Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-03-04

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:04 otter768 joined #salt
00:11 ocdmw joined #salt
00:12 slappy left #salt
00:15 beneggett joined #salt
00:18 smcquay joined #salt
00:20 baweaver joined #salt
00:20 jmccree joined #salt
00:21 yomilk joined #salt
00:27 beneggett joined #salt
00:27 stew_ joined #salt
00:30 aparsons joined #salt
00:34 nich0s joined #salt
00:40 stwb joined #salt
00:43 subsignal joined #salt
00:45 _jz_ joined #salt
00:47 jerematic joined #salt
00:49 hal58th joined #salt
00:52 bigpup joined #salt
00:56 smcquay joined #salt
00:57 mafro lo anyone familar with A) salt-bootstrap and B) systemd ??
01:00 forrest salt-bootstrap I might be able to help out with, but I'm pressed for time. Systemd, no
01:00 forrest Still trying to avoid it like the cancer it is
01:00 forrest mafro: ^
01:01 mdupont joined #salt
01:08 aqua^mac joined #salt
01:12 Ahlee forrest: did you make it to SLC this year/
01:12 mafro forrest ok thanks.. I have a failing salt-bootstrap on Debian jessie
01:12 forrest Ahlee: No, didn't have a talk, and 900 was too much to drop
01:12 mafro UtahDave smartly pointed out that it's prob systemd related
01:12 forrest mafro: Ahh bad timing man, I have to run :(
01:12 forrest sorry
01:13 forrest If you don't get a response tonight, try back about 18 hours from now, should be pretty busy in here
01:13 josephleon joined #salt
01:16 mafro no worries thanks dude
01:16 ocdmw joined #salt
01:20 stwb joined #salt
01:21 yidhra joined #salt
01:22 yidhra_ joined #salt
01:30 ALLmightySPIFF joined #salt
01:34 yomilk joined #salt
01:36 ToeSnacks I apologize if this is an old question and people are tired of it, but I am looking in to replacing puppet with either ansible or saltstack, do you guys have any articles or documentation on the differences between the two or any personal opinions on why you use salt over ansible?
01:39 otter768 joined #salt
01:39 bfoxwell joined #salt
01:40 Ryan_Lane ToeSnacks: http://ryandlane.com/blog/2014/08/04/moving-away-from-puppet-saltstack-or-ansible/
01:41 Ryan_Lane I think ansible has a subset of salt's functionality
01:41 Ryan_Lane and it's slower
01:41 Ryan_Lane for the same feature sets salt generally does a better job
01:41 Ryan_Lane ansible's ssh is better.
01:44 Ryan_Lane if you're using AWS, salt's orchestration support via the boto_* modules is *much* better
01:44 Ryan_Lane (i'm probably a bit biased there, since I wrote most of that, though)
01:46 ToeSnacks thank you for the link and the advice
01:46 ToeSnacks I do use AWS
01:46 Ryan_Lane ToeSnacks: also check out: http://ryandlane.com/blog/2014/08/26/saltstack-masterless-bootstrapping/
01:47 ToeSnacks lol I just realized I was reading your blog post in another window
01:47 Ryan_Lane and http://ryandlane.com/blog/2015/01/06/saltstack-automated-cloudwatch-alarm-management-for-aws-resources/
01:47 Ryan_Lane :D
01:48 ToeSnacks thank you for making such useful info available
01:48 badon joined #salt
01:48 Ryan_Lane yw
01:48 Ryan_Lane let me know if you have any questions
01:49 ToeSnacks I will, thank you.
01:49 TyrfingMjolnir joined #salt
01:53 logix812 joined #salt
01:54 logix812 is it possible to list jobs for a specific minion id?
01:55 vschum1 jobs runner?
01:56 logix812 ya... I looked at list_jobs
01:56 logix812 but the docs don't call out a minion_id in the args
01:56 logix812 was curious if there was another way I was missing
01:56 vschum1 let's see what that runner is doing
01:57 kaictl joined #salt
01:58 vschum1 https://github.com/saltstack/salt/blob/develop/salt/runners/jobs.py
01:58 vschum1 line 156, it seems to take a 'search_function' argument
01:58 vschum1 that's HEAD though, may not be available in the version you're running
01:59 vschum1 er, search_target, would be what you're looking for
02:00 MTecknology BAM!
02:00 MTecknology Percentage: 88.8%   :D
02:00 logix812 ya looks like that is only in 20115
02:00 logix812 2015
02:00 logix812 such is life
02:00 vschum1 indeed
02:00 vschum1 is it possible to push a 'custom' runner with _runners ?
02:01 logix812 ya I can also do the filtering on the client side
02:01 vschum1 cool :)
02:01 logix812 just needed to know that's what I had to do =)
02:02 vschum1 so i helped? :D
02:02 logix812 indeed you did!
02:02 logix812 thank you!
02:02 vschum1 cool, np
02:02 stwb joined #salt
02:03 ojintoad joined #salt
02:05 favadi joined #salt
02:06 yidhra_ joined #salt
02:07 ToeSnacks Ryan_Lane: do you guys use Salt only or a blend with ansible at lyft?
02:07 yidhra joined #salt
02:07 Ryan_Lane ToeSnacks: salt only
02:08 Ryan_Lane we orchestrate all kinds of stuff too
02:08 ToeSnacks I can only imagine
02:08 stylica joined #salt
02:08 Ryan_Lane lots of AWS resources, splunk, MMS, grafana, pagerduty, etc.
02:08 Ryan_Lane and it's easy enough to use that our devs maintain their own config management and orchestration
02:09 ToeSnacks Salt uses a master concept like puppet does right?
02:09 ToeSnacks or rather like puppet can
02:10 Ryan_Lane it can
02:10 Ryan_Lane I use masterless
02:10 ToeSnacks do you push the configs to a git repo and have the servers pull their configs on a cron or something?
02:11 ToeSnacks a am sorry if these are stupid questions
02:11 ToeSnacks *I
02:11 rap424 joined #salt
02:12 Ryan_Lane no worries
02:12 Ryan_Lane ToeSnacks: the masterless link I sent you has some info on it
02:12 Ryan_Lane we generate tarball artifacts and store them in S3
02:12 ToeSnacks ok cool I should read all three of those before I start asking questions lol
02:12 Ryan_Lane then we have a cron that runs every minute on all instances that will check to see if there's a new artifact it needs to deploy
02:13 Ryan_Lane note that you're crippling yourself a lot if you go masterless
02:14 Furao joined #salt
02:14 ToeSnacks more features if you use a master?
02:14 Ryan_Lane way more
02:14 Ryan_Lane and one of salt's biggest strengths is remote execution (and all the features that come with it)
02:15 michelangelo joined #salt
02:16 ToeSnacks cool, thank you again for your help. I will go do some research and probably be back to ask more stupid questions
02:17 josephleon joined #salt
02:17 Ryan_Lane yw
02:17 ToeSnacks do you guys have similar writeups on more of your deployment process? I am always interested in how companies like yours manage their infrastructure
02:17 clintberry joined #salt
02:17 Ryan_Lane I gave a talk recently at Lyft about it
02:17 Ryan_Lane and will be giving a similar talk at saltconf
02:17 Ryan_Lane both are recorded
02:17 nitti joined #salt
02:18 ToeSnacks great, I will look for those online
02:18 Ryan_Lane the video isn't available yet for the talk at Lyft
02:18 Ryan_Lane I'll post something about it on my blog, though
02:18 ToeSnacks I will keep an eye out
02:18 ToeSnacks thank you
02:19 Ryan_Lane yw
02:20 beneggett joined #salt
02:30 Trades joined #salt
02:31 malinoff joined #salt
02:37 ocdmw joined #salt
02:37 evle joined #salt
02:40 gfa joined #salt
02:43 aquinas joined #salt
02:50 saltnoob joined #salt
02:51 saltnoob Hi everyone, could anyone suggest what is the best way to share same ID in two SLS?
02:51 saltnoob so I have SLS for server and SLS for agent
02:52 Furao joined #salt
02:52 saltnoob and both use some *.key file
02:52 saltnoob *same
02:52 saltnoob I should use import: for this or something else?
02:54 vschum1 saltnoob, you want a state id to be merged, basically?
02:54 jerematic joined #salt
02:55 vschum1 saltnoob, can you provide a minimal example for the issue you're experiencing?
02:55 saltnoob sure, one moment...
02:55 schlueter joined #salt
02:57 beneggett joined #salt
03:01 sfxandy joined #salt
03:05 saltnoob both depends on "/etc/pki/tls/certs/logstash-forwarder.crt"
03:05 saltnoob vschum1: https://gist.github.com/alexanderilyin/4bc4b216d06e67597a4b
03:05 saltnoob here is example
03:06 aurynn left #salt
03:06 saltnoob so I have two *.sls files
03:07 mohae joined #salt
03:09 mosen joined #salt
03:10 zwi joined #salt
03:12 stackenschneider joined #salt
03:13 * saltnoob rejoined as stackenschneider
03:14 shaggy_surfer joined #salt
03:15 shaggy_surfer joined #salt
03:16 vschum1 thx, i will check in a moment
03:17 vschum1 currently tied up at work
03:17 stackenschneider no problem
03:17 stackenschneider thx anyway
03:17 tmh1999 joined #salt
03:19 vschum1 checking
03:21 stackenschneider so “/etc/pki/tls/certs/logstash-forwarder.crt” is used by both “logstash” and “logstash-forwarder” packages
03:22 stackenschneider as workaround an can use different IDs and provide same “name:” for both file.managed
03:22 stackenschneider but looks like there should be better solution
03:31 Furao stackenschneider: create a separated .sls and include in both
03:31 Furao i have a single ssl formula to handle all that and I have like 30 other formulas that include sls and extend or requires stuff from it
03:37 stackenschneider Furao: is there a way to include formula like ‘../../keyz.sls’?
03:38 CeBe1 joined #salt
03:40 Furao stackenschneider: look here for real life formulas that used to work 3 years ago https://github.com/bclermont/states/tree/master/states
03:40 Furao there is plenty of example of include, requires, extend, etc
03:41 Furao and you can also use jinja macros and template inheritence (but that make code less readable)
03:41 stackenschneider Furao: thx
03:41 ocdmw joined #salt
03:42 forrest joined #salt
03:52 beneggett joined #salt
03:53 ndrei joined #salt
03:57 iromli joined #salt
03:58 desposo joined #salt
03:58 pdayton joined #salt
04:01 Tecnico1931 joined #salt
04:04 ajw0100 joined #salt
04:07 ocdmw joined #salt
04:12 beneggett joined #salt
04:12 schlueter joined #salt
04:15 aparsons joined #salt
04:16 ALLmightySPIFF joined #salt
04:16 ALLmightySPIFF joined #salt
04:17 schristensen joined #salt
04:18 bhosmer joined #salt
04:23 mdupont joined #salt
04:25 jerematic joined #salt
04:28 LittUp left #salt
04:31 Deevolution joined #salt
04:33 otter768 joined #salt
04:41 ipmb joined #salt
04:44 MTecknology The *only* thing I don't like about this hotel is the internet
04:45 MTecknology unfortunately, I'm an addict
04:46 mosen did you salt bootstrap the tv yet? :)
04:49 MTecknology nah, I haven't turned it on
04:50 MTecknology maybe if they had music channels..
04:51 MTecknology Why do they reuse the same channel for so many APs that are so close together?
04:52 MTecknology Of the five closest AP's two channels are being used
04:54 schristensen joined #salt
04:54 Furao MTecknology: fix that
04:55 Furao it’s probably using default password :)
04:56 Furao in an hotel in Belgium, to fix wifi in my room. I rewired ethernet cables on two floors and reconfigured the router. with manager blessing
04:56 MTecknology niiiice
04:56 MTecknology I very much doubt that would fly here
04:57 MTecknology and with the size of this place, it would take a decent amount of work .. 4-8 hours minimum
04:57 Furao and in an hostel in argentina there was a sign “free room if you know linux” and I fixed their POS
04:58 Furao maybe they don’t even own wifi hardware and it’s managed by some other company. but you could try to log in anyway :) change your MAC first
05:02 MaliutaLap joined #salt
05:05 thayne_ joined #salt
05:12 ocdmw joined #salt
05:13 ocdmw joined #salt
05:14 shadowsun joined #salt
05:15 shadowsun I just tried 2014.7.2 and had a nightmare of error messages like https://github.com/saltstack/salt/issues/14465 -- I can't find any bug like this, but I was getting that a lot from clients. I can't find -any- obvious cause, and reverting to 2014.7.1 makes the problem go away. gitfs backend. Is this a known problem and I just can't find the bug?
05:16 MTecknology yay, net back
05:22 pdayton joined #salt
05:29 Micromus joined #salt
05:31 stackenschneider joined #salt
05:31 notnotpeter joined #salt
05:35 iggy MTecknology: yeah, was pretty bummed there was no 802.11ac
05:38 Ahlee lolnerds
05:38 Ahlee didn't need that nightcap iggy
05:38 MTecknology At least I'm not trying to murder Tom
05:38 Ahlee time for the penalty beer
05:38 Ahlee hey now, i failed
05:38 Ahlee this time
05:38 Ahlee i've still got a solid two days to finish the deel
05:38 Ahlee deal
05:42 Jahkeup joined #salt
05:44 hal58th joined #salt
05:46 iggy the whole afternoon class i was tethering to my phone
05:47 MTecknology If considered it. Looked like a few did that.
05:47 MTecknology s/If/I/
05:47 hal58th SaltStack Certified Engineer up in the house
05:48 MTecknology score?
05:48 andrew_v joined #salt
05:49 hal58th total score. I'm still hyped. I did not expect iggy to be online after all that vodka
05:49 Ahlee atta boy hal58th
05:49 iggy all what vodka?
05:49 MTecknology You got 100%?
05:50 iggy I'm still drinking
05:50 hal58th i wish, got 85%. Well iggy I was drinking beer and I had to stop drinking to avoid a hangover. So you can out drink me anytime
05:50 MTecknology Is that what "total score" means?
05:51 hal58th D for degrees.
05:51 Jahkeup joined #salt
05:51 MTecknology hal58th: c'mon man... we'z been cumparin' sizes
05:51 MTecknology mine's 88.8
05:52 iggy and i took a xanax earlier
05:52 hal58th Your tolerance is quite impressive sir
05:53 mosen hows saltconf
05:53 MTecknology it's absolutely incredible
05:53 MTecknology except for the internet here..
05:54 hal58th good so far. just training today. Food was amazingly good
05:55 iggy the advanced class was aces
05:55 hal58th Breakfast is at 8:00 tomorrow. time to set my alarm 30 minutes later
05:55 iggy felt like we got some good insight into whata coming
05:56 MTecknology I have my alarm set for 07:20. I'll snooze once, wake up slow the second time, shower, probably get there by 08:15
05:57 ramteid joined #salt
05:57 josephleon joined #salt
05:59 iggy i may or may not have breakfast
06:01 mafro joined #salt
06:06 Singularo joined #salt
06:08 MTecknology WOAH!
06:09 MTecknology I just realized that I didn't wear ear plugs last night.
06:10 MTecknology I never don't wear them when I'm traveling. Awesome. :)
06:11 hal58th Must have a nice hotel room. I recommend the breakfast iggy. Pretty delicious. I could have ate a hundred croissants
06:11 MTecknology I'm eating waaaay too much here
06:11 MTecknology dang it's good, though
06:11 hal58th Yeah same. Well night gents
06:12 bantone whos at the conf
06:13 MTecknology all the cool kids ;)
06:13 bantone hehe it was good
06:13 bantone i need to retake the test though, i missed 9 questions or else i would have had my cert
06:13 bantone just some theory stuff i missed
06:14 jerematic joined #salt
06:15 hal58th It was trickier then I thought it would be. Some real gotcha questions
06:22 smcquay joined #salt
06:23 bytemask joined #salt
06:24 krelo joined #salt
06:27 pravka joined #salt
06:30 iggy and i hate trick questions
06:31 iggy there were a few of them
06:32 Furao joined #salt
06:33 iggy im not in 1st grade anymore, test me on my actual knowledge, not my ability to catch one little word out of place
06:36 fkobzik joined #salt
06:39 pass_by_value joined #salt
06:43 MTecknology I didn't notice "trick" questions...
06:43 otter768 joined #salt
06:47 tmh1999 joined #salt
06:49 phx iggy, sometimes tricky questions are actually useful. they reflect how much attention you pay to little details, which is very important in IT
06:49 capricorn_1 joined #salt
06:49 MTecknology I guess I noticed two that were very similar but were asking different things
06:50 mike25de joined #salt
06:50 Andre-B joined #salt
06:51 stoogenmeyer_ joined #salt
06:58 Cyis|afk joined #salt
06:58 catpigger joined #salt
07:00 xenoxaos joined #salt
07:02 mafro joined #salt
07:07 Furao joined #salt
07:08 iggy salt minionname pillar.get bar (the key was foo)
07:09 krelo joined #salt
07:13 toanju joined #salt
07:14 jhauser joined #salt
07:17 ALLmightySPIFF joined #salt
07:26 MTecknology iggy: Why are we awake?
07:28 babilen Because you are sympathetic with babilen who just started his day?
07:28 MTecknology hehe
07:28 mike25de joined #salt
07:30 spookah joined #salt
07:32 Flusher joined #salt
07:34 flyboy joined #salt
07:41 toanju joined #salt
07:47 AndreasLutro joined #salt
07:52 jtang joined #salt
07:55 stylica_ joined #salt
07:55 Furao joined #salt
08:03 jerematic joined #salt
08:03 kawa2014 joined #salt
08:05 eseyman joined #salt
08:06 wincyj joined #salt
08:06 __gotcha joined #salt
08:08 jri joined #salt
08:08 MTecknology I can't sleep... :(
08:10 babilen Turn off the computer, close your eyes and it'll happen eventually. But don't stare at screens anymore ;)
08:11 MTecknology I turned it off for ~30min... isn't that enough?
08:11 dRiN joined #salt
08:11 MTecknology My mind is caught up on what happened last year, what I learned today, my talk tomorrow, etc.
08:13 babilen Just relax ... I find that the worst thing I can do in these cases is to give in to the urge to do something. Just let your thoughts wander and you will sleep eventually. It simply won't happen faster if you get up again, walk around, stare into bright screens, ...
08:13 babilen You'll be great
08:16 MTecknology maybe... It'll be tough to not read my talk word for word because I haven't practiced enough
08:18 MTecknology whether I do well or not, I'll do my best and it'll have to do and we'll know tomorrow how that turns out :)
08:24 MTecknology I'm surprised the walls between rooms aren't better insulated
08:26 * babilen sings a lullaby and takes MTecknology's laptop away
08:26 Sypher Good morning!
08:26 Sypher Does anyone know of a way to check which minions use state X?
08:27 Sypher (basically parsing top.sls, the states linked and all states that have been included by other states)
08:27 Sypher perhaps Salt has something like that built in?
08:27 Andre-B joined #salt
08:27 Sypher or an easy-ish way of doing that (e.g. a salt runner)
08:30 wpot joined #salt
08:30 Furao Sypher: no, i had to implement my own state on top of data and mine module to achieve this
08:30 Furao but it helped solved a few other problems such as monitoring auto-discovery and information sharing between minions such as ssh pubkeys
08:31 Sypher Furao, any chance you could opensource that? :-)
08:31 Furao well it’s true that this isnt specific to our ecosystem
08:31 MTecknology what about parsing stalt.show_highstate?
08:32 Flusher joined #salt
08:33 Sypher MTecknology, hmm could be an option too. but that would require some background job to retrieve/store that info to allow for a reverse lookup
08:33 Auroch joined #salt
08:33 Sypher redis probably
08:33 MTecknology true..
08:33 MTecknology It's just the first thing that popped into my head.
08:35 MTecknology I'm enjoying reading some stuffs to help make my mind focus on nothing
08:35 intellix joined #salt
08:35 MTecknology will jump to the wall street journal soon
08:37 Brew joined #salt
08:38 Brew joined #salt
08:38 lietu I need to add a user to a group, if a certain state is run? namely, I want to add my logstash user to the nginx group if nginx is installed, but not if nginx isn't installed
08:40 MTecknology sounds like you want require_in on the state that installs nginx
08:41 lietu well I have no idea how that would work, there's no state that adds a group to a user as far as I know .. there is a user state that defines the groups for the user
08:42 MTecknology user.present handles group memberships
08:42 lietu yes, but it overrides all of the configuration, doesn't just add
08:42 MTecknology - optional_groups
08:42 karimb joined #salt
08:42 lietu I can't define a "this user needs to exist with the group foobar" and "IF nginx is installed it needs to also be on group nginx"
08:43 lietu the one idea I have is using pillar for that and using a machine specific filter there, but that feels a bit wrong
08:43 lietu the user needs to exist on all machines, but only on web fronts where nginx is installed does it also need the nginx group to be able to read it's logs
08:44 otter768 joined #salt
08:45 KermitTheFragger joined #salt
08:45 chiui joined #salt
08:46 lb1a joined #salt
08:46 MTecknology lietu: actually... that's what optional_groups is kinda for
08:47 lietu oooh
08:47 lietu sorry, I think I get it now
08:47 MTecknology also, you could just do a tiny bit of jinja templating on your logstash user
08:48 MTecknology dang, I can hear my neighbors as if they were in my room. I want to ask them to be quiet, but they're not being loud, these are just paper thin walls and they are a bit drunk
08:48 lietu that sucks
08:48 lietu I think I'll try the optional_groups + require_in .. thanks!
08:49 MTecknology or  {% if salt['pkg.version']('nginx-common') %}
08:49 MTecknology I'd go the jinja templating route
08:49 MTecknology in addition to option_groups
08:49 lietu any specific reasoning for that?
08:52 manfred joined #salt
08:52 MTecknology Read up on their usage and you'll figure out how to do exactly what you want.
08:53 MTecknology I'm gonna try again to get myself asleep, including additional noise... maybe I could sleep in the guest room...
09:01 MTecknology lietu: something like this - http://dpaste.com/3FV44E4
09:02 lietu thanks
09:02 mafro joined #salt
09:04 asdqweasdzxc joined #salt
09:05 MTecknology *grumble* I haven't had sex in >2yr and now I get to listen to it 5ft from me
09:06 lothiraldan joined #salt
09:06 ALLmightySPIFF joined #salt
09:06 aparsons joined #salt
09:07 JlRd joined #salt
09:09 mangas joined #salt
09:09 stylica_ joined #salt
09:10 mangas joined #salt
09:11 mangas joined #salt
09:12 aparsons joined #salt
09:13 losh joined #salt
09:21 babilen tmi
09:22 sfxandy joined #salt
09:26 johanek joined #salt
09:28 jrluis joined #salt
09:31 losh hi babilen
09:33 douardda hi, is the tox file supposed to be working properly to run salt tests?
09:33 asdqweasdzxc joined #salt
09:38 babilen losh: Hello :)
09:38 babilen douardda: tox?
09:38 babilen ah,. nvm
09:40 linjan joined #salt
09:40 intellix joined #salt
09:43 douardda there is a tox.ini file in the source directory, but running 'tox' fails due to py3k compat problems
09:44 douardda so my question is: are there people using tox to launch tests?
09:46 ndrei joined #salt
09:51 jerematic joined #salt
10:05 \ask joined #salt
10:05 __gotcha1 joined #salt
10:15 asdqweasdzxc joined #salt
10:15 \ask joined #salt
10:16 __gotcha joined #salt
10:16 che-arne joined #salt
10:19 yomilk joined #salt
10:20 bhosmer joined #salt
10:32 snuffychi joined #salt
10:33 markm_ joined #salt
10:37 che-arn9 joined #salt
10:39 helgim_ joined #salt
10:41 mike25de joined #salt
10:45 otter768 joined #salt
10:46 dvestal joined #salt
10:47 __gotcha1 joined #salt
10:53 dcmorton joined #salt
10:55 ALLmightySPIFF joined #salt
10:56 wnkz joined #salt
10:57 refnode joined #salt
10:58 giantlock joined #salt
10:59 evle1 joined #salt
11:01 amcorreia_ joined #salt
11:03 mafro joined #salt
11:20 N-Mi joined #salt
11:20 N-Mi joined #salt
11:21 favadi joined #salt
11:23 ndrei joined #salt
11:24 __gotcha joined #salt
11:25 I3olle joined #salt
11:27 arthurlutz1 joined #salt
11:28 douardda in the postgresql module, the _run_psql function takes a 'run_cmd' argument which seems unused (means it's always the default value)
11:28 douardda does it bother anyone if we clean this up?
11:29 _ale1_ joined #salt
11:29 MaliutaLap left #salt
11:30 TinuvaMac joined #salt
11:37 jri joined #salt
11:38 ndrei joined #salt
11:40 jerematic joined #salt
11:45 \ask joined #salt
11:47 pdayton joined #salt
11:57 mortis_ anyone know a good place to start reading up on salt+jinja2? we're starting to get up to speed with salt, but are complete noobs when it comes to jinja :)
11:58 VSpike Hm. Is the Windows EC2 auto password feature only in the development version ATM?
12:03 mafro joined #salt
12:05 yomilk joined #salt
12:07 ndrei joined #salt
12:09 Xevian joined #salt
12:11 cyteen joined #salt
12:13 giantlock joined #salt
12:17 SheetiS joined #salt
12:17 N-Mi joined #salt
12:17 N-Mi joined #salt
12:19 iromli joined #salt
12:26 stoogenmeyer__ joined #salt
12:26 DaveQB Anyone has issues once upgrading to 2014.7.2 where minions would become unresponsive?
12:30 Guest17560 not seen anything myself DaveQB
12:30 DaveQB But calling salt-call form the client side is more reliable
12:30 DaveQB sfxandy: Hmmmm. Ok thanks.
12:30 DaveQB It is very frustrating
12:31 DaveQB Looks like I'll have to rollback all my servers
12:31 DaveQB I've spent 3 days on this
12:37 johtso joined #salt
12:38 mindscratch joined #salt
12:38 mindscratch I have a sls file, I'd like to execute it on all matching minions, I thought it would be: salt -G "roles:web" webapp.undeploy  (meaning I have webapp/undeploy.sls), but that doesn't work
12:40 sfxandy do you not need a state.sls in there somewhere mindscratch?
12:40 sfxandy so salt -G "roles:web" state.sls webapp.undeply
12:40 sfxandy ?
12:40 mindscratch that was it, thanks
12:41 sfxandy cheers
12:44 ALLmightySPIFF joined #salt
12:46 __ale__ joined #salt
12:46 otter768 joined #salt
12:46 amcorreia__ joined #salt
12:49 _ale1__ joined #salt
12:50 DaveQB sfxandy: It looks like the master only waits a few seconds and then says Minion did not return. [No response] while the minion keeps on running the requested module etc
12:50 DaveQB sfxandy: Ever seen anything like that before?
12:52 _ale1_ joined #salt
12:55 sfxandy in short, no
12:56 sfxandy i take it you've ran with -l debug on both the master and minion side?
12:57 __ale__ joined #salt
13:00 pascal joined #salt
13:04 mafro joined #salt
13:04 CeBe joined #salt
13:06 lothiraldan joined #salt
13:07 Guest71174 hello, maybe someone can help me with the problem "No minions matched the target. No command was sent, no jid was assigned.". I'am working on the salt tutorial part 4 but it seems to be that my pillars won't be loaded. Does anybody have an idea?
13:07 Guest71174 [DEBUG   ] Reading configuration from /etc/salt/master [DEBUG   ] Using cached minion ID from /etc/salt/minion_id: l101.lemon.servdiscount-customer.com [DEBUG   ] Missing configuration file: ~/.saltrc [DEBUG   ] Configuration file path: /etc/salt/master [DEBUG   ] Reading configuration from /etc/salt/master [DEBUG   ] Using cached minion ID from /etc/salt/minion_id: l101.lemon.servdiscount-customer.com [DEBUG   ] Missing configura
13:09 sfxandy Guest71174 .... might be easier if you add your details to http://www.refheap.com
13:10 sfxandy any luck DaveQB?
13:11 Guest71174 https://www.refheap.com/98100
13:11 jerematic joined #salt
13:11 sfxandy Guest71174, what command are you actually trying to run?
13:11 DaveQB No luck at all. This post is like what I am seeing https://groups.google.com/d/msg/salt-users/83r469YtUY0/QTPyzxfPJNYJ
13:12 Guest71174 sudo salt -I 'webserver_role: prod' -l debug test.ping
13:12 sfxandy is webserver_role: prod a grain?
13:12 sfxandy or a Pillar item?
13:13 Guest71174 shout be a pillar item
13:13 zwi joined #salt
13:13 babilen which is why you, rightfully, use -I
13:14 sfxandy i use --pillar myself
13:14 Guest71174 i just followed the introductions from http://docs.saltstack.com/en/latest/topics/tutorials/states_pt4.html
13:14 babilen Guest71174: What does "salt '*' pillar.get webserver_role" give you for the minion in question ? (feel free to use stricter targeting)
13:15 babilen Shouldn't that be "-I 'webserver_role:prod' ?
13:15 sfxandy true, missed the space there
13:15 Guest71174 https://www.refheap.com/98101
13:16 babilen Guest71174: Your pillar does not seem to be set, why do you think it should be?
13:16 \ask joined #salt
13:17 sfxandy have you got your pillar top.sls configured correctly?
13:21 Guest71174 I think thats the problem i can't see the pillar with "salt '*' pillar.items" and i dont't no why. I configured all files like descripted at the tutorial: https://www.refheap.com/98105
13:22 sfxandy is pillar_roots configured in /etc/salt/master?
13:22 Guest71174 https://www.refheap.com/98106
13:23 Guest71174 i havend touched this so it still is # /srv/pillar
13:23 sfxandy ok
13:23 sr4f joined #salt
13:23 sfxandy i assume you have a file /srv/pillar/webserver/prod.sls?
13:24 Guest71174 yes with  webserver_role: prod
13:24 __gotcha joined #salt
13:25 jerematic joined #salt
13:26 sfxandy and if you run a salt '*' saltutil.refresh_pillar?
13:26 Guest71174 i tried this aswell but it didn't helped
13:26 sfxandy ok, just covering off the basics
13:27 Guest71174 sure :-)
13:27 sfxandy whats the hostname of your minion?
13:29 thayne_ joined #salt
13:29 Guest71174 master and minion are the same "l101.lemon.servdiscount-customer.com"
13:29 sfxandy so isn;t that the issue?
13:29 sfxandy the top.sls is matching on hostname isn;t it?
13:29 sfxandy or trying to
13:30 Guest71174 is this a problem?
13:30 sfxandy well yeah, as none of your hosts match "webserver*prod*"
13:31 g3cko joined #salt
13:32 Guest71174 ah ok i think i got it, my mistake :-)
13:32 sfxandy so just change the hostnames in your top.sls files for salt and pillar and you should be good to go
13:34 Guest71174 allright so I need setup some more hoste to make the tutorial
13:35 sfxandy well you can use the same host, but whatever you do just make sure your top.sls files match - either in full or by regexp - the physical host names
13:35 smontoya joined #salt
13:36 smontoya_ joined #salt
13:36 netzmonster joined #salt
13:37 smontoya hi
13:37 smontoya i have a question
13:37 smontoya i need some to install a module python
13:38 smcquay joined #salt
13:38 smontoya but i don`t want to cmd
13:38 jri left #salt
13:38 __gotcha1 joined #salt
13:39 wnkz joined #salt
13:43 figaro_ joined #salt
13:45 bhosmer joined #salt
13:48 cpowell joined #salt
13:48 andreyst joined #salt
13:50 intellix joined #salt
13:50 andreyst Hi all, how can I display the command that salt is running for a state and its whole output? I would like to see instead of 'Executing state docker.built for percona' something like 'Executing state docker.built for percona: docker build …', and its whole output, something like that
13:50 subsignal joined #salt
13:51 SheetiS joined #salt
13:52 schlueter joined #salt
13:53 mindscratch left #salt
13:58 toastedpenguin joined #salt
13:59 bhosmer joined #salt
14:00 stoogenmeyer__ joined #salt
14:00 jeremyr joined #salt
14:04 JDiPierro joined #salt
14:05 rypeck joined #salt
14:05 subsigna_ joined #salt
14:06 BerndSch left #salt
14:06 nitti joined #salt
14:07 LtLefse smontoya: I'd use pkg if the module is available in your distro's packages
14:07 LtLefse otherwise, pip_state
14:07 LtLefse http://docs.saltstack.com/en/latest/ref/states/all/salt.states.pip_state.html
14:12 gargrag joined #salt
14:12 gargrag Hi all,
14:12 gargrag which is the correct way, to perform an action when state changed
14:13 gargrag for example, if selinux was disabled then reboot
14:13 gargrag .
14:16 smontoya Thanks, LtLefse, but the package is not from my distro it`s one no
14:16 smontoya it`s one of our own
14:21 ALLmightySPIFF joined #salt
14:23 hal58th gargrag, If you are disabling selinux with a state, then you could "watch" that state and perform an action with cmd.wait
14:23 gargrag oh, hal58th , i think i could only watch a file.
14:23 gargrag can you make a draft for me?
14:23 gargrag i'm very new in salt
14:23 gargrag sorry
14:25 hal58th whats the state you think you want to watch?
14:25 hal58th what type of state, like a service or a cmd ?
14:26 mike25de hi guys... i have an issue with a state and file deployment.   SO:  i have a for loop that deploys some http conf files. all good so far.    Inside the conf files i need to change a jinja variable that exists in the loop... so when the file is deployed it will take the loop value and change the {{ value-from-loop }}  Do i make any sense?
14:27 LtLefse gargrag: I presume you are using the "selinux" state to change the state of selinux\
14:27 hal58th mike25de, just want to know how to use variables in a for loop?
14:27 LtLefse so you want to "watch" that
14:27 LtLefse or maybe use "onchanges" instead of watch
14:28 mike25de hal58th:   the variable from the loop ... needs to go inside the file that is deployed.
14:28 gargrag LtLefse: somthing as
14:28 gargrag watch:
14:28 gargrag - selinux.state
14:28 hal58th Ah I see… ok I have an idea.
14:28 hal58th one sec
14:28 mike25de cool hal58th !
14:29 bluenemo joined #salt
14:29 gargrag thanks hal58th LtLefse got ir working.
14:29 LtLefse cool
14:32 hal58th mike25de Check this page out. http://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.managed Then scroll down just a bit where it talks about "defaults" and "context". I believe it allows you to pass a variable down to the template. Never needed to use it so I can't help out to much
14:33 malinoff joined #salt
14:33 mike25de hal58th: THAAAAANKS
14:34 stoogenmeyer__ joined #salt
14:35 ekristen joined #salt
14:35 mike25de any idea how to use the context option for a file.manage? :)
14:35 racooper joined #salt
14:36 hal58th Just looks like you pass a variable. Just use that same variable in the template. Do you not know how to template a file?
14:37 LotR joined #salt
14:37 mike25de hal58th:  yep... let me try now... i will let you know in 2 sec
14:38 hal58th k
14:39 synical joined #salt
14:40 LotR hmm.  the salt.states.file docs have {% if grains['os'] == 'Ubuntu' %}. but how would I check if a value is in a dict? like for the roles grain, that can have more than one value?
14:40 andreyst joined #salt
14:42 babilen roles .. do .. not .. belong .. in .. grains *twitch*
14:42 babilen webserver_role:prod in targeting should work
14:43 badon_ joined #salt
14:43 babilen Or use "foo in bar"
14:43 LotR babilen: where do roles belong then?
14:44 hal58th mike25de. Running to saltconf. good luck
14:44 mike25de hal58th: thanks mate !!!
14:44 LotR and thanks, that works
14:47 babilen LotR: In a datasource that is *not* under control of the minions (e.g. a database you use as external pillar, pillars, ...)
14:47 otter768 joined #salt
14:48 * LotR looks up external pillars
14:49 hybridpollo joined #salt
14:49 jtang joined #salt
14:49 ndrei joined #salt
14:51 LotR babilen: oh, you're saying putting it in the regular pillar would make sense too, right?
14:52 babilen LotR: Let me elaborate on that (in a second)
14:52 babilen (well, 5 minutes)
14:53 stoogenmeyer__ joined #salt
14:53 dober left #salt
14:57 VSpike Spinning up Windows clients on AWS using salt-cloud is better than it was, but still seems sketchy
14:59 dober joined #salt
15:03 babilen LotR: So, back. Sorry for the delay.
15:04 LotR babilen: I'm new to salt, but not irc. I know about conversation lag :)
15:05 babilen LotR: The reason why people use grains lies rather in the fact that grains are available *everywhere* and are, in a way, the only "static" data you can reference/access/work with in various contexts than in the superiority of that approach
15:06 babilen It is therefore rather the effect of a shortcoming in salt (i.e. the unavailability of a static data source that can be used everywhere) than a sensible design decision.
15:07 babilen Most people agree that the assignment of roles should *not* be controlled by the minions themselves (grains are rendered on the minion), but on the master or another authoritative data source
15:08 babilen Using roles in grains is particularly problematic if you use them for pillar targeting as pillars are often used for sensitive data. That would be like asking a person you want to authorise if they are being authorised (to which they naturally reply "Yeah, sure!")
15:09 babilen That as background.
15:10 schlueter joined #salt
15:11 dude051 joined #salt
15:11 markm joined #salt
15:11 babilen External pillars are datasources such as various databases that make their data available as pillars and are, together with "normal pillars" a very sensible choice for storing "roles" (which are, keep that in mind, simply used for the targeting of states and data). They can, however, not be referenced everywhere and can, in particular, not be used for targeting pillars themselves (as they have to be rendered before ... chicken and egg)
15:12 babilen This leaves you with several options that really depend on what you actually want to achieve by "roles"
15:12 debian112 joined #salt
15:12 josephleon joined #salt
15:13 babilen The first is to not use roles at all but simply target based on the minion id. That is easy and, together with a sensible naming scheme such as foo-test-web1.example.com, might be all you need.
15:13 numkem and yet most examples shows the use of roles with grains
15:13 babilen yes, which is why I provide some background
15:14 numkem i'm currently working on implementing this
15:14 numkem if only we could target minions with a pillar it would make the whole problem vanish
15:14 babilen You can use grains for roles iff (and this is important) you don't make any sensitive decisions based on them. Grains are provided by the minions. If you don't trust your minions you cannot trust their grains.
15:14 babilen numkem: You can target minions by pillar
15:14 _JZ_ joined #salt
15:15 mike25de another stupid Q from my side:  within a loop i deploy 5-10 http/apache conf files.  After the loop is done... i need to know if any of the files were updated so i can restart apache.  Any idea how to do this? .. how to check that a file was updated (maybe with a jinja flag/variable?) Thanks
15:15 babilen Which brings us to another approach: Targeting by pillar. The way this works is detailed in http://docs.saltstack.com/en/latest/topics/targeting/compound.html (cf. Pillar glob)
15:16 numkem coupound matching ftw
15:16 numkem *compound
15:16 mike25de numkem:  i always target based on the pillar roles/definitions.  pillar data is on the master.. so i know i can trust it.
15:16 eliasp mike25de: see "watch/watch_in": http://docs.saltstack.com/en/latest/ref/states/requisites.html
15:17 babilen You can, as mentioned earlier, not target pillar themselves by pillar, but it works great for states. Pillars can also be kept in external datasources such as various databases (see http://docs.saltstack.com/en/latest/ref/pillar/all/ for a list)
15:17 harkx joined #salt
15:17 babilen This makes sense and is nice and *safe*
15:17 numkem mike25de: how do you define the roles? Via their hostnames?
15:18 babilen Another variation on this scheme are nodegroups ... Nodegroups are great, but suffer from the drawback that you have to restart the master if you want to make changes to them at the moment. Read http://docs.saltstack.com/en/latest/topics/targeting/nodegroups.html for details on that
15:18 mike25de numkem: each minion has a pillar file when i add the minion to salt...i create automatically the file and add some values like:   role:
15:18 babilen numkem: We populate a database with "roles" and use that as external pillar
15:18 mike25de numkem: each pillar is actually the hostname.sls
15:18 numkem mike25de: the file is create via the reactor? I was thinking an external pillar would be a good thing here
15:18 eliasp besides that, I think nodegroups are on their way of being phased out in future releases…
15:19 schlueter1 joined #salt
15:19 babilen Ah, okay
15:19 mike25de numkem:  i don't use reactor... i have my own web interface where i accept minion keys.. and a lot of automation there
15:19 babilen I don't use them anywhere, but thought that they deserve a mention in this context
15:19 numkem mike25de: ok, I use foreman so maybe I can do something with that
15:20 refnode joined #salt
15:20 babilen LotR: So .. I guess I confused you horribly. It really depends on what you actually want to do, but storing roles in grains is simply lazy and using them might be dangerous. Nobody says that laziness isn't good (we all wouldn't have a job if that were the case), but you should be aware of its drawbacks
15:21 LotR babilen: no, I get what you're saying
15:22 LotR so far I know I can trust my minions, but thanks for the explanation. it's good to think about this
15:23 mike25de numkem:  i haven't used foreman... i can't help you there.
15:26 djinni` joined #salt
15:29 numkem mike25de: I think there is something called foreman-hooks I can use when creating the host
15:30 smcquay joined #salt
15:34 mike25de cool numkem
15:34 josephleon joined #salt
15:35 evilrob I'd read somewhere, but can't find at the moment, that it's possible to do PCRE in pillars.  For instance, if I have 3 web servers in austin aus-web-01, 02 and 03, I'm wanting to put something in my if statement in the pillar to match "aus-web-\d\d".  Can someone point me to a resource for that?
15:36 babilen LotR: Just imagine some servers would be able to get hold of private certificates or you granted users root on some of your minions and they tinker with the grains to get access to your private SSH key (which you foolishly targeted by grain)
15:36 MTecknology Sooooo tired...
15:36 babilen evilrob: http://docs.saltstack.com/en/latest/topics/targeting/compound.html
15:36 babilen MTecknology: Why am I not surprised?
15:36 MTecknology They woke me up three times last night.
15:37 babilen MTecknology: Did you join eventually?
15:37 MTecknology nope
15:37 babilen Have you given your talk already?
15:37 LotR babilen: yes, I got it. I don't have sensitive data here yet, and all minions are local. but I will start moving away from roles in grains
15:37 babilen cool
15:38 btorch joined #salt
15:38 conan_the_destro joined #salt
15:39 evilrob babilen: so something like "if grains['id'] == 'E@aus-web-\d\d' " ??
15:39 mike25de LotR: never trust anyone :) babilen is right... keep everything on your salt masters
15:42 schlueter joined #salt
15:46 stylica joined #salt
15:47 babilen evilrob: That regular expression is being matched against the minion id - is that what you want?
15:47 __gotcha joined #salt
15:48 stylica joined #salt
15:49 Brew joined #salt
15:49 babilen evilrob: And you could simply use that in the targeting expression. You cannot use that in jinja ... jinja also makes it way too hard to use Python blocks and it is a bit tricky to use the re module in jinja templates. One sensible way to go is to write an external execution module in Python that implements the "minion id parsing" for you and returns a suitable dictionary. You can then call that with ...
15:49 evilrob babilen: yes, trying to match minion ID, but that's not working in my pillar.
15:49 babilen ... salt['your_execution_module.parse_minion_id_function'](grains['id']) in your jinja template
15:50 babilen evilrob: Alternatively write the SLS file in mako which allows you to include Python blocks easily: http://docs.makotemplates.org/en/latest/syntax.html#python-blocks
15:51 babilen evilrob: Define 'not working' please. I doubt that it is, much like me after a long day, is simply chilling on the couch ;)
15:51 evilrob ok.  well if I can't use that in the jinja template, that explains why it's not working.  I'll look into the others.
15:51 evilrob yeah... it's having a beer at the moment :)
15:52 babilen evilrob: You can use the targeting expressions in the top.sls and as argument to the salt command (as in "salt -C 'E@aus-web-\d\d' test.ping)
15:52 gladiatr joined #salt
15:52 gladiatr joined #salt
15:52 babilen You might be able to get away with "{% if grains['id'].startswith('aus-web-')  %}" but that has a different semantic.
15:53 evilrob that last should work for us.
15:53 babilen I typically implement a "parse minion id" function in an execution module and mumble "if only salt had chosen mako as default ..."
15:54 salty_to_the_cor joined #salt
15:55 babilen Is salt setting HOME in process/service environments?
15:55 elfixit joined #salt
15:55 iggy where is murrdoc?
15:55 babilen behind you </panto>
15:57 is_null joined #salt
15:57 is_null hi all, is there any way to have the env variable in a template ?
15:57 Ryan_Lane joined #salt
15:57 hackel joined #salt
15:58 kermit joined #salt
16:00 salty_to_the_cor Does the master compile all data for the minion on itself? The question is more towards does the master send the enitre matched pillar or just send the diff of what is required for the specific minion?
16:01 dude051 joined #salt
16:01 evilrob babilen: thanks for the suggestions.  I think the startswith() solution will work for us nicely.  Tested fine in vagrant, and we're planning on a standard naming convention, so that should be fine for us.
16:01 eliasp salty_to_the_cor: depends on what you're doing… the states will be "precompiled", but the minion also has access to all pillars it was assigned… see "salt your-minion pillar.items"
16:02 jab416171 joined #salt
16:02 babilen evilrob: Great .. the simpler the better. It's a pain that you can't easily use the re module (it would come in so handy for this!) in jinja, but endswith, startswith, contains and other Python string methods are often "enough"
16:03 trades_ joined #salt
16:04 getling joined #salt
16:05 getling So for LDAP external_auth - I'm having trouble finding docs on user-initiated binds rather than using a service account or anonymous binds. Does anyone have a similar setup and can share their auth.ldap.binddn and auth.ldap.bindpw settings?
16:06 illern joined #salt
16:07 ccarney_ROCC joined #salt
16:09 getling auth.ldap.binddn and auth.ldap.bindpw don't seem to support the {{ username }} style variables
16:13 theologian joined #salt
16:14 getling I end up getting a traceback every time, different based on what I change
16:14 getling File "/usr/lib/python2.6/site-packages/salt/auth/ldap.py", line 142, in _bind     paramvalues['binddn'] = ldap.filter.escape_filter_chars(paramvalues['binddn']) NameError: global name 'ldap' is not defined
16:15 dyasny joined #salt
16:16 schlueter1 joined #salt
16:19 Ryan_Lane joined #salt
16:19 Andre-B_ joined #salt
16:20 getling nobody uses ldap external_auth that is here?
16:20 douglassssssssss joined #salt
16:21 chalcy0n getling: did you installed the python ldap module?
16:21 Corey getling: You're asking this question in the middle of the Saltstack General Session at SaltConf. :-)
16:21 douglassssssssss left #salt
16:22 getling LOL. totally missed that. No wonder its a ghost town here
16:23 bhosmer joined #salt
16:25 getling chalcy0n: Wasn't installed, thanks. Although it does not seem to have had an effect.
16:26 getling chalcy0n: Scratch that. Now the binddn {{ username }} is getting parsed correctly
16:27 chalcy0n getling: nice
16:27 getling now a cert problem to deal with, but that shouldn't be too big an issue
16:29 cpowell greetings, has anyone had a good experience writing states in pydsl or python?
16:31 schlueter joined #salt
16:32 hal58th joined #salt
16:32 clintberry joined #salt
16:33 beneggett joined #salt
16:33 salty_to_the_cor joined #salt
16:34 iggy some have
16:35 iggy kind of a bad week though, most of us are at saltconf
16:35 cpowell I know, I am not happy that I am missing it
16:35 salty_to_the_cor My question is more towards, if the pillar file is 3.5 mb large and the minion specific content for that specific minion is less than 10kb. Would it mean i will send the entire file to the minion, or just the diff of what the minion needs
16:36 salty_to_the_cor Does the master just compiles the content from the pillar and sends it to the minion(which is meant for that minion)
16:37 iggy don't make 3.5M pillar files
16:38 LotR is it a bad idea to restart the minion service from a highstate?
16:38 nich0s joined #salt
16:39 chalcy0n LotR: kinda you should use at to schedule the restart for you
16:39 nich0s joined #salt
16:39 LotR ah, that makes sense
16:39 chalcy0n should = could
16:40 salty_to_the_cor i agree, its a bad idea, no doubt about that. Could you please comment on the master reading the pillar data and compiling it also. Does the master prepapes a dictionary for minion specific data and on the pub-sub channel
16:41 salty_to_the_cor sends*
16:41 Ryan_Lane joined #salt
16:41 getling Ugh. Looks like I have to manually set LDAPTLS_CACERT for TLS to work, and its not in the RHEL init script
16:42 nich0s left #salt
16:42 nich0s joined #salt
16:43 chalcy0n salty_to_the_cor: pillar data is compiled and rendered on the master per minion I believe
16:43 vxitch joined #salt
16:45 aparsons joined #salt
16:46 thedodd joined #salt
16:46 dthorman joined #salt
16:46 salty_to_the_cor Thanks :chalcy0n . In this case it should be ok to make large pillar file? I am actually thinking to put all config related to all servers in one large pillar file, one entry per host. Is there any recommendations how to write pillars for maintaining separate config for say 100 servers
16:47 is_null joined #salt
16:47 jalbretsen joined #salt
16:47 thayne_ joined #salt
16:47 nitti joined #salt
16:49 chalcy0n salty_to_the_cor: it will be better using a common pillar file and a specific pillar file per minion by using the right glob filters in the pillar top.sls
16:52 btorch joined #salt
16:53 salty_to_the_cor chalcy0n: how does this scale if every server has almost a diff setup and installation?
16:53 riftman joined #salt
16:53 ventris joined #salt
16:54 stwb joined #salt
16:55 asdqweasdzxc joined #salt
16:55 wendall911 joined #salt
16:56 schlueter1 joined #salt
16:56 StDiluted joined #salt
16:57 chalcy0n salty_to_the_cor: it isn't
16:57 is_null joined #salt
16:58 rofl____ any action at saltconf?
16:58 Ryan_Lane joined #salt
16:58 salty_to_the_cor chalcy0n: is there a best practice or any recommendations how to do it in this case?
16:59 tligda joined #salt
16:59 nich0s rofl____: The keynote is on now.
16:59 rofl____ any live streams?
17:00 nich0s Not that I'm aware of. Anyone?
17:00 rofl____ :/
17:00 LinuxHorn i can liveblog it
17:00 rofl____ wooh
17:00 LinuxHorn we are on speaker #4
17:00 rofl____ :)
17:00 LinuxHorn vmware
17:00 iggy LotR: its safe... it'll be done in a seperate process safely... it's somerhing the devs actually thought of before hand
17:00 LinuxHorn they are big
17:00 LinuxHorn like really really big
17:01 iggy lol
17:01 LotR iggy: oh, neat
17:01 LinuxHorn You just won't believe how vastly hugely mindbogglingly big vmware is
17:01 LinuxHorn hhg2g quotes ftw
17:01 rofl____ enterpricey
17:01 LotR haha. LinuxHorn++ # hhgttg reference
17:01 rofl____ they use salt?
17:01 iggy they have cloud stuff
17:02 LinuxHorn yep to vmware using salt
17:02 beneggett joined #salt
17:02 rofl____ fuck yeah
17:02 LinuxHorn we saw a sneak peek of the new salt enterprise UI last night at the welcome reception
17:02 zach joined #salt
17:02 iggy salt-cloud talks to vsphere
17:02 LinuxHorn they unveil it officially today or tomorrow
17:02 rofl____ LinuxHorn: oooh shiny
17:02 LinuxHorn its pretty
17:02 rofl____ expensive i guess?
17:02 zach anybody know how i can make rvm work?
17:02 nich0s Yeah. It's really, really pretty.
17:02 iggy yes
17:02 rofl____ and alot better than halite..
17:02 pravka joined #salt
17:02 zach is there a workaroudn?
17:02 LinuxHorn haven't seen cost
17:02 shaggy_surfer joined #salt
17:03 nich0s I don't know that the prices have been announced yet, but I'm guessing it will be reasonable.
17:03 salty_to_the_cor how vastly are vmware usiing salt? any numbers? 100 servers? 1000?
17:03 shaggy_surfer joined #salt
17:03 rofl____ anyone tried saltpad?
17:03 rofl____ https://github.com/tinyclues/saltpad
17:03 LinuxHorn i would think similar to ansible tower type pricing, $5-$10 a node or such monthly
17:03 iggy it's part of SaltStack Enterprise which is cheaper than puppet wnterprise, but not much
17:04 iggy it's more than 10/month
17:04 schlueter joined #salt
17:05 LinuxHorn 10.01 a month?
17:05 chalcy0n pff /me falling in sleep   ....bla bla vmware..
17:06 wnkz joined #salt
17:06 nich0s chalcy0n: same.
17:06 LinuxHorn yep
17:06 LinuxHorn decent info from the speakers, but none of them are Steve Jobs in presentation style
17:06 LinuxHorn or even Ballmer
17:06 ccarney_ROCC left #salt
17:06 LinuxHorn I'd take a ballmer right now
17:06 nich0s Developers, developers, developers...
17:06 chalcy0n yeah im missing that
17:07 nich0s I thought the tech evangelist was entertainign.
17:07 Corey LinuxHorn: Come to my talk at 4:45. :-D
17:07 nich0s It's about time to start a chant for Tom.
17:07 LinuxHorn i'm trying to study for ssce during this
17:07 LinuxHorn missed it by 1 f'ing question last night
17:07 LinuxHorn re-take today
17:07 Corey LinuxHorn: Good luck.
17:07 nich0s LinuxHorn: Good luck! Kill it today. :)
17:07 LinuxHorn worst feeling ever to get a 79% when you need 80%
17:07 Corey LinuxHorn: Pro Tip, have a few VMs set up and ready to go on your laptop.
17:07 iggy ^
17:08 LinuxHorn yeah, i had a minion and master for looking at man pages and --help |grep along with docs.saltstack.com
17:08 LinuxHorn now i know mainly what pages on docs many questions will come from
17:08 chalcy0n same here
17:08 LinuxHorn have tabs open for each of those
17:08 iggy i looked up a bunch stuff during the test on my VPS
17:08 nich0s http://docs.saltstack.com/en/latest/salt-modindex.html <— The core of my 75%.
17:08 iggy the other page i foinf useful was the example configs in the docs
17:09 iggy found
17:09 LinuxHorn thanks all
17:09 nich0s @iggy: This? http://docs.saltstack.com/en/latest/ref/configuration/examples.html#configuration-examples-master
17:10 giannello joined #salt
17:10 Corey SSCE was a bit... interesting last year.
17:10 nich0s How so?
17:11 Corey nich0s: More trick questions. It was also gen 1, so there were some fun bugs.
17:11 mike2512 joined #salt
17:11 Corey "Not sure if they're being sneaky, or screwed up" style.
17:12 LinuxHorn dumb question (and not something i'm planning on doing)...  i know you can configure master to accept all keys automatically (maybe ok if you are on an isolated network i guess), but can you configure master/minion communication to be unencrypted?
17:12 LinuxHorn there were a lot of "A and B", A and C", B and C, all of the above, none of the above type questions
17:12 Corey LinuxHorn: Good question. I'm not sure; I've never tried.
17:12 Corey I know they were looking at shoving encryption into the transport layer, but that hadn't been done yet.
17:13 JDiPierro joined #salt
17:13 LinuxHorn also, from what i understand salt-ssh can be used to control systems that don't have minion?
17:14 LinuxHorn i.e. i could write a module using salt-ssh to control a router or some other hardware device without an api using ssh and then sending commands over that session in a module?
17:14 Corey LinuxHorn: Yes. Mostly.
17:14 Corey LinuxHorn: However, you'll have better results with http://docs.saltstack.com/en/latest/topics/topology/proxyminion/index.html
17:15 iggy the only numbers i can find for saltstack enterprise is 150/year/node
17:15 LinuxHorn neat
17:15 Corey iggy: Yes, that's MSRP.
17:15 Corey iggy: Also known as the chump price.
17:16 LinuxHorn 150/year/node is about the same 10 a month that unusable did/does (assuming msrp)
17:16 nich0s joined #salt
17:16 LinuxHorn vmware guy just about done
17:17 Corey Yes.
17:17 Corey I'm not such a fan of VMware as a company.
17:17 hal58th Are you sitting in this keynote Iggy?
17:17 giannello anyone managed to make salt-api (with cherrypy) expose the events bus over websockets?
17:17 Corey They're the old guard. The dinosaur who doesn't know they're on borrowed time...
17:17 LinuxHorn mark Chen back on stage
17:17 LinuxHorn vmware is actually doing some cool cloud-y thing
17:17 iggy i am... right next to ahlee
17:17 LinuxHorn s
17:17 desposo joined #salt
17:18 hal58th These keynotes were pretty boring. I am next to Mtecknology five rows back
17:18 LinuxHorn i'm in row 3, one of the two dorks wearing black rackspace jackets with a giants rackspace logo on the back
17:18 Ahlee we need a streaker to liven things up
17:18 giannello apparently the event_stream in rest_cherrypy/app.py never gets called
17:18 LinuxHorn where do y'all work?
17:18 LinuxHorn i'll donate $1 to the streaker for bail
17:18 amcorreia_ joined #salt
17:19 Ahlee giannello: Yes, I've had it working before
17:19 hal58th ah ok. Im wearing the grey shirt and grey sweatshirt behind you. Carl is my name
17:19 hal58th I work at Ntrepid in San Diego
17:19 * LinuxHorn is Evan
17:19 petong joined #salt
17:19 LinuxHorn pretty clear from my snazzy jacket i'm a Racker
17:19 Corey I'm probably the only person here wearing a suit.
17:19 LinuxHorn out of Austin
17:20 LinuxHorn Corey: how dare you sir
17:20 MatthewsFace joined #salt
17:20 Corey LinuxHorn: Y'all are underdressed!
17:20 LinuxHorn not possible
17:21 LinuxHorn time to stand up!
17:21 MatthewsFace joined #salt
17:23 signull joined #salt
17:24 giannello Ahlee, do you remember if there's any particular option you had to enable?
17:24 Ahlee giannello: i'm looking now
17:26 Ahlee giannello: when you call /events after authing, you're not getting anything?
17:27 tomh- joined #salt
17:28 giannello I'm not calling /events
17:28 giannello I'm using /ws
17:28 Ahlee oh
17:28 giannello and yes, after my websocket client is attached, I get nothing
17:28 giannello let me try with the /events endpoint...
17:28 schlueter joined #salt
17:29 __gotcha joined #salt
17:30 Ahlee relocating, back in a few minutes
17:30 nich0s joined #salt
17:34 josephleon joined #salt
17:35 bemehow joined #salt
17:36 giannello ok, the /events endpoint works
17:36 KyleG joined #salt
17:36 KyleG joined #salt
17:41 schlueter joined #salt
17:41 hal58th joined #salt
17:41 beneggett joined #salt
17:43 schlueter1 joined #salt
17:43 andrew_v joined #salt
17:43 Ryan_Lane joined #salt
17:45 SneakyPhil I've been looking at documentation but cannot find out how to use cmd.run to do a command substition
17:46 iggy define
17:47 SneakyPhil a simple example would be   salt 'node' cmd.run "echo $(free -mt)"
17:47 aquinas joined #salt
17:48 iggy that doesn't work?
17:48 SneakyPhil I have a much longer command I'd like to run from my salt master on some nodes to create load and test some alerting I've been setting up
17:49 schlueter joined #salt
17:49 SneakyPhil It does not work => http://pastebin.com/raw.php?i=JqLW4f2M
17:49 murrdoc joined #salt
17:49 murrdoc whats the recommended file mode for sls files
17:51 Andre-B joined #salt
17:52 iggy 777
17:52 murrdoc <3
17:53 iggy where are you?
17:53 murrdoc find -type -f -name '*sls' -exec 'chmod 0777\;'
17:53 schlueter1 joined #salt
17:53 murrdoc REST talk
17:53 murrdoc Ballerroom D
17:55 murrdoc where u at
17:55 sk_0 joined #salt
17:56 thayne_ joined #salt
17:59 jeremyb joined #salt
18:01 nikogonzo SneakyPhil: try to escape the subshell inside the doublequotes; i.e. cmd.run "echo \$(free -mt | awk '/^Total/{print $2/1024}') GB"
18:01 nikogonzo note i didn't escape the $2 in awk because it's encased in single quotes
18:02 nikogonzo which is wrong, you've gotta escape that too >_>
18:02 murrdoc :D
18:05 sk_0 joined #salt
18:06 chalcy0n Anybody a glue why the default pillar_roots base is located at /srv/pillar and not /srv/salt/pillar
18:06 I3olle joined #salt
18:06 faliarin joined #salt
18:07 getling Anyone seen this error in conjunction with external_auth?
18:07 getling 2015-03-04 12:34:07,147 [salt.master                                ][INFO    ] Clear payload received with command publish 2015-03-04 12:34:07,148 [salt.master                                ][WARNING ] Authentication failure of type "user" occurred.
18:08 murrdoc chalcy0n:  u can configure it to whatever u want
18:08 murrdoc its all about namespacing
18:08 chalcy0n murrdoc: true true
18:08 murrdoc like do u put all your salt code under /srv or /srv/salt
18:09 murrdoc i do /srv/salt/state and /srv/salt/pillar and /srv/salt/ext_module
18:09 chalcy0n /srv/salt
18:09 chalcy0n ah nice
18:09 murrdoc its ridiculously configurable
18:10 chalcy0n yeah it is thank god there is something like a best practise guide
18:10 iggy hal87th and i juat bombed oit of the core components talk... inrest talk now
18:10 murrdoc nice
18:10 murrdoc it just got interesting here
18:11 nich0s murrdoc: +1
18:11 ek6 joined #salt
18:12 iggy "highstate is a little beyond this talk" we were out
18:12 murrdoc i just raise my hand everytime so the dude can move on
18:12 nich0s iggy: ouch
18:12 * murrdoc yells GET TO THE MEAT OF THE TALK
18:13 SheetiS M E A T
18:13 SheetiS :P
18:13 ek6 to whom does one send saltconf....constructive criticism?
18:13 davet joined #salt
18:13 nich0s There is a feedback section in the eventmobi page.
18:13 nich0s eventmobi.com/saltconf15/
18:14 arcjun5 joined #salt
18:14 iggy we've been ripping them in here, but realisstically saltconf@saltstack.com
18:15 ek6 the cartoony pictures are just getting a bit old iggy
18:15 ek6 even the examples are not examples
18:15 murrdoc this guy is talking about his code
18:15 murrdoc I CAN READ CODE
18:15 murrdoc SHOW USE CASES
18:15 murrdoc i need to come to confs with banners
18:15 chalcy0n lol
18:15 nich0s Lol
18:16 ek6 but i may just be bitter after the opening session that was content free
18:16 murrdoc skipped opening session, needed to eat bfast
18:16 ek6 oh banners...wonder if its too late for that
18:16 ek6 you made the wise choice
18:16 murrdoc SHOW USE CASES
18:16 nich0s There's a lot of free paper around.
18:16 murrdoc thats what mine would say
18:16 schlueter joined #salt
18:17 * nich0s cheers.
18:17 ek6 well i dont just want a use case that has four rectangles with lines connecting them to a triangle..
18:18 iggy hey, i'll take this rest class over the other one
18:18 murrdoc shot down
18:18 bregalad joined #salt
18:18 ek6 if something worthwhile breaks out in the api room let me know..
18:19 bregalad saltconf, yay
18:19 nich0s yay
18:20 murrdoc "the salt enterprise gui looks nice"
18:20 murrdoc they showing this in your conference
18:20 iggy it's almost over
18:21 iggy murrdoc: showed it last night
18:21 ek6 so does cocaine but it also gets stupid expensive if your need is great
18:22 sk_0 joined #salt
18:23 schlueter joined #salt
18:23 theologian joined #salt
18:24 nich0s http://saltstack.com/saltstack-pagerduty-integration/
18:24 kawa2014 joined #salt
18:25 SheetiS mmm pagerduty
18:25 murrdoc I CAN GOOLE
18:26 desposo joined #salt
18:27 iggy we talked to this guy last night... hes got 8 talks... i'll give him a little leeway
18:27 nich0s Chairman Wao
18:27 p0rkbelly joined #salt
18:28 amcorreia joined #salt
18:29 theologian joined #salt
18:30 nikogonzo wat
18:31 SheetiS murrdoc: Teach me to goole!
18:31 murrdoc teach me to how dougie
18:31 murrdoc cos all my bishes love me
18:32 murrdoc you aint messing with my dougie
18:32 baweaver joined #salt
18:33 murrdoc weak talk
18:33 iggy murrdoc: ive got a gray hoodie and a slightly lighter gray golf hat
18:34 iggy and an orange backpack
18:34 lahwran joined #salt
18:39 nich0s joined #salt
18:39 forrest joined #salt
18:39 hobakill joined #salt
18:39 iggy and im in the troubleshooting talk now
18:39 toanju joined #salt
18:40 hobakill afternoon all. is there a quick way with salt cache or fileserver module to see the list of files that a minion has on it?
18:40 amcorreia_ joined #salt
18:40 Ryan_Lane joined #salt
18:40 nich0s Sitting in OpenStack this time around.
18:40 tkharju joined #salt
18:40 red_beard_ joined #salt
18:41 iggy hobakill: ls /var/cache/salt/minion/ somewhere
18:42 ajw0100 joined #salt
18:42 hobakill iggy, that's what i was looking for. thanks. :/
18:43 hobakill hmm. super annoying. so i'm trying to have gitfs only pull from the DEV branch but i don't think it's doing that... :(
18:44 hobakill though i don't know if i have a way to definitely see that.
18:44 giantlock joined #salt
18:44 wincyj joined #salt
18:44 iggy hobakill: you can't
18:44 shaggy_surfer joined #salt
18:45 hobakill ok. iggy well i think i found a yucky workaround.
18:45 murrdoc joined #salt
18:45 shaggy_surfer joined #salt
18:45 hobakill i put in a test.txt file in my DEV branch and it shows up in base.p in /var/cache/salt/master/file_lists/gitfs
18:45 hobakill but still  lists all my other branches tho i'm assuming it's not pulling from them.
18:47 germs_ joined #salt
18:47 murrdoc i need to start contributing to salt
18:47 murrdoc too  much complainings
18:47 thayne joined #salt
18:47 red_beard_ joined #salt
18:48 wincyj joined #salt
18:48 wirelessben joined #salt
18:48 murrdoc yo irc peoples, u see a brown dude, with a yellow linen shirt, floppy hair and an EC bag, holler
18:48 nich0s Watching the #salt-devel channel is entertaining. There has been a noticeable uptick in pull requests.
18:49 lempa joined #salt
18:49 otter768 joined #salt
18:49 murrdoc :)
18:49 murrdoc need to get -v on that channel
18:49 TyrfingMjolnir joined #salt
18:49 nikogonzo murrdoc: you at the optimizing and troubleshooting talk?
18:49 murrdoc yeah
18:49 murrdoc back of the back
18:50 hobakill i hate that i didn't get funding approval.
18:50 nikogonzo holla \o/ i'm the closest person to the speakers on the right
18:50 wirelessben It was good chatting in person with many of you in person last night at SaltConf15.
18:50 murrdoc holla!
18:51 wirelessben I'm Hawaiian shirt guy. Really ought to change my handle.
18:52 murrdoc i am in the row behind iggy
18:53 ajw0100 joined #salt
18:53 forrest nich0s: Yeah there usually is during saltconf
18:54 eliasp any ideas why a set is used for _skip_cmds and _cmds in _virtual() in salt/grains/core.py instead of a list? https://github.com/saltstack/salt/blob/develop/salt/grains/core.py#L469
18:54 cpowell joined #salt
18:54 Ahlee spooky in ballroom a
18:54 eliasp this leads to odd results when _cmds contains only one element…
18:55 nich0s Scary optimization?
18:55 forrest Ahlee: Is that because you're so pale from the lack of sunshine in Chicago?
18:55 murrdoc https://github.com/saltstack/salt/commit/b644232594097edf1bcde9e182d75c9471398b8a
18:55 murrdoc Ahlee:  u from chicago ?
18:55 murrdoc or work out of there
18:56 dojobonobo joined #salt
18:56 Ahlee i live there
18:56 murrdoc eliasp:  looks like no good reason
18:56 murrdoc shoot me too
18:56 Ahlee nice
18:56 murrdoc well since mid december
18:56 eliasp murrdoc: yeah… so I'll make a list out of it… otherwise my addition of 'virt-what' there will horribly fail when the set contains just 'virt-what' as element
18:56 Ahlee hell of a time to relo
18:57 murrdoc i dont care for the weather, 20+ is spring
18:57 Deevolution Ahlee/murrdoc:  Is there a current Salt user group in Chicago?  Some co-workers and I have been talking about setting one up if not.
18:57 murrdoc hal58th would be in too
18:57 murrdoc or wait let me remember his nick
18:58 dojobonobo what is the best practice for working with a team where multiple people are editing salt states at the same time? we have our states under version control but it’s very difficult to develop/test states without being on the master and actually running highstates and such
18:58 forrest dojobonobo: Can you not create local VMs?
18:58 Deevolution dojobonobo: Vagrant
18:58 Ahlee Deevolution: not yet, Jon Raibes and i spoke about setting obe up
18:58 forrest dojobonobo: Yep I'd also say Vagrant
18:59 dojobonobo cool I have a vagrant file setup already.. thanks!
18:59 hobakill dojobonobo, +1 for vagrant
19:00 murrdoc we gotta get hobakill in too, hes in chicago
19:00 Ahlee damn, lots of us
19:00 rgarcia_ joined #salt
19:00 murrdoc Ahlee:  hobakill hal58th Deevolution
19:00 murrdoc who else
19:00 sfxandy joined #salt
19:00 Deevolution I have some co-workers, who may not be on IRC yet also.
19:01 red_beard_ we need start some type of meetup
19:01 sk_0 joined #salt
19:01 murrdoc there is a docker thing on monday
19:01 Ahlee terminalmage if you coubt aurora (lol)
19:01 Deevolution LOL
19:01 murrdoc whats aurora
19:01 red_beard_ BFE
19:01 Deevolution <-- Loop
19:01 hobakill murrdoc, get me in to what? trouble? easy!
19:01 murrdoc if its outside streeterville i barely recognize the place
19:01 Ahlee your citizenship is revojed untik you watch waynes world
19:02 murrdoc i live out of streeterville, devon, and where ever good food is
19:02 Ahlee logan square for the last decade
19:02 Deevolution murrdoc:  LOL
19:02 theo__ joined #salt
19:02 hobakill Ahlee, i'm in logan square too.
19:03 murrdoc can we meet at a place with good food
19:03 hobakill that's not tough in this city
19:03 murrdoc like lets meet at kuomo burgers and have them shut off the music
19:03 Ahlee infornal meetup at revolution
19:03 Deevolution Headquarters?
19:03 hobakill Logan Arcade
19:03 Ahlee worjs too
19:04 iggy jeez, why cant i run into 8people using salt in houston
19:04 Ahlee f you iphone keyboard
19:04 forrest iggy: Because houston :P
19:04 murrdoc where is houston
19:04 Ahlee lol
19:04 TyrfingMjolnir joined #salt
19:04 murrdoc sounds not safe for brown
19:05 luke joined #salt
19:05 nich0s Is there a user group in Houston?
19:05 hobakill but i bet houston won't be 17 degrees tomorrow.
19:05 murrdoc its been sweatshirt weather all week this week
19:05 numkem we are finally at 0 here in Montreal...
19:05 murrdoc <3 it
19:05 iggy you'd be surprised... they'd just think you were saudi or something
19:05 murrdoc the linen shirt
19:05 murrdoc i get that
19:06 iggy O&G ftw
19:06 murrdoc nah we had the option for going to houston or chicago because of wifeys job, or miami
19:06 forrest numkem: Yeah I did not enjoy my time there for Pycon last year coming from the desert.
19:06 pravka joined #salt
19:06 iggy it's 70 in houaton right now
19:07 forrest Granted that could also have been the fact that I had to fly across the entire country to get there.
19:07 forrest Main reason I'm not going this year.
19:07 forrest Too expensive.
19:07 Deevolution iggy:  Jealous...
19:07 iggy well... im in SLC now, so don't be jealous
19:07 murrdoc its 24 out and sunny
19:08 murrdoc nothing to complain about
19:08 Ahlee aka gorgeous
19:08 murrdoc i moved to chi after 11 years in santa monica
19:08 murrdoc i aint complaining
19:08 forrest iggy: Can you actually see the mountains this year? Or is the pollution too bad?
19:08 stackenschneider joined #salt
19:08 murrdoc i see em from the room
19:08 nich0s forrest: The mountains are beautiful.
19:08 forrest Nice
19:09 forrest last year I only saw them once during the whole trp
19:09 forrest *trip
19:09 iggy forrest: I've caught glimpses
19:10 iggy There was nice snow yesterday, other than that it's just been cold and wet
19:11 iggy I was too scared to take pics of the mountains the other day because I was in bumland and I had to keep one hand on my knife
19:11 Ahlee no more snow this week, at least
19:11 ajw0100 joined #salt
19:11 nich0s forrest: There are going to be a lot of tourist pictures of snow @ #saltconf15 on twitter.
19:12 forrest wooo
19:12 iggy I've got some on instagram and snapchat
19:12 murrdoc link
19:12 nich0s How's the optimization talk?
19:13 babilen Are talks streamed?
19:13 iggy I know most of what he's said so far, but definitely better than the first one
19:13 red_beard_ babileb: Nope
19:13 babilen bummer
19:14 babilen BOOOOO!
19:14 thayne joined #salt
19:14 babilen Are videos available after the talk?
19:14 iggy cachedout says up a lot (I can't legitimately complain because I'll probably do the same)
19:15 iggy *says um
19:15 numkem forrest: I'm so bummed I missed Pycon, won't be back here for a while I'm sure
19:15 forrest There's pycon 2015
19:15 forrest that is also in montreal
19:15 forrest good for you, bad for the rest of us :D
19:15 iggy babilen: I think the people talks are, but not the tech talks
19:15 babilen iggy: money?
19:15 iggy room size?
19:16 babilen How does that factor into streaming?
19:16 numkem forrest: seriously, woudl you happen to know when it is?
19:16 iggy these tech talks are in the huge rooms
19:16 forrest numkem: https://us.pycon.org/2015/ April 10-12
19:16 nich0s I doubt I'd be able to get a good livestream up and going.
19:16 babilen So what .. I've watched plenty of conference talks that were held in front of thousands of people (31c3 was probably the last one I attended and streamed)
19:16 forrest nich0s: Are they recording the talks?
19:16 giannello joined #salt
19:17 numkem forrest: cool, thank you
19:17 iggy the camera would have truoble keeping him in frame
19:17 murrdoc salt-run state.event sounds fun
19:17 murrdoc time to put it in a screen
19:17 hobakill forrest, if you look on youtube there are a ton of 2014 talks. i'd assume they'll do the same for 15
19:17 nich0s @forrest: There's a fancy camera in the back, so I'm going with yes. :p
19:17 murrdoc new recommendation for all 'where are my minions' questions
19:17 forrest numkem: np, if you can you should go, last year wasn't quite as good as 2013 just because some of the bigger speakers weren't there due to the distance.
19:17 Ahlee do the ret eventa fire jf ext_job_cache is set?
19:17 forrest hobakill: Yeah I know, my talk was recorded in 2014, just wasn't sure if they were recording again
19:17 forrest nich0s: Nice.
19:18 rofl____ youtube ftw!
19:18 rofl____ for us having the possibility to attend
19:18 rofl____ not* having
19:18 babilen iggy: Well, I assume that the issue is not really a technical one, but simply due to the fact that saltstack can make more money that way (or at least assumes that to be the case)
19:18 numkem forrest: do you know if they will this year? Doesn't eally matter, I think I'll just go no matter what, I'm sure saltstack will show up as well
19:18 Ahlee next year hey need tk live stream like nanog
19:18 babilen rofl____: So current talks are on Youtube then?
19:18 rofl____ babilen: some saltconf14 is out from last year
19:19 rofl____ guess saltconf15 talks will be available for later?
19:19 iggy there is actually a camera in here... with a red llight on
19:19 iggy so we'll see
19:19 murrdoc https://twitter.com/hashtag/saltconf
19:19 rofl____ bigbrother sees you
19:19 murrdoc aka verizon
19:19 murrdoc or atnt
19:19 pdayton joined #salt
19:20 shaggy_surfer joined #salt
19:20 murrdoc well this is fucking cool
19:20 murrdoc https://lite5.framapad.org/p/paris-sprint-salt-march-2015
19:20 babilen rofl____: Ah well, guess that we'll have to wait a few weeks/months then. Pity, I *love* watching streams of talks and discussing their content on IRC while they happen (also with members of the audience)
19:20 forrest numkem: I haven't looked at any of the talks since I'm not going. If I lived in Montreal I would go just to hang out with people I know, if you live there it's a no brainer to go. I'm just not willing to go this year because it's 500 bucks each way for airfare, which is too much
19:20 tkharju joined #salt
19:21 chrstphrhrt joined #salt
19:21 rofl____ babilen: totally agree..but i guess that needs somewhat alot of infrastructure and high costs
19:21 pdayton joined #salt
19:22 iggy babilen: as terrible as the wifi has been, you don't want real time
19:22 babilen haha
19:22 murrdoc babilen:  rofl____ here http://t.co/H8UPbFycaV
19:22 murrdoc reminise
19:22 nich0s iggy: Heyoooo
19:22 murrdoc reminisce ?
19:22 murrdoc whtever the word is
19:22 getling Finally figured out that I'm hitting bug# 20013
19:22 getling https://github.com/saltstack/salt/issues/20013
19:23 numkem forrest: That would be hard for you to make your employer pay for it as well...
19:23 forrest numkem: Yep
19:23 demophoon left #salt
19:23 murrdoc https://twitter.com/hashtag/saltconf?f=realtime nothing interesting
19:23 babilen murrdoc: Whose talk is it? (nickname)
19:24 ckao joined #salt
19:24 murrdoc https://twitter.com/hashtag/saltconf15
19:24 nich0s https://twitter.com/search?q=%23saltconf15&amp;src=typd
19:24 murrdoc babilen:  i dont know
19:24 iggy we were liveblogging the keynotes until the vmware guy then everybody fell asleep
19:24 murrdoc hhahaha
19:24 babilen oh noes
19:24 Ahlee ha
19:24 iggy cachedout
19:24 murrdoc decent breakfast here
19:24 babilen Well, good news for MTecknology
19:24 babilen (finally!)
19:24 josephleon joined #salt
19:24 murrdoc at the garden cafe
19:24 sk_0 joined #salt
19:24 murrdoc so much pineapple
19:26 apergos joined #salt
19:26 murrdoc gawd rtfm dudes
19:27 murrdoc ask a  good question
19:27 iggy anyone that says client or agent (instead of minion) gets laughs from me
19:27 murrdoc whats the recommended keep alive settings so that i dont lose my minions all the time
19:27 murrdoc haha client
19:27 nikogonzo why?
19:27 __gotcha joined #salt
19:28 iggy because they are minions!
19:28 babilen I love minions
19:28 Ahlee hehdont jusge iggy
19:28 babilen https://img1.etsystatic.com/022/0/8161970/il_570xN.481471115_32xy.jpg (salt (and pepper) minions)
19:29 * murrdoc tips waitress
19:29 babilen tmi
19:29 iggy just the tip?
19:29 Ahlee woo
19:30 spookah joined #salt
19:30 murrdoc ahale:  only in versions greater than 0.17.6
19:30 Ahlee i feel special that ive made such an ass of myself the staff all knkw me
19:30 Ahlee dont hate
19:30 murrdoc participate
19:30 murrdoc come have a seat
19:30 shaggy_surfer joined #salt
19:30 murrdoc iggy u n i are in a straight line
19:30 murrdoc if u make a line at 60 degrees
19:31 Ahlee lol math
19:31 toanju joined #salt
19:31 iggy hah! he knew your name
19:31 murrdoc confusing directions, check
19:31 Ahlee this talk is over,not worth it
19:31 murrdoc i came to meet the irc folks
19:31 Ahlee right?
19:31 murrdoc yeah this option is fun
19:32 murrdoc need to open more ports tho
19:32 murrdoc secret option we wont mention what for the people not here
19:32 Ahlee heh
19:32 murrdoc simplest solution for minions going bye bye
19:33 murrdoc test.ping schedule pillar
19:33 murrdoc running at 60 minutes
19:34 __gotcha1 joined #salt
19:35 babilen What's wrong with ping_on_rotate ?
19:35 babilen Ah, murrdoc went bye bye
19:35 aron_kexp joined #salt
19:38 angel333 joined #salt
19:38 angel333 left #salt
19:39 bantone iggy: you at the cnf?
19:40 bantone think I saw you ha
19:42 SneakyPhil I figured out how to run a complex command with command substitution. It's better to just put it into a script and use cmd.script
19:42 JDiPierro joined #salt
19:43 andrew_v joined #salt
19:43 iggy bantone: I am
19:45 iggy grey hoodie, grey(ish) golf hat, orange backpack
19:46 _JZ_ hey guys, any chance next years conference will be in Austin, Tx?
19:47 alexbst what about Middleburg, South Africa ?
19:48 bantone ya I saw you
19:48 bantone I work for Rackspace
19:48 bantone I will say hi next time I was trying to get into a meeting
19:49 bantone a talk I mean
19:51 nich0s joined #salt
19:54 josephleon joined #salt
19:56 __gotcha joined #salt
19:57 forrest _JZ_: I highly doubt it.
19:57 _JZ_ always gonna be in SLC?
19:57 forrest Not sure about that, but since saltstack is based in SLC, probably
19:58 _JZ_ gotcha.. with the new elastic{on} in SF, i'm gonna have to get the budget increased for the month of march from now on
19:58 bantone _JZ_: i know there's salt training in Austin
19:59 bantone there was some last year at least
19:59 _JZ_ traveling to two conferences in a single month blows my budget
20:00 bash1245_ joined #salt
20:00 __gotcha joined #salt
20:03 Brew1 joined #salt
20:03 josephleon joined #salt
20:03 bhosmer_ joined #salt
20:04 JDiPierro joined #salt
20:05 mafro lo forrest
20:06 forrest hey
20:06 forrest did you get your bootstrap issue fixed?
20:06 mafro yesterday I was wondering about salt-bootstrap and jessie
20:06 mafro ah no
20:07 mafro that bootstrap script is somewhat intimidating
20:07 mafro I'll need more time to be sure any fix is the right one
20:08 ek6 joined #salt
20:09 ek6_ joined #salt
20:10 mafro it also doesn't help that I don't know anything about systemd :p
20:10 ajw0100 joined #salt
20:11 forrest yeah I don't either
20:11 forrest are you getting an error trying to bootstrap a system?
20:11 mafro ah ok
20:12 mafro yep, just recreating a fresh one now
20:12 bhosmer__ joined #salt
20:12 funzo joined #salt
20:17 mafro I think maybe https://github.com/saltstack/salt-bootstrap/blob/develop/bootstrap-salt.sh#L2338 needs to be patched to test systemd
20:17 btorch is this correct ? python-pytest from saltstack ppa seems to conflict with python-py provided by precise .. universe that is though
20:22 __gotcha joined #salt
20:24 beneggett joined #salt
20:25 spookah joined #salt
20:27 ek6 joined #salt
20:30 bhosmer_ joined #salt
20:31 bhosme___ joined #salt
20:31 jerematic joined #salt
20:32 nich0s joined #salt
20:33 forrest mafro: Yep, looks like there isn't an ubuntu systemd check from what I see
20:34 baweaver joined #salt
20:34 mattiasr joined #salt
20:36 mafro forrest I can see for ubuntu the script checks for upstart first, and runs the debian /etc/rc check
20:36 mafro there's code for systemd in there, but not for deb/ubuntu
20:36 mafro I'll start there
20:39 ndrei joined #salt
20:40 wincyj i retrive such an error     Comment: State 'mysql_grants.present' found in SLS 'ocsinventory.server' is unavailable
20:41 wincyj few hrs ago it was fine
20:41 wincyj now its doesnt
20:41 wincyj wtF?!
20:41 forrest mafro: Sounds good
20:42 rgarcia_ joined #salt
20:42 linjan joined #salt
20:42 nich0s joined #salt
20:42 murrdoc joined #salt
20:42 murrdoc and we are back
20:42 pass_by_value joined #salt
20:43 nich0s I love watching the reconnects as people roll in as the breakouts start up.
20:43 iggy I'm in the GCE talk...
20:43 pass_by_value1 joined #salt
20:43 nich0s I'm in the automating that automated automation meeting.
20:46 red_beard_ joined #salt
20:47 murrdoc me too nich0s
20:47 murrdoc last row, next to the white dude in the hoodie
20:47 nich0s I'm in the front on the right near the table.
20:47 murrdoc frontbenchers
20:48 nich0s Well, second row.
20:48 murrdoc Ahlee:  dude emc uses 0.17 too
20:48 nich0s Nearly there.
20:48 nich0s Blue shirt.
20:48 murrdoc if i was a sniper
20:48 murrdoc i got a clean shot
20:48 nich0s If the talk goes south, take the shot.
20:49 murrdoc nah i got hopes on this talk
20:50 otter768 joined #salt
20:50 nich0s So do I.
20:52 hybridpollo joined #salt
20:52 murrdoc yo if the plugins talk starts talking abot beacons, share links
20:53 Ahlee murrdoc: vindicated!
20:54 murrdoc :)
20:55 arnoldB hey guys how can I bootstrap a salt minion using salt-bootscript and a git fork? "./bootstrap-salt.sh -M -K -g https://github.com/bechtoldt/salt.git git 2014.7-arbe" creates a new branch 2014.7-arbe instead of using the existing branch of my fork
20:55 wincyj joined #salt
20:55 arnoldB *salt-bootsrap
20:56 bantone ff
20:58 rgarcia_ joined #salt
20:59 murrdoc this is an excellent talk
20:59 gladiatr joined #salt
21:00 baweaver joined #salt
21:00 garthk jinja doesn’t have a split filter? yaaargh
21:01 garthk trying to extract network address from ipv4 address
21:01 murrdoc emc put the DEFAULT formula pillar in the map.jinja, so now u don't have to have a default pillar for formula
21:01 murrdoc nice
21:01 garthk might have to drop to python to write custom grain :(
21:01 lothiraldan joined #salt
21:02 salty_to_the_cor joined #salt
21:02 arnoldB garthk: write a custom exec module if there's really no other way. examples: https://github.com/bechtoldt/salt-modules/tree/master/_modules
21:02 salty_to_the_cor is there a way in salt to version states and pillars in salt? like the way we do in chef?
21:04 arnoldB salty_to_the_cor: you can work with git and tags/commits/branches. there's no salt/pillar versioning
21:04 arnoldB salty_to_the_cor: http://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html
21:04 nich0s +1 EMC talk.
21:06 salty_to_the_cor @arnoldB : is there any plans to incorporate this? do you know anyhting if such a feature will be coming to salt?
21:07 nich0s This talk isn't going to be long enough.
21:07 arnoldB salty_to_the_cor: https://github.com/saltstack/salt/issues/12179
21:07 perfectsine joined #salt
21:08 murrdoc i want to know how he deploys his debs
21:08 murrdoc i am smelling dh-virtualenv
21:08 thayne joined #salt
21:08 baweaver joined #salt
21:08 salty_to_the_cor thanks arnoldB
21:09 nich0s @murrdoc: Ask and you shall receive.
21:09 murrdoc \o/
21:11 hal58th joined #salt
21:12 ajw0100 joined #salt
21:13 badon_ joined #salt
21:16 iggy garthk: {{ network.address[0][1] }}
21:17 mordonez joined #salt
21:17 ek6 talk faster seth...FASTER!
21:18 garthk iggy: and there I was wading through salt.utils.network.interfaces() :)
21:18 murrdoc http://www.go.cd/ hotness
21:22 garthk iggy: Jinja variable 'network' is undefined
21:22 iggy garthk: okay, I'm in a talk, was trying to shorthand it
21:23 garthk iggy: np
21:23 iggy probably more like {{ salt['network.interfaces'][0][1] }} or something
21:23 iggy probably more like {{ salt['network.interfaces']()[0][1] }} or something
21:26 iggy use "salt-call network.interfaces" to see the actual data structure
21:26 iggy I'm not near a minion atm
21:26 garthk iggy: I can take it from here: it’s returning a hash, so I need to index using grains.ip4_interfaces
21:26 intellix joined #salt
21:27 garthk grains.ip_interfaces[0]
21:31 josephleon joined #salt
21:33 Brew joined #salt
21:35 pdayton joined #salt
21:35 racooper joined #salt
21:36 tafa2 joined #salt
21:37 SheetiS joined #salt
21:39 nich0s joined #salt
21:40 nich0s @Ahlee: o/
21:41 RM_ joined #salt
21:43 perfectsine joined #salt
21:43 yomilk joined #salt
21:45 iggy I'm doing the reactor talk now
21:46 nich0s iggy: let me know how it goes. I'm sitting in mission-critical financial services.
21:46 MTecknology slooooooow internet!!!
21:46 JDiPierro iggy: Any chance there's a livestream of that?
21:46 iggy not live, there's a camera
21:46 iggy probably on youtube later
21:47 JDiPierro Alrighty, will have to look it up later. We don't use Reactor yet, but I want to introduce it soon.
21:47 MTecknology I'm kind of interested in seeing how I did because of how nervous I was.
21:48 nich0s MTecknology: Which talk was yours?
21:48 MTecknology From Chaos to Order
21:48 iggy I'll be posting some of our resctor stuff soonish
21:49 Ryan_Lane joined #salt
21:49 iggy Think I'm going to do Ryan Lane's stalk after this
21:50 lifelearner joined #salt
21:50 Ryan_Lane stalking? :D
21:50 nich0s ROFL.
21:50 iggy well, I don't get to see tomorrow's since I' at the same time
21:50 iggy *I'm
21:50 sfxandy joined #salt
21:50 shaggy_surfer joined #salt
21:50 murrdoc joined #salt
21:51 iggy beacon talk
21:51 shaggy_surfer joined #salt
21:52 apergos left #salt
21:52 lifelearner I successfully added 10 minions and salt-key -L on master shows all of them... but when I ran "salt '*' cmd.run uptime", it ran only on a few of them. What do you think my problem might be?
21:53 murrdoc time
21:53 murrdoc try salt -t 180 '*' cmd.run 'uptime'
21:54 lifelearner murrdoc - OK, I'm running it now. Thanks.
21:55 lifelearner the same thing... didn't run it on the rest with no errors.
21:56 murrdoc salt -t 180 '*'  test.ping
21:56 warpaint joined #salt
21:57 lifelearner murrdoc - after my 5th node, it just hangs....
21:57 murrdoc interesting
21:57 murrdoc 10 nodes ?
21:58 salty_to_the_cor joined #salt
21:58 lifelearner murrdoc - does it mean, Salt cannot run a command on the rest of the minions if one of the minions in the middle (6th) has some connection issue?
21:58 lifelearner yep.
21:58 peters-tx joined #salt
21:58 murrdoc i havent heard that before
21:58 murrdoc since u are 'debugging'
21:58 lifelearner Just like sequential rsh <command>?
21:58 murrdoc do salt 'minion' test.ping
21:59 murrdoc try that see which one hangs
21:59 salty_to_the_cor woow, is this a case of an orchestrator or in general lifelearner
22:00 jstorey joined #salt
22:00 lifelearner I have no problem pinging the other minions from the master.
22:01 lifelearner Hmm... they're in the AWS.. maybe I should open up the Salt port on every minion @ AWS?
22:01 lifelearner One of the minions @ AWS responded, though.
22:02 lifelearner Maybe outbound port on minions @ AWS?
22:02 JDiPierro More of a general ops/deployment question than salt specific: Anyone have any suggestions for managing firewall rules to allow communication between minions? We're using Ubuntu's UFW and have a module to open needed ports.. which sucks because to get a new server to be able to communicate with other servers it needs to talk to we need to highstate all servers it'll talk to
22:02 iggy you just need the ports open on the master
22:02 lifelearner My master is in my LAN.
22:03 iggy minions connect to the master, not the other way around
22:03 tafa2 joined #salt
22:03 jstorey joined #salt
22:04 lifelearner So, from those minions @ AWS, no problem opening the port 4506 on the master.
22:04 mosen joined #salt
22:04 murrdoc there is two ports
22:04 murrdoc right ?
22:04 iggy 4505/4506
22:05 murrdoc http://docs.saltstack.com/en/latest/topics/tutorials/firewall.html
22:05 iggy for zmq
22:05 rgarcia_ joined #salt
22:05 mafro joined #salt
22:05 lifelearner Just checked - NP with 4505 & 4506 on the master.
22:05 lifelearner (telnet master 4505; telnet master 4506)
22:06 jstorey_ joined #salt
22:06 lifelearner hmmmm
22:06 TomJepp telnet?!
22:06 iggy if you can test.ping everything, it's not FW
22:06 jstorey joined #salt
22:07 murrdoc he cant test.ping everyone
22:07 7GHAA1HYW joined #salt
22:08 iggy "lifelearner> I have no problem pinging the other minions from the master.lifelearner> I have no problem pinging the other minions from the master."
22:08 thayne joined #salt
22:08 whiteinge ek6: I saw that on my watch during the presentation...and took your advice. :-P
22:08 iggy minus one paste... shit wifi
22:08 jstorey joined #salt
22:09 iggy this talk is actually pretty good... actual use cases
22:09 murrdoc whiteinge:  one request that came out of the emc presentation is for sure formulas need to be able to have a _module and/or _states dir
22:09 iggy they can
22:09 murrdoc not sure if its doable
22:10 iggy at least I've seen some with them
22:10 whiteinge murrdoc: already works that way :-)
22:10 murrdoc so all formuals under say /srv/formula/<formulaname> , can have independant _modules and _states dirs ?
22:11 iggy under gitfs they work
22:11 whiteinge Yup
22:11 murrdoc gitfs isnt necessarily a solution tho
22:11 iggy never tried having them under /srv/formula
22:11 murrdoc because not all the pops i hvae can get to my enterprise git
22:11 whiteinge Only caveat is that master-specific modules are not loaded on the master.
22:11 lifelearner I can test.ping only 5 out of 10... those I cannot, they don't show any outputs when I tried running "salt '*' cmd.run uptime".
22:11 murrdoc so it works if each formula has its own file_root
22:11 cberndt joined #salt
22:12 whiteinge There's a feature request to get that added.
22:12 iggy if you had the salt-formula checked out in /srv/formulas/salt-formula and /srv/formulas/salt-formula was in your file_roots, it should work
22:12 murrdoc yeah
22:12 murrdoc each formula will need an explicit file-roots entry for it to work
22:12 forrest whiteinge: Are you hiding in the back room?
22:13 whiteinge Of Dave's presentation, yes.
22:13 murrdoc and the _modules and _states need to exist only in the top level of the file root for them to be available everywhere
22:13 forrest whiteinge: Ahh.
22:13 iggy lifelearner: check from the minions (salt-call test.ping)
22:13 iggy whiteinge: Dave Boucha?
22:13 murrdoc the steve guy from emc made a super slick map.jinja for his formulas
22:14 murrdoc totally going to  adopt it
22:14 murrdoc he puts his whole pillar in the map.jinja
22:14 iggy murrdoc: only works in 2014.7+
22:14 Guest92482 share murrdoc!!!
22:14 whiteinge Link somewhere?
22:14 murrdoc no links yet
22:14 murrdoc whenever he shares his slides
22:14 iggy that's when they added default
22:14 forrest murrdoc: For what purpose?
22:14 murrdoc but the upside is now formula's pillars dont pollute the pillar space
22:14 forrest murrdoc: The map.jinja takes longer to process than the pillar data does.
22:14 murrdoc unless a formula is included in the state
22:15 cedwards live demos are the best #saltconf15
22:15 murrdoc so you can override it the configs with pillars
22:15 lifelearner iggy - salt-call test.ping is very helpful. It complains that my salt master key has got changed.
22:15 murrdoc but all 'defaults' live in map.jinja
22:15 lifelearner How can i remove that minion so that I can re-add it to the master?
22:15 lifelearner "service salt-minion restart" doesn't seem to work.
22:16 murrdoc forrest:  i have … 16 formulas right now in use, selectively or globally, across 10+ roletypes
22:16 forrest murrdoc: All standard stuff is supposed to live in the map.jinja (version, release, etc.), with the unique stuff for your configuration in pillar files.
22:16 jstorey_ joined #salt
22:16 murrdoc forrest:  nah, we only keep stuff that uses grains.filter_by in map.jinja and recommend the pillar to use with the formula
22:16 MTecknology forrest: You did the talk last year talking about maps pretty heavily, didn't you?
22:16 forrest murrdoc: *shrug*, seems weird to me. If you want to do that, just create a pillar, and include it in your top pillar.
22:16 forrest MTecknology: Yes.
22:16 murrdoc from what i have read forrest
22:17 murrdoc i am not explaining my problem
22:17 cedwards forrest: are you at the con again this year?
22:17 forrest murrdoc: I know
22:17 7F1AADPXZ joined #salt
22:17 forrest cedwards: Not this year, I couldn't come up with a good talk, and wasn't willing to drop 900 + airfare/lodging
22:17 iggy lifelearner: salt-key on the master and rm the master key on the minion
22:17 MTecknology cedwards: sup brah! Haven't noticed you in a billion years
22:17 murrdoc but basically pillar.items for a server now has all pillars available instead of all pillars applicable
22:17 murrdoc and that just doesnt sit right
22:17 cedwards MTecknology: I've been quietly lurking. Are you here this week?
22:17 MTecknology yup :)
22:18 MTecknology even gave a talk today
22:18 forrest murrdoc: I just don't like the idea of my pillar data being in a map.
22:18 forrest what if you have secure data?
22:18 murrdoc only cause i am trying to go full pillar driven for all our srvtypes,  forrest
22:18 murrdoc secure data wont live in a formula
22:18 cedwards MTecknology: which talk was yours?
22:18 forrest murrdoc: Fair enough
22:18 jstorey joined #salt
22:18 murrdoc but the key for it can be in the map.jinja with a blank ''
22:18 murrdoc chitown:  just finished his talk
22:19 forrest Yeah, just seems clunky, I don't like non-standard stuff going into the map
22:19 Ryan_Lane joined #salt
22:19 forrest if anything do like the hadoop formula does, with a secondary file which has all of those unique settings.
22:19 murrdoc what would be really nice
22:19 murrdoc is if the pillar for a formula
22:19 MTecknology forrest: I have a map of a bunch of private data and then I reference it in a different pillar that's actually used
22:19 murrdoc could come from a pillar directory in the formula
22:19 MTecknology cedwards: from chaos to order
22:19 forrest MTecknology: Gotcha
22:19 murrdoc totes modularity
22:19 forrest murrdoc: You can do that, just modify the minion conf.
22:19 forrest murrdoc: There's no automated way to do it though
22:20 MTecknology forrest: If I were at work,I'd share.. :(
22:20 murrdoc yeah except its not manageable, if u have tooo many formulas
22:20 murrdoc file_roots will become like 20 lines for me
22:20 forrest murrdoc: well, I don't know if salt errors with file_roots that don't exist
22:20 murrdoc for both pillar and states
22:20 forrest I don't think 20 lines is that bad
22:20 forrest better than than the abomination of putting pillar data into the map.jinja
22:20 murrdoc haha
22:21 murrdoc <3 that world
22:21 murrdoc word
22:21 cedwards MTecknology: I'll have to find you before you leave. Finally putting some more faces to names here.
22:21 forrest Seriously man, it's gross. It's like 'okay what if I took this thing that takes longer to process, and bloated it.'
22:21 iggy salt doesn't complain on missing file_roots
22:21 MTecknology cedwards: I didn't do great, but better than I expected. Ya, would be great to meet you. Especially considering how much we've talked in the past
22:21 forrest there you go then, even better.
22:22 forrest seriously, please don't put pillar data in your map.jinja
22:22 murrdoc forrest:  well _modules/_states work from formulas directory, but not pillars
22:22 MTecknology iggy: https://github.com/cro/saltconf/tree/master/mitigating/srv/salt
22:23 cedwards MTecknology: what talk are you in now?
22:23 MTecknology hardening
22:23 cedwards MTecknology: ahh. I think you're just next door. I'm in advanced event use cases
22:23 forrest murrdoc: Right, so you could do something like this https://github.com/saltstack-formulas/hadoop-formula/blob/master/hadoop/settings.sls
22:24 murrdoc ai dios mios
22:24 iggy I'm in the reactor/event talk
22:24 murrdoc any good
22:24 MTecknology cedwards: salt-ssh is up next
22:24 murrdoc i d rather include in a json forrest
22:24 murrdoc brb
22:25 cedwards iggy: I think I saw you last night..
22:25 iggy drunk guy with an orange back pack? Yep, that's me
22:25 MTecknology we've pretty much been forming an IRC group..
22:25 MTecknology I R Cool
22:26 nich0s joined #salt
22:30 MTecknology iggy: you ever getting back here? I realized that I have a need to copy your actions.
22:31 nich0s joined #salt
22:34 chrstphrhrt joined #salt
22:36 johtso joined #salt
22:36 StDiluted joined #salt
22:39 murrdoc joined #salt
22:40 lifelearner iggy - on my minion that the master cannot run a command on...
22:40 murrdoc1 joined #salt
22:40 lifelearner I see this error log: Attempt to authenticate with the salt master failed
22:41 lifelearner But this is a new minion that I just added... even yum install salt-minion for the first time.
22:41 lifelearner Do you know why this could have happened?
22:41 garthk lifelearner: did you forget to use salt-key on the master to accept the key?
22:41 lifelearner (And salt-key -A accepted the key for this minion successfully)
22:42 lifelearner garthk - salt-key -L on the master shows this new minion already.
22:43 chalcy0n w00t finaly my role based salt setup is workin, totally pillar driven :)
22:43 iggy I'm at ryan's talk now
22:44 tafa2 joined #salt
22:44 garthk lifelearner: did something change the master address in the minion configuration, so that now you are talking to a different master?
22:44 kermit joined #salt
22:44 iggy lifelearner: restart the minion?
22:45 lifelearner On this minion, this is the very first time installation and I specified the master's IP address in /etc/salt/minion.
22:45 lifelearner and of course I restarted salt-minion on this minion.
22:45 lifelearner and accepted its key on the master successfully.
22:46 murrdoc joined #salt
22:46 Pixionus Has anyone used Learnign SaltStack or Salt Essentials?
22:46 Pixionus if so I'm wondering which one would be a better buy for a noob
22:47 MTecknology I'd start with the docs
22:47 Pixionus (Colton Myers and Craig Sebenik & Thomas Hatch)
22:47 Pixionus Started with the docks
22:47 Pixionus Looking for a good book
22:48 Pixionus Essentials hasn't yet been released but I know some of y'all have already seen it so I figured I would still ask
22:49 MTecknology If Tom helped write it, it's probably pretty great
22:50 chalcy0n iggy: which talk are you at?
22:50 MTecknology we're at salt-ssh
22:50 murrdoc i am at thatchs talk
22:50 murrdoc i am ok with getting pitched a new container if its from this guy
22:50 otter768 joined #salt
22:51 murrdoc #madrespect
22:52 murrdoc this should go into the topic
22:52 murrdoc salt gives u the tools, not the doctrine
22:53 lifelearner Even turned off iptables, disabled selinux on this minion, re-installed the salt-minion, etc. - still the same issue authenticate with the master.
22:54 MTecknology lifelearner: 'salt-minion -l debug' on the minion
22:54 Ahlee lifelearner: name collision with previous minion?
22:55 Ahlee salt-key -y -d <minion> on master, stop minion, rm /var/cache/salt/ on minion, start minion, try accepting key again
22:56 josephleon joined #salt
23:00 baweaver joined #salt
23:01 lifelearner Ahlee - After deleting /var/cache/salt on minion and restart minion, the salt-key -A doesn't show the key for this minion.
23:01 iggy I'm at Ryan Lane's talk upstairs
23:02 murrdoc ask him why puppet is better
23:02 murrdoc especially because of their better dependancy tree implementation
23:02 murrdoc and random fuckall ordering
23:03 Ahlee lifelearner: hrm.  if you start minion with -l debug, does it throw an error about unable to auth?
23:03 Ahlee also, crap, i think the keys are under /etc/salt/pki* :(
23:03 Ahlee not the cache
23:04 Ahlee whoopsie doozles
23:04 murrdoc apt-get remove —purge salt-minion
23:04 mosen joined #salt
23:05 lifelearner Ahlee - yep, it says it cannot authenticate with the master.
23:05 Ahlee wierd.
23:05 Ahlee does /etc/salt/minion_id perchnace have a value in it that matches an existing node name?
23:06 baweaver joined #salt
23:06 iggy run the mionin in the foreground with -l debug
23:06 saltymoli joined #salt
23:07 lifelearner Ahlee - yep, it shows exactly the same hostname.
23:08 hybridpollo joined #salt
23:08 * Ahlee scrolls back to read what exactly has been reported
23:09 CheKoLyN joined #salt
23:09 lifelearner iggy - "salt-minion -l debug" displays several lines with no error and thinks for 20-30 seconds, then it says it cannot authenticate.
23:09 murrdoc salt-call config.get master
23:09 murrdoc or whatever the equivalent is
23:10 MTecknology lifelearner: firewall (probably); pbin 'iptables -L' from both
23:10 Pixionus to clarify, you've cleared the salt stored hostname and keys on the minion and you've removed the accepted key from the master, and then you've restarted the salt service on the minion?
23:10 lifelearner murrdoc - it just hangs.
23:10 Ahlee so last time i saw anything remotely close to this I stopped the master and minion, enabled open mode, started minion to accept key, stopped master to disable open mode, went about my day
23:11 Pixionus lifelearner: already removed the firewall
23:11 murrdoc do the open mode thing
23:11 murrdoc its the fastest fix
23:11 lifelearner murrdoc - How can I do the open mode thing?
23:12 MTecknology vim /etc/salt/master
23:12 lifelearner Pixionus - Yep, exactly that's what I did.
23:13 murrdoc google saltstack open mode
23:13 MTecknology lol
23:13 murrdoc we need a bot
23:13 murrdoc lifelearner:  http://docs.saltstack.com/en/latest/ref/configuration/master.html#open-mode
23:14 MTecknology I'm willing to bring one in here or spin a dedicated one up for saltstack to host
23:14 murrdoc do the former
23:14 murrdoc ok powering down
23:14 baweaver joined #salt
23:15 Pixionus I was getting this all the time.  I run a number of nodes on embedded systems and there were a couple of simple mistakes that basically had the master and minion non synced on some front.  One thing I remember fixing LONG time ago was the clocks on the minions since they came with some crazy date that didn't work for other authentication purposes
23:15 MTecknology I won't do either without prior discussion
23:15 rgarcia_ joined #salt
23:15 lifelearner Pixionus - this minion is in a different time zone (Germany).
23:15 lifelearner whereas the master is in USA.
23:16 Pixionus That shouldn't cause any problems
23:16 Pixionus One thing I've found though is that I like having everything UTC.
23:16 lifelearner OK.
23:16 murrdoc going offlice
23:16 Pixionus and synced with online clocks
23:16 murrdoc offline
23:18 Pixionus Not sure this will help since I might have been dealing with another systems authentication issues at the time but the first thing I do on my servers these days is install ntp and set it to sync to pool servers
23:19 MTecknology We run our own ntp servers, one in each DC
23:19 Pixionus It comes standard with a server's ip uncommented in ntp.conf which I comment out and uncomment the 4 pool's lower down
23:19 _JZ_ MTecknology do you use an GPS based receiver for your ntp server?
23:19 Pixionus MTecknology: you work with the same systems as lifelearner ?
23:20 MTecknology We == my company
23:20 Pixionus ah
23:20 MTecknology _JZ_: nah, I got written permission to pull from a few stratum 1 servers
23:20 Pixionus I was attempting to assist lifelearner since I've been through that same pain
23:21 Pixionus MTecknology: what was the reason for running y'alls own?
23:21 _JZ_ gotcha
23:21 MTecknology Pixionus: 12,000+ nodes
23:21 Pixionus lifelearner: I assume you have tried most of what they already suggested. Though I don't like running open so I never did that
23:21 Pixionus MTecknology: wowza
23:22 garthk Speaking of NTP: anyone know how long it’ll take ntpd to drag my clock to correct from 160s offset? 800+s offset?
23:23 Pixionus I figured it would pretty much just do it... maybe I missunderstood how it worked
23:23 MTecknology garthk: there's some point where too much drift will keep it from trying to correct (iirc)... If you're that far off, it's easiest to force a sync
23:23 Pixionus I implemented, it worked, I moved on.  Maybe that's not the best strat
23:24 lifelearner Pixionus: OK, let me try the open mode now. :)
23:24 garthk MTecknology: yeah, default panic is 1000; I’m not that far out
23:24 MTecknology ah
23:24 garthk Haaang on. It’s not writing to driftfile.
23:24 Pixionus lifelearner: make sure to turn it off after and read up on it before you impliment at all
23:24 fxhp joined #salt
23:25 Pixionus where can I find out what  salt.runners.manage.up() actually does?
23:25 Pixionus Should be in git or something?
23:25 MTecknology the source on github
23:25 Pixionus Sorry haven't dived into that much yet.
23:25 lifelearner If my master has the open_mode=True and my minion open_mode=False, it won't do the open mode, right?
23:25 MTecknology https://github.com/saltstack/salt/blob/develop/salt/runners/manage.py
23:26 Ahlee I wasn't aware there was open_mode minion config option
23:26 MTecknology there isn't
23:26 MTecknology I answered that like you didn't already know that for fact..
23:27 MTecknology Pixionus: specifically.. https://github.com/saltstack/salt/blob/develop/salt/runners/manage.py#L122
23:27 Ahlee heart you too mteck
23:27 yomilk joined #salt
23:27 MTecknology :)
23:27 lifelearner Even after I enabled the open_mode on the minion, "salt-minion -l debug" says the same authentication error.
23:28 lifelearner (I restarted the service after changing /etc/salt/minion)
23:28 lifelearner (also on master after changing /etc/salt/master)
23:28 MTecknology lifelearner: killall salt-master; salt-master -l trace
23:29 Pixionus Thanks MTecknology was having a bit of trouble finding it
23:30 Pixionus was looking in modules
23:31 lifelearner MTechnology - The same thing. I'm rebooting both the master and this particular minion in Germany.
23:36 thayne joined #salt
23:39 evilrob joined #salt
23:42 Pixionus ok, so still not sure.  Basically I was looking for how it checks the states of the minions and if I understand correctly it is running test.ping to create a list of all those that respond, but I still have some basic questions
23:42 Pixionus Like what is client.cmd  and where can I find it?
23:43 chalcy0n ///~.~.
23:43 Pixionus and when it says status(output=True) what is the output=True part of that
23:43 chalcy0n sorry about that...wifi..*sign*
23:44 Pixionus I am not a programmer and still trying to pick up the basics of all this for work
23:44 Pixionus so sorry if these are kinda stupid questions
23:44 bhosmer joined #salt
23:45 catpig joined #salt
23:45 Pixionus hey lifelearner you've been checking the master logs too right?
23:47 murrdoc joined #salt
23:47 ipmb joined #salt
23:48 MTecknology Is it possible to build a dynamic roster? .. I'd like to pretty much do  salt-key -L | grep foo | sed 'bar' > roster
23:48 bhosmer__ joined #salt
23:49 MTecknology just... only evaluated when I run salt-ssh
23:49 murrdoc no
23:49 murrdoc that would be nice
23:49 MTecknology :( bummer
23:49 garthk Easiest way to dump the after-Jinja version of a state file from the p.o.v. of a minion?
23:49 Ryan_Lane joined #salt
23:49 eliasp garthk: state.show_*
23:49 MTecknology I guess that should be easy esough to write
23:49 iggy MTecknology: in the new version there's a scan roster
23:50 MTecknology ah, yay :D
23:50 iggy or the cache roster
23:50 iggy also, look right
23:50 murrdoc u guys
23:50 eliasp garthk: http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.state.html#salt.modules.state.show_highstate
23:50 murrdoc get a room
23:50 murrdoc gawd
23:50 MTecknology you're here too!
23:50 aquinas joined #salt
23:50 murrdoc iggy:  look right
23:50 murrdoc its your mug
23:50 iggy ahlee is in front of me over one
23:51 iggy and ryan lane is next to MTecknology
23:51 murrdoc he is ?
23:51 garthk eliasp: nice; thanks
23:51 beneggett joined #salt
23:51 * murrdoc gets all stalkery
23:52 iggy the ryandlane.com blog guy
23:53 MTecknology I used that exact same picture in my presentation!
23:53 MTecknology I used it first.. so he copied me
23:53 salty_to_the_cor joined #salt
23:54 salty_to_the_cor is anyone in the linkdln session, i love the scale at which they operate!!!
23:54 iggy we all are
23:55 murrdoc nich0s is here too but then he left
23:55 salty_to_the_cor <sad> btw did you notice the master/minion ratio?
23:57 mosen can you bring saltconf to the other side of the world? :)
23:59 murrdoc the east coast ?
23:59 murrdoc whats the other side of the world
23:59 murrdoc south africa ?

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary