Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-01-12

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:05 skyBLU joined #salt
00:08 redzaku joined #salt
00:09 cads joined #salt
00:26 foulou joined #salt
00:31 aw110f joined #salt
00:33 dcmorton joined #salt
00:42 PovAddict joined #salt
00:45 twellspring joined #salt
00:51 cpowell joined #salt
00:59 aw110f joined #salt
00:59 mosen joined #salt
01:00 twellspring joined #salt
01:05 jalaziz joined #salt
01:06 twellspring joined #salt
01:08 redzaku joined #salt
01:11 sander_____ joined #salt
01:12 sander_____ howdy is there a place in the master config where you can specify the default domain so I can use short names instead of fqdn?
01:14 aw110f_ joined #salt
01:15 sander_____ It looks like I can add a seconday domain in the minion config, but it seems like there should be a better way.
01:15 sander_____ er second name, not domain name.
01:18 mosen joined #salt
01:22 aqua^mac joined #salt
01:23 MaZ-_ joined #salt
01:31 kiorky joined #salt
01:32 diegows joined #salt
01:33 rlarkin_at_home I'm so stuck. I can't sync grains during highstate.  I can have a startup state that either syncs grains or runs highstate, but not both.  every state/sls file generates an event with tag 'job' so I can react to every states or none.  I can't have a deploy script if I'm using salt-cloud with lxc.  If I could solve just one of these problems I could move on.
01:39 rlarkin_at_home sander_____: in a salt cloud profile you can have 'append_domain: <domain>' in a profile which then shows up in your minion config after you deploy.  not sure how you manage that in /etc/salt/master.
01:40 sander_____ thanks rlarkin_at_home I'm not using the salt cloud.
01:47 mgw joined #salt
01:51 otter768 joined #salt
01:54 twellspring joined #salt
01:57 ajw0100 joined #salt
02:02 sporkd2 joined #salt
02:03 sporkd2 anyone around to answer a pillar_roots question?
02:05 PovAddict left #salt
02:05 ajw0100 joined #salt
02:07 nitti joined #salt
02:07 Singularo joined #salt
02:08 mosen joined #salt
02:08 mgw joined #salt
02:09 gfa how can i exit an state? i want to do like exit 0 on a shell script
02:15 tracphil joined #salt
02:16 TyrfingMjolnir joined #salt
02:17 jessie joined #salt
02:17 jessie anyone here possible to help with salt cloud
02:17 malinoff joined #salt
02:18 Guest11709 ?
02:19 rlarkin_at_home what's your question jessie
02:19 Guest11709 hi,
02:20 Guest11709 i would like to understand what other fundamentals i would require in order to speak with the cloud api's other than salt stack, cloud and the master minions
02:20 Guest11709 first time setting this up and just looking to hopefully get all the elements required for it to work
02:22 Guest11709 salt stack, cloud, master and minion is installed on a ubuntu test server. once i have the provider and profile set up... should it just work ?
02:22 rlarkin_at_home pretty much.
02:22 Guest11709 sounds too easy.. i assume am using sat syntax to execute the profile ?
02:22 Guest11709 salt*
02:24 rlarkin_at_home except for running into bugs it should work.
02:25 Guest11709 hmmm, do you have much experience with salt cloud
02:28 rlarkin_at_home I don't have any hair left because of it.
02:29 Guest11709 :) would you be up for getting paid for a few hours
02:29 rlarkin_at_home it's pretty rough if your use case has any corners.
02:30 rlarkin_at_home but basically: a map refers to a profile, and a profile refers to a provider.  keep everything as minimal as possible to start, don't add anything you don't absolutely require in any file.  then add things one at a time.
02:31 rlarkin_at_home keep the provider minimal, don't add to it.
02:31 Guest11709 looking for someone to be a sport and show me the ropes. for a few hours. would happliy pay for someones time
02:31 rlarkin_at_home but I can't give you much time right now , I have a grave deadline of my own.
02:31 Guest11709 ah ok no worries dude
02:37 mgw joined #salt
02:52 favadi joined #salt
02:54 twellspring joined #salt
02:55 jalaziz joined #salt
03:02 fxhp joined #salt
03:06 redzaku joined #salt
03:07 MugginsM joined #salt
03:09 twellspring joined #salt
03:13 ekristen joined #salt
03:15 Guest11709 is there log out puts for salt stack
03:17 redzaku joined #salt
03:20 Furao joined #salt
03:22 Guest11709 anyone about ?
03:29 shrihari joined #salt
03:29 Furao Guest11709: I run a saltstack consulting shop www.robotinfra.com we have tons of formulas and addon to salt that improves it
03:29 Furao so it include formulas to install many common FOSS, support, stats, monitoring checks, backup, etc
03:30 Guest11709 you say support....
03:30 Furao doc, testing framework, automatic discovery and more
03:31 Guest11709 do you provide direct support for a cost
03:31 Furao yes
03:31 Guest11709 ah ok
03:31 Furao but most of the time we just take over infrastructure and redeploy with salt
03:31 Guest11709 then i would like to discuss this if thats ok
03:32 Furao we can switch to private
03:36 Linuturk how do I require a state in another state?
03:36 Linuturk not an entire sls file, but a single command in the same file
03:36 hvn joined #salt
03:38 Linuturk require: - name: state name
03:38 Linuturk or id:
03:38 Linuturk or sls:
03:38 Linuturk or state: don't seem to be working
03:40 Furao Linuturk: like that https://github.com/bclermont/states/blob/master/states/elasticsearch/init.sls#L117
03:41 Linuturk cool
03:41 Linuturk http://docs.saltstack.com/en/latest/topics/tutorials/states_pt2.html
03:41 Linuturk just found that too
03:41 Linuturk had to use the module: state id
03:41 Linuturk silly me
03:45 Singularo joined #salt
03:49 cberndt joined #salt
03:51 monkey66 joined #salt
03:55 cberndt joined #salt
04:10 yomilk_ joined #salt
04:17 redzaku joined #salt
04:20 schristensen joined #salt
04:34 kermit joined #salt
04:45 JA_ joined #salt
04:45 twellspring joined #salt
04:46 JA_ Hey now.  Newly discovered Salt.  Wondering how suitable this would be for a small MSP?  IE managing a bunch of systems that I have permission to but are not under a single domain or even on the same LAN?
04:47 desposo joined #salt
04:49 JA_ To add a bit more info:  most clients are small offices (from 1 to 10 devices/users), typically Windows in a workgroup with a NAS (Synology if it matters) and a handful of printers and/or other periphery.
04:58 aparsons joined #salt
05:03 aquinas joined #salt
05:03 aparsons joined #salt
05:06 mgw joined #salt
05:17 foulou joined #salt
05:27 JA_ Hey now.  Anyone around?  :)
05:32 TyrfingMjolnir joined #salt
05:37 TyrfingMjolnir joined #salt
05:39 malinoff JA_, salt is open-source and free - just try it and see if it fits your cases
05:41 malinoff e.g. i had bad experience installing mssql 2008 express edition, because it cannot be installed silently from the cli, and it is extremely huge (2GB, if i remember correctly)
05:41 anybroad joined #salt
05:41 JA_ I'm working through some docs now to see what it does but I thought I could get a high-level yes/no as to whether it roughly fits the bill..
05:42 malinoff yes, you *can* manage windows machines with salt
05:42 JA_ I'm mostly concerned with running updates on windows and typical windows softwares
05:42 malinoff but you cannot automate most of windows stuff
05:42 JA_ e.g Adobe crap, Firefox and/or Chrome, MS Office updates, etc.
05:43 JA_ by automate do you mean running the jobs timed and unmanned or do you mean most of the stuff can't be done?
05:50 nullptr`` joined #salt
05:50 malinoff JA_, i mean, salt is like non-iteractive ssh - if a program can be installed only in interactive mode, salt surrenders
05:51 malinoff and a lot of windows stuff can be installed only in interactive mode
05:51 malinoff chocolatey may help though, didn't use it
05:52 JA_ i see.
05:52 JA_ so in that regard, much like windows' own management server, need to use .msi files to install 'headless'
05:53 JA_ can you trigger things like windows update and return a succeed/fail?
05:54 JA_ or can you do smth like create new users (which you can do from the Win cli in one command, for example)
05:56 malinoff I can't say anything useful here, sorry - but i'm sure if you can launch the upgrade process from the cli, salt is able to do that too
06:00 JA_ ok.  Thanks for your help.  At least I know Salt is somewhere in the neighborhood.  I'll keep watching vids and digging docs to see if it'll work for me.
06:00 JA_ Again, thanks for the assist and time  :)
06:02 malinoff you're welcome
06:04 bhosmer_ joined #salt
06:07 redzaku joined #salt
06:09 xt\ joined #salt
06:12 Micromus joined #salt
06:16 andrew_v joined #salt
06:17 catpiggest joined #salt
06:26 linjan joined #salt
06:43 hvn joined #salt
06:43 NightMonkey joined #salt
06:46 malinoff joined #salt
06:53 NightMonkey joined #salt
07:03 colttt joined #salt
07:04 AndreasLutro joined #salt
07:17 otter768 joined #salt
07:22 flyboy joined #salt
07:23 Nazca__ joined #salt
07:27 Furao joined #salt
07:30 jalaziz joined #salt
07:30 slafs joined #salt
07:30 slafs left #salt
07:32 cberndt joined #salt
07:34 anybroad_ joined #salt
07:42 yomilk joined #salt
07:45 JlRd joined #salt
07:46 KermitTheFragger joined #salt
07:47 jtang joined #salt
07:53 tomspur joined #salt
07:56 redzaku joined #salt
08:00 linjan joined #salt
08:01 trikke joined #salt
08:03 mikkn joined #salt
08:08 holyzhou joined #salt
08:14 holyzhou joined #salt
08:15 Auroch joined #salt
08:22 urtokk joined #salt
08:23 holyzhou joined #salt
08:23 holyzhou hi guys , how can i create new partition use salt , salt.modules.parted it seems doesn't work . i got 10GB sdb device in my linux box, it's totally clean,  no partition table  . but when i use cli "salt '*' partition.mkpart /dev/sdb primary start=0 end=1024" , it still return message 'ERROR: partition.mkpart requires a start and an end' by the way , master and minion version ,i used newest git develop , 'partprobe,lsblk,parted' also
08:24 holyzhou centos6.6 64bit
08:25 intellix joined #salt
08:25 Hipikat joined #salt
08:29 linjan joined #salt
08:34 jhauser joined #salt
08:39 ProT-0-TypE joined #salt
08:40 ndrei joined #salt
08:42 kawa2014 joined #salt
08:48 lb1a joined #salt
08:51 nullptr`` joined #salt
08:51 hvn joined #salt
08:54 lothiraldan joined #salt
08:55 dark_helmet joined #salt
08:55 chiui joined #salt
08:58 jeddi joined #salt
09:00 ndrei joined #salt
09:04 catpig joined #salt
09:08 I3olle joined #salt
09:16 jenifer joined #salt
09:17 ndrei joined #salt
09:17 jenifer question time : is there another method other than when creating multiple vm's with DO on saltcloud to have them create all at once rather than one after the other
09:18 Furao joined #salt
09:18 otter768 joined #salt
09:22 alexr_ joined #salt
09:24 rbjorklin joined #salt
09:25 jenifer anyone ?
09:25 JDog So, the execution modules and the state modules. How does it all tie in? Ideally I'd be most comfortable writing python states which call the execution modules, but I've not seen any examples of that being done --can I do it?
09:27 jrluis joined #salt
09:27 jenifer irc channel is filled with zombies ...
09:29 karimb joined #salt
09:29 babilen JDog: Sure, every single state module is implemented on top of an execution module and you can easily write your own. This is extensively discussed in the documentation on each, what have you tried so far?
09:30 babilen jenifer: I can't know how you look, but I'm certainly not a zombie
09:31 jenifer babilen: any idea around the question above ?
09:31 babilen No (I would have said something otherwise)
09:31 jenifer then you are a meagre zombie :)
09:31 JDog babilen:  thanks. I'll have a look and then get back to you.
09:32 ndrei joined #salt
09:33 babilen JDog: Your best bet is to take a look at existing execution and state modules in saltstack/salt and to go on from there. http://docs.saltstack.com/en/latest/ref/modules/#modules-are-easy-to-write (didn't I give you that link last week already?)
09:34 babilen http://docs.saltstack.com/en/latest/ref/states/writing.html
09:34 paulm- joined #salt
09:35 Vinod_ joined #salt
09:37 paulm-- joined #salt
09:38 Vinod_ Good day all! I am wondering if it is possible to programatically execute a bunch of modules on a remote master-less minion from python? If yes, then what part of the salt documentation should I dwelve into to understand better?
09:40 babilen Vinod_: http://docs.saltstack.com/en/latest/ref/clients/
09:41 malinoff joined #salt
09:42 dkrae joined #salt
09:42 Vinod_ Thanks babilen. Shall read up on that.
09:43 babilen I'm not sure if that is exactly what you want, but it might be :D
09:43 babilen I also don't work masterless and am therefore not too familiar with the shortcomings of that approach
09:44 jenifer there is genius behind da masta !
09:46 N-Mi_ joined #salt
09:46 N-Mi_ joined #salt
09:47 ndrei joined #salt
09:48 redzaku joined #salt
09:57 workingcats joined #salt
10:03 Furao joined #salt
10:06 bhosmer joined #salt
10:06 Vinod_ I want to be able to say something like invoke(sls_file_contents, minion_ip, auth_credentials) from my python client and execute the sls_file_contents on that minion ... equivalent of doing salt-call --local state.highstate on the masterless minion
10:07 Vinod_ The documentation doesnt seem to have some option that supports that
10:09 linjan joined #salt
10:09 Micromus joined #salt
10:10 rbjorklin joined #salt
10:11 xt\ joined #salt
10:13 istram joined #salt
10:13 yomilk_ joined #salt
10:13 giantlock joined #salt
10:17 ganes joined #salt
10:17 ganes hi
10:17 ganes if there any REST API  available for salt-masterless??
10:19 lothiraldan_ joined #salt
10:20 rbjorklin Is anyone here using the state module for Docker? It says it's in beta, how stable is it?
10:22 babilen ganes: No
10:23 ganes babilen: oh
10:23 ganes babilen: rest api for master and slave?
10:23 babilen yes
10:25 ganes babilen:  python api client  right?
10:26 ganes can u tell how to run salt masterless servvice through remote ??
10:26 ganes babilen: any option??
10:28 babilen ganes: Log into the remote and execute salt-call, but why aren't you using a master if you want the functionality provided by it?
10:30 phx could someone please point me to the docs where I can find how to create a cloud VM (softlayer in my case) from the python, by specifying many of the options from the code (instead of defaulting everything to the provider def)?
10:32 ganes babilen: actually we aiming with masterless!!
10:33 babilen ganes: Yes, but it looks as if you are trying to do a bunch of things for which you need a master. I therefore question you design decision to not use one (as you really seem to want/need one)
10:33 babilen *your
10:33 ganes babilen: we plan to connect salt masterless throgh a application!!!
10:34 babilen !!!one¡!
10:35 babilen So, why don't you run a master and connect your minions to that one and then have your application talk to that master?
10:37 Vinod_ babilen, me and ganes are working on a webapp where we are trying to provision vms with a set of orchestration tools like chef, puppet, saltstack and ansible as per client needs. For saltstack we want to be able to execute a bunch of state modules on a newly provisioned vm and hence these questions related to doing stuff on a master-less configuration of salt
10:38 ganes babilen: its like use and throw, once launch server - process through salt - and delte
10:38 babilen ack
10:39 babilen I think I elaborated on the client api already, but you (i.e. ganes) asked about rest api specifically
10:45 felskrone joined #salt
10:45 borgstrom joined #salt
10:46 malinoff Vinod_: to execute anything on a remote host you have to use some messaging protocol. What protocol do you expect to use if it is not the protocol that salt-master provides and it is not ssh?
10:47 babilen "magic" ;)
10:49 malinoff masterless setup is suitable in 2 cases: 1) when it is acceptable to use ssh and salt-local, and 2) when you automate deployment so much that you don't need to invoke something on a remote host (e.g. it will be automatically deployed on startup, or periodically using e.g. cron)
10:49 dark_helmet joined #salt
10:50 Vinod_ was trying to understand the netapi modules to see if the salt service on the minion can process the state modules via REST calls
10:51 malinoff Vinod_: and how do you imagine this? Do you really want to have a service exposes such functionality that anyone could run anything?
10:52 Vinod_ malinoff, the 2nd is what we are trying to achieve
10:52 malinoff Vinod_: but you're saying that you need to invoke commands remotely
10:52 malinoff it's not the 2nd case
10:52 malinoff and i explicitly noted that
10:53 Vinod_ malinoff : yes if there is authentication on top of the salt-call --local state.highstate, that is the functionality that I was hoping for
10:54 h8 hi everyone
10:54 h8 can I install somehow salt-minion through pip? I only see salt package? And salt-ssh and so on, no salt-minion
10:55 h8 nvm, I got epel enabled anyway
10:56 malinoff Vinod_: Alright, i think i should clarify things a bit. Salt is usually running as root/privileged user, because it must do many administrative things. Did you see a tool providing authentication for the cli? I don't think so. Because if you have the cli, and you're able to execute the command, nobody can stop you from it
10:56 Vinod_ the functionality on the minion client if that can be exposed via a REST call with some authentication, that would be perfect for my needs ... ssh and salt-local was what we used to try out masterless stuff ... now we are trying to do the masterless stuff via a remote mechanism
10:56 Vinod_ yes Im aware that the cli runs as root
10:56 malinoff Vinod_: it can be exposed via rest api on salt-master
10:57 ocdmw joined #salt
10:57 slafs joined #salt
10:57 malinoff i really can't understand why do you need rest api if you want to setup minions to *automatically* configure themselves
10:58 slafs left #salt
11:00 Vinod_ yes the netapi stuff seems to do that with the master ... I understand salt architecture to some extent and the design to remote-control through a master, but our requirements are such that we will not be able to do define some master and act on a minion, because we will be provisioning vms simultaneously in 1 or more clouds and a masterless setup is what we think suits our needs better
11:01 Vinod_ minions will not need to configure themselves, for now we just need a way to fire some state modules against a minion ...
11:01 malinoff right, and you don't need to invoke anything remotely if you put salt-call state.highstate in cron
11:01 malinoff ssh user@host salt-call state.sls
11:01 malinoff here is the way
11:06 redzaku joined #salt
11:07 eightyeight joined #salt
11:07 Vinod_ so programatically establishing an ssh connection and executing the salt-call is the only now?
11:08 malinoff nope, you can use salt-master
11:09 lothiraldan joined #salt
11:09 malinoff or you can try to use salt-ssh
11:09 Vinod_ i meant in a master-less setup
11:10 malinoff can you try to include salt-master in your features list? if you worry about keys, you can preseed them, if you worry about private clouds, you can setup syndic
11:10 malinoff i mean, if you really *need* to remote execution, this is what master-minion setup about
11:10 malinoff s/to//
11:11 Vinod_ thanks malinoff for your time ... will see how to use the salt-ssh module
11:13 malinoff Vinod_: you're welcome, i'm just trying to say that you shouldn't exclude something just because you *think* that it is not suitable in your case, since salt is open-source and free, you can simply try different approaches and see what fits best in your case
11:19 otter768 joined #salt
11:24 Furao_ joined #salt
11:28 GrueMaster joined #salt
11:30 h8 how would I target all linux servers?
11:30 h8 I see I can target Debian, Centos, etc., but linux?
11:31 redzaku joined #salt
11:34 ndrei joined #salt
11:40 h8 salt -G 'kernel:Linux' test.ping
11:40 h8 got it
11:43 Vinod_ malinoff : thanks ... shall revaluate and then decide
11:44 aqua^mac joined #salt
11:44 bryguy joined #salt
11:50 bhosmer joined #salt
11:56 ecdhe_ joined #salt
12:00 bfoxwell joined #salt
12:04 agend joined #salt
12:04 ndrei joined #salt
12:05 CeBe joined #salt
12:05 ajw0100 joined #salt
12:07 JDog babilen: I'm happy writing the modules; whta I'm tyring to work out is how to use them in salt automation. The python renderer still requires me to output a dictionary from a salt state file; I want to just call the modules on provisioning the box automatically. What is the correct way to do this -- is it through salt state? Or is there some other way that doesn't involve the user doing CLI orchestration?
12:12 TyrfingMjolnir joined #salt
12:14 lothiraldan joined #salt
12:19 babilen JDog: I don't quite follow, but if I understand you correctly: If you want to apply a state you would have write a state that calls appropriate functions in the corresponding execution module.
12:20 JDog Yes. But rather than rendering, is there a way to call the functions directly as opposed to passing the arguments out?
12:21 babilen "passing the arguments out" - What does that mean? Could you give an example of what you are doing on, say, http://refheap.com and elaborate on what you would like to do/achieve instead?
12:22 ndrei joined #salt
12:23 bhosmer joined #salt
12:23 alexr_ joined #salt
12:24 JDog https://www.refheap.com/96005
12:27 bhosmer_ joined #salt
12:28 al joined #salt
12:34 hobakill joined #salt
12:35 rjc joined #salt
12:39 babilen JDog: So use one of the Python renderers: http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.py.html ... http://docs.saltstack.com/en/latest/ref/renderers/index.html#full-list-of-renderers (pydsl should be considered to be obsolete)
12:39 diegows joined #salt
12:40 JDog Agreed, but according to the docs I still have to pass out the module name, funciotn and arguments in a dictionary. That's what I don't want to do if at all possible.
12:40 babilen http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.pyobjects.html
12:42 JDog babilen: That looks like exactly what I want -- thanks!
12:42 babilen (I linked the list of all renderers for a reason)
12:44 ndrei joined #salt
12:48 h8 my top file is as follows : http://pastebin.com/UnhdgHVF and I'm getting the following error: http://pastebin.com/ehwUXGRs What is my issue? It's the first time I'm writing a top.sls file and I copied the one from the docs and modified it. Any RTFM is also welcome
12:49 bhosmer joined #salt
12:51 favadi the indentation is wrong
12:52 favadi try to indent with 2 spaces
12:52 linjan joined #salt
12:53 babilen There are three leading spaces in front of 'web' (and please use a less shitty pastebin than pastebin.com such as http://refheap.com )
12:53 h8 that was it, thank you
12:53 h8 will do babilen
12:54 babilen merci (the web will be a better place)
12:55 intellix joined #salt
12:55 TyrfingMjolnir joined #salt
12:55 akafred joined #salt
12:59 cleme1mp joined #salt
12:59 h8 oh boy, more errors... Jinja syntax error: Encountered unknown tag 'elif'
13:00 h8 here's the sls file: https://www.refheap.com/daa34c181fccd1e9631e995a4
13:00 EvaSDK joined #salt
13:00 h8 any help?
13:00 EvaSDK hi there
13:00 EvaSDK is terminalimage hanging in there ? https://github.com/terminalmage/salt ?
13:01 lothiraldan joined #salt
13:01 babilen h8: A conditional block starts with "if" not "elif"
13:01 favadi h8: replace elif with if
13:02 h8 this is why I start learning jinja
13:02 h8 thank you
13:02 babilen h8: And I would also like to bring your attention to: https://github.com/saltstack-formulas/mysql-formula https://github.com/saltstack-formulas/vim-formula and https://github.com/saltstack-formulas/openssh-formula
13:02 workingcats joined #salt
13:03 h8 babilen: thank you, I've seen those and I wanted to ask, I'll need to download those to my server, right? They are not built in?
13:04 babilen h8: There are various ways to use them. Let me elaborate on them ..
13:04 h8 *waits anxiously*
13:04 h8 *and orders his pizza meanwhile*
13:04 babilen The first, and probably easiest, for you as a beginner would be to simply clone them to /srv/salt (or another location configured in file_roots in the master), but this is also the most manual approach.
13:05 h8 I'd like the best aproach, even if it means I have to dream with salt for the next 6 months
13:06 babilen Which brings us to the more common approaches: The first would be to clone them on GH (so that you don't pull changes pushed into those directly into your setup) and then reference your repository as gitfs_remote (cf. http://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html )
13:07 babilen You could, naturally, just configure the saltstack-formula repositories directly, but keep in mind that you would give everyone who can push into those root access to your infrastructure and that you might want to review changes first (hence the clone)
13:07 h8 got it. I'm guessing I'd have an sls file where I would reference to these files, right?
13:08 babilen The third approach, and my recommendation, would be to manage the salt master itself with salt and to use the formula functionality of that formula: https://github.com/saltstack-formulas/salt-formula -- That way you would only have to configure your master once so that it can salt itself and you would take it from there.
13:08 bhosmer joined #salt
13:09 babilen h8: Well, the first two approaches work by editing /etc/salt/master to your liking (in particular file_roots and gitfs_remotes) -- http://docs.saltstack.com/en/latest/ref/configuration/master.html
13:09 babilen That is, naturally, not necessary if you let salt salt itself
13:09 babilen (i.e. the third approach)
13:09 TheThing joined #salt
13:09 h8 letting salt salt itself, that'S something I have to look in to, everything else made sense
13:10 SheetiS joined #salt
13:10 babilen h8: It is no magic. You essentially run a salt minion on the salt master itself and configure the master in such a way that it can use the salt-formula (see first two approaches) and then just let the master configure itself.
13:11 babilen You simply need a "bootstrap" configuration on your master for that so that it can do that.
13:11 h8 salt-minion is running currently on the master, I've been here before and someone said it's common that i t's so
13:12 babilen In each of these approaches I wouldn't recommend to reference the upstream formulas directly due to the security implications of doing that
13:12 h8 I completely understand that
13:13 babilen So, to summarise: You can decide if you want to use gitfs or not and if you want to manually clone the formulas or let salt manage that via https://github.com/saltstack-formulas/salt-formula#salt-formulas
13:14 h8 salt will manage the formulas, that seems the most secure, as you said, thank you for taking time and explaining this
13:14 babilen No problem, you are most welcome.
13:14 h8 right now I'm just trying to deploy two packages via the pillars, after I can continue to bigger hights
13:15 redzaku joined #salt
13:15 babilen I just like to point out one difference between the "local" clone and GitFS approach: In the latter the salt-master would automagically checkout the latest version if you run a highstate (or "salt-run fileserver.update") whereas you have to update them explicitly in the former case.
13:15 redzaku joined #salt
13:16 h8 babilen: yes, that part was clear
13:17 babilen Depending on your usecase you might prefer one behaviour over the other. We use the GitFS approach in most of our setups for this reason and manage the gitfs_remotes configuration with corresponding entries in the salt-formulas pillar.
13:17 babilen There really isn't a "this is the best way" as it simply depends on what you want :D
13:18 h8 I get that, and I also know that I should ask other and draw the best way from what you guys say, but security is a must
13:20 vbabiy joined #salt
13:20 otter768 joined #salt
13:21 babilen fwiw, I'd always use the salt-formula and simply decide between GitFS and salt.formulas depending on the upgrade behaviour I want. I'd also always work on my own clones (but I guess that you figured that out already)
13:22 h8 I'll have to try the different methods to experience how they work, don't get me wrong, you explain nicely, it's just that I understand it better when I do it
13:23 babilen sure
13:25 h8 now, I'd have a question about installing a package through the pillars. I have the following setup: https://www.refheap.com/16a0876ef30688e9f0bd39c25 and I get the error for vim and ssh saying: Jinja variable 'dict object' has no attribute 'vim'
13:25 h8 what step am I missing here?
13:27 babilen where do you keep packages.sls ?
13:27 h8 they are all in /srv/pillar
13:27 babilen (and what does "salt 'someminion' pillat.item vim" give you?
13:27 h8 they are all in the same directory
13:27 h8 debian: ----------
13:27 Furao joined #salt
13:28 h8 I have to push the pillars over?
13:28 giantlock joined #salt
13:28 babilen Well, that isn't correct. top.sls, vim.sls and ssh.sls are states and should therefore live in /srv/salt, whereas packages.sls is a pillar and should live in /srv/pillar (and you would also need a top.sls there)
13:28 h8 oh got it
13:28 h8 top.sls is in there
13:29 h8 I guess I have to define /srv/salt in the master
13:29 h8 "A state tree is a collection of SLS files that live under the directory specified in file_roots"
13:30 babilen /srv/salt is configured by default
13:30 babilen (as is /srv/pillar)
13:30 h8 the directory was not configured, so I thought it isn't
13:30 h8 so my current top.sls should be in /srv/salt ?
13:31 babilen btw, I'd recommend to use "salt['pillar.get']('FOO', 'default value')"
13:31 babilen You require two top.sls, one for your pillar and one for your states
13:31 TheThing if only there was a shorthand for doing common salt commands
13:31 TheThing like
13:31 TheThing salt.get('FOO', 'default')
13:31 babilen salt.pillar.get
13:31 TheThing close enough
13:32 nullptr`` joined #salt
13:32 TheThing oh yeah, obviously salt.get wouldn't work
13:32 TheThing huehue, my brain is not working well this monday :-/
13:32 h8 but the one I have, top of the paste: https://www.refheap.com/16a0876ef30688e9f0bd39c25 was created based on the pillars, wasn't it? I mean, I've followed the pillars doc
13:32 babilen TheThing: http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.jinja.html#calling-salt-functions
13:32 aqua^mac joined #salt
13:33 babilen h8: As I said: Only packages.sls is a pillar
13:33 TheThing yeah I just remembered that babilen when you said salt.pillar.get
13:33 TheThing my brain is just not working today :<
13:33 h8 babilen: okay, I'll move them around
13:33 babilen ... /me reaches for his zombie apocalypse response kit
13:33 h8 and check what kind of a top.sls I need for the pillar
13:34 TheThing don't worry babilen, it's nothing serious... I hope
13:34 babilen h8: Just "base: '*': - packages" (or different targeting)
13:34 h8 so base: 'kernel:Linux': - packages would be enough?
13:34 TheThing I'm just force-feeding my brain tons of information about all kinds of different libraries so I can do the executive decision on which way/method we'll be using for this project
13:38 babilen h8: You would still have to use the "match: grains" as you want to match against grains
13:40 h8 now I'm getting Rendering SLS 'base:vim' failed: Jinja variable 'dict object' has no attribute 'vim'
13:40 alexr__ joined #salt
13:41 h8 it's - match: grain right? At least based on the docs
13:41 babilen http://docs.saltstack.com/en/latest/topics/targeting/grains.html#matching-grains-in-the-top-file
13:42 h8 yes, that's where I was, match: grain it is
13:42 babilen h8: Please paste your entire configuration (i.e. paths, file contents, ...) your commands and their output to http://refheap.com
13:42 babilen Feel free to throw in "salt 'someminion' pillar.items"
13:43 h8 we're okay
13:43 h8 it worked
13:43 h8 I had to refresh the pillars on the minions
13:44 ndrei joined #salt
13:45 babilen It should go without saying that I consider your current approach to be suboptimal ;)
13:46 h8 what I'm doing right now, is understanding a basic principle, having the basic configuration for pushing packages across systems
13:47 babilen ack
13:47 h8 what's wrong?
13:48 babilen With what?
13:48 h8 with this aproach? What's the bigger picture I'm not seeing?
13:48 h8 if you have time to explain, of course, I'd apreciate it
13:50 babilen We have established idioms for figuring out which package should be installed on different OS families (and versions) and your generic "packages.sls" pillar is both inflexible as unnecessary as you should just use the formulas for these packages to begin with. As you are simply in an exploratory phase to learn salt this is okay, but I consider your approach to be suboptimal for a production system.
13:51 babilen These idioms and ideas are, to a certain degree, discussed in both http://docs.saltstack.com/en/latest/topics/development/conventions/formulas.html and http://docs.saltstack.com/en/latest/topics/best_practices.html
13:52 babilen I consider the best practices document to be wrong/problematic in certain aspects so I wouldn't actually recommend to adhere to all patterns in there (the way they treat :lookup: in particular)
13:53 h8 okay, so basically, I should just use salt formulas, as you said previously
13:53 babilen indeed
13:53 numkem joined #salt
13:53 babilen (or adhere to the idioms established for them)
13:54 h8 okay, now I understand how the installation works, gonna get the formulas, that's the next big step and you do have to know I'm very happy you've helped me
13:55 h8 if I can offer a pizza in exchange at any moment, just ping me, it's the least I could do (:
13:55 babilen That won't be necessary
13:57 JDiPierro joined #salt
13:58 h8 wow, those are lots of formulas, funny that there's a puppy one
13:59 h8 that brings up a question I had for someone who has been in to salt and maybe knows puppet to, which one is better? Better at running updates, installations, management, etc.
13:59 babilen salt
14:00 njhartwell joined #salt
14:01 schlueter joined #salt
14:02 out180 joined #salt
14:02 wnkz joined #salt
14:04 schlueter1 joined #salt
14:10 morsik left #salt
14:14 jrluis joined #salt
14:15 sroegner joined #salt
14:15 jrluis1 joined #salt
14:17 cpowell joined #salt
14:18 FRANK_T h8 last Friday I convince management that we should use salt :p I will be migrating all my nodes from Puppet to salt.
14:18 cpowell joined #salt
14:18 FRANK_T very soon.
14:22 nitti joined #salt
14:23 dude051 joined #salt
14:26 h8 FRANK_T: yeah, I have my boss who has a friends who's a puppet master and I'm getting slack all the time when I say this is the way we should go
14:27 h8 *-s
14:28 FRANK_T I do not know if is the way but for me salt is easier
14:31 druonysus joined #salt
14:32 babilen ryan lane might have some comments on that (cf. http://ryandlane.com/blog/2014/08/04/moving-away-from-puppet-saltstack-or-ansible/ )
14:32 lebved joined #salt
14:32 Andre-B joined #salt
14:34 viq joined #salt
14:34 bhosmer joined #salt
14:34 viq joined #salt
14:36 hobakill gentlemen. starting to get into salt-ssh. having an issue targeting minions by grains. am i doing something wrong? on 2014.7.0 for both master and minion
14:36 hobakill https://www.refheap.com/96010
14:37 FRANK_T hobakill
14:37 FRANK_T hobakill
14:37 FRANK_T hobakill show me the target
14:38 shrihari joined #salt
14:38 FRANK_T did you created the roster file?
14:38 hobakill FRANK_T, yeah. the roster is just a single box ATM as i'm testing salt-ssh out
14:39 hobakill FRANK_T, but i'm unclear what you mean by 'show me the target'. the target is salt2... which clearly lists the kernel grain as Linux but salt-ssh doesn't think it exists.
14:39 mpanetta joined #salt
14:40 FRANK_T hobakill sorry I was talking about the roster file.
14:40 FRANK_T .
14:41 shrihari Hello
14:41 mpanetta joined #salt
14:41 hobakill FRANK_T, this is the sum total of my roster file currently! :) https://www.refheap.com/96014
14:42 TheThing_ joined #salt
14:43 MTecknology For people giving talks at saltconf, isn't there a discount?
14:43 FRANK_T hobakill https://www.refheap.com/abc51a667c72701dc0ff0e19f
14:43 FRANK_T add username and password and try again
14:43 schlueter joined #salt
14:44 FRANK_T hobakill http://docs.saltstack.com/en/latest/topics/ssh/roster.html
14:44 hobakill FRANK_T, i don't think connection is the issue though as i can remote control the box fine using things like -r or even cmd.run
14:44 arno joined #salt
14:45 lothiraldan joined #salt
14:45 hobakill FRANK_T, https://www.refheap.com/96016
14:46 FRANK_T hobakill wait do you have salt-minion?
14:46 hobakill FRANK_T, however if i run that same command with -G "kernel:Linux" i get the "No hosts found with target kernel:Linux of type grain" error
14:46 zadock joined #salt
14:46 hobakill FRANK_T, on the target? yes.
14:47 FRANK_T so why do not want to use salt-ssh?
14:47 FRANK_T out of curiosity
14:47 hobakill FRANK_T, because i have a set of 12 or so minions that continually break connection with the salt master. instead of using ansible to restart a large # of minions i'd like to use salt-ssh
14:48 kaptk2 joined #salt
14:48 FRANK_T got it.
14:48 FRANK_T I never thought about that...
14:49 intellix joined #salt
14:49 hobakill FRANK_T, and this example shows that the grain is clearly working using normal salt command: https://www.refheap.com/96018
14:50 toastedpenguin joined #salt
14:50 FRANK_T yes but if you turn off the minion you wont be able to do it..
14:50 FRANK_T so I think that you have a to add the user name and password to the roster
14:51 toastedpenguin joined #salt
14:51 FRANK_T try that and let me know.
14:52 hobakill FRANK_T, for what purpose though? if i have a connection and it authenticates what would be the purpose of adding those two fields?
14:53 * babilen doesn't understand that either
14:53 hobakill FRANK_T, moreover i don't want to put root passwords in plaintext.
14:53 babilen +12
14:54 jeremyr joined #salt
14:54 FRANK_T hobakill okay thats the only way that I know.. sorry.
14:54 hobakill FRANK_T, it's no problem boss. i appreciate the brainstorming!
14:55 hobakill FRANK_T, babilen i have a feeling i'm in github/issue tracking territory
14:55 FRANK_T hobakill I do not use salt-ssh  but I did I test why the username and password before
14:55 FRANK_T ok.
14:55 keyser joined #salt
14:55 babilen hobakill: I have the same feeling
14:56 hobakill now to gather up all my refheaps :)
14:57 FRANK_T wait now I have a question.... if I want to ssh to another computer using salt-ssh
14:58 numkem anyone worked with getting salt in Xenserver dom0?
14:58 FRANK_T At some point I have to provide a username and password
15:00 tracphil joined #salt
15:02 schlueter1 joined #salt
15:03 njhartwell Has anyone successfully rolled back from 2014.7 to 2014.1? Having bad issues with 2014.7 (minions stop responding during highstate, deployments, etc.) and need to get back to stability.
15:04 giantlock joined #salt
15:05 housl joined #salt
15:07 hobakill FRANK_T, right - when you run the initial salt-ssh command it asks you for the root password.
15:08 FRANK_T hobakill good to know.
15:09 babilen njhartwell: I'm not aware of anybody (but that doesn't have to mean anything)
15:09 babilen fwiw, 2014.7 *should™* be stable
15:09 babilen numkem: We run salt on plenty of dom0s
15:10 twellspring joined #salt
15:11 Ahlee so.  Any word on a salt linter?
15:11 babilen Ahlee: If I had to choose a single word it would be "want" ;)
15:12 Ahlee babilen: Right?  This is two+ years of wanting.
15:12 jerematic joined #salt
15:13 rojem joined #salt
15:15 twellspring joined #salt
15:20 Ahlee so now i have states that generate my top.sls and jinja templates, and attempt to run their corresponding highstates and only on success does it actually copy the files into the 'mainline' repo
15:20 Ahlee er, sorry, pillar files, not templates.
15:21 alexr_ joined #salt
15:21 otter768 joined #salt
15:21 jab416171 joined #salt
15:21 aqua^mac joined #salt
15:23 numkem babilen: do you install it by hand? I'm working on changing the bootstrap script to work with xenserver
15:23 numkem babilen: I think I'm close tho, it seems to just be an epel problem right now
15:23 paulm-- joined #salt
15:23 FRANK_T hobakill i just test my roster. it is working
15:23 babilen numkem: I am simply installing it from the Debian repositories (same as on any other box) -- There is nothing specific about our dom0s in that regard.
15:24 FRANK_T try to restart the master service
15:24 babilen FRANK_T: But salt-ssh should work independently of a master
15:24 babilen I mean that's kind of the point (despite the different transport)
15:24 FRANK_T babilen... good to know.
15:24 rojem joined #salt
15:28 hobakill FRANK_T, you can filter by grains?
15:29 FRANK_T hobakill https://www.refheap.com/c250d63c7118c2523eff9e5f1
15:29 babilen FRANK_T: Yeah, but can you target using that grain?
15:30 * hobakill agrees
15:30 FRANK_T no :(
15:31 FRANK_T salt-ssh -G "kernel:Linux" test.ping
15:31 hobakill i'll start an issue at github
15:31 FRANK_T No output
15:31 badon joined #salt
15:31 FRANK_T salt-ssh -G -v "kernel:Linux" test.ping
15:31 FRANK_T Executing job with jid 20140411174841447929
15:31 FRANK_T No output.
15:32 paulm-- Why does .get() work in this file. Where is support for .get() coming from? https://github.com/saltstack-formulas/users-formula/blob/master/users/init.sls
15:32 babilen hobakill: I have no idea if that is supposed to work, but filing an issue sounds like the right approach
15:32 hobakill babilen, agreed. if it's not a thing it's not a thing.... but it seems like it should be.
15:32 babilen paulm--: That's Python's dict .get() method
15:33 paulm-- babilen: I thought I couldn't use Python in Jinja
15:33 babilen paulm--: fsvo Python .. endswith works too.
15:34 babilen paulm--: Not sure if there is a comprehensive list or good documentation that details what you can actually do and what you can't do
15:34 paulm-- How infuriating
15:35 babilen jinja is infuriating, yeah
15:35 * babilen hides
15:36 paulm-- You're implying that not all Python dictionary methods are available... right?
15:37 TheThing joined #salt
15:42 dnai23 joined #salt
15:43 paulm-- Not that it would help much if they were. The few times I've looked at it, I find Python manual impossible to navigate at the best of times
15:46 racooper joined #salt
15:52 kawa2014 joined #salt
15:52 Auroch joined #salt
15:52 nullptr`` joined #salt
15:53 fredvd joined #salt
16:00 conan_the_destro joined #salt
16:03 redzaku joined #salt
16:04 xliiv joined #salt
16:05 arno joined #salt
16:06 tux_ joined #salt
16:07 tux_ hello folks, im allways getting 'state.hightstate' is not available. whats my fault???
16:07 babilen tux_: I don't know, do you have salt installed? Why do you think that it should behave differently?
16:08 tux_ i have installed salt on my master and it is running on the minions
16:08 babilen tux_: Well, 'state.hightstate' is wrong. It should be "state.highstate"
16:09 tux_ yes it is
16:09 tux_ typing failure
16:10 tux_ 3rddeploy:
16:10 tux_ Data failed to compile:
16:10 tux_ ----------
16:10 tux_ Traceback (most recent call last):
16:10 tux_ File "/usr/lib/python2.7/site-packages/salt/state.py", line 2817, in call_highstate
16:10 tux_ top = self.get_top()
16:10 tux_ File "/usr/lib/python2.7/site-packages/salt/state.py", line 2319, in get_top
16:10 tux_ tops = self.get_tops()
16:10 tux_ File "/usr/lib/python2.7/site-packages/salt/state.py", line 2196, in get_tops
16:10 tux_ saltenv=saltenv
16:10 tux_ File "/usr/lib/python2.7/site-packages/salt/template.py", line 84, in compile_template
16:10 tux_ ret = render(input_data, saltenv, sls, **render_kwargs)
16:10 tux_ File "/usr/lib/python2.7/site-packages/salt/renderers/yaml.py", line 48, in render
16:10 tux_ data = load(yaml_data, Loader=get_yaml_loader(argline))
16:10 tux_ File "/usr/lib64/python2.7/site-packages/yaml/__init__.py", line 71, in load
16:10 tux_ return loader.get_single_data()
16:10 nkuttler interesting
16:10 malinoff tux_: http://pastie.org
16:10 tux_ File "/usr/lib64/python2.7/site-packages/yaml/constructor.py", line 37, in get_single_data
16:10 tux_ node = self.get_single_node()
16:10 tux_ File "/usr/lib64/python2.7/site-packages/yaml/composer.py", line 36, in get_single_node
16:10 tux_ document = self.compose_document()
16:10 nkuttler or dpaste.net
16:10 tux_ File "/usr/lib64/python2.7/site-packages/yaml/composer.py", line 55, in compose_document
16:10 tux_ node = self.compose_node(None, None)
16:10 tux_ File "/usr/lib64/python2.7/site-packages/yaml/composer.py", line 84, in compose_node
16:10 babilen ...
16:10 tux_ node = self.compose_mapping_node(anchor)
16:10 tux_ File "/usr/lib64/python2.7/site-packages/yaml/composer.py", line 127, in compose_mapping_node
16:10 tux_ while not self.check_event(MappingEndEvent):
16:10 tux_ File "/usr/lib64/python2.7/site-packages/yaml/parser.py", line 98, in check_event
16:10 babilen wtf
16:10 malinoff yeah
16:10 tux_ self.current_event = self.state()
16:10 tux_ File "/usr/lib64/python2.7/site-packages/yaml/parser.py", line 439, in parse_block_mapping_key
16:11 nkuttler makes it hard to read in the channel, with all the chatter in between. not to mention the spam
16:11 malinoff give me more tracebacks
16:11 tux_ "expected <block end>, but found %r" % token.id, token.start_mark)
16:11 tux_ ParserError: while parsing a block mapping
16:11 tux_ in "<unicode string>", line 1, column 1:
16:11 tux_ base:
16:11 tux_ ^
16:11 tux_ expected <block end>, but found '<block sequence start>'
16:11 tux_ in "<unicode string>", line 3, column 5:
16:11 tux_ - editor
16:11 tux_ ^
16:11 tux_ now im getting this
16:11 nkuttler tux_: stop
16:11 tux_ http://pastie.org/9827647
16:11 babilen tux_: Please use a pastebin such as http://refheap.com
16:11 jalbretsen joined #salt
16:12 tux_ there it is
16:12 tux_ sry...
16:12 babilen tux_: So, please paste the SLS file that causes this error
16:12 nkuttler tux_: and your sls file?
16:12 berserk joined #salt
16:12 tux_ which one? i got top sls and two other
16:13 racooper well apparently, the one that has "base" and "editor"
16:13 babilen All of them
16:14 tux_ http://pastie.org/9827650
16:15 tux_ all in one
16:15 babilen tas
16:15 babilen *ta
16:15 * babilen would recommend to use the short-dec-style (i.e. "file.managed:" rather than "file: - managed")
16:16 nkuttler pretty sure that should be '*':
16:16 babilen if grains['os'] == 'Cent*' won't work (it does not use fnmatch)
16:16 tux_ its a test
16:16 tux_ ah
16:16 babilen And yes, "base: '*': - editor"
16:17 nkuttler tux_: you could also use a yaml validator for basic syntax
16:17 tux_ "base: '*': - editor" in one line?
16:17 babilen no
16:19 stevednd am I losing my mind, or is it not possible to jinja template pillars? All of my attempts currently to add some minor logic in my pillars fails with salt telling my pillar compilation failed and to check the master logs for details. Except the master log has 0 information even when set to debug level
16:19 babilen stevednd: You can use jinja in your pillars, yeah
16:19 murrdoc joined #salt
16:19 stevednd 2014.7 relatively recent version from the git branch
16:20 nkuttler stevednd: as in unreleased version?
16:20 tux_ babilen: what you mean with "yes...."
16:20 stevednd babilen: that's what I thought, but all of my attempts keep failing, and the same logic will work just fine in a state file. The thing that's really pissing me off is that I can find 0 output from salt as to *why* it's failing to compile
16:21 babilen tux_: I meant: "Yes, just like nkuttler pointed out you are missing a :"
16:21 stevednd nkuttler: yes. I'm tracking the 2014.7 branch
16:21 babilen stevednd: Maybe I can spot it, could you paste an example to http://refheap.com ?
16:22 tux_ ah i c
16:22 tux_ behind the '*'
16:22 stevednd babilen: let me put something together that fails. I took everything out just so I could move forward over the weekend
16:23 johtso joined #salt
16:23 RedundancyD joined #salt
16:23 peters-tx joined #salt
16:24 tux_ http://pastie.org/9827674 now i got this error
16:24 tux_ but it looks like its getting forward
16:24 elfixit joined #salt
16:25 twellspring joined #salt
16:25 hasues joined #salt
16:25 wendall911 joined #salt
16:26 nkuttler tux_: looks like the same problem.. yamllint.com
16:26 berserk joined #salt
16:26 hasues left #salt
16:27 murrdoc tux_:  if u are using vim, setting up syntastic + salt-vim will help, a lot
16:27 babilen Oh, yes.
16:27 babilen stevednd: I'm heading off now and will be back later. All the best!
16:27 tux_ do this packages exist in debian repo?
16:28 murrdoc are u using vim ? and do you have access to git ?
16:28 schristensen joined #salt
16:28 tux_ yes
16:28 murrdoc step 1:
16:29 murrdoc mkdir -p ~/.vim/autoload ~/.vim/bundle && \
16:29 murrdoc curl -LSso ~/.vim/autoload/pathogen.vim https://tpo.pe/pathogen.vim
16:29 tux_ im using vim-nox
16:29 murrdoc ok not sure what that is
16:29 nkuttler murrdoc: it's just a vim package without x deps
16:29 murrdoc but https://github.com/scrooloose/syntastic + https://github.com/saltstack/salt-vim after u setup pathogen
16:29 murrdoc will work
16:30 murrdoc nkuttler:  thanks, didnt know wthat
16:30 stevednd babilen: https://gist.github.com/dnd/d16a5fa6388ea9d9a2de
16:30 murrdoc at minimum if u use modelines , add a ft=sls sts=2 tw=2 et ai retab to the top of the file
16:31 murrdoc does true work steve or does it need to be True
16:32 stevednd that's just something I through together quick. Ignore that it's testing environments, I know and plan on separating my pillars that way soon enough
16:34 tux_ ok whats step 2?
16:34 UtahDave joined #salt
16:35 murrdoc :)
16:35 murrdoc cd ~/.vim/bundle && \
16:35 murrdoc git clone https://github.com/scrooloose/syntastic.git
16:35 murrdoc git clone https://github.com/saltstack/salt-vim
16:35 murrdoc quit vim, reopen, :Helptags
16:35 murrdoc i am assuming u have put execute pathogen#infect() into ~/.vimrc
16:35 andrew_v joined #salt
16:36 twellspring joined #salt
16:37 numkem i'm trying to use the iptables states/module and it seems like you can't use a insert state in a highstate since the rule would be inserted everytime. How could I achive to do it only once? I see that I could use iptables.check to find if the rule is already but I can't find documentation regarding using this module into a state file and do a compare with jinja
16:38 numkem so my question really is, how could I run a module first than get it's result into a jinja variable
16:38 numkem or if there is a better way to do that
16:39 che-arne joined #salt
16:39 ocdmw joined #salt
16:39 bendzans joined #salt
16:41 StDiluted joined #salt
16:43 tux_ how do i clear the salt cache?
16:43 Ozack joined #salt
16:44 tux_ http://pastie.org/9827711
16:44 murrdoc joined #salt
16:44 dseira joined #salt
16:44 tux_ i still get this error, but i have no "packages" defined...
16:45 iggy numkem: what distro?
16:45 stevednd UtahDave: is there a setting somewhere to make salt spit out pillar compilation errors? I get a message from salt telling me the pillar failed to compile and to check the master log for details, but even with it set to debug I get absolutely no information
16:45 numkem iggy: of the salt-master or the minion?
16:45 chitown joined #salt
16:45 UtahDave stevednd: try running the salt master in debug mode in the cli.
16:45 iggy numkem: whatever you are trying to apply iptables rules to (so minion)
16:45 stevednd UtahDave: I did
16:46 numkem iggy: for minion it's Xenserver dom0, so it would be roughly a CentOS 5
16:46 stevednd salt -l debug right?
16:46 UtahDave salt-master -l debug
16:46 iggy numkem: I think centos/rhel is known to not work well with the iptables states... check github issues
16:46 iggy I don't know if that includes all versions though
16:47 iggy tux_: paste your top file (and associated states), but I think your problem is using unicode (python2 is notoriously bad at handling unicode)
16:47 jimklo joined #salt
16:47 stevednd UtahDave: yeah, that's what I meant
16:48 stevednd I have done all ends -l debug, but don't see anything
16:48 jimklo joined #salt
16:48 UtahDave stevednd: ok.  could you pastebin your sanitized top file as well as the exact error you're seeing?
16:49 tux_ http://pastie.org/9827724
16:49 tux_ here it is
16:49 numkem iggy: actually the insert does work
16:50 numkem iggy: but it always inserts so there is no check. Assuming I have to implement the check myself, how could I get the output of a module.run into a jinja variable
16:50 iggy numkem: yeah, that's the problem
16:50 zadock joined #salt
16:51 tux_ i have installed python 2.7
16:51 iggy numkem: {% set hasrule = salt['iptables.check']('foo') %}
16:51 iggy or something
16:51 murrdoc tux_:  problem is in line 5
16:51 murrdoc it needs to be base: \n \t '*'
16:51 numkem iggy: that sounds way too simple, thanks :)
16:51 UtahDave numkem: isn't there an iptables state?
16:51 stevednd UtahDave: I found it. Now that's a pita. I was using pillar.get and it was giving no idication of the problem. I tried pillar.items and I see the problem
16:51 iggy numkem: that was a rough example... I've never worked with the iptables modules/states
16:52 tux_ murrdoc i had it like that
16:52 iggy UtahDave: yeah, that's busted and continually adds the same rules over and over on centos/rhel
16:52 murrdoc kk
16:52 numkem UtahDave: there is but no support for checking if the state already exists as a state, only to append, insert
16:52 UtahDave ok, glad you found it stevednd
16:52 tux_ and wont work too
16:52 numkem UtahDave: but yes, there is states for it, they just don't convert the whole module
16:52 stevednd UtahDave: so that confirmed what I found and brings me to my next question. Why aren't custom modules available in pillars?
16:52 stevednd regular salt modules are there, but no custom
16:53 UtahDave stevednd: I don't know, actually.  Might be an oversight.  Could you check the github issue tracker?
16:53 UtahDave numkem and iggy. huh, that's weird.
16:53 iggy because pillars are supposed to be mostly static data... if you are trying to be that clever that you need  modules in your pillar, you should probably be using an ext_pillar of some kind
16:54 mgw joined #salt
16:55 Ahlee but even then, ext_pillar is populated from the master.  "Dynamic grains", something that updates on demand from the minion's view would be fantastic
16:56 numkem UtahDave: at least thats what the documentation reflects
16:56 stevednd UtahDave: I found this https://github.com/saltstack/salt/issues/11304 and this https://github.com/saltstack/salt/issues/12180
16:56 stevednd in 12180 you recommend using extension_dir?
16:57 UtahDave have you tried that?
16:57 stevednd is that a workaround for the missing behavior, or is that the right way to do it?
16:57 iggy Ahlee: if that's the case, you might as well just use a lot of {% set foo = module.function stuff %} all over the place
16:57 stevednd getting there
16:57 iggy instead of trying to shoehorn "dynamic" data into grains
16:58 iggy because grains are really not supposed to be stuff that changes often
16:58 Ahlee iggy: Well aware grains aren't supposed to change.  Nor are pillars.
16:58 stevednd UtahDave: I'm assuming `extension_dir: /srv/salt/_modules`?
16:58 stevednd in my master config
16:58 Ahlee I yelled loud when grains.setval was added.  I'm still dealing with fallout.  Doesn't change my requirements for being able to dynamically build information from a minion
17:00 iggy Ahlee: but what do you actually want that either grains or {% set foo .... %} doesn't achieve now?
17:00 UtahDave stevednd: that should work.
17:00 iggy I mean grains handles data that shouldn't really change between reboots
17:00 Ahlee iggy: Dynamic targeting
17:01 iggy Ahlee: ahh, I see
17:01 Ahlee sadly, salt is not the defacto source of the truth for me, it's just one cog in the system
17:02 Ahlee so I have a module right now that's updating redis with info, and ext_pillar querying it
17:02 Ahlee so hacky, so many race conditions, best I can do
17:02 iggy that seems like a valid enough use case to add some functionality to salt
17:02 hal58th joined #salt
17:02 iggy you can't use a ext_pillar that just talks to whatever system you are using?
17:02 Ahlee yeah, on todo list to see where it would fit.
17:02 iggy (vs the redis intermediary)
17:03 Ahlee iggy: sadly, no
17:03 stevednd UtahDave: that didn't seem to do anything
17:04 stevednd should there be an indication somewhere in the logs that it loaded the modules in?
17:04 Ahlee first step's upgrading, second steps figuring it out.  This will do for now
17:04 iggy Ahlee: if you ever get around to filing an issue for that, let me know, I'd like to follow it
17:04 aquinas joined #salt
17:05 Ryan_Lane joined #salt
17:05 mrjk joined #salt
17:05 aparsons joined #salt
17:05 mrjk Hello
17:06 UtahDave hey, mrjk
17:06 mrjk I was wondering why some grains are sometimes shown and sometime not when I do: salt '*' grains.items
17:07 mrjk (grains configured in minion, in /etc/salt/grains) and I use version 2014.1.13+ds-2
17:07 UtahDave stevednd: did you restart your master?
17:07 stevednd I did
17:07 stevednd I was just rereading the issue
17:07 tux_ anyone said there is a problem with unicode and python 2... so would it fix the problem if i install python 3?
17:07 numkem iggy: your suggestion worked, it's not super pretty because I endup with tons of if clauses in my sls but I'm ok with it. Thanks!
17:08 UtahDave tux_: your best bet is have utf-8 files.  Salt doesn't support python3 quite yet
17:08 stevednd UtahDave: do the modules need to be in <extdir>/modules? I just pointed extension_dir to /srv/salt/_modules
17:08 tux_ how do i do this?
17:08 UtahDave stevednd: Yeah, now that you mention it, I think that is correct.
17:08 tux_ with vim?
17:08 tux_ in "<unicode string>", line 1, column 1: still got this error...
17:09 stevednd UtahDave: is this the same as the modules dir I have at /srv/modules?
17:10 stevednd I'm just wondering if I can symlink it
17:10 hasues joined #salt
17:10 UtahDave tux_: that compilation error is from your pillar top.sls not your states sls.   look in  /srv/pillar/top.sls
17:10 aqua^mac joined #salt
17:10 UtahDave stevednd: yeah, symlink it.  They were built at different times, so they don't now about eachother
17:12 hasues left #salt
17:12 viq_ joined #salt
17:12 cheus Is anyone here is using salt for docker orchestration?
17:12 hasues joined #salt
17:13 stevednd this will probably create a mess once I get this all in git since I don't think the links will work. will setting extension_dir to someplace different cause salt not to pickup on my existing /srv/modules, and /srv/runners stuff?
17:13 markm_ joined #salt
17:14 linjan joined #salt
17:17 UtahDave stevednd: no, they are completely separate functions
17:18 UtahDave cheus: I've done some docker orchestration with salt.  There's a video of it on the front page of saltstack.com.   or at least it used to be there....
17:20 stevednd UtahDave: It doesn't seem to be working
17:21 cheus UtahDave, Just curious, did you use any particular solution for ensuring seamless service cutover? I may not just be thinking creatively here but I didn't see a requisite I could use to tell when a container image is updated (and can be stopped / re-run)
17:22 hobakill basic one... how do you use -L in the salt module? i've tried to use it like -G but it doesn't work like that i guess.
17:22 otter768 joined #salt
17:23 hobakill some examples: https://www.refheap.com/96023
17:23 mrjk hey guys, can somebody explain me why when I run 4 times the same salt command, I don’t have the same result ? oO http://pastebin.com/dm7a6FDG
17:24 iggy hobakill: you have to have the lists specified in the config file (iirc)
17:25 lothiraldan joined #salt
17:25 mrjk (1 second interval between each command)
17:25 hobakill iggy, :( then i'm doing something wrong. which config file?
17:25 iggy mrjk: I suspect you are seeing the same thing we all have seen at some point... minions disconnect or are just too slow to respond... I suggest upping the timeout and/or just getting used to running test.ping a few times before you try anything
17:26 UtahDave mrjk: it appears your minions aren't returning fast enough for their results to show up in your cli.  If you look in the job cache, you'll see the results are all identical
17:27 iggy hobakill: nvm, I was thinking of nodegroups, but yeah, you can't use use globs with -L (and you have to use the full name as listed in salt-key/minion_id)
17:27 mrjk Hum, okay, but it’s weird, it means default is quite low (As you said, I’ve try with test.ping many times, same behaviour)
17:27 hobakill maybe i can skip this whole thing entirely and ask UtahDave my specific question. I was starting to get into salt-ssh and i can't use the -G option. is it supposed to work like a regular salt -G ?
17:27 snave joined #salt
17:28 iggy hobakill: read about the limitations of salt-ssh
17:28 UtahDave hobakill: what version of salt are you using?
17:28 hobakill UtahDave, 2014.7.0
17:29 hobakill iggy, yeah the salt-key -L was the ticket. some of my minions are capitalized in there and some aren't... gosh......... ok thanks man.
17:29 TyrfingMjolnir joined #salt
17:29 UtahDave hobakill: -G is targeting with grains, right?
17:29 hobakill yeah.
17:29 UtahDave hobakill: I think that should work once you've run a test.ping  or something on all the minions
17:29 KyleG joined #salt
17:29 KyleG joined #salt
17:30 UtahDave hobakill: I think the master now caches minions's grains with salt-ssh
17:30 linjan joined #salt
17:31 conan_the_destro joined #salt
17:31 hobakill UtahDave, meaning 2015.x.x ?
17:32 hobakill UtahDave, https://www.refheap.com/96024
17:32 stevednd is there a way to use grains targeting to target a wildcard in the middle? I have a grains structure like this apps: app1: ['web', 'worker'] I want to get all minions that are workers so I tried targeting apps:*:worker, but  I got no minions matching target
17:32 hobakill UtahDave, in this example i'm showing a small snippet of my roster file.
17:33 iggy stevednd: --grain-pcre maybe?
17:34 UtahDave hobakill:  try running    salt-ssh \* test.ping     first
17:34 stevednd iggy: is that available to mine also?
17:35 goal I'm using reclass as an ENC and I'm struggling with the loss of ability to set pillar data based on grains (eg. {% if grains['os'] == 'RedHat' %} apache: httpd {% endif %}). What are my options here, or am I missing something important?
17:35 hobakill UtahDave, yeah the test.ping works.
17:36 UtahDave hobakill: if you look at    salt-ssh --help   you can see that -G is supported
17:37 hobakill yup. that's why i came here ... it SHOULD work but doesn't.
17:37 UtahDave try adding --refresh-cach to your test.ping command. maybe that will update it's grains cache
17:37 stevednd iggy: it seems to only work at the tail of the expression
17:37 stevednd is that your experience?
17:38 hobakill UtahDave, sorry - that didn't do the trick
17:38 perfectsine joined #salt
17:39 UtahDave hobakill: ok, just a sec. doing some testing of salt-ssh here.
17:39 hobakill sounds good UtahDave . i can always put in an issue into git hub but wanted to bounce it off the room first.
17:40 ksalman I have migrated my saltmaster to a new server, and moved the DNS A record as well. Do i really need to restart the service on the minions before they'll talk to the new master?
17:40 ksalman that appears to be the case
17:40 UtahDave ksalman: they should re-resolve after 30 seconds.
17:43 ksalman UtahDave: I did this on Friday evening and the master still cannot reach the minions until i bounce the service on the minion. For example 'salt <minion> test.ping -t 60' returns nothing until i bounce the server on the minion
17:43 UtahDave ksalman: hm. that might be a minion config option that has to be turned on.
17:43 tracphil Can someone point me to a simple how-to to include pillar data into a configuration file?
17:45 iggy dbhost: {{ salt['pillar.get']('db:host:name') }}
17:46 stevednd tracphil: you need to manage your config file with salt somehow. if you use file.managed you can either pass the pillar information in using the context: or you can just grab the data in your config file template
17:46 stevednd iggy: do you have a nested dict grain structure that you could try a query similar to mine on?
17:46 rojem joined #salt
17:47 iggy stevednd: I think the globbing only works on the last part
17:48 stevednd even with pcre?
17:48 stevednd grains-pcre that is
17:49 desposo joined #salt
17:49 iggy "the syntax for the target is the grain key followed by a globexpression:"
17:50 ksalman UtahDave: I can see the minion key being accept at /etc/salt/pki/master/minions though
17:50 iggy that leads me to believe that only the value (i.e. last slice) supports the glob
17:50 ksalman what config do i need on the minion?
17:50 iggy but I could be wrong
17:51 stevednd I can accept that with the standard glob version, but not with the grains pcre version
17:51 iggy the grain-pcre version has almost the same wording
17:52 stevednd that seems rather ineffective
17:52 stevednd so the option for now is to explode my grains further to now reverse the index on that tree as well
17:55 hasues left #salt
17:55 druonysuse joined #salt
17:55 druonysuse joined #salt
17:56 spookah joined #salt
17:57 cpowell joined #salt
17:58 UtahDave ksalman: can you verify that your new master has both ports 4505 and 4506 open in its firewall?
18:00 ksalman UtahDave: just checked, they are open
18:00 UtahDave back in a bit
18:00 ksalman it works fine after i bounce minion servicd
18:00 ksalman e
18:02 iggy I would think that would be normal operating procedure... the minions connect to (and keep a connection open to the master)... unlike some other cfg mgmt services that the "agent" periodically connects to and polls the server
18:02 rojem joined #salt
18:04 ajw0100 joined #salt
18:05 schristensen joined #salt
18:05 smcquay joined #salt
18:05 wt joined #salt
18:05 ksalman i was hoping not to restart service on 1000+ minions
18:07 tracphil stevednd: if I do this on the server:  salt '*' pillar.items I see my variables, however they are not getting injected into the config file. I am putting the variable in {{ }}, is that they way it should be?
18:08 tracphil stevednd: so in my confif file (in this case /etc/sssd/sssd.conf) I have: domains = {{ auth_domains }}
18:08 hal58th ksalman what versions of salt-minion are you running?
18:09 felskrone joined #salt
18:09 ksalman hal58th: all minions are running 2014.1.[0,1]. The old master was 2014.1.1, and the new one is running 2014.7.0
18:10 forrest joined #salt
18:10 nickdew joined #salt
18:11 gattie joined #salt
18:11 hal58th ksalman https://github.com/saltstack/salt/issues/10032 https://github.com/saltstack/salt/issues/15122
18:12 ksalman hal58th: yikes.. thanks
18:12 stevednd tracphil: it would be best if posted a gist, or pastebin of your sls and config file
18:13 ksalman i wonder if it'll work if i move the IP address as well
18:13 tracphil stevednd: will do, thanks
18:14 tracphil q
18:14 hal58th ksalman did you change the IP address? I think it "might" work if you don't change the IP address or DNS. Just completely take down the old box and put the new one up
18:14 ksalman hal58th: It has a new IP address and I moved the DNS name.
18:15 hal58th So yeah, according to that ticket, your implementation will never work
18:15 ksalman >.<
18:15 ksalman I'll try moving the IP address then.. that'll be lots better then restarting all the minions
18:18 iggy tracphil: make sure you have - template: jinja in your file.managed stanza for that config file
18:20 schristensen joined #salt
18:24 xliiv joined #salt
18:25 rap424 joined #salt
18:25 hpqtrx joined #salt
18:25 hpqtrx hello!
18:26 hpqtrx Is there a possibility to encrypt data with your private key, using nacl?
18:26 hpqtrx i.e. what a signature does, but without the hashing
18:28 mnguyen joined #salt
18:32 twellspring joined #salt
18:32 nmadhok joined #salt
18:32 nmadhok hello
18:33 hobakill UtahDave, FWIW i added https://github.com/saltstack/salt/issues/19649
18:33 rofl____ how about 2014.7.1?
18:33 rofl____ i saw something about last week
18:33 rofl____ or early this week
18:33 hal58th hpqtrx not sure what you are trying to accomplish. Encrypt where or doing what
18:35 rypeck joined #salt
18:35 hpqtrx I simply need to encrypt a given information with private key so that everyone knowing the pubkey can decrypt
18:35 hpqtrx hal58th: ^^
18:36 FRANK_T hobakill I have version 2.1.7 and did not worked
18:36 hpqtrx but only ownwer can encrypt
18:37 hal58th hpqtrx I don't believe salt has exactly what you want. the only part of the encryption I know of is detailed here. http://docs.saltstack.com/en/latest/topics/index.html#building-on-proven-technology
18:38 mattbarto joined #salt
18:38 hal58th hpqtrx I think you would have to use another system to accomplish your goal
18:38 hpqtrx :(
18:38 iggy hpqtrx: gpg renderer?
18:39 hpqtrx I'm sure nacl does it, but it does it under the hood and doesn't have apis for it
18:39 iggy rofl____: as of Thursday, QA was testing it (iirc)
18:39 cpowell_ joined #salt
18:39 hpqtrx when you sign a message, you hash it and encrypt the hash with the private key, which can then be verfied by everyone who has the public key. I would like that without the hashing and without the original plaintext data
18:40 twellspring joined #salt
18:41 Ryan_Lane joined #salt
18:43 shaggy_surfer joined #salt
18:43 paha joined #salt
18:43 hpqtrx signing data means 1) hashing it, 2) encrypting the hash 3) adding encrypted hash to plain text data.  I don't want to combined package 1-3, but only point 2
18:44 hpqtrx so with salt I cannot accomplish this, though salt probably does it anyways in the background?
18:46 mnguyen Hi.  Does anyone here have experience using Salt version 2014.7 with the networking state and Ubuntu?  I'm trying to setup a bond interface with some slaves, and it's not outputting the right config in the /etc/network/interfaces file
18:46 aboe joined #salt
18:50 hal58th mnguyen is this what is happening with you? https://github.com/saltstack/salt/issues/7743
18:51 jalaziz joined #salt
18:54 mnguyen hal58th Nope.  The interfaces just don't seem be be configuring correctly based on the salt state description
18:54 hal58th mnguyen can't help then. sorry
18:55 mnguyen hal58th No problem.  Appreciate the insight
18:57 sumida joined #salt
18:59 aqua^mac joined #salt
19:00 murrdoc joined #salt
19:05 rlarkin joined #salt
19:06 ajw0100 joined #salt
19:06 twellspring joined #salt
19:08 hebz0rl_ joined #salt
19:12 Cimmerian_ joined #salt
19:13 numkem Any way to do regex matching in jinja? I know it's not supported by default but there is always the possibility of adding a custom filter
19:14 murrdoc joined #salt
19:14 iggy numkem: to what end?
19:14 numkem I want to parse the hostname and put things in the minion's grain depending on it's hostname
19:15 murrdoc joined #salt
19:15 numkem so say lax-db... would mean the server is in Los Angeles and it's a database server
19:15 babilen numkem: No, you'd have to use the re module. Unlike mako jinja does not support inline Python blocks so you have to write an execution module to extend its functionality
19:15 jprewitt joined #salt
19:16 numkem interesting, will have to read about custom modules, thanks babilen
19:16 iggy {% if 'lax' in grains['fqdn'] %}{% set location = 'LA' %}{% endif %}
19:16 babilen Jinja makes something as simple (and common!) as parsing minion ids unnecessarily complex
19:17 numkem iggy: oh yes! the in operator, that seems to be the way I should go
19:17 babilen iggy: That won't work if you have a "laxative" daemon ;)
19:17 numkem I've written lots of stuff in flask/jinja but for some reasons my brain doesn't connect the 2 together
19:17 iggy yeah, definitely not perfect... was just trying to make the point that there might be other ways to achieve what you want
19:17 jameswarren joined #salt
19:17 babilen But sure, you can use things such as .startswith(..), .endswith(..), in, ... but that is not equivalent to using the re module
19:18 * babilen should travel back in time and convince salt to use mako by default
19:18 numkem I don't think I need regular expression in the end, I can accomplish the whole thing with just the 'in' operator
19:18 babilen numkem: I'd be a bit more explicit and use startswith
19:19 numkem babilen: I don't see these methods in jinja's documentation, stuff added by salt?
19:19 theologian joined #salt
19:20 babilen numkem: Python string methods
19:20 babilen (you can naturally call whatever you want on the objects you have, it's just that jinja does not allow you to actually embed Python blocks)
19:21 numkem babilen: ok, I haven't really pushed too much the use of python inside the templates, always tried to keep them 'pure jinja'
19:21 babilen http://docs.makotemplates.org/en/latest/syntax.html#python-blocks would be nice to have (and you can use the mako renderer, but almost nobody does and most code you find will be jinja (undeclared!))
19:21 mikaelhm joined #salt
19:22 numkem babilen: i see that you are not really a big fan of jinja
19:22 babilen I often run into cases in which a simple list comprehension, zip (and other itertools functionality) and, in particular, the re module come in handy.
19:22 redzaku joined #salt
19:23 otter768 joined #salt
19:23 twellspring joined #salt
19:23 babilen numkem: No, it is the absolutely wrong language for salt. It was designed to be used in situations in which *all* (well, most) logic is being handled in the backend and you only need a template to render that data. In salt you often have to actually do things with the data or require some ways to add more logic in your states .. jinja is simply the wrong tool in that situation.
19:23 bhosmer__ joined #salt
19:24 P0bailey joined #salt
19:24 babilen Which brings us back to execution modules (i.e. "extending the backend") which is a bit clunky for "simple things" that are essentially a oneliner in Python.
19:24 numkem babilen: that makes sens... And it would end up us having to write modules that wouldn't be necessary
19:24 P0bailey joined #salt
19:24 babilen exactly, alas I can moan as much as I won't to, it doesn't change anything :D
19:24 babilen (doesn't stop me though ;) )
19:24 numkem no plans to move to mako?
19:25 numkem from what I've read so far it's pretty awesome
19:25 murrdoc you can move to it
19:25 murrdoc is trivially easy
19:25 babilen salt in general? That will never happen with all that "legacy" code (e.g. formulas, deployments, ...) that use it and rely on the fact that it is the default (i.e. they don't declare jinja in the shebang)
19:26 babilen You can, naturally, use mako quite easily in your own states, but you'll have the problem that you'll end up with a mixture of mako, jinja, Python and ... and that almost all documentation is written for jinja
19:27 tomh- joined #salt
19:27 babilen And you cannot simply switch the default renderer to mako in your setup either as that breaks the millions of states that rely on jinja being default ..
19:28 babilen But if you don't mind to have "odd states" you can use "#!mako" and take it from there -- http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.mako.html
19:28 numkem babilen: uplifthing things...
19:30 UtahDave sorry I'm late to the conversation.  Yeah, I recommend keeping your jinja use very light. If you start getting very complicated, I'd look at writing a custom Salt module instead.
19:30 linjan joined #salt
19:30 babilen Which is exactly what I do in most cases.
19:32 numkem it sort of makes more sens anyway when you think about
19:33 UtahDave remember to use jinja as a templating languge, not a programming language to program your infrastructure.
19:33 numkem at least in my mind it does, code should be code and not templates. But the mako avenue is interesting. I think ill stick to defaults in order to not shatter everything
19:35 twellspring joined #salt
19:36 chiui joined #salt
19:36 babilen numkem: fwiw, I started to use http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.stateconf.html for my "normal" states and implement the rest in either #!py, #!pyobject or jinja + execution modules
19:38 numkem what would it look like for #!py or #!pyobject?
19:40 twellspring joined #salt
19:40 babilen numkem: You can find information and examples for all renderers on: http://docs.saltstack.com/en/latest/ref/renderers/all/
19:40 remy joined #salt
19:40 numkem babilen: awesome thanks
19:40 numkem the py renderer seems very powerfull
19:41 babilen pyobjects is a nice DSL (I prefer it over plain Python), pydsl is more or less deprecated, stateconf is like jinja, but adds some "nice" things (e.g. state id disambiguation, ...)
19:42 numkem very cool
19:42 cheus Any sense of what this error means (masterless)? "Received bad data when setting the match from the top file"
19:43 babilen So you can really choose the tool/language that is best for the task. I would have simply preferred if mako had been the default as it would have allowed us to stick to the default for longer ;)
19:44 remy Hi everybody!
19:44 remy I have a quick question related to gitfs. I configured my master like described in the tutorial, I ran salt-run -l debug fileserver.update and it seems to be fetching my formula ([DEBUG   ] Fetching from https://github.com/TeamLovely/python-formula.git), but when I try to high state, no sls is found (No matching sls found for 'python.python' in env 'base')
19:44 remy Could anybody give me any pointer to solve that issue by any chance please?
19:45 druonysus joined #salt
19:45 druonysus joined #salt
19:47 iggy remy: you also need a normal file_roots (or another gitfs) with a top.sls file
19:48 remy I do have this, my other states are working fine. Just the formula that I am trying to use from gitfs does not work
19:48 remy it does work if I copy it in my 'roots' though
19:49 remy so I assume there is an issue with the fetching
19:49 linjan_ joined #salt
19:49 remy in /var/cache/salt/master/gitfs I have a remote_map.txt which points to the right repo
19:49 twellspring joined #salt
19:49 remy root@salt:/var/cache/salt/master/gitfs# cat remote_map.txt # gitfs_remote map as of 12 Jan 2015 19:11:07.121893 ea74ff7895d7955380f68f2104c257b7 = https://github.com/TeamLovely/python-formula.git
19:50 remy an a folder matching the hash
19:50 remy but the folder is empty
19:50 remy (just the .git folder inside)
19:51 murrdoc how long is a pillar cached ?
19:51 murrdoc on the master
19:51 hpqtrx joined #salt
19:51 druonysus joined #salt
19:51 druonysus joined #salt
19:52 iggy remy: cp.list_master from the minion to see if it matches what you expect
19:53 remy iggy: ok
19:58 remy iggy: thanks, it made me find my issue
19:58 remy something was wrong with my path in the formula
19:58 remy thanks a lot
20:01 aranhoide joined #salt
20:02 ndrei joined #salt
20:02 iggy yeah, it's a handy debug tool
20:02 iggy glad you got it sorted
20:03 aranhoide is the Salt ubuntu ppa pinned to a specific Salt version? if not, is there any way to pin it?  meaning, are old versions preserved in the repository so I have some leeway in chosing when to upgrade my infrastructure (and hopefully do all at the same time)?
20:03 ajw0100 joined #salt
20:04 iggy aranhoide: ppa's use reprepro and therefore only support one version
20:04 aranhoide last time I had problems with this I was told Salt was not in a stable state yet so I shouldn't expect to be able to do this.  But that was long ago, when the version numbers were 0.xx.xx
20:04 iggy if you want to pin to a specific version, mirror the pkgs (or build your own)
20:04 babilen aranhoide: A Debian repository only contains (always!) a single version. Salt does, however, offer different repositories for the different branches
20:04 rojem joined #salt
20:05 iggy false, aptly supports multiple versions of the same package
20:05 ProT-0-TypE joined #salt
20:05 babilen That is broken
20:05 aranhoide babilen: where can I find the URL for a branch-specific ppa?
20:06 babilen iggy: You can force many things to do things that are against their specification ...
20:06 zadock joined #salt
20:06 iggy point me to the spec that says that
20:06 aranhoide like, if I want to keep salt using 2014.7.0, and only manually upgrade to newer versions (by changing the ppa)
20:06 babilen aranhoide: In my logs, but I guess that there are other ways ;)
20:06 aranhoide babilen: I'll try and google that, thanks
20:07 * iggy points at the aptly-formula
20:08 aranhoide babilen: and I suppose that the salt-bootstrap that salt-cloud will feed into newly created instances will install the right version too, right?
20:09 babilen aranhoide: You can give the name of a branch or tag .. I'm currently searching my logs, one second. joehh should/would know, but it is AFAIK not documented
20:09 numkem I need to vent, Ubuntu's repo for trusty not having the latest version of salt-minion is a pain in the ass
20:09 babilen There is "deb http://debian.saltstack.com/debian jessie-saltstack-2014-01 main" for Debian, not sure what that would be for Ubuntu, but I'd be surprised if something equivalent doesn't exist
20:10 babilen (err, "wheezy-saltstack-2014-01" -- guess that the Ubuntu repos simply use the same naming convention)
20:10 numkem babilen: the ppa:saltstack/salt exists but it's just annoying... I need to write a state that will do it for me than upgrade the minion and restart it... Just annoying
20:10 aranhoide iggy: running my own repo/mirror is an option but I'd rather avoid the additional maintenance if possible
20:11 linjan__ joined #salt
20:11 iggy I don't think there is a way to have salt-bootstrap install a specific packaged version, it just goes for the latest
20:11 babilen numkem: The salt-formula has https://github.com/saltstack-formulas/salt-formula/tree/master/salt/pkgrepo
20:12 numkem babilen: ooooh shiny!
20:12 babilen iggy: You can pass the name of a branch (e.g. develop) or tag
20:12 iggy yeah, I was specifically talking about packaged versions
20:12 babilen iggy: http://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html
20:12 babilen iggy: Ah, yeah
20:14 bytemask joined #salt
20:14 urtokk joined #salt
20:15 Laogeodritt joined #salt
20:16 numkem I'm changing grain values during the highstate for location, is there a way to force a grains refresh during it?
20:17 yomilk joined #salt
20:17 numkem Or I shouldn't do it with the /etc/salt/grains file but by the grains.set method?
20:18 iggy if you are using grains.append/grains.present, they should take effect immediately
20:18 fxhp joined #salt
20:18 numkem iggy: I'm not, I'm using the /etc/salt/grains file
20:19 iggy I _think_ the only time that get's read is on salt-minion startup, but I won't swear to it
20:20 babilen numkem: Just a word of warning: Do not make sensitive data/states available to your minions based on the value of a grain
20:20 numkem iggy: that seems to be the case. I guess my current method isn't the right one. Will have to move to a module. At least it works for proof of concept
20:21 numkem babilen: I think we could call it sensitive, why not? The examples for server role are done with grain
20:22 alexr joined #salt
20:22 babilen numkem: Because grains are provided by the minion. You cannot rely on data provided by a minion to decide if that minion should be allowed to see some data. That would be as if the bank is asking me how much money I have in my account ;)
20:23 teskew joined #salt
20:23 numkem babilen: one milllllion dollars...
20:24 numkem babilen: fair enough, make sens but what would you suggest in my case? My hostnames and domains will dictate what the machine is and does. Where should I put that data?
20:24 babilen You should keep that in an authoratitive place (e.g. a pillar/external pillar) that is under the control of the master. Using a database might make sense, but take a look at: http://docs.saltstack.com/en/latest/ref/pillar/all/
20:24 neilf______ joined #salt
20:24 basepi joined #salt
20:24 numkem babilen: Pillar isn't seen by everyone correct?
20:24 fxdgear joined #salt
20:25 _ikke_ joined #salt
20:25 babilen numkem: You can, naturally, rely on the minion id. I simply wanted you to avoid using grains in ways that aren't really appropriate and, even worse, target sensitive data (e.g. certificates, ssh keys, ...) based on their value.
20:26 akoumjian joined #salt
20:26 markm_ joined #salt
20:26 moderation joined #salt
20:26 babilen numkem: Pillars are targeted just like states and are *not* seen by/available to minions that are not targeted. This is why they are suitable for sensitive data.
20:26 tomh- joined #salt
20:26 CaptTofu_ joined #salt
20:27 munhitsu___ joined #salt
20:27 m0nky joined #salt
20:27 modafinil joined #salt
20:27 abele joined #salt
20:27 numkem babilen: In that case I'm relieved to know I've been putting the sensitive info in the right place. Was already using pillar for keys
20:27 grepory_ joined #salt
20:27 antonw joined #salt
20:27 natewalck joined #salt
20:27 imanc joined #salt
20:27 goki________ joined #salt
20:28 doriftoshoes joined #salt
20:28 maZtah joined #salt
20:28 denys joined #salt
20:28 gamingrobot joined #salt
20:28 gyre007 joined #salt
20:28 alexbst joined #salt
20:28 scalability-junk joined #salt
20:28 babilen numkem: perfect
20:28 rypeck joined #salt
20:28 [vaelen] joined #salt
20:29 mschiff joined #salt
20:29 mschiff joined #salt
20:29 numkem but for my specific case I think I still have to write a module that will parse the hostname
20:29 numkem what changes is where the data will be stored
20:29 thunderbolt joined #salt
20:29 mnguyen Does anyone here have experience with setting up bond interfaces with some slaves using the network.managed state?
20:29 nliadm joined #salt
20:30 g3cko joined #salt
20:30 a1 joined #salt
20:30 wt joined #salt
20:30 JPaul joined #salt
20:30 Tahm joined #salt
20:30 jbub joined #salt
20:31 ocdmw joined #salt
20:31 mfournier joined #salt
20:31 xsteadfastx joined #salt
20:31 dnai23 joined #salt
20:31 packeteer joined #salt
20:31 ocdmw joined #salt
20:31 bryguy joined #salt
20:31 arapaho joined #salt
20:32 seanz joined #salt
20:32 fintler joined #salt
20:32 fintler joined #salt
20:32 georgemarshall joined #salt
20:32 wendall911 joined #salt
20:33 GvJordan joined #salt
20:34 wnkz joined #salt
20:34 gattie_ joined #salt
20:35 qybl joined #salt
20:35 gattie_ joined #salt
20:35 quantumriff joined #salt
20:36 quantumriff In pillar's, I have been manually setting the locations for servers.. this is a bit redundant for me.  Is it posslible in the pillar sls files to lookup the subnet the device is in, and then set its location in pillar?
20:36 quantumriff ie, right now i have "location: NYC"
20:37 numkem quantumriff: that looks similar to what I'm doing. I know you could match by subnet with grains data
20:37 rojem joined #salt
20:37 numkem quantumriff: or like babilen said, pillar external data is available http://docs.saltstack.com/en/latest/ref/pillar/all/
20:38 quantumriff I have thought of that, but I have lots of states already that lookup the location code.. so i thought it might be better to dynamically update the location pillar
20:38 hal58th quantumriff: Pillar can't set pillar data within the first run at least. The subsequent run could use this new pillar data
20:39 hal58th you can probably do some crazy stuff with a cmd.run and set pillar data if subnet .starts.with some subnet
20:40 twellspring joined #salt
20:41 kaiyou joined #salt
20:42 ksalman is it fine if i reinstall new version of salt on windows without uninstalling the old one first? what is recommended?
20:43 aranhoide so, what is the idiomatic way to maintain the salt versions in sync when you have a one-master, many minions setup where the master uses salt-cloud to launch minions?  (all Ubuntu)
20:44 aranhoide because if you use the official ppa you may be launching minions with a salt version newer than that of the master, and they may have problems talking to each other
20:45 aranhoide and if everyone auto-upgrades periodically you may end up in a state where the salt config files no longer work
20:45 UtahDave ksalman: yeah, that's fine.
20:46 ksalman gracias
20:46 UtahDave ksalman: I'd test to make sure it doesn't clobber your old config file, but other than that it should be fine
20:46 aranhoide how I'm doing it currently is I'm wiping the salt that salt-bootstrap installs and reinstalling from pip, all that in the salt config itself
20:46 linjan_ joined #salt
20:46 qybl joined #salt
20:46 hal58th aranhoide i'll get you that answer in one minute
20:46 aranhoide which has worked surprisingly well up to 2014.7.0, but now it's falling apart
20:47 aranhoide hal58th: thank you very very much!
20:47 perfectsine joined #salt
20:47 aranhoide (the only reason I'm reinstalling from pip is that I get to pin the version in all machines)
20:47 iggy you can set the options that are passed to the bootstrap script in the salt-cloud profile
20:48 aqua^mac joined #salt
20:48 schlueter joined #salt
20:48 aranhoide iggy: I didn't know that!  I'll try and google for that in the docs
20:48 aranhoide thanks!
20:49 hrist joined #salt
20:52 hal58th I use this PPA. https://launchpad.net/~saltstack/+archive/ubuntu/salt2014-7 This is specific to the salt2014-7 series and will have all subversions of 2014.7. Then I use pillar to tell Salt-minion which version of salt it should have installed.
20:52 hal58th But iggy's solution is probably better for you
20:53 aparsons joined #salt
20:54 WonderSlug joined #salt
20:56 meteorfox joined #salt
20:56 kaptk2 joined #salt
20:56 WonderSlug Howdy all  im having an issue with process.absent   im running 2014.7.0 and the code seems to be on the minions as well as the master    but any time i run it i get a "State 'process.absent' found in SLS 'foo' is unavailable"
20:57 WonderSlug its a very simple state just
20:57 WonderSlug foo-absent:
20:57 WonderSlug process.absent:
20:57 WonderSlug - name: foo
20:57 WonderSlug any hints?
20:59 hal58th WonderSlug what operating system(s) are you using?
20:59 WonderSlug ubuntu 14.04
20:59 linjan__ joined #salt
21:02 hal58th Not sure WonderSlug. I would try a sudo salt-call state.highstate -l debug
21:02 hal58th Then I would see what happens when it tries to execute that state
21:03 hal58th Do this on the minion of course
21:03 aranhoide hal58th: thank you very much!
21:04 chiui joined #salt
21:05 WonderSlug hal58th: yeah same thing  no additional useful info    just that State 'process.absent' found in SLS 'mmsa.shutdown' is unavailable
21:05 aranhoide hal58th: I do keep the version in a pillar too; I was just using pip to pin to a specific version.  but this didn't play well with salt-cloud.  I think I'll use both your PPA and salt-cloud config.  thanks to you and iggy again!
21:06 hal58th WonderSlug, Give me a minute. I'm also using ubuntu 14.04
21:06 WonderSlug hal58th: cool thanks
21:10 hal58th Take all the relevant information and file an issue. Because it doesn't work for me either! https://github.com/saltstack/salt/issues
21:10 WonderSlug hmm the python module is even being compiled
21:10 WonderSlug grr ok   thanks :)
21:11 WonderSlug thought i was going nuts
21:11 hal58th in the mean time, you can probably do a "cmd.run" and do some fancy linux magic to find if a process is running and kill -9 all processes. I'm sure you can find something on google.
21:11 iggy it may be that salt isn't finding pkill (which would compile the module, but not enable it as the __virtual__ function would return false)
21:12 babilen /msg judd file bin/pkill
21:12 ht joined #salt
21:12 crashmag_ joined #salt
21:13 asyncsrc joined #salt
21:13 babilen → judd> Search for bin/pkill in wheezy/i386: procps: usr/bin/pkill (probably identical for Ubuntu)
21:14 hpqtrx left #salt
21:14 j4son joined #salt
21:15 eliasp joined #salt
21:16 toddnni joined #salt
21:18 kaiyou joined #salt
21:18 mrjk joined #salt
21:19 Barbarossa joined #salt
21:19 Barbarossa Hi there
21:20 babilen WonderSlug: So, do you have procps installed?
21:21 WonderSlug was just looking at that
21:21 JordanTesting joined #salt
21:21 mikaelhm joined #salt
21:21 Barbarossa I'm new to Salt (great stuff!) and am trying to deploy config files for tinc VPN with salt and am looking for a way to deploy all files within a given directory and am lookin for a solution for the stuff within the <> : http://pastebin.com/wWFHXikL
21:21 Barbarossa any hints?
21:22 WonderSlug babilen: yeah it is
21:23 iggy Barbarossa: file.recurse ?
21:24 otter768 joined #salt
21:25 andrew_v joined #salt
21:25 heise is there a quick way to recursively delete files via salt ?
21:25 Barbarossa iggy: That looks promising, thanks!
21:27 aranhoide WonderSlug: what's your setuptools version? E.g.: ` python -c 'import setuptools; print setuptools.__version__' `
21:27 linjan__ joined #salt
21:28 WonderSlug 3.3
21:28 WonderSlug looks like its because psutil module is not installed
21:28 aranhoide WonderSlug: just ignore me then. :/  I asked because at some point I was left with a state where my installed pip would support wheels, but my setuptools wouldn't
21:29 iggy you should file a bug or PR to add docs about that being required
21:29 giantlock joined #salt
21:29 Gareth ahoy hoyu.
21:29 aranhoide and it would manifest as some modules being installed but not detected by the long-running salt-minion process
21:30 Barbarossa iggy: Awesome!
21:31 WonderSlug yeah thats what it is   thanks folks
21:31 WonderSlug ill drop a bug in'
21:31 Barbarossa Is there any way to get the names of all file in one directory on the master or minion (should be the same) into a list in a variable to be used within a jinja template?
21:32 stevednd Barbarossa: you'll need a custom module for that because you'll need to write some python for it.
21:33 stevednd there's no state based way though because states are evaluated after templating occurs
21:33 Barbarossa stevednd: Can you point me to the right part of documentation to dive into?
21:33 stevednd http://docs.saltstack.com/en/latest/ref/modules/
21:33 alexr joined #salt
21:34 toddnni joined #salt
21:35 iggy Barbarossa: what for? What are you actually trying to achieve (vs how you are trying to achieve it)?
21:36 nicksloan left #salt
21:36 babilen http://mywiki.wooledge.org/XyProblem
21:38 jalaziz joined #salt
21:40 Singularo joined #salt
21:48 xliiv joined #salt
21:49 out180 joined #salt
21:49 Barbarossa iggy: I try to deploy tinc configurations to a lot of machines. Every host as a config file /etc/tinc/<netname>/hosts and I need the names of the files in the hosts/-dir to print them as "ConnectTo = <hostname>" lines in the tinc.conf -> http://pastebin.com/vFGGmgj7
21:49 wrench_ joined #salt
21:49 bivers joined #salt
21:51 FRANK_T joined #salt
21:51 babilen Barbarossa: Why don't you deploy the same file to all boxes and alter values/settings on a per host basis?
21:51 babilen https://github.com/saltstack-formulas/tinc-formula
21:52 ocdmw joined #salt
21:53 Barbarossa hmm, interesting :)
21:53 Barbarossa As I said, I'm new to tinc :)
21:56 wrench_ I'm attempting to get my first sls to work.  All I have in my init.sls file is splunk: pkg: - installed(formatted correctly in YAML).  When I run the highstate command, minions come back with: Function: file.managed, Result: False, Comment: Parent directory not present. I'm not sure why its trying to do file.managed. Is there a way to see what file its talking about?
21:56 wrench_ I added '-v', but no dice
21:58 mosen joined #salt
21:58 Cimmerian_ joined #salt
21:58 iggy wrench_: some of the show_* stuff in the state module might help
21:59 toddnni joined #salt
21:59 iggy and on the minion itself, salt-call -l debug state.highstate will show you the rendered states
22:00 Barbarossa babilen: That looks more complicated that my approach and doesn't solve my current problem :)
22:01 sarlalian joined #salt
22:01 wrench_ iggy: it looks like the master is going off a configuration stanza that has since been removed. Is there a way to force salt to use the current config?
22:01 iggy sadly, there's not a salt function to get what you want, so you are left doing hacky things with cmd.run or writing a custom module
22:02 iggy wrench_: um... restart it?
22:02 wrench_ tried that hrmm
22:03 druonysuse joined #salt
22:03 druonysuse joined #salt
22:04 wrench_ I have no idea where the file.managed is configured that its choking on
22:05 CaptainMagnus I'm trying to combine python/yaml for a state doing something like this:   http://pastebin.com/RNaNLq4t     Is it possible and if so, how?
22:05 iggy wrench_: use salt-call -l debug on the minion
22:05 toddnni_ joined #salt
22:06 iggy CaptainMagnus: I think you simplified that a little too much...
22:09 CaptainMagnus iggy: Should start small right? :-)   But basically, what I want is to put some data in a variable (or dict or whatever) and use it in the yaml section
22:09 CaptainMagnus iggy: Using pure python
22:09 iggy {% set foo = salt['module.function'](args) %} ?
22:10 iggy I don't know that much about that, there are some people that do that might speak up
22:12 kitp joined #salt
22:14 nickdew Is it possible to create a Jinja look up table (ie: map.jinja) using Pillars? Sorry, I've looked and am stumped.
22:16 markm__ joined #salt
22:16 iggy I think it would "give away too much info"
22:17 nickdew Should I use pillar for variables specific to dev vs prod?
22:17 iggy (the same reason pillar/compound mine.get and some other functions were disabled)
22:17 nickdew The info doesn't really need to be secured.
22:17 wrench_ iggy: I ran that command on the minion and got back the same thing I see on the master.  I completely deleted the init.sls file and ran highstate again -- same error.  It seems like the master is not reading the configs and has stuff cached or something?
22:18 wrench_ also restarted the master and all the minion
22:18 toddnni joined #salt
22:18 iggy nickdew: it really depends a lot on your setup, we keep that in our grains, but that's just what works best for us
22:19 Rockj joined #salt
22:19 iggy wrench_: not a lot to go on at this point, but start looking at those functions I told you about (along with cp.list_master, etc.)
22:20 nickdew iggy: Thanks.
22:21 mrjk Yop: I was wondering, is the online documentation complete ? For example: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#module-salt.states.file, this page mention the « sed » procedure, but I can’t find it
22:21 mrjk Or it’s only an old reference ?
22:22 iggy it's replace now
22:22 iggy oh wait, modules.file.sed is now modules.file.replace
22:23 iggy don't know about state.file.*
22:24 rlarkin anyone noticed any anomalys wrt events when using lxc?  built in events from a container minion show up, but custom events do not.
22:24 mrjk iggy: ok, thanks, so I keep on the oline doc :)
22:25 rlarkin trying to decide if it's my lxc network config, or if it's a bug in helium ( identical setup works in hydrogen )
22:25 rjc joined #salt
22:27 iggy mrjk: they sometimes drift out of sync with the code, but not very often... the biggest thing you'll find is docs that don't match the version of salt you're using... the main docs site tracks devel branch.... and you almost certainly aren't running devel on your machines
22:27 mrjk hum, you’re right. So, it’s better to look on readthedoc.org
22:30 iggy most stuff is annotated as to what version it was added... so it's kind of a toss up
22:30 mrjk another question: what is the difference between states and modules ? for example, both provide an apache module/state
22:31 iggy rtd is ugly, and docs. has version issues... so I tend to bounce between them
22:31 iggy states are what you put in your sls files
22:31 mrjk the same with user management and many other, but I don’t get the difference as they do similar things: why do we call them differently ?
22:31 iggy modules are what you run on the command line (and what the states use to do the heavy lifting generally)
22:32 iggy states are generally declarative (user.present) vs modules doing things (user.create)
22:33 mrjk ok, it provides an ‘action’ way and a ’declarative’ way
22:34 iggy you'll start to see the differences a little better the more comfortable you become with salt
22:37 aqua^mac joined #salt
22:37 twellspring joined #salt
22:37 quantumriff so I'm trying to pass a variable to a cmd.run onlyif rule: -onlyif: 'test -e /var/spool/cron/{{ client }}'
22:38 quantumriff it seems to work when I have it as part of the section title, and other places in this sls
22:38 quantumriff is there something I need to do to have it resolve correctly?
22:39 aranhoide joined #salt
22:39 iggy quantumriff: the way the jinja works (with salt), it should resolve anywhere in the file
22:39 hal58th1 joined #salt
22:40 quantumriff aha.. I am missing declaring it in the top of this file, I think
22:40 quantumriff iggy: thanks
22:40 iggy quantumriff: if it's something you're including, you can use "with context"
22:43 Mso150 joined #salt
22:45 quantumriff so semi-related question.. I have this as the way to retrieve my client ID from pillar (In theory, there could be more than one)
22:45 quantumriff {{ salt['pillar.get']('client', '')|first }}
22:45 quantumriff is there a way, where I can set that to a variable in the state, that is much shorter and easier to read?
22:45 murrdoc {{ salt['pillar.get']('client', [])|first }}
22:45 quantumriff or would I have to put the whole state into a loop?
22:45 murrdoc {% set a=salt['pillar.get']('client', '')|first -%}
22:46 murrdoc :D
22:46 theologian joined #salt
22:46 wrench_ When I run highstate, the output has an 'ID' field.  Where is that defined and what does it mean?
22:46 quantumriff murrdoc: so if I set that at the top of the state, the rest of the state, I would use use {{ a } ?
22:47 quantumriff oops, except with a second close
22:48 murrdoc yes
22:48 Rawkode_ joined #salt
22:48 madduck joined #salt
22:49 quantumriff wow.. that is going to cut down on some line lenghts.. and help readability! thanks
22:52 ajolo joined #salt
22:52 ajolo UtahDave: o/
22:53 UtahDave hey, ajolo!
22:53 kermit joined #salt
22:53 ajolo How are you doing ?
22:53 UtahDave good!   vos!
22:53 ajolo Todo bien :)
22:54 aranhoide I don't see any salt-bootstrap option to specify a version-specific ppa (e.g. https://launchpad.net/~saltstack/+archive/ubuntu/salt2014-7) for bootstrapping on an Ubuntu machine.  Is there really no such option, or is this a matter of the version-specific ppa capability not being documented in general?
22:54 Gareth UtahDave: howdy :)
22:54 aparsons joined #salt
22:54 iggy aranhoide: that's what I was saying earlier... no, there's not
22:54 aranhoide iggy: ah ok, sorry I missed that
22:55 ajolo UtahDave: pvt
22:55 iggy quantumriff: I'd suggest looking through the jinja docs at some point... there's also things like macro's ("functions") you can use, etc.
22:56 UtahDave aranhoide: there's a bootstrap option to install from git that will allow you to specify a branch, tag or sha hash to install
22:57 aranhoide UtahDave: yes, I saw that; I thought the apt-get way might work better wrt dependencies in Ubuntu, but maybe not; I'll just try.  Thanks!
22:57 iggy wrench_: the id is whatever you want it to be (it's the first line of a state definition)... some people don't like the act of putting package/service/file name as the ID, but it's fairly common
22:57 jalaziz joined #salt
22:58 UtahDave aranhoide: I do that all the time. the bootstrap script will use apt for all the dependencies, but install salt from git
22:58 UtahDave aranhoide: are you using salt-cloud?
22:58 UtahDave hey, Gareth!
22:58 Gareth UtahDave: hows it going? :)
22:59 mosen heya UtahDave I saw an osx formula briefly appear, was it yours or are you just the god of saltstack-formulas, moderating the contents
22:59 UtahDave good!   It's been raining ALL FREAKING day here in utah though. Usually storms pass through quickly
22:59 aranhoide UtahDave: yes, salt-cloud.  iggy already told me I can set salt-bootstrap options there.  that should do it.  thanks (yet again) to everyone!
23:00 Gareth UtahDave: hah. wonder if you guys got the storms we had here this past weekend.
23:00 UtahDave aranhoide: yeah, in your profile there's a script option.   really handy
23:00 UtahDave Gareth: probably!
23:00 stevednd how does everyone handle spinning up a new node for a cluster(redis, elasticsearch, etc...)? specifically how to make a machines cluster peers aware of it so they can add the host information, and open up their firewalls. My whole process at this point is pretty much turnkey at this point except for that. I know I could just highstate all the things, but I'd rather not.
23:01 UtahDave mosen: I haven't done much with osx, but I may have commented on one or something
23:01 mosen UtahDave: no problem just curious
23:01 UtahDave mosen: sure, no problem.  are you using that module now?
23:01 iggy stevednd: reactor to run a firewall state when a minion starts up?
23:01 stevednd right now cloud provisions, reactor runs a runner to setup a new minion(syncs modules, sets initial grains), all known hosts update their hosts files to include the new machine, and then the minion gets its highstate run
23:01 mosen UtahDave: nah I'm writing a bunch of execution and state modules for osx and wondered if i was just rewriting someone elses work
23:02 stevednd iggy: that's not a bad idea, I hadn't considered that
23:02 arno joined #salt
23:02 UtahDave aranhoide: add this to your cloud profile to install a specific git tag      script_args: '-- git v2014.7.0rc2'
23:03 Mso150 joined #salt
23:03 aranhoide UtahDave: thanks! so I can use script_args even if I don't specify the script explicitly, right?
23:03 stevednd iggy: the only thing is is it's going to be dependent on the results of the new minion having its grains calculated to determine what service its providing
23:04 iggy stevednd: yeah, I was just thinking of that
23:04 iggy maybe a custom event that says the node is actually highstate'd and ready to roll
23:04 UtahDave aranhoide: yep. don't specify a script unless you're physically modifying the bootstrap script yourself
23:05 stevednd a minion can't tell a master to run a state.sls on a target can it?
23:06 UtahDave stevednd: it can if you give it authorization to do that.
23:06 iggy a minion can fire an event
23:06 stevednd yeah, an event might be better
23:06 stevednd that wouldn't require any special authorizations, right?
23:06 iggy not that I know of (although I've never actually tried it)
23:07 UtahDave stevednd: correct
23:07 rjc joined #salt
23:07 stevednd thanks guys, I'll give it a try
23:08 ryuhei joined #salt
23:08 ryuhei hi all..
23:08 ryuhei can anyone help me with timeout issue?
23:09 CaptainMagnus left #salt
23:09 CaptainMagnus joined #salt
23:09 ryuhei SaltClientTimeout: RunnerClient job '20150112173646498267' timed out
23:09 ryuhei I keep getting timeedout after 5mins regardless of timeout set in master configuration
23:09 elmar555 joined #salt
23:13 KyleG ryuhei: have you tried adding -t 3600 to your salt command?
23:13 KyleG timeout 1 hour
23:13 ocdmw joined #salt
23:13 KyleG ex: salt '*' test.ping -v -t 3600
23:15 ryuhei ok.. let me try that
23:16 elmar555 does anyone know how to install a specific version for a npm package, i've tried the following:
23:16 elmar555 less@1.7.0:   npm.installed:     - require:       - pkg: npm
23:18 Mso150 joined #salt
23:18 iggy elmar555: what version of salt are you running?
23:19 elmar555 2014.7.0
23:19 yomilk_ joined #salt
23:19 redzaku joined #salt
23:20 jalaziz joined #salt
23:21 elmar555 it installs less but the latest version, there isn't much documentation here: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.npm.html
23:24 iggy looking at the code, it just passes whatever you set the name as straight to npm... so is that a valid npm option?
23:25 otter768 joined #salt
23:26 ckao joined #salt
23:27 elmar555 yes, but let me double check that
23:28 pdayton joined #salt
23:29 elmar555 yes, that's the correct syntax
23:29 elmar555 https://docs.npmjs.com/cli/install
23:30 ryuhei KyleG: i m actually using api call and.. that didnt work.
23:33 shaggy_surfer joined #salt
23:34 Mso150 joined #salt
23:34 ocdmw joined #salt
23:40 smcquay joined #salt
23:41 elmar555 iggy: this is what i get in console, [INFO    ] Executing state npm.installed for less@1.7.5
23:41 elmar555 [INFO    ] Executing command 'npm install --silent --json --global "less"' in directory '/root'
23:43 aranhoide if you install salt in a master and many minions via salt-cloud (and hence salt-bootstrap) by specifying a git release, what would be the idiomatic way to upgrade the salt version in all existing machines?  just uninstalling and running the bootstrap string with the new version via ssh?
23:43 bhosmer__ joined #salt
23:43 aranhoide *bootstrap string -> bootstrap script
23:45 __number5__ aranhoide: don't need to uninstall, use bootstrap script with new version, it will do the uninstall for you
23:45 LeProvokateur joined #salt
23:45 iggy elmar555: what if you do "salt 'host' npm.install less@1.7.0"?
23:45 aranhoide __number5__: neat! thanks!
23:49 elmar555 iggy: that works, installs 1.7.0
23:53 aparsons joined #salt
23:56 aranhoide Ubuntu 14.* are not listed as supported in http://docs.saltstack.com/en/latest/topics/tutorials/salt_bootstrap.html .  Is it true that 14.* is unsupported, or do the docs need updating?
23:57 UtahDave aranhoide: I'm pretty sure 14.* is supported.  docs are probably old
23:57 aranhoide I'm asking because I've been launching a few 14.04 machines without any trouble
23:57 aranhoide nice, thanks
23:57 freisner joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary