Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-01-28

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:04 jpreyer joined #salt
00:08 tedski having some issues with reactor always stating failed to render sls
00:08 tedski with a very simple sls
00:09 tedski http://pastie.org/9866698
00:10 tedski i've tried both local.state.highstate and cmd.state.highstate
00:10 tedski but both result in "failed to render" in the salt-master debug log
00:11 manfred tedski:  have you used the event listener to make sure that the data['bar'] actually is set?
00:11 manfred https://github.com/gtmanfred/hammercloud-sls/blob/master/reactor/hammercloud.sls
00:11 manfred this is the one I use for when i release packages and it works on my salt implementation
00:12 manfred cmd.state.highstate is the correct one
00:12 TaiSHi Tomorrow peeps
00:12 tedski yup
00:13 manfred that i think is the only thing that could be wrong.
00:14 tedski in the sanitized pastebin i posted, bar would be bgcolor
00:14 tedski http://pastie.org/9866702
00:14 tedski oh
00:14 tedski no, not bgcolor, color
00:14 tedski sudo salt-call event.fire_master '{"color": "blue"}' 'setcolor'
00:14 tedski for example
00:14 manfred oh, one second
00:14 manfred lemme find my thingy with this in it
00:15 manfred i think
00:16 manfred try
00:16 manfred data['data']['colo']
00:17 manfred tedski:  ^
00:17 tedski yup
00:17 tedski trying now
00:17 manfred kk
00:17 manfred i think i got pissed at this too in the past
00:17 manfred like 90% sure that will fix your problem
00:17 tedski bingo
00:17 stevednd yeah, the data you pass in isn't the top level data
00:18 stevednd and it's very easy to miss in the docs
00:18 tedski much much appreciated
00:18 manfred unfortunately, i never really saved my salt configs for that stuff…
00:18 manfred did it work?
00:18 tedski yup
00:18 manfred awesome
00:19 murrdoc joined #salt
00:19 manfred yeah, i remember a day i fought that for 3 hours
00:19 tedski i was without connectivity
00:20 nyx_ joined #salt
00:20 Nazzy joined #salt
00:21 felix_mc joined #salt
00:21 KyleG left #salt
00:22 catpig joined #salt
00:22 viq joined #salt
00:24 peters-tx joined #salt
00:25 CeBe1 joined #salt
00:25 shanedlee left #salt
00:27 Tyrm joined #salt
00:27 dave_l joined #salt
00:28 casey|sfe can i refresh the pillar from inside a state?
00:28 casey|sfe i am trying to place a pillar file using the file module
00:29 casey|sfe i am assuming this is bad practice but i need data in the pillar that i don't want to push to github
00:29 aqua^mac joined #salt
00:29 Guest72796 hi, is there any way to use encrypted files as a source file? I want to use the mysql-formula with load: True but want the "source:" file to be encrypted in our code repository
00:31 tedski manfred: ever fire events from code?
00:32 bluenemo__ joined #salt
00:32 bluenemo__ joined #salt
00:34 TheoSLC joined #salt
00:38 yomilk joined #salt
00:38 TheoSLC joined #salt
00:50 forrest joined #salt
00:53 scoates_ joined #salt
00:56 Ryan_Lane joined #salt
00:57 tedski trying to follow the last example on http://docs.saltstack.com/en/latest/topics/event/index.html
00:57 tedski and no event is being sent to the master
00:58 tedski oh, probably because the user can't write to the socket
00:58 tedski even though fire-event() returns "true"
00:58 aurynn yeah, the third-party event stuff isn't great
01:01 pppingme joined #salt
01:04 iggy Guest72796: gpg renderer
01:08 otter768 joined #salt
01:08 druonysus joined #salt
01:08 druonysus joined #salt
01:09 pdayton joined #salt
01:09 randomuser joined #salt
01:10 Guest72796 iggy: does that mean run the (2MB) file through GPG and copy/paste the cipher directly into the pillar? I was kind of hoping to have an encrypted file stored separately that you could just reference like salt://[path]/[encrypted_file]. Then again I don't know what I'm talking about as gpg is new to me
01:14 dabb joined #salt
01:16 yomilk_ joined #salt
01:17 andrej Hmmm ... I have a reactor.sls that responds to "salt-call event.fire_master 'got_splunk'" which gets run on a minion as the last action of the state that installs the splunk forwarder.
01:17 andrej This used to work fine
01:17 andrej Now it runs intermittently
01:18 andrej That is I can see the call in the masters log, but the subsequent action doesn't seem to fire all the time
01:18 andrej I still can't see a reason or rhyme behind this
01:19 jerematic joined #salt
01:19 andrej for some minions it works on the first execution of the state, for some on the 2nd, for some not at all
01:20 aqua^mac joined #salt
01:20 arif-ali joined #salt
01:21 dude051 joined #salt
01:21 huleboer joined #salt
01:22 dude051 joined #salt
01:23 bhosmer joined #salt
01:26 Furao joined #salt
01:27 arif-ali joined #salt
01:29 wrench_cloft left #salt
01:29 nitti joined #salt
01:30 andrej Is there a way to only capture data pertaining to a certain minion in the masters log?
01:31 andrej with 61 currently active minions upping the log level to debug makes hunting for useful info difficult
01:31 aparsons joined #salt
01:32 Tritlo joined #salt
01:35 aquinas joined #salt
01:38 arif-ali joined #salt
01:41 theo__ joined #salt
01:46 yomilk joined #salt
01:47 shaggy_surfer joined #salt
01:49 whatevsz joined #salt
01:50 brendanashworth joined #salt
01:50 arif-ali joined #salt
01:51 ipmb joined #salt
01:52 brendanashworth left #salt
01:54 markmarine joined #salt
01:54 otter768 joined #salt
01:55 Ozack-work joined #salt
01:57 serenecloud is there any reason it takes 3 mins 38 seconds to run apt-get update & upgrade (no changes) on two VMs with salt?
01:57 serenecloud I'd expect less than 30 seconds for each
01:58 dork is it quick on terminal?
01:58 dork like, a local terminal on one of the problematic minions
01:59 andrej serenecloud : what magic incantation are you using?
02:00 serenecloud andrej: time salt '*' pkg.upgrade refresh=True
02:00 serenecloud the only thing I can think of is variations in the time it takes to download the packages
02:00 serenecloud I'll try switching to a closer repo
02:01 serenecloud dork: it does look like downloads are taking a while on the minion directly
02:01 serenecloud is there anything I can do to the command that will give me live feedback?
02:01 ze- joined #salt
02:01 dork what's it stuck on
02:01 dork is it an ubuntu minion?
02:01 dork slow repos?
02:01 serenecloud ^ that
02:02 serenecloud slow download time
02:02 serenecloud precise-security to be...precise
02:02 dork hrm
02:02 serenecloud 4,520 B/s
02:02 serenecloud Fetched 25.4 MB in 3min 54s (108 kB/s)
02:03 serenecloud looks like that's the problem
02:03 andrej serenecloud: not salts fault, then ... not that this helps your issue at hand
02:03 dork oh well the upgrade installs the stuff :P
02:03 serenecloud no, but it makes me feel better
02:03 dork so it was just waiting to finish probably
02:03 serenecloud is there any way to get feedback at each stage?
02:03 andrej security can be slow
02:03 dork especially with glibc
02:03 andrej especially NOW, with ghost
02:03 andrej yah
02:04 * serenecloud did a patch and restart this morning
02:04 andrej ditto ... about 6 hours ago
02:05 andrej btw, serenecloud , refresh=True is the default, no need to specify
02:05 whatevsz joined #salt
02:05 nyx_ joined #salt
02:05 serenecloud just playing with salt to keep a bunch of VMs on my workstation patched, comparing it with ansible
02:06 serenecloud andrej: oh, that's good to know
02:06 andrej serenecloud : interesting; how is the comparison going, did you have prior experience with either?
02:07 serenecloud andrej: I've been using ansible for a year to keep my VPS boxes patched
02:08 serenecloud haven't delved in enough to decide which I like more right now
02:08 markmarine joined #salt
02:09 serenecloud I wrote https://github.com/serenecloud/ansible-bootstrap and https://github.com/serenecloud/ansible-playbooks for my ansible stuff
02:09 andrej I see
02:09 andrej have you read http://ryandlane.com/blog/2014/08/04/moving-away-from-puppet-saltstack-or-ansible/ ? :)
02:10 serenecloud andrej: it's on my Instapaper list, yeah
02:10 Guest78180 joined #salt
02:10 bhosmer joined #salt
02:12 andrej heh
02:14 ckao joined #salt
02:16 serenecloud I've been meaning to look at salt for a while, just needed a good excuse to do it :)
02:16 Tyrm joined #salt
02:23 saltnewb is there something like roster.id (giving the id of the host as defined in /etc/salt/roster) to use in a jinja template? roster.id gives me "variable is not defined"
02:24 whatevsz joined #salt
02:25 saltnewb i know i can define the hosts in pillar for example, but im trying to bootstrap (setup some basic stuff like hostname of new instance and install salt-minion afterwards) minions with salt-ssh, and so if possible I only want to add the new instance to /etc/salt/roster and not have to define hostname again in a pillar, or is that wrong approach anyway?
02:27 ipmb joined #salt
02:28 hasues joined #salt
02:28 hasues left #salt
02:30 saltnewb oh i see now, this will do it: grains['id']
02:31 mlanner joined #salt
02:39 Tyrm joined #salt
02:40 markmarine joined #salt
02:41 JDiPierro joined #salt
02:47 ilbot3 joined #salt
02:47 Topic for #salt is now Welcome to #salt | SaltConf 2015 is Mar 3-5! http://saltconf.com | 2014.7.1 is the latest | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
02:55 markmarine joined #salt
02:59 markmarine joined #salt
03:02 mosen joined #salt
03:03 markmarine joined #salt
03:03 GabLeRoux joined #salt
03:04 ipmb joined #salt
03:07 timoguin joined #salt
03:23 shaggy_surfer joined #salt
03:31 favadi joined #salt
03:31 clintberry joined #salt
03:31 druonysus joined #salt
03:31 druonysus joined #salt
03:35 jalaziz joined #salt
03:42 jasonrm joined #salt
03:42 Furao joined #salt
03:46 druonysus joined #salt
03:47 ipmb joined #salt
03:54 tkharju joined #salt
04:00 iggy Guest72796: I don't actually know... I just always hear gpg renderer mentioned in said situations (I am a bot)
04:01 druonysus joined #salt
04:06 smcquay joined #salt
04:06 vbabiy joined #salt
04:14 Guest35934 joined #salt
04:14 CryptoMer joined #salt
04:15 CryptoMer Hey everyone, what is considered the safest way to reboot a machine (set of machines) using salt?
04:15 CryptoMer cmd.run with 'reboot', or is there a more elegant way?
04:16 yomilk_ joined #salt
04:19 cedwards CryptoMer: there is a system module for that
04:19 cedwards CryptoMer: check out 'salt \* sys.doc system'
04:22 CryptoMer awesome.
04:23 jer joined #salt
04:25 krelo joined #salt
04:25 kermit joined #salt
04:28 heise joined #salt
04:29 echtish joined #salt
04:31 jerematic joined #salt
04:32 twellspring joined #salt
04:42 twellspring joined #salt
04:44 Nazca__ joined #salt
04:48 Vinny4 joined #salt
04:49 twellspr_ joined #salt
04:56 jhauser joined #salt
05:05 pmcg joined #salt
05:05 tligda joined #salt
05:14 brian joined #salt
05:29 TheoSLC joined #salt
05:34 felskrone joined #salt
05:36 favadi joined #salt
05:36 dimeshake joined #salt
05:38 joehh2 manfred: getting to it now...
05:46 markizano joined #salt
05:49 TheoSLC joined #salt
05:51 ramteid joined #salt
06:02 neogenix joined #salt
06:06 neogenix joined #salt
06:09 otter768 joined #salt
06:18 yomilk joined #salt
06:25 mikeywaites joined #salt
06:25 scuwolf joined #salt
06:33 calvinh joined #salt
06:37 calvinh joined #salt
06:38 linjan joined #salt
06:39 h8 joined #salt
06:39 calvinh_ joined #salt
06:41 keeth joined #salt
06:48 big_area joined #salt
06:49 TyrfingMjolnir joined #salt
06:52 dave_den joined #salt
06:58 colttt joined #salt
07:00 Emantor joined #salt
07:01 aquinas joined #salt
07:10 scarcry joined #salt
07:10 AndreasLutro joined #salt
07:10 big_area left #salt
07:10 big_area joined #salt
07:20 laax joined #salt
07:21 keeth joined #salt
07:22 scarcry joined #salt
07:24 toanju joined #salt
07:24 mikeywaites joined #salt
07:26 bhosmer_ joined #salt
07:27 stoogenmeyer_ joined #salt
07:31 cberndt joined #salt
07:31 Param joined #salt
07:31 Param hi
07:36 flyboy joined #salt
07:37 nkuttler joined #salt
07:38 zemm joined #salt
07:43 Auroch joined #salt
07:45 Guest37414 joined #salt
07:48 slafs joined #salt
07:53 quist joined #salt
07:58 linjan joined #salt
08:05 lb1a joined #salt
08:05 Roee joined #salt
08:06 Roee Hi
08:06 Roee Can some please point me to an explain of how to use salt as a deployment tool ?
08:06 Roee I'm using salt with pillars
08:07 Roee but i'm not sure what is the right way to perform upgrades to software which located in a specific minion
08:07 Roee feel something is missing in my understanding
08:09 nkuttler Roee: i think it's not uncommon for people to use other tools on top of salt to deploy apps
08:09 Roee hi. didn't get you
08:09 otter768 joined #salt
08:10 nkuttler e.g. use fabric to deploy/configure apps, and keep salt at the os level
08:10 Roee did you understand my question ?
08:10 jeblair joined #salt
08:11 nkuttler Roee: what kind of software do you want to upgrade?
08:11 nkuttler how was it installed?
08:12 Roee till now it was installed manully
08:12 nkuttler built from source?
08:12 Roee I have a java based application
08:12 Furao Roee: maybe you need examples, look in github.com/bclermont/states
08:12 Roee and got a new version and now i want to upgrade it in a specific minion
08:12 Roee or in few minions
08:13 calvinh joined #salt
08:13 Roee i already built the state - which should perform the upgrade step by step
08:14 Roee now. i need to understand, what is the right way to run the upgrade
08:15 Roee and how can i manage this, that salt will take the right version that i would like to upgrade
08:16 nkuttler Roee: well you can run your state with http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.sls
08:17 Roee let's say that i have a dir in my salt master which holds my installation files... and now i want to tell salt "ok - in minion "x" take upgarde "y" and perform the upgarde
08:18 Furao Roee: like https://github.com/bclermont/states/blob/master/states/graylog2/server/init.sls#L54 ?
08:18 Furao this will only download the .zip (or else) if a new version is specified  in .sls and then perform few other operations to upgrade
08:20 calvinh_ joined #salt
08:20 intellix joined #salt
08:21 Roee should i must have this init.sls file ?
08:22 Furao this init.sls won’t work it’s too old, but that is a way to handle it
08:22 Furao it depends on what you install and upgrade, how it was installed, and how it upgrade
08:23 Furao what if you upgrade something from 1.0.0 to 1.2.0 and that come with many config and requirements change. the .sls need to handle that
08:23 slafs left #salt
08:24 calvinh joined #salt
08:27 jasonrm joined #salt
08:33 esogas_ joined #salt
08:35 nkuttler joined #salt
08:39 calvinh_ joined #salt
08:39 ughloru joined #salt
08:43 zadock joined #salt
08:44 bluenemo joined #salt
08:50 Roee Furo: thanks, actually i'm getting a .tar file which needs to be copied to a specific minion and run a .sh script to install it
08:50 Roee the question is, what is the best way to manage the installations in my minions in one place
08:50 KermitTheFragger joined #salt
08:51 Roee and what is the scenario in case that i wants to pull a new version to a minion
08:51 ughloru Hello! Is it possible to expand a pillar value within a pillar file? I want to pass a value defined within my pillar to a scheduled task.
08:51 Furao joined #salt
08:52 nkuttler ughloru: could you use a jinja variable?
08:53 ughloru Oh, so something like {% set foo = 'bar' %} ?
08:53 ughloru I didn't think of that.
08:53 CeBe joined #salt
08:55 nkuttler it might be possible to use pillar data as well, but i'm not sure about ordering in the same file etc. just seems like the simplest approach
08:56 ughloru I'll test it and come back to you.
08:57 ptinkler joined #salt
08:58 ughloru If I understand pillars correctly (and I probably don't), all of a minion's pillar data is unstructured, so I would be surprised if having it in a different file made any difference. I haven't tested that though.
08:58 nkuttler well, i wasn't sure of there's a guarantee the pillar you want to access is already set
09:01 karimb joined #salt
09:03 krelo joined #salt
09:04 malinoff joined #salt
09:11 ughloru nkuttler: yep, setting a Jinja variable works perfectly well. Thanks.
09:11 nkuttler you're welcome
09:17 I3olle joined #salt
09:23 kawa2014 joined #salt
09:26 kawa2014 joined #salt
09:29 monkey66 joined #salt
09:32 jtang joined #salt
09:33 monkey661 joined #salt
09:34 CeBe joined #salt
09:44 mariusv joined #salt
09:44 mariusv joined #salt
09:48 ekle joined #salt
09:50 ekle hi, what is the salt way of having different versions for sls files ?
09:52 jtang you would probably need to setup environments for that?
09:53 ajw0100 joined #salt
09:59 jhauser joined #salt
09:59 N-Mi joined #salt
10:00 ekle is there a tool or workflow for getting sls through the environments dev->staging->production, or do i have to keep track on thisn myself ?
10:01 eightyeight joined #salt
10:02 phx ekle, gitfs helps a lot
10:03 jhauser_ joined #salt
10:05 ekle do you uise gitfs in production for your salt installation ?
10:06 ze- hey. is there a way to list matching minions, without sending anything to them?
10:07 phx ekle, ekl, at the moment i'm doing a demo of this stuff
10:07 zadock joined #salt
10:10 otter768 joined #salt
10:11 elfixit joined #salt
10:13 colonD joined #salt
10:15 chiui joined #salt
10:15 PI-Lloyd joined #salt
10:15 akafred joined #salt
10:19 xmj joined #salt
10:20 gothos joined #salt
10:21 gothos Hello! Is it possible to append to a file and uncomment a line in the same file with salt? And if so how? I'm getting the message that there are two definitions for $file
10:38 ekle is there a way to know if a sls is executed by a minion or by salt-call ?
10:38 ekle looks like schedule.present does not exist if called by salt-call
10:39 linjan joined #salt
10:45 che-arne joined #salt
10:46 zadock joined #salt
10:48 yomilk joined #salt
10:57 scott_w joined #salt
11:00 scott_w hi guys, just wanted to check something was ok: we're making a bot that talks from slack to salt and we'd like to use the salt logo as its profile picture
11:00 scott_w it's a private channel, i just wanted to make sure that was ok
11:02 giantlock joined #salt
11:07 AlexStraunoff joined #salt
11:27 bhosmer joined #salt
11:29 bhosmer joined #salt
11:30 viq joined #salt
11:33 bernieke joined #salt
11:39 dkrae joined #salt
11:43 _mel_ joined #salt
11:45 _mel_ If i have to managed file like /etc/php/fpm/php.ini and /etc/php/cli/php.ini would i use two sections with the same source entry? or this any better way?
11:45 fredvd joined #salt
11:46 viq _mel_: are they to have same contents?
11:46 _mel_ yes, inmy case they should have the same
11:46 viq _mel_: also you probably could have one entry with - names: list
11:47 _mel_ ah, ok
11:47 dvestal joined #salt
11:48 _mel_ like this: http://pastebin.com/5x8qWS4C
11:50 aqua^mac joined #salt
11:51 viq I think so
11:54 calvinh joined #salt
11:55 alexbst joined #salt
11:56 joehh2 scott_w: is that a trademark question?
11:56 scott_w joehh2: yeah, basically
11:57 joehh2 the people who will have a strong opinion on that will be up in about 4-5 hours
11:57 PI-Lloyd joined #salt
11:57 scott_w that's fine, there's no rush
11:58 scott_w it's not a problem for me if the answer is "no", i just wanted to make our internal channel look nicer =)
11:58 joehh2 my completely unofficial guess is that there would be no problem, but the saltstack guys will know officially
12:00 scott_w yeah, i'd not imagine any major issues since we're not publishing (only people who can see are staff or people we invite) but it's always best to nice and ask politely
12:01 calvinh_ joined #salt
12:11 otter768 joined #salt
12:13 intellix joined #salt
12:14 I3olle joined #salt
12:20 timbyr_ joined #salt
12:23 xsteadfastx joined #salt
12:25 N-Mi joined #salt
12:26 malinoff joined #salt
12:36 tkharju joined #salt
12:44 eseyman joined #salt
12:49 Lendar joined #salt
12:50 sergey-b joined #salt
12:50 nyx_ joined #salt
12:52 xsteadfastx joined #salt
12:53 sergey-b Hi, all, I have a problem with portage_config into pkg.latest - when I write pkg.latest:  protage_config.flags: -use: someuseflags  all works fine, but I can't add accept_keywords
13:00 hobakill joined #salt
13:01 favadi1 joined #salt
13:02 Furao salt master process RSS is 306 Mb
13:02 Furao something is leaking
13:03 matti Furao: Put a bucket under it ;)
13:05 zadock joined #salt
13:09 xsteadfastx joined #salt
13:24 szwed joined #salt
13:25 GabLeRoux joined #salt
13:29 Guest37414 joined #salt
13:34 dunz0r scott_w: That sounds really interesting. You mean like sending salt-commands to the bot or getting info from the bot?
13:34 dunz0r We're currently evaluating Slack here
13:39 aqua^mac joined #salt
13:41 I3olle hi there. Do I get that right, that i cannot use runners inside my .sls file in a way such as {%- set hostname = salt['runners.pillar.show_pillar']('master:id', {}) %}  ?
13:41 wnkz joined #salt
13:42 scott_w dunz0r: both
13:43 scott_w basically, we're going to put together a really simple command syntax to do what we want with salt from slack
13:43 jerematic joined #salt
13:44 mr_chris joined #salt
13:44 scott_w so, in our case, `@salt deploy staging app` would run `salt -C 'G@role:app and G@type:staging' state.highstate`
13:45 scott_w there'll need to be simple permissions too, so only the operations team can deploy to production
13:45 dunz0r I might have to steal that idea, as soon as we figure out if we're sticking with IRC/email or moving towards Slack or something.
13:46 keeth joined #salt
13:47 bhosmer joined #salt
13:54 scott_w dunz0r: if we can, i'll make the repo public
13:55 scott_w it's a django app that we'll deploy to a server that just listens to slack then SSH into the salt master and runs commands for us
13:55 scott_w pretty straightforward tbh
13:59 FRANK_T joined #salt
14:00 jeremyr joined #salt
14:06 JDiPierro joined #salt
14:08 calvinh joined #salt
14:09 viq scott_w: look up salt-api and pepper, you don't need to ssh ;)
14:11 FRANK_T any idea in how to mount a folder in salt?
14:11 jtang joined #salt
14:11 bhosmer joined #salt
14:12 dunz0r FRANK_T: Since it isn't an interactive command, just running it as a cmd.run should do the trick I think
14:12 otter768 joined #salt
14:12 dunz0r salt somehost.tld cmd.run 'mount somedevice /someplace'
14:13 FRANK_T yes I want to put it inside my .sls
14:13 dunz0r FRANK_T: There's a states.mount module
14:13 dunz0r http://docs.saltstack.com/en/latest/ref/states/all/salt.states.mount.html
14:14 wnkz joined #salt
14:14 dunz0r I haven't used it myself though
14:14 mohae joined #salt
14:14 FRANK_T ok let me try Thanks!
14:16 gothos left #salt
14:18 timoguin joined #salt
14:18 I3olle in the hope that someone might be around by now who knows the answer to my question i will repeat it. sorry if that is frowned upon
14:18 I3olle Do I get that right, that i cannot use runners inside my .sls file in a way such as {%- set hostname = salt['runners.pillar.show_pillar']('master:id', {}) %}  ?
14:21 Ouzo_12 joined #salt
14:22 babilen I3olle: I'd use the salt mine for maintaining that kind of information
14:22 nitti joined #salt
14:22 keeth joined #salt
14:22 I3olle babilen: but then every minion would be able to access this information. i would like to avoid this
14:26 wnkz_ joined #salt
14:27 mpanetta joined #salt
14:28 Hazelesque joined #salt
14:31 flyboy82 I3olle: it's not the minions themselves that can access the mine data, but rather the states in which you use mine.get(). Therefore, it's only the minions these states are going to be ran against that will be granted access to the data...
14:31 FRANK_T I am trying to copy 2 script on my minion https://www.refheap.com/4beebb6506772db66ce96af68
14:31 FRANK_T when I push I can see just 1 script.
14:31 murrdoc joined #salt
14:33 lothiraldan joined #salt
14:36 viq FRANK_T: muyltiple sources in one state are "use the first one you find"
14:36 cpowell joined #salt
14:36 wnkz joined #salt
14:36 FRANK_T ohhh ... that was a stupid question.
14:36 viq FRANK_T: if you want to push two files, you need two states
14:38 clintberry joined #salt
14:39 pppingme joined #salt
14:39 rypeck joined #salt
14:40 calvinh joined #salt
14:41 signull joined #salt
14:41 signull joined #salt
14:42 scott_w viq: thanks for that, i've forwarded the info to the guy working on it
14:43 viq scott_w: cool
14:43 dude051 joined #salt
14:46 micah_chatt joined #salt
14:48 andrew_v joined #salt
14:49 rm_jorge joined #salt
14:49 bhosmer_ joined #salt
14:50 bhosmer joined #salt
14:52 jespada joined #salt
14:54 eagles0513875_ joined #salt
14:56 felskrone joined #salt
14:56 nitti_ joined #salt
14:57 calvinh joined #salt
14:57 nitti_ joined #salt
14:57 kaptk2 joined #salt
14:57 calvinh joined #salt
15:00 CeBe joined #salt
15:01 ajw0100 joined #salt
15:01 monkey661 left #salt
15:03 housl joined #salt
15:04 msheiny joined #salt
15:06 tkharju joined #salt
15:06 xsteadfastx joined #salt
15:09 tkharju joined #salt
15:12 FRANK_T how do I ensure that a folder exist in salt?
15:13 calvinh joined #salt
15:13 scott_w file.directory
15:14 FRANK_T scott_w https://www.refheap.com/c17c689f45dd865646bc77aad
15:14 dvestal joined #salt
15:14 FRANK_T I want to ensure that /home exist
15:15 babilen FRANK_T: You use file.directory to create the directory and then make that a requisite
15:17 scott_w what babilen said
15:17 scott_w on your bottom state: - require: - mount: /lstr/home
15:18 FRANK_T I do not create /home I do a symlink
15:18 FRANK_T ohh
15:18 scott_w change the space between "require: -" with a newline
15:19 FRANK_T something like this https://www.refheap.com/4a366fb99d73088e307eae213
15:19 FRANK_T ?
15:20 johtso joined #salt
15:21 tkharju joined #salt
15:21 nitti joined #salt
15:22 nitti joined #salt
15:22 CeBe1 joined #salt
15:22 StDiluted joined #salt
15:22 pkruithof joined #salt
15:22 gngsk joined #salt
15:22 scott_w FRANK_T: perfect
15:23 pkruithof when I merge 2 dictionaries, using `dict2.update(dict2)`, string literals become `u'foo'` when I use the dict in a state file. Is there a way to prevent this?
15:25 josephleon joined #salt
15:26 lothiraldan joined #salt
15:26 StDiluted joined #salt
15:26 pkruithof so when I do this in a state file:
15:27 pkruithof {% do dict1.update(dict2) %}
15:27 pkruithof foo: {'file':'managed':{'defaults':dict1}}
15:27 pkruithof I get an "Unknown yaml render error", because of the following rendered yaml: `- defaults: { 'foo': u'bar' }`
15:28 aqua^mac joined #salt
15:31 FRANK_T scott_w nice!!
15:33 Auroch joined #salt
15:34 Brew joined #salt
15:39 teogop joined #salt
15:42 signull joined #salt
15:42 iggy pkruithof: you really shouldn't be doing dict updates in yaml... you should do that somewhere else and then pass the final dict to yaml
15:45 pkruithof I have a macro which defines some default values in a dictionary, accepts another dictionary as an argument, merges them, and uses the result to pass to a module
15:45 pkruithof it's an options dictionary, with too many items to define as separate arguments, is there a better way to do this?
15:46 iggy python renderer? That's not really a whole lot of info to make suggestions
15:50 pkruithof maybe this example explains it better: https://gist.github.com/pkruithof/3df83deb330656c237ab
15:51 pkruithof btw I know about `context` in `file.managed`, this is a simplified example.
15:51 FRANK_T Do you guys know if salt support fstype lustre
15:53 johnkeates joined #salt
15:55 FRANK_T scott_w
15:55 FRANK_T look at this one
15:55 FRANK_T https://www.refheap.com/d24457962d299ed159780ec51
15:56 rvankleeck joined #salt
15:56 scott_w the issue is coming from mount itself
15:56 jer_ joined #salt
15:56 scott_w you probably have to set the fstype that matches what mount wants to see
15:57 xsteadfastx joined #salt
15:57 rvankleeck question regarding external_auth and client_acl for restricting salt command access: I have a definition in external_auth for 'xray%': but the master log says 'ACL user xray% is not available'
15:57 cDR joined #salt
15:57 rvankleeck is that not the proper format for groups in acls?
15:57 intellix joined #salt
15:57 iggy FRANK_T: no
15:58 FRANK_T scott_w it is a lustre file system
15:58 FRANK_T iggy :(
15:59 scott_w i've never heard of lustre
15:59 bluenemo joined #salt
15:59 bluenemo joined #salt
15:59 favadi joined #salt
15:59 iggy pkruithof: yeah, I don't know what to tell you... I don't think you'll be able to do that like that
16:00 pkruithof :(
16:00 PitBull joined #salt
16:00 PitBull hi
16:00 iggy scott_w: it's an old crufty network distributed filesystem (prior to ceph, gluster, etc.)
16:00 scott_w they're all before my time :P
16:01 scott_w i consider ext2 to be ancient
16:01 scott_w :)
16:02 FRANK_T scott_w it is use for High Performance computing
16:03 lothiraldan joined #salt
16:04 xmj ZFS <3
16:04 jtang heh lustre
16:05 FRANK_T jtang?
16:05 jtang intel owns that dont they
16:05 jtang lustre isn't *too* bad these days
16:05 jtang its still pretty much king in terms of performanmce at the large scale unless you want to pay for gpfs or another commericial syste
16:05 jtang system
16:06 jtang FRANK_T, how do you mean by support?
16:06 jtang for deploying?
16:06 Ahlee Why do I always think jinja is rendered on the master and shipped to the minion whole?
16:07 johnkeates Because that is what *they* want you to tink.
16:07 johnkeates But we know the truth!
16:07 malinoff ta da da da
16:07 johnkeates hehe
16:07 jer__ joined #salt
16:07 zadock joined #salt
16:08 supersheep joined #salt
16:09 FRANK_T jtang Lustre is open source
16:09 FRANK_T but Inter has a version of lustre and HP
16:10 FRANK_T fstype: lustre
16:10 FRANK_T Comment: mount: unknown filesystem type 'lustre'
16:10 Morbus joined #salt
16:11 jtang well intel owns whamcloud or whoever they are these days
16:11 FRANK_T yup..
16:11 jtang or was it clusterstor, lustre seems to keep changing owners, i've kinda given up on it
16:11 jtang :P
16:11 FRANK_T heheh
16:11 FRANK_T thats true
16:12 FRANK_T I am trying to mount my lustre files system
16:12 FRANK_T via salt and I am getting this
16:12 FRANK_T Comment: mount: unknown filesystem type 'lustre'
16:13 otter768 joined #salt
16:14 smcquay joined #salt
16:15 * jtang shrugs
16:15 jtang you could possibly do a cmd.run to mount that set of osd's
16:15 jtang and then have a creates=/mount/magic file to stop it from running again
16:15 jtang but that isnt a very persistent change
16:16 murrdoc or
16:16 murrdoc copy the mount module _modules dir in /srv/salt and edit it to support lustre
16:16 murrdoc and send it as a pull request to saltstack
16:17 jtang looking at https://github.com/saltstack/salt/blob/develop/salt/modules/mount.py#L677
16:18 jtang there doesnt seem to be any indicator as to why it wouldnt just work
16:18 jtang i guess you'd probably want to make sure the kernel module and userland tools are in place first and you can actually run the command manually by hand
16:19 jtang lustre  might not be auto load the kernel modules
16:19 murrdoc yeah jtang is correct-er
16:20 jtang ah, I miss the amount of messing with lustre that I used to have at my last job
16:20 * jtang is much happier with ceph these days
16:20 jtang not that its a HPC filesystem, but its good enough
16:20 clintberry joined #salt
16:21 jalbretsen joined #salt
16:22 vbabiy joined #salt
16:25 schlueter joined #salt
16:27 durana joined #salt
16:29 xsteadfastx joined #salt
16:32 xsteadfastx joined #salt
16:33 jtang FRANK_T, I don't suppose you came across saltstack at the last few SC conferences?
16:35 TheRealBill joined #salt
16:40 aparsons joined #salt
16:41 hasues joined #salt
16:42 hasues left #salt
16:43 SheetiS joined #salt
16:43 gattie joined #salt
16:43 keeth joined #salt
16:43 nickdew joined #salt
16:46 bhosmer_ joined #salt
16:47 bfoxwell_ joined #salt
16:47 rayha joined #salt
16:47 schristensen joined #salt
16:52 tligda joined #salt
16:53 malinoff joined #salt
16:53 jab416171 joined #salt
16:57 tligda1 joined #salt
16:58 neogenix joined #salt
16:58 kermit joined #salt
16:58 kermit joined #salt
17:00 lothiraldan joined #salt
17:03 Vinny4 joined #salt
17:05 stoogenmeyer_ joined #salt
17:05 I3olle joined #salt
17:06 KyleG joined #salt
17:06 KyleG joined #salt
17:06 neogenix_ joined #salt
17:10 keeth joined #salt
17:11 nickdew joined #salt
17:14 kermit joined #salt
17:15 Vinny4 Hey, anyone have experience with roster plugins? I'm trying to generate a dynamic roster for salt-ssh. Do I just add a new roster type as salt/roster/<type>.py?
17:16 solvik joined #salt
17:16 solvik hi
17:16 jrluis1 joined #salt
17:17 aqua^mac joined #salt
17:17 overyander joined #salt
17:17 solvik When I run my tests, I can't see the content of the "newfile", is there an option for that ?
17:17 kermit joined #salt
17:19 rayha left #salt
17:20 babilen solvik: Which tests?
17:20 schlueter joined #salt
17:21 solvik salt '*' state.single test=True
17:22 gladiatr joined #salt
17:22 gladiatr joined #salt
17:23 twellspring joined #salt
17:23 elfixit joined #salt
17:26 schlueter1 joined #salt
17:33 Ryan_Lane joined #salt
17:34 anotherZero joined #salt
17:34 spookah joined #salt
17:38 xsteadfastx joined #salt
17:38 aparsons joined #salt
17:40 JDiPierro joined #salt
17:40 hebz0rl joined #salt
17:40 xsteadfastx joined #salt
17:41 fllr joined #salt
17:42 hal58th1 solvik, you aren't even executing a state. You just ran test?
17:43 hal58th1 solvik, I would recommend doing salt-call instead of the salt command to do testing. It is much easier to test and see output
17:45 theologian joined #salt
17:47 aparsons joined #salt
17:48 FRANK_T jtang FRANK_T, I don't suppose you came across saltstack at the last few SC conferences?  <<<------- No my boss went to SC last years he came back and told me take a loot at salt... I did and now I am in the of migrating from puppet to salt :)
17:49 kermit joined #salt
17:51 jla joined #salt
17:53 felskrone joined #salt
17:54 vexati0n joined #salt
17:54 vexati0n so i have an issue - i have a Syndic server that doesn't report up the chain anymore since updating to 2014.7.0
17:55 vexati0n watching the logs, the Syndic daemon sees the command come down from the higher master, but doesn't seem to pass it on to the local master daemon
17:55 aw110f joined #salt
17:55 aparsons joined #salt
17:55 BrendanGilmore joined #salt
17:57 kermit joined #salt
18:00 desposo joined #salt
18:01 desposo joined #salt
18:01 s51itxsyc joined #salt
18:01 vexati0n does anyone know what would cause my Salt Master to take almost 5 minutes to publish a command once it's been entered?
18:02 kermit1 joined #salt
18:04 markmarine joined #salt
18:04 kermit1 joined #salt
18:05 lempa joined #salt
18:10 forrest joined #salt
18:11 josephleon joined #salt
18:14 otter768 joined #salt
18:16 piquod joined #salt
18:16 piquod left #salt
18:16 TyrfingMjolnir joined #salt
18:17 TheoSLC joined #salt
18:18 s51itxsyc joined #salt
18:18 TheoSLC Hi All.  Within Jinja, I need to turn the output from salt['user.getent'] into a iterable dict.  And salt['user.getent']|yaml  does not seem to work.  Any clue?  thanks!
18:21 Mso150 joined #salt
18:29 shaggy_surfer joined #salt
18:31 TheoSLC I feel that I'm getting closer with   salt['user.getent']('--output="raw"')
18:31 jalaziz joined #salt
18:31 stoogenmeyer_ joined #salt
18:33 TyrfingMjolnir joined #salt
18:34 vexati0n is there any way to have the Syndic stop reporting unknown jobs to the Master and filling the master's logs with "an inconsistency occurred" ?
18:35 schlueter joined #salt
18:37 lesel joined #salt
18:38 SheetiS TheoSLC: this might be hackish, but what aobut this: https://bpaste.net/show/ab1bf153fddd
18:41 TheoSLC SheetiS: thanks.  user_getent isn't returning as an iterable object.
18:42 lesel TheoSLC:  salt['user.getent']() is returning a list of user dictionaries, so you should just be able to use a for loop like so: {% for user in salt['user.getent']() %}
18:43 lesel You can then access values like this {{ user.name }}, etc.
18:43 TheoSLC lesel: ahh. thanks!
18:47 TyrfingMjolnir joined #salt
18:48 penguin_dan joined #salt
18:49 oldmantaiter joined #salt
18:51 smcquay joined #salt
18:54 echtish joined #salt
18:57 oldmantaiter joined #salt
18:57 signull_ joined #salt
18:58 schlueter joined #salt
19:01 mdasilva joined #salt
19:06 aqua^mac joined #salt
19:07 markmarine joined #salt
19:10 markmarine joined #salt
19:10 josephleon joined #salt
19:10 jhauser joined #salt
19:10 thedodd joined #salt
19:12 steveoliver left #salt
19:14 hasues joined #salt
19:14 hasues left #salt
19:17 TheoSLC joined #salt
19:18 TheoSLC joined #salt
19:23 bhosmer_ joined #salt
19:28 aquinas joined #salt
19:29 StDiluted joined #salt
19:34 TyrfingMjolnir joined #salt
19:39 stolitablrrr joined #salt
19:40 stolitablrrr joined #salt
19:41 sfs joined #salt
19:42 mikeywaites joined #salt
19:45 toanju joined #salt
19:46 bhosmer__ joined #salt
19:47 mohae joined #salt
19:51 theologian joined #salt
19:52 Ozack-work joined #salt
19:59 muss joined #salt
20:01 aboe joined #salt
20:03 Pixionus joined #salt
20:03 aboe joined #salt
20:04 aboe joined #salt
20:05 TyrfingMjolnir joined #salt
20:06 jrluis joined #salt
20:06 cpowell_ joined #salt
20:09 mikeywaites joined #salt
20:10 aboe joined #salt
20:11 snave joined #salt
20:11 toanju joined #salt
20:13 aboe joined #salt
20:15 otter768 joined #salt
20:15 smcquay_ joined #salt
20:18 schlueter joined #salt
20:19 thedodd joined #salt
20:21 aboe joined #salt
20:22 aboe joined #salt
20:29 signull joined #salt
20:34 timoguin joined #salt
20:35 mdasilva joined #salt
20:38 hal58th joined #salt
20:39 Edgan I am trying to do a basic watch on a config file for a service, and it is failing to restart. http://pastebin.com/VKB7czPG
20:40 markm__ joined #salt
20:41 stanchan joined #salt
20:41 phpdave11 Edgan: try removing line 32
20:42 Edgan phpdave11: You think double watch is confusing it?
20:42 phpdave11 it might, i have multiple "- file:" statements underneath 1 "watch"
20:42 phpdave11 not sure if that's the problem or not
20:43 Edgan phpdave11: good idea, trying it. Definitely an annoying issue if it silently fails like that
20:44 Andre-B joined #salt
20:44 scott2b joined #salt
20:44 Edgan phpdave11: That was it :)
20:44 Edgan phpdave11: Thanks
20:44 phpdave11 np
20:44 Edgan phpdave11: Going to file an issue.
20:45 phpdave11 i don't think it's an issue, it's just how YAML works
20:45 phpdave11 the 2nd one overwrites the 1st one
20:45 phpdave11 if you write it like that
20:45 Edgan phpdave11: That salt doesn't throw an error is insanity
20:46 hal58th Egdan, that's not really an issue. The states won't fail when you enter in something that's not a correct name or a duplicate. It's for future proofing and backwards compatibility
20:46 Edgan hal58th: silent failure is BAD!
20:46 BerndSch joined #salt
20:47 Edgan hal58th: I think this falls under these issues
20:47 phpdave11 however, it might be nice to spit out a warning or something... it's valid YAML, but it might not be what was intended
20:47 Edgan #5378, #802
20:48 murrdoc man we need an irc bot
20:48 Edgan murrdoc: for?
20:49 murrdoc so that when someone types in #\d+
20:49 murrdoc it links to the gh issue
20:49 Edgan ah :)
20:50 iggy silent failure is not terrible
20:51 iggy the -formulas would be so full of {% if salt['grains.get']('salt_ver') > X %} it would be flying-spagheti-monster-awful to look at
20:52 iggy half of them already make me want to purell my brain
20:54 scott2b joined #salt
20:54 markmarine joined #salt
20:55 scott2b Can anyone tell me why state postgres_database.present would be unavailable? Aren’t builtin states just available?
20:55 aqua^mac joined #salt
20:55 forrest scott2b: is postgres installed on the system you're trying to run postgres_database.present on/
20:55 phpdave11 scott2b: i think you have to have the python-postgres package
20:55 scott2b on my saltmaster?
20:56 iggy on the minion
20:56 forrest no on the minion you're trying to run the commands on
20:56 phpdave11 minion, i had to do something similar with mysql
20:56 phpdave11 python-mysqldb:
20:56 phpdave11 pkg.installed
20:56 iggy some modules require a command line tool, some require a python library
20:56 scott2b huh ok. That’s not the error I would expect, but that could be it. Will check into it. thanks
20:57 iggy I think there's a ticket open for improving that
20:57 phpdave11 i agree, the error message was unintuitive
20:57 jalaziz joined #salt
20:57 scott2b cool. All things in time. Thanks so much.
20:57 iggy in particular, the postgres salt module requires the psql command
20:57 scott2b ah ok. makes sense
20:58 iggy (not the python-postgres lib
20:58 iggy easiest way to find out is sadly to look at the __virtual__ function for the modules/states you are having problems with
21:00 scott2b good to know
21:00 jer_ joined #salt
21:02 oblio joined #salt
21:02 oblio huzza !
21:02 ajw0100 joined #salt
21:02 oblio are there any resources for finding contractors to help me with a salt build-out?
21:03 iggy no(t yet)
21:03 iggy best bet is to email the list and go from there
21:03 oblio cool
21:03 iggy they don't mind job stuff on the list (so long as it is actually salt related)
21:03 oblio i'm on a tight schedule for a build out, i'm sure we could do it, but we want to use salt and none of the team in-house has experience using it
21:04 oblio so i know it would help things go a lot faster, i guess the problem is just finding a trustworthy, experienced person over the internet :D
21:04 hal58th I'm surprised you want to use something new and untested (in your environment) for a tight schedule
21:04 iggy do they have experience with other tools (chef, puppet, etc)?
21:04 oblio yeah, we could use one of those for sure
21:04 phpdave11 tell your team to learn salt
21:05 oblio probably chef if we were to use the alternative
21:05 toanju joined #salt
21:05 phpdave11 i hate chef
21:05 oblio lol
21:05 phpdave11 it's the worst
21:06 iggy yeah, I mean I'm pretty sure we all prefer salt to other tools, but sometimes, there are better tools for the job (for various reasons)
21:06 aurynn chef has some really useful features
21:07 iggy I'm trying to think of anyone I can think of that isn't perm employed that's worth a damn
21:07 aurynn unrelated: does anyone know if there's a Ruby gem for speaking Salt Events?
21:07 iggy oblio: there's also saltstack professional services
21:07 mschiff joined #salt
21:07 hellerbarde joined #salt
21:07 aurynn otherwise I have to go write a bunch of 0mq stuff myself and I'd rather not
21:08 oblio iggy: right, so it goes with this kind of stuff
21:08 scott2b That was it! Installed psql fixed it. Thanks @phpdave11 @iggy!!
21:08 jmccree oblio, what type of project are you looking to salt?
21:08 phpdave11 you're welcome scott2b
21:08 oblio would like to use it to tie into what we're putting together for autoscaling on joyent
21:08 oblio (we're primarily using smartos/joyent)
21:09 iggy so you're wanting to use salt-cloud, etc too
21:09 oblio possibly
21:09 grrrrr joined #salt
21:10 oblio or just roll it ourselves with some pluggable rules
21:10 oblio i dont think salt-cloud does anything with joyent out of the box
21:11 oblio we'll have to write our own provider module i guess
21:11 pcdummy joined #salt
21:11 pcdummy joined #salt
21:11 DenkBrettl joined #salt
21:11 conan_the_destro joined #salt
21:11 mackstick joined #salt
21:12 Guest52234 joined #salt
21:12 sirtaj joined #salt
21:12 jmccree oblio, I'm not sure of our availability, but we do a lot of work with salt at $dayjob .
21:12 iggy libcloud supports joyent, shouldn't be too hard to get salt-cloud to do so (if it doesn't already
21:13 Mso150 joined #salt
21:13 keeth joined #salt
21:15 TyrfingMjolnir joined #salt
21:15 Guest52234 joined #salt
21:15 laax joined #salt
21:19 ecdhe joined #salt
21:20 gladiatr joined #salt
21:20 gladiatr joined #salt
21:20 jhauser joined #salt
21:21 ecdhe I have a machine that I reimage regularly by booting it from a CD that copies in some states, runs salt-bootstrap, and brings the freshly installed OS into highstate.
21:21 ecdhe I would like to transition from deploying the states on a burned CD to deploying them from a salt-master.
21:22 ecdhe But I would like the process to be unattended; I don't want to have to accept the reimaged minion's key before it can come into state.
21:22 iggy maybe something with wheel?
21:22 ecdhe Should I include a pre-accepted key on the cd so the minion can get its states from the master?
21:23 iggy it really depends what you've got to work with
21:25 hal58th ecdhe you can turn "auto_accept" to on for the master. I randomize my minion key when i do this.
21:25 hal58th echo -n "dev-box-" > /etc/salt/minion_id
21:25 hal58th openssl rand -hex 6 >> /etc/salt/minion_id
21:25 hal58th echo "master: 10.10.10.2" > /etc/salt/minion.d/master.conf
21:25 hal58th service salt-minion restart
21:25 hal58th You can also go with a pre-accepted key on the cd
21:26 iggy there's also autosign functionality (which is slightly less open than auto_accept, but not by much)
21:26 keeth joined #salt
21:30 neogenix joined #salt
21:31 markmarine joined #salt
21:32 twellspring joined #salt
21:33 dabb joined #salt
21:35 nkuttler hrm, does system.reboot return something? e.g. when the system is up again? just curious how it would work with --batch-size for example
21:35 nkuttler or how do people organize mass reboots in ha environments?
21:36 iggy nkuttler: no
21:36 iggy and you're like the 5th person in the last couple days to ask almost the same question
21:37 nkuttler haha
21:37 nkuttler ok :)
21:37 iggy see if one of the other 4 people actually filed a ticket like I told them to
21:38 ecdhe thanks iggy and hal58th!
21:38 nkuttler iggy: not that i can see anything
21:39 josephleon joined #salt
21:41 yetAnotherZero joined #salt
21:42 twellspring joined #salt
21:42 iggy nkuttler: seems like it'd be a good addition to orchestrate or something else
21:42 popus joined #salt
21:43 nkuttler iggy: maybe. i don't feel like i should open a ticket though as i don't need this yet and was just curious
21:44 iggy I would
21:44 simple10 joined #salt
21:44 nkuttler do it!
21:44 iggy like I said... you are at least the 5th person in the last couple days to ask about said functionality
21:44 iggy I don't know where all the interest came from all of a sudden
21:44 nkuttler this ghost thing probably
21:44 mpanetta Mass mind meld
21:45 iggy it was before yesterday though
21:45 nkuttler we were just talking about to reboot or not on another channel
21:45 nkuttler oh
21:45 murrdoc no need to reboot for ghost
21:45 murrdoc reboot all the apps using gethostname is safer
21:45 I3olle joined #salt
21:45 nkuttler there's rarely a need to reboot, but when people ask if they should, they probably should
21:46 nkuttler murrdoc: how is it sfer?
21:46 iggy no need, but it's sometimes easier (peeps are lazy foo!)
21:46 murrdoc (true)
21:46 nkuttler it's not like rebooting is dangerous. or if it is, something is terribly wrong
21:47 mpanetta Reboots tend to expose bad disks heh
21:47 nkuttler sounds like a feature
21:47 mpanetta Maybe
21:48 TyrfingMjolnir joined #salt
21:48 mpanetta Depends on if you like calling HP or Oracle support heh
21:48 iggy people still use disks?
21:49 mpanetta I'm talking about infrastructure that has been around for years
21:49 aurynn time to put that on other peoples' computers
21:49 aurynn I mean, the clown
21:49 aurynn er
21:49 aurynn cloud
21:50 mpanetta Tell that to Comcast :P
21:53 dabb joined #salt
21:57 smcquay joined #salt
21:57 GabLeRou_ joined #salt
21:59 jasonrm joined #salt
22:00 jasonrm joined #salt
22:01 bhosmer joined #salt
22:01 adnauseaum joined #salt
22:01 druonysus joined #salt
22:01 druonysus joined #salt
22:02 GabLeRoux joined #salt
22:03 jasonrm joined #salt
22:03 shaggy_surfer joined #salt
22:05 jla nkuttler, iggy: I don't know about system.reboot, or if I would really want it to wait for a reboot, but I'm reading about the Reactor and it's example output seems to show a minion started event. http://docs.saltstack.com/en/latest/topics/reactor/index.html
22:05 jhauser joined #salt
22:06 nkuttler jla: ah, interesting. yeah, i have yet to work with reactors
22:07 markmari_ joined #salt
22:07 iggy the problem with that is it also fires when you restart the service
22:07 iggy so just be careful what you do with that event
22:07 Mso150 joined #salt
22:08 mdasilva_ joined #salt
22:08 jasonrm joined #salt
22:08 SneakyPhil joined #salt
22:09 nkuttler certainly
22:09 jla ya I wasn't able to sort out from that sample if it was the minion starting or if it meant the system was finally up.
22:10 jimklo joined #salt
22:10 hasues joined #salt
22:11 rm_jorge_ joined #salt
22:12 mosen joined #salt
22:13 giantlock joined #salt
22:15 rm_jorge left #salt
22:15 rm_jorge_ left #salt
22:15 scott2b joined #salt
22:15 hasues left #salt
22:16 otter768 joined #salt
22:19 Deevolution left #salt
22:19 Deevolution joined #salt
22:21 nikogonzo hey guys, what's the salt equivalent for puppet reports? i'm thinking a directory where a yaml/json report of a highstate is stored
22:24 Ahlee nikogonzo: The job cache
22:24 serenecloud if I have a firewall that allows master -> minion connections (ssh etc.) but not minion -> master, can salt run or does the key exchange and commands fail?
22:24 Ahlee nikogonzo: by default, all minions return to the file system, and they results are persisted for 24 hours.  You can extend that, or return to an alternate location
22:24 Ahlee serenecloud: by default you need 4505 and 4506 open for bidirectional communication
22:24 wrench_ joined #salt
22:25 serenecloud Ahlee: there's no way my network admins will burn holes from the minion to my box, I'm on the company LAN
22:26 serenecloud I could run a masterless minion I suppose
22:26 serenecloud this is a +1 for ansible as it goes over ssh, but I'm still comparing
22:26 Ahlee salt-ssh will also go over ssh
22:26 nikogonzo Ahlee: thank you very much!!
22:27 serenecloud Ahlee: oooooohhhhhhh
22:27 Ahlee serenecloud: opening a port certainly has some implications, however if you have ssh opened already that's a pretty hollow argument
22:27 hal58th nikogonzo, the user you are using needs to have password-less sudo access, fyi. ansible doesn't need this requirement
22:27 serenecloud Ahlee: I can ssh from master to minion - the minion can't ssh back
22:28 Ahlee ah, old school jump server
22:28 brianfeister joined #salt
22:28 Ahlee Then yes, salt-ssh might be your best bet, or masterless
22:28 Ahlee or salt might not be the right choice for your requirements, sadly
22:29 serenecloud I'll look at salt-ssh, I'm still mostly playing at this point
22:29 serenecloud the original issue was patching local VMs, that's running fine
22:30 serenecloud now I want to patch the remote dev server
22:30 iggy VPN??
22:31 serenecloud VPN would be overkill for this, plus two way so it's an avenue into the LAN
22:32 nkuttler serenecloud: fwiw, if you have ssh you could just forward ports
22:34 iggy so there's not really "two-way" traffic... the minions connect to the master. Everything travels over that connection. So you don't need ports open _to_ the minion (only to the master)
22:35 iggy which still sounds like it won't work for you, but I'm just trying to clarify how things work
22:36 Ahlee ^ good point
22:36 serenecloud iggy: oh, I assumed running a command on the master made the connection go out to the minions, not the other way around
22:36 Ahlee I thought 4505 sent commands, 4506 carried responses.
22:37 * serenecloud will read up more about how the comms move around
22:37 nikogonzo wow so the jobs are stored as pickles?
22:38 Ahlee unless an alternate method is used, I believe so
22:40 Ahlee the format is specified by the --return, you can set a default returner via the ext_job_cache setting in the master config
22:41 nikogonzo Ahlee: thanks again!
22:44 aqua^mac joined #salt
22:51 elfixit1 joined #salt
23:02 claytron joined #salt
23:04 jeremyr joined #salt
23:08 GabLeRoux joined #salt
23:09 KennethWilke joined #salt
23:10 alexhayes joined #salt
23:13 faliarin joined #salt
23:13 Ozack-work joined #salt
23:17 robm joined #salt
23:20 jhauser joined #salt
23:20 robm Does anyone use saltstack to manage limits.conf (ulimits) on minions? Is there a module I missed, or should/would I manage it though the file management?
23:21 iggy robm: we just throw files in /etc/security/limits.d/NN-foo.conf
23:21 murrdoc whats all this pre-conf stuff
23:23 robm Thanks iggy. I was just hoping I didn't miss something. I liked the way sysctl worked and though maybe there was something along those lines.
23:23 robm thought*
23:24 kermit joined #salt
23:24 scott2b joined #salt
23:24 kaictl joined #salt
23:27 smcquay joined #salt
23:28 phpdave11 does salt-ssh work with mac-os "ssh minions"?
23:29 mosen phpdave11: dont know, running normal minions
23:30 phpdave11 thanks, got it to work. just had to allow NOPASSWD in sudo
23:30 mosen oh heh
23:35 tkharju joined #salt
23:36 __number5__ robm: there is a sysctl state
23:36 cberndt joined #salt
23:37 kermit joined #salt
23:40 yomilk joined #salt
23:44 jalaziz joined #salt
23:53 tkharju joined #salt
23:56 bones050_ joined #salt
23:56 yomilk joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary