajolo joined #salt
04:56 kickerdog1 joined #salt
05:00 ndrei joined #salt
05:01 Outlander joined #salt
05:04 Katafalkas joined #salt
05:19 emostar is it possible to run newer versions of salt on minions than on the master?
05:19 emostar or the opposite... old versions of minions with newer masters?
05:20 malinoff emostar, http://docs.saltstack.com/en/latest/faq.html#can-i-run-different-versions-of-salt-on-my-master-and-minion
05:22 emostar malinoff: is there a preferred way of bootstrapping new servers so they get an older version of salt?
05:22 malinoff emostar, bootstrap script, i guess
05:22 emostar the main problem i am facing is that new servers get bootstrapped with the latest salt minion, but the master and other minions would be a pain to upgrade at that point.
05:23 emostar malinoff: that's what i am using.. it always gets the latest version. i'm wondering what other people do, because i imagine they have (or had) the same issue
05:24 malinoff emostar, https://github.com/saltstack/salt-bootstrap#examples you can specify desired version
05:25 emostar malinoff: ok thanks, that looks good. that is what everyone is doing?
05:25 malinoff emostar, i dropped salt :)
05:26 emostar malinoff: for what?
05:27 malinoff emostar, ansible
05:27 emostar malinoff: was there a problem with salt that caused the switch?
05:27 malinoff emostar, well, one of these problems is absence of backwards compatibility
05:28 emostar ... hence the reason i am here now heh
05:28 malinoff right
05:28 possibilities joined #salt
05:28 malinoff and i found salt extremely unstable in networking manner
05:29 malinoff some of minions may respond and some may not without any pattern
05:30 emostar actually i have seen that... i usually warm things up with a 'test.ping' and after a few times all the servers respond.
05:30 malinoff Also, if you look in the source code, you find that "features are glued together", and there is no a birds-eye architecture view
05:31 malinoff emostar, it is very annoying when deploying from Jenkins :)
05:31 emostar well, i'm sure ansible has its warts too when you look into it
05:32 emostar yeah, i can't imagine automating our deploy process with salt... we are using fabric to do deploys.
05:33 malinoff yes, it has its own concerns, but they're more about syntax and (again) glue between features, but at least it works
05:33 TTimo joined #salt
05:35 ramteid joined #salt
05:36 iwishiwerearobot joined #salt
05:38 felskrone joined #salt
05:43 stooj I am trying to use salt to manage our desktops and servers, which run a mix of linuxes. Upgrading is pretty scary though, because of debian boxes have dpkg-reconfigure stuff that seems to fail, and arch boxes sometimes need extra work post-install. Am I just using Salt for the wrong thing?
05:46 saffe joined #salt
05:48 jhauser joined #salt
05:49 berto- joined #salt
05:50 saffe joined #salt
05:50 l0x3py joined #salt
05:51 MTecknology stooj: sounds messy; I like to force strictly Debian in my environment. Unfortunately, I get RHEL crap mixed in. :(  dpkg-reconfigure shouldn't happen during an upgrade...
05:53 saffe_ joined #salt
05:53 TyrfingMjolnir joined #salt
06:06 saffe joined #salt
06:11 TyrfingMjolnir joined #salt
06:13 saffe joined #salt
06:15 TyrfingMjolnir joined #salt
06:21 saffe joined #salt
06:22 saffe joined #salt
06:22 stooj MTecknology: thanks. I think I just wanted some assurance that "yes, this is what it's for."
06:22 TyrfingMjolnir joined #salt
06:30 MTecknology stooj: depends; salt is excellent for a pile of situations. So far, across 500 systems (debian/centos/vmware/windows), salt has been perfect for me. My goal is to someday never maintain servers directly, only via salt states. note... the 500 servers are all unique butterflies
06:30 saffe joined #salt
06:31 saffe_ joined #salt
06:33 MTecknology I don't know what you're doing with it, though. Using salt to control mouse clicks through a gui-only configuration tool is not a good idea.
06:33 MTecknology bed time for me; maybe saffe will have a better connection in the morning too...
06:36 catpigger joined #salt
06:38 saffe joined #salt
06:39 robinsmidsrod joined #salt
06:39 saffe joined #salt
06:43 saffe joined #salt
06:43 Ancient joined #salt
06:44 TyrfingMjolnir joined #salt
06:46 saffe_ joined #salt
06:49 calvinh joined #salt
06:52 TyrfingMjolnir joined #salt
06:54 bhosmer joined #salt
06:55 favadi_ joined #salt
07:05 TyrfingMjolnir joined #salt
07:06 saffe joined #salt
07:08 badon_ joined #salt
07:09 saffe_ joined #salt
07:11 TyrfingMjolnir joined #salt
07:17 flyboy joined #salt
07:23 tomspur joined #salt
07:30 wvds-nl joined #salt
07:30 TyrfingMjolnir joined #salt
07:42 Nexpro joined #salt
07:47 b1nar1_ joined #salt
07:52 l0x3py joined #salt
08:06 trevorj joined #salt
08:09 __gotcha joined #salt
08:13 eseyman joined #salt
08:14 saffe joined #salt
08:15 saffe joined #salt
08:17 lothiraldan joined #salt
08:17 slav0nic joined #salt
08:17 TyrfingMjolnir joined #salt
08:17 saffe joined #salt
08:19 calvinh_ joined #salt
08:27 micko joined #salt
08:30 bhosmer joined #salt
08:31 aquinas joined #salt
08:31 aquinas_ joined #salt
08:39 PI-Lloyd joined #salt
08:40 Mso150_o joined #salt
08:43 bhosmer joined #salt
08:45 iwishiwerearobot joined #salt
08:47 karimb joined #salt
08:48 ramishra joined #salt
08:51 ramishra joined #salt
08:53 saffe joined #salt
08:53 Pixionus joined #salt
08:54 ramishra_ joined #salt
08:56 baconbeckons joined #salt
09:11 ingwaem joined #salt
09:12 yomilk joined #salt
09:13 Mso150_o joined #salt
09:16 lcavassa joined #salt
09:20 intellix joined #salt
09:20 svx joined #salt
09:21 alex-mesos joined #salt
09:24 Shish joined #salt
09:25 urtokk joined #salt
09:25 alex-mesos joined #salt
09:26 akafred joined #salt
09:27 N-Mi_ joined #salt
09:27 N-Mi_ joined #salt
09:29 ProT-0-TypE joined #salt
09:37 saffe joined #salt
09:38 ProT-0-TypE joined #salt
09:48 meylor joined #salt
09:49 faust joined #salt
09:57 ramishra joined #salt
10:00 __gotcha joined #salt
10:01 msciciel_ i need to execute formula from base branch on production server and from dev branch on dev server. My top.sls looks like:
10:01 msciciel_ 'server1':
10:01 msciciel_ - myformula
10:01 msciciel_ dev:
10:01 msciciel_ base:
10:01 msciciel_ 'server1.dev':
10:01 msciciel_ - myformula
10:02 msciciel_ but on server1.dev i have error with duplicate labels base:myformula:sth conflict with dev:myformula:sth
10:02 msciciel_ what am i doing wrong ?
10:02 msciciel_ i store my formulas in git repository
10:03 calvinh joined #salt
10:04 ramishra joined #salt
10:05 calvinh joined #salt
10:06 P0bailey joined #salt
10:06 P0bailey joined #salt
10:14 bhi joined #salt
10:14 calvinh joined #salt
10:28 giantlock joined #salt
10:31 viq msciciel_: it would be just 'dev' without 'base' below, 'base' is the 'base environment
10:32 bhosmer joined #salt
10:34 msciciel_ viq: so what's wrong with my top.sls, could you show my an example at http://pastebin.com/ ?
10:34 viq msciciel_: could you show what you have now? eg at https://www.refheap.com/
10:35 brayn joined #salt
10:35 msciciel_ viq: https://www.refheap.com/92787
10:35 viq msciciel_: and it doesn't work?
10:36 fredvd joined #salt
10:36 msciciel_ viq: no :(
10:36 msciciel_ viq: and i'm very suprised with that
10:36 viq and you don't have any * in your top?
10:36 msciciel_ viq: it's works only when i execute salt-call   state.sls saltenv=dev myformula on dev server
10:37 viq msciciel_: and how otherwise are you trying to run it?
10:38 msciciel_ viq: to be accurate my top.sls looks like: https://www.refheap.com/92788
10:38 viq msciciel_: and that '*' at the top is your problem, I think
10:38 msciciel_ viq: i was experiment with matching minions in top.sls with pcre or lists but nothing helps
10:39 calvinh joined #salt
10:39 viq msciciel_: any chance server1 could get renamed to server1.prod for example? then you could have base with '*.prod' and dev with '*.dev'
10:40 msciciel_ viq: i've got 1100 servers and the problem is that i dont'a have .prod domain
10:40 viq msciciel_: well, my guess is that this '*' screws you over
10:41 viq msciciel_: maybe you couold change that to '* and not *.dev' - match: compound
10:42 msciciel_ viq: it's not so easy, i have many environments with different naming schema :(
10:42 viq msciciel_: yeah, but * matches all, and then you have the problems you mentioned
10:43 msciciel_ but i need one or two formula to be apllied to all hosts
10:43 msciciel_ in all environments
10:43 calvinh joined #salt
10:44 msciciel_ is there other way to add formula to all minion without '*' in top.sls ?
10:44 bhosmer joined #salt
10:44 viq Then maybe have a 'everyone' environment, and formulas that are in no other environment in there?
10:45 viq as in only those shared formulas in there
10:46 babilen Why don't you simply target those "one or two" formulas to '*' and then be more specific with the rest?
10:46 neilf_____ joined #salt
10:46 viq babilen: he tries with https://www.refheap.com/92788 but I think putting all hosts in base env makes the 'myformula' conflict between base and dev
10:47 babilen Well, once you target something to '*' you naturally don't have to target it *again*
10:47 ramishra joined #salt
10:48 msciciel_ but formulas targeted with '*' are not the formulas causing problem, because  formula which is causing problem is assigned to single host
10:48 viq msciciel_: my guess is that it puts them in that env, and that causes problems
10:49 msciciel_ viq: but if i want all hosts in base environment to have formula base from master git branch and all hosts in dev environment dev to have the same formula from dev branch git, how to achieve that ?
10:50 viq msciciel_: figure out some matcher that will allow you to target only prod hosts and only dev hosts
10:50 viq msciciel_: maybe time to set some grains?
10:52 msciciel_ viq: it's possible to use grain or pillar which specifes environments
10:53 viq Rather: it's possible to filter by grain. Which will let you assign machines to environments depending on value of grain.
10:55 viq And then you have http://docs.saltstack.com/en/latest/topics/targeting/grains.html#matching-grains-in-the-top-file
10:55 msciciel_ viq: how to negate matching in top.sls ? i have grains called environment and i want all hosts without environment=dev to be matched with base .
10:55 viq msciciel_: compound matcher
10:55 msciciel_ viq: thanks i'll try
10:56 moapa Anyone care to take a look at and help me figure out what is wrong? http://pastebin.com/bs9z2Ukq
10:57 viq moapa: home is supposed to be path, not boolean
10:57 bhosmer_ joined #salt
10:59 calvinh_ joined #salt
10:59 moapa viq: oh ok
10:59 viq At least that's what the error you pasted says ;)
11:01 calvinh joined #salt
11:01 jalbretsen joined #salt
11:02 saffe_ joined #salt
11:04 lothiraldan joined #salt
11:08 glyf joined #salt
11:12 apergos joined #salt
11:16 faust joined #salt
11:16 bhosmer_ joined #salt
11:21 yomilk joined #salt
11:29 saltuser joined #salt
11:29 favadi_ joined #salt
11:31 saltuser Hi! Please recommend how to change multiple minionID-s remotely from master?
11:33 bmcorser joined #salt
11:37 TheThing joined #salt
11:40 __gotcha joined #salt
11:41 ramishra joined #salt
12:01 yomilk joined #salt
12:02 __gotcha joined #salt
12:03 calvinh_ joined #salt
12:08 simmel joined #salt
12:15 dooshtuRabbit joined #salt
12:15 alex-mesos joined #salt
12:18 msciciel_ viq: i have reorganised top.sls to base on pillar but it doesn't solve problem :( http://pastebin.com/ZL46FVG0
12:18 moapa Howto check if a name exist in a array?
12:18 moapa % for usr in 'martin','johan','cacti' %}
12:18 viq msciciel_: not 'not something' - you need '* and not something'
12:18 moapa would {% if 'martin' in {{ usr }} %} validate ?
12:20 cofeineSunshine i think {{ usr }} should be evaluated to variable and then used in given expression
12:20 moapa cofeineSunshine: could you provide an example ?
12:20 msciciel_ viq: ok, i'll change this
12:21 cofeineSunshine {% set motd = ['/etc/motd'] %}
12:21 cofeineSunshine {% if grains['os'] == 'Debian' %} {% set motd = ['/etc/motd.tail', '/var/run/motd'] %}
12:21 cofeineSunshine {% endif %}
12:21 cofeineSunshine http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html
12:22 moapa But how can that help me check a content of a list?
12:32 ndrei joined #salt
12:37 moapa solved it
12:37 moapa {% if 'cacti' in usr %}
12:39 msciciel_ viq: unfortunately problem is not solved, i've changed matching to '* and not I@environment:itg' but still i get error about duplicated IDs
12:40 msciciel_ viq: The conflicting ID is "httpd_stats_nagios" and is found in SLS "itg:httpd-stats" and SLS "base:httpd-stats"
12:43 calvinh joined #salt
12:49 intellix joined #salt
12:50 calvinh_ joined #salt
12:52 saffe joined #salt
12:53 jalaziz joined #salt
12:55 saltuser So no builtin method to change minion_id?
12:56 babilen saltuser: You can delete /etc/salt/minion_id and then change the id in /etc/salt/minion (you might want to use the salt formula). Note that you will have to remove and reaccept keys.
12:57 babilen (also don't forget to restart the minion service)
12:59 PI-Lloyd Hi guys, bit of a strange one for ya - we are looking to setup a series of masters - primary master for controlling servers and additional masters (not syndics). As well as servers we have over 1000 devices around the world, for this we want to throw a few masters behind a load balancer. Now here comes the tricky part - managing minion keys on the load balanced masters. Is there a way built into salt that can replicate changes to minion keys (accepted, reje
13:01 dooshtuRabbit1 joined #salt
13:01 trikke joined #salt
13:01 saltuser babilen: ok, i was hoping there would be a more elegant way
13:03 ramishra joined #salt
13:05 rattmuff PI-Lloyd: perhaps you could run minions that watches the key directory and sync keys?
13:05 CeBe1 joined #salt
13:08 alexr_ joined #salt
13:09 hobakill joined #salt
13:10 PI-Lloyd rattmuff: potentially yes, there's also the reactor system that could potentially watch for key changes on each master then sync it to the others... but i was hoping there was something a bit more simple than that. Might just have to look at setting up a shared filesystem mounted to /etc/salt/pki/master/ (bit insecure but potentially the easiest way)
13:11 alexr__ joined #salt
13:12 OmriSegal joined #salt
13:12 rattmuff PI-Lloyd: interesting, I guess reactors would make sure that you have full control over the syncing. Shared filesystem seems easy enough as long as it doesn't fail
13:15 PI-Lloyd actually, thinking about it, because these devices are unique and because of some security stuffs, I will just set the masters to auto accept keys... then removing the keys can be done via a cmd.run (or soemthing) from the master of masters. Problem solved. :)
13:16 iamtew joined #salt
13:16 Miq joined #salt
13:17 mgw joined #salt
13:18 lothiraldan joined #salt
13:19 rattmuff heh
13:19 iamtew joined #salt
13:19 toddnni joined #salt
13:19 lothiraldan joined #salt
13:23 X86BSD joined #salt
13:29 wnkz joined #salt
13:29 X86BSD joined #salt
13:29 Reiner030 joined #salt
13:29 wnkz Hi, can anybody tell me how do I set keys in my "configuration tree somehow" ? (https://github.com/saltstack/salt/blob/2014.1/salt/modules/dockerio.py#L248)
13:32 workingcats PI-Lloyd, you could manage the master's keydb with salt and with that way distribute
13:34 viq joined #salt
13:35 ajolo joined #salt
13:35 calvinh joined #salt
13:36 calvinh joined #salt
13:40 miqui joined #salt
13:41 saffe joined #salt
13:42 cpowell joined #salt
13:47 [M7] left #salt
13:51 MTecknology wnkz: I'm not excited about the documentation there... Probably via pillar
13:53 Voziv left #salt
13:56 wnkz MTecknology: this looks weird ; he uses "get = __salt__['config.get']"
13:57 wnkz MTecknology: my first thought was that it came directly from /etc/salt/master :-/
13:57 MTecknology oh... I minned that
13:57 MTecknology probably want to create /etc/salt/minion.d/dockerio.conf and put the settings in there ... apparently
13:58 MTecknology missed*
13:58 calvinh_ joined #salt
14:01 mgw joined #salt
14:03 wnkz MTecknology: so you have to configure it _on the minion_ !?
14:04 racooper joined #salt
14:04 giantlock joined #salt
14:04 wnkz MTecknology: and what should I put there ? Directly like "docker.version: 42" ?
14:04 MTecknology wnkz: if it's a state the minion will use, then ya, probably
14:05 MTecknology ya, it would look like that
14:06 calvinh joined #salt
14:07 Reiner031 joined #salt
14:09 slav0nic joined #salt
14:09 slav0nic joined #salt
14:10 peters-tx joined #salt
14:11 gngsk joined #salt
14:13 jerematic joined #salt
14:14 nitti joined #salt
14:23 thedodd joined #salt
14:25 rspectre joined #salt
14:26 wnkz MTecknology: docker.conf doesn't seem to work :(
14:29 MTecknology wnkz: unfortunately, I've never touched docker and haven't messed with much that requires special settings like that. You might need to wait for others to give you a good answer.
14:29 wnkz MTecknology: what do you think about that ? https://www.bountysource.com/issues/2252474-allow-master-config-defining-static-custom-data-values
14:31 poupou joined #salt
14:34 calvinh joined #salt
14:34 poupou Hello, I'm writing a custom returner and I'm trying to find out the user who initiated the command, Is there an easy way to find out ?
14:34 Reiner032 joined #salt
14:38 MTecknology wnkz: really nice idea
14:38 MTecknology I've never seen that site before
14:38 mpanetta joined #salt
14:38 sxar joined #salt
14:40 viq msciciel_: sorry, back now. Did you try targetting minions by presence or absence of that pillar from command line? Does it work?
14:42 ajolo joined #salt
14:46 morsik joined #salt
14:47 MTecknology viq: any chance you played around with that formula for gitlab-ci at all?
14:47 godzilla74 joined #salt
14:47 viq MTecknology: no, sorry, ENOTIME usually :(
14:48 jakubek joined #salt
14:49 jakubek any idea why manage.up after first run shows only ~half minions after second run i get "proper" value
14:49 godzilla74 hey all, is it possible to watch a file directory for new files and modifications to file within it?
14:50 MTecknology godzilla74: you can pull from a source and watch if that causes files to change, but salt doesn't actively monitor the file system
14:51 CeBe1 joined #salt
14:52 viq godzilla74: salt doesn't watch files, salt watches states. So if a state changes a file, you can react on that, but not on a file changing outside of salt
14:53 viq (though there are tools that do that, but that's a different subject)
14:53 iggy basepi: ever hear anything about the recording from the salt meetup? (sorry to pester, just interested to see what was said and I missed it due to tz differences)
14:53 godzilla74 viq: so, I can’t specify a directoy to ‘watch’ in an SLS file like I can for a file?
14:53 msciciel_ viq: when i test from command line then minions are selected correctly based on pillar
14:54 viq godzilla74: you can't specify to watch a file either
14:54 intellix joined #salt
14:54 viq godzilla74: you can only specify to watch a state that manages a file - or for that matter a state that manages a directory
14:56 godzilla74 viq: hmm, maybe I’m not saying this right…
14:56 linjan joined #salt
14:57 godzilla74 viq: so i have a directory /folder that has a few .conf files in it on the master.
14:57 ponpanderer joined #salt
14:57 viq msciciel_: trying to figure this out, but nothing comes to mind yet I'm afraid. Line 4 from http://pastebin.com/ZL46FVG0 is now '* and not I@...', correct?
14:57 seydu joined #salt
14:57 fejese hi, is there a way to use the file.manage state with a file on the node as the template? I'd like to use a .dist file from the app repository checked out before to generate a config file
14:57 msciciel_ viq: yes, it's corrected
14:58 godzilla74 viq: i have an sls file in /srv/salt/configs/init.sls
14:58 godzilla74 viq: /folder/test.conf:
14:58 godzilla74 viq: file.managed
14:58 ponpanderer hey, is there a way to see what hosts would be targeted in advance of an execution other than using something like test.ping? the issue/question comes from using cmd.script and wanting to know when the execution is completed on all nodes as results roll in asynchronously
14:58 viq msciciel_: then sorry, I don't really know right now. I hope someone on the list will know and respond.
14:59 Katafalkas joined #salt
14:59 msciciel_ viq: it's not a matter of life and death , i can wait for response. I wrote about this problem to mailing list also.
14:59 viq ponpanderer: how about salt-run jobs.active ?
14:59 viq msciciel_: yeah, I saw
15:00 housl joined #salt
15:00 viq godzilla74: if file.recurse would work for you, then you could watch that as well
15:00 msciciel_ viq: i was trying many ways to brute force this problem but nothing works
15:00 godzilla74 hmm, let me look into that one
15:00 godzilla74 viq: thanks!
15:00 viq msciciel_: maybe grains would be more reliable than pillars?
15:00 msciciel_ viq: only salt-call with env specification
15:00 ponpanderer viq: will a job be considered completed (not active) once all nodes have returned results or timeout expires?
15:01 viq ponpanderer: I think only when all returned
15:01 thedodd joined #salt
15:01 msciciel_ viq: i was trying with grains too but nothing changed
15:02 viq msciciel_: how did you do it?
15:02 bezeee joined #salt
15:02 msciciel_ viq: the same as for pillar but used G@ instead of @I for matching
15:03 viq mhmm
15:03 viq msciciel_: do you only have prod and dev?
15:03 msciciel_ viq: when i use this matching used in top.sls with test.ping then list of hosts is correct
15:05 msciciel_ viq: theoriticaly i have prod|itg|stg|ds|mgt|tng|rc|test|dev but in salt i'm using currently prod (which is base) and dev and itg
15:06 msciciel_ viq: in top.sls i have only base and itg, i removed dev
15:06 dude051 joined #salt
15:07 viq mściciel: I would probably try whitelisting, not blacklisting. so something like https://pbot.rmdir.de/TsscWJl5OS6HMn_V1Yba-A
15:08 msciciel_ viq: i've tried this with pillar and grains but always get IDs conflict
15:09 viq Then sorry, I don't know, I haven't played with envs pretty much at all. Maybe it's time for a bug report?
15:09 nitti joined #salt
15:10 msciciel_ viq: i'll setup seperate test env to have very simple top.sls. Maybe is a bug with gitfs ? i'll check filefs and gitfs
15:10 * viq nods
15:11 iggy msciciel_: there's state.top to run a specific top file (vs just /top.sls
15:12 msciciel_ iggy: thanks
15:12 thedodd joined #salt
15:17 nitti joined #salt
15:19 jaimed joined #salt
15:20 svx_ joined #salt
15:21 calvinh joined #salt
15:24 TyrfingMjolnir joined #salt
15:25 svx joined #salt
15:25 calvinh_ joined #salt
15:26 TyrfingMjolnir joined #salt
15:30 djstorm joined #salt
15:30 thedodd joined #salt
15:32 SheetiS joined #salt
15:33 calve joined #salt
15:33 calve hi salt !
15:33 babilen o/
15:34 calve I think I just experienced this issue : https://github.com/saltstack/salt/issues/16610
15:34 calve my apache service should have restarted, but salt failed with something in the lines of "if ret['changes'].get('ret', {}).get('retcode', 0) != 0:"
15:35 calve and apache actually restarted
15:35 calve could someone explain me what is going on ?
15:35 jaimed joined #salt
15:36 babilen yes, that is a known issue. I ran into this too and am not sure how to solve it. You might want to backport/use the fix in there (and/or https://github.com/saltstack/salt/issues/16915 )
15:36 diegows joined #salt
15:37 babilen It is super pesky, but you could make the change in https://github.com/saltstack/salt/pull/16617/files and put the resulting file into $FILE_ROOTS/_states/modules.py and sync it to your minions
15:37 ksj joined #salt
15:38 calve thank you for the links
15:39 calve I experienced quite a lot of issues the last few days
15:39 calve the bad part is that they do not fire with 'test=True'
15:39 iggy babilen: what's up with the crypto stuff in salt-cloud? or are you just merging stuff that doesn't look terribly stupid?
15:40 conan_the_destro joined #salt
15:40 kermit joined #salt
15:41 babilen hasn't that been merged my nmadhok?
15:41 iggy but then it was reverted
15:42 babilen And as I don't use salt-cloud and am not too familiar with the code it touches I don't feel comfortable merging that anyway. If it has been reverted then there was probably a good reason to do so. Give me a second to take a look.
15:42 ksj hi, I run into errors when I run salt-ssh against localhost. The same setup works fine when run from a different pc against the "master". The errors are related to permissions in /tmp/.salt. I'm just wondering if this is expected behaviour (i.e. why would you run salt against the master, idiot?) or whether there's some trick to get it to work
15:42 data551 joined #salt
15:43 iggy well... the module isn't in pip anymore (as the original PR said)
15:44 babilen Yes, and techhat commented in #60 "I think you were right the first time with this pull request. Let's kill the pip dependency."
15:44 iwishiwerearobot joined #salt
15:46 hasues joined #salt
15:46 hasues left #salt
15:47 kickerdog joined #salt
15:49 iggy I did not expect there to be a discussion like that on a PR
15:50 babilen Why not?
15:50 dooshtuRabbit joined #salt
15:51 iggy just never seen it... to me it seems once it went past the obviously wrong/right stage, I would have opened a ticket for it
15:52 babilen Ah, well .. consider this a first then :D
15:52 hasues joined #salt
15:53 iggy okay, so now that we got that settled... who are you on GH? because I was assuming you were nmadhok after all the talk and merges the other day
15:54 kickerdog1 joined #salt
15:58 fejese room looks busier now, so just trying again: is there a way to use a file on the minion as the template for a file.managed state's source? it'd be a .dist file in a repository that is checked out by a git state
15:58 ndrei joined #salt
15:59 Pork__ joined #salt
16:00 lothiraldan joined #salt
16:01 viq fejese: I don't think so, but in theory you could make master aware of that git tree
16:02 iggy if you aren't actually trying to use a jinja template that's local, you could use file.copy and then the other file.{append,blockreplace,etc.}
16:03 iggy but that sounds convoluted personally
16:06 fejese my problem is that for each deployed application we have some kind of config.conf.dist file that needs to be included in the app repo to help anyone looking that repo to understand what option exists. but then we need it in salt as well to deploy the acutal config.conf. do you have a better way of sorting this out?
16:06 _0x1d3 joined #salt
16:06 fejese surely it's not us only who have .dist files for configurations :)
16:06 Ozack1 joined #salt
16:07 iggy sounds like it
16:08 mapu joined #salt
16:08 TyrfingMjolnir joined #salt
16:09 saffe joined #salt
16:09 pipps joined #salt
16:10 kickerdog joined #salt
16:12 beneggett joined #salt
16:13 saffe joined #salt
16:13 scryptic1 joined #salt
16:19 gwb joined #salt
16:19 KennethWilke joined #salt
16:22 kermit joined #salt
16:22 TyrfingMjolnir joined #salt
16:22 b1nar1 joined #salt
16:22 kermit left #salt
16:23 data551 left #salt
16:28 bezeee joined #salt
16:29 TyrfingMjolnir joined #salt
16:29 forrest joined #salt
16:31 saffe joined #salt
16:32 CeBe1 joined #salt
16:35 saffe joined #salt
16:36 martoss joined #salt
16:36 martoss left #salt
16:39 jalbretsen joined #salt
16:39 beneggett joined #salt
16:40 oyvjel joined #salt
16:42 saffe joined #salt
16:43 seydu Hi. When I run 'highsate' I get this error :  Kernel module wp512 is unavailable. This happend because the package 'vm.swappiness' seems to have been added automatically by the minion, and it requires on 'kmod'
16:44 ajolo_ joined #salt
16:45 eriko joined #salt
16:46 StDiluted joined #salt
16:46 tligda joined #salt
16:49 mgw joined #salt
16:50 iggy minions don't automatically add stuff
16:51 basepi iggy: http://bit.ly/1s5s5AB
16:51 basepi that's the recording
16:51 iggy ^5
16:52 iggy thanks
16:52 basepi =)
16:53 KyleG joined #salt
16:53 KyleG joined #salt
16:55 kickerdog joined #salt
16:57 higgs001 joined #salt
16:58 spielberg joined #salt
16:58 smcquay joined #salt
17:02 seydu Maybe the master did. I am sure I did not add the state 'swappiness' !
17:04 seydu tried to find it using grep in /etc/salt/ and /srv/salt/. I did not find it
17:04 seydu It's like it is added dynamically
17:06 iggy it's probably included/required by something else you're running
17:06 renoirb Hi all
17:06 tafa2 joined #salt
17:06 renoirb Is there a way to target a minion based on a member of an array
17:06 renoirb e.g. roles: ['foo','bar','baz']
17:07 druonysus joined #salt
17:07 druonysus joined #salt
17:07 renoirb and I want to target a minion that     'G@roles:foo'
17:07 renoirb i’m unsure of the syntax
17:07 iggy that
17:07 dimeshake joined #salt
17:09 renoirb The section here doesn’t mention how you can target 'memcache' in the grains:roles: ['webserver','memcache']
17:09 renoirb http://docs.saltstack.com/en/latest/topics/targeting/grains.html#grains-in-the-minion-config
17:11 iggy you have it right already
17:11 iggy roles:memcache
17:11 glyf joined #salt
17:12 renoirb salt -G 'roles:memcache' test.ping
17:12 renoirb ?
17:12 SheetiS renoirb: correct
17:12 pipps joined #salt
17:12 renoirb ok, maybe I got a true false test
17:12 renoirb (opposite of a false positive)
17:12 renoirb let me try again
17:13 Baluse joined #salt
17:13 Baluse http://raw.pro-chan.com/Raw/t/674_1382207920 salt
17:13 viq renoirb: I believe that's called a false negative ;)
17:14 renoirb hahaha, makes sense
17:14 renoirb I tried with another grain that has an array
17:14 seydu Even when I have an emty list of states in my top file these two states are listed
17:14 renoirb (how array is called in python? I’m used to PHP/JavaScript termonilogy)
17:15 iggy renoirb: you mean a dict?
17:15 iggy series of key:value pairs?
17:16 renoirb a = ['foo','bar','baz']
17:16 renoirb b = {'key': 'value', 'key2': 'value2'}
17:16 renoirb typeof a?
17:16 renoirb typeof b?
17:16 renoirb :)
17:16 renoirb there’s also the ordered set
17:17 renoirb a = ('foo','bar','bazz') # Where the order will NEVER change
17:17 StDiluted renoirb: get your grain working?
17:17 renoirb but i’m talking about [] and {} notation
17:17 renoirb its not working
17:17 renoirb salt -G 'saltversioninfo:13' test.ping
17:17 renoirb should work
17:17 StDiluted viq: what did you think of mist.io?
17:17 zlhgo joined #salt
17:18 renoirb saltversioninfo: [2014, 1, 13,0]
17:18 renoirb I would expect that every minion that has 13 part of that *array* (dict?)  should be targeted for a test.ping
17:18 dalexander joined #salt
17:19 renoirb clever-cloud.com too
17:20 renoirb iggy.  Let’s try to target based on another grain, the saltversioninfo grain
17:20 renoirb it has an ordered array of numbers making the version
17:21 iggy that's a list
17:21 iggy [] = list - {} = dict
17:21 KennethWilke joined #salt
17:22 mgw joined #salt
17:23 linjan joined #salt
17:23 iggy () = tuple
17:24 iggy I'm not sure you can target tuples that way
17:24 nordas joined #salt
17:24 kickerdog left #salt
17:24 iggy -G 'saltversion:*13*'
17:24 iggy that works though
17:26 spookah joined #salt
17:26 troyready joined #salt
17:27 nordas left #salt
17:29 phblj joined #salt
17:31 felskrone joined #salt
17:31 aparsons joined #salt
17:31 phblj is there a guarantee to the order pillar sls files will be processed?  Can I set some defaults in '*' then override some of them in files later in top.sls for specific server types?
17:31 phblj or is the possibility the defaults will be processed last and "win"?
17:33 iggy if you need strict ordering, use require/etc
17:33 iggy in general it's top down
17:34 meylor joined #salt
17:36 apergos how many days behind the branch cut til packages for the new salt release show up in the salt ppa, typically?
17:37 possibilities joined #salt
17:38 ndrei joined #salt
17:40 iggy there is no typical
17:40 iggy it's kind of all interlinked
17:52 renoirb back
17:52 renoirb oh
17:52 jaimed joined #salt
17:53 aparsons joined #salt
17:54 dalexand_ joined #salt
17:54 beneggett joined #salt
17:55 ajolo_ joined #salt
17:56 ajolo joined #salt
18:05 hasues joined #salt
18:05 hasues left #salt
18:06 gmcwhistler joined #salt
18:07 bhosmer_ joined #salt
18:07 kermit joined #salt
18:08 conan_the_destro joined #salt
18:08 wendall911 joined #salt
18:09 bhosmer__ joined #salt
18:10 pipps joined #salt
18:10 kermit left #salt
18:11 rspectre joined #salt
18:12 rap424 joined #salt
18:15 beneggett joined #salt
18:16 troyready joined #salt
18:17 jforest joined #salt
18:18 murrdoc joined #salt
18:18 _0x1d3 left #salt
18:19 dave_den joined #salt
18:20 bhosmer_ joined #salt
18:20 jaimed joined #salt
18:21 Katafalkas joined #salt
18:22 viq StDiluted: could be interesting, though I didn't look too closely yet, and I don't do much with cloud
18:23 hasues joined #salt
18:23 hasues left #salt
18:24 Mso150_o joined #salt
18:25 possibilities joined #salt
18:26 Ryan_Lane joined #salt
18:30 dave_den1 joined #salt
18:33 Gareth morning morning
18:35 ProT-0-TypE joined #salt
18:35 babilen good evening
18:36 mpanetta Good afternoon
18:36 SkyRocknRoll__ joined #salt
18:37 possibilities joined #salt
18:38 murrdoc morning
18:38 babilen murrdoc: No, we need a person in Asia/Oceania now
18:39 murrdoc aisa is asleep right now
18:39 babilen The matrix never sleeps </offtopic>
18:41 __gotcha joined #salt
18:41 murrdoc joined #salt
18:42 aw110f joined #salt
18:42 cberndt joined #salt
18:43 XenophonF joined #salt
18:43 linjan joined #salt
18:47 CeBe1 joined #salt
18:51 CeBe1 joined #salt
18:52 __gotcha1 joined #salt
18:53 murrdoc joined #salt
18:54 dooshtuRabbit joined #salt
18:54 linjan joined #salt
18:55 scryptic1 joined #salt
18:56 calve bye all
18:57 NV joined #salt
19:07 iggy so after watching that video... yeah, halite is dead
19:08 mpanetta iggy: Video?
19:08 iggy the salt meetup video where they were talking about the enterprise dashboard
19:08 mpanetta Ah, I missed that one.
19:09 iggy http://bit.ly/1s5s5AB
19:09 mpanetta iggy: Thanks
19:09 iggy the first half is "release notes", the second half (or so) is the new gui
19:10 iggy (which isn't open source, contrary to what was said earlier)
19:10 beneggett joined #salt
19:11 kballou joined #salt
19:11 iggy don't get me wrong, I'm all for them doing what they want to make money... I know we are
19:12 kickerdog joined #salt
19:12 mpanetta Does anyone use halite?
19:12 iggy I just wish I hadn't had to ask about it for a month and eventually find out from a meetup video recording
19:12 kickerdog I use halite
19:12 mpanetta I have not seen it yet
19:12 mpanetta s/seen/used/
19:13 StDiluted I wanted to use it
19:13 StDiluted that kinda sucks
19:13 iggy never fear...
19:13 jcockhren open source is here?
19:15 ksj hi, I'm going through the tutorials and have been hitting a lot of errors/problems. Took me a while to figure out that doing 'rm -r var/cache/salt/master/; rm -r /tmp/.salt/' will sort things out. I'm wondering why things like saltutil.refresh_pillar aren't working without removing the cache. Is this default behaviour?
19:16 ksj I'm using salt-ssh by the way
19:20 ksj OK, think I got it figured for that one. the concept of refreshing the pillar is meaningless with salt-ssh. my fault. still, it would be good if there was something in the docs at the beginning that told you to try deleting the cache if you hit errors
19:20 dude^2 joined #salt
19:20 ksj in my case a lot of them seem to have been caused by switching between 0mq and ssh
19:22 iggy salt-ssh was labeled beta for 2014.1 iirc, are you using the (as yet technically unreleased) 2014.7?
19:22 iggy if not, it has much better salt-ssh support
19:22 teepark https://github.com/saltstack/salt/issues/12064 is the __salt__ jinja variable missing in 2014.1.13? I'm getting something similar: "Unable to manage file: Jinja variable '__salt__' is undefined; line 2"
19:23 iggy it's __salt__ in python
19:23 iggy not in jinja
19:23 teepark wups. nothing to see here
19:24 paha joined #salt
19:24 dude051 joined #salt
19:25 ckao joined #salt
19:28 XenophonF joined #salt
19:29 XenophonF hey all - i want to use an INF file with the msysgit installer (see https://github.com/saltstack/salt-winrepo/blob/master/msysgit.sls)
19:30 XenophonF do I have to push the INF file to the minion myself using a file.managed state, or can winrepo do that (and clean up after) for me?
19:32 druonysuse joined #salt
19:32 druonysuse joined #salt
19:32 ksj iggy: if you were addressing me, thanks. I'm using 2014.1.13. Going to upgrade to the latest git now, but I'll probably downgrade if there's issues so I don't come on here and annoy you all with known bugs
19:34 ksj by the way, salt is brilliant. I've spent the last 6 months fighting to get ansible to do what I want. salt makes sense, though others would probably think differently
19:35 beneggett joined #salt
19:36 iggy ksj: 2014.7.0 has been tagged, I'd try that (vs devel)
19:36 linjan joined #salt
19:36 iggy if you find bugs in it, you should definitely bug someone (here or the issue tracker)
19:39 Ryan_Lane1 joined #salt
19:39 ksj iggy: ok, I see one major bug already. The man page has been changed from the lovely, concise command usage into.....god knows. a complete copy of the website by the looks of it. not good
19:40 iggy you might check with your distro packager on that
19:40 MrFuzz joined #salt
19:41 iggy there's also salt.1 and salt.7
19:41 Ryan_Lane joined #salt
19:41 iggy no distro packager I guess
19:43 ksj I'm on arch and just did yaourt -S salt-git which pulled the latest. I don't imagine the package maintainer does anything weird with the man pages
19:45 iggy holy crap... it's 2.3MB
19:45 iggy I knew there was a reason I just open the docs in a browser
19:45 possibilities joined #salt
19:45 ksj it's a monster
19:45 iggy but check the salt.1 vs salt.7 thing
19:46 ksj personally I'd call it a bug, because I use openbsd mostly and they consider bad documentation as a legitimate bug
19:46 * iggy shrugs
19:47 iggy if every package in openbsd relies solely on a man page for documentation... I commend them... and understand why nobody uses it
19:49 ksj it's about well written man pages. it was one of the reasons I switched. you can sit with a single man page and learn an entire tool. but yeah...not many people use it (I've been searching for open bsd jobs and there's 0 out there).
19:51 pssblts joined #salt
19:51 forrest joined #salt
19:52 XenophonF the BSD man pages are awesome
19:56 ksj quick question, which will certainly be covered in the docs but I'm a little impatient on it. I have a list of packages to install that varies depending on the purpose of the machine - so I have e.g. 5 lists of packages. The various machines I have use different OSs with different package names. I don't want to have each list (pillar) with lots of 'if grains[' in them, because there will be multiple lists and
19:56 ksj keeping track will be a nightmare. What I'd like to do is define a "cross check" list. That is to say, if the state should just call pkg.install vim, and somewhere lower than that salt should figure out the correct package name to install.....oh wow, I did a long-winded bad job of explaining that
19:56 ksj sorry....very long day. 8pm here and still in the office
19:56 mpanetta ksj: Map files do that.
19:56 ksj mpanetta: that sounds like EXACTLY what I'm after
19:56 ksj will search the docs
19:57 mpanetta ksj: http://docs.saltstack.com/en/latest/topics/best_practices.html
19:57 mpanetta Start there I think that should help.
19:58 mpanetta ksj: They talk about map.jinja files here: http://docs.saltstack.com/en/latest/topics/best_practices.html#modularity-within-states
19:58 miqui joined #salt
19:58 ksj yep, just seen it
19:59 ksj I was a little concerned when I put 'salt map files' into google and all the results were talking about salt-cloud
19:59 racooper joined #salt
19:59 ksj right, will look properly tomorrow. my brain's fried. thanks for your help
19:59 mpanetta No problem
20:01 iwishiwerearobot joined #salt
20:01 ghanima joined #salt
20:01 XenophonF ksj: here's a moderately complicated example from my Salt config - https://bpaste.net/show/14ebeb64d1c0
20:02 XenophonF handles FreeBSD, RHEL 6.5, and RHEL 7.0, each of which call the "statd" service different things
20:04 dude051 joined #salt
20:05 ksj cool, thanks. will dive into it properly tomorrow. night
20:06 XenophonF l8trz
20:08 Mso150 joined #salt
20:10 hasues joined #salt
20:11 pdayton joined #salt
20:11 hasues So when using salt-cloud with vsphere, am I correct in thinking that the image that salt-cloud is to provision, a user named "None" should exist, and it should have root privileges?
20:13 Mso150_e joined #salt
20:13 SheetiS hasues: probably better to specify a user rather than use 'None', but ideally would have root or passwordless sudo privs.
20:13 rlarkin does anyone know if I can deploy custom grains during highstate and then sync them so they can be acted upon during that same highstate?
20:14 SheetiS rlarkin: I use an orchestration that runs my grains state first then runs the highstate.
20:14 hasues SheetiS: But where does the user get specified?  The only user I see in the provider configuration is the user for accessing the cloud API provider.  I do not see an option for supplying the username that exists on the VM?
20:14 notpeter_ Has anyone gotten salt-cloud functioning with Rackspace metal instances?
20:14 rlarkin I tried to have a 'grain.sls' in startup state and call highstate at the end of the grains state, but that fails often 'a state is already running'
20:14 rlarkin or similar error
20:14 hasues SheetiS: I see a "ssh_username" directive, but it does not work.
20:15 notpeter_ It's failing for me (ssh key doesn't seem to be getting installed). What's the easiest way to troubleshoot this?
20:15 rlarkin SheetiS: orchestration?  isn't salt-cloud an orchestration?
20:17 TheThing joined #salt
20:17 rlarkin http://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html
20:17 rlarkin ^^
20:17 SheetiS rlarkin: http://docs.saltstack.com/en/latest/topics/tutorials/states_pt5.html#orchestrate-runner is what I am talking about, and https://bpaste.net/show/ee0526664682 is an example of my orchestration.  I set it up as a macro so i can include it in other orchestrations
20:18 SheetiS with different targets.
20:18 possibilities joined #salt
20:18 linjan joined #salt
20:19 SheetiS hasues: the ssh_username has to exist on the image and the new vm must be accessible via ssh (ideally through an ssh key) by the salt master that is running the salt-cloud command.
20:20 jalaziz joined #salt
20:20 jaimed joined #salt
20:20 aparsons joined #salt
20:20 hasues SheetiS: If one supplies root as the ssh_username, salt-cloud will not use that username with the vsphere provider.  It chooses "None"
20:21 hasues SheetiS: If I create a user on the image named "None", and put a passwordless key on the salt-master for its root user to the "None" user on the image, it will attempt to communicate and install (but it failed as I did not give the None user root privileges)
20:22 hasues SheetiS: If I make a passwordless sudo rule for it acquiring privs, should that suffice?
20:22 hasues SheetiS: Or does it literally need UID of 0?
20:23 CeBe1 joined #salt
20:24 SheetiS I've got active stuff that used ssh_username=root with other cloud providers.  My vsphere stuff isn't in a state where I can readily test that exact case at the moment however.
20:25 SheetiS It should be a name not a uid
20:25 SheetiS as the bootstrap script attempts to ssh in as that user
20:25 hasues SheetiS: I would be interested if you could test that at some time.
20:25 pipps joined #salt
20:26 SheetiS It wouldn't be today for sure.  Too much other work going on.
20:26 kickerdog joined #salt
20:26 hasues SheetiS: I totally understand.
20:27 hasues SheetiS: Some of the issues may be relating to pysphere.
20:32 aquinas joined #salt
20:35 intellix joined #salt
20:37 yomilk joined #salt
20:38 ekristen joined #salt
20:38 oyvjel_ joined #salt
20:39 ekristen what exactly does this mean? “'enable' and '__reqs__' are invalid keyword arguments for service.mod_watch. If you were trying to pass additional data to be used in a template context, please populate 'context' with 'key: value' pairs. Your approach will work until Salt Lithium is out. Please update your state files.” Do I need to get rid of the ‘enable’ option on service.running?
20:40 badon joined #salt
20:40 hasues SheetiS: It appears that the vsphere provider does not use the ssh_username.
20:41 hasues SheetiS: https://github.com/saltstack/salt/issues/17061
20:41 vlcn is there a way to check for the existence of a dict attribute with jinja2?  Doing something like {% if userdata['shadow'] %}...{% endif %} results in a rendering error if the attribute does not exist
20:42 p2 joined #salt
20:42 hasues SheetiS: Looks like it may be template_user...I'll give it a test.
20:42 oyvjel_
20:43 XenophonF hm, I wonder where the code that does 'match: compound' lives...
20:43 babilen XenophonF: salt/modules/match.py
20:44 babilen (surprise!)
20:45 XenophonF LOL
20:45 kickerdog1 joined #salt
20:46 cmthornton vlcn: I think this works on dict attributes: if userdata['shadow'] is defined
20:46 vlcn cmthornton, just came across that, thanks!
20:46 cmthornton np
20:47 oyvjel_ I have a virt.nic with 3 interfaces referring to br0, virbr1 and virbr2. How do I control the order and virtual interface name in the libvirt kvm guest?  Seam to end up in the wrong order, assigning eth0 to virbr2
20:47 XenophonF babilen, it actually lives in salt/salt_minion.py
20:47 babilen boo!
20:47 XenophonF er i mean salt/minion.py
20:47 XenophonF but it calls out to fnmatch
20:47 XenophonF which appears to be a python builtin
20:47 babilen salt/minion.py too
20:48 babilen Yeah, salt/minion.py (compound_match) and yes, fnmatch, is a normal Python "glob" built-in
20:48 XenophonF so in top.sls, how do i do a compound match for stuff that has spaces in the value?
20:48 XenophonF that's the question i'm trying to answer
20:48 babilen 'something with spaces' ?
20:48 XenophonF e.g., I have a grain named 'role' with a value of 'Salt Master'
20:49 XenophonF i could specify a compound match like this:
20:49 XenophonF 'I@environment:development and I@role:Salt*Master'
20:49 Reiner032 joined #salt
20:49 babilen I use "P@virtual_subtype:Xen\sDom0" in one place
20:49 XenophonF but i'd rather write 'I@environment:development and I@role:Salt Master'
20:50 XenophonF yeah, escaping looks like a necessity
20:50 babilen That isn't escaping, but a character class
20:50 XenophonF i know
20:50 XenophonF maybe i should change how i name my roles
20:50 XenophonF salt_master instead of Salt Master
20:50 babilen I would recommend that, yeah
20:50 XenophonF I'd rather not use wildcards.
20:51 XenophonF too easy for Future Me to screw up
20:51 babilen No, who knows what you might match by mistake :)
20:51 XenophonF LOL
20:51 Mso150 joined #salt
20:53 hasues SheetiS: Okay, that seems to fix it.  This seems like something that should be documented in http://docs.saltstack.com/en/latest/ref/clouds/all/salt.cloud.clouds.vsphere.html but is missing.
20:54 TheThing joined #salt
20:56 XenophonF hasues: you should file a bug report
20:56 pssblts joined #salt
20:57 hasues XenophonF: I'll search for how to do so.
20:57 aparsons joined #salt
20:57 XenophonF if only so that the next poor soul (possibly me - vSphere is on my to-be-Salted list) knows what to do when they hit that problem
20:58 hasues XenophonF: I'm all about participation once given the avenues to do so.  That's why I posted about it here, so that if someone here does not address it, I can gain the "next steps" on what I can do to help at least.
20:58 XenophonF absolutely
20:59 XenophonF nuts - can't find a doc-specific repository for you to file an issue against
20:59 XenophonF they have an issue tracker at https://github.com/saltstack/salt/issues
21:00 notpeter_ In salt-cloud, (specifically openstack/rackspace) does anyone know how the first connection is authenticated? Is there a username/password specified in the nova call or does it use a keys?
21:00 notpeter_ Specifically, is there a way in a cloud.profile or cloud.provider to specify which key is used?
21:01 notpeter_ Cause with rackspace metal they now require it be ssh key based and I think salt-cloud is trying to password login as root.
21:01 hasues XenophonF: I've seen that, but that is for documentation as well?
21:01 oyvjel joined #salt
21:02 smcquay joined #salt
21:03 P0bailey joined #salt
21:03 P0bailey joined #salt
21:04 kusams joined #salt
21:04 kballou joined #salt
21:05 Reiner033 joined #salt
21:05 hasues XenophonF: Done: https://github.com/saltstack/salt/issues/17241
21:05 jaimed joined #salt
21:06 Mso150 joined #salt
21:07 jhauser joined #salt
21:07 micah_chatt joined #salt
21:10 mightyb joined #salt
21:11 oyvjel1 joined #salt
21:12 iggy notpeter_: I'd look at the libcloud code, but from what I've seen it's key based (on gce and do) and the user depends on the provider
21:13 mightyb hi. new to salt, and i'm trying to get a pre-made formula to work, but its giving succeeded: 0, failed: 0, total: 0. what am I doing wrong?
21:13 ProT-0-TypE joined #salt
21:13 StDiluted mightyb: sounds like you don’t have anything being applied
21:13 StDiluted can you paste your top.sls to a pastebin or something?
21:14 iggy you need to enable the formula _and_ target the formula at the minions
21:16 mightyb http://pastebin.com/R1GkwpYF
21:17 iggy does the minion show up in (f.ex.) salt-key -L as just 'test'?
21:17 druonysus joined #salt
21:17 iggy all of mine have fqdn's
21:17 mightyb yes
21:17 mightyb i can run other commands against it
21:18 Ryan_Lane1 joined #salt
21:19 iggy and you have ufw:enabled = True in your pillar?
21:19 mightyb yes
21:19 mightyb atm, the pillar is the same as the pillar.example in the git repo
21:20 peters-tx I'm seeing this at random times on 1-10 minions at a time while I'm doing stuff: http://fpaste.org/148519/30866414/
21:20 peters-tx Specifically "Failed to authenticate message" followed by "Waiting 32 seconds to re-authenticate"
21:20 iggy mightyb: and salt 'test' pillar.items shows what you expect?
21:21 snuffeluffegus joined #salt
21:21 sxar joined #salt
21:21 iggy peters-tx: make sure you don't have any phantom master or minion processes running
21:21 sunkist joined #salt
21:22 peters-tx iggy, Ok, I'll look around
21:22 iggy peters-tx: i.e. stop the services and then ps to look for anything else
21:23 peters-tx iggy, Could it be caused by using Salt to upgrade and restart itself?  At the minions things appear normal
21:23 mightyb i dont see any mention of ufw stuff in the pillars.items
21:25 iggy mightyb: did you target the pillar properly?
21:25 iggy peters-tx: could be... could also be something completely different...
21:26 mightyb agh, i got it. forgot the top.sls in the pillars folder :(
21:26 mightyb just had the other one
21:28 mightyb iggy: thanks for the help
21:30 pipps99 joined #salt
21:31 iggy np, good luck in your salt endeavours
21:32 jalaziz joined #salt
21:33 kusams joined #salt
21:34 MrFuzz joined #salt
21:36 cpowell joined #salt
21:37 glyf joined #salt
21:40 karimb joined #salt
21:41 giantlock joined #salt
21:43 rypeck This isn't possible right? "sudo salt -G 'num_cpus > 2' cmd.run..."
21:44 mpanetta rypeck: Have you tried it?
21:44 rypeck yea - no dice.
21:45 mpanetta Is that a valid grain?  I think so, but can't remember
21:45 rypeck I meant more the concept - not sure if I just wasn't aware of the proper syntax - yea it's a valid grain
21:45 rypeck salt -G 'num_cpus:4' <wahter> works
21:45 mpanetta Yeah I don't think you can do anything but equal compares...
21:46 iggy and globbing
21:46 mpanetta True
21:46 rypeck globbing? you mean the *
21:46 iggy si
21:46 rypeck no habla espanol
21:47 rypeck :-P
21:47 rypeck thanks - i'll submit a FR
21:47 mpanetta `n
21:47 mpanetta hrm
21:47 mpanetta heh
21:48 iggy but not just *... other globbing characters work
21:48 iggy i.e. sudo salt -G 'mem_total:7???' test.ping
21:48 iggy works as expected
21:48 baconbeckons joined #salt
21:49 iggy i.e. sudo salt -G 'num_cpus:(1|2)' test.ping
21:49 iggy err...
21:49 iggy i.e. sudo salt -G 'num_cpus:[12]' test.ping
21:50 iggy or [2345678]
21:50 ndrei joined #salt
21:51 rypeck Oh iggy - you can do regex.
21:51 rojem joined #salt
21:52 jalaziz joined #salt
21:52 iggy well... there's some overlap between globbing and regex
21:52 iggy but technically, it's just globbing
21:52 babilen P@ uses regex
21:53 iggy but we're talking grains
21:53 iggy i.e. num_cpus > 2
21:53 babilen yes, exactly
21:53 babilen http://docs.saltstack.com/en/latest/topics/targeting/compound.html
21:54 rojem joined #salt
21:54 iggy ahh, I was thinking E for some reason
21:54 babilen [^1]
21:54 iggy babilen++
21:55 pipps joined #salt
21:55 ecdhe --babilen
21:55 babilen NOO
21:55 rypeck ?
21:55 babilen [^1]*[0-9
21:56 babilen [^1]*[0-9]+
21:56 EntropyWorks left #salt
21:56 babilen anyway, night
21:56 iggy sudo salt -C 'P@num_cpus:[^12]' grains.item num_cpus
21:56 rypeck babilen: so it would be what... sudo salt -C 'G@num_grains:[^1]*?
21:56 rypeck oh P@ for a grains PCRE
21:57 rypeck iggy: you nailed it
21:57 iggy twss
21:57 rypeck twss?
21:58 iggy phrasing
21:58 rihannon joined #salt
21:59 rypeck ohhh nvm
21:59 babilen You would want to match 10, 100, 1000 (200, 2000, ...) so you need to allow matches of 1 *iff* it is followed by another digit
21:59 babilen It was simply the idea, not a worked out example
21:59 JordanTesting joined #salt
22:00 _prime_ joined #salt
22:01 babilen so you need two groups  (one for 3,4,5,... and another for 1|2 + following digits)
22:02 pipps joined #salt
22:03 Katafalkas joined #salt
22:12 rypeck iggy: babilen and mpanetta https://github.com/saltstack/salt/issues/17248
22:12 rypeck Thanks guys
22:12 alexr joined #salt
22:13 KyleG joined #salt
22:13 KyleG joined #salt
22:14 babilen yeah, ^2 is still noit
22:14 rypeck noit?
22:14 babilen *not the same as >2, but you can express that with a suitable regex.
22:15 rypeck well it worked for my use case because I had no 1 cpu systems
22:15 babilen What you ask for is a bit tricky to implement as you essentially want to express numerical comparisons in specific cases. It would, definitely, be a useful feature though
22:16 rypeck yea - would round it out nicely. only compound matcher I can think of that would be a great addition after that would be something like set theory on nodegroups.
22:16 babilen rypeck: We have plenty of 10+ CPU boxes so that wouldn't work :)
22:16 rypeck haha I have 2, 4 and 40 something boxes.
22:16 rypeck it's weird.
22:17 babilen Then your specification earlier eas incomplete. It would have been easier to say, "Out of 2, 4 and 40+ CPU boxes, I don't want the one with 2" :)
22:17 iggy yeah, I noticed after the fact that our 16 and 24 cpu boxes weren't showing up in there
22:18 mpanetta Does bootstrap not install salt-cloud?
22:18 babilen ([^1]|1[0-9]+)
22:18 mpanetta I'm trying to fix a really old salt master...
22:18 mpanetta Get it back on v0.17.5...
22:19 mpanetta Not sure how to install salt-cloud though
22:19 mpanetta To make sure it gets everything right
22:19 pdayton joined #salt
22:19 glyf joined #salt
22:20 mpanetta nevermind, the pip version works
22:22 beneggett joined #salt
22:27 iggy mpanetta: salt-cloud wasn't part of salt before 2014.1.0
22:28 wnkz joined #salt
22:29 mpanetta iggy: Yeah, that is why I was worried :)
22:29 kickerdog joined #salt
22:30 mpanetta I was worried that I would install an incompatible version of salt-cloud with my 0.17.5 install
22:33 meylor joined #salt
22:33 possibilities joined #salt
22:36 zlhgo_ joined #salt
22:36 meylor1 joined #salt
22:38 garthk joined #salt
22:38 garthk module.run failing with tls.create_self_signed_cert:
22:39 garthk module.run failing with tls.create_self_signed_cert: AttributeError: 'str' object has no attribute 'get'
22:39 garthk Might be a relative of https://github.com/saltstack/salt/issues/17024; I’m on 2014.1.13 also.
22:41 nickg joined #salt
22:41 nickg can you use nodegroups that have underscores?
22:41 garthk I don
22:42 garthk I don’t think it’s this problem with kwargs because tls.create_self_signed_cert doesn’t take kwargs AFAICT. https://github.com/saltstack/salt/issues/9072
22:42 garthk This looks closer: https://github.com/saltstack/salt/pull/16981 “properly handling execution module functions which return non-dict data”
22:43 nickg i created a new nodegroup, restarted salt master and have my top.sls matching the group,but I see this on the minion: Attempting to match with unknown matcher: load_balancer
22:43 Singularo joined #salt
22:43 nickg nevermind
22:44 nickg left #salt
22:44 garthk That’s a fresh merge to saltstack:2014.1; how can I track its progress to the PPA? I’m on 2014.1.5+ds-5trusty1 right now.
22:47 kusams_ joined #salt
22:52 hasues left #salt
22:54 Outlander joined #salt
22:56 kryss joined #salt
22:58 tafa2 joined #salt
22:58 jevonearth hmm, I can't find much documentation on using a Saltfile, except for when using with salt-ssh: Anyone know how I can specify my roster file in a local Saltfile ?
22:58 kryss hello guys, I have a problem with gitfs, I've installed a pygit2, but even if i set "gitfs_provider: pygit2" getting error in maser log:
22:58 kryss Git fileserver backend is enabled in configuration but could not be loaded, is GitPython installed?
22:58 kryss why salt trying to use gitpython instead of pygit2 ?
22:59 zlhgo_ joined #salt
23:00 bhosmer joined #salt
23:02 wnkz joined #salt
23:02 tafa2 does anyone backup their servers to S3? If so does anyone have a particular strategy in place? Like a write only user with no delete rights incase the server is ever compromised an attacker wouldn't be able to delete your backup as well?
23:07 possibilities joined #salt
23:08 ecdhe salt-minion stays in the foreground unless you start it with the '-d' flag.
23:08 ecdhe Why doesn't this code have the -d?  https://github.com/saltstack/salt/blob/2c0c11a6abb46bba49d0be328325c222114365e2/debian/salt-minion.service
23:08 kusams joined #salt
23:08 tafa2 http://www.keepcalmandposters.com/posters/974639.png
23:09 meylor joined #salt
23:09 rojem joined #salt
23:12 Outlander left #salt
23:16 b1nar1 joined #salt
23:19 nitti_ joined #salt
23:21 nitti_ joined #salt
23:24 baconbeckons joined #salt
23:30 n8n joined #salt
23:36 kermit joined #salt
23:37 linjan joined #salt
23:40 aquinas_ joined #salt
23:46 perfectsine joined #salt
23:50 perfectsine_ joined #salt
23:50 forrest joined #salt
23:51 b1nar1 joined #salt
23:52 aparsons joined #salt
23:53 rojem joined #salt
23:56 nyx_ joined #salt
23:57 beneggett joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary