Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-02-20

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:06 bluenemo_ joined #salt
00:06 bhosmer_ joined #salt
00:09 dimeshake is there any decent way to restart salt-minon on minions from salt itself?
00:10 Diaoul joined #salt
00:11 hal58th yeah one sec
00:11 murrdoc google salt runner manage
00:12 hal58th That works too. I do it on a state like this.
00:12 hal58th cmd.wait:
00:12 hal58th - name: /usr/bin/nohup /bin/bash -c 'set -x && sleep 30 && service salt-minion restart' >>/dev/null 2>&1 &
00:12 hal58th - order: last
00:13 dimeshake thanks hal58th
00:13 dimeshake and murrdoc
00:13 hal58th welcome
00:15 dimeshake this may be a stupid question - is there any way to create an empty grain of list type?
00:17 aparsons joined #salt
00:17 murrdoc echo "grainname:\n\t-" -e >> /etc/salt/grains
00:18 hal58th or maybe states.grain. then name: somegrain   value: []
00:18 hal58th Have no idea if that works
00:20 dimeshake i set roles grains via grains.list_present
00:20 otter768 joined #salt
00:20 dimeshake in states. so in my nginx state, i have grains.list_present roles: nginx
00:21 dimeshake or similar
00:21 dimeshake occasionally, when i set that role, the minion will stop responding to the master
00:21 subsignal joined #salt
00:21 dimeshake i'm wondering if there's something about the type of the grain coming into play
00:21 CeBe1 joined #salt
00:21 dimeshake http://docs.saltstack.com/en/latest/ref/states/all/salt.states.grains.html#salt.states.grains.list_present
00:22 dimeshake and here it says grain should be list type, but if roles grain didn't exist previously, it won't be - and may not be if added via list_present
00:22 bhosmer joined #salt
00:24 wnkz joined #salt
00:25 StDiluted joined #salt
00:25 iggy ideally you'd have roles: [] in every grains file from the start and just use grains.append when necessary
00:26 igorwidl so i run 'salt '*' saltutil.refresh_pillar' which seems to have overloaded my salt-master
00:26 igorwidl but now I can't reach about 70 salt-minions (out of about 100)
00:27 igorwidl if i restart the salt-minion it will reauthenticate and all is good
00:27 xDamox Hmmmm, 100 shouldn't cause an issue
00:27 xDamox On the master what can you see in dmesg
00:28 igorwidl xDamox: i rebooted the server, hoping the minions would reauthenticate
00:28 igorwidl xDamox: no new messages beside bootup stuff in dmesg
00:28 xDamox Ahh, so if you type dmesg while minions are re-auth you might see errors like sun-cookies being enabled etc
00:29 xDamox Thats a sign your master is being overloaded
00:29 xDamox sun cookies
00:29 xDamox Fork
00:29 xDamox sun cookies
00:29 xDamox syn cookies
00:29 igorwidl xDamox: nothing like that
00:29 igorwidl if i do lsof -i i can see connections coming up to minions, but salt-run manage.up shows them as down
00:30 xDamox Really, can you go on a host that is reported as down?
00:30 dimeshake igorwidl: that's exactly what it looks like when my minions drop off the map, too
00:30 dimeshake iggy: thanks - i think that's what i'm going to try next to track this down
00:30 xDamox and just run a salt-call test.ping -l debug
00:30 igorwidl xDamox: one sec
00:31 xDamox http://docs.saltstack.com/en/latest/ref/configuration/master.html Check out the worker_threads
00:33 igorwidl xDamox: test.ping works from minion that is reported as down.
00:33 igorwidl dimeshake: how do you fix yours?
00:33 xDamox Ok, from the master can you to a test.ping
00:33 xDamox salt 'minion-down' test.ping -l debug
00:33 xDamox is there a firewall between the master/minion?
00:34 dimeshake igorwidl: i ssh into the minion and restart salt-minion. it's a pain in the ass. i can reliably trigger it by adding a roles grain list entry to a minion that has been running for a longish period of time
00:34 dimeshake but can't reproduce it immediately. it's very frustrating
00:35 murrdoc best pip ever https://pypi.python.org/pypi/fuckit
00:35 igorwidl xDamox: there is firewall between some minions
00:35 wnkz joined #salt
00:35 igorwidl let me see if the ones down there is a firewall
00:35 xDamox OK
00:35 xDamox On the minion try telnet to the masters port
00:35 xDamox and from the master try telnet to the minions port
00:37 igorwidl ports are open (we use default 4505, and 4506)
00:39 Diaoul joined #salt
00:39 igorwidl xDamox: i think the pattern is this: all minions on the same subnet reauthenticated ok and are UP, other minions that are not on same subnet (ie go through fireall) show as down
00:40 xDamox :)
00:40 hal58th there are no ports on the minion. only master
00:40 igorwidl the firewall is definately open from minion to server
00:41 xDamox From the minion can you telnet to port 4506 ?
00:41 igorwidl yeah, no problem
00:41 xDamox 4505 & 4506 on the master
00:41 xDamox Hmmm
00:42 igorwidl no problems at all to telnet. COuld be some statefull weirdness..
00:42 xDamox On the salt master when you do a test.ping to the system down does it timeout?
00:43 igorwidl lsof -i -n shows connections established ot minion that says its down.. (TCP 10.2.0.248:4505->10.2.129.65:49263 (ESTABLISHED) ) and this is after reboot
00:44 stylica joined #salt
00:44 igorwidl xDamox: yep it times out
00:44 igorwidl its like the minion is in bad state and is not responding, ie or waiting for something
00:45 lpmulligan joined #salt
00:47 igorwidl yeah, strace -x -p shows no activity on the minion that is reported as down
00:54 bhosmer joined #salt
00:57 igorwidl dimeshake: i was adding pillar to all my minions… it looks like a bug to me… either way i think i have to go around and restart all 70 or so minions manually
00:58 dimeshake so adding grains and adding pillars.. hmm
00:58 dimeshake what os are you on, just curious
00:59 igorwidl scientific linux 6.3
00:59 murrdoc the best linux
00:59 dimeshake https://github.com/saltstack/salt/issues/19911
00:59 dimeshake there's the issue i have open for my minions dropping and requiring a restart
01:00 igorwidl dimeshake: i'll add somethign to it tomorrow
01:00 dimeshake i am not certain your issue is related, but the result is similar. minion has to be restarted before it'll respond to any subsequent master commands
01:02 igorwidl yeah, not sure… this hting seems to be network related as only menions not in 10.2.0.0/24 (which salt server is running on) stopped responding.
01:02 igorwidl like server got overloaded, droppped conneciton, but minon didn't bother do reestablish new tcp connection thinking the old one is up and running
01:03 igorwidl i dont know, but i m out of here for now
01:04 TTimo joined #salt
01:09 alanpearce joined #salt
01:10 troyready joined #salt
01:12 alanpearce joined #salt
01:15 whiteinge cbrinley: a quick fix for the ssl error is to downgrade to CherryPy 3.4.x
01:16 murrdoc whiteinge:  quick note about pkgrepo.managed in ubunut. a) architectures is an undocumented option b) if you put ' [ arch=adm64 ]
01:16 murrdoc int the name field , it will keep adding the name to the source.list file
01:16 murrdoc https://gist.github.com/puneetk/15ca8f301467cf77af28/edit
01:18 thayne joined #salt
01:19 whiteinge murrdoc: interesting find. :-P. Mind opening an issue with that note?
01:19 JDiPierro joined #salt
01:20 cbrinley whiteinge:
01:20 murrdoc nope , will do, is there a recent change that disallows special chars in name or id fields ?
01:20 pdayton joined #salt
01:20 cbrinley thanks so much, i've been banging my head against the wall with this one, almost missed your response
01:21 whiteinge murrdoc: don't think so
01:21 whiteinge cbrinley: that's a really annoying one. :-\
01:30 murrdoc whiteinge:  https://github.com/saltstack/salt/issues/20851
01:30 murrdoc look ok ? need more info ?
01:30 murrdoc also u in la for scale ?
01:42 whiteinge Doh. Missed him.
01:45 ashw7n joined #salt
01:46 baweaver joined #salt
01:50 Hipikat joined #salt
01:52 MatthewsFace joined #salt
01:53 murrdoc joined #salt
01:53 Hipikat joined #salt
01:57 tomspur_ joined #salt
02:03 ramishra_ joined #salt
02:04 SheetiS joined #salt
02:18 Guest89 joined #salt
02:21 otter768 joined #salt
02:22 Guest89 Greetings, I'm looking for some assistance on how I would go about creating a package definition for a windows application that uses an answer file. Would I need to have a state that ensure that the answer file exist before having the application install? Sorry, if this is vague. New to salt so not entirely sure how to phase these questions.
02:22 evle joined #salt
02:24 aparsons joined #salt
02:27 VSpike joined #salt
02:28 Hell_Fire_ joined #salt
02:30 simmel joined #salt
02:32 aurynn joined #salt
02:32 jhauser_ joined #salt
02:33 Gareth joined #salt
02:34 ramishra_ joined #salt
02:38 Nazca__ joined #salt
02:40 jopecko joined #salt
02:47 ilbot3 joined #salt
02:47 Topic for #salt is now Welcome to #salt | SaltConf 2015 is Mar 3-5! http://saltconf.com | 2014.7.2 is the latest | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
02:53 gibmachine joined #salt
02:54 GabLeRoux joined #salt
02:55 Furao joined #salt
02:56 lpmulligan joined #salt
02:58 CeBe1 joined #salt
03:09 mohae joined #salt
03:10 beneggett joined #salt
03:10 GabLeRoux I'm having alot of issues trying to setup postgresql from salt, https://dpaste.de/i46G
03:10 ramishra_ joined #salt
03:13 alanpearce joined #salt
03:14 otter768 joined #salt
03:14 alanpearce joined #salt
03:18 Furao GabLeRoux: you dont have a state for /etc/postgresql/9.1/main/pg_hba.conf
03:19 Furao postgres_user should require the service
03:19 GabLeRoux file is only being watched atm
03:19 GabLeRoux I just added service as required
03:19 Furao i dont see it defined in that sls
03:22 Furao what is your distro?
03:22 Furao i feel an other problem
03:22 cberndt joined #salt
03:23 GabLeRoux ubuntu
03:23 Furao more obvious
03:24 Furao you install the postgresl CLIENT not server
03:24 GabLeRoux I just updated my sls, looks like this https://dpaste.de/O0mT
03:24 Furao no?
03:24 Furao https://github.com/bclermont/states/blob/master/states/postgresql/server/init.sls this is 3 yeras old
03:24 Furao but this used to works  in ubuntu
03:25 Furao https://dpaste.de/O0mT#L8
03:25 Furao as there is no source this file will be blank (and server won’t start)
03:26 Ryan_Lane joined #salt
03:26 Furao ok postgresql package is a meta pkg for the latest version of the server
03:27 Furao the error is because the db process don’t seem to run
03:28 ghanima joined #salt
03:28 Furao this is a formula that deploy a django app https://github.com/bclermont/states/blob/master/states/sentry/init.sls (sentry)
03:29 Furao it handle even migration and stuff
03:29 Furao just looking at the code my eyes burn this is so old
03:29 GabLeRoux Eh thanks :) I should try to connect to it manually. I'm not experienced with postgresql yet, heard good comments on it so giving it a try ;)
03:29 aparsons joined #salt
03:30 Furao GabLeRoux: po de trouble
03:30 Furao you can run with “-l all” to see all the things salt try to do and try them manually yourself
03:31 GabLeRoux yup, currently using --l debug, I'll see if I get more hints with this
03:31 GabLeRoux -l debug*
03:31 GabLeRoux nice, that's verbose :)
03:38 hasues joined #salt
03:38 GabLeRoux Seems like my postgresql isn't starting, you were right. https://dpaste.de/7sew
03:39 Furao https://dpaste.de/O0mT#L8,40
03:39 Furao you should have a locale formula
03:39 hasues left #salt
03:41 Furao it seem that you copied that server.key file manually
03:41 Furao i strongly suggest that you manage everything or nothing, if you do part of it you’ll always ends with problem
03:42 GabLeRoux I don't even know where that is
03:42 Furao ssl_key_file in postgreslq config
03:43 GabLeRoux this is all default stuff for the moment ;)
03:44 Furao ok
03:53 perfectsine joined #salt
03:55 CeBe2 joined #salt
03:57 GabLeRoux ok, found out I broke my postgresql configs/installation with my bad scripts, cleaned everything and I was able to start postgresql
03:57 mikaelhm joined #salt
03:57 Furao bad scirpts?
03:57 GabLeRoux yml
03:57 Furao ah ok
03:58 GabLeRoux I should have said bad state.sls
03:58 perfectsine_ joined #salt
04:03 lpmulligan joined #salt
04:07 bhosmer_ joined #salt
04:15 ramishra_ joined #salt
04:22 hasues joined #salt
04:25 TTimo joined #salt
04:28 fxhp joined #salt
04:30 GabLeRoux Still the same error, I never though it would take me so long to make it work :( No matter what I try, once I check for service.running, it's dead but salt says it's in desired state.
04:31 kellnola2 joined #salt
04:33 tim__ joined #salt
04:36 MTecknology Getting close to conference time!! :D
04:40 Nazca joined #salt
04:40 Hipikat joined #salt
04:40 hasues left #salt
04:42 murrdoc joined #salt
04:43 Guest89 joined #salt
04:44 Heartsbane joined #salt
04:44 monkey66 joined #salt
04:44 monkey66 left #salt
04:45 Furao graylog2 1.0 released, good
04:51 gibmachine yiss
04:51 gibmachine all the logs
04:52 Furao next step prometheus 1.0 :)
04:53 nullptr joined #salt
04:59 ajw0100 joined #salt
05:04 dimeshake joined #salt
05:10 bdf joined #salt
05:14 lpmulligan joined #salt
05:15 alanpearce joined #salt
05:17 alanpearce joined #salt
05:21 overyander joined #salt
05:26 sudarkoff joined #salt
05:34 Furao joined #salt
05:36 repl1cant joined #salt
05:43 Ryan_Lane joined #salt
05:43 joehoyle joined #salt
05:43 otter768 joined #salt
05:47 beneggett joined #salt
05:54 Hipikat joined #salt
06:03 GabLeRoux left #salt
06:03 GabLeRoux joined #salt
06:14 tkharju joined #salt
06:15 ramishra_ joined #salt
06:26 calvinh joined #salt
06:28 neogenix joined #salt
06:31 calvinh joined #salt
06:33 clintberry joined #salt
06:41 calvinh_ joined #salt
06:42 ramishra_ joined #salt
06:48 stooj joined #salt
06:49 Hipikat joined #salt
07:06 ramishra_ joined #salt
07:06 colttt joined #salt
07:06 toanju joined #salt
07:08 neogenix joined #salt
07:10 epcim_ joined #salt
07:15 techdragon joined #salt
07:18 alanpearce joined #salt
07:18 stoogenmeyer joined #salt
07:21 alanpearce joined #salt
07:26 krelo joined #salt
07:27 TTimo joined #salt
07:28 Gareth joined #salt
07:29 monkey66 joined #salt
07:30 KermitTheFragger joined #salt
07:31 flyboy joined #salt
07:34 JlRd joined #salt
07:44 otter768 joined #salt
07:47 stylica_ joined #salt
07:48 danee joined #salt
07:51 trikke joined #salt
07:53 bfoxwell joined #salt
08:02 Auroch joined #salt
08:06 slafs joined #salt
08:08 slafs left #salt
08:09 Guest89 joined #salt
08:10 AndreasLutro joined #salt
08:13 eseyman joined #salt
08:18 ShibMcNe joined #salt
08:18 sc` joined #salt
08:21 MatthewsFace joined #salt
08:23 cmthornton joined #salt
08:24 JlRd joined #salt
08:24 GabLeRoux Furao: I found my problem, I was using postgres.user and postgres.db directly in my pillar and didn't know the pillar had some global overide! My sls had some small issues, but the main problem was that no matter what was written in the sls, posgres user wasn't used by salt when running!
08:25 kawa2014 joined #salt
08:25 Furao “posgres user wasn't used by salt when running” ?
08:25 GabLeRoux default user for creating other users and dbs
08:26 GabLeRoux I moved to mysql and had the exact same problem
08:26 GabLeRoux instead of using root user, it was using django. couldn't do anything
08:27 AndreasLutro does anyone here use salt for managing shared hosting web servers? do you put all the vhost info + user data into salt pillars or use something else?
08:27 GabLeRoux I moved everything in my pillar file in the "environment_variables" key and bam, all the scripts are running fine :)
08:28 TTimo joined #salt
08:28 babilen GabLeRoux: You mean that salt used a configuration you explicitly defined in a pillar?
08:28 GabLeRoux lol, yes indeed
08:28 babilen Well ...
08:29 babilen AndreasLutro: That's exactly what we do, yeah. Which webserver are you using/planning to use?
08:30 GabLeRoux I should have read the docs better, or maybe reading some tutorials. I tought pillars were only used when specified in a state.sls (by using {{ pillar['whatever'] }}. I was so wrong
08:31 Furao there is something wrong in your setup, because that is how i had been using pillars like that for years and it never worked
08:31 babilen GabLeRoux: Some execution modules require additional configuration for them to work. There are various ways to define them (minion config, pillar, ...) which directly corresponds to using http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.config.html#salt.modules.config.get
08:31 Furao I even wrote a pillar proxy to extend pillars usage
08:32 babilen GabLeRoux: That function traverses the different data sources in a specific order and the last one "wins". This is what is typically used to implement that kind of behaviour and what is, most likely, to "blame" for the behaviour you encountered
08:34 AndreasLutro babilen: both apache and nginx really. I just thought it seemed kind of excessive to put 100s of usernames/passwords/domains etc into a salt state
08:35 babilen AndreasLutro: https://github.com/saltstack-formulas/nginx-formula + https://github.com/saltstack-formulas/apache-formula are worth a look
08:37 chiui joined #salt
08:37 AndreasLutro babilen: yeah I've looked at them, I just wanted a bit of confirmation. keeping credentials and stuff in version control also seems a bit excessive - do you keep those pillars in a separate repo or outside of version control?
08:37 teogop joined #salt
08:38 tomspur_ joined #salt
08:38 babilen AndreasLutro: I keep them in a separate repository that I leave on the master. Depending on your needs the gpg renderer might be of interest: http://docs.saltstack.com/en/latest/ref/renderers/all/salt.renderers.gpg.html
08:38 lb1a joined #salt
08:39 ShibMcNe AndreasLutro: I use salt.renderes.gpg for credentials
08:39 jtang joined #salt
08:39 AndreasLutro ah, interesting
08:40 GabLeRoux Succeeded: 9 (changed=1) Failed:    0  <3
08:41 intellix joined #salt
08:42 thayne joined #salt
08:42 AndreasLutro babilen: and you import that repository's pillar data the standard gitfs way or some other way?
08:46 tristianc joined #salt
08:48 babilen AndreasLutro: http://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html#using-git-as-an-external-pillar-source
08:48 babilen http://docs.saltstack.com/en/latest/ref/pillar/all/salt.pillar.git_pillar.html
08:49 babilen AndreasLutro: Combining both allows you to keep credentials in git with the additional security of it not being a problem to be compromised as credentials are being encrypted with gpg
08:50 babilen (bit of a hassle though_
08:51 sbrefort joined #salt
08:52 AndreasLutro babilen: that's great. thanks
08:53 sbrefort Hello, I just pushed a pydio formula on github, and I'd like to submit it to saltstack-formulas, here it is : https://github.com/sbrefort/saltstack-pydio-formula.git
08:55 babilen sbrefort: Not many saltstack people are online at this time. I'd recommend to write a short mail to salt-users -- https://groups.google.com/forum/#!forum/salt-users
08:56 rawkode joined #salt
08:57 sbrefort Ok Thank's !
08:57 babilen sbrefort: What is quite obvious: You are missing a pillar.example file in which you show all options that can be set in pillars (you seem to only set lookup table values, but those should be documented too)
08:59 babilen sbrefort: You also have different whitespace style on line 13 and 21 ( {{foo}} vs {{ foo }} )
09:01 babilen It might make sense to make the package installation and both repositories separate states that are being included in the init.sls so that people can decide which bits they need. I would also personally prefer it if I could conditionally enable deb-src entries (I typically don't need them on production boxes)
09:01 babilen That's probably all the nitpicking I could do ;)
09:01 sbrefort Thanks I'll fix that :)
09:02 babilen Just thought "Now or never" :)
09:02 TyrfingMjolnir joined #salt
09:04 shorty_mu joined #salt
09:07 sieve joined #salt
09:07 fredvd joined #salt
09:08 agend joined #salt
09:08 ramishra_ joined #salt
09:09 epcim_ joined #salt
09:27 sieve joined #salt
09:27 badon joined #salt
09:28 TTimo joined #salt
09:32 karimb joined #salt
09:32 holms joined #salt
09:33 GrueMaster joined #salt
09:33 JlRd joined #salt
09:33 Xevian joined #salt
09:35 paulm- joined #salt
09:38 paulm-- joined #salt
09:40 ramishra_ joined #salt
09:41 N-Mi joined #salt
09:45 otter768 joined #salt
09:49 GrueMaster joined #salt
09:50 jespada joined #salt
09:55 MatthewsFace joined #salt
09:58 mindscratch joined #salt
09:59 toxic_apple_pie joined #salt
10:02 huddy joined #salt
10:07 Ryan_Lane joined #salt
10:10 bhosmer_ joined #salt
10:11 sieve joined #salt
10:14 stoogenmeyer joined #salt
10:15 markm joined #salt
10:16 N-Mi joined #salt
10:16 N-Mi joined #salt
10:16 evle joined #salt
10:19 linjan joined #salt
10:30 TTimo joined #salt
10:38 michelangelo joined #salt
10:39 jrluis joined #salt
10:41 johtso joined #salt
10:43 tomspur joined #salt
10:43 bhosmer joined #salt
10:48 helderco joined #salt
10:49 giantlock joined #salt
10:49 sieve joined #salt
10:52 fsero joined #salt
10:55 fsero_ joined #salt
10:57 MatthewsFace joined #salt
11:00 sieve left #salt
11:06 skarn joined #salt
11:07 I3olle joined #salt
11:08 Andre-B joined #salt
11:14 GabLeRoux joined #salt
11:17 bluenemo joined #salt
11:17 bluenemo joined #salt
11:26 rogst joined #salt
11:27 kellnola joined #salt
11:29 GabLeRoux joined #salt
11:31 potens joined #salt
11:33 diegows joined #salt
11:34 nullptr joined #salt
11:35 robothands hello...does anyone know how service.running checks is a service is indeed running...
11:35 abele_ joined #salt
11:35 neilf________ joined #salt
11:35 robothands I checked the source code...but...well...I'm not smart enough to work it out :)
11:35 ltsampros lol
11:36 ltsampros for which os/distro ?
11:36 robothands ubuntu 1404
11:36 goki_ joined #salt
11:36 codekobe_ joined #salt
11:36 robothands atm, I get "service is already enabled but is dead". the init script has no status function so I wondered if that was it, but wasnt able to work it out myself
11:37 robothands service is actually running minion-side also
11:38 ltsampros checkout upstart
11:39 robothands gotcha
11:40 robothands that seems to be the problem...thanks
11:44 amcorreia_ joined #salt
11:44 GabLeRoux joined #salt
11:46 otter768 joined #salt
11:51 fsero joined #salt
11:54 abele joined #salt
11:56 intellix joined #salt
11:58 linjan joined #salt
12:00 GabLeRoux joined #salt
12:05 eliasp is there a non-hackish solution for localmods on a master? e.g. when I need a fixed version of a module/state/whatever on a Minion, I distribute them via http://docs.saltstack.com/en/latest/ref/file_server/dynamic-modules.html - but now I have to deploy several fixes to my master… some until the next 2014.7 release, some until 2015.2, some even beyond that for 2015.2 + 1 … are there any best practices?
12:10 paulm- joined #salt
12:12 Furao eliasp: add the following to your master config
12:12 Furao {#- access same modules as minion #}
12:12 Furao extension_modules: {{ opts['cachedir'] }}/extmods
12:12 Furao well… this is for the jinja template that render the salt master config
12:13 eliasp Furao: yeah, was just wondering since when the master config is Jinja rendered ;) … anyways, this should do the trick, thanks a lot!
12:14 eliasp Furao: I'll have to see whether this also applies to all other modules (not only _states, _runners, _modules, …) … here I have fixes in pillar/pillar_ldap.py, fileserver/*, etc.
12:14 scottpgallagher joined #salt
12:14 eliasp Furao: but anyways… a good start!
12:14 Furao i think this cover everything
12:15 Furao becasue in extmods there is grains, renderers, etc
12:15 GabLeRoux joined #salt
12:15 Furao but i only needed _modules so far
12:17 harkx joined #salt
12:19 mndo joined #salt
12:20 stoogenmeyer joined #salt
12:24 stoogenmeyer joined #salt
12:30 GabLeRoux joined #salt
12:30 Madhurranjan joined #salt
12:31 TTimo joined #salt
12:36 jagardaniel joined #salt
12:37 Madhurranjan joined #salt
12:37 fbettag joined #salt
12:40 Nazca__ joined #salt
12:42 denys joined #salt
12:44 Madhurranjan joined #salt
12:45 fsero_ joined #salt
12:46 MatthewsFace joined #salt
12:53 jagardaniel hi :) what is the easiest way (in a state) to execute something if/or if not a service is running? check with modules.service.status and execute something on fail?
12:55 Furao this is possible on 2014.7.x not 2014.1.x
12:59 paulm- joined #salt
13:01 jagardaniel Furao: ah, i'm using the latest version so it should work. i don't know if there are a more simple way to do it. Just want to run something if a service is running, but not if the service isn't running
13:02 sc` joined #salt
13:04 germs_ joined #salt
13:05 babilen jagardaniel: Do you want the service to run or not?
13:06 jagardaniel babilen: If the service is running, I want to restart it. But if the service isn't running, I don't want to start it. So keep it stopped.
13:07 babilen Well, why don't you ensure that the service is in the state you want it to be?
13:10 jagardaniel Because this state doesn't control the status of a service. It is just going to update stuff and restart the service if it is active.
13:10 jagardaniel not sure if that is the way you should "work" with salt though
13:12 Sacro Hmm, if you stop a service that is stopped do you get a failure?
13:12 babilen Salt is rather prescriptive than reactive. So rather than saying "if $FOO is the situation on $MINION do $BAR" you say "Ensure that minion is in state $BAZ"
13:12 Sacro You could stop the service, and then use onchanges?
13:13 babilen jagardaniel: So you would, for example, that a certain package is installed, its service enabled and restarted if one of the configuration files you control has a change. That does, however, assume that you do control the service on the minion to begin with.
13:15 babilen +ensure :)
13:15 pdayton joined #salt
13:16 babilen For that you would have to decide if you want a service to run or not. And, if you don't want it to run, I don't really see a reason to install it in the first place.
13:16 jagardaniel Hmm, yeah. That is how it works right now. I'm using this state to install and remove "game instances" for users. So install template files, set up firewall rules and create a windows service
13:17 jagardaniel and it also starts the service and make sure it is running every time the state is executed.
13:17 babilen Okay
13:17 babilen Go on
13:17 TTimo joined #salt
13:17 jagardaniel but we would like to let our customer stop their server (= service). And this state is executed everytime like a patch to the game is released, or if they changed the slots on the server
13:18 jagardaniel so if the customer has stopped the service, it will automatically be started again after executing this state
13:18 jagardaniel which may not be what they want
13:19 jagardaniel but as i said, i could be thinking more like "if $FOo... do this" (programming like)
13:20 jagardaniel i could also send in a pillar value (called restart or something) and just do a if-statement based on that value
13:20 babilen Salt, naturally, cannot differentiate between "stopped on purpose" and "should ensure that it is running". Can't you integrate that decision into your infrastructure? (e.g. user clicks somewhere, database is being updated, salt uses that database as external pillar and uses "service.running" or "service.dead" depending on their wishes.
13:21 linjan joined #salt
13:21 jagardaniel babilen: yeah, that could work too :) since we use salt like that (getting all info from mysql) that could probably be even easier
13:22 jagardaniel and just have a boolean-field that tells us if the service should be running or not
13:22 babilen I would recommend that route then
13:22 babilen That way it is explicit and idiomatic
13:22 jagardaniel babilen: thats the way its gonna be then :) thanks for your help, much appreciated
13:23 babilen yw :_
13:23 babilen s/_/)/
13:24 Sacro babilen: \)
13:24 Sacro I think :\
13:25 RabidCicada joined #salt
13:26 fredvd joined #salt
13:28 RabidCicada So...I'm using salt at home on a small VM farm.  I pulled down and started using gitfs but ran into stale pillar data until a saltutil.refresh_pillar.
13:29 RabidCicada I was wondering what is the normal refresh rate of the pillar or upon what events does it refresh automatically?
13:29 RabidCicada it was a little frustrating figuring out the problem
13:29 Sacro RabidCicada: it does't refresh automatically
13:30 RabidCicada I wasn't using the git backend for pillar...I just mentioned that because I started using it.  the pillar was a normal file based pillar from /srv/pillar
13:30 RabidCicada oh man...no events force a refresh?
13:30 RabidCicada is there a design decision for that?...or just happenstance?
13:30 Sacro unless you count refresh_pillar as an event
13:30 Sacro Oh I think highstate might have an options
13:30 RabidCicada ok.  so basically I need to salt-minion my master then force a watch on pillar files?
13:31 RabidCicada to force a refresh on any pillar file update
13:31 Sacro hm, no
13:31 RabidCicada ?
13:31 Sacro Could do that yeah
13:31 RabidCicada seems like an oversight from a salt newbie...any design decision for no refresh?
13:31 RabidCicada some kind of security or error prevention purpose?
13:31 Sacro How would you know you needed to do it?
13:32 RabidCicada cause I slapped files into the pillar:)
13:32 RabidCicada of modified ones
13:32 Sacro Salt doesn't know that
13:32 RabidCicada of=or.
13:32 drawsmcgraw RabidCicada: certain events will trigger a Pillar refresh
13:32 drawsmcgraw like state.highstate, state.top...
13:32 drawsmcgraw It's not a lot. But some do
13:33 monkey66 joined #salt
13:34 Madhurranjan joined #salt
13:37 RabidCicada kool
13:37 RabidCicada thanks
13:38 RabidCicada I might go ahead and minion my master and watch the pillar directory for updates:).  See how that plays out.
13:38 babilen A highstate typically refreshes everything (states, modules, custom grains, ...) so that it works with the latest data
13:38 RabidCicada kool
13:39 intellix joined #salt
13:41 hojgaard joined #salt
13:43 monkey66 joined #salt
13:46 Madhurranjan joined #salt
13:47 otter768 joined #salt
13:48 verkgw_ joined #salt
13:48 claytonk joined #salt
13:49 aurigus joined #salt
13:49 M0nteZ joined #salt
13:50 M0nteZ hello from first time salt user
13:50 babilen Welcome
13:51 M0nteZ in need of help and after reading the salt web page and listening on you tube videos i stumbled upon irc channel
13:51 M0nteZ mybe someone with more experience can len da hnd
13:52 M0nteZ mybe someone with more experience can lend a hand
13:53 RobertFach Hi, anybody here with detailed salt multi master knowledge ?
13:53 subsignal joined #salt
13:55 RobertFach I would like to know if I configure a salt multimaster env. without public key signature verfication (  verify_master_pubkey_sign: True ), if I then still be able to use failover and random master as described under salt-multi-master pki tutorial ... http://docs.saltstack.com/en/latest/topics/tutorials/multimaster_pki.html
13:55 ndp joined #salt
13:56 RobertFach In my case, this option would be false ... verify_master_pubkey_sign: False
13:56 fe92 joined #salt
13:57 vectra joined #salt
13:57 asaladin joined #salt
13:58 M0nteZ question 1 - if minions are connecting to master over GSM, some of them might be disconnected when doing the state.highstate from master.  To make sure all minions are updated, do i need to run state.highstate with a cron job every 10 minutes or ???
13:59 wincus joined #salt
13:59 nahamu M0nteZ: it depends on what you're trying to accomplish.
13:59 nahamu Do all minions conenct that way or just some of them?
14:00 jeremyr joined #salt
14:00 RobertFach ...do something more sophisticated :) @ M0nteZ but it depends...
14:01 lpmulligan joined #salt
14:01 babilen M0nteZ: I wouldn't necessarily do that, but you *can* run highstates every k minutes. (cf. http://docs.saltstack.com/en/latest/topics/jobs/schedule.html) -- You could also use the reactor or startup states to ensure that a highstate is being run whenever a minion becomes available. The reactor approach would be to enable presence_events and running highstate's on those that came online (cf. ...
14:01 babilen ... http://docs.saltstack.com/en/latest/topics/event/master_events.html#presence-events and http://docs.saltstack.com/en/latest/topics/reactor/ )
14:01 M0nteZ minions always connect trough GSM in the special VLAN setup from provider
14:01 babilen http://docs.saltstack.com/en/latest/ref/states/startup.html
14:02 M0nteZ minions always connect trough GSM in the special VLAN setup from provider, that connection can sometimes not be on
14:02 TTimo joined #salt
14:02 JDiPierro joined #salt
14:07 M0nteZ that you all for directing me, so there is two solutions: Reactor or startup states. I will do some reading now to decide which one to select
14:07 simonmcc joined #salt
14:08 wnkz joined #salt
14:09 mapu joined #salt
14:13 denys joined #salt
14:13 Furao joined #salt
14:14 babilen M0nteZ: They are not the same, if your minions "drop out" and then become available you will want to hook into presence events
14:15 racooper joined #salt
14:15 nitti joined #salt
14:19 bluenemo joined #salt
14:19 bluenemo joined #salt
14:21 breakingmatter joined #salt
14:24 wiqd joined #salt
14:24 kwmiebach joined #salt
14:24 huddy joined #salt
14:30 badon_ joined #salt
14:31 Elwood_5G joined #salt
14:32 Elwood_5G hi
14:32 Elwood_5G anybody here got experience with the minion-proxy-stuff?
14:32 cpowell joined #salt
14:33 diegows joined #salt
14:34 M0nteZ the minions are located in the buses and some buses are not "up " all the time. So I'm just looking for solution for the minions to be up to date with the master when they come up
14:34 MatthewsFace joined #salt
14:34 riftman joined #salt
14:35 fsero__ joined #salt
14:35 nullptr joined #salt
14:36 RabidCicada joined #salt
14:36 jay_d joined #salt
14:39 ndrei joined #salt
14:39 AndreasLutro I want to download a .tar.gz with file.managed if the local file is older than X minutes old. is this possible without cmd.run?
14:41 murrdoc joined #salt
14:41 nitti_ joined #salt
14:44 MTecknology For anyone that has access to saltconf.com - the breakout sessions page has "Alexander Schwartz,Andy Fundinger & Eli Ribble". Because of the missisg space after the comma, the words don't wrap and flow into the next block.
14:46 murrdoc is the agenda up
14:48 mordonez joined #salt
14:49 ndrei joined #salt
14:51 JDiPierro Anyone use the Halite UI? Is that project abandoned?
14:52 Elwood_5G nobody use a proxy-minion?
14:52 kermit joined #salt
14:52 mschiff file.comment comments a matching line again and again and again, adding a comment char on every run... is that desired behavior?
14:54 kaptk2 joined #salt
14:54 mschiff nevermibd, wrong regex on my side, just found the right bits in the docs
14:54 murrdoc JDiPierro:  salt-pad is the current hotness, but word is salt itself is coming with something to upgrade halite
14:55 numkem joined #salt
14:55 _JZ_ joined #salt
14:55 JDiPierro murrdoc: Sweet, I haven't seen that one before. Thanks!
14:55 fe92 joined #salt
14:57 nitti joined #salt
14:59 CeBe joined #salt
15:01 murrdoc https://github.com/tinyclues/saltpad/tree/master/screenshots looks good tho
15:01 bhosmer_ joined #salt
15:01 murrdoc not sure why hes using mongo
15:02 primechuck joined #salt
15:04 stoogenmeyer joined #salt
15:05 stoogenmeyer joined #salt
15:09 jri_ joined #salt
15:10 grosjean hello all
15:10 grosjean anyone got idea why sometimes cmd_iter return me an empty generator ?
15:10 grosjean when using python api
15:10 grosjean {'ret': ''}} ret <generator object cmd_iter at 0x3265640>
15:10 badon_ joined #salt
15:12 jri_ Hello everyone, It's my first week of Salt :) Just have a question: There is a way to pass the pillar file in CLI ?
15:12 jri_ I've tried pillar=$(cat /path/myfile) with no luck
15:18 bhosmer_ joined #salt
15:18 lothiraldan joined #salt
15:21 murrdoc pillar data is from pillar file roots
15:21 murrdoc if u arent seeing a pillar, try saltutil.refresh_pillar
15:22 nitti joined #salt
15:22 fsero_ joined #salt
15:23 rudi_s Hi. Can I access the current grains when I generate a pillar?
15:23 stoogenmeyer joined #salt
15:23 scoates joined #salt
15:23 rudi_s Neither salt, __salt__ nor __grains__ seems to be defined in the jinja template in pillar/foo.sls
15:23 jri_ @murrdoc: Yes, it's work with pillar_roots, I just want to know if this is the only way to use pillar file ?
15:23 stoogenmeyer joined #salt
15:24 murrdoc yeah
15:24 murrdoc that and ext_pillar
15:24 jalbretsen joined #salt
15:24 mschiff Is really noone having trouble with hanging minions? I have this problem on totally different distros with different states, propably sind salt version 2014.7
15:24 jri_ Ok :) Thanks for the answer!
15:24 mschiff its always salt-minion processes being stuck either within a specific state or in highstate
15:25 mschiff and it seems that it gets stucker after all work is done. And I need to kill the process before I can run the specified state again
15:26 tligda joined #salt
15:27 stylica joined #salt
15:29 clintberry joined #salt
15:29 paulm-- joined #salt
15:30 Madhurranjan joined #salt
15:31 RobertFach i have the same problem...
15:31 RobertFach @mschiff
15:32 fe92 joined #salt
15:32 douglassssssssss joined #salt
15:32 RobertFach i suspect that its caused due to master overload conditions... maybe a racecondition/timeout, dont know yet, my master is currently running under 2014.7.0
15:32 mschiff RobertFach: ok, good to know! And do you have any ideas?
15:33 RobertFach today i wanted to try out multi master as a solution for that, but i dont know if the simple multi master without signing the keys allows you to do some kind of load balancing
15:33 RobertFach anyway this is only a workaround...
15:33 RobertFach :/
15:33 mschiff just looking at tcpdump output I can see that the minion is talking to the master constantly when this happens
15:33 andrew_v joined #salt
15:34 mschiff but the master does not answer
15:34 mschiff and being in a shell on the master the "salt" call is still hanging in the shell
15:35 RobertFach Yeah, I started also some resarch, e.g., putting master into debug mode
15:35 RobertFach (loglevel = debug)
15:36 mschiff pressing ctrl-c on the master also stops that communication from minion to master
15:37 jrb28 joined #salt
15:37 mschiff then it tells abount "minion may not hav finished..." and doing "salt-run jobs.lookup_jid <jid>" yelds no output
15:37 perfectsine joined #salt
15:37 mschiff I am using 2014.7.1
15:38 RobertFach Mh, my context is a little bit different, so when this happens to me, I currently just restart the bootstrap of the vms... this is just a retry solution :)
15:39 RobertFach however, I see in my master log that the master fails to authenticate a message, maybe this is related to your statement that the minion is communicating to the master all the time
15:39 mschiff ok, and: for me right now it only happends if the minion has to change something (config file for example)
15:41 RobertFach for me it often happens with states where it has to talk to the fileserver...
15:41 RobertFach e.g., a config file received from the salt master
15:44 RabidCicada mschiff and RoberFach, how many minions are you running?
15:45 RabidCicada I don't have an issue...but I'm only running like 3 minions on my master
15:45 RabidCicada I'm on 2014.7.2 with gitfs support
15:45 rgarcia_ joined #salt
15:46 fsero__ joined #salt
15:46 RobertFach around 300 minions, but not all online at the same time
15:47 mschiff RabidCicada: at the moment I have only 8 minions configured, and I am only using a single one
15:47 mschiff so the master is more or less completely idle here
15:48 GabLeRoux joined #salt
15:48 mschiff 7.*2*?
15:48 otter768 joined #salt
15:48 mschiff I must have missed that one...
15:48 jri_ left #salt
15:49 RobertFach I think .2 was just released/announced a few days ago
15:50 RobertFach @mschiff which systems did you try?
15:50 mschiff debian old stable and current gentoo
15:51 RobertFach i mostly running on ubuntu, my master is always on ubuntu 12.04 lts, minions are on 12.04 and 14.04
15:51 RobertFach can you check which zmq packages you get ?
15:52 che-arne joined #salt
15:52 RobertFach salt --versions-report
15:53 RobertFach For me it shows...
15:53 RobertFach Salt: 2014.7.0          Python: 2.7.3 (default, Dec 18 2014, 19:10:20)          Jinja2: 2.6        M2Crypto: 0.21.1  msgpack-python: 0.1.10    msgpack-pure: Not Installed        pycrypto: 2.4.1         libnacl: Not Installed          PyYAML: 3.10           ioflo: Not Installed           PyZMQ: 13.0.0            RAET: Not Installed             ZMQ: 3.2.2            Mako: Not Installed
15:53 RobertFach sorry :/
15:55 Madhurranjan joined #salt
15:57 murrdoc try raet
15:57 murrdoc might as well :)
16:03 RabidCicada I'm on 14.04 and using zmq 4.0.4 compiled from scratch
16:04 RabidCicada Salt: 2014.7.2
16:04 RabidCicada Python: 2.7.6 (default, Mar 22 2014, 22:59:56)
16:04 RabidCicada Jinja2: 2.7.2
16:04 RabidCicada M2Crypto: 0.22
16:04 RabidCicada msgpack-python: 0.4.2
16:04 RabidCicada msgpack-pure: Not Installed
16:04 RabidCicada pycrypto: 2.6.1
16:04 RabidCicada libnacl: Not Installed
16:04 RabidCicada PyYAML: 3.11
16:04 RabidCicada ioflo: Not Installed
16:04 RabidCicada PyZMQ: 14.3.0
16:04 RabidCicada RAET: Not Installed
16:04 RabidCicada ZMQ: 4.0.4
16:04 RabidCicada Mako: Not Installed
16:05 JDiPierro oh my
16:06 RabidCicada sorry spam...don't know how to do multiline paste in one message
16:06 mschiff on Gentoo I have ZMQ: 3.2.3
16:06 RabidCicada JDiPierro, something wrong with my setup?
16:06 RobertFach i have heard that there are some issues with older zmq versions... so i suspect this also
16:06 RabidCicada I've got no bad behaviors
16:06 RabidCicada yeah 2.1.11 was known to hang
16:06 JDiPierro RabidCicada: Nah, just the massive flood of messages :P
16:06 mschiff and PyZMQ: 14.4.0
16:07 RabidCicada mschiff, pyZMQ 14.4.0 is bad?....or what?
16:08 mschiff yes
16:08 RabidCicada oh wow...where is that reported?
16:08 RobertFach mschiff, did you ever had the chance to try a setup like RabidCicada ?
16:08 mschiff erm sorry; It may be bad...
16:08 RobertFach i mean the zmq > 4?
16:09 mschiff I can try PyZMQ 14.3.1 and 14.5.0
16:09 mschiff let me check
16:10 RobertFach i think the important part is the ZMQ itself, not necessarily the python wrapper ...
16:10 hebz0rl joined #salt
16:10 RabidCicada I'd agree...I used 4.0.4 because it had a security fix.  Haven't touched it since
16:10 bhosmer joined #salt
16:10 programmerq joined #salt
16:10 programmerq joined #salt
16:11 moderation joined #salt
16:11 mschiff Ah. I didnt find it because its named zeromq ;) These are the choices: 2.2.0 3.2.3 4.0.5
16:12 wendall911 joined #salt
16:12 mschiff will try 4.0.5 now
16:12 MTecknology RabidCicada: dpaste.com and then share the link <-- best option for that kinda thing
16:13 andygrunwald joined #salt
16:13 cbrinley joined #salt
16:13 wiqd joined #salt
16:14 mikaelhm joined #salt
16:14 kwmiebach joined #salt
16:14 huddy joined #salt
16:15 calve joined #salt
16:15 calve hello all
16:15 andygrunwald hey mates, i got a small question: My goal is to log / store (redis) _every_ command + result which was executed by the salt stack master. Like salt '*' test.ping. I can do this to configure database, host and port in master config and do "salt '*' test.ping --return redis", but my goal is that i don`t want to add "--return redis" every time. The job cache is (maybe) the wrong system, because it is just a cache. Is there any way to configure a default
16:15 andygrunwald returner?
16:16 calve I have this long-running state, executed using the ``-d`` debug flags
16:16 calve it takes so much times, just yielding ``Checking whether jid 20150220160309095397 is still running``
16:16 karimb joined #salt
16:16 calve any way to check the internal state of the job ? like view stdout or states status ?
16:17 Deevolution joined #salt
16:18 Ahlee andygrunwald: set ext_job_cache in your master config
16:19 andygrunwald Ahlee, but this is only a cache right? So this will be cleaned up after ~24h (configurable).
16:19 andygrunwald http://docs.saltstack.com/en/latest/ref/returners/index.html#event-returners
16:19 andygrunwald what about this?
16:19 spiette joined #salt
16:19 andygrunwald For maximimum visibility into the history of events across a Salt infrastructure, all events seen by a salt master may be logged to a returner.
16:19 Ahlee andygrunwald: no, only the file system cache is cleaned after 24 hours
16:19 Ahlee so when I run salt \* test.ping
16:19 debian112 joined #salt
16:19 thedodd joined #salt
16:19 andygrunwald If i enable "event_return" i will get "Failed to authenticate!  This is most likely because this user is not permitted to execute commands, but the..."
16:19 Ahlee i get a return back to the cli, and a return to the default returner (mongodb in my case)
16:19 andygrunwald if i do a ping
16:19 intellix joined #salt
16:20 andygrunwald > ndygrunwald: no, only the file system cache is cleaned after 24 hours <<<< This is a useful info. Thanks.
16:20 andygrunwald Ahlee, but what about the "event_return" setting?
16:20 Ahlee andygrunwald: looking into when it was added
16:21 gyre007 joined #salt
16:21 Corey Hello from SCaLE.
16:21 thehaven joined #salt
16:21 Ahlee Hello SCaLE
16:21 mschiff RabidCicada, RobertFach: Upgrading to zeromq 4.0.5 did not fix it here
16:21 dyasny joined #salt
16:22 zugzwang joined #salt
16:22 murrdoc scale
16:22 murrdoc chicago needs scale
16:22 simonmcc joined #salt
16:23 zugzwang Why use required: after a pkg.installed? Isn't it useless?
16:23 zugzwang sorry, i mean a require inside a service.running for example
16:23 MatthewsFace joined #salt
16:23 manytrees joined #salt
16:24 Ahlee andygrunwald: i'm not seeing when event_return was added, i am on an old version and do not have it set
16:24 agend joined #salt
16:24 andygrunwald Ahlee, mentioned in http://docs.saltstack.com/en/latest/ref/configuration/examples.html
16:24 andygrunwald as well
16:24 andygrunwald seems to be an older implementation
16:25 tristianc joined #salt
16:25 ShibMcNe zugzwang: because you may want a package to be installed before trying to start a service ?
16:25 Ahlee events were the push of hydrogen, so guessing that's when this was all introduced
16:26 Ahlee anyway, just adding hte ext_job_cache will give you the return value(s) in your designated returner, where they will be persisted until you clean them up
16:26 Deevolution joined #salt
16:26 zugzwang ShibMcNe, but didnt the cmd immediately before installed the package?
16:26 Furao joined #salt
16:26 RobertFach @mschiff thx for trying out
16:26 andygrunwald Ahlee, THX!
16:26 zugzwang so its only a defensive statement?
16:27 gladiatr joined #salt
16:27 codekobe joined #salt
16:28 otter768 joined #salt
16:31 murrdoc thoughts on where __opts__ comes from
16:31 murrdoc https://github.com/saltstack/salt/blob/v2014.7.1/salt/modules/saltutil.py#L72-L83
16:31 EWDurbin joined #salt
16:32 ShibMcNe zugzwang: it all depends on the way you are writing your states, it is hard to answer this question without context =]
16:32 murrdoc cos the way it reads it should use use the extension_modules option as a source dir for the cp.cache_dir
16:33 murrdoc but it doesnt
16:36 neogenix joined #salt
16:36 jay_d joined #salt
16:37 denys joined #salt
16:38 bernieke joined #salt
16:38 stylica joined #salt
16:39 kwork joined #salt
16:43 murrdoc fun fact
16:43 murrdoc extension_modules works different in master and minion
16:43 murrdoc in master its relative to root_dir
16:43 murrdoc in minion its relative to file_roots
16:43 spiette joined #salt
16:45 Ozack-work joined #salt
16:47 StDiluted joined #salt
16:47 pdayton joined #salt
16:48 eykd joined #salt
16:51 murrdoc joined #salt
16:53 jdesilet joined #salt
16:58 KyleG joined #salt
16:58 KyleG joined #salt
17:00 desposo joined #salt
17:00 Ryan_Lane joined #salt
17:01 btorch morning
17:02 eykd_ joined #salt
17:02 programmerq joined #salt
17:03 btorch if I have state files like state/tool/init.sls, state/tool/files.sls and that init.sls has a pkg state that has a require_in: sls files.sls than there is no point of having a require: pkg within the files.sls states right ?
17:03 mpanetta joined #salt
17:04 Ilja joined #salt
17:09 RabidCicada I am new and naive....but...I would say it's all relational.  If files.sls automatically installs or creates whatever it is you are REALLY dependant on...then no need to require: pkg.  If files.sls does not automatically install/create whatever is it you REALLY need...then yes you need require: pkg
17:10 RabidCicada In the effort of completeness, I would reqiure the indidual things you actually need.  that way if your files.sls is ever split or fractured...the real reqs are still intact
17:10 RabidCicada and you wont need to rewrite all your require lines
17:10 smcquay joined #salt
17:13 thayne joined #salt
17:15 cbrinley joined #salt
17:15 skullone joined #salt
17:16 btorch RabidCicada: cool thanks
17:17 jla joined #salt
17:18 ndrei joined #salt
17:19 MTecknology For the first time ever, I looked at one of the states I wrote and said to myself... what the crap was this idiot thinking.
17:19 igorwidl anyway to hardcode the
17:19 igorwidl batch setting in salt master configuration
17:19 jla What does salt-master spend it's time doing when I'm not changing state and the minions are all configured? Mine seems pretty busy, spiking cpu usage and racking up more cpu time than any kvm instance I'm running on systems with similar uptime and specs: 100.1 10.0  22237:27 salt-master (maybe I wrote something really wrong)
17:19 MTecknology igorwidl: nope, but there's an issue created with that request
17:20 igorwidl MTecknology: ty
17:20 MTecknology After I read the comment at the top of the state, I was like, "oh... that makes sense"
17:21 Elwood_5G do i really just have to edit files in /src/pillars for a minion proxy to work?
17:25 perfectsine joined #salt
17:26 adrianhannah joined #salt
17:29 neogenix joined #salt
17:32 timoguin joined #salt
17:32 andrew_v joined #salt
17:33 FeatherKing joined #salt
17:35 FeatherKing since updating from 2014.1.7 to 2014.7.0, my performance has become pretty terrible. I have seen this error a few times and am now wondering about upgrading zeromq to version 4? error: Bad file descriptor (epoll.cpp:81)
17:36 nullptr` joined #salt
17:40 calve left #salt
17:46 iggy FeatherKing: if you can upgrade, you should, but it shouldn't be a requirement
17:47 aparsons joined #salt
17:47 FeatherKing iggy: when we did the upgrade we increased from 20 worker threads to 100. i cant even run a mange.down without errors now
17:47 FeatherKing we have around 1800 minions
17:48 iggy that's a decent amount
17:48 FeatherKing i bumped from 100>130 worker threads today
17:48 FeatherKing but we ran with 20 threads on 2014.1.7 forever with no issues
17:50 theologian joined #salt
17:54 oeuftete Is there a best practice for making a file generated on one minion accessible to other minions... starting down the road of using cp.push, then cp.get_file, but not sure that's sane
17:54 iggy what is specific about that minion that you have to generate it there?
17:56 oeuftete iggy: key for a ceph cluster, generated by the tools there, not sensible to try to do that not on that minion, I don't think
17:58 forrest joined #salt
17:58 oeuftete ok, looks like I perhaps should finally learn what the Mine does
17:59 iggy mine probably isn't a good fit
17:59 iggy unless you want to write a custom ceph module that loads that data
18:00 hebz0rl joined #salt
18:00 iggy I would personally use the pillar wheel to write that data to a pillar and then assign that pillar to the minions that need it in the normal way
18:00 scoates joined #salt
18:00 iggy http://docs.saltstack.com/en/latest/ref/wheel/all/salt.wheel.pillar_roots.html#module-salt.wheel.pillar_roots
18:01 shorty_mu joined #salt
18:01 monkey66 joined #salt
18:01 monkey66 left #salt
18:02 germs_ joined #salt
18:02 drawsmcgraw So.... Trying to install salt-master on a CentOS 6.4 machine. Getting some broken dep about PyYaml...
18:03 drawsmcgraw Pastebin: http://pastebin.com/5xpq103p
18:03 drawsmcgraw Anyone seen that before?
18:03 iggy you have all the proper repo's enabled?
18:05 drawsmcgraw iggy: yes
18:06 drawsmcgraw yeah, just confirmed with a `yum list`. It's coming out of EPEL
18:06 iggy maybe epel messed up the pyyaml package somehow?
18:06 iggy can you install it manually?
18:07 drawsmcgraw manually being... er.... salt-bootstrap?
18:07 drawsmcgraw It's a 'production' box so I'd like to keep it as clean as possible
18:08 iggy no like "yum install python-pyyaml" or whatever centos calls the package
18:08 tkharju joined #salt
18:10 drawsmcgraw iggy: Ah. Yeah I tried some yum-searching around for that. Got nothing. Maybe I really *am* missing some repo.....
18:11 JPaul does anyone know why I'd be getting an error that the xfs module is not available? I'm running salt 2014.7.1 on the minion and 2014.7.0 on the master
18:11 JPaul both are debian whezy
18:11 JPaul wheezy
18:11 Ryan_Lane joined #salt
18:12 rap424 joined #salt
18:13 Ryan_Lane is there any best practice for caching external pillar data?
18:13 Ryan_Lane I'm using masterless
18:13 Ryan_Lane basically, if the external pillar fails I want to fallback to the last set of data fetched
18:14 Ryan_Lane I should mention that I wrote the external pillar, so I can handle it in the external pillar code, if necessary
18:15 bhosmer_ joined #salt
18:15 rick_ joined #salt
18:15 rick_ hi all.
18:16 rick_ I have a salt state that touches my network setting, I assume since everytime a highstate runs my ucarp interface drops.
18:16 bash1245_ joined #salt
18:16 rick_ Any suggestion how to stop it from doing that.
18:18 MatthewsFace joined #salt
18:20 drawsmcgraw iggy: Yep. Out of date internal mirror. I'll have to resolve that one myself :/
18:20 drawsmcgraw Although I did find this: https://github.com/saltstack/salt/issues/19646
18:20 sjol joined #salt
18:21 N-Mi joined #salt
18:23 monkey66 joined #salt
18:24 rick_ how do I do onlyif service is not running
18:26 quickdry21_ joined #salt
18:29 oeuftete Are there any examples out there of using salt.wheel functionality?  I'm having little luck with the docs, the source, or google.
18:30 TTimo joined #salt
18:31 itru joined #salt
18:32 * itru Hi! if I have a pillar like
18:32 itru d
18:32 itru d
18:33 iggy JPaul: usually means you are missing some python module or cmdline util
18:35 rgarcia_ joined #salt
18:35 amcorreia__ joined #salt
18:36 bhosmer_ joined #salt
18:38 shorty_mu joined #salt
18:38 itru sorry for that.
18:38 itru so I’ve got a simple pillar like
18:38 itru somedata:
18:38 itru - one
18:38 itru - two
18:38 itru - three
18:38 itru and I wan’t this pillar to be inserted in a template like (‘one’, ‘two’, ‘three’)
18:38 itru is it possible?
18:40 timoguin joined #salt
18:41 itru I do not want to iterate with jinja, this pillar should be inserted into python script as a python list….
18:42 iggy well, a list is going to be formatted like ['one', 'two', 'three']
18:44 itru it can be a python set, a python list, whatever… just don’t know how to insert pillar data in such format
18:44 iggy {{ salt['pillar.get']('somedata') }}
18:52 scoates joined #salt
18:53 viq joined #salt
18:53 stylica joined #salt
18:58 thedodd joined #salt
19:00 itru {{ salt['pillar.get']('stash_repos') }} returns nothing and {{ pillar.get('stash_repos') }} returns None
19:02 itru oh ok, CLI also return nothing… something wrong with the pillar
19:02 murrdoc did u refresh_pillar
19:04 aparsons_ joined #salt
19:04 otter768 joined #salt
19:05 rick_ anyone know how to have state item not run if a service is running?
19:08 agend joined #salt
19:08 karimb joined #salt
19:11 stylica joined #salt
19:11 itru iggy: thank you,  {{ pillar.get('stash_repos') }}  works fine, just forgot to update top.sls
19:11 thayne joined #salt
19:12 ckao joined #salt
19:12 Brew joined #salt
19:17 nullptr`` joined #salt
19:17 baweaver joined #salt
19:19 LtLefse joined #salt
19:20 btorch is there a way to find out the hostname of a box that holds a unique role ? like I need to use jinja to populate a file with the hostname of the box that holds the billing role for example
19:22 btorch the file is not being setup the box that has the billing role btw
19:23 LtLefse Question from a ex-Puppeteer. I used "defined types" in Puppet quite a bit - anyone know what the equivalent construct is in Salt?
19:24 linjan joined #salt
19:26 zugzwang joined #salt
19:27 MindDrive joined #salt
19:27 iggy LtLefse: you'll have to define that better for those of us not familiar with puppet specifics
19:28 MindDrive Is 'SIGUSR1' still supposed to give some sort of useful information when sent to a salt-minion process running in the foreground in debug mode?
19:30 j_t joined #salt
19:31 LtLefse iggy: so I have a bunch of users defined in Salt, and that works great. but now I'd like salt to take that same data for each user (the name, uid, gid, etc) and apply it to a new custom state I've written (and still create the user as usual)
19:32 j_t When a minion first starts up, it makes a key.. then sends it to the master. Now the master knows for that new node, this is the key. The problem is, someone often various boxes can be formatted. and then there is a new key, and the master rejects it.
19:32 j_t What is a good way to manage keys for the minions, so if they already have a key in the master.. they pull that down and don't generate a new one?
19:34 alanpearce joined #salt
19:34 smcquay joined #salt
19:34 iggy MindDrive: no, SIGUSR1 is up to the daemon to implement
19:35 LtLefse hmm, I think what I want is Pillars (which I haven't used yet)
19:35 iggy LtLefse: yeah, a bit more of an idea what you are trying to achieve might help
19:36 iggy LtLefse: but yeah looping over pillar data is a fairly common pattern
19:36 MindDrive Well, then, I guess there's no way to actually figure out why Salt is so completely broken, then... which it is.  Four weeks I've been trying to figure out why our minions stop talking to the masters, and I've gotten nowhere.  The debug output on the minion is completely useless, the salt master debug output isn't any better, and there seems to be no way to get any useful information from the minion when it's "dead".
19:37 LtLefse I want Salt to create users and also to call my custom state for each user
19:37 iggy j_t: you can't... the master doesn't store the priv and pub key (just the pub)
19:38 iggy LtLefse: look at the ssh and user formulas for ideas about looping over the pillar data
19:38 igorwidl MindDrive: our minion stop contacting master after i do pillar_refresh
19:38 iggy LtLefse: you'd have to adapt things a little for your specifc use case, but it's a good starting point
19:39 igorwidl saltutil.refresh_pillar that is
19:40 LtLefse iggy: thanks, I think I'm on the right track now
19:41 andygrunwald joined #salt
19:42 ldavid1004 joined #salt
19:42 MindDrive Igorwidl: The only possibility I can see from the debug output is the minion loses connectivity after running an internal '__mine_interval' job.
19:42 MindDrive (Usually takes two or three of those to run before it goes belly up.)
19:44 ldavid1004 would anyone happen to know of the salt-ssh equivalent of ansible_sudo_pass ?
19:44 bray joined #salt
19:44 murrdoc roster file
19:44 linjan joined #salt
19:45 murrdoc google saltstack roster
19:46 ldavid1004 After having done that I found an entry like this:
19:46 igorwidl MindDrive: don't have debug on minons over here. hm.. Our strace -x -p <minionpid> shows no activity on stuck minilons
19:47 bray can anyone explain how the PATH is set when running states on a node? i have two nodes that have the same output of `echo $PATH` when ssh'd in, but (only) one of the nodes gives different output when i run `salt '*' cmd.run 'echo $PATH'`
19:47 iggy bray: how are the minions started?
19:47 evilrob joined #salt
19:48 ksj hi, is it possible to change the renderer on just a single pillar file?
19:49 bray iggy: the init script installed by apt
19:49 alanpearce joined #salt
19:51 bray iggy: hmm, when i check ps, on the good server it's running as "/usr/bin/python /usr/bin/salt-minion", on the bad one it's "/usr/bin/python /usr/bin/salt-minion -d"
19:51 bray if i restart the bad one, it's still "/usr/bin/python /usr/bin/salt-minion -d" and the path is still wrong
19:51 bray i'm guessing if i restart the good one, it'll break as well
19:52 iggy same versions and everything?
19:52 bray yup
19:52 bray 2014.7.1
19:53 iggy MindDrive: can you point to the issue you opened for this?
19:53 Ahlee how is the "good" one running in the foreground?
19:54 bray it's not
19:54 Ahlee without -d it is
19:54 thayne joined #salt
19:54 murrdoc true
19:54 iggy same os on the minions?
19:54 Ahlee sounds like upstart/systemd/something else has taken it and helpfully 'daemonized' it
19:54 bray no, the init script uses start-stop-daemon --background
19:54 ksj sorry for asking twice, but can't seem to find it in the docs: is it possible to change the renderer on just a single pillar file?
19:55 bray the "good" one must have started some other way..
19:55 bray same os: Ubuntu 14.04 LTS
19:55 Ahlee yeah.  you're probably getting hte user that started the non -d'd one, where as the one launched with -d is using a stripped down one
19:55 iggy so upstart
19:55 ldavid1004 ksj: have you tried adding something like this #!jinja|mako|yaml as per http://docs.saltstack.com/en/latest/ref/renderers/
19:55 Ahlee this is why I always hard code paths
19:56 bray yeah, i usually do to
19:56 iggy I'd guess one was started at boot and the other was restarted sometime after
19:56 bray iggy: yeah i think that's the case
19:57 Ahlee bray: easy enough to test, kill 'em both, launch both as /usr/bin/python /usr/bin/salt-minion -d
19:57 Ahlee and verify
19:57 Ahlee they'll both have the striped down $PATH me thinks
19:59 desposo joined #salt
19:59 bray yeah that fixes the path (it's not stripped down though, it's the "correct" longer path)
20:00 bray the minions were created by salt-cloud
20:00 bray so seems like something in there is starting salt-minion on boot differently than the init script
20:00 bray when restarting salt-minion
20:00 ksj ldavid1004: ...no. bit embarrassed now. sorry. don't know how I missed that. too many tabs open and not reading carefully enough. thanks
20:00 monkey66 left #salt
20:04 ldavid1004 ksj: no problem :)
20:07 bray yeah that was it. both System V and upstart scripts exist for salt-minion. upstart was used to start it on boot, and i restarted it via System V
20:08 rick_ no one for onlyif service not running in a state?
20:10 ipmb joined #salt
20:10 iggy rick_: it's just a shell command... be creative
20:11 rick_ yes I was doing a pgrep service.
20:11 rick_ but it was still touching the interface
20:11 rick_ even though it was returning true
20:11 iggy what version of salt?
20:13 rick_ 2014.1.7
20:14 cbrinley joined #salt
20:14 iggy 1.26.15.2.2. Onlyif¶
20:14 iggy New in version 2014.7.0.
20:14 CeBe joined #salt
20:15 cbrinley hi all i'm using salt eauth for the first time and I'm trying to determine if runner modules can be restricted any further than what i see listed in the doc: '@runner'  # to allow access to all runner modules. Ideally i'd like to restrict to just one runner module, cloud in this case
20:17 murrdoc joined #salt
20:17 denys joined #salt
20:18 Nazca joined #salt
20:19 murrdoc joined #salt
20:21 cbrinley actually scratch that, i think i may be able to accomplish what i need with the salt.cloud built in module
20:21 theologian joined #salt
20:24 MindDrive Iggy: Sorry for delay, lunch arrived. I thought my coworker had opened a ticket for this, but apparently it was for another issue we've been having.  I'm finishing writing up an issue right now.
20:25 rick_ Any other suggestion for how to not run a portion of salt state if a service is running?
20:26 murrdoc outside of unless ?
20:26 murrdoc http://docs.saltstack.com/en/latest/ref/states/requisites.html
20:27 rick_ does it work in 2014.1.7
20:27 rick_ I was trying to do it:
20:27 rick_ eth1:   network.managed:     - enabled: True     - type: eth     - proto: none     - ipaddr: 10.2.12.76     - netmask: 255.255.254.0     - unless: pgrep openvpnas
20:28 MindDrive Iggy: https://github.com/saltstack/salt/issues/20874
20:28 iggy unless is also 2014.7+
20:28 iggy the requisites page says what version everything was added in
20:28 rick_ Yup thus the request for other ideas?
20:29 iggy dirty way: {% if salt['cmd.run']('check if service is running') %}
20:30 rick_ Did not think about a simple if..
20:30 rick_ Thanks I will give it a try.
20:30 iggy baby kittens will only be slightly tortured for that
20:30 rick_ nods
20:31 murrdoc cmd.run is evil
20:31 murrdoc u should feel bad
20:33 iggy less dirty way?: {% if salt['cmd.run']('check if service is running') and (grains['saltversioninfo'][0] < 2015 and grains['saltversioninfo'][1] < 7)  %}
20:34 iggy a certain level of forgiveness is given since they did actually try to do it the right way first
20:34 Matthews_ joined #salt
20:35 Matthews_ joined #salt
20:37 timoguin joined #salt
20:38 iggy MindDrive: "we have two in each of our environments" 2 what?
20:38 rick_ Nice thanks iggy.  but since that tells me the service is running.  How to tell it do not since it is running?
20:38 MindDrive Two masters.
20:39 iggy are you sure the minion didn't just switch to the other master?
20:39 MindDrive Crap, re-reading that line I understand why you were confused.
20:39 MindDrive The minion stops responding to both.
20:40 iggy that might be worth clarifying
20:41 chamill joined #salt
20:43 MindDrive Added comment with clarifications.
20:46 steffo joined #salt
20:47 iggy I know, I'm watching it, thanks
20:51 baweaver joined #salt
20:54 pdayton joined #salt
20:54 iggy I will say this, right now the devs are all pretty focused on getting 2015.2 out the door, so stay patient
20:58 bigpup3 joined #salt
21:00 ALLmightySPIFF joined #salt
21:00 iggy MindDrive: I've only tangentially followed along, you have tried taking the second master out of the picture right?
21:01 scoates joined #salt
21:03 suresh joined #salt
21:05 otter768 joined #salt
21:05 MindDrive Iggy: That was one of the next things on my list to try (I must be honest, of the four weeks we've been looking at this issue, the first two weeks I wasn't really involved, and I've also been interrupted a lot with other things here at work).  I also noticed a strange configuration my coworker (who originally set all this up) did, which was to set the 'loop_interval' on the minion to '1' (defaults to '60).
21:05 MindDrive Not sure why he set it so low.
21:05 suresh I just started working with saltstack and I was looking around for apache formula for windows, can anyone share?
21:06 iggy MindDrive: do you have scheduled jobs with <1 minute times? That's the only reason I can think of (or if you really want your fileservers updated)
21:07 iggy suresh: you aren't going to find many formulas that are compatible with windows
21:07 MindDrive Currently we have _no_ scheduled jobs.  That's why I don't understand the change.
21:07 iggy they are almost all debian/rhel/ubuntu based
21:07 aparsons joined #salt
21:07 iggy MindDrive: then yeah, that seems an odd change
21:08 clintber_ joined #salt
21:08 iggy if you have any gitfs backends, you were spinning off git subprocesses every second
21:08 holms joined #salt
21:08 suresh iggy: does that mean I should write them myself? how do I go about it?
21:09 mikaelhm joined #salt
21:09 ajw0100 joined #salt
21:09 MindDrive I'm also trying to get updated configuration files in place (when he first started setting things up, Salt was on 0.17, I believe), but my coworker used a subtree in our Puppet repo and I haven't quite been able to figure out how to get the latest updates in from the puppet-salt module (I just wish he'd done it as a normal module).
21:09 joehoyle joined #salt
21:09 iggy suresh: you can use the stuff in https://github.com/saltstack-formulas/ as decent (albeit Linux specific) examples
21:10 edrocks joined #salt
21:11 suresh iggy: sure thanks, but is there a roadmap to provide more windows support? because most of our systems are on windows so I would have to write a lot of formulas to manage the applications
21:12 iggy formulas are written by the community
21:12 iggy so it's very much a "someone scratching their own itches" thing
21:14 suresh iggy: ha ha ha... I guess I'll have to scratch my own, thanks
21:16 cpowell joined #salt
21:17 roolo joined #salt
21:17 iggy bonus points if you add Windows support (as unobtrusively as possible) to the existing formulas
21:17 iggy then everybody wins
21:18 SheetiS I like winning.
21:22 TTimo joined #salt
21:23 cbrinley what is the recommended way to run salt-master in "debug" mode such that i can set breakpoints in master and avoid it spinning up subprocesses or detaching from console?
21:27 iggy you can't stop it spinning up subprocesses... that would break so much stuff
21:27 iggy salt-master -l debug
21:28 stoogenmeyer joined #salt
21:28 smcquay joined #salt
21:29 stoogenmeyer joined #salt
21:29 mikaelhm joined #salt
21:29 stoogenmeyer joined #salt
21:30 stoogenmeyer joined #salt
21:31 sjol joined #salt
21:32 holms is it possible to use formula withing other formula?
21:33 holms let's say i have some web app formula,  where I want to set nginx params
21:37 ipmb joined #salt
21:37 tomspur joined #salt
21:40 linjan joined #salt
21:42 igorwidl Hmm, doing strace on my minion which stopped responding after doing refresh_pillar, shows this clock_gettime(CLOCK_MONOTONIC, {1648566, 36297068}) = 0
21:42 igorwidl poll([{fd=10, events=POLLIN}], 1, 7200000
21:43 igorwidl 7200000 is poll timeout, which is 2 hours.
21:44 j_t left #salt
21:44 cbrinley iggy: thanks i'll see what i can gleam with log statements
21:44 iggy holms: you can set (nginx) pillar data using the wheel system from your other formula
21:45 iggy cbrinley: what are you trying to find?
21:46 denys joined #salt
21:47 holms iggy: thanks :)
21:48 stoogenmeyer joined #salt
21:48 holms A question about environment, is it something wrong in here? http://pastebin.com/wNF01Bzr I've got error: No Top file or external nodes data matches found
21:49 cbrinley i have two issues, one seems strange indeed. added a new minion via salt-cloud, if failed to fully provision for some reason, but did get its key accepted. following that pam auth seems to have stopped working. traced the problem to a false return value at https://github.com/saltstack/salt/blob/develop/salt/master.py#L2153
21:49 cbrinley for now i've removed the minion and things are working as expected
21:49 stoogenmeyer joined #salt
21:50 lpmulligan joined #salt
21:50 cbrinley was hoping i could just throw some break points in and step through the code, both educational and more direct while i'm trying to improve my understanding of the moving parts
21:51 thayne joined #salt
21:52 markm joined #salt
21:53 BerndSch left #salt
21:54 holms anyone can help to validate please? http://pastebin.com/wNF01Bzr should be simple :)
21:56 BerndSch joined #salt
21:56 BerndSch left #salt
21:56 peters-tx joined #salt
21:56 MatthewsFace joined #salt
21:58 baweaver joined #salt
22:04 Ryan_Lane joined #salt
22:06 iggy holms: that is invalid yaml
22:06 holms maybe anyone got example how to "manage" provisioning for dev/prod/staging environments?
22:06 holms iggy: which part
22:06 holms iggy: something like this? http://pastebin.com/01VJepDE
22:06 iggy oh, no it's not
22:06 iggy weird
22:07 iggy that would be correct for an env called dev
22:07 holms last paste also doesn't work
22:07 holms minion environment param should do the trick?
22:08 holms file_roots shouldn't be touched when envinroment var is set?
22:08 holms it's confusing..
22:08 holms in chef you got roles for this, in ansible playbooks
22:09 holms in here it's 5 pages of docs, and still not clear how to achieve this goal =/
22:09 MatthewsFace joined #salt
22:10 iggy what are you trying to do?
22:11 iggy also... salt generally has multiple right ways of doing something, it's up to the user to decide which works best for them
22:11 holms it's so difficult to explain basic things in here =/
22:11 nitti joined #salt
22:11 holms i want to provisiong dev machine in one way
22:12 holms prod machine in another way
22:12 holms nodegroups are fine, but not in my case
22:12 holms i want to have compltely different minion for each of machine or it's group
22:12 holms by using same formulas
22:13 linjan joined #salt
22:14 iggy you can use grains or pillars to do the state top matching (only grains in pillar top matching), so you could use that
22:14 iggy you can use environments, but those are really more useful when working with git trees (as the branches become the environment)
22:14 holms someone adviced in here to have those top.sls splits
22:15 holms and for masterless setup to add param into minion file "environment: dev" for eample
22:15 holms example*
22:15 cpowell joined #salt
22:16 iggy I don't actually use salt environments
22:16 holms iggy: i'd like install mysql-formula on "dev" and "db" categories of machines for example
22:16 Ozack-work joined #salt
22:16 iggy we have 3 totally separate clouds for dev/qa/prod and each has it's own master... we use tags/roles beyond that for what we need
22:17 ciss joined #salt
22:17 holms hmz
22:17 timoguin joined #salt
22:18 jab416171 can a file directive have two sources?
22:19 iggy jab416171: some can... salt will use the first one it finds
22:19 jab416171 iggy, I was looking for something that concatenates two source files on the salt server into one destination file on the minion
22:19 timoguin joined #salt
22:20 iggy nein
22:21 aquinas joined #salt
22:22 holms iggy: is this correct?  http://pastebin.com/01VJepDE according to your opinion i mean
22:22 ciss left #salt
22:22 igorwidl jab416171: we use template that includes different files ie: {%- include crtfile ignore missing %} where crtfile is a file
22:22 holms "dev" should under "base"?
22:22 whytewolf jab416171: you could hack something together in a jinja template
22:26 jab416171 ah
22:26 MatthewsFace joined #salt
22:26 jab416171 I'm trying to work around the issue of cent5 not supporting sudoers.d
22:27 jab416171 and support cent6 at the same time
22:27 jab416171 without duplicating too much code
22:27 spookah joined #salt
22:28 super-allah joined #salt
22:28 super-allah hi everyone burn all jews in oven
22:28 bigpup3 joined #salt
22:28 iggy holms: as I said, I don't actually use environments, but it looks sane
22:28 super-allah hi everyone burn all jews in oven
22:29 iggy super-allah: what? nothing about the west?
22:31 Andre-B joined #salt
22:35 cpowell joined #salt
22:35 timoguin joined #salt
22:37 loggyer joined #salt
22:38 warpaint joined #salt
22:38 jla I've been running salt-master -l debug to try and answer my question, but the memory and CPU usage has been minimal despite my testing lots of state changes. I guess restarting was the answer. I wish I knew how to look into the running instance to see what in the world it was doing.
22:39 nitti_ joined #salt
22:40 nitti_ joined #salt
22:42 iggy events, scheduler, fileserver sync'ing, zmq'ing with minions, etc.
22:48 sudarkoff joined #salt
22:49 theologian joined #salt
22:50 baweaver so what exactly is a low / lowstate?
22:51 kermit joined #salt
22:52 nitti joined #salt
22:53 loggyer_ joined #salt
22:53 johtso joined #salt
22:54 saltsrfr180 joined #salt
22:54 timoguin joined #salt
22:57 Edgan I have a problem that has json as a config file. It expects ssl: false. ssl: 'false' and ssl: "false" are not accepted. I am trying to make this a pillar setting. How can I have the output in the actual file be ssl: false, but have it come out of pillar. It seems like I can't do it.
22:58 theologian joined #salt
22:58 mosen joined #salt
22:58 Edgan It also doesn't take ssl: False
22:59 timoguin joined #salt
23:00 nitti joined #salt
23:02 iggy {{ foovar|json }}
23:02 iggy I could be making that filter up
23:03 Edgan iggy: I think lower might do the job
23:03 holms whytewolf: maybe you're availble to check? http://pastebin.com/iuffXC03 it's difficult to google what goes on, and I've read whole doc about environments alread
23:04 Edgan iggy: lower worked :)
23:06 otter768 joined #salt
23:09 Elwood_5G is http://docs.saltstack.com/en/latest/topics/topology/proxyminion/index.html right that nothing goes to /srv/salt?
23:11 iggy Elwood_5G: to config proxyminion, no (but all your standard states and stuff certainly would)
23:16 whytewolf sorry holms. we don't work with enviroments here. only thing i can think of looking at your docs is enviroments might actualy be compleatly seperate so under file_roots and pillar_roots you might need a dev to repersent the dev enviroment
23:16 holms hmz
23:16 holms ok, wonder why they exist if no one works with them :D
23:17 whytewolf I'm sure someone does.
23:18 holms just been following this http://docs.saltstack.com/en/latest/topics/best_practices.html
23:18 whytewolf I have thought about playing with them on my home setup. but just never had the time to start
23:19 holms there's environments in there on the fist place, when you need to split formula logic into prod/staging/qa/dev and etc
23:19 loggyer joined #salt
23:19 holms if you've been working with any other provisioner on earth
23:19 holms they all just have kind of.. different root (let's say) "top.sls"
23:19 holms and you just specify which to use when you provision
23:20 holms in here seems to be it should be specified in minion config file (for masterless setup)
23:21 holms having dev.sls and prod.sls, which i'll specify in minion config would be better for me
23:22 iggy you completely different file_roots paths for dev... so yeah, you'll have different top.sls
23:22 iggy let me fix that... jeez
23:22 iggy you will have completely different file_roots paths for dev... so yeah, you'll have a different top.sls
23:25 lpmulligan joined #salt
23:26 TTimo joined #salt
23:28 whytewolf http://docs.saltstack.com/en/latest/ref/states/top.html this looks to cover enviroment setups pretty well
23:29 Elwood_5G iggy: is there one complete example of a proxy config working online somehwere
23:29 mosen joined #salt
23:29 Elwood_5G i've been googling for this half the day but didn't find a demo-setup
23:31 iggy beats me... I've never had need to talk to odd devices through salt
23:31 whytewolf holms: as in that example the enviroment isn't used for selecting it is used for mapping. and you still use grains and what not to target the minions.
23:31 Elwood_5G well I have lots of network-gear
23:32 holms hmz
23:32 Elwood_5G what I am missing in the documentation is besides the stuff in pillar how do I make a minon in top.sls a proxy-minion
23:32 holms whytewolf: probably have to start with grains then
23:33 whytewolf but when you put the enviroment: dev into the minion file you lock a minion to that enviroment. and the enviroment needs it's own top.sls file and file_root
23:33 holms those roles makes sense
23:33 holms understood
23:33 roolo joined #salt
23:34 whytewolf or my head is fuzzy from the cold i have and am just speaking gibberish
23:34 holms grains probably was something i've needed so much
23:34 holms thanks for the direction
23:35 MaliutaLap joined #salt
23:35 whytewolf no problem, always glad to help
23:35 roolo joined #salt
23:36 holms having hard time here.
23:36 holms gonna make it :P
23:36 whytewolf no problem, once you get your head around the targetting it all seems to just click in place.
23:38 giantlock joined #salt
23:39 eightyeight joined #salt
23:40 MindDrive Hurm... when one has color turned out for output, is there a way to turn it off via the command line?  In this case, I don't want the output of 'salt-run manage.down' colored.
23:43 MindDrive Never mind, found the option (--no-color)
23:43 whytewolf was just about to post that
23:44 MindDrive Hmm, spoke too soon... didn't actually work, the output is still colored.
23:44 whytewolf humm. it worked for me.
23:45 holms whytewolf: just a question.. i'm unable to understand how to specify states per grain http://docs.saltstack.com/en/latest/topics/targeting/grains.html
23:45 MindDrive So 'salt-run --no-color manage.down' didn't color for you?
23:45 holms i mean .. i want for example mysql state for grain "db"
23:45 holms in those docs there's no example how to use states with grains
23:46 holms or roles
23:46 holms about roles there's not much info too
23:46 whytewolf roles is just a grain you can create by putting it into the /etc/salt/grains file
23:46 devuser joined #salt
23:46 holms ok so how to use specific states with specific grain?
23:47 holms mysql state for db server
23:47 baweaver joined #salt
23:47 whytewolf MindDrive: I don't have any down hosts :P but salt-run --no-color manage.up was not in color
23:47 MindDrive Hurm.  Do you have 'color' set to 'True' in your configuration?
23:48 whytewolf I have that line commented out. but it defaults to true
23:49 saltsrfr180 joined #salt
23:49 whytewolf holms: look at matching grains in the top file. http://docs.saltstack.com/en/latest/topics/targeting/grains.html#matching-grains-in-the-top-file
23:50 holms whytewolf: it's confusing example in there, something like this is fine right? http://pastebin.com/tvsB2SHV
23:51 whytewolf that example would match a grain of roles:db and install a state of mysql and whateverstate
23:51 holms great
23:51 holms now the only problem.. that i'm using vagrant in here
23:51 holms and it looks for minion config
23:52 holms in which I probably should call specific role or smtng
23:52 holms or probably some vagrant param can pass a role name which i need for this vm
23:52 whytewolf MindDrive: I just set that to true explicitly and it did change the behavour
23:52 devuser Can someone point me to where I can use a python program as a roster instead of using a flat file?  I see it is possible, I can code python, I just don't know what to provide.
23:53 whytewolf holms: beats me I have never used vagerent
23:53 MindDrive whytewolf: So it sounds like '--no-color' can't override that setting... ick.
23:53 whytewolf MindDrive: not sure if bug or feature. is there a reason you nead color: True instead of it being comented out?
23:56 MindDrive The person who originally configured Salt here set it.  I will admit when doing things interactively, it's useful, but I had to strip the escape codes to make the output useful programmatically (removing keys for hosts that return NXDOMAIN, since they're no longer around - happens a lot in our development environment with developer-based test machines).
23:59 programmerq joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary