Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-02-04

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 Cerales joined #salt
00:01 Cerales I have an archive.extracted state that is faling with "tar: '/var/cache/salt/minion/files/development/_opt_jre1.8.0_05_.tar': Cannot open: No such file or directory". Anyone know what this could be? I've fiddled with all the possible tar_options. Checking the cache folder I can see that the file is there.
00:01 conan_the_destro joined #salt
00:01 Ryan_Lane joined #salt
00:04 whytewolf Cerales: care to post the state?
00:05 Ryan_Lane joined #salt
00:06 ALLmight_ joined #salt
00:09 elfixit joined #salt
00:09 TyrfingMjolnir joined #salt
00:09 tligda joined #salt
00:12 tligda1 joined #salt
00:12 murrdoc http://linux.slashdot.org/comments.pl?sid=6891595&cid=48968147
00:16 spicyWith joined #salt
00:21 Cerales whytewolf: here is the state where archive.extracted fails, and the error too https://gist.github.com/DanielBryan/7466a35d1b4f82eac7c8
00:23 Cerales i'm running 2014.7.1
00:24 iggy I want to say someone was having a similar issue and filed a bug the other day
00:30 Cerales hmm
00:31 KyleG joined #salt
00:31 KyleG joined #salt
00:31 whytewolf yeah that defintly looks like a bug. the state looks correct.
00:33 iggy stevednd: archive.extracted error: ever find a fix?
00:34 otter768 joined #salt
00:34 iggy Cerales: that's who was having the issue prior (hooray irc logs going back 8 years)
00:34 smkelly hmm, the freebsdkmod module lacks a mod_list() so the kmod.present state barfs
00:35 mohae joined #salt
00:41 alexhayes I'm trying to use archive.extracted with a tar.gz and I'm wondering if perhaps there have been changes to the way tar_options is used? Previously I had 'z --strip-components=1' but now I'm getting an error for the formula which says: tar: invalid option -- ' '
00:42 yomilk joined #salt
00:44 alexhayes (note this is using a fresh salt-master/minion from ppa:saltstack/salt)
00:45 nitti joined #salt
00:46 Cerales iggy: whytewolf: Looks like, although 2014.7.0 needed the tar_options, 2014.7.1 doesn't. I removed them with a conditional thing based on the saltversion in grains and it works.
00:47 aurynn "how would I do this in augeas... oh there's already a state, never mind."
00:47 aurynn ^- my life, sometimes
00:47 alexhayes I can see in the minion's logs: Command ['tar', 'x --strip-components=1', '-f', "'/var/cache/salt/minion/files/base/_tmp_test_.tar'"] failed with return code: 64
00:49 alexhayes Seems 13 days ago there was this change - https://github.com/saltstack/salt/commit/c727e55a7f6d8e7e9bbef2da79243b267ce2d49f#diff-17ddb658f8cacc3983d7e0e56eb4036c
00:49 iggy alexhayes: the docs say don't add the main operators (-x, etc)
00:51 alexhayes iggy: I'm not adding the z now (although previously I had it there and it worked). I now have tar_options: " --strip-components=1"
00:51 iggy should be enough tbh
00:51 Ryan_Lane joined #salt
00:52 iggy most tar's these days are smart enough to figure out what decompressor to run it through
00:52 alexhayes iggy: yes, the z is not a problem, if I don't put any tar_options it extracts fine. The thing is, I need to put in --strip-components=1
00:53 alexhayes iggy: Checking to see how close ppa:saltstack/salt is to https://github.com/saltstack/salt@master
00:54 alexhayes iggy: because it looks like that commit above should fix the issue I'm having, at least the text used in the commit states that anyway...
00:59 alexhayes iggy: seems the version installed via ppa is: salt-call 2014.7.1 (Helium)
00:59 alexhayes Looks like I need to upgrade to master
01:02 primechuck joined #salt
01:02 __number5__ in archive.extracted I can't get if_missing work since 2014.7.0
01:03 echtish joined #salt
01:04 alexhayes __number5__: It *was* previously working for me, but I unfortunately can't tell you on what version as I blew that machine away.
01:05 dangra joined #salt
01:05 jerematic joined #salt
01:06 __number5__ alexhayes: I'm pretty sure it works in 2014.7.0rc5 or rc6
01:07 alexhayes I'll be able to tell you shortly once I get git master installed
01:09 dangra hello, I need advice on how to manage salt states when you are a team of 2 or more developers making changes and applying states.
01:11 dangra so far I was alone managing ~200 servers with a single salt master, /srv/salt and /srv/pillars are git repositories, so I make changes, apply them, commit and push if good.
01:11 bhosmer_ joined #salt
01:12 dangra but now I want to let someone else to be involved in setup and administration of servers, any tips or recommendations on how manage this?
01:13 aurynn get a development environment
01:14 dangra a development env per team member?
01:18 aurynn more expanded, this is a "how do we develop software" question. it will be particular to your environment, but a process of >1 person will require an environment where changes can be tested in isolation before they're merged into the main tree
01:19 primechuck Has anyone ever integration some type of discovery process with the minion to find the master, like multicast scripts or zookeeper
01:20 aurynn primechuck, I've looked at using consul for that
01:20 forrest joined #salt
01:20 aurynn but not deployed anything
01:20 primechuck consul looked interesting, but it looks more like service discovery than node+service discovery.
01:20 aqua^mac joined #salt
01:22 dangra Vagrant for local development env is an option, although I doubt I can replicate the complete setup locally.
01:22 aurynn dangra, 200+ servers would be quite a lot of replication. But, some way to test is kind of essential when you have more people
01:24 jalaziz joined #salt
01:25 dangra thanks aurynn , I will think on it.
01:26 Furao joined #salt
01:28 primechuck The process we have right now is a package that includes its master configuration, but for more scaling it would be handy to have it integrated into node discovery since we use salt as our service/configuration management.
01:29 primechuck Node discovery I wouldn't image would be something people like :)
01:32 dangra primechuck: I don't get it, you want to locate the master(s) from the minions. In that case register salt-master as a consul service so minions can query its local consul-agents to find master service
01:33 dangra if you don't want to run the consul agent in minions, then use DNS (with dns failover) pointing to 2 forward proxies whose configuration is updated from consul (I use consul-template)
01:36 dangra disclaimer: I don't use consul for salt but I do use it for similar stuff
01:38 primechuck Not in control of DNS, as of yet.  Was thinking more of some type of broadcast so when a minion came up, it could find a masters location.
01:38 Zachary_DuBois joined #salt
01:38 mdasilva joined #salt
01:44 thehaven joined #salt
01:51 ALLmightySPIFF joined #salt
01:58 Nazzy joined #salt
01:59 aw110f joined #salt
02:01 theologian joined #salt
02:09 jhauser_ joined #salt
02:15 jerematic joined #salt
02:18 mikkn joined #salt
02:22 ckao joined #salt
02:22 evle joined #salt
02:26 murrdoc joined #salt
02:27 decci joined #salt
02:27 decci How to configure multiple master
02:27 decci I have 1 master and 2 minion ready
02:27 decci Any link or reference
02:27 decci I am running CentOS 6.5
02:28 viq joined #salt
02:28 andrej Is it possible to watch several files with a watch condition within a state?
02:28 murrdoc i d rather use watch_in andrej
02:28 aurynn andrej, watch is a list, so yes
02:28 aurynn also see murrdoc
02:28 andrej thanks murrdoc and aurynn :)
02:29 murrdoc so the various file.managed states can independantly notify the service state
02:29 murrdoc personal preference
02:29 murrdoc listen_in is even better
02:30 andrej I'll dig doco for that up, thanks murrdoc
02:30 murrdoc http://docs.saltstack.com/en/latest/ref/states/requisites.html
02:31 andrej Yup, found that
02:33 andrej so, I still have a list of watched files ...
02:33 andrej Looks good, though
02:33 otter768 joined #salt
02:33 murrdoc make the service name a pillar or use the state
02:33 murrdoc why ?
02:33 murrdoc cause if u are ok with 'reload' instead of restart you would want to enable that
02:34 murrdoc and alll that funs
02:34 kevops joined #salt
02:34 andrej I am about to push several config files for splunk via salt
02:35 andrej and if any of those change the splunk forwarder needs to be restarted (reload won't do).
02:36 schlueter joined #salt
02:37 andrej In apache on debian (and derivatives)  speak, imagine I need to do something if anything changes in site-enabled or modules-enabled
02:38 ALLmightySPIFF joined #salt
02:39 schlueter1 joined #salt
02:41 twellspring joined #salt
02:45 mosen joined #salt
02:45 schlueter joined #salt
02:47 Zachary_DuBois joined #salt
02:49 MatthewsFace joined #salt
02:49 aurynn if I'm using the orchestrate runner, that won't have access to pillar data, will it?
02:53 tligda joined #salt
02:53 druonysus joined #salt
02:53 druonysus joined #salt
02:57 stanchan joined #salt
02:59 markmarine joined #salt
03:01 andrej Hmmmm
03:01 andrej http://pastebin.com/ntXWxShj
03:02 andrej gives me the following error after "tell_master" http://pastebin.com/DyHyQAbg
03:05 tligda joined #salt
03:06 markmarine joined #salt
03:11 fragamus joined #salt
03:11 tligda joined #salt
03:13 spicyWith joined #salt
03:15 fishbowl joined #salt
03:16 markmarine joined #salt
03:17 fishbowl Hey, I'm very new to salt and there's one thing I can't wrap my head around: How is the master server authenticated against the minion? What prevents anyone from replacing the master while the minion isn't looking?
03:26 clintberry1 joined #salt
03:27 favadi joined #salt
03:29 micko joined #salt
03:29 andrej fishbowl : slightly dated, but as far as I know still valid:  https://salt.readthedocs.org/en/v0.12.1/topics/specs/salt_auth_proto_abs.html
03:29 andrej When they first "meet" they exchange keys
03:29 andrej subsequent comms won't work if either ones key changed
03:30 fishbowl Hrm ok, so trust on first use
03:32 fishbowl hrm no, reading that it sounds like a changed master isn't an error condition but rather the client reauthenticates
03:33 fishbowl and will proceed to trust any key the server presents
03:37 jalaziz joined #salt
03:38 andrej Um, no, the AES keys for the ongoing comms can change,
03:38 andrej the RSA key doesn't
03:41 fishbowl ah you're right
03:45 fishbowl It just feels a little weird that there's no config for the master's pubkey.
03:51 fishbowl I guess I can manually put the .pub file there
03:54 fishbowl Thanks andrej
03:54 fishbowl left #salt
03:56 ajw0100 joined #salt
03:57 Hipikat joined #salt
03:59 _JZ_ joined #salt
04:02 quickdry21 joined #salt
04:02 dooshtuRabbit joined #salt
04:04 jerematic joined #salt
04:29 alexhayes I'm attempting to install a minion with the bootstrap one liner (ie.. https://github.com/saltstack/salt-bootstrap#installing-via-an-insecure-one-liner) and it's failing. Essentially I get the following 'WARN: Upstart does not appear to know about salt-minion' and then shortly after I get 'ERROR: salt-minion was not found running' etc..
04:30 tkharju joined #salt
04:30 alexhayes Is salt-bootstrap supposed to create upstart scripts?
04:33 jY i'm doing a salt-call mine.flush on a node and if i do a mine.get old data is still there
04:48 yetAnotherZero joined #salt
04:49 fragamus joined #salt
04:49 kermit joined #salt
04:51 twellspring joined #salt
04:51 dooshtuRabbit1 joined #salt
04:53 __number5__ alexhayes: latest git version won't. you need to copy it yourself from the source
04:53 alexhayes __number5__: is that something that is going to be fixed?
04:53 alexhayes or by design?
04:55 __number5__ I'm not sure, but if you install stable version already in ppa it should be fine
04:55 __number5__ e.g. 2014.7.1
04:55 dooshtuRabbit joined #salt
04:56 alexhayes The salt-bootstrap read states "Before Salt can be used for provisioning on the desired machine, the binaries need to be installed." - is this referring to the specific platform packages? ie.. apt-get install salt-minion?
04:57 alexhayes __number5__: that's the thing though, it's not fine, it has the issue I was experiencing early with archives (the tar options not being handled correctly)
05:00 __number5__ alexhayes: yep. my current workaround in 2014.7.1 is removed both tar_options and if_missing, and it works
05:01 otter768 joined #salt
05:01 dooshtuRabbit joined #salt
05:04 dooshtuRabbit joined #salt
05:04 alexhayes __number5__: Unfortunately I can't remove the tar_option - at least not without a bunch of stuffing around
05:07 ropes joined #salt
05:08 __number5__ alexhayes: another way around is to use old version of archive module/state as your custom module/state
05:14 ropes joined #salt
05:19 mosen joined #salt
05:36 mdupont joined #salt
05:37 Furao joined #salt
05:44 TheThing joined #salt
05:46 gladiatr joined #salt
05:47 ramteid joined #salt
05:53 jerematic joined #salt
05:57 bhosmer_ joined #salt
06:13 nethershaw joined #salt
06:24 calvinh joined #salt
06:31 mikeywaites joined #salt
06:36 krelo joined #salt
06:37 keeth joined #salt
06:39 catpiggest joined #salt
06:41 gladiatr joined #salt
06:41 gladiatr joined #salt
06:42 zphds joined #salt
06:43 zphds Guys, is there a way to invoke a single .sls file?
06:43 zphds using salt-ssh
06:49 CeBe joined #salt
06:49 mosen does state.sls slsfile work in salt-ssh?
06:52 stevednd iggy: no, just ended up doing a manual process of file.managed to get the tarball, and then a cmd.wait to extract it
07:04 I3olle joined #salt
07:09 AndreasLutro joined #salt
07:11 otter768 joined #salt
07:14 flyboy joined #salt
07:15 colttt joined #salt
07:21 colttt joined #salt
07:25 mikeywaites joined #salt
07:29 nethershaw joined #salt
07:31 toanju joined #salt
07:32 evle Is there any tool/option to check sls syntax? I'm new to salt/jinja/yaml and often get stupid syntax error. How could I debug where I screwed?
07:33 nkuttler evle: jinja or yaml errors? there are yaml linters, but i'm not aware of anything for both
07:34 nkuttler evle: if you run the minions with the debug flag you get a dump of the yaml though
07:36 nkuttler i also find salt-vim useful, syntax highlighting
07:36 evle In current case yaml. salt says "Pillar failed to render" and gives sls with error, but no further details. I understand I did something wrong but I can't find where in file.
07:37 nkuttler evle: run the minion with -l debug if necessary and check the output
07:37 fragamus joined #salt
07:38 evle It's already in debug. And it's on master's side.
07:40 chiui joined #salt
07:40 AndreasLutro sometimes you have to scroll pretty far up to find the actual error, in my experiene
07:40 AndreasLutro experience*
07:41 jerematic joined #salt
07:42 KermitTheFragger joined #salt
07:43 Linuturk joined #salt
07:43 Linuturk joined #salt
07:45 felskrone joined #salt
07:45 clintberry1 joined #salt
07:47 Andre-B joined #salt
07:50 slafs joined #salt
07:50 slafs left #salt
07:54 egil evle: allthough its "for ruby", I find this one quite useful: http://www.yamllint.com/
07:54 egil and its much easier to see if you have a syntax error there, rather then using debug. imo
07:57 Auroch joined #salt
08:00 Furao joined #salt
08:02 twellspring joined #salt
08:04 twellspr_ joined #salt
08:07 lb1a joined #salt
08:09 zadock joined #salt
08:11 bash1234123123 joined #salt
08:12 jcsp joined #salt
08:19 eseyman joined #salt
08:21 kawa2014 joined #salt
08:25 twellspring joined #salt
08:26 jtang joined #salt
08:30 krelo_ joined #salt
08:31 intellix joined #salt
08:39 Andre-B joined #salt
08:40 bluenemo joined #salt
08:44 cYris212 joined #salt
08:55 krelo joined #salt
08:57 trikke joined #salt
08:58 shorty_mu joined #salt
08:59 saf joined #salt
08:59 saf how to play?
09:00 teogop joined #salt
09:04 karimb joined #salt
09:06 bash1234123123 joined #salt
09:06 smithd_ joined #salt
09:10 markm_ joined #salt
09:12 otter768 joined #salt
09:13 monkey66 left #salt
09:16 evle Can I somehow get a tree of available sls?
09:16 dkrae joined #salt
09:19 dalin joined #salt
09:21 dalin "--return mysql" doesn't work. pls help
09:22 Furao dalin: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.cp.html#salt.modules.cp.list_states
09:23 dalin http://paste.ubuntu.com/10050590/  here is my log
09:25 jhauser joined #salt
09:27 markm_ joined #salt
09:30 jerematic joined #salt
09:33 jtang joined #salt
09:35 intellix joined #salt
09:36 paulm- joined #salt
09:36 ninkotech joined #salt
09:38 fredvd joined #salt
09:40 CeBe joined #salt
09:41 JDog joined #salt
09:46 CeBe joined #salt
09:48 Grokzen joined #salt
09:51 iwishiwerearobot joined #salt
09:53 nafg_ joined #salt
10:02 VSpike What are the use cases of syndic vs redundant master?
10:04 VSpike I can see that syndic allows more complex graphs .. many levels of hierarchy
10:05 VSpike In my case I have two sites .. colo and AWS. Colo already has a master and it's open to the net to allow dev/test in the cloud. If I want to start building more serious stuff on AWS I probably don't want everything to have a public IP which means I need some kind of master-like-thing in AWS
10:06 TyrfingMjolnir joined #salt
10:06 VSpike I was thinking syndic would be ultra simple but if I have to sync the files anyway to make syndic work surely I'm nearly to a redundant master anyway
10:06 VSpike And redundant master would mean the sites could be independant
10:22 jeddi joined #salt
10:30 tomh- joined #salt
10:32 TyrfingMjolnir joined #salt
10:37 giantlock joined #salt
10:48 TyrfingMjolnir joined #salt
10:49 bash1234123123 good morning, is there anyway to get the local ip of the master if there is no minion running ?
10:53 che-arne joined #salt
10:56 intellix joined #salt
10:57 TyrfingMjolnir joined #salt
11:00 VSpike bash1234123123: dns?
11:03 moncky joined #salt
11:06 zadock joined #salt
11:10 N-Mi joined #salt
11:12 tom_ joined #salt
11:12 evle1 joined #salt
11:13 otter768 joined #salt
11:13 Guest53090 Hi, can i access salt  master from my local system?
11:14 Guest53090 i can ssh that salt-master server. But i want to controll salt-master from local system
11:16 vectra joined #salt
11:19 jerematic joined #salt
11:19 t0rrant joined #salt
11:22 evle1 Guest53090: through api probably. But you still need to edit configs somehow.
11:25 moncky Hey, having a look at salt coming from puppetland, am i correct in understanding that a salt state is analogous a puppet module?
11:27 Guest53090 evlel: Thank you.
11:28 johtso joined #salt
11:30 sfxandy joined #salt
11:30 sfxandy hi everyone .  am trying to get some information on SaltStack enterprise costs - even ballpark figures would be useful...
11:30 N-Mi joined #salt
11:31 monkey66 joined #salt
11:32 calvinh joined #salt
11:34 workingcats joined #salt
11:39 giantlock joined #salt
11:40 monkey661 joined #salt
11:45 bhosmer joined #salt
11:45 jalaziz_ joined #salt
11:45 iwishiwerearobot joined #salt
11:51 CeBe1 joined #salt
11:52 calvinh_ joined #salt
11:56 bash1234123123 VSpike : you will have to give me more then just a hint of some service
11:57 diegows joined #salt
12:01 ralala joined #salt
12:06 bhosmer joined #salt
12:12 AlexStraunoff joined #salt
12:12 mtanski_ joined #salt
12:12 twellspring joined #salt
12:13 lynxman joined #salt
12:13 vexati0n_ joined #salt
12:14 rogst_ joined #salt
12:15 tmmt joined #salt
12:15 cYris212_ joined #salt
12:15 t0rrant_ joined #salt
12:15 nikogonz1 joined #salt
12:16 nahamu_ joined #salt
12:16 xtalk joined #salt
12:16 heise_ joined #salt
12:16 stooj_ joined #salt
12:16 colttt_ joined #salt
12:17 samed_ joined #salt
12:18 bretep` joined #salt
12:20 esogas_ joined #salt
12:20 samed joined #salt
12:21 xsteadfastx joined #salt
12:21 nyov joined #salt
12:21 randomus` joined #salt
12:21 xDamox joined #salt
12:21 rome_390 joined #salt
12:21 mitsuhiko joined #salt
12:22 bhosmer joined #salt
12:25 ramteid joined #salt
12:27 alexhayes joined #salt
12:27 VSpike joined #salt
12:28 monokrome joined #salt
12:28 jpaetzel joined #salt
12:28 jab416171 joined #salt
12:28 DaveQB joined #salt
12:29 flebel joined #salt
12:29 jab416171 joined #salt
12:29 pduersteler joined #salt
12:31 JDog I just want to say that genuinely the docs for salt are properly good.
12:32 pduersteler hi all. I'm struggling with trying to create a quota state. apparently, the docs are not really up to date. anyone here having it up and running? My try so far: https://gist.github.com/pduersteler/d3def5f4c8ac698d063e
12:35 jerematic joined #salt
12:35 Xiol32 joined #salt
12:37 Xiol32 hi guys. I'm trying to get to grips with the Salt API, specifically to run commands over SSH. I've got my roster configured and can run salt-ssh fine from the command line, but i'm having trouble doing it through the API. trying to make the request as detailed in the documentation (http://bit.ly/1z9zhPs) keeps giving me a 401 error with "No permission -- see authorization schemes". I've tried going against what
12:37 Xiol32 the docs say and doing login/sending X-Auth-Token headers but that doesn't work either. Any ideas?
12:40 intellix joined #salt
12:42 mitz27 joined #salt
12:43 moncky I am following the basic state tutorial to install apache, when I run salt '*' state.highstate it returns a failure, however the packages are installed
12:43 moncky I have purged them and get the same result
12:44 moncky the logs show Command 'apt-get -q update' failed with return code: 100 stderr: E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable)
12:44 moncky and it also suggest that the ile /var/lib/apt/lists/ftp.uk.debian.org_debian_dists_wheezy_main_binary-amd64_Packages file is missing though it is present
12:45 moncky what is going on, shouldn't it report at least that the package is insatlled if it is?
12:45 moncky so basically I have a salt master that is reporting that a sucessful action was not sucessful
12:48 I3olle joined #salt
12:50 bash1234123123 joined #salt
12:51 iwishiwerearobot joined #salt
12:52 monkey661 left #salt
12:58 elfixit joined #salt
12:58 jerematic joined #salt
13:04 jesusaurus joined #salt
13:06 mitz27 Is it possible to run reactors synchronously ?  By default when I declare two reactors for a single event, it exectues asynchronously . Kindof requisite declaration which I could use in master config file  ? Is it possible or any other way ?
13:06 TyrfingMjolnir joined #salt
13:11 bhosmer_ joined #salt
13:14 otter768 joined #salt
13:16 jtang joined #salt
13:20 Andre-B_ joined #salt
13:23 nitti joined #salt
13:26 bhosmer joined #salt
13:30 GabLeRoux joined #salt
13:35 paulm- joined #salt
13:40 CeBe joined #salt
13:42 paulm- joined #salt
13:43 karimb joined #salt
13:44 TyrfingMjolnir joined #salt
13:44 CeBe1 joined #salt
13:45 mpanetta joined #salt
13:47 keeth joined #salt
13:48 bostonq joined #salt
13:51 cpowell joined #salt
13:56 bostonq good morning. I try to use runner custom module with reactor. when I run using salt-run test.foo, I got the correct response back "Hello World", but when I use this from reactor, I got error [DEBUG   ] Results of YAML rendering:  OrderedDict([('minion_destroyed_test', ['runner.test.foo'])]) [ERROR   ] Failed to render "/srv/salt/minion_destroyed.sls,
13:58 bostonq any example on how to use runner custom module with reactor? my salt version is 2014.7.0, thanks
14:00 jeremyr joined #salt
14:01 intellix joined #salt
14:01 elfixit1 joined #salt
14:02 andrew_v joined #salt
14:04 akafred joined #salt
14:04 seanz joined #salt
14:05 markizano joined #salt
14:07 vbabiy joined #salt
14:07 subsignal joined #salt
14:09 nitti joined #salt
14:16 wincus joined #salt
14:17 bigl0af joined #salt
14:18 jespada joined #salt
14:19 jtang joined #salt
14:21 mitz27 @bostonq -  Is 'runner_dirs' updated in the master conf file ?
14:22 abe_music joined #salt
14:24 aw110f joined #salt
14:25 yomilk joined #salt
14:25 bostonq yes, runner_dirs is being set.
14:26 mitz27 @moncky : you can delete the lock file once and check if that fix the issue . sudo rm /var/lib/apt/lists/lock & sudo rm /var/cache/apt/archives/lock. Do this and try running the command once
14:27 ]V[ joined #salt
14:27 moncky mitz27: yeah I did that and it worked, but the issue keeps re-occuring
14:27 moncky so i clear the lock file, run works then its back to failing again
14:28 lz-dylan_ /nick lz-dylan
14:28 lz-dylan_ roops.
14:28 lz-dylan and that's my typing skills. hi folks.
14:30 aw110f_ joined #salt
14:33 mitz27 @bostonq : some process in background might be the problem here by using apt try ps aux | grep apt if you see an apt-get process or an aptitude process that looks stuck, do kill that kill PID and try once again running the command
14:33 brayn joined #salt
14:38 giannello joined #salt
14:39 racooper joined #salt
14:41 numkem joined #salt
14:42 bostonq @mitz27: no stuck process, but I just re-run the command, same result.
14:44 pf_moore joined #salt
14:45 piv joined #salt
14:47 bash1234123123 run a command after file has changed ?
14:48 dooshtuRabbit joined #salt
14:51 timoguin joined #salt
14:51 dooshtuRabbit1 joined #salt
14:52 mdasilva joined #salt
14:57 FeatherKing joined #salt
14:57 tru_tru joined #salt
14:57 FeatherKing anyone used states.postgres_user? trying to give it a md5 password has it im not making it work
14:58 FeatherKing the example in the docs is 'md5{MD5OF({password}{role}}' so im not sure what it actually wants from me
14:58 nitti joined #salt
14:59 timoguin_ joined #salt
15:01 piv joined #salt
15:02 kawa2014 joined #salt
15:02 kaptk2 joined #salt
15:04 TheoSLC joined #salt
15:05 favadi joined #salt
15:05 I3olle joined #salt
15:05 daflef joined #salt
15:06 daflef left #salt
15:06 N-Mi joined #salt
15:07 primechuck joined #salt
15:07 housl joined #salt
15:08 jcsp joined #salt
15:11 pdayton joined #salt
15:11 tligda joined #salt
15:15 TheoSLC joined #salt
15:15 otter768 joined #salt
15:15 tligda1 joined #salt
15:17 SneakyPhil good morning everyone, I'm confused trying to install an rpm with salt and make sure it's running
15:17 aquinas joined #salt
15:19 SneakyPhil I should have just waited a minute, figured it out! https://gist.github.com/pgporada/03e20ca250487c59e4f9
15:22 pdayton joined #salt
15:23 mdasilva joined #salt
15:24 jonitrythall joined #salt
15:25 nitti_ joined #salt
15:27 dRiN joined #salt
15:28 __number5__ FeatherKing: just pass in your password (plain text, not hashed), it will do the md5 part for you
15:28 FeatherKing yeah i was hoping to put it already hashed in the salt state
15:28 FeatherKing i think i may have found something though
15:29 FeatherKing the docs are not clear but i think it works in the salt state if you preface the password with md5 then the hash of the password+role
15:29 FeatherKing md5ifeiefiojda230923f39020
15:29 phx SneakyPhil, the important part there is, it's not the rpm which is running, but a service which is installed by the rpm. so you need to install a package, then run a service, and have the service require the package installation
15:30 __number5__ FeatherKing: the code https://github.com/saltstack/salt/blob/2014.7/salt/modules/postgres.py#L619
15:30 iwishiwerearobot joined #salt
15:30 FeatherKing yeah i was looking at startswith
15:30 FeatherKing so i am logging in, but so far cant do anything, might be role permissions now
15:30 FeatherKing not being assinged
15:31 Brew joined #salt
15:31 mt joined #salt
15:34 timoguin joined #salt
15:35 FeatherKing that is a really wierd hash format
15:35 FeatherKing so it works as md5 + hash(password+role)
15:35 FeatherKing you put that in salt for the password, and you get in
15:35 N-Mi joined #salt
15:37 TheoSLC joined #salt
15:37 fragamus joined #salt
15:38 SneakyPhil phx: excuse my ignorance, I think I am doing that? I just ran my docker state, it installed the rpm I specified to download, and then started the docker service
15:38 phx SneakyPhil, something like that, right
15:44 TheThing_ joined #salt
15:44 malinoff joined #salt
15:47 favadi left #salt
15:49 favadi joined #salt
15:50 gothos joined #salt
15:50 gothos Hello! Is there a way to do the following in a template file: {% include {{ hostname }} ignore missing %}
15:50 gothos I only get the following error: SaltRenderError: Jinja syntax error: expected token ':', got '}'; line 70
15:51 gothos And I basically just want to append one file to another file and copy that to the server
15:52 Furao {% include grains[‘id’] ignore missing %}
15:52 Furao unless you {% set hostname … %} somewhere
15:52 Furao wait include ignore missing exists?
15:53 Furao a conditional include?
15:54 manfred i think you can just include hostname, and don't have to add extra brackets, one second to see if I can find an example
15:54 gothos Furao: at least in the jinja docs
15:54 LinuxHorn joined #salt
15:54 Grokzen joined #salt
15:54 gothos Furao: and yes I have "hostname: {{ grains['fqdn']|replace(".l3s.uni-hannover.de","") }}" in my sls defaults
15:55 manfred should just be able to do {% include hostname %} because otherwise, it would be {% include 'hostname' %}
15:55 gothos grains['id'] is nicer tho
15:55 manfred so hostname should be expanded to the variable that you set
15:55 vbabiy joined #salt
15:55 gothos okay, I'll try!
15:56 manfred yeah, should work, cause salt['grain.get'], you would do that there too, and it has salt as a variable, and expands it for you
15:57 Furao {% set hostname = grains["fqdn"].split(".")[0] %}
15:57 Furao hostname: {{ hostname }}
15:57 Furao {% include hostname ignore missing %}
15:58 Furao if you want xxx.l3s.uni-hannover.de -> xxx
15:58 gothos looks good so far, but I think it doesn't find the file since nothing is included :/
15:59 gothos yep, I want that
15:59 cpowell joined #salt
16:00 gothos where would the include statement get the file from the top level /srv/salt directory?
16:01 Furao probably yes
16:02 paulm-- joined #salt
16:02 gothos hm
16:04 gothos I would prefer to get the files from /srv/salt/iptables
16:05 diegows joined #salt
16:05 stanchan_ joined #salt
16:06 paulm- joined #salt
16:08 gothos {% set hostname = "/srv/salt/iptables/" + grains["fqdn"].split(".")[0] %} is not working neither with ~
16:09 jcsp joined #salt
16:09 conan_the_destro joined #salt
16:09 gothos ah, it is working but gives the error msg: MinionError: Unsupported path: /src/salt/iptables/okkam
16:10 gothos any idea?
16:10 clintberry1 joined #salt
16:10 manfred srv ?or src ?
16:10 manfred also, you should just need to say include iptables/hostname iirc?
16:10 evle1 I believe path should be relative to /srv/salt, not absolute.
16:12 manfred the jinja is all rendered on the minion, so it should be just iptables/okkam, because it is going to be relative to where ever those files are. iirc
16:14 elfixit1 joined #salt
16:14 ALLmightySPIFF joined #salt
16:17 ALLmight_ joined #salt
16:17 StDiluted joined #salt
16:18 TheThing_ joined #salt
16:19 cpowell joined #salt
16:28 CeBe joined #salt
16:28 faliarin joined #salt
16:33 t0rrant joined #salt
16:33 schristensen joined #salt
16:33 jalbretsen joined #salt
16:33 elfixit1 joined #salt
16:33 nitti joined #salt
16:37 DammitJim joined #salt
16:37 DammitJim what is the difference between #salt and #saltstack?
16:38 pdayton joined #salt
16:38 gothos manfred: evle1: iptables/okkam is indeed working fine, thanks a lot!
16:38 giantlock joined #salt
16:39 hal58th joined #salt
16:42 favadi joined #salt
16:42 elektrix_ joined #salt
16:42 josephleon joined #salt
16:47 thedodd joined #salt
16:47 hasues joined #salt
16:47 tligda joined #salt
16:47 hasues left #salt
16:49 micko joined #salt
16:51 bash1234_ joined #salt
16:52 gladiatr joined #salt
16:53 RedundancyD joined #salt
16:56 N-Mi joined #salt
16:57 diegows joined #salt
16:58 hebz0rl_ joined #salt
16:59 timoguin_ joined #salt
17:00 teskew joined #salt
17:00 theologian joined #salt
17:01 Rickc joined #salt
17:01 Rickc Hi all.
17:02 Rickc salt.states.network.routes trying to do 10.0.0.0/8 via 10.2.1.1 dev eth0 in the route-eth1.  Anyone know how to translate that into a salt.state command?
17:03 ccarney_ROCC joined #salt
17:03 Rickc biggest thing is how to tell it to go via eth0 in route-eth1
17:04 primechuck joined #salt
17:07 GabLeRoux joined #salt
17:09 zadock joined #salt
17:10 giantlock joined #salt
17:13 hal58th I hate where there is no documentation or examples. I would like at the source code to see what options there are. That needs to be a documentation bug
17:15 Saltn00b joined #salt
17:16 otter768 joined #salt
17:17 Saltn00b Good morning folks. Has anyone set up periodic monitoring with Salt?
17:17 Saltn00b I'd like to have a scheduled job that runs (e.g. ping all minions every minute.)
17:18 Saltn00b I tried setting this up as a scheduled job on the minions, but there's no way to have the minions send scheduled job results to the master.
17:18 Saltn00b I know I can probably just cron a salt command, but I was hoping to manage the whole thing within Salt directly.
17:18 Saltn00b Any ideas?
17:19 DammitJim is it a good idea to use salt as a monitoring system?
17:19 berserk joined #salt
17:19 bluenemo joined #salt
17:19 bluenemo joined #salt
17:20 Xiol32 Hi, does anyone know how to run salt-ssh stuff via the CherryPy API? The documentation doesn't appear to be correct as it's telling me "'NetapiClient' object has no attribute 'ssh'" when I try to follow the docs by setting 'client' in the request to 'ssh'
17:20 Saltn00b @DammitJim: Is it not a good idea? My thought was that we're eventually going to want to pull some pretty rich data beyond just ping results, and Salt provides the best framework for that.
17:21 Saltn00b Would you use a different approach?
17:21 KyleG joined #salt
17:21 KyleG joined #salt
17:21 stanchan joined #salt
17:23 Xiol32 Saltn00b: Surely you'd be better off using something like Collectd + graphite/influxdb for collecting metrics from your servers? Pure monitoring can then be done with Nagios/Zabbix/Sensu/etc
17:25 bhosmer joined #salt
17:25 DammitJim Saltn00b, I considered doing it in salt, but I Don't know that it has to be customized... it's a lot of work
17:26 zer0def joined #salt
17:26 zer0def so apparently parts of the docu speak of Salt 2015.2
17:26 zer0def got me _REAL_ curious
17:27 twellspring joined #salt
17:28 _mel_ joined #salt
17:28 Rickc Anyone know how I can use a salt.state to manage two nics so that the route-eth1 can have a route:
17:28 Rickc 10.0.0.0/8 via 10.2.1.1 dev eth0
17:29 zer0def why have a route, when it's on the same network?
17:29 Rickc It is not one is external nic one is internal
17:30 zer0def wait, what?
17:30 evle1 Route like this doesn't make sense. Is if just for example?
17:30 aparsons joined #salt
17:30 Rickc vpn server, needs to be able to see into my network...
17:30 zer0def you're, most likely, subnetting wrong.
17:31 zer0def mainly because you're asking to route traffic through a gateway of 10.2.1.1
17:31 Rickc no eth0 is internal 10.0.0.0/8 eth1 is external 66.x.x.x/24
17:31 zer0def which _is_included_ in the subnet of 10.0.0.0/7
17:31 zer0def 10.0.0.0/8*
17:32 Rickc the gateway is incorrect, I just threw in example.
17:32 mdasilva joined #salt
17:32 zer0def yeah, that's a thing throwing you off
17:32 zer0def well, us.
17:32 Rickc main point is I need to be able to do a route to a different nic
17:32 zer0def with VPNs, at least from my experience, you have a seperate VPN-subnet
17:33 zer0def which you route from into your internal network
17:33 Rickc manually configured i just did the 10.0.0.0/8 via 10.x.x.x dev eth0
17:33 Saltn00b Thanks guys. It sounds like Salt may not be the best approach for general statistics collection.
17:33 Rickc Yes many ways to do it.  but the way our is I need to have the route to eth0 from eth1.
17:33 CeBe joined #salt
17:34 Rickc is there a way to add in the route statement a via eth0
17:34 zer0def wait, those are on one machine, right?
17:34 Rickc yes
17:34 zer0def i'm pretty sure you can just do a route through an interface, instead of a target IP address
17:35 Rickc do tell?
17:35 yetAnotherZero joined #salt
17:35 Rickc that is what I am doing.
17:35 rojem joined #salt
17:36 zer0def Rickc: by specifying a nexthop interface
17:36 Rickc but using salt I have a
17:36 zer0def i'm pretty sure that if you're doing VPN, you're doing it wrong.
17:37 Rickc I do not see a way to do that with salt.states network?
17:37 zer0def and i haven't been exposed enough to salt to tell you how to do it precisely in salt
17:37 Rickc zer0def, I understand what you are saying, but I do not get to make that choice.
17:38 Rickc guess I will just manage the file...
17:38 zer0def i'm not sure, if you can just routing from an internet-facing interface into your NATted network
17:38 Ryan_Lane joined #salt
17:38 zer0def usually your ISP routers oughta filter that anyway
17:39 Rickc : ) again some of the choices of how the vpn is done are not mine.  I am just trying to get a salt state build for it.
17:39 zer0def and last time i was playing with openvpn, i had to dedicate a small subnet that's routed into my internal network or just throw clients into my internal network.
17:39 zer0def what you're asking isn't VPN, it's purely impossible
17:39 zer0def unless there's something you're not telling
17:40 ccarney_ROCC left #salt
17:40 Rickc routing from one interface to another is extremely possible, that is what I am asking
17:40 zer0def when a client connects to your VPN gateway, they should get another IP on a virtual NIC
17:40 smcquay joined #salt
17:40 zer0def that virtual NIC oughta be placed in a private network space
17:40 Rickc You are getting way off the problem I have at hand.
17:40 TheoSLC joined #salt
17:41 zer0def the way you're expected to op your VPN is... well, broken, to be honest.
17:41 zer0def either that or you're supposed to do DHCP from your internal network directly onto VPN clients
17:42 murrdoc joined #salt
17:42 zer0def which, if gateway info goes missing, you could probably just push onto the client
17:42 whiteinge Xiol32: basic salt-ssh access in salt-api has been written. i'm looking to see what release it's in now. what documentation are you looking at?
17:43 Rickc zero0def.  I understand what you are saying and that part of the vpn is not what I am looking at.  I am looking for a way to route a subnet from one nic to the other using salt.
17:44 Rickc not how my vpn'd client work.  That is all contained in a dmz config.
17:44 whiteinge Xiol32: it will be in the next feature release, 2015.2
17:44 zer0def Rickc: a quick google tells me this: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.network.html
17:44 sroegner joined #salt
17:45 Rickc yup but that does not allow the use of a different nic
17:45 Rickc for a route
17:47 zer0def let me give into the code for at least some taste of what kwargs go to .routes()
17:47 nafg_ joined #salt
17:47 chris_m_ joined #salt
17:48 zer0def have a look into the code*, can't type.
17:48 chris_m_ good day all!
17:48 chris_m_ anyone around to help me with a syndic issue?
17:48 chris_m_ infra@btln001245:/apps/infra/salt-syndic/2014.7.1 $ ./salt.sh '*' test.ping [ERROR   ] Salt request timed out. If this error persists, worker_threads may need to be increased. Failed to authenticate!  This is most likely because this user is not permitted to execute commands, but there is a small possibility that a disk error occurred (check disk/inode usage).  I get this error sometimes, in this case on the syndic syndic mysteriousl
17:49 bash1234123123 joined #salt
17:50 chris_m_ a couple of questions on this: 1. When I execute the ./start-syndic it does not accept an alternative config-dir (running as non-roo user).   2. Who is suppose to execute this start-syndic command?  master-slave?  or can I run this as non-root?
17:52 chris_m_ there is not a lot of doc/info on syndic.  hence I am reaching out to the experts :)
17:52 GabLeRoux joined #salt
17:54 bhosmer joined #salt
17:56 toddnni joined #salt
17:58 bash1234123123 joined #salt
17:58 noJ_ joined #salt
17:58 zer0def Rickc: does your *other* nic address change often?
17:59 mdasilva joined #salt
18:00 evle1 joined #salt
18:02 zer0def pretty sure you just pull an address of the interface the packets arrive on and put it in the gateway section
18:04 desposo joined #salt
18:04 cpowell joined #salt
18:05 I3olle joined #salt
18:06 TheoSLC joined #salt
18:09 Rickc never
18:10 redzaku joined #salt
18:10 aw110f joined #salt
18:10 chris_m_ experimenting with latest 7.1 patch.    ignore my questions on syndic.  problems seem to have disappeared after I rolled out latest rev on master, minions and syndic.
18:10 dusel joined #salt
18:11 stanchan joined #salt
18:12 fragamus joined #salt
18:15 murrdoc new patch
18:15 murrdoc ?
18:17 Xiol32 whiteinge: That might be why I'm having trouble then, think I was looking at the 'master' documentation. I'll look at installing the dev version of Salt and using it through that as we're nowhere near going production with any of this yet
18:18 evle joined #salt
18:19 whiteinge Xiol32: cool. you may prefer the 2015.2 branch if you want to stick to only what will be in the next release.
18:21 Xiol32 whiteinge: yeah, we're still investigating Salt as an alternative so they'll be some use of minions I'm use. I work for a hosting provider so we went with Ansible at first but we've found it an absolute nightmare to integrate into our existing infrastructure/APIs (and the company doesn't want to pay for Tower)
18:22 Ryan_Lane Xiol32: salt's initial learning curve is high. it's worth the payoff though
18:22 Xiol32 Salt comes with a nice API and the SSH module seems to offer roughly the same functionality, so we're quite interested. Some of our stuff is fully managed by us, but much is build, configure, handoff to clients and we don't want agents and stuff on those
18:22 Xiol32 Just need some kind of API-based dynamic roster and I'll be fully sold ;)
18:23 Ryan_Lane I'm not sure you can use the api + salt-ssh
18:23 Ryan_Lane I could be wrong, though
18:23 Ryan_Lane I haven't used salt-ssh or the api very much
18:23 FRANK_T joined #salt
18:23 Xiol32 Ryan_Lane: I think whiteinge pointed out above that the API integration is coming in the next release (and i was trying to do it with stable which is why it didn't work!)
18:24 Ryan_Lane ah. cool
18:24 whiteinge Xiol32: salt and salt-ssh work fine side-by-side. let me know if you run into any snags.
18:24 Ryan_Lane good to know
18:24 Ryan_Lane hm. I may need to try that now
18:24 whiteinge Xiol32: roster modules are crazy easy to write. it would be easy to query an API in order to generate it
18:24 FRANK_T Something strange happen with mi minion I am getting this every time that I tried to run a state Minion did not return. [Not connected]
18:24 Ryan_Lane whiteinge: if I already have salt installed on nodes, can I have salt-ssh use that, rather than pushing its own version of salt into the node?
18:25 FRANK_T but if I go to the minion and run the debug mode it will work
18:25 FRANK_T any idea why?
18:25 mdasilva joined #salt
18:25 Ryan_Lane api + salt-ssh + default returners could make it unnecessary for me to have a master.
18:26 Ryan_Lane (I don't use one now, but I was considering adding one)
18:26 Xiol32 whiteinge: yeah, i'll have to have a look. we'll want to push rosters into salt (and only use them temporarily to deploy servers rather than manage them forever). I'll have a poke around the docs again once i've got the correct version installed and see what I can whip up
18:26 whiteinge Xiol32: edit your master config and point the `extension_modules` setting at /srv/modules. then make a /srv/modules/roster/someapiquery.py and put a function called `targets` in there that queries your API
18:26 whiteinge example here: https://github.com/saltstack/salt/blob/develop/salt/roster/cloud.py#L31
18:27 Ryan_Lane if beacon worked with masterless I could emulate a master with SQS + beacon + local events
18:28 Ryan_Lane so many things to discuss at SaltConf :)
18:28 whiteinge Ryan_Lane: i want to say no because there's some slight differences in the payload, but I don't know for sure.
18:29 Xiol32 whiteinge: looks straightforward enough! thanks
18:30 Ryan_Lane whiteinge: I'd do beacon -> SQS from the minions. then on the master, I'd do beacon <- SQS
18:30 Ox joined #salt
18:31 whiteinge very cool. i'm pretty excited about beacon. opens a ton of possibilities -- plus the pull req that added it was laughably tiny.  ^_^
18:31 Ryan_Lane yep :)
18:31 Ryan_Lane well, it's missing masterless support
18:31 Ryan_Lane and masterless is still missing reactor support
18:31 * whiteinge nods
18:31 whiteinge is there an issue for that?
18:31 gwmngilfen joined #salt
18:31 Ryan_Lane not sure
18:32 Ryan_Lane I'd imagine I opened some
18:32 aw110f_ joined #salt
18:32 whiteinge Ryan_Lane: are you currently running the salt-minion daemon even though it's not connected to a master?
18:32 Ryan_Lane nope, but I'd consider if I had a good use-case
18:32 bhosmer joined #salt
18:32 * whiteinge nods
18:32 Ryan_Lane beacons and reactors would likely be a reasonable use case
18:34 forrest joined #salt
18:35 manfred whiteinge:  link to that pr?
18:36 whiteinge manfred: https://github.com/saltstack/salt/pull/20092/files
18:37 whiteinge it balooned a bit when docs were added. look at just the python files
18:37 manfred yar
18:38 manfred so, this is all just based on stuff going on on the system, we then can do things?
18:38 manfred so … you could actually have something that restarts nginx, every time /etc/nginx/nginx.conf changes?
18:40 iwishiwerearobot joined #salt
18:40 whiteinge yup
18:40 manfred nice
18:41 whiteinge one that i'm excited about is you can trigger an event every time someone logs into a minion
18:41 manfred nice
18:41 manfred like killing off their bash session :P
18:41 whiteinge (wip wtmp beacon module)
18:41 whiteinge lol, yeah
18:42 TheThing_ joined #salt
18:42 manfred i mean you can do it more effective ways, but that one would be entertaining for someone to try and troubleshoot
18:42 TheThing__ left #salt
18:43 hybridpollo joined #salt
18:43 whiteinge haha
18:43 SKMatoBB joined #salt
18:44 SKMatoBB left #salt
18:47 jcsp joined #salt
18:52 timoguin joined #salt
18:55 rooney01 joined #salt
18:56 TaiSHi Can I pass the user to git.fetch without using 'user='?
18:56 chiui joined #salt
18:57 murrdoc omg salt/beacons is the stuff
18:57 CeBe1 joined #salt
18:58 rihannon joined #salt
19:00 ckao joined #salt
19:01 fragamus joined #salt
19:01 ALLmightySPIFF joined #salt
19:02 rihannon salt and poor connections:  How do I get nodes to go to the highstate if they keep timing out?  Are there some settings I can optimize?
19:02 giantlock joined #salt
19:03 hal58th Even if the response does not occur, they should still be receiving the job and running highstate. You can increase the time you wait for a response with the -t flag (in seconds).
19:05 thedodd joined #salt
19:07 rihannon I suspect that it's not updating because my target file has a last modified time in October.
19:07 huddy joined #salt
19:09 spookah joined #salt
19:09 hal58th can you go on the box itself and run "salt-call state.highstate"? Then you can see if the file is updating. I would first actually do a "salt 'minionid' state.highstate -t 500" or a test.ping
19:11 ALLmight_ joined #salt
19:12 LinuxHorn joined #salt
19:12 aCodinMan joined #salt
19:13 berserk joined #salt
19:17 otter768 joined #salt
19:17 rihannon1 joined #salt
19:18 mdasilva joined #salt
19:19 bash1234123123 joined #salt
19:19 josephleon joined #salt
19:21 druonysus joined #salt
19:23 josephleon joined #salt
19:24 BigBear joined #salt
19:28 mpanetta_ joined #salt
19:29 mpanetta joined #salt
19:30 aw110f Hi I'm running into this problem with running cmd.run: https://gist.github.com/wongster80/8b41f42ec1fcde557e86
19:31 josephleon joined #salt
19:32 beneggett joined #salt
19:33 jalaziz joined #salt
19:37 MatthewsFace joined #salt
19:38 MatthewsFace joined #salt
19:38 JlRd joined #salt
19:40 FRANK_T aw110f try salt '*' cmd.run 'ls /tmp'
19:41 FRANK_T aw110f do you have more than 1 minion?
19:42 RedundancyD left #salt
19:43 beneggett joined #salt
19:43 druonysuse joined #salt
19:45 Andre-B joined #salt
19:47 theologian joined #salt
19:47 markm joined #salt
19:48 pf_moore joined #salt
19:52 druonysus joined #salt
19:56 kevops joined #salt
19:57 Brick_ joined #salt
19:59 nitti_ joined #salt
19:59 diegows joined #salt
19:59 TaiSHi How can I make a cmd.run only if another state reported as 'changed' ?
19:59 nafg_ joined #salt
20:00 nitti__ joined #salt
20:01 jY TaiSHi: there is cmd.wait
20:01 TaiSHi Thanks, will dig it out
20:02 jY https://gist.github.com/mzupan/f2b81fb28b2b3e5589d0
20:02 jY that's how i use it as example.. if the rpm gets installed.. it runs cmd.. that is a script.. but cmd.wait works the same
20:03 TaiSHi Thanks a lot
20:03 TaiSHi This is odd, 2nd server that gets bin folders deleted...
20:04 TaiSHi 6 months apart
20:09 josephleon joined #salt
20:12 Ryan_Lane joined #salt
20:13 auser joined #salt
20:20 dude051 joined #salt
20:21 thedodd joined #salt
20:23 aurynn is the pillar tree cached on the minions?
20:23 murrdoc nope
20:23 murrdoc its regenerated on each highstate
20:24 aurynn so what happens when I call refresh_pillar?
20:24 murrdoc it refreshes the pillars on the master
20:25 aurynn ah hah..
20:26 nitti joined #salt
20:28 TaiSHi How can I re-deploy a machine using salt-cloud ?
20:28 Nazca__ joined #salt
20:28 TaiSHi (I'm on DO, I want to recreate a machine and deploy everything)
20:29 iwishiwerearobot joined #salt
20:34 manfred delete the machine, then create the machine
20:34 manfred salt-cloud -d <name>
20:34 manfred salt-cloud -c or whatever that flag is… it has been a while since I have used it
20:34 TaiSHi I did that, hopefully DO preserves the IP
20:35 TaiSHi Else, well, nothing, salt will take care of letting other instances know the new private ip :P
20:35 TaiSHi I'm a saltwhore now
20:35 manfred it won't
20:35 Nazzy joined #salt
20:35 manfred cloud doesn't work that way, the only way you could do that is if you could issue a rebuild, and i don't know that we have that ability built into salt-cloud.
20:36 manfred and if you have everything setup in automation, switching ips shouldn't matter as much.
20:36 TaiSHi Actually, DO maintains your IP for a little while
20:39 MatthewsFace joined #salt
20:42 dude051 joined #salt
20:50 davedash Can you install a package from s3 directly?  I tried to with pkg.installed but go this error: SystemError: E:Could not open file s3://mydebs/check-mk-agent_1.2.4p5-2_all.deb
20:50 davedash looks like it was treating it as a file on disk
20:52 intellix joined #salt
20:53 dave_l joined #salt
20:53 iggy davedash: can you paste the state somewhere? Does the minion have the correct rights to access the s3 bucket (assuming it isn't public)
20:56 Guest21779 hi, how would I set up my states/pillars to deploy multiple times across the same minion? E.g. I have states for virtualhost, webroot, database, etc. I want to use those same states twice with two different sets of pillar data so I can run two websites on the same minion.
20:59 phpdave11 Guest21779: you could set up 2 config directories, both pointing to the same states root dir, but have separate a pillar root for each one. then run salt and specify the config dir
21:00 Ryan_Lane joined #salt
21:00 Guest21779 where/when do I specify the config directory - when running highstate?
21:00 ajw0100 joined #salt
21:00 davedash iggy: https://gist.github.com/davedash/c283e616f434c75acd18 let me verify permissions
21:01 davedash iggy: yup aws s3 cp copies that file just fine.
21:01 phpdave11 Guest21779: yeah, on the command line
21:01 phpdave11 salt --config-dir=/home/dave/salt-config
21:01 phpdave11 like that
21:02 Guest21779 great, thanks!
21:02 phpdave11 np
21:02 hal58th Guest21779 I would do a for loop and reiterate states using your pillar data. Let me see if I have a good example
21:03 Guest21779 hal58th: that would be appreciated thanks
21:07 hal58th Guest21779 http://pastebin.com/9vunspZY I would do something similar to this. You could go salt['pillar.get]('someinstance:lowerdata') in your states
21:07 Guest21779 hal58th: great ty
21:08 hal58th welcome. Jinja is pretty powerful when it comes to loops. It's just python in the long run
21:08 ralala joined #salt
21:09 smithd_ joined #salt
21:09 phpdave11 yeah, that's probably a better way to do it.
21:10 cberndt joined #salt
21:15 clintber_ joined #salt
21:18 otter768 joined #salt
21:18 josephleon joined #salt
21:19 iggy a lot of the formulas loop over pillar data if you want more examples
21:19 karimb joined #salt
21:23 stanchan_ joined #salt
21:23 ralalala joined #salt
21:25 loggyer joined #salt
21:25 dvestal joined #salt
21:28 beneggett joined #salt
21:29 druonysus joined #salt
21:30 GabLeRoux joined #salt
21:31 toddnni_ joined #salt
21:36 thedodd joined #salt
21:38 lionel joined #salt
21:42 beneggett joined #salt
21:42 dvestal joined #salt
21:43 TyrfingMjolnir joined #salt
21:43 toddnni joined #salt
21:43 loggyer Guys how can i use require stmt to require from a list of pkgs under a single ID. e.g. -> http://pastebin.com/cWvmtbh7
21:47 hal58th You can't, use multiple ID's
21:49 murrdoc that ll work
21:49 josephleon joined #salt
21:49 murrdoc u dont need the require there
21:49 murrdoc just do - failhard: True in your pkg.installed
21:49 loggyer hal58th: I'm using just one ID right? which defines multiple states
21:49 toddnni joined #salt
21:49 xt joined #salt
21:50 ralalala joined #salt
21:50 hal58th You can do require: monitoring_pkgs   (I think)
21:50 loggyer murrdoc: you are talking about the require in service.running ?
21:50 murrdoc yeah
21:51 loggyer hal58th: I know that is the easier way maybe...but wanted to know if it was possible to require on just 1 from a list
21:51 hal58th But the way you are righting it is a little odd. I would just use another ID for service.running and specifiy which service requires all three packages installed.
21:51 murrdoc u dont need to
21:51 murrdoc its perfectly fine the way it is
21:51 ALLmightySPIFF joined #salt
21:51 murrdoc just put a failhard: True in the pkgs.installed
21:52 stanchan joined #salt
21:53 piv joined #salt
21:55 bhosmer__ joined #salt
21:57 twellspring joined #salt
21:59 TyrfingMjolnir joined #salt
21:59 hal58th1 joined #salt
21:59 hal58th1 left #salt
21:59 hal58th1 joined #salt
21:59 loggyer murrodc: Thanks for that :)
22:00 loggyer Given the same ID, how can i start a particular service from that list
22:00 loggyer Not able to do that
22:01 loggyer murrdoc: doing that under a different ID is easy, but is it possible to do it in the same state
22:05 loggyer murrdoc: Figured that out :)
22:05 murrdoc yup
22:06 fragamus joined #salt
22:07 bhosmer__ joined #salt
22:13 jalaziz joined #salt
22:13 go8ose joined #salt
22:14 TaiSHi Is there any way for salt to wait for apt lock to be cleared ?
22:17 go8ose I've got a repeating problem with salt.highstate runs. Minion gets stuck running a state.highstate run, until I manually kill the salt-minion process doing it. Running 2014.7.0+ds-2~bpo70+1 on both master and minion. strace on minion shows it's very busy repeatedly opening /dev/urandom, and read() from it, as well as poll(), select() and clock_gettime().
22:17 ralalala joined #salt
22:17 hal58th1 go8ose does it always get stuck in the same area or just at random?
22:17 go8ose Doesn't seem to be happening a great deal, only seen it occur 3 times this week across 2 minions (out of 60)
22:18 iwishiwerearobot joined #salt
22:18 go8ose hal58th1: I've only inspected one stuck minion, so couldn't say if always stuck in the same area.
22:18 go8ose hal58th1: But when you say "area", are you talking about what strace shows, or something else?
22:20 hal58th1 Im just assuming it gets stuck trying to do the same thing during highstate. I had mininos get stuck doing service start because it couldnt read the exit code
22:21 TaiSHi Any news on when will 2014.7.2 be released ?
22:21 go8ose Ahh, the highstate run on all our nodes is quite simple. In this case, the only thing high state does is check if the salt-minion service is running (which is a bit of a no-brainer) and touch a file under /srv (for our monitoring system to watch).
22:21 go8ose It's only because our monitoring system has noticed that this file /srv hasn't been touched that has made me realise I've got this problem. Other salt executions continue to work fine.
22:24 iggy TaiSHi: I would expect it for a while... 2015.2 should be the main focus for the rest of this month
22:25 TaiSHi Oh, thanks, it's just I've been expecting a localemod fix (on an issue I reported)
22:25 iggy I'd patch it locally for now
22:28 Grokzen joined #salt
22:28 ralalala joined #salt
22:29 TaiSHi I workaround'd it with a cmd.run, easier than patch my entire infrastructure :P
22:29 TaiSHi I found out what was deleting half of my system's files...
22:29 TaiSHi A dev's after-pull script
22:29 thedodd joined #salt
22:30 socket76 joined #salt
22:31 juicer2 joined #salt
22:32 josephleon joined #salt
22:36 StDiluted joined #salt
22:36 sh-ricky joined #salt
22:36 jalaziz joined #salt
22:37 iggy you can usually put the updated module in /srv/salt/_modules and all the minions will get it automatically
22:37 hal58th1 go8ose well you need some better logging. I like to pipe out my highstates to a log.
22:38 sinh joined #salt
22:38 juicer2 left #salt
22:39 murrdoc i mean
22:39 murrdoc u need to run saltutil.sync_all
22:39 murrdoc but yes
22:41 TaiSHi Hmm, true, I forgot I could force modules
22:41 jeddi joined #salt
22:41 go8ose hal58th1: How do I set that up?
22:42 kermit joined #salt
22:42 hal58th1 go8ose it depends on how you are executing your highstates
22:43 go8ose I have a pillar that sets a schedule to call the 'state.highstate' function every 15 minutes.
22:44 sh-ricky Hii- I’m trying to update my mac minions from 10.10.1 to 10.10.2 by pushing it through the Master(which is on centos). Here is my command- salt -C 'G@os:MacOS and G@osrelease:10.9.1' cp.get_file \
22:44 sh-ricky OSXUpd10.9.2.pkg /tmp/OSXUpd10.9.2.pkg
22:45 go8ose That pillar is available to all my nodes. I'm not sure if that means the master triggers a state.highstate via an execution module, or if the minions see that schedule, and hence self trigger a state.highstate run.
22:45 sh-ricky is there a better way of doing this?
22:45 go8ose hal58th1: Does it sound like there is a way to make my highstate log?
22:46 hal58th1 go8ose this is my solution http://pastebin.com/NsuSmsxD
22:46 druonysuse joined #salt
22:47 aw110f FRANK_T: yes I have more than 1 minion, in fact salt '*' cmd.run is how i found out that some minions were having issues
22:48 TaiSHi Going back to something I asked earlier, is there a way for pkgapt to wait for lock to be cleared?
22:48 go8ose hal58th1: Thanks for that. Do you find you ever have problems with both the salt-call and the salt-minion writing to /var/log/salt/minion at the same time?
22:49 hal58th1 well, nope. salt-minion doesn't write to it very often.
22:49 go8ose hal58th1: That is true, I had noticed that.
22:53 murrdoc its configurable
22:55 iggy go8ose: my understanding is that everything _outside_ of the master config file is run directly by the minions
22:59 ajw0100 joined #salt
23:03 vbabiy joined #salt
23:05 IOMonster joined #salt
23:05 IOMonster joined #salt
23:07 go8ose hal58th1: Looks like the problem I've got has been patched already, https://github.com/saltstack/salt/commit/44f1448d019750d1580b4fe9117f9a20336cfe7a
23:09 go8ose So now I just need to work out if 44f1448d019750d1580b4fe9117f9a20336cfe7a is in 2014.7.1
23:09 aurynn so I'm getting the idea in my head that grains should have a signature on the master, to keep from malicious changes.
23:10 markm joined #salt
23:10 go8ose Looks like it is. I just need to upgrade to solve this problem.
23:14 twellspring joined #salt
23:15 mschiff pillara data defined with an empty value ('') results in that value not being present in salt['pillar'] at all.. can salt be made to distinguish empty vs undefined?
23:15 mosen joined #salt
23:15 mosen hiya saltines
23:16 murrdoc no
23:16 murrdoc salties
23:16 go8ose Is there a way to group together output based on the return value? The output of "salt '*' pkg.version salt-minion" is useful, but I'd find it easier to read if it was "keyed" by the return value, and listed the minions with that version of salt.
23:16 murrdoc cos we greybeards
23:17 mosen hehe
23:17 murrdoc salties, its a way of life
23:19 otter768 joined #salt
23:25 iggy go8ose: salt-run manage.versions
23:26 iggy mschiff: iiuc, no
23:26 pdayton joined #salt
23:27 pdayton joined #salt
23:27 spicyWith joined #salt
23:27 primechuck joined #salt
23:27 pdayton joined #salt
23:28 druonysus joined #salt
23:29 mschiff ok, thanks iggy
23:29 druonysus joined #salt
23:30 TyrfingMjolnir joined #salt
23:31 jalaziz joined #salt
23:32 aCodinMan joined #salt
23:34 scoates joined #salt
23:37 bhosmer_ joined #salt
23:37 khaije1 joined #salt
23:38 khaije1 hiya, can salt manage ESXi hosts and their guest VMs?
23:40 iggy khaije1: guests sure... hosts to a certain degree with salt-cloud
23:40 spookah guest VMs for sure - they look like any other host
23:40 spookah s/host/box/;
23:41 TaiSHi Can I run file.directory only if something changed? (I mean, only if git pulled something)
23:41 khaije1 spookah: to be sure, but I'd like to manage the creation, destruction and configuration of VMs via salt, if possible
23:41 iggy TaiSHi: watch_in: git: me@some_repo
23:42 TaiSHi Was just reading that, thanks iggy, gonna give it a try
23:42 spookah khaije1: http://docs.saltstack.com/en/latest/ref/clouds/all/salt.cloud.clouds.vsphere.html
23:43 iggy TaiSHi: or onchanges if you have 2014.7+
23:43 go8ose left #salt
23:43 TaiSHi I don't see onchanges on the docs
23:45 sh-ricky joined #salt
23:45 murrdoc its on the requisites page
23:47 badon joined #salt
23:48 TaiSHi Thanks
23:48 TaiSHi git.latest is returning True even if it updated the branch
23:49 I3olle joined #salt
23:50 spicyWith joined #salt
23:51 iggy sounds like a bug
23:55 TaiSHi Filing a report now
23:57 CheKoLyN joined #salt
23:57 sh-ricky joined #salt
23:57 pdayton joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary