Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-02-03

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:09 ALLmight_ joined #salt
00:14 iwishiwerearobot joined #salt
00:15 CeBe joined #salt
00:16 timoguin joined #salt
00:17 TheoSLC joined #salt
00:18 kevin__ joined #salt
00:26 timoguin joined #salt
00:26 kevops joined #salt
00:27 bhosmer_ joined #salt
00:32 tempspace joined #salt
00:38 mosen joined #salt
00:44 timoguin joined #salt
00:44 kermit joined #salt
00:49 bhosmer_ joined #salt
00:51 echtish joined #salt
00:52 clintber_ joined #salt
00:53 otter768 joined #salt
00:53 alexhayes As multiple file.replace does not work (see https://github.com/saltstack/salt/issues/7999) does anyone have any suggestions? I need to replace a slab in an apache config file
00:54 alexhayes Specifically I need to replace the default directory. ie.. <Directory /var/www/>
00:54 alexhayes (and the lines below it, up until the closing </Directory>)
01:01 aparsons_ joined #salt
01:03 Brew joined #salt
01:03 a_ghost_irl joined #salt
01:04 murrdoc i would use the conf.d method
01:04 murrdoc to put that config in its own file
01:04 murrdoc but maybe file.blockreplace
01:09 notnotpeter joined #salt
01:10 yomilk joined #salt
01:10 mikepea_ joined #salt
01:16 msheiny joined #salt
01:17 nitti joined #salt
01:17 wiqd_ joined #salt
01:17 gyre007 joined #salt
01:18 moderation joined #salt
01:18 aqua^mac joined #salt
01:18 simonmcc joined #salt
01:20 EWDurbin joined #salt
01:20 manytrees joined #salt
01:20 jay_d joined #salt
01:24 kwmiebach joined #salt
01:26 goki joined #salt
01:26 bhosmer_ joined #salt
01:27 bhosmer__ joined #salt
01:29 MindDrive joined #salt
01:30 vbabiy joined #salt
01:33 mdasilva joined #salt
01:35 primechuck joined #salt
01:43 OnTheRock joined #salt
01:45 kevops joined #salt
01:47 bhosmer_ joined #salt
01:50 aparsons joined #salt
01:51 supermike_ joined #salt
01:51 dynamicudpate joined #salt
02:00 favadi left #salt
02:00 iwishiwerearobot joined #salt
02:01 clintberry1 joined #salt
02:04 vbabiy joined #salt
02:11 jhauser_ joined #salt
02:12 otter768 joined #salt
02:15 keeth joined #salt
02:18 gamingrobot joined #salt
02:18 markmarine joined #salt
02:20 mosen joined #salt
02:22 ckao joined #salt
02:28 viq joined #salt
02:28 druonysuse joined #salt
02:28 druonysuse joined #salt
02:29 forrest joined #salt
02:32 alexhayes murrdoc: thx, i decided i'd change tact and use the apache formula
02:33 primechuck joined #salt
02:35 smithd joined #salt
02:36 smithd joined #salt
02:40 aparsons joined #salt
02:41 aparsons_ joined #salt
02:42 akitada joined #salt
02:45 murrdoc joined #salt
02:45 aparsons joined #salt
02:49 aw110f Hi, when I run cmd.run some minios return this:
02:49 aw110f ERROR: Specified cwd '.' either not absolute or does not exist
02:49 aw110f when I restart the minion cmd.run works again
02:50 jalbretsen joined #salt
02:52 dude051 joined #salt
02:53 aparsons joined #salt
02:57 tzero joined #salt
02:59 aparsons joined #salt
03:01 timoguin joined #salt
03:03 smkelly Is ther ea best practice for separating my hosts via pillars? Like having different resolv.conf settings for different datacenters? pepa looks like it might be hat I want, but docs seem sparse. Ideally I want to target hosts by location and by role.
03:03 neogenix joined #salt
03:04 clintberry1 joined #salt
03:06 ajw0100 joined #salt
03:13 Zachary_DuBois joined #salt
03:14 dude051 joined #salt
03:17 ashb joined #salt
03:18 vbabiy joined #salt
03:20 twellspring joined #salt
03:29 bfoxwell joined #salt
03:32 vbabiy joined #salt
03:45 abele joined #salt
03:59 favadi joined #salt
04:00 iwishiwerearobot joined #salt
04:02 markmarine joined #salt
04:09 Furao joined #salt
04:09 markmarine joined #salt
04:11 iwishiwerearobot joined #salt
04:13 markmari_ joined #salt
04:14 primechuck joined #salt
04:15 timoguin joined #salt
04:15 Furao joined #salt
04:18 rypeck joined #salt
04:22 iwishiwerearobot joined #salt
04:23 meylor joined #salt
04:23 meylor joined #salt
04:24 meylor is there a salt-minion equivalent to curl -L https://bootstrap.saltstack.com -o install_salt.sh; chmod +x install_salt.sh; sudo ./install_salt.sh -Z -X -P git v2015.2
04:34 vbabiy_ joined #salt
04:34 gladiatr joined #salt
04:34 gladiatr joined #salt
04:38 Ryan_Lane joined #salt
04:38 __number5__ meylor: you mean this https://github.com/saltstack/salt-bootstrap ?
04:46 Ryan_Lane joined #salt
04:46 intr1nsic joined #salt
04:46 meylor __number5__ yes that's what i was looking for
04:52 meylor1 joined #salt
04:54 timoguin joined #salt
04:54 stanchan joined #salt
04:55 gfa joined #salt
04:57 gfa joined #salt
04:59 pf_moore joined #salt
05:08 Ryan_Lane joined #salt
05:15 timoguin joined #salt
05:16 CaptTofu_ joined #salt
05:34 Ryan_Lane joined #salt
05:50 ramteid joined #salt
05:50 meylor joined #salt
05:51 meylor is there a concept of being able to centralize/run commands on the salt-master only?
05:51 meylor during a salt '*' state.highstate
05:52 markmarine joined #salt
05:52 bigl0af_ joined #salt
05:52 doriftoshoes joined #salt
06:00 meylor1 joined #salt
06:02 markmarine joined #salt
06:03 murrdoc joined #salt
06:03 murrdoc what replaced salt-vagrant ?
06:03 murrdoc the doc page at https://github.com/saltstack/salty-vagrant says 'deprecated;
06:08 markmarine joined #salt
06:15 timoguin joined #salt
06:17 cberndt joined #salt
06:18 markmari_ joined #salt
06:20 iwishiwerearobot joined #salt
06:23 kermit joined #salt
06:23 kermit joined #salt
06:24 TheThing joined #salt
06:24 __number5__ murrdoc: it's merged into vagrant, same code base
06:25 calvinh joined #salt
06:25 murrdoc yeah
06:25 murrdoc i saw that
06:25 __number5__ any new vagrant release should have it by default
06:25 murrdoc i was more looking for a recipe for setting up a minion/master
06:25 murrdoc translation being lazy
06:26 otter768 joined #salt
06:27 markmari_ joined #salt
06:30 ladistwo joined #salt
06:32 imanc_ joined #salt
06:33 bones050 joined #salt
06:35 ladistwo hello, can i use this top.sls for pillar?
06:35 ladistwo base:
06:35 ladistwo "*":
06:35 ladistwo - configs.{{grains['id']}}
06:35 ladistwo and tree pillar is such:
06:35 ladistwo pillar
06:35 ladistwo configs
06:35 ladistwo id_minion.sls
06:35 ladistwo or how use separate pillar data for various minions. etc. I want different users for each server
06:40 catpigger joined #salt
06:44 krelo joined #salt
06:46 CeBe joined #salt
06:51 Ryan_Lane joined #salt
06:54 markmarine joined #salt
06:58 colttt joined #salt
07:07 I3olle joined #salt
07:08 badon joined #salt
07:11 TyrfingMjolnir joined #salt
07:15 timoguin joined #salt
07:20 toanju joined #salt
07:22 aw110f joined #salt
07:23 kuyfk joined #salt
07:23 kuyfk hi
07:27 Sypher does anyone know what the difference is between event.fire_master and event.send?
07:31 slafs joined #salt
07:31 slafs left #salt
07:32 mikeywaites joined #salt
07:32 AndreasLutro joined #salt
07:33 rjc joined #salt
07:34 yuhl_work_ joined #salt
07:38 plamen joined #salt
07:40 plamen exit
07:40 CeBe joined #salt
07:41 flyboy joined #salt
07:42 plamen joined #salt
07:45 CeBe1 joined #salt
07:47 plamen joined #salt
07:49 bhosmer_ joined #salt
07:51 trikke joined #salt
07:52 bluenemo joined #salt
07:52 bluenemo joined #salt
07:54 aw110f joined #salt
07:55 iwishiwerearobot joined #salt
07:56 smithd_ joined #salt
07:59 TyrfingMjolnir joined #salt
08:01 eseyman joined #salt
08:01 aw110f_ joined #salt
08:02 SvenD joined #salt
08:07 ladistwo hello, can i use this top.sls for pillar?
08:07 ladistwo base:
08:07 ladistwo "*":
08:07 ladistwo - configs.{{grains['id']}}
08:07 ladistwo and tree pillar is such:
08:07 ladistwo pillar
08:07 ladistwo configs
08:07 ladistwo id_minion.sls
08:07 ladistwo or how use separate pillar data for various minions. etc. I want different users for each server
08:08 Furao configs/id_minion.sls should works yes
08:08 Furao you can include shared .sls files
08:09 Furao like i have a .sls that contains the ssl certificate stuff for all state that needs it (nginx, postfix, postgresql, etc)
08:09 jcsp joined #salt
08:11 grrrrr joined #salt
08:12 Jahkeup joined #salt
08:15 timoguin joined #salt
08:21 bash1234123123 joined #salt
08:22 ptinkler joined #salt
08:22 bash1234123123 joined #salt
08:23 Auroch joined #salt
08:27 otter768 joined #salt
08:27 CeBe joined #salt
08:27 jbub joined #salt
08:29 Andre-B joined #salt
08:42 JlRd joined #salt
08:43 lb1a joined #salt
08:43 mikkn joined #salt
08:46 jtang joined #salt
08:47 ajw0100 joined #salt
08:49 CeBe1 joined #salt
08:54 TyrfingMjolnir joined #salt
08:59 karimb joined #salt
09:01 dkrae joined #salt
09:04 meylor joined #salt
09:08 elfixit joined #salt
09:15 timoguin joined #salt
09:17 monkey661 left #salt
09:17 hojgaard joined #salt
09:18 hojgaard Hello.. Is it possible to use source on the file.directory salt state, so that i sync a folder of files to selected minions?
09:19 favadi joined #salt
09:22 zadock joined #salt
09:25 che-arne joined #salt
09:25 bones050 joined #salt
09:28 evle1 joined #salt
09:29 fredvd joined #salt
09:30 Twiglet file.recurse may be what you're after http://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.recurse
09:30 I3olle joined #salt
09:34 bash1234_ joined #salt
09:36 evle1 Hello. Is there a good way to have binary file (different for each host) in pillar? In particular I'm trying to store keytabs for kerberos. I found this: https://github.com/saltstack/salt/issues/13510 but it looks feature is for next release and rely on including base64 of each file into pillar config. Doesn't look good.
09:37 Furao evle1: if it’s really “binary” you should encode with base64 or something else first
09:37 phx evle1, that's the very same thing i have to do right now as well
09:37 Furao you can wrap file.managed with a custom state
09:37 chiui joined #salt
09:38 ladistwo Furao: thanks
09:38 phx evle1, do you have anything in mind about checking keytabs whether they are up to date, and actually generating them on the master side?
09:38 evle1 Furao: I was looking for something like pillar://path/to/file since we have salt://path/to/file
09:39 Andre-B joined #salt
09:40 evle1 phx: So far no. I'm planning to generate keytabs manually on windows server for now.
09:40 Furao pillars are suposed to be read/process only on the master
09:40 Furao there is probably no such pillar://
09:40 phx evle1, somewhere it was said, there'll be no pillar:// for $reasons in the ticket explained
09:40 paulm- joined #salt
09:40 phx evle1, btw, don't do them on the windows server, that sucks big time
09:41 bones050 joined #salt
09:41 phx evle1, the microsoft ktutil.exe cannot put multiple SPNs into a keytab, which you'll need sooner or later. use msktutil, which can do this from *nix
09:41 evle1 phx: I don't fully understand those reasons yet.
09:42 phx evle1, neither me, but there are people who know way more of salt internals and its side effects than myself
09:44 evle1 I'll make a note about msktutil. Fortunately I'll need only a few keytabs for now.
09:44 phx evle1, once you enable kerberized logins, you'll need a keytab for every box :)
09:45 phx and once you have additional service that authenticate (like nfs, cifs, http, so on) you will need additional SPNs for each of those boxes
09:45 evle1 It's just for proxy (which I'm trying to configure right now) and maybe for some SSO later.
09:46 phx for a proxy you will need a host/ and a http/ principal AFAIK
09:47 phx evle1, oh and be aware the msad expires even machine passwords every 90 days or so. when the password is expired, you will need to regenerate every machine's keytab, because they are still subject to the password expiry
09:47 phx if the machine password is expired, then you will not be able to authenticate users using it
09:48 teogop joined #salt
09:48 evle1 It seems http/ is enough. And I disabled expiring for this account. I'm not very good with kerberos internals, let's hope I won't mess up. :-)
09:49 phx evle1, yeah, mskutil can also switch that flag. and add it to the MSAD inventory and so on. it's a very useful stuff actually
09:52 evle1 Ok. So it's only base64 inline and something custom on minion side to retrieve it. I see.
09:56 bash1234123123 joined #salt
09:57 NV joined #salt
09:58 evle1 Other question. Is there a way to queue state.hightstate to update states for every minion in pool, not only those it see right now? I have servers that have very unreliable connection and I need them to get new configuration as soon as they are online. And have some report on master about situation on each server. Is salt a good tool for that?
09:58 EvaSDK joined #salt
09:59 ralala joined #salt
10:02 mkkl joined #salt
10:05 QuisaZaderak joined #salt
10:05 mkkl I want to configure multiple VMs and on two hosts with salt (running inside the vms and on the host)
10:05 mkkl now I am looking for some way to share informations (e.g which ports are used for services and hence need to be forwarded between vms and hosts)
10:06 mkkl what would be the best pattern in salt to follow?
10:07 QuisaZaderak hello, how do i disable the bootstrap script within salt-cloud? maybe there is an option in the cloud.profiles file? im using vsphere...
10:08 giantlock joined #salt
10:15 ptinkler joined #salt
10:15 timoguin joined #salt
10:20 ptinkler anyone know why if I put the alias of my file as the `conf_file: ` field in my supervisord state, it doesn't resolve it to the name? for example I do  `- conf_file: supervisord.supervisord-conf`
10:21 ptinkler and when I run it, it says `Command '/usr/bin/supervisorctl -c supervisord.supervisord-conf start mysite' failed with return code: 2`
10:21 ptinkler I don't get why that isn't resolving to the name of the file in salt which its /etc/supervisord/conf.d/blah blah
10:21 rdo1 joined #salt
10:21 hojgaard when i use file.recurse in a state to sync a directory, how can i make it update folder with new files when i run salt.highstate?
10:22 rdo1 hi all - quick one; is it possible to have all salt-minions connect to all masters simultaneously?
10:22 rdo1 i.e. ensuring that I can connect to ANY master and get an up-to-date view on the minions?
10:26 favadi joined #salt
10:27 bash1234_ joined #salt
10:27 otter768 joined #salt
10:34 kawa2014 joined #salt
10:51 dirkcjelli joined #salt
10:54 ptinkler http://pastebin.com/eEpX4nMy   <---- any ideas guys? first section is my state, 2nd is the nginx supervisord conf, third is the error I get
10:59 SvenD joined #salt
10:59 smithd joined #salt
11:00 Twiglet ptinkler: looks like you're missing [supervisorctl] from the ini
11:00 Twiglet above [program:nginx]
11:00 Twiglet at least that's what the error suggest, I've not use supervisord ;)
11:04 CeBe joined #salt
11:05 SvenD joined #salt
11:07 ptinkler yeah it's proving to be tickier than I expected :) np cheers
11:08 Bateau_ joined #salt
11:08 saltnewb joined #salt
11:10 saltnewb hope someone can point me in the right direction, havnt been able to get around this: im using salt-ssh to bootstrap a minion and using gitfs as fileserver, the same sls/jinja files work fine when using local file storage instead of gitfs, but when using gitfs salt-ssh gives me this error:
11:10 saltnewb Rendering SLS 'base:salt.minion' failed: Jinja error: salt/map.jinja TemplateNotFound: salt/map.jinja
11:11 saltnewb so the sls files get to the minion just fine via salt-ssh, but the jinja doesnt, I have added the extra_filerefs option to salt-ssh call as well to include those jinja files, but still same error
11:12 saltnewb i have looked in /var/cache/salt/master/files/base/ on the master and the jinja file is not there, is it supposed to be there when using gitfs? or how could I go about debugging this any further? (must be related to putting the files on gitfs, the exact same formulas are working just fine when using local fileroot)
11:13 calvinh joined #salt
11:14 saltnewb this is the salt-ssh command and the error thrown: http://pastie.org/9879348#1-2,11
11:15 saltnewb thanks to anyone shedding some light into it! this is driving me nuts! of course I can just git clone into a local directory and use salt-ssh, but ideally I really want to use gitfs instead of doing it manually myself :(
11:15 timoguin joined #salt
11:18 QuisaZaderak can anyone explain how to compare variables inside yaml?
11:20 paulm-- joined #salt
11:20 Grokzen joined #salt
11:24 bhosmer joined #salt
11:27 meylor1 joined #salt
11:36 CeBe1 joined #salt
11:37 calvinh_ joined #salt
11:40 CeBe2 joined #salt
11:41 keeth joined #salt
11:42 kawa2014 joined #salt
11:44 diegows joined #salt
11:46 shorty_mu joined #salt
11:49 Twiglet {% if variable1 == variable2 %}
11:49 trikke joined #salt
11:50 CeBe1 joined #salt
11:50 zer0def joined #salt
11:50 Twiglet or {% if salt['pillar.get']('key:value'] == varibale %} or {% if salt['pillar.get']('key:value'] == 'text' %}
11:50 Twiglet whoops, the last ] by key:value should be a )
11:50 zer0def ok, i may be dumb, but what am i missing when i'm calling salt-ssh and it craps out on updating fileserver cache?
11:51 keyser joined #salt
11:52 zer0def i've made a complete copy of /etc/salt and specified a Saltfile, but i guess i'm missing something
11:53 SvenD joined #salt
12:01 brayn joined #salt
12:15 I3olle joined #salt
12:15 timoguin joined #salt
12:23 Mitz joined #salt
12:24 Mitz left #salt
12:25 hobakill joined #salt
12:28 yomilk joined #salt
12:29 otter768 joined #salt
12:31 smithd joined #salt
12:41 JlRd joined #salt
12:42 SvenD joined #salt
12:47 supersheep joined #salt
12:50 keeth_ joined #salt
12:52 mikkn_ joined #salt
12:53 vbabiy joined #salt
12:57 zer0def joined #salt
12:58 kbyrne joined #salt
12:58 dRiN joined #salt
13:06 rm_jorge joined #salt
13:08 diegows joined #salt
13:09 SvenD joined #salt
13:10 lothiraldan joined #salt
13:10 yomilk joined #salt
13:11 decci joined #salt
13:11 decci Hello Guys
13:12 decci I was reading about standalone minion. Quite couldnt understand the concept. Does it mean we dont need master at all
13:12 rm_jorge_ joined #salt
13:12 decci I come from Puppet background where we have master and serveral agent nodes. Master manages them all
13:13 decci I read about masterless Salt.
13:13 zer0def you mean that tutorial on masterless salt?
13:14 zer0def it means that you can run a command with salt-call on a minion, as if you ran it from the master, afaik
13:14 mikeywaites Hey anyone know how the logic behind cmd.wait works?  i have cmd.run that should trigger the cmd.wait only if something has changed.  Is it the result of the cmd.run that salt uses to determine any changes or is it an exit code?
13:15 tomh- joined #salt
13:15 MaliutaLap joined #salt
13:15 MaliutaLap joined #salt
13:15 zer0def on the other hand, my question is: would there be any reason for salt-ssh to ignore the cachedir setting?
13:15 timoguin joined #salt
13:15 zer0def that is, cachedir setting from a Saltfile
13:16 aqua^mac joined #salt
13:17 decci zer0def: Is masterless salt similar to standalone minion?
13:17 decci zer0def: Salt perform master less quick start - this is one of doc
13:18 decci zer0def: and then there is sother doc Stand alone of all minion
13:18 paulm- joined #salt
13:18 decci zer0def: Does it mean same?
13:21 lothiraldan joined #salt
13:22 zer0def could you link which docs you're specifically referring to?
13:22 zer0def also, apparently I'm a dunce: you don't put 'cachedir' in a Saltfile, you put it in a master file within the config_dir
13:23 supersheep joined #salt
13:24 zer0def decci: you mean this, i presume?: http://docs.saltstack.com/en/latest/topics/tutorials/quickstart.html
13:25 zer0def decci: that link and this: http://docs.saltstack.com/en/latest/topics/tutorials/standalone_minion.html , describe the same thing, so masterless/standalone minion is the same thing
13:26 zer0def *technically* speaking, you don't really need a master, but then you're missing the forest for the trees.
13:27 nitti joined #salt
13:28 markizano joined #salt
13:29 bdrung_work joined #salt
13:30 bdrung_work hi, can someone assist me to fix https://github.com/saltstack/salt/issues/20335 ? i am a python developer, but not familiar with the salt codebase
13:30 iml joined #salt
13:32 spo0nman joined #salt
13:32 Nils- joined #salt
13:32 giantlock joined #salt
13:33 redzaku joined #salt
13:36 lothiraldan joined #salt
13:39 decci zer0def: okay
13:40 decci zer0def: I am looking to learn how to achieve these topics http://paste.ubuntu.com/10034973/
13:40 decci zer0def: Any suggestions?
13:41 decci zer0def: I just setup master and 1 minion working together..
13:42 Sacro ffs, is it possible to have a Windows release that purely fixes bugs and doesn't introduce more
13:42 hojgaard I am having the following states directory: /srv/salt/mailserver/postfix/.init.sls how do i refer to this folder in /srv/salt/top.sls ?
13:42 decci zer0def: If you have any doc which can help me out, do suggest
13:44 jcsp joined #salt
13:44 zer0def decci: generally speaking?, this: http://docs.saltstack.com/en/latest/topics/tutorials/index.html
13:44 decci zer0def: thnx
13:44 zadock joined #salt
13:45 zer0def decci: pillars:  http://docs.saltstack.com/en/latest/topics/tutorials/pillar.html  rosters: http://docs.saltstack.com/en/latest/topics/ssh/roster.html  states: the whole section 3.3 in tutorials
13:45 ClausA joined #salt
13:45 zer0def other than that, i'm unable to help you
13:45 decci zer0def: I have links for halite..
13:46 yomilk joined #salt
13:47 yuhl_work_ left #salt
13:49 CeBe1 joined #salt
13:50 zer0def didn't need it yet, so i didn't even know where to start... most likely in the docu ;)
13:51 hojgaard anyone who can help me?
13:51 hojgaard I am having the following states directory: /srv/salt/mailserver/postfix/.init.sls how do i refer to this folder in /srv/salt/top.sls ?
13:51 Sacro hojgaard: probably can't
13:52 Sacro I can't imagine it being sane to have states with a . prefixed
13:52 hojgaard Sacro, to bad, it wold be nice since i would like to separate the .sls
13:52 Sacro You can do that
13:52 Sacro You just can't call it .anything.sls
13:52 Sacro only anything.sls
13:53 hojgaard Sacro, ahh sorry, that was a mistake. it should be like this: /srv/salt/mailserver/postfix/init.sls
13:53 zer0def (inb4 it's a typo)
13:53 zer0def there we go.
13:53 zer0def i was late.
13:53 Sacro oh, then you can use mailserver.postfix
13:53 hojgaard strange..
13:53 Sacro which will look /s/s/mailserver/postfix.sls
13:53 Sacro then /s/s/mailserver/postfix/init.sls
13:55 hojgaard That is strange, cause im getting this error: No function declared in state 'service' in SLS 'mailserver.postfix'
13:55 Sacro ~paste
13:55 Sacro ~pastebun
13:55 Sacro hm
13:55 SvenD joined #salt
13:55 Sacro pastebin your state somewhere
13:56 hasues joined #salt
13:56 hojgaard the init.sls works, because it works when i put it directly in mailscanner..
13:57 hojgaard Sacro, ^
13:57 hasues left #salt
13:57 Sacro Are you sure?
13:58 pf_moore joined #salt
13:58 hojgaard 100 %
13:58 Sacro I'm not 100%
13:58 Sacro if you put your top.sls and such somehwere we can look
13:59 mr_chris Why do some salt minions sporadically get stuck in the middle of a highstate? For us this happens with about two server a day, different servers each time. The only way to fix it is to restart salt-minion.
14:00 mr_chris Running centos6 and salt 2014.7
14:01 smithd joined #salt
14:05 Daniel joined #salt
14:05 hojgaard Sacro, sorry kinda deleted .running after service in the init.sls - so you were right. Thank you!
14:06 Guest88958 Hi, when Salt releases a new version are the old versions still maintained for installation with yum?
14:07 Mindfartio joined #salt
14:12 jcsp joined #salt
14:14 cYris212 joined #salt
14:15 jerematic joined #salt
14:15 timoguin joined #salt
14:16 toastedpenguin joined #salt
14:17 racooper joined #salt
14:18 nicksloan is jinja allowed in pillars?
14:18 bluenemo joined #salt
14:18 bluenemo joined #salt
14:19 ladistwo left #salt
14:20 fredvd joined #salt
14:20 rypeck joined #salt
14:23 gladiatr joined #salt
14:24 SvenD joined #salt
14:28 lothiraldan joined #salt
14:28 jalaziz_ joined #salt
14:29 MortonIII joined #salt
14:29 otter768 joined #salt
14:29 mpanetta joined #salt
14:29 Ox joined #salt
14:31 numkem joined #salt
14:32 bhosmer joined #salt
14:34 timoguin joined #salt
14:34 nitti joined #salt
14:34 primechu_ joined #salt
14:35 mdasilva joined #salt
14:37 VSpike Can anyone tell me how pillar glob match described in http://docs.saltstack.com/en/latest/topics/targeting/compound.html should work?
14:37 bhosmer joined #salt
14:38 hybridpollo joined #salt
14:38 VSpike For example, if you have { 'role': ['web', 'ssh'] } and you do I@role:web should that match?
14:39 jeremyr joined #salt
14:39 cpowell joined #salt
14:41 pkimber joined #salt
14:41 zer0def left #salt
14:44 StDiluted joined #salt
14:54 FRANK_T joined #salt
14:55 lothiraldan joined #salt
14:58 penguin_dan joined #salt
15:00 intellix joined #salt
15:02 KennethWilke joined #salt
15:03 housl joined #salt
15:03 Twiglet nicksloan: yes
15:07 renoirb joined #salt
15:07 smcquay joined #salt
15:07 bhosmer joined #salt
15:07 CeBe1 joined #salt
15:08 twellspring joined #salt
15:08 CeBe1 joined #salt
15:08 twellspring joined #salt
15:09 vbabiy joined #salt
15:09 SvenD joined #salt
15:09 cpowell_ joined #salt
15:10 murrdoc joined #salt
15:13 nicksloan Twiglet: but apparently I cannot set a variable in one pillar file, and refer to that variable from another
15:13 nicksloan I need pillars for my pillars
15:14 Auroch joined #salt
15:18 aquinas joined #salt
15:21 kaptk2 joined #salt
15:22 TheoSLC joined #salt
15:26 ipmb joined #salt
15:26 dude051 joined #salt
15:27 manfred VSpike:  it should, as long as role is specified in your pillars for that server.
15:27 VSpike manfred: thanks!
15:27 spiette joined #salt
15:29 Twiglet nicksloan: haha, yeah I've had that problem before, not really found a way around it myself
15:30 douardda joined #salt
15:30 bluenemo_ joined #salt
15:32 iggy nicksloan: you can use jinja includes for some things (don't know exactly what you are trying to achieve)
15:33 nicksloan iggy: using the nginx:ng formula
15:33 bash1234123123 joined #salt
15:33 nicksloan wanting to change the hostname of my servers in one spot depending on environment
15:33 iggy I'm not even going to try to go understand that formula
15:33 murrdoc grains.fliter_by is an excellent way to create 'pillars' using pillars and grains
15:33 aqua^mac joined #salt
15:33 paulm- Why can't you use the watch trigger with service.enabled?
15:34 iggy I tried reading the old nginx formula and it made me want to pull my eyeballs out, roll them around in salt, and stick them back in
15:34 murrdoc he right
15:34 hobakill 2014.7.1 is like a gift from FSM. that is all. :)
15:35 iggy paulm-: (assuming a new enough salt version) you should be able to use it with any state
15:36 subsignal joined #salt
15:36 iggy I suspect nginx is just one of those things that everybody uses so differently that you'll never get a good all around formula for it
15:37 KennethWilke iggy: sounds about right
15:37 iggy someone should probably split them up into nginx-simple-formula, nginx-php-hosting-formula, nginx-python-hosting-formula or something
15:37 iggy 1,2,3, not it
15:37 subsignal joined #salt
15:37 murrdoc or do it ilke the collectd formula
15:37 murrdoc all setup is moved to a conf.d directory
15:38 murrdoc and the vanilla install does nothing
15:38 murrdoc nginx-simple
15:38 iggy and when we get pillar:// url's...
15:39 murrdoc wait they are allonwing for on-demand pillars ?
15:39 murrdoc \o/
15:39 iggy no, there's a bug open about it though
15:39 murrdoc i d like to vote for it
15:40 murrdoc every formula's pillar needs to be included for each role
15:40 kermit joined #salt
15:40 elextro joined #salt
15:40 murrdoc unless i use the grain in top.sls
15:40 elextro Hey, has anybody had an issues with running eventlisten.py?
15:40 iggy wait, I think we are talking about something different
15:40 murrdoc we might be
15:40 elextro I'm getting ImportError: No module named six. Even after 'pip install six'
15:40 meylor joined #salt
15:41 iggy source: pillar:///path/to/some/privatefile.key
15:41 iggy or similar
15:41 iggy elextro: python2/python3 issue?
15:41 elextro Hmm...I'm running pythno 2.7
15:41 elextro python*
15:41 murrdoc i want the ability to keep the pillars for a formula with the  formula
15:42 murrdoc so that if u do - include:\n\tpillar-name
15:42 murrdoc only then the pillars for that formula get included
15:43 elextro The problem seems to be with this extension here
15:43 elextro import salt.ext.six as six
15:43 Brew joined #salt
15:43 ALLmightySPIFF joined #salt
15:43 murrdoc pip freeze | grep six
15:45 murrdoc or pip install requests>2.5.1
15:45 murrdoc try either of those
15:45 iggy are you using the event_listen that matches your salt? because I think they stopped shipping six and moved to requiring it to be installed recently
15:45 murrdoc https://github.com/saltstack/salt/blob/develop/requirements/base.txt still lists requests>1.0.0
15:45 iggy (or maybe event_listen just wasn't fixed)
15:45 murrdoc that should be 2.5.1
15:45 douardda joined #salt
15:45 elextro murrdoc: six==1.7.3
15:46 elextro Iggy: I havn't gotten that far yet
15:46 linuxdingding3_ joined #salt
15:46 linuxdingding3_ hello
15:47 linuxdingding3_ i am newer about stalstack
15:47 elextro upgrading requests to 2.5.1 didn't seem to help :(
15:47 iggy elextro: what version of salt are you using?
15:47 elextro Iggy: salt 2014.1.13 (Hydrogen)
15:47 iggy elextro: change that line to import salt.utils.six as six
15:48 iggy or not
15:48 iggy download the eventlisten that matches your version
15:48 elextro Same result : ImportError: No module named six
15:48 elextro :(
15:48 iggy https://github.com/saltstack/salt/raw/2014.1/tests/eventlisten.py
15:49 murrdoc no module named six ?
15:49 murrdoc pip install --upgrade pip
15:49 iggy they hadn't even started python 3 compatibility in 2014.1 so there's no six at all
15:49 elextro Iggy: Yes, that did it. Thanks buddy :)
15:49 elextro That's what I get for pulling random scripts from tutorial blogs
15:49 elextro xD
15:50 iggy was that from the docs or just some blog you found somewhere?
15:50 elextro From the docs, actually
15:50 elextro http://docs.saltstack.com/en/latest/topics/reactor/
15:50 iggy either way you might want to get in touch with the author and tell them to add a note about the version thing
15:50 iggy yeah, I figured
15:51 bhosmer_ joined #salt
15:52 mikkn joined #salt
15:53 diegows_ joined #salt
15:54 TheThing Sacro: Is it possible to have a linux version that actually updates their packages and doesn't keep their ancient old broken version?
15:54 TheThing o...kay
15:54 TheThing sorry about that
15:54 TheThing my stupid IRC was not scrolling down
15:54 TheThing disregard everything I said
15:54 Twiglet heh
15:55 Twiglet I combat that by having my own repo server atleast then we don't get the surprise buttsex moments when salt updates over night and all the minions die
15:55 elfixit1 joined #salt
15:55 murrdoc haha buttsex0rs
15:56 iggy hopefully, when saltstack moves more of that in house, they'll move to doing things like the debian repos where there's 2014.1 2014.7 2015.2 repos
15:56 iggy (and it would also be nice if those could somehow be specified by salt-bootstrap/salt-cloud)
15:56 Twiglet I have a hacky script which gets machine IPs from the GCE api then sshs into each one and restarts salt
15:57 Twiglet Just make your own bootstrap, especially if you have your own repo server. I find the official one a massive bloaty horror
15:58 Twiglet especially if you only target one OS
15:58 hobakill oh UtahDave - where be ye.
15:59 iggy I was doing a lot of that by hand, then switched to salt-bootstrap because "that's the suggested way"
15:59 iggy now I just have to run everything from git because I use some apparently weird features
15:59 douardda joined #salt
16:00 thedodd joined #salt
16:00 redzaku joined #salt
16:01 redzaku joined #salt
16:01 clintberry1 joined #salt
16:01 jtang joined #salt
16:01 SvenD1 joined #salt
16:02 elextro is it possible to iterate through all my minions in the orchestration file using some sort of loop? That way states are applied to them sequentially.
16:03 Sacro TheThing: no issues on Ubuntu or Arch
16:03 TheThing Twiglet: Was actually referencing a problem my mate was having. The version of package that's available in the repo for his distro is like 8.2 or something
16:03 TheThing and it's broken
16:04 TheThing when the latest version is like version 11.0
16:04 TheThing :D
16:04 murrdoc of salt ?
16:05 TheThing of course not, silly
16:05 Twiglet ah
16:05 Twiglet my mistake ;)
16:05 TheThing :)
16:05 murrdoc i like what python has done (not sure if srs), all the major packages have dropped the first 1. in the versioning
16:05 Twiglet I've settled on ubuntu in recent years, it's stable enough and has recent(ish) packages
16:05 murrdoc so versions have gone from 1.5 to 6
16:06 murrdoc 0_0
16:08 andrew_v joined #salt
16:08 conan_the_destro joined #salt
16:08 hobakill i'm really sick of salt + windows. it shouldn't be this hard to simply restart the service and/or install an update. salt -G "host:blah*" cmd.run 'Restart-Service salt-minion' shell=powershell doesn't work.
16:10 murrdoc ./me agrees
16:10 hobakill nor does the more normal service.restart command. i'm on 2014.7.1 and i can't believe no one else has these problems.... or that salt thinks they can really be an enterprise platform without windows server support.
16:10 murrdoc well
16:11 bastiandg joined #salt
16:13 scoates joined #salt
16:13 hobakill murrdoc, i'm being a bit hyperbolic with the windows thing but for those of us in a multi-platform environment, salt can be super painful on the windows side. or.... i'm an idiot when it comes to windows - a distinct possibility! :)
16:14 markm_ joined #salt
16:15 diegows joined #salt
16:15 scoates joined #salt
16:16 lumtnman joined #salt
16:16 murrdoc yes
16:16 murrdoc ( i had no response )
16:18 elextro Is there any way I can get a list of all the salt minions in my state files?
16:18 murrdoc salt mine and pillars
16:19 murrdoc http://docs.saltstack.com/en/latest/topics/mine/
16:19 elextro Ah yes. I'm vaguely familiar. Thanks murrdoc :)
16:21 SheetiS joined #salt
16:22 monkey66 joined #salt
16:23 workingcats hobakill, given the sheer number of times i have encountered bugs and failures with windows service management in a wide variety of applications from all kinds of developers (even good corporate devs)... i think thats just windows
16:24 workingcats and i thank $deity i dont have to do windows from friday evening :D
16:24 alexbst on an ec2 node with salt
16:25 alexbst and there are no grains to say which cloud provider I'm in
16:25 alexbst the only thing I can find in grains is the serial number, which begins with ec2 in the case of ec2 ;)
16:26 alexbst is there a formal "cloud-discovery" module for salt ?
16:26 alexbst or some other path I should use ?
16:26 yetAnotherZero joined #salt
16:29 hobakill workingcats, i tend to agree.....and blame windows for most things. still though i've had this service.restart thing work from version to version but it's never consistent. i think the github issue folks for salt might be getting sick of me! :)
16:30 otter768 joined #salt
16:31 markm__ joined #salt
16:31 jespada joined #salt
16:31 workingcats hobakill, could be ;)
16:31 workingcats googling on my own update bug atm..
16:32 twellspring joined #salt
16:33 intellix joined #salt
16:33 yomilk joined #salt
16:34 jalbretsen joined #salt
16:34 CeBe1 joined #salt
16:35 paulm- joined #salt
16:36 berserk joined #salt
16:36 workingcats ok can't find it.. so I've update my salt master (deb7) and one minion (also deb7) to salt 2014.7.1
16:36 hebz0rl_ joined #salt
16:37 workingcats now when i run "i think even virgin UK and kabel deutschland do" it gives salt-managed files in yellow and at the end says "Succeeded: 116 (unchanged=36)". but it does this even for files that have the correct content and correct access rights
16:37 workingcats oops, that was supposed to be: when i run "salt-call state.highstate test=True"
16:38 workingcats i tried letting it apply the highstate, but it still comes back with 36 unchanged
16:38 lothiraldan joined #salt
16:38 paulm-- joined #salt
16:39 kawa2014 joined #salt
16:40 iggy alexbst: there are some custom grain modules in salt-contrib having to do with ec2
16:40 iggy nothing standardized (because well, the cloud providers are anything _but_ standard)
16:41 StDiluted joined #salt
16:41 workingcats letting it apply the state again yields 116 successes - but then running test again still gives unchanged=36
16:41 workingcats any ideas? i checked the release notes and several days of IRC log :/
16:44 iggy workingcats: test=True isn't perfect (and never will be)... it makes best effort guesses about a lot of things
16:45 mdasilva joined #salt
16:45 ralalala joined #salt
16:46 workingcats iggy, but it is correct. the file is in the correct state, and it says so. it just gives the wrong colour, and counts it as "unchanged"
16:46 tligda joined #salt
16:46 workingcats and how can diff'ing a file be anything but perfect? ;)
16:46 ksalman1 is it possible to print a message to stdout when a i deploy a state? this state can only be run on a 32 bit linux so I want to show a message to stdout when run on 64 bit instead of return nothing
16:47 elextro Can anyone help me out with something? How would I write "salt '*' saltutil.wheel minions.connected" as a mine function? Would it be mine_functions:  saltutils.wheel  [minions.connected]??
16:47 workingcats e.g. "Comment: The file /etc/fstab is in the correct state"
16:47 gladiatr joined #salt
16:47 gladiatr joined #salt
16:47 cosimos joined #salt
16:47 che-arne joined #salt
16:48 workingcats just verified, with salt minion 2014.7.0 and 2014.1.5 (same master) it works correctly
16:48 douardda joined #salt
16:48 Nick__ joined #salt
16:48 iggy ksalman1: test.fail* with a onlyif: arch == i386
16:49 iggy elextro: try asking what you are trying to achieve, not how you are trying to achieve it
16:50 iggy workingcats: so file a bug
16:51 teskew joined #salt
16:52 workingcats iggy, just seeing if someone knows a config option or something
16:52 davet joined #salt
16:52 elextro I want to specify wheel functions as mine functions.
16:52 iggy if it works one way on one version and a different way on another version with the same config, I think that qualifies for a bug report
16:53 iggy elextro: no you don't... what are you trying to do?
16:53 elextro Get a list of all salt minions in my orchestration runner file
16:53 elextro and state files
16:54 iggy {% set allminions = salt['mine.get']('*', 'network.get_hostname') %}
16:55 elextro hmmm...alllright :)
16:55 schlueter joined #salt
16:57 VSpike hobakill: the bug in 2014.7 seems to be fixed in 2014.7.1 for me
16:57 VSpike hobakill: which I was pleased about cos it was my patch :)
16:58 pviktori joined #salt
16:58 VSpike hobakill: maybe it's specific to restarting the salt-minion .. haven't tried that
16:59 smithd joined #salt
17:00 Nick__ What are some best practices for encrypting pillar at rest?
17:01 workingcats iggy, yes, good point
17:01 kawa2014 joined #salt
17:01 iggy Nick__: gpg renderer
17:02 Nick__ thanks iggy
17:02 VSpike hobakill: restarting services seems to work (both locally via salt-call and from the master).
17:03 VSpike hobakill: restarting the salt-minion locally via salt-call seems to work
17:03 hobakill VSpike, then you've had better luck than me. I just got a hung service on the minion
17:04 SvenD1 left #salt
17:05 KyleG joined #salt
17:05 KyleG joined #salt
17:06 VSpike hobakill: but restarting the salt-minion remotely from the master seems to kill the minion, yep
17:06 hobakill VSpike, glad i'm not high. :)
17:07 casey|sfe i want to manage a directory that is named from the output of git rev-parse
17:07 meylor joined #salt
17:07 casey|sfe can i read that into a var inside a state or do i just need to shell out?
17:08 mpanetta Ugh, I can't for the life of me remember how to get the job output given a jid...
17:08 Ligthert VSpike: salt minion cmd.run "screen service salt-minion restart"?
17:09 jcsp joined #salt
17:09 ksalman1 iggy: somthing like this? https://gist.github.com/anonymous/b26b2a8612723a253d79
17:09 ksalman1 it doesn't fail when run on i686
17:09 JTimmer joined #salt
17:10 iggy onlyif expects a shell command
17:10 ksalman1 oh
17:10 VSpike hobakill: probably have to use schtasks to schedule the restart for a minute from now
17:10 VSpike Ligthert: windows :/
17:11 iggy but if you are doing that, why not just {% if not grains['osarch'] in ['i386', 'i686'] %} do_state: foor: bar {% endif %}
17:11 johnkeates joined #salt
17:11 iggy ksalman1: do you really need to fail if it's not amd64?
17:12 ksalman1 iggy: i am already doing that but i wanted to display some sort of message for the user when that state just doesnt run because it's wrong arch =)
17:12 hobakill VSpike, sure - but this is kind of my point exactly... kind of insane
17:13 iggy ksalman1: okay, so {% if grains['osarch'] in ['i386', 'i686'] %}do_fail_state: and_hope_you_don't_use_hardfail: yeah!{% endif %}
17:13 VSpike hobakill: mm, yep. hacky
17:14 VSpike although isn't that effectively the recommended way to do it on Linux too?
17:14 diegows joined #salt
17:15 ksalman1 hobakill: I was having this issue of restarting salt minion on windows (sometiems it would stop but not come back up). Now i have a schtasks that run every 5 mins that tries to start salt-minion (net start salt-minion). in case the service doesn't come uip when i restart from salt-master
17:15 mgw joined #salt
17:16 mgw I'm trying to figure out how to use state.pkg (as used by salt-ssh) to create and use a tarball that can be downloaded and used to execute a local state run without installing salt into the system paths
17:17 mgw any pointers?
17:17 stanchan joined #salt
17:18 paulm-- Can you have two managed zones (e.g. blockreplace) in a single file?
17:19 iggy mgw: why not just use salt-ssh?
17:19 CeBe joined #salt
17:20 mgw iggy: I'm wanting to use this as an installer of sorts
17:20 superseb joined #salt
17:20 flupke joined #salt
17:20 mgw Or toying with the idea
17:20 iggy an installer for? salt?
17:20 mgw I may just use a bash script, but I'm exploring this as an option
17:21 mgw no, an installer and configurer for some other applications
17:21 johnkeates mgw: sound like you are trying to build an NSIS or InstallShield type of thing using salt
17:21 flupke Hi, is it possible to control my salt-master from my dev computer? (i.e. run salt commands from localhost without having to login with ssh on the master)
17:22 beneggett joined #salt
17:22 johnkeates flupke: no, unless you use syndic or git
17:22 spookah joined #salt
17:22 johnkeates flupke: on second thought: you _could_ alias something like mastersalt to ssh user@host salt
17:23 johnkeates flupke: but basically every option that is not using ssh to connect to your master is going to be harder than ssh'ing to your master
17:24 iggy mgw: there's esky? not sure if you could leverage it (I think salt's support for it is more meant for installing salt itself)
17:24 mgw my goal is to be able to log into a system (e.g., my laptop) and "wget some-script | bash" which will then run something (such as a salt tarball) to install packages via apt and configure them
17:24 mgw But I don't want any sat artifacts left behind
17:25 johnkeates mgw: you could install salt do your thing, and remove salt afterwards
17:25 neogenix joined #salt
17:25 mgw I could, but I thought salt-ssh leveraged a tarball system that essentially does that
17:25 mgw but into /tmp
17:27 flupke johnkeates: ok thanks.
17:27 johnkeates left #salt
17:28 aparsons joined #salt
17:28 iggy mgw: you might want to try the mailing list... you might get more dev eyes looking at your question
17:28 phpdave11 mgw: if you use salt-ssh, salt artifacts won't be left behind on your minions. you only need salt-ssh installed on the system you're running it from
17:29 mgw phpdev11: right, but I want to prepare this on one system, and then download and execute from another
17:29 mgw there's no "master" to ssh in from
17:30 phpdave11 that's essentially what i do. i have my salt config files stored in a git repository. once downloaded, i can execute the salt states from anywhere.
17:31 jxFive joined #salt
17:31 Ryan_Lane joined #salt
17:32 keeth joined #salt
17:33 hasues joined #salt
17:33 hasues left #salt
17:34 iggy I really wish people writing formulas would stop overwriting salt provided variables
17:37 yetAnotherZero joined #salt
17:38 nicksloan iggy, Twiglet: thanks for the help earlier. I think the nginx formula is just not ideal for what I need. I'm going to look at whether or not I can come up with a somewhat simpler approach that leans a bit harder on files rather than pillars.
17:38 vbabiy joined #salt
17:38 nicksloan I might share it if I get somewhere interesting
17:40 pressureman joined #salt
17:41 jeremyr joined #salt
17:41 meefs joined #salt
17:48 Andre-B joined #salt
17:49 desposo joined #salt
17:49 desposo1 joined #salt
17:52 meylor joined #salt
17:53 elextro Do I have to have my salt-master auth'ed as a minion to run saltutil.wheel functions on it?
17:54 kawa2014 joined #salt
17:55 elfixit1 joined #salt
17:55 msheiny joined #salt
17:57 catpigger iggy++
18:03 yomilk joined #salt
18:04 Twiglet nicksloan: so worries, i'm no expert but i'll try and help if I can
18:04 monkey661 joined #salt
18:06 analogbyte anybody using salt virt? especially virt.init? how do you provision VMs with ip addresses? put it right into the image or is everyone using dhcp? I don't like either option actually...
18:07 overyander joined #salt
18:09 iggy well... how else do you get the IP if you don't manually set it or use dhcp?
18:10 mgw joined #salt
18:11 forrest joined #salt
18:12 wendall911 joined #salt
18:13 analogbyte iggy: as the virt.init system already mounts the image for seeding, it would be nice to have an option to upload an /etc/network/interfaces file (or maybe others, too) directly at this stage
18:13 JPaul joined #salt
18:14 iggy yeah, I don't know anything about salt-virt... I'm just trying to get you to think about how you'd go about doing it
18:15 analogbyte iggy: I thought about implementing this, but I'm not sure how good of a fit it is for the functionality the developers want in the virt module
18:16 analogbyte and I might have missed some convenient way to set an ip too. I don't know about stuff like cloud-init, so I though there might already be a good solution everybodys using
18:17 iggy well, it's going to depend on the capabilities of whatever hypervisor you are using
18:19 aparsons joined #salt
18:19 iggy I'm not a salt dev, and I know nothing about their intentions for salt-virt, but if I was tasked with using salt and some virtualization together, I'd probably set up openstack and use salt-cloud to control it
18:20 ajw0100 joined #salt
18:20 analogbyte iggy: well kvm is pretty capable, but (as every provider, I think) it's only doing networking for layer2, as layer3 requires filesystem interaction or a solution to dynamically set ip adresses from a external source
18:21 iggy there's an agent that could do it, but again it comes back to what hypervisors have what features, how well does salt-virt support them, etc.
18:31 chris-m joined #salt
18:31 otter768 joined #salt
18:31 faliarin joined #salt
18:34 chris-m good afternoon all
18:34 phpdave11 hello
18:35 chris-m anyone run into this scenario - master won't accept keys from some hosts? - this was a but in 2013 but it was suppose to be fixed
18:35 pdayton joined #salt
18:35 yomilk joined #salt
18:39 iggy what bug number?
18:40 speed145a joined #salt
18:44 ajw0100 joined #salt
18:44 chris-m hi iggy. I couldn't find the bug# :(    I will keep an eye on this.  hopefully it will crop up again
18:44 iggy what version are you running now?
18:44 CeBe1 joined #salt
18:46 FRANK_T chris-m yes... go to /etc/salt/pki/master/
18:46 FRANK_T Re-create the keys..
18:47 FRANK_T I had the same problem last week
18:47 FRANK_T I am using salt 2014.7.0 (Helium)
18:49 chris-m will try that. Thx Frank
18:53 FRANK_T chris-m  sorry here is the path /etc/salt/pki/master/minions
18:53 FRANK_T check if is there
18:54 FRANK_T if not /etc/salt/pki/minion    <------- minion client
18:54 FRANK_T restart the service
18:55 chris-m crts were there
18:55 MatthewsFace joined #salt
18:56 dooshtuRabbit joined #salt
18:56 FRANK_T re create the key.
18:57 bash1234123123 joined #salt
18:58 markm__ joined #salt
18:59 chris-m yup. did many times.  will keep an eye on this one.  it seems to be inconsistent when the mom is accessing minions between data centres
19:01 iggy you didn't mention what version you were running
19:01 chris-m salt-2014.7.0
19:03 iggy chris-m: are you using any kind of auto_accept, autosign, etc?
19:04 murrdoc http://docs.saltstack.com/en/latest/topics/tutorials/preseed_key.html
19:05 chris-m good to see so many people want to help: appreciate it!  thx murrdoc, iggy, frank
19:05 chris-m @iggy - checking on the auto_accept/sign
19:08 iggy it's not the default, so it's something you would have had to enable specifically
19:09 chris-m we are using open mode - used # Enable "open mode", this mode still maintains encryption, but turns off  # authentication, this is only intended for highly secure environments or for  # the situation where your keys end up in a bad state. If you run in open mode  # you do so at your own risk!  #open_mode: False
19:10 I3olle joined #salt
19:11 iggy I don't know if that was impacted
19:12 jY is Halite still the goto "dashboard" for salt?
19:12 clintber_ joined #salt
19:12 robm joined #salt
19:13 hal58th joined #salt
19:14 robm I am trying to install a minion on RHEL5 using either the bootstrap or from EPEL. They are both having problems with the the missing dependency python26-distribute. A quick search on Google shows it is an orphaned package. Is there a easy workaround to getting it installed?
19:14 timoguin joined #salt
19:14 rap424 joined #salt
19:15 FRANK_T Guys I am problems running  my sls I am getting this  Comment: State pkg.installed found in sls is unavailable
19:17 jY FRANK_T: run it in debug and see what its trying to do
19:17 FRANK_T ok
19:19 FRANK_T jY https://www.refheap.com/32a39f44e336b6c4653cd0599
19:19 jY FRANK_T: what distro?
19:19 FRANK_T Centos 6.5
19:20 jY pastebin your state file
19:20 FRANK_T salt 2014.7.0 (Helium)
19:20 FRANK_T ok
19:20 iggy jY: halite is dead, saltstack enterprise($) is working on a dashboard, and there's salt pad
19:21 iggy robm: can you install it with pip?
19:21 FRANK_T jY https://www.refheap.com/238f3e78f5cd88141ae3aac4f
19:21 MTecknology salt -v -b 10 '*' state.highstate | tee t  ... This should finish by tomorrow morning... maybe
19:21 jY iggy: ty.. whats a url to salt pad
19:22 iggy it's on github, don't the exact one off the top of my head
19:22 jY FRANK_T: replace names with pkgs
19:22 hobakill FRANK_T, i don't think you did that right.
19:22 hobakill yes, exactly what jY said
19:22 murrdoc https://github.com/tinyclues/saltpad
19:22 hobakill FRANK_T, http://docs.saltstack.com/en/latest/ref/states/all/salt.states.pkg.html (for reference)
19:22 jY murrdoc: thanks
19:23 murrdoc i mean no disrespect
19:23 murrdoc its the first result on google
19:23 murrdoc we needs a bot
19:23 murrdoc before iggy jumps on kubernotes
19:25 jY saltpad is.. i tried "salt pad"
19:25 thedodd joined #salt
19:26 murrdoc not your bad jY
19:27 murrdoc maybe we need a faq :D
19:27 druonysus joined #salt
19:27 druonysus joined #salt
19:29 johanek joined #salt
19:30 iggy chris-m: https://github.com/saltstack/salt/issues/19061 is why I was asking about auto_accept, etc... I'd say try 2014.7.1 and see if that fixes it for you (should only need it on the master)
19:31 chris-m thx iggy. will look into this. have a great day!
19:31 smithd joined #salt
19:32 steveoliver joined #salt
19:36 FRANK_T how do it disable salt modules?
19:37 FRANK_T I think that problem was that i was trying to create a module to do groupinstall
19:37 FRANK_T and I have a problem with the code.
19:39 robm Sorry it took me awhile to respond iggy. I am trying to install python-pip and I am not seeing that in the epel 5 repo.
19:41 robm I do see it in the 6 repo, but not in the 5.
19:42 zadock joined #salt
19:43 tempspace joined #salt
19:43 FRANK_T jY fixed, I wrote a customer module to do yum groupinstall
19:43 FRANK_T I had problem with the module
19:44 iggy robm: I don't know then... sounds like rhel5 is getting nearly impossible to maintain (because it was so easy before)
19:45 robm Yeah, seems like. Okay. I will see what else I can do. If anyone else has suggestions, please let me know.
19:51 beneggett joined #salt
19:53 iggy ugh, we have to live with rhel5 for 2 more years (and a couple months)
19:55 DammitJim joined #salt
19:55 DammitJim are the studies about how easy it is to manage Linux or Windows Servers with salt?
19:57 iggy that is probably wildly dependent on your ability to manage said systems without salt
20:03 jcsp joined #salt
20:04 ajw0100 joined #salt
20:05 jcsp1 joined #salt
20:12 chiui joined #salt
20:16 smithd joined #salt
20:21 ksj joined #salt
20:21 JPaul joined #salt
20:22 ksj how would you go about checking whether a file local to the master (i.e. in the master file server) is a file or a directory?
20:23 ksj ultimately, I want to loop over all files in a directory and if they are directories, loop over all files in the directory
20:24 nitti joined #salt
20:24 al214 joined #salt
20:25 al214 is halite dead?
20:28 Kelsar ksj: why would you do that?
20:29 Kelsar al214: as far as i know its getting rewritten from scratch, could be wrong
20:29 Cyis joined #salt
20:30 al214 ah gotcha, I read somewhere that it was dead. We're looking for a UI for Salt, and that was one of the options
20:31 Kelsar al214: tell me if you can get saltpad to run
20:31 Ahlee saltpad?
20:31 monkey66 joined #salt
20:31 * Ahlee googles
20:31 ksj Kelsar: hi. initially I had two separate loops for files and directories in the state. One uses file.recurse, the other uses file.managed. I want to combine them, and instead of using pillar data for the files, just loop over every file in the directory
20:31 al214 Actually just tried, and it doesn't seem to be working
20:32 Kelsar al214: yeah... same here
20:32 otter768 joined #salt
20:32 Ahlee we're working on releasing our UI soon, hopefully at saltconf
20:32 Kelsar ksj: sorry, i am new and probably just miss something, but are you tryying to just to transfer a whole dir tree?
20:33 aw110f joined #salt
20:33 ksj Kelsar: no, because if they're files, I want to template them
20:33 Kelsar ksj: ah
20:33 aw110f Hi, when I run cmd.run some minions return this:
20:34 aw110f ERROR: Specified cwd '.' either not absolute or does not exist
20:34 aw110f when I restart the minion cmd.run works again
20:34 aw110f I'm on 2014.1.13
20:35 Kelsar Ahlee: gimme a UI!
20:39 racooper joined #salt
20:42 aw110f joined #salt
20:45 Cyis I'm new to salt and running into a bit of a blockage trying to use gitfs_remotes with branches for environments. Running 'salt-run fileserver.envs' only shows 2 of 4 branches and trying to run a salt state against one of the 2 branches that aren't showing from the fileserver.envs call reports that the environment isn't found. I've tried a 'fileserver.update' and it still doesn't appear to update
20:45 DammitJim iggy, was that for me?
20:47 hal58th aw110f Have you tried different commands? Did you search saltstacks git hub for issues?
20:48 jalaziz joined #salt
20:49 hal58th ksj you can use templating with file.recurse. Did you see that was an option?
20:52 daflef joined #salt
20:52 daflef joined #salt
20:52 daflef howdy salt folks. anyone know of some good articles chef vs puppet vs salt vs ansible?
20:53 daflef joined #salt
20:53 anteaya joined #salt
20:56 hal58th daflef don't have anything recent. Keep a look for articles within the last 6 months. Salt has salt-ssh out of beta and salt-cloud has gotten better within that time. Two major releases
20:56 daflef thanks! I have chef experience, but they released 12 and now it doesn't work with knife, which is making me nervous. also want to get a good look for what is out there before i deploy on our growing infra
20:57 daflef I might go with ansible since it is agentless.
20:57 hal58th salt-ssh is also agentless
20:57 berserk joined #salt
20:57 hal58th but does require your user to have passwordless sudo. Ansible does not have that requirement
20:58 badon joined #salt
21:00 druonysuse joined #salt
21:01 daflef i see. thank you!
21:02 diegows joined #salt
21:02 spookah joined #salt
21:03 spookah joined #salt
21:03 Ryan_Lane can anyone think of a reason I shouldn't have an external pillar configure itself using __salt__['config.option'] ?
21:04 Ryan_Lane I'm writing an external pillar and want it to configure itself using pillars, if they are available
21:04 Ryan_Lane if I use config.option, it'll look in the minion config, the pillars, etc.
21:06 Cyis okay so I got my branches to show up by restarting salt-master... should I have to do that for any new branch created for a gitfs_remote repo?
21:07 tracphil joined #salt
21:08 johtso joined #salt
21:09 tracphil If I have 20 serers and I want to apply the same ntp.conf to all of them but one, how would I go about that when not using the cli to run the commands?
21:09 ksj hal58th: nope....missed that. serves me right for copy pasting from formulas without scrutinising the docs. thanks
21:09 forrest joined #salt
21:15 hal58th Cyis, any time you make a configuration change, you will need to restart the master (or minion if you did it there)
21:16 Cyis hal58th: I hadn't made any change to the salt-master config... I only pushed a new branch to the git repo that the salt-master config pointed to
21:17 hal58th tracphil when you do compound matching, you can say "not hostname" http://docs.saltstack.com/en/latest/topics/targeting/compound.html
21:17 tracphil hal58th: very nice, thanks for the link!
21:17 hal58th Cyis, never used gitfs, so I am not sure then. Sorry maybe someone else knows
21:19 jalaziz joined #salt
21:19 gladiatr joined #salt
21:19 gladiatr joined #salt
21:23 hal58th Cyis after re-reading your question. I am going to say yes, you will have to restart your salt-master to get new branches/environments. I know you have to restart salt-master to get new environments to show up, without using gitfs
21:24 Cyis well that sounds like it really defeats the purpose entirely then
21:25 hal58th Not really, I wouldn't think you had to change your environemts that often. Once the branch is created, then salt-master will detect all changes within that branch from then on
21:25 Cyis hal58th: if I looked under the cache directory I could see it had updated the repo and knew of the new branch... it just wasn't recognizing it as a valid environment
21:27 hal58th Cyis, yeap. A new environment requires a salt-master restart. It's loading the config at startup. Sorry, but that's the way all config changes are and that ones no different, even through gitfs
21:29 sastorsl joined #salt
21:29 sastorsl hi
21:29 daflef whaddup sas
21:30 sastorsl How would I write a state to juste _test_ if a directory exists, so that i can use it in a "require" in a following state?
21:30 sastorsl Or, what I really want: If the directory does not exist, proceed. Something similar to archive.exctracteds "if_missing"
21:31 hal58th "file.exist" state
21:31 sastorsl doh, there it is.
21:31 sastorsl Sometimes you stare until you're blind...
21:31 robawt quick question: can we limit yum making a cache for every highstate?
21:32 hal58th sastorsl you probably want to use "unless" requisite. Make sure you are on 2014.7.0 or higher. http://docs.saltstack.com/en/latest/ref/states/requisites.html#unless
21:32 meylor joined #salt
21:35 sastorsl hal58th: Thx, we're on 2014.7
21:39 hasues joined #salt
21:39 hasues left #salt
21:43 twellspring joined #salt
21:49 yetAnotherZero joined #salt
21:49 iggy DammitJim: yes
21:49 markm_ joined #salt
21:50 smithd joined #salt
21:54 DammitJim well... I am trying to decide if salt is for me
21:54 DammitJim vs puppet or chef
21:54 DammitJim I know nothing about any of these
21:54 murrdoc it is
21:54 DammitJim but I don't know why I am leaning towards salt
21:54 murrdoc cos u like python
21:54 murrdoc and ruby is scary
21:54 DammitJim thanks for the encouraging words murrdoc  ;)
21:54 DammitJim I do love python, how did you know that?
21:54 DammitJim I actually don't know Ruby
21:54 murrdoc damnit is your first name
21:54 DammitJim ... Jim!
21:55 DammitJim the only concern I have is in terms of cross platform problems
21:55 hal58th Salt is the new hotness. It's so damn perty(sic).
21:55 DammitJim talking to Windows 2003 servers vs Red Hat 6, vs Red Hat 5, etc
21:55 DammitJim hal58th, it's been the new hotness for a year and a half for me
21:56 DammitJim just haven't had time to set up a lab to play with it
21:56 DammitJim someone brought up to my attention puppet and I was like... there is no way I'm implementing that!
21:56 Ahrotahntee Damn it Jim, I'm a sysadmin, not a magician!
21:56 murrdoc google ryan lane python salt
21:56 murrdoc its a good read
21:56 DammitJim so, I understand it is recommended to run the same version of salt on all the minions and master, right?
21:57 DammitJim thanks murrdoc certainly appreciate it!
21:57 hal58th It gets better and better very quickly. Just need to iron out a few things. But it's so powerful.
21:57 hal58th Salt-master needs to be on a higher or same version than minions.
21:57 DammitJim can the minions be different versions like on Red Hat 5 vs Red Hat 6?
21:57 DammitJim or is it recommended to install from sources vs yum?
21:58 smithd joined #salt
21:58 hal58th Yes. Minions don't care. But to take advantage of newer features, you want to be on latest. Also more stable. Not sure how old the versions are on yum. I'm debian only
21:59 druonysus joined #salt
22:00 iggy that's not always true
22:00 hal58th hal58th, mostly true
22:00 tligda1 joined #salt
22:05 mosen joined #salt
22:08 cberndt joined #salt
22:11 DammitJim so, what would you guys recommend I do to get started? I need to be able to show this to convince people this is the tool we need
22:11 DammitJim I am mostly looking at configuration management with a trail so I know who put what and where
22:11 StDiluted joined #salt
22:11 mikeywaites joined #salt
22:13 jalaziz joined #salt
22:13 iggy I'd mess around in some VMs first. Build something that you already know how to build manually, but do it using salt
22:14 iggy I never like following tutorials that have nothing to do with what I know or am interested in
22:14 iggy trust me, my first 3 salt installs were complete crap and I threw them all away
22:15 iggy and one thing I wish I had been told when I was getting started: There is no "right" way to do something with salt
22:15 DammitJim yeah, it has to make sense to the people I'm showing it to
22:15 iggy I kept trying to find docs that were like, "this is how you do such-and-such"
22:15 CeBe1 joined #salt
22:16 iggy and it's more like, you have a couple ways you could do something that are all equally right, just do what makes the most sense to you
22:16 Me123 joined #salt
22:17 DammitJim what stinks is that I'm probably going to have to set up a different OS for the master (I like Debian) but they don't like it here
22:17 cpowell joined #salt
22:18 smithd joined #salt
22:19 conan_the_destro joined #salt
22:19 arno joined #salt
22:20 notbmatt joined #salt
22:20 iggy as long as it's not Windows or old enough to ride in the front seat you should be fine
22:22 berto- joined #salt
22:24 arno___ joined #salt
22:26 Ahlee iggy: ain't that the truth RE: there's no "right" way to do it
22:27 jalaziz_ joined #salt
22:29 DammitJim iggy, it is Windows!
22:29 DammitJim that's my problem
22:29 iggy I meant for the master
22:29 iggy minions are fine
22:30 DammitJim oh ok
22:30 DammitJim great
22:30 DammitJim thanks guys
22:31 whytewolf bordem strikes :/ just wrote the most simple formula to patch a redhat box, based on a pillar with a list of CVE's in it.
22:33 otter768 joined #salt
22:35 tligda joined #salt
22:37 smithd joined #salt
22:38 tligda1 joined #salt
22:38 jalaziz joined #salt
22:39 Ahlee nice
22:41 bhosmer joined #salt
22:43 tligda joined #salt
22:44 jalaziz_ joined #salt
22:51 kermit joined #salt
22:53 SpeeR_ can someone point me to what is happening behind the scene when I try to use tab completion in a salt cli command?
22:55 aw110f hal58th: I tried different commands same thing, very simple "ls /tmp"
22:55 Kelsar SpeeR_: if use bash, most probably bash completion
22:56 aw110f hal58th: https://github.com/saltstack/salt/issues/7928 seems to be related to my issue
22:57 SpeeR_ so if I type this and hit tab... salt 'qa05svc1*' state.sls defe<tab> I lose access to the console, and a salt-run job is started
22:57 murrdoc do u have bash completion installed
22:57 iggy I've only ever seen zsh completion files
22:58 iggy but yeah, relying on salt command output to tab complete salt sounds like a terrible idea
22:58 murrdoc is scary
22:58 murrdoc https://github.com/saltstack/salt/issues/9051
22:58 iggy *complete salt commands
23:00 iggy eww, thank flying spaghetti monster that's not suggested in the docs
23:00 seanz joined #salt
23:00 tligda joined #salt
23:01 TheoSLC joined #salt
23:01 hal58th not sure if it's the same or not aw110f
23:01 dusel w
23:02 murrdoc you have unsaved changes, use w!
23:07 hal58th w writes and ! forces. You are thinking of q :P
23:07 murrdoc pssh
23:07 murrdoc x!
23:07 murrdoc i trust what i wrote
23:08 murrdoc also salt '*' state.highstate
23:08 murrdoc is my bufwrite command
23:08 murrdoc (so not true)
23:10 jalaziz joined #salt
23:10 forrest joined #salt
23:12 manytrees joined #salt
23:13 jalaziz joined #salt
23:17 kwmiebach joined #salt
23:18 spicyWith joined #salt
23:18 gyre007 joined #salt
23:19 iggy aside from editing my states/pillars, I can't remember the last time I used an editor on a config file
23:19 schlueter joined #salt
23:20 kwmiebach joined #salt
23:20 gyre007 joined #salt
23:21 yomilk joined #salt
23:21 jalaziz joined #salt
23:22 robm In case anyone is looking for a solution for installing the minion on RHEL5 (since python-distribute is missing from the EPEL 5 repo), salt-ssh works great.
23:22 robm as an easy alternative that is.
23:23 simonmcc joined #salt
23:23 hal58th1 joined #salt
23:23 timoguin joined #salt
23:24 EWDurbin joined #salt
23:27 whytewolf https://github.com/whytewolf/salt-rsp-formula <=- in case some one wanted fun ripping apart my crappy salt formula
23:27 wiqd_ joined #salt
23:29 codekobe joined #salt
23:29 MattHardcastle joined #salt
23:34 moderation joined #salt
23:34 jay_d joined #salt
23:34 manytrees joined #salt
23:40 Ryan_Lane joined #salt
23:41 twellspring joined #salt
23:43 murrdoc not sure what it does
23:43 aw110f joined #salt
23:44 murrdoc if its useful u should genericize it they recommend in saltstack-formulas on github.com
23:45 whytewolf basicly takes a list of CVE's from a pillar. checks the changelog that is in rpm and sees if that CVE has already been applied. if not, run an update on that package
23:46 nitti joined #salt
23:48 whytewolf it was an interesting thought. but not something i would put into salt formulas.
23:48 ajw0100 joined #salt
23:50 whytewolf [mainly cause it out right breaks rule 6.22.2.3.2.5]
23:55 bhosmer_ joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary