Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-03-25

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 yomilk joined #salt
00:01 micah_chatt_ joined #salt
00:06 longzh joined #salt
00:07 neogenix joined #salt
00:12 Xopher joined #salt
00:14 ALLmight_ joined #salt
00:15 bhosmer__ joined #salt
00:19 MindDrive Iggy: I just sent the gory details of my setup to the mailing list, if you're morbidly curious.
00:21 murrdoc MindDrive:  link ?
00:21 iggy not particularly... we don't have users... just me, but if anyone else ever comes asking for something similar I know where to send them now
00:23 MindDrive murrdoc: https://groups.google.com/forum/#!topic/salt-users/WAeJ3df_5AY
00:30 JDiPierro joined #salt
00:33 JDiPierro joined #salt
00:36 grrrrr joined #salt
00:41 illern joined #salt
00:47 kurt_ joined #salt
00:47 _JZ_ joined #salt
00:47 Zachary_DuBois joined #salt
00:50 georgemarshall joined #salt
00:53 elfixit joined #salt
01:07 Hell_FireW joined #salt
01:08 racooper joined #salt
01:08 bhosmer__ joined #salt
01:10 enarciso_ joined #salt
01:11 LeProvokateur joined #salt
01:13 dude051 joined #salt
01:14 favadi joined #salt
01:15 jerematic joined #salt
01:17 cmcmacken joined #salt
01:18 pravka joined #salt
01:21 racooper joined #salt
01:29 murrdoc joined #salt
01:33 otter768 joined #salt
01:38 Singularo joined #salt
01:39 crane joined #salt
01:41 Singularo_ joined #salt
01:47 poptart joined #salt
01:47 scbunn joined #salt
01:48 poptart left #salt
01:48 illern joined #salt
01:55 Hell_FireW joined #salt
01:56 rocket_ joined #salt
02:02 stooj joined #salt
02:06 murrdoc joined #salt
02:07 sunkist1 joined #salt
02:11 stooj joined #salt
02:14 CeBe1 joined #salt
02:15 markm joined #salt
02:23 malinoff joined #salt
02:24 mbrgm joined #salt
02:27 nich0s joined #salt
02:27 donmichelangelo joined #salt
02:28 thedodd joined #salt
02:41 Hell_FireW joined #salt
02:45 dillbilly joined #salt
02:46 mosen joined #salt
02:49 enarciso joined #salt
02:51 illern joined #salt
02:51 favadi joined #salt
03:13 ajw0100 joined #salt
03:14 murrdoc why doesnt the salt-runner for job, have the kill job function
03:16 Hell_FireW joined #salt
03:20 otter768 joined #salt
03:22 chandankumar joined #salt
03:23 sunkist joined #salt
03:23 chandankumar joined #salt
03:28 evle joined #salt
03:28 michelangelo joined #salt
03:28 _sifusam_ joined #salt
03:28 nicolerenee_ joined #salt
03:28 sarlalia1 joined #salt
03:28 beardo joined #salt
03:31 monokrome joined #salt
03:36 mens joined #salt
03:38 yomilk joined #salt
03:38 londo_ joined #salt
03:38 jerrcs joined #salt
03:40 Alan_S joined #salt
03:52 ilbot3 joined #salt
03:52 Topic for #salt is now Welcome to #salt | SaltConf 2015 is Mar 3-5! http://saltconf.com | 2014.7.2 is the latest | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
03:52 clintberry joined #salt
03:53 rbjorklin joined #salt
03:55 iggy murrdoc: disagree... checking things on every host by default is one thing... killing jobs on everything is completely different
03:55 iggy it's something you should have to manually target
03:55 _JZ_ joined #salt
03:56 murrdoc salt '*' saltutil.kill_job <job id>
03:56 murrdoc salt-run jobs.kill_job <job_id>
03:56 murrdoc is the same thing
03:57 illern joined #salt
03:57 murrdoc the latter is the interface/runner for jobs
03:57 murrdoc so i am not sure why it hshouldnt be able to kill it
03:57 murrdoc it can list, lookup, print a job
03:57 surajd joined #salt
04:03 iggy because looking at stuff isn't destructive
04:04 malinoff iggy, salt-key -d is destructive, but it is there
04:04 murrdoc :D
04:04 murrdoc util is a code smell
04:04 iggy 9/10 you will probably run salt '*' saltutil.kill_job... but that 1 time...
04:05 murrdoc everything in util should end up under sensible modules
04:05 murrdoc instead of saltutil which is a catch all
04:05 iggy if you only need to kill stuff running on 1 host, you can't do that with salt-run
04:05 malinoff murrdoc, there must be salt \* saltutil.make_me_happy :)
04:05 murrdoc there should be a jobs module
04:06 murrdoc i like this malinoff person
04:06 murrdoc +1
04:06 iggy I'm not going to argue that point (jobs module), but I don't think killing jobs is a runner type job
04:06 malinoff and ':)' should be the only required argument
04:06 jhujhiti figured it out - G@ip_interfaces:bond0:*
04:06 murrdoc there you go jhujhiti
04:07 murrdoc i could have told u that
04:07 murrdoc but this was more fun :D
04:07 jhujhiti had to read the subdict_match code though
04:07 jhujhiti cheers for docstrings
04:07 pravka joined #salt
04:07 murrdoc yay
04:07 jhujhiti aww, it doesn't seem to support globbing on substring though
04:07 jhujhiti i can't G@ip_interfaces:bond*:*
04:08 Hell_Fire joined #salt
04:10 Hell_FireW joined #salt
04:11 murrdoc this makes me sad
04:11 murrdoc i have a clean: True in a file.directory
04:11 murrdoc but i cant use require_in to tell the directory to not nuke shit
04:12 jhujhiti use makedirs: True on the required state
04:12 jhujhiti it's dumb - i just ran into it too
04:12 murrdoc makeDirs:true ?
04:12 murrdoc the dir exists already
04:12 jhujhiti doesn't matter
04:12 murrdoc i have multiple states to setup files in /etc/apt/sources.list.d
04:13 murrdoc using pkgrepo.managed and file.exists to create files
04:13 jhujhiti mine is working with the file with makedirs: true and require_in: directory, and directory has clean: true
04:13 murrdoc thats just wrong
04:13 pravka joined #salt
04:13 murrdoc trying it out
04:13 jhujhiti only way i could get it to work :(
04:14 murrdoc not your bad
04:14 murrdoc but that makes nose
04:14 murrdoc no sense
04:15 murrdoc doesnt work
04:16 murrdoc jhujhiti:  https://gist.github.com/puneetk/7acf05c64a599d341277
04:16 murrdoc no workie
04:17 enarciso joined #salt
04:17 jhujhiti makedirs goes on file.managed
04:17 enarciso joined #salt
04:24 conan_the_destro joined #salt
04:28 thehaven joined #salt
04:29 TyrfingMjolnir joined #salt
04:33 enarciso_ joined #salt
04:33 TyrfingMjolnir joined #salt
04:35 enarciso joined #salt
04:42 nesv joined #salt
04:42 chandankumar joined #salt
04:47 druonysus joined #salt
04:47 druonysus joined #salt
04:52 druonysus joined #salt
04:52 yomilk joined #salt
04:53 druonysus joined #salt
04:53 druonysus joined #salt
04:54 Hell_FireW joined #salt
04:55 druonysuse joined #salt
04:55 druonysuse joined #salt
05:02 illern joined #salt
05:02 TyrfingMjolnir joined #salt
05:03 enarciso joined #salt
05:03 enarciso joined #salt
05:13 yomilk joined #salt
05:17 JoshuaX joined #salt
05:24 dharper_ii joined #salt
05:25 Deevolution joined #salt
05:32 [1]dharper_ii joined #salt
05:41 MTecknology Really? Not a single person gave any feedback to my session? ... :(
05:41 chandankumar joined #salt
05:57 preachermanx MTecknology: Which session was yours?
05:58 preachermanx MTecknology: Just now watching some of the videos
05:58 TyrfingMjolnir joined #salt
06:01 JoshuaX joined #salt
06:04 MTecknology are they up now?
06:04 MTecknology From Chaos to Order
06:04 santosh_ joined #salt
06:06 preachermanx MTecknology: Yeah they put them up earlier.
06:06 MTecknology linky?
06:06 preachermanx https://www.youtube.com/channel/UCpveTIucFx9ljGelW63-BWg
06:06 santosh_ hi
06:06 illern joined #salt
06:07 preachermanx santosh_: greetings
06:07 santosh_ I want to setup solt
06:07 santosh_ on my network
06:07 santosh_ can u guide me ?
06:08 preachermanx santosh_: Sadly I can not.  I can reccomend http://docs.saltstack.com/en/latest/topics/tutorials/walkthrough.html
06:09 preachermanx It is really quite straight forward and easy to do.
06:09 preachermanx Night all.
06:09 MTecknology preachermanx: they must not all be out there yet
06:09 MTecknology I can't wait to nit pick everything I did wrong! :D
06:09 preachermanx MTecknology: i think they are still adding them to the playlist
06:09 santosh_ checking
06:10 MTecknology thanks for the link! :D
06:10 refnode_ joined #salt
06:10 MTecknology g'night to you as well
06:11 santosh_ ok
06:16 f4lse joined #salt
06:18 viq joined #salt
06:23 looped joined #salt
06:25 yomilk joined #salt
06:27 looped hi, im having some consistency issues with using salt mine to retrieve the group of nodes in a role. The problem only appears when nodes that were registered in the group have 'gone away'. Basically the minions report old nodes that are no longer present. (im using salt.mine.get network.ip_addrs with a role:X grain match)
06:27 fkobzik joined #salt
06:27 looped has anyone seen this type of issue before?
06:28 looped for reference I'm using 2014.7.1 (Helium)
06:32 spicyWith joined #salt
06:37 krelo joined #salt
06:38 yuhl_work_ How can I do to run a script only if the scipt has never run and if the files that it modifies get changed by the sysadmin on the machine
06:38 yuhl_work_ I did not saw on the files module something to hook up on a change of the file'
06:39 nesv yuhl_work_: Create another file somewhere safe (e.g. not /tmp) that indicates the script has been run before.
06:40 yuhl_work_ nesv: ok, so I do not rely on some salt's engine !
06:40 nesv Hmm?
06:40 yuhl_work_ nesv: Do you think that such a feature could be a good idea
06:41 nesv yuhl_work_: I just want to make sure I understand what you're hoping to achieve: you want to run a script ONLY if it has never run before?
06:41 yuhl_work_ nesv: It could be cool to have a file.changed and have a cmd.waitscript which listen on files.modified
06:41 yuhl_work_ nesv: not only
06:42 yuhl_work_ nesv: or if the file that get modified by the salt script (eg: fstab) do not get changed manually (a vim of a sysadmin for example)
06:44 yuhl_work_ in my situation, I want to be sure thas certain line of the fstab get special option.
06:45 yuhl_work_ and as a sysadmin can modify later, add a new line for example, I'd like salt to be able to run on the modified /etc/fstab.
06:45 nesv yuhl_work_: Do you maybe want something like this? http://docs.saltstack.com/en/latest/ref/states/all/salt.states.file.html#salt.states.file.line
06:45 yuhl_work_ ok that seems interesting
06:46 yuhl_work_ I get a look to it
06:54 pdayton joined #salt
06:58 stoogenmeyer joined #salt
07:00 colttt joined #salt
07:00 pdayton left #salt
07:01 stoogenmeyer joined #salt
07:04 AndreasLutro joined #salt
07:06 favadi left #salt
07:06 cmb joined #salt
07:11 KermitTheFragger joined #salt
07:12 illern joined #salt
07:14 yuhl_work_ nesv: thanks for the idea, but I'm a bit reluctant to use salt.states.file.line as my need is to only add options "noatime,barrier=0" to line in fstab /oracle/XXX, /oracle/XXX/origlogA /oracle/XXX/origlogB where XXX represents 3 letter used as an identifier by oracle (eg: TST, DEV, PRD)
07:15 yuhl_work_ and doing so with regex could be hard, I've done it with a mix of augtool (augeas) and bash script
07:20 illern joined #salt
07:26 otter768 joined #salt
07:26 Novtopro_ joined #salt
07:32 Novtopro_ joined #salt
07:36 DimentR joined #salt
07:37 yuhl_work_ what I do not understand with salt is: can I use salt on some fields (eg: pkg, some files) and take action not only on configuration from salt server but take some configuration on the state of the machine. For example,how do I do to tell salt to install open-vm-tools on any machine except the one that already have the native vmware-tools
07:38 dopesong joined #salt
07:38 DimentR left #salt
07:39 DimentR joined #salt
07:39 dopesong_ joined #salt
07:39 badon_ joined #salt
07:45 baoboa joined #salt
07:45 __gotcha joined #salt
07:48 johtso joined #salt
07:49 andreyst joined #salt
07:52 refnode_1 joined #salt
07:54 danee hi guys, does anyone know how to use the orchestration stuff with the REST API?
07:54 Virgil_Schiev joined #salt
07:55 danee I'm currently trying: curl -ksi -XPOST -H"Accept: application/json" -H"X-Auth-Token: ..." http://localhost:8000 -d client='local' -d expr_form="list" -d tgt='master.novalocal,slave.novalocal' -d fun='state.orchestrate' -d arg='basic_cluster.orchestrate'
07:55 danee i've tried changing the 'client' to 'wheel', but that just results in a 401 all the time
07:55 danee on a user that has .* permissions
07:56 danee running normal states works fine, i just need to be able to run the orchestration stuff through the API
07:57 favadi joined #salt
08:01 pf_moore joined #salt
08:04 linjan joined #salt
08:06 dfduran joined #salt
08:07 danee ah, hang on, think i've figured it out - the access controls for master commands aren't included in the '.*' permissions, after adding '@wheel' and '@runner' I'm getting different errors. progress! will continue prodding until it works
08:08 eseyman joined #salt
08:14 lb1a joined #salt
08:16 dRiN joined #salt
08:18 danee well, now I'm getting this and I'm not sure where I'm going wrong: http://pastebin.com/5FxwEkR4
08:25 chandankumar joined #salt
08:30 wincyj joined #salt
08:33 joshin joined #salt
08:33 joshin joined #salt
08:47 ktosiek joined #salt
08:49 intellix joined #salt
08:53 JoshuaX joined #salt
08:59 dopesong joined #salt
09:00 illern_ joined #salt
09:03 ckao joined #salt
09:04 _ale1_ joined #salt
09:08 dopesong_ joined #salt
09:09 surajd joined #salt
09:09 trikke joined #salt
09:15 Xevian joined #salt
09:27 otter768 joined #salt
09:32 Garo_ I have one Cmd.run which depends that a previously launched service has had enough time to start. The most accurate way would be to poll the port until it answers but how I can tell a state (like Cmd.run) that it can't execute before this?
09:35 __gotcha joined #salt
09:35 JayFK joined #salt
09:38 istram joined #salt
09:45 paulm- joined #salt
09:51 kwork joined #salt
09:51 tzero joined #salt
09:51 ndrei joined #salt
09:52 LeProvokateur joined #salt
09:58 jhauser joined #salt
10:06 peters-tx joined #salt
10:10 bluenemo joined #salt
10:10 bluenemo joined #salt
10:11 ndrei joined #salt
10:12 aquassaut joined #salt
10:14 denys joined #salt
10:19 giantlock joined #salt
10:19 vamsee joined #salt
10:20 intellix joined #salt
10:29 redzaku joined #salt
10:33 refnode joined #salt
10:36 VSpike SheetiS: got it working, finally. A few errors on my part (using password instead of password_hash in my mysql_user.present states didn't help)
10:37 catpig joined #salt
10:42 amcorreia joined #salt
10:46 paulm-- joined #salt
10:46 ndrei joined #salt
10:49 N-Mi_ joined #salt
10:52 ndrei joined #salt
11:02 ndrei joined #salt
11:02 egil I have an issue trying to use gitfs_remotes. Seems it won't use the URL because we have a custom port. Can anyone confirm that?
11:04 Grokzen joined #salt
11:05 istram joined #salt
11:05 flebel joined #salt
11:07 ndrei joined #salt
11:07 giantlock joined #salt
11:10 malinoff joined #salt
11:10 evle1 joined #salt
11:12 ndrei joined #salt
11:19 ndrei joined #salt
11:22 bhosmer joined #salt
11:24 ndrei joined #salt
11:28 otter768 joined #salt
11:30 hobakill joined #salt
11:30 chandy joined #salt
11:31 mike25de joined #salt
11:34 badon_ joined #salt
11:40 linjan joined #salt
11:41 yomilk_ joined #salt
11:49 ndrei joined #salt
11:50 linjan joined #salt
11:56 bhosmer joined #salt
11:57 chandy joined #salt
11:58 AirOnSkin joined #salt
11:59 AirOnSkin The docs have a CLI example (http://docs.saltstack.com/en/latest/ref/runners/all/salt.runners.jobs.html): salt-run jobs.lookup_jid 20130916125524463507 outputter=highstate
11:59 wincyj joined #salt
11:59 AirOnSkin This command however returns: The following keyword arguments are not valid: {'outputter': 'highstate'}
11:59 AirOnSkin Am I doing something wrong?
12:01 SheetiS VSpike: glad you got everythnig working :)
12:03 AirOnSkin Oh, SheetiS. I've read your blog post: Beyond Grains: Roles with an External Pillar... Very nice!
12:04 AirOnSkin Helped me a lot when setting up my own Salt management
12:06 SheetiS AirOnSkin: Glad to share :)
12:07 AirOnSkin SheetiS: What I didn't understand though, was why you use external Pillars. Couldn't you use "normal" Pillars as well for that setup?
12:08 redzaku joined #salt
12:11 redzaku joined #salt
12:14 SheetiS AirOnSkin: I suppose I could with some Jinja doing some of the logic.  My thoughts were next-steps with it.  Eventually I'd like to move the roles into something like a mongo db so that I can make them selectable via an extension to something like https://github.com/tinyclues/saltpad.
12:15 SheetiS Additionally with salt 2015.2, this is added:  http://docs.saltstack.com/en/latest/ref/configuration/master.html#ext-pillar-first.  That will allow me to use the external pillar to make decisions in the pillar sls files.
12:15 fredvd joined #salt
12:17 AirOnSkin SheetiS: I see. My thoughts go in a similar direction, but I'm still quite new to Salt and we'd like to go productive with it in the next weeks. I'll keep that in mind.
12:18 AirOnSkin SaltPad looks good, by the way. I wanted to write a WebUI myself for creating minion configurations (essentially a Pillar file) but that will be another project for the future
12:19 SheetiS If you want something full featured for that type of thing, you might looke at http://theforeman.org/plugins/foreman_salt/2.0/
12:21 SheetiS I've not gone that way, but I think several people around here do use theforeman.
12:23 AirOnSkin It does indeed look nice, but I'm not sure if we'll need a(nother) full-featured app. Anyway, thanks for the tip. :)
12:23 JDiPierro joined #salt
12:25 elfixit joined #salt
12:29 surajd joined #salt
12:30 _JZ_ joined #salt
12:32 hummer_ joined #salt
12:34 cmcmacken joined #salt
12:37 TaiSHi Is there any way to run commands on master -after- a state has finished ?
12:37 devweasel joined #salt
12:38 piv joined #salt
12:39 Auroch joined #salt
12:40 Ahlee reactor comes to mind
12:42 surajd joined #salt
12:42 dillbilly joined #salt
12:43 TaiSHi Ahlee: I though it might be a runner, but not sure how can I fit those into a state
12:43 Ahlee right, runners execute on the master, so you're correct
12:43 Ahlee and you can trigger your runner to execute via the reactor watching for the event indicating your state has completed (i think)
12:43 Ahlee i'm 98ish% sure you can run runners via reactor
12:44 TaiSHi I was just reading reactors examples, need to dig further on the docs
12:44 TaiSHi And you're 100% right :P
12:45 TaiSHi Thanks for pointing me out to it
12:45 Ahlee I use salt-api to trigger my items, so I just have a second call to run the runner after my state calls finish
12:45 Ahlee ONe day I"ll look into using the reactor for that, too :)
12:45 Ahlee or by then probably engines/beacons
12:45 sunkist joined #salt
12:46 TaiSHi I'm interested in salt-api, but I have yet a long way to go
12:46 TaiSHi You do an API call from the minion ?
12:46 Ahlee I mean the netapi, the RESTful interface that sits on the master
12:48 cmcmacken joined #salt
12:50 TaiSHi I do want something like that so some users can fire up events from a web interface
12:51 denys joined #salt
12:53 __gotcha joined #salt
12:55 JoshuaX joined #salt
12:55 subsignal joined #salt
12:57 yomilk joined #salt
12:59 JDiPierro joined #salt
13:00 jerematic joined #salt
13:02 yomilk joined #salt
13:08 cpowell joined #salt
13:08 rypeck joined #salt
13:12 aqua^mac joined #salt
13:13 evilgenius joined #salt
13:13 vamsee joined #salt
13:14 Tecnico1931 joined #salt
13:15 evilgenius How can I ensure that my environment state is run before all other states without adding a require entry to every single item in my sls's?
13:16 TaiSHi evilgenius: do a require_in in your environment state
13:16 TaiSHi Also, iirc, states are ran in the order they're defined, although don't take my word for it
13:17 SheetiS using require or require_in will totally fubar an ordered run so that you cannot determine the order any longer.
13:17 jdesilet joined #salt
13:19 SheetiS http://docs.saltstack.com/en/latest/topics/tutorials/states_ordering.html talks a little bit about some of the concepts for ordering.
13:20 evilgenius That's good to know.
13:20 evilgenius So if I put the environment states first then I'll have nothing to worry about
13:20 TaiSHi Will read about it too
13:20 TaiSHi Well, you have plenty to worry about I'm sure :P
13:21 evilgenius Is there a way to reverse file.append and remove the appended text?
13:21 evilgenius TaiSHi: Too much
13:21 AirOnSkin I have a minor problem I don't know how to solve with Salt. I recursively transfer a set of yum repository files to my minions (some of them have the option enabled=0 set) and afterwards I replace a line within the repo file (s/enabled=0/enabled=1/). Now, when I initiate a highstate, the files that changed are transfered again and the line is replaced again
13:21 TaiSHi Well, search="pattern\n" replace=""
13:21 AirOnSkin As you can see here: http://hastebin.com/ceyekixoda
13:22 TaiSHi AirOnSkin: why not use a map instead of a file ?
13:22 AirOnSkin TaiSHi: What's a map in this scenario?
13:23 TaiSHi Let me point you to an example, it'll be much easier to understand than me :P
13:24 TaiSHi https://github.com/saltstack-formulas/nginx-formula/blob/master/nginx/ng/config.sls
13:24 TaiSHi Wasn't maps, but templates
13:25 TaiSHi Then you can set enabled={{ repo.lookup.enabled }}
13:25 aqua^mac joined #salt
13:25 SheetiS file.managed with a template is better than a recurse+replace.  For repos, I prefer pkgrepo.managed over that though.
13:25 TaiSHi ^ that is a much easier solution
13:26 AirOnSkin Ah... So I could use a jinja template inside the repo file to decide if it's enable=0 or enabled=1
13:26 TaiSHi Yes
13:26 perfectsine joined #salt
13:28 SheetiS AirOnSkin: Here is an example of pkgrepo.managed that I use for my internal yum repo: https://bpaste.net/show/8c17e39305ef
13:28 ekristen joined #salt
13:29 otter768 joined #salt
13:30 AirOnSkin SheetiS: I knew about the pkgrepo.managed state, but we decided against it since our repo/mirror server generates the files already and we want them to be in sync. But maybe I could work with the generated repo files, extract its information and create a state out of it oO
13:31 overyander is there anything special i'm supposed to do when using autosign? my test minion is giving the following error. http://pastebin.com/sLqtgTLV  in salt-key, the key shows as accepted.
13:31 timoguin joined #salt
13:35 yomilk joined #salt
13:35 SheetiS AirOnSkin: I started with a config that I made for my repo and converted it to a pkgrepo.managed.  You could still do a file.managed with a template and it would work the same.  I like the fact that the pkgrepo is less total 'stuff' in my salt states to get to the same place personally.
13:36 chandankumar joined #salt
13:36 SheetiS That being said, I think as long as it works and you're ok with it, go with it.  One of the greatest things about salt is its flexibility to meet one's needs.
13:36 cheus joined #salt
13:38 AirOnSkin SheetiS: And I just realized that all of your repo files contain 'proxy=_none' ... something that I can't do with pkgrepo.managed. I'll stick with a condition inside the files for now.
13:39 SheetiS :)
13:42 diegows joined #salt
13:45 primechuck joined #salt
13:46 timoguin joined #salt
13:48 Twiglet So, updating a user's group memberships doesn't seem to work if that user has already been greated...
13:48 Twiglet created*
13:50 numkem how long should it take for minion that are gone to not appear in grains/mine?
13:52 JayFK joined #salt
13:53 CMI joined #salt
13:56 overyander anybody in here use autosign?
13:57 TaiSHi numkem: you have to delete cache manually, or if you use salt-cloud you can use flush data on delete
13:58 ADPer joined #salt
13:59 numkem TaiSHi: I found that I can use the cache runner but now for some reasons doing something like salt-call mine.get 'kernel:Linux' backend_ip_addr grain only returns me data of the minions that no longer exists
13:59 clinta left #salt
14:00 TaiSHi Hmm, I have no idea on that lol
14:01 andrew_v joined #salt
14:04 overyander what causes a minion key to be placed in minions_denied?
14:06 chandy joined #salt
14:06 bmac2 it was a bad minion?  Needing punishment?
14:07 rojem joined #salt
14:09 eichiro joined #salt
14:09 yannisc1 joined #salt
14:11 eichiro joined #salt
14:12 yannisc1 any ideas on how to configure salt-minion running on a service (RHEL 6) in an environment that requires http proxy (tried setting http_proxy in profile, /etc/environment - to no avail). I get failures doing package install using state.sls.
14:13 debian112 joined #salt
14:14 numkem Yeah I think I found a bug... Looking at the the mine data itself it seems like only contains the right things but for some reasons if I target using grain, I only get data from minions that are gone
14:17 rubenb joined #salt
14:17 numkem yannisc1: your proxy config should be in /etc/yum.conf instead
14:17 numkem yannisc1: something like proxy=http://10.0.0.0:3128
14:17 __ale__ joined #salt
14:19 _ale1_ joined #salt
14:21 renoirb joined #salt
14:21 dyasny joined #salt
14:22 samnmax joined #salt
14:22 Brew joined #salt
14:23 Heartsbane joined #salt
14:23 Heartsbane joined #salt
14:23 Furao joined #salt
14:24 yannisc1 numkem: thank you so much. That worked fine
14:25 numkem yannisc1: yw
14:25 hojgaard joined #salt
14:27 zwi joined #salt
14:27 perfectsine joined #salt
14:30 kaptk2 joined #salt
14:38 jalbretsen joined #salt
14:38 JDiPierro joined #salt
14:43 samnmax I am having a problem with a custom state and module.  (salt 2014.7.2)  I'm using salt-cloud to bootstrap a vm, which runs successfully.  If I run "salt vm saltutil.sync_all" and then ssh into the vm I can see the custom state and module files in /var/cache/salt/minion/files and /var/cache/salt/minion/extmods.  However, when I run state.highstate the first time, the custom state fails to find the custom module, failing with a KeyError.  When I run state.hig
14:43 samnmax hstate a second time, it works fine.  Anybody have any ideas?
14:43 JoshuaX joined #salt
14:44 clintberry joined #salt
14:46 johnkeates joined #salt
14:46 samnmax I'm calling the custom module from the custom state with __state__['module.method'](args...) and the first time it fails with KeyError for 'module.method'
14:46 Nazca joined #salt
14:46 ctrlaltelite joined #salt
14:46 ctrlaltelite left #salt
14:46 CMI hi, got a question regarding the tls module, method : create_self_signed_cert. This method seems to set no subjectKeyIdentifier (ca methods do that). But software, like bacula needs subjectKeyIdentifier within certs. Is there a reason, why create_self_signed_cert does not include this, or any way to get this working within the module tls?
14:48 wincyj joined #salt
14:49 duffolonious joined #salt
14:50 nesv joined #salt
14:53 primechuck joined #salt
14:56 chandankumar joined #salt
14:57 ALLmightySPIFF joined #salt
14:57 chandankumar joined #salt
14:58 perfectsine_ joined #salt
14:58 ek6 joined #salt
15:00 theologian joined #salt
15:03 surajd joined #salt
15:03 ctrlaltelite joined #salt
15:04 ctrlaltelite left #salt
15:06 chandy joined #salt
15:10 bluenemo joined #salt
15:12 babilen samnmax: You have to sync your modules first and restart the minion I guess
15:12 babilen samnmax: http://docs.saltstack.com/en/latest/topics/reactor/#syncing-custom-types-on-minion-start might be an idea
15:13 sander_____ joined #salt
15:13 babilen (restarting is probably not actually necessary)
15:14 scbunn joined #salt
15:14 samnmax hmm I will try it, though as I mentioned, I did manually run sync_all before running highstate to verify that the custom code was copied to the minion
15:17 johnkeates joined #salt
15:19 StDiluted joined #salt
15:23 cheus joined #salt
15:27 mikaelhm joined #salt
15:29 otter768 joined #salt
15:31 samnmax babilen: thanks for the suggestion but it didn't make a difference :(
15:38 refnode_ joined #salt
15:39 babilen samnmax: Does restarting the minion after the initial sync_all change it?
15:41 kusams joined #salt
15:41 thedodd joined #salt
15:42 kusams Hi i am getting this error when i am trying to install "wget -O - https://bootstrap.saltstack.com | sh -s -- -P git v2014.7.0" can any one help me with this issue
15:42 kusams wget -O - https://bootstrap.saltstack.com | sh -s -- -P git
15:42 kusams Package git-2.1.0-1.38.amzn1.x86_64 already installed and latest version
15:42 kusams Nothing to do
15:42 kusams *  INFO: Git revision matches a Salt version tag
15:42 kusams *  INFO: Attempting to shallow clone v2014.7.0 from Salt's repository git://github.com/saltstack/salt.git
15:42 kusams Cloning into 'salt'...
15:42 kusams fatal: unable to connect to github.com:
15:43 kusams github.com[0: 192.30.252.128]: errno=Connection timed out
15:43 kusams *  WARN: Failed to shallow clone.
15:43 klj joined #salt
15:43 kusams *  INFO: Resuming regular git clone and remote SaltStack repository addition procedure
15:43 * babilen hands kusams one http://refheap.com
15:43 babilen kusams: Please don't paste into IRC channels
15:43 kusams ok
15:43 klj joined #salt
15:44 klj joined #salt
15:44 Andre-B joined #salt
15:44 JoshuaX joined #salt
15:45 klj joined #salt
15:45 babilen kusams: Looks as if the box you are working on has troubles connecting to github
15:46 johnkeates joined #salt
15:48 toastedpenguin joined #salt
15:48 refnode_1 joined #salt
15:48 toastedpenguin left #salt
15:48 iggy samnmax: you could try a "saltutil.sync_all:\n  module.run:\n    - reload_modules: True" early in your highstate (vs the standalone sync_all + highstate + highstate)
15:49 kusams_ joined #salt
15:49 babilen iggy: Isn't sync_all already doing that? (the reloading part)
15:49 iggy apparently not if he's getting key errors on first highstate
15:50 kusams joined #salt
15:50 samnmax what should I really be looking for?  If I manually run sync_all and the custom state/module files show up in /var/cache/salt/minion/extmods is that insufficient?
15:50 iggy or maybe saltutil.sync_all + saltutil.refresh_modules + highstate
15:50 babilen Sure, it is highly indicative, but we are using custom execution modules on new boxes and the reactors work fine after the initial sync_all run
15:51 iggy samnmax: not necessarily
15:51 babilen samnmax: If it shows up it only means that it has been copied, not necessarily that the salt dictionary has been monkey patched
15:51 samnmax ah hmm.  what monkey-patches the salt dict then?
15:52 iggy samnmax: try this (to narrow down where things are falling over): spin up new minion, saltutil.sync_all, custommodule.function, saltutil.refresh_modules, custommodule.function
15:52 babilen A minion restart should definitely work, a reload_modules too, but you haven't tried either
15:52 samnmax iggy: ok will try...
15:52 iggy I suspect your custommodule.function won't work until after the refresh_modules (and I also suspect that is a bug)
15:53 samnmax babilen: I haven't tried a minion restart, primarily because that would defeat automation, wouldn't it?
15:53 babilen samnmax: No, but it is an additional data point
15:53 iggy that would be a heavy handed way of doing refresh_modules (and a bunch of other stuff)
15:53 iggy but as babilen says... it's a data point to narrow things down
15:53 conan_the_destro joined #salt
15:54 samnmax ok
15:54 babilen If refresh_modules does the trick then you can trigger that via reactors (just like sync_all), but that would a bug. A sync_all should include sync_modules which should refresh the modules
15:54 samnmax I'll try refresh_modules first
15:55 babilen "asyncrhonously" hurts my brain :D
15:56 babilen Okay, I'm out
15:56 babilen Good luck and see you guys tomorrow
15:59 bhosmer joined #salt
16:00 samnmax iggy: after running saltutil.refresh_modules on a fresh vm, "salt vm module.method" returns "'module.method' is not available."
16:01 samnmax iggy: after restarting the minion, same result  "'module.method' is not available."
16:01 CMI left #salt
16:01 kusams joined #salt
16:02 dalexander joined #salt
16:02 iggy samnmax: did you do the sync_all first?
16:02 samnmax iggy: yes
16:03 iggy are the files in the cache on the minion?
16:03 perfectsine joined #salt
16:04 timoguin_ joined #salt
16:04 samnmax they are there
16:06 giantlock joined #salt
16:07 pravka joined #salt
16:08 surajd joined #salt
16:11 robsavino joined #salt
16:12 __gotcha joined #salt
16:12 scarcry joined #salt
16:12 desposo joined #salt
16:14 pdayton joined #salt
16:14 LostPlanet joined #salt
16:15 LostPlanet thanks for any help , i am wondering if there is a best practice way of setting up apache host file. like i use file.managed to put the conf file into the /sites-available folder (debian / ubuntu), but is there a way to make it live ?
16:16 LostPlanet for example the command a2ensite would make a symbolic link in /sites-enabled
16:16 LostPlanet maybe i should just do taht in a salt state definition then ?
16:16 AirOnSkin Hmm... once a network interface is configured with salt.states.network.managed then removed from Salt, it stays on the host. You have to execute ifdown AND delete the file it created... Or is there a way to have them deleted after they're removed from Salt?
16:16 Auroch joined #salt
16:17 JoshuaX joined #salt
16:18 robot_hands LostPlanet: im not expert, but if it was me, I'd consider doing a cmd.run with the a2ensite command, with an unless requisite checking the file in /sites-enabled exists
16:18 kormoc joined #salt
16:18 robot_hands LostPlanet: that way it will only run if the site is not in /sites-enabled
16:18 iggy LostPlanet: you can also look at how the apache-formula handles it... might give you some ideas
16:18 siddc joined #salt
16:19 AirOnSkin robot_hands: I believe you could also do this with: http://docs.saltstack.com/en/latest/ref/states/all/salt.states.apache.html
16:19 kormoc joined #salt
16:19 iggy AirOnSkin: file.absent?
16:20 robot_hands AirOnSkin: sure, that looks reasonable. doesnt have any mechanism for symlinking sites-available and sites-enabled though if you are using Ubuntu/Debian with that filepath structure
16:20 iggy AirOnSkin: there's not a salt.states.network.unmanaged (or whatever)... might make for a good feature request
16:20 robot_hands AirOnSkin: at least, in that example, might be worth reading up on though for sure
16:21 siddc While using the cmd.run module to execute commands against minions, is there any way to parse the arguments and prompt the user if a command is being run against a live environment?
16:21 iggy everything else in salt has present/absent managed/unmanaged corollaries
16:21 neogenix joined #salt
16:22 iggy siddc: what's a live environment? (iow, no)
16:22 siddc iggy: Production environment.
16:22 iggy samnmax: if you run 2x highstates does it work now?
16:23 AirOnSkin iggy: The thing is, these interfaces are created dynamically from Pillar data via a for loop... so, the file.absent would need to be dynamic as well (reading the same Pillar data)... right?
16:23 iggy siddc: that was a rhetorical question
16:23 robot_hands LostPlanet: theres an example of the cmd.run/unless way on this page http://docs.saltstack.com/en/latest/ref/states/highstate.html . might be worth reading up on the link that AirOnSkin gave too
16:23 iggy AirOnSkin: suppose so
16:23 siddc iggy: Ah, the joys of text chatting :D
16:24 siddc iggy: Is there any way to enforce some kind of gates at all?
16:24 igorwidl joined #salt
16:25 iggy siddc: write your own salt scripts? shell aliases? be careful?
16:25 KyleG joined #salt
16:25 KyleG joined #salt
16:25 AirOnSkin iggy: Do you have a suggestion on how to do that? "Remove any interface that isn't in salt['pillar.get']('add_nw_if')" ...
16:26 siddc iggy: Yeah, that was my solution but that gets tricky and dirty real fast. Thanks though
16:29 iggy AirOnSkin: not really? I mean I've never really messed with that state, so never had to deal with that kind of situation
16:30 AirOnSkin Alright, np :)
16:30 spookah joined #salt
16:31 iggy siddc: feature request? but at some point... you have to trust people to not make mistakes or take away their toys (or fire them if they constantly make mistakes)
16:31 dalexander joined #salt
16:32 v0rtex is it known/expected behavior that if I run e.g. "salt someminion test.ping" from a main/super master where it is proxied through a syndic master that once I get a return from the minion it would wait for around 15 seconds before the CLI exits?
16:32 v0rtex when I run the same from the syndic master the CLI exits immediately
16:32 smcquay joined #salt
16:33 iggy I think it's known
16:33 ipmb joined #salt
16:34 xMopxShell joined #salt
16:34 iggy the mom has to wait for the syndic's timeout and it's (or something like that.... it was explained at saltconf but I didn't pay much attention because I don't use syndic's)
16:34 aparsons joined #salt
16:35 evilgeenius joined #salt
16:35 v0rtex iggy: ahh, do you recall which saltconf talk it might have been?
16:36 v0rtex it's not a big deal but I do like to understand what's going on at least
16:36 evilgeenius I'm using archive.extracted but I get the message /usr/local/src/ already exists.  What am I doing wrong?  xebazokl6
16:36 evilgeenius http://hastebin.com/erabotaqab.sm
16:37 yomilk joined #salt
16:38 iggy I want to say it was one of the tech talks by cachedout (mike place)... I don't think those are available yet
16:38 v0rtex evilgeenius: if that path already exists it is assuming the archive was already extracted
16:38 tkharju joined #salt
16:39 v0rtex evilgeenius: you could add if_missing: /usr/local/src/nginx-1.4.1
16:39 evilgeenius v0rtex: ah... thanks!
16:39 iggy evilgeenius: you probably want to use the if_missing option
16:40 Gareth morning morning
16:40 iggy I almost had a good example to show you, but I'm waiting to push my changes to the salt-formula until some other stuff gets merged
16:40 v0rtex iggy: thanks...whenever they become available I'll have to check it out
16:40 iggy v0rtex: they won't be publicly available (afaik
16:41 iggy v0rtex: you can sign up to get access to them on the saltconf site (but they haven't sent me access to them yet, so I'm guessing they aren't up anywhere yet)
16:41 v0rtex iggy: that's fine - I'll sign up and wait too then :)
16:42 v0rtex I think I recall seeing an email about them going up
16:42 iggy that's the case studies
16:42 iggy the talks by the SSE staff don't look like they'll be in the same place as those
16:42 JDiPierro joined #salt
16:42 iggy go read the page and see if it looks the same to you though
16:43 v0rtex iggy: okay - maybe I saw something on twitter then...I just recall something about some of the videos becoming available
16:43 iggy http://saltstack.com/saltconf15-video/
16:43 iggy "SaltStack tech – SaltConf15 technical talks were delivered by the SaltStack engineering and services teams. Please request access to the video of these presentations and we will be in touch with details."
16:44 v0rtex ahh, that's the link I was looking for
16:44 v0rtex cool
16:44 Narolad joined #salt
16:44 iggy I can understand their reasoning... there's some forward looking stuff that they probably don't want to commit to publicly
16:45 iggy (every major company has verbage about future plans in every press release, etc.)
16:45 v0rtex yeah, that definitely makes sense
16:48 pdayton left #salt
16:48 MatthewsFace joined #salt
16:49 MatthewsFace joined #salt
16:51 bhosmer joined #salt
16:51 bhosmer_ joined #salt
16:52 pravka joined #salt
16:52 johnkeates left #salt
16:52 scarcry joined #salt
16:55 fxhp joined #salt
16:55 prwilson joined #salt
16:56 Narolad Is there a way you can tell a salt-minion to do the equivalent of an echo b?
16:57 hal58th echo b? what's the b
16:57 iggy more context
16:57 iggy much more
16:58 AirOnSkin Does an if statement change depending on if you use Pillar strings or lists?
16:59 hal58th AirOnSkin, any string or lists yes.
16:59 Narolad So, I have a few systems I'm not able to replace, older linux ones, and occasionally they hard lock and we either have to reboot them from the APC or log in directly and run echo b > /proc/sysreq-trigger to force it to kill everything.
17:00 samnmax iggy: I think I have a dependency problem.  Basically my custom module depends on apt and pip installing a couple of things before it's loadable.  I think the minion can't load the modules until after those packages are installed - if I manually install the dependencies and refresh_modules, then I can run module.method and it works
17:00 Narolad One of the linux devices hard locked last night, but I noticed the salt minion was still responding to basic commands, but I couldn't get it to output any cmd.run input.  I tried running system.reboot but I don't think it took.
17:01 AirOnSkin hal58th: would you say that's correct: http://hastebin.com/emabifutij.vala ?
17:01 hal58th Narolad   sudo salt 'target' cmd.run "echo b > /proc/sysreq-trigger"
17:01 prwilson is it possible to set multiple directories for a single environment for pillar_roots:?  like pillar_roots:\n  base:\n    - /path1\n    - /path2\n -- looks like it should be possible as it's a list but it only seems to be reading pillar data from the first list element for me.  2014.7.1
17:01 hal58th sorry, have to run to meeting AirOnSkin
17:01 AirOnSkin No worries
17:02 Narolad hal58th: Is there any other options with any built-in modules? I didn't try init 6.  I was also curious to see if there was any minion log I could pull, but I wasn't sure where those were stored by default.
17:03 iggy samnmax: yeah, that can happen... you should be able to get that all mapped out via reactors and orchestrate calls though (if it's that important... we launched with the understanding that you had to run highstate at least 3 times to get everything in place :/ )
17:04 evilrob joined #salt
17:05 linjan joined #salt
17:05 samnmax iggy: thanks for your help!
17:06 iggy AirOnSkin: {% if 'ius' in salt['pillar.get']('repos') %}
17:06 robot_hands Narolad: the minion log is /var/log/salt/minion by default. might want to turn up the verbosity though, the default doesnt give much information imo
17:07 AirOnSkin iggy: Ah, you have to turn it around with lists... didn't know that. Thanks!
17:07 longzh joined #salt
17:07 Narolad robot_hands: Thanks!
17:07 aparsons joined #salt
17:08 iggy AirOnSkin: yeah, it helps to have a vague understanding of python (jinja uses lots of python constructs)
17:09 AirOnSkin iggy: I'm only starting to learn it... but these things stick once I had trouble with them :)
17:09 iggy Narolad: salt 'bustedminion' file.append /proc/sysreq-trigger b
17:09 Narolad iggy:  Ahh, that might work better.  I'll try that next time.
17:10 rojem joined #salt
17:11 iggy v0rtex: it might have been this one https://www.youtube.com/watch?v=r0NLljxDd1U&amp;list=PL9svBjLDUl_8Cy3BWOfmeWwWgnCc6_eLb&amp;index=7
17:11 wendall911 joined #salt
17:12 dopesong joined #salt
17:12 overyander I keep getting the message "authenticationerror: message authenticate failed". any suggestions?
17:12 overyander tha's in the minion logs
17:12 overyander sometimes i get it, sometimes i don't
17:12 mbrgm left #salt
17:13 Narolad overyander: Does it just happen at random intervals or when a specific action is taken place?
17:13 druonysus joined #salt
17:13 iggy lots of google hits for that error message...
17:14 refnode_ joined #salt
17:14 rojem_ joined #salt
17:15 hal58th Narolad, just like cmd, here are the other built in modules. http://docs.saltstack.com/en/latest/ref/modules/all/
17:15 fdafda joined #salt
17:16 fdafda Hey folks...just getting started with Salt.  Got a few questions...
17:16 Narolad hal58th: Yeah, I looked there to find the system commands. I just never thought to use file.append for my problem.
17:16 itru joined #salt
17:17 fdafda Am trying to deploy an httpd  server but would like to set things like IP and HOSTNAME dynamically in the httpd.conf
17:17 desposo joined #salt
17:17 fdafda Shoulda said 'ListenAddress' and 'ServerName'
17:17 overyander iggy, this seems to have started after i configured autosign. should my minion keys be /etc/salt/pki/master/minions or in /etc/salt/pki/master/minions_autosign ?
17:17 wincyj joined #salt
17:17 iggy overyander: don't know about autosign, sorry mate
17:18 overyander ok, thanks
17:18 Eureka_ @fdafda you can use jinja tempting and grains to accomplish that. Here are some examples. http://docs.saltstack.com/en/latest/topics/tutorials/states_pt3.html
17:18 fdafda thank yoU!!
17:18 Eureka_ Sure.
17:20 overyander which happens first autosign or reactor? i have a reactor to remove keys from master if the minion is trying to use a different key and I have autosign configured to automatically accept the new key after the reactor removes it. this works, but i noticed that those keys end up in minions_denied instead of minions or minions_autosign.
17:20 bhosmer joined #salt
17:21 the_drow joined #salt
17:21 iggy worker_threads: 2 = 8 total threads... really?
17:21 the_drow Does salt have a page where it describes why zeromq as a communication bus is better then X?
17:21 fdafda @Eureka_ - So I think I get the concept of grains in this sense: grains['os'], but I'm wondering how to change an attribute in a conf file to the result of a 'grain'.
17:21 dude051 joined #salt
17:21 iggy the_drow: it's got a lot of information about why raet (0mq's replacement) is better than 0mq
17:22 fdafda Like I say I'm really really new...lol and I can't help thinking I have to do something like 'ServerName = grains['FQDN']' in the httpd.conf
17:22 fdafda Is this correct?
17:22 hal58th iggy, that doesn't seem right... wasn't it 2 threads for pub sub and the rest are worker threads?
17:22 the_drow iggy: that's nice but I'm trying to explain to my bosses why salt is better then chef or ansible
17:22 desposo joined #salt
17:22 hal58th iggy, maybe there are threads for reactor and etc
17:22 the_drow Especially because we're deployed on AWS which has opsworks
17:22 iggy the_drow: A. not ruby B. does a hell of a lot more
17:23 the_drow But they claim that they have opsworks so it integrates better with AWS which is ofcourse bullshit but I need good arguments
17:23 notnotpeter joined #salt
17:23 Eureka_ @fdafda that is one way to do it. If you do it that way you will want to use {{ ServerName }} in the location in the file where you want to have the substitution to happen.
17:23 iggy hal58th: you'd think... it's odd though. It was 8 when I has worker_threads: 3 too... so I think it's just some hard coded minimum or something (that's also an older salt install I have, so it could probably use an update)
17:24 enarciso joined #salt
17:24 iggy the_drow: salt is event-driven... chef (at least, don't know about ansible) is not, it polls
17:25 the_drow Right I forgot about that
17:25 fdafda @Eureka_...okay trying that now. The httpd.conf will be something like ServerName={{ServerName}} ... Is {{ServerName}} defined as a grain for httpd somewhere? Can I assume that Salt has grains for every attribute  in an httpd.conf? That seems wrong
17:26 surajd joined #salt
17:26 evilgeenius Sometimes when I run a salt command nothing happens - i see no ouput.  What's happening here?
17:27 SheetiS fdafda: Salt wouldn't have grains for every attribute in an apache config.  You'd probably want to specify them in pillars.
17:27 fdafda interesting...okay thanks folks.
17:27 Eureka_ @fdafda There are some default grains in salt. You can see them by issuing something like "salt '*' grains.ls" on your salt-master.
17:27 SheetiS fdafda: I typically store my apache config data in a pillar.  This is slicke of part of how I structured my apache24 states btw:  https://bpaste.net/show/185912025e54
17:27 Eureka_ @fdafda You can also see the data that a grain contains with something like "salt '*
17:27 Eureka_ grains.get grainname
17:28 SheetiS once I have better tested everything and expanded it for more than amazon linux, I will probably share it on github.
17:28 Eureka_ SheetiS has the right idea though =) Good idea to store stuff in pillars
17:28 Narolad robot_hands: Wow, you weren't kidding about the default logs being bland.
17:29 Narolad So, I found https://blog.talpor.com/2014/07/saltstack-beginners-tutorial/ which I assume will help.  Is there any other resources I should bookmark while I'm learning?
17:30 fdafda Hm...I'm sorry folks...I'm feeling pretty stupid here....I'm really not able to put together what I want to do...And I can't find a good example...
17:30 otter768 joined #salt
17:31 iggy evilgeenius: your returns are probably timing out... the minions will finish up and return data to the job cache
17:31 evilgeenius iggy: thanks.  how can I access the job cache?
17:31 enarciso joined #salt
17:32 iggy salt-run jobs.*
17:32 iggy http://docs.saltstack.com/en/latest/ref/runners/all/salt.runners.jobs.html#module-salt.runners.jobs
17:33 fdafda My httpd server is being deployed from Salt just fine so far.  But ServerName in the config on the minion is #ServerName www.example.com:80.  I don't want to hardcode a grain with the static name because I might need to make 6 or 10 httpd servers.  I want salt to deploy the minion, then deploy httpd.conf getting the minion's name for that value
17:33 __gotcha1 joined #salt
17:34 iggy take the config file and jinja-ize it, then deploy that jinja-ized version using file.managed
17:34 evilgeenius iggy: Is there a way to see what the active job is doing?  I've looked at /var/log/salt/minion on the machine and there's nothing to see
17:34 Eureka_ @fdafda one thing you may want to look into: https://github.com/saltstack-formulas/apache-formula Otherwise, like iggy says you will need to dive into jinja for your config.
17:34 evilgeenius ... on the machine with the running job
17:34 iggy so that line would be "ServerName {{ salt['grains.get']('nodename') }}:80
17:34 iggy or something similar
17:35 preachermanx I am just experimenting a bit and with ~2000 clients and "salt -s --batch-size=100 \* pkg.install p7zip.x86_64"  Seems to only run on a few nodes.   If I run it again, a few more get done.  Am I doing something horribly wrong or is it just due to the nature of having 2,000 nodes again.
17:35 preachermanx if I run it without batch or -s it just runs on ~10-15 minions and then exits like it is happy, but sadly not all 2,000 have it
17:35 fdafda @iggy - that looks good
17:35 hal58th joined #salt
17:35 LostPlanet thanks robot_hands and AirOnSkin . yea i prefer to just keep the virtual host file in its own file and use file.managed. I think i like the idea of using cmd.run
17:35 iggy evilgeenius: it's actually fairly tough to catch "active" jobs... salt is pretty quick
17:35 evilgeenius iggy: the job is still active... not sure what it's doing
17:35 murrdoc joined #salt
17:36 hal58th I just signed up for the tech videos from salt and got an e-mail with a playlist right away from them. After I confirmed their e-mail subscription. iggy
17:36 evilgeenius iggy: I suspect there's a problem and I'm not sure how to look into it
17:36 iggy preachermanx: post on the mailing list or open an issue... you're not going to find many people in here that have experience with that many minions
17:37 preachermanx iggy: thanks, I have an open github issue with it already but its had 0 traction, will try the mailing list next.
17:37 iggy evilgeenius: salt-run jobs.active -> take that id -> salt-run jobs.lookup_jid <id> (or salt-run jobs.print_job <id>)
17:38 iggy preachermanx: #?
17:38 murrdoc iggy:  https://www.youtube.com/watch?v=UalzJq40xMk that talk is +1
17:38 iggy murrdoc: yes... you've mentioned that... a few times
17:38 murrdoc i am pushing it
17:38 micah_chatt joined #salt
17:38 * murrdoc stops
17:39 chandankumar joined #salt
17:39 LostPlanet left #salt
17:39 * iggy needs to get work done
17:44 fdafda Thanks iggy and eureka, getting a little further ahead here...
17:45 fdafda My high state seems to be close to what I want, but am getting an error...
17:45 fdafda Line one:/etc/httpd/conf.d/httpd.conf:
17:45 alynpost joined #salt
17:45 fdafda Line two:   apache.configfile:
17:45 iggy pastebin
17:45 fdafda Line three:
17:45 iggy or refheap.com or gist.github.com
17:45 fdafda wait...sorry...wha'ts pastern?
17:45 fdafda pastebin?
17:46 iggy use refheap.com for single files, gist.github.com for multiple files
17:46 iggy or gist for everything
17:46 murrdoc gist for everything
17:46 alynpost I'm playing around with salt, today's use case is running apt-get to catch security upgrades.  I want to run the same set of commands on my master as on my slaves.  Should I install salt-minion on my master machine and interact with it that way?
17:47 murrdoc maybe basepi can put that in the title, please use gist.github.com for pastes
17:47 murrdoc alynpost:  yes
17:47 alynpost \o/
17:47 alynpost Appreciate it murrdoc.
17:47 fdafda 98881 iggy...
17:48 fdafda and 98882
17:48 murrdoc i just agreed with you alynpost
17:48 murrdoc :)
17:48 Topic for #salt is now Welcome to #salt | 2014.7.2 is the latest | Please use https://gist.github.com for code, don't paste directly into the channel | Please be patient when asking questions as we are volunteers and may not have immediate answers | Channel logs are available at http://irclog.perlgeek.de/salt/
17:48 alynpost Well that was more helpful that google was being.
17:48 basepi murrdoc: good?
17:49 iggy fdafda: did you look at the example for apache.configfile ? It's a lot longer than your example
17:49 cheus joined #salt
17:49 fdafda ....
17:49 iggy uhoh... who woke him up?
17:50 fdafda Yes, there's more in my init.sls as well...This is just the snippet where I'm trying to configure the ServerName
17:50 murrdoc basepi:  u the best
17:50 murrdoc thanks
17:51 fdafda In the error, the ServerName resolves to what I want, but I really don't know how to read 'Unknown YAML render error'
17:51 evilgeenius Is there an easy way in salt to determine if my Ubuntu is trusty, precise, lucid, wheezy or squeeze?
17:51 iggy fdafda: but the example from the docs doesn't work like yours (you have ServerName all on one line which is certainly not going to work as it's not proper yaml)
17:52 iggy evilgeenius: grains.get lsb_codename
17:52 fdafda ok
17:52 iggy evilgeenius: lsb_distrib_codename sorry
17:53 evilgeenius iggy: thanks! legend.  How come you know so much?
17:53 LtLefse evilgeenius: also try (from the minion) "salt-call grains.items" to see what's available
17:53 iggy I've messed up lots of things
17:53 iggy or salt-call -g
17:54 LtLefse oh hey, didn't see that flag
17:54 rhodgin joined #salt
17:55 evilgeenius iggy: I've just ran 'salt-call -g' but get the error : "[ERROR   ] The Salt Master has cached the public key for this node, this salt minion will wait for 10 seconds before attempting to re-authenticate Minion failed to authenticate with the master, has the minion key been accepted?"
17:56 evilgeenius The minion keys have been accepted
17:56 Ahlee way to restart a service on config change only if it was running? I only want to restart samba if it's running on change, and i don't want it running if it's not already
17:56 iggy doesn't look like it
17:56 Ahlee the config will always be managed for winbind
17:57 SaintAardvark joined #salt
17:57 iggy evilgeenius: salt-call should be run on your minions, not on your master (unless the master is also running a minion... which is more common than people seem to think)
17:57 evilgeenius iggy: ah ok, I was running on the master.  Such a noob
17:57 iggy evilgeenius: as I said.... there's no reason you can't also run a minion on the master
17:58 JordanTesting joined #salt
17:58 Ahlee iggy: i've noticed that too, it not being understood that it's common (and encouraged) to run a minion on the master
17:59 Xiao left #salt
18:00 JoshuaX joined #salt
18:00 iggy well, it's not something that is actively encouraged (Salt wise) until you look at the salt-formula
18:00 iggy but it's not discouraged either... just not really mentioned
18:00 enarciso joined #salt
18:00 scbunn joined #salt
18:04 evilgeenius Is there a way, from the command line, that I can browse the modules and functions? e.g. I'd like to view the functions under jobs.*
18:06 perfectsine joined #salt
18:09 vstoniest joined #salt
18:09 Brew joined #salt
18:10 evilgeenius Can salt make docker useful?
18:10 numkem say I'm running 2014.7.2 and I would like ot have the latest docker module that seems quite different, could I just drop in the module file in the master and be on my way?
18:11 iggy evilgeenius: salt 'minion' sys.doc module|module.function
18:11 iggy evilgeenius: that will show you specifics to that minion
18:12 stooj joined #salt
18:12 iggy evilgeenius: but jobs.* are runners... so you'll have to look at that online: http://docs.saltstack.com/en/latest/salt-modindex.html
18:13 iggy evilgeenius: re: docker being useful... as useful as without salt...
18:13 z3uS joined #salt
18:13 iggy numkem: sometimes
18:13 iggy numkem: sometimes it requires other modules to be updated
18:13 iggy and you end up crawling through a lot of dependencies
18:14 numkem how stable is 2015.2?
18:14 iggy WORKSFORME
18:14 iggy after a lot of changes to our states to fix issues
18:14 Ahlee on a scale of 0.13.2 to 2015.2, it's 2015.2 stable
18:15 iggy certainly better than 0.17.Ahlee
18:15 Ahlee iggy: changes? :(
18:15 timoguin joined #salt
18:16 iggy Ahlee: 2015.2 complains about args that it doesn't understand (vs earlier versions silently ignoring)... and whatever f'ed shell changes they made
18:16 iggy those were the big ones
18:16 Ahlee ah
18:16 Ahlee thanks
18:16 neogenix_ joined #salt
18:16 ek6 iggy: it certainly caused me a few days of 'warning' cleanups
18:16 baweaver joined #salt
18:17 iggy ^ what ek6 said... the first is just warnings... but they are annoying enough that I spent the time to clean them all up
18:18 buMPnet joined #salt
18:18 ek6 I also found some of the warnings irritating... 'i know i dont have my seat belt on..now stfu'
18:20 enarciso joined #salt
18:22 conan_the_destro joined #salt
18:24 iggy yeah, check your logs... it's even worse
18:25 murrdoc joined #salt
18:25 ek6 iggy: oh ffs..think ill save that punch in the nuts until after lunch
18:26 SheetiS heh
18:26 jasonrm joined #salt
18:27 pmcg joined #salt
18:27 iggy "Yes I know the zfs shit isn't installed (because it's shit), no I don't need an error logged about it every 5 seconds"
18:28 ek6 but iggy zfs wants to 'help'  quite a bit obviously
18:28 iggy I'm ready to go make a PR for that module and publicly shame whoever put that in there
18:33 kusams joined #salt
18:35 overyander running a highstate syncs custom modules. if my highstate uses a custom module, will that be synced prior to the module being ran or does it do the sync after the states are finished?
18:36 SheetiS sync occurs first
18:36 SheetiS then the states are run
18:36 overyander ty
18:36 kusams joined #salt
18:37 murrdoc joined #salt
18:40 zmalone joined #salt
18:47 chandy joined #salt
18:48 dopesong_ joined #salt
18:49 Andre-B joined #salt
18:49 thedodd joined #salt
18:50 kusams_ joined #salt
18:52 kusams joined #salt
18:52 enarciso joined #salt
18:54 iggy overyander: but keep in mind the type of situation that someone else ran into earlier... when your custom module needs something that's installed during the highstate it won't be available until later... so you can end up with a chicken/egg situation
18:54 murrdoc joined #salt
18:55 micah_chatt joined #salt
18:58 schristensen joined #salt
19:00 markm joined #salt
19:00 timoguin joined #salt
19:01 kusams joined #salt
19:02 perfectsine joined #salt
19:02 thedodd joined #salt
19:04 SheetiS joined #salt
19:08 __gotcha joined #salt
19:09 denys joined #salt
19:13 prwilson if i do a require: pkg: blah  does blah refer to a physical (deb, rpm) package on the system or to a state that installed the package?
19:14 chandy joined #salt
19:15 iggy prwilson: it's the state_id
19:15 prwilson iggy: ok that's what i thought.  it's confusing as all of the salt examples use the packagename as the state id in order to "simplify" things
19:16 iggy "python-pip:\n  pkg.installed:\n    - name: python3-pip" <-- for that python3-pip would actually get installed, but you'd require "pkg: python-pip"
19:18 krelo joined #salt
19:22 younqcass joined #salt
19:24 ahammond any word about the 2015.2 release?
19:26 iggy it'll be out on the 65th day of February
19:26 lomeroe joined #salt
19:27 murrdoc joined #salt
19:28 enarciso joined #salt
19:28 otter768 joined #salt
19:31 Eureka_ o.0
19:32 cheus Does anyone know a workaround for the minion config requirements of the mysql module? Not a fan of forcing minions to restart mid-state run.
19:33 thedodd joined #salt
19:35 iggy put the config in a pillar instead?
19:35 baweaver joined #salt
19:36 kusams_ joined #salt
19:37 ek6 joined #salt
19:41 cheus iggy, Thanks. Bonehead on my part. I skipped right over the fact that kwargs get passed forward as connection args. I
19:44 dyasny joined #salt
19:48 __gotcha joined #salt
19:50 SheetiS iggy: isn't Feb 65 only 12 days away?  I think you are optimistic :P
19:51 iggy I didn't do the math, so mayhaps
19:53 SheetiS I think we'll see rc2 tagged by the 65th (surprised it is not yet to be honest), but then rc2 will need to be tested and approved before an official release.  Heck 2014.7.3 is already tagged, so there's that.
19:53 ek6 yeah i just saw the 7.3 tag...only 10997 commits behind dev
19:55 enarciso joined #salt
19:58 nexsja^ joined #salt
19:59 linjan joined #salt
20:00 lomeroe is there a trick to passing a dict object to a function parameter in an sls?  using cloud.profile, passing a dict to vm_overrides works as expected on the command line, but when I put it in an orchestration state, it seems to get ignored...I'm likely doing something dumb, but can't seem to see it
20:00 iggy lomeroe: paste code if you can
20:01 lomeroe_ joined #salt
20:02 rojem joined #salt
20:02 XenophonF joined #salt
20:02 XenophonF does salt-cloud support AWS VPC?
20:02 lomeroe_ this works on the command line:  salt-run cloud.profile my_profile my_instanceName vm_overrides="{'size':'n1-standard-2'}"
20:03 XenophonF i'm going through the aws provider config but don't see vpc or subnet specification mentioned
20:03 XenophonF maybe it's a per-profile thing
20:04 ajw0100 joined #salt
20:05 Andre-B_ joined #salt
20:05 enarciso joined #salt
20:06 iggy XenophonF: it is
20:06 iggy lomeroe_: what about your orch file (which is what you said _isn't_ working)
20:07 lomeroe_ yep, working on it, sorry
20:07 lomeroe_ work is blcoking all the paste sites, so doing a workaround
20:07 iggy refheap.com? gist.github.com?
20:08 iggy blocking github would be wild to me these days
20:08 iggy but I could see it
20:09 lomeroe_ cool, refheap works...for some reason gist doesn't on github
20:10 lomeroe_ but I use github all the time...dumb
20:11 markm joined #salt
20:11 lomeroe_ https://www.refheap.com/98884
20:14 iggy I don't see anything wrong with it (your indentation is extra indented where it may not need to be, but with the other line you tried, that shouldn't be a problem
20:16 dopesong joined #salt
20:18 rhodgin joined #salt
20:18 lomeroe_ thanks for taking a look iggy
20:20 alynpost I'd like to run a git-pull on my minions, but to do so I need to authentication with an ssh key.  Is there any way to push my ssh-agent across zmq, or should I focus on salt-ssh for this task?
20:22 iggy I think you'll have to use a passphraseless key, but I'd love if someone said I was wrong
20:22 jdesilet joined #salt
20:22 alynpost In my case I have no keys on the minions at all.
20:22 alynpost but rather have them on the master, running under ssh-agent.
20:22 alynpost and I might typically ssh in to my minion with AgentForwarding and run git from inside that shell environment.
20:22 alynpost The more general question I would have is how do I set environment variables on my minion?
20:23 defenestratexp joined #salt
20:23 alynpost That won't solve my ssh-agent problem as-such, but I do need to figure out how to inject environment variables for other problems too.
20:23 iggy so why do you need to do the git checkout on all of the minions? Just check out whatever files you need into a directory that is a fileserver_root and serve the files from the master to the minions
20:23 alynpost I'm doing it no for historical reasons; you are likely making the better suggestion there.
20:24 iggy you can set env variables on some states (notably cmd.*)
20:24 alynpost that's good enough, excellent.
20:24 iggy Nitin must be off/busy today... none of my formulas PRs have been merged :(
20:25 krelo joined #salt
20:26 yomilk joined #salt
20:27 murrdoc joined #salt
20:28 bash124512 joined #salt
20:32 rojem joined #salt
20:34 overyander how can i clear all the cache on the master? is it ok to just delete everything in the cache dir?
20:34 SaintAardvark so silly newbie question: is state enforcement on a minion meant be done via a cron job (or some such), or does the master periodically contact minions to say "Enforce state now please"?
20:35 murrdoc its up to u
20:35 murrdoc the salt-y way would be to do a schedule pillar
20:35 murrdoc to run a state at a time
20:35 iggy SaintAardvark: when you say "salt '*' state.highstate' the master immediately tells targeted minions to do their job
20:35 murrdoc with —splay
20:36 SaintAardvark murrdoc: okay, didn't know that option existed; thanks
20:36 JoshuaX joined #salt
20:36 iggy the real salty way would be to have your states in git and have a (web)hook that activated a reactor that did a highstate every time you committed to git
20:36 SaintAardvark iggy: so to make things happen automagically, would the expectation be to have a cron on the master to do that?
20:37 iggy ehhh... I don't like automagic
20:37 iggy and we don't run highstate's very often (like maybe once a month)
20:37 SaintAardvark oh!
20:37 iggy so it really depends on your setup
20:38 SaintAardvark I'm thinking about Salt as potentially managing everything, but it sounds like you're using it for much more focused things.
20:38 iggy no, we use it for everything
20:38 iggy we just don't change QA/Prod very often
20:38 SaintAardvark then why only once a month? Don't you risk things getting out of sync?
20:38 SaintAardvark oh, okay
20:39 SaintAardvark I'm used to always-on, every-n-minute runs for whatever config mgt is in place (Puppet, CFEngine, etc)
20:39 baweaver joined #salt
20:39 iggy well, we have reactors that do highstates/etc when a new minion comes up, but as far as highstating everything it's not something we do often
20:39 SaintAardvark huh
20:39 overyander why would salt continuously rotate the AES key of my minions?
20:39 iggy overyander: SECURITY!
20:40 overyander i don't know if this was caused from restarting the master service too many times today or what, but now it just spams that
20:40 seev I don't run highstate very often, I have a base AMI that spins up, grabs a script from S3, and then executes a series of individual states
20:40 seev seems to work ok
20:40 iggy the same reason your browser does... and your wifi does... etc
20:41 SaintAardvark hm; I'm a lot more used to thinking/worrying about drift in systems;
20:41 SaintAardvark but this may be because we're managing machines that are logged into/touched a lot more
20:41 SaintAardvark instead of (say) AWS instances that are fired up, run 'til something's done, then destroyed
20:42 iggy SaintAardvark: that said, I run individual states and highstates on individual hosts in dev constantly... but it's not something that I feel needs to be on a timer... I'll hack on states for 30 minutes, sync up all my work and then run the (high)state
20:42 iggy we don't spin up and down instances that often (yet!), but we don't have !
20:43 iggy we don't spin up and down instances that often (yet!), but we don't have !me logging into systems
20:43 seev the advantage of salt is that you don't need to log in, you just deploy them and relax
20:43 markm joined #salt
20:43 SaintAardvark iggy/seev: fair enough. I'm working on a different scale than I have previously
20:43 iggy ^ the only system that has ssh access to the outside world is the salt-master
20:44 SaintAardvark we have some machines that are touched a lot, but some that are much more isolated
20:44 SaintAardvark so we will probably go for both strategies
20:44 seev although it's a philosophy, SaintAardvark, I have some one-off hosts that are 'unique' and have their own specific states, like a build server and a deployment server, but the real architecture is all autoscaled
20:45 SaintAardvark hm, okay; in that case, I guess you don't have to worry about ensuring that process X is running on a particular box --
20:45 SaintAardvark either it is, or it's not and you're deploying more VMs to take the load
20:45 seev well, there is monitoring also
20:46 SaintAardvark true, but I'm thinking about Salt/other config mgt reacting (or at least taking first initial step)
20:46 seev I would recommend putting a highstate run in /etc/rc.local or equivalent, so it always assembles highstate on boot
20:47 iggy you can do that with a reactor (and not have to maintain your own images)
20:48 SaintAardvark iggy: reactor I know, but not sure what you mean about images
20:48 iggy well, seev's suggestion was to put soemthing like "salt-call state.highstate" in rc.local... that's not really necessary
20:48 iggy that's all I was saying
20:48 SaintAardvark ah, right
20:49 scbunn joined #salt
20:49 seev I do that on QA servers cuz they get shut down overnight, and turned on in the morning
20:49 seev I haven't worked with reactor, so I can't really comment on that component
20:49 iggy it's the bees knees
20:50 murrdoc it is
20:51 nesv iggy: You've been mentioning reactors quite often since I started slumming around in this channel, and I've gotta say, they look damned cool
20:51 chandy joined #salt
20:52 iggy it's kind of like switching from using sleep() and poll() in your programming vs event-driven
20:52 seev oh, interesting, how do you manage sending events from the minion?
20:52 murrdoc event.fire
20:52 iggy there are different ways to fire events (and more on the way... can anybody say Beacons?)
20:53 murrdoc http://docs.saltstack.com/en/latest/topics/event/index.html, http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.event.html
20:53 seev I guess what I mean is, do you use cron jobs?
20:53 iggy murrdoc: ever heard of Beacons?
20:53 iggy seev: no... that's not the point
20:53 murrdoc i saw the presentation
20:53 murrdoc i read the code
20:54 murrdoc i like it
20:54 seev oh, like from a build server that polls git
20:55 iggy example: your monitoring server notices that your web servers are all at some cpu capacity, it fires off a salt event, that event triggers a reactor that call salt.cloud to spin up more instances, those instances fire events as they are being brought up that do things like run a highstate/add to load balancer/etc.
20:56 murrdoc yo hows 2015.2 looking
20:56 murrdoc u like it ?
20:57 iggy you don't have a build server poll git... you have a git (web)hook that triggers a salt event, that event kicks off a reactor that does something to make the build server do stuff (abstractish)
20:57 iggy better than my first foray into 2014.7
20:57 iggy but it's had a few hiccups
20:58 iggy it goes into production tomorrow :/ ... ready or not
20:58 iggy (how was I supposed to know it was going to be a month+ late when I was sheduling)
20:58 XenophonF wow, that's cool
21:00 murrdoc makes sense iggy
21:00 murrdoc you rolling with develop ?
21:01 perfectsine joined #salt
21:01 druonysus joined #salt
21:02 iggy 2015.2 branch
21:02 murrdoc do you keep a local git mirror or upstream ?
21:02 murrdoc and did u test out RAET
21:02 murrdoc do you even need raet
21:02 iggy upstream now, probably a local mirror at some point (we have some other projects that'll be moving into git soonish)
21:03 iggy I had raet on my list next, but 2015.2 has made all of our connectivity issues go away, so it's moved down my list
21:03 ek6 makes chicken sounds at iggy
21:03 iggy if I had more minions, it'd probably still be high on my list... but we only have 100-150 minions
21:04 enarciso joined #salt
21:04 nesv iggy: Is 2015.2 due for release tomorrow, or are you deploying it on your production stacks tomorrow?
21:05 rojem what's the difference between doing a state.show_highstate and running highstate with --test=True
21:06 iggy rojem: lots
21:07 aparsons_ joined #salt
21:07 overyander is this the correct method to sync_all from within a state file? {% do salt['saltutil.sync_all']() %}
21:07 iggy nesv: there is no timeframe for 2015.2's release... we are going ahead and running it from a git install
21:07 nesv iggy: Ah, okay. :)
21:08 iggy overyander: that's one way... salt.states.module.run is probably better
21:08 JoshuaX joined #salt
21:08 stoogenmeyer joined #salt
21:09 iggy I could package it from a git checkout, but I'm lazy
21:11 ralf_ joined #salt
21:11 micah_chatt joined #salt
21:11 mosen joined #salt
21:12 signull iggy: the good news is 2015.2 stable or rc2 should be out soon. it looks like they solved all the blockers under their milestones for the release
21:12 signull wouldnt be surprised if its later this week.
21:13 ek6 my bet is a week from today
21:14 iggy the 65th of Feb
21:14 cheus joined #salt
21:15 signull lol
21:16 nesv Is there a way to configure which Jinja extensions are loaded in the salt master?
21:16 dopesong joined #salt
21:17 iggy nesv: not that I've seen
21:22 rojem joined #salt
21:23 nesv Damn. I could really use the "do" extension, right now.
21:23 nesv Oh well.
21:23 Ryan_Lane joined #salt
21:24 iggy I thought it was enabled
21:24 murrdoc do extention ?
21:25 iggy nesv: what are you trying to do with it?
21:25 murrdoc whats the 'do' extension
21:28 ipmb joined #salt
21:29 iggy {% do salt['module.function']('arg') %}
21:29 iggy or something... that's why I asked what they were trying to do with it
21:29 murrdoc is that a salt extension, jinja
21:29 baweaver joined #salt
21:29 murrdoc or jinja
21:29 iggy it's a jinja thing
21:30 iggy it's not enabled by default because... well... you're not supposed to do that kind of shit in jinja
21:30 nesv iggy: I'm trying to do something along the lines of `{% if some_config.verbose %}{% do opts.append('--verbose') %}{% endif %}`
21:30 murrdoc yeah
21:30 iggy but then again jinja normally gets called from python code, not yaml
21:30 Ryan_Lane joined #salt
21:31 iggy nesv: and just to verify, it doesn't work now?
21:32 ecdhe I'm trying to get salt to start the uwsgi service on ubuntu.  salt runs the check "service uwsgi status" to which uwsgi replies, "*which one?"
21:32 Hell_FireW joined #salt
21:33 iggy nesv: looking at the code, it looks like if the module is available, then salt tries to load it
21:33 ecdhe Turns out uwsgi has a non-standard /etc/init.d interface: in addition to the status paramerter, it wants another parameter which specifies the app you're inquiring about.
21:33 iggy ecdhe: then you can't use the normal service module with it
21:34 nesv iggy: Ah! You know, I never thought to just try it.
21:34 * nesv smh
21:34 ecdhe iggy, sounds good...  would you recommend anything besides a cmd.run/unless construct?
21:37 Negher joined #salt
21:37 iggy ecdhe: probably your best bet
21:38 murrdoc dude ecdhe.net used to be the primo site for streaming, not related to salt at all
21:38 iggy if you can think of a sane way to add the functionality to the existing service module, that'd be a nice feature request, but it probably doesn't happen often
21:39 * JordanTesting looks at Linuturk
21:40 evidence some notable bugs holding up 2015.2?  seems we've been so close for quite a while :)
21:40 * iggy goes to file 2015.2 bugs to hold everybody up
21:40 evidence sounds like rc2 in the next few days
21:41 iggy I called Feb 65th earlier today
21:41 iggy so we'll see
21:41 * evidence does some maths
21:42 evidence April 6th? :x
21:42 hal58th ecdhe, does your uwsgi service have a unique process name? If so, you could use the "sig" option for service
21:42 ekool joined #salt
21:43 ecdhe hal58th, I'll look into that, thanks!
21:44 giantlock joined #salt
21:44 hal58th wlecome ecdhe
21:45 ecdhe I might approach the uwsgi folks about leaving an option to manage their apps in a more standard fashion.
21:45 hal58th ecdhe, you think that it would know to query all services intelligently and see if any are down
21:46 ecdhe hal58th, or provide the option of bringing each app into the init namespace...
21:46 ecdhe such as 'service uwsgi.myapp status' instead of 'service uwsgi status myapp'
21:47 iggy that would require a change to the service util itself
21:47 murrdoc joined #salt
21:48 ipmb is there a way to do requires in a salt-cloud map file?
21:48 bash124512 joined #salt
21:48 murrdoc1 joined #salt
21:49 ecdhe iggy, or an officially supported init.d/skeleton for uwsgi apps.
21:49 lomeroe_ iggy: I figured it out...you don't need to pass them in as "vm_overrides", just pass each override as a normal option in the sls (if that makes sense)...so instead of "- vm_overrides: "{'size':'n1-standard-2'}"", just use "- size: n1-standard-2" in the sls
21:50 iggy lomeroe_: good to know (we use GCE too and will soon be trying to roll back to salt-cloud from our custom written api scripts)
21:52 chandy joined #salt
21:53 enarciso joined #salt
21:54 murrdoc joined #salt
21:56 ropes has anyone else been testing salt with Debian Jessie? The fact that `sudo` isn't installed by default makes Salt rather unhappy. I feel like salt should be able to run w/ `su` instead..
21:56 pdayton joined #salt
21:56 iggy I don't know why it wouldn't be able to
21:57 markm joined #salt
21:58 ropes iggy: if you ask salt to run as a user it attempts to run `sudo -u username ...` instead of using `su` and since sudo doesn't exist it errors
21:58 ropes *run a script that is
21:58 iggy oh, I run salt as root, so yeah, wouldn't have noticed that
21:59 ropes iggy: hmm you raise a good point, this is a slightly wonky test environment I set up.. I thought I was as well..
21:59 Singularo joined #salt
22:03 ropes iggy: AFIK the command is running as root.. I'm guessing Salt just depends on `sudo -u` to switch users
22:04 iggy that would be odd, but I don't know that code well enough
22:04 iggy oepn and issue
22:04 iggy let me try that again
22:04 ropes iggy: I'm looking to see if anyone else has
22:04 iggy open an issue
22:08 chandy joined #salt
22:09 chandy joined #salt
22:09 jerematic joined #salt
22:12 aquassaut joined #salt
22:14 nich0s joined #salt
22:14 SaintAardvark I'm running into a problem with the aptly formula (https://github.com/saltstack-formulas/aptly-formula/)
22:15 iggy oh no
22:15 iggy SaintAardvark: what's up?
22:15 SaintAardvark the nginx.sls file includes "nginx.config", which refers to the nginx formula
22:15 SaintAardvark and when I run the aptly formula (is that the right term?), I get this error:
22:15 SaintAardvark "Specified SLS nginx - nginx.config in saltenv base is not available on the salt master"
22:16 SaintAardvark but if I delete the "nginx.config" line, it works fine
22:16 SaintAardvark there's no nginx.config I can see in the nginx formula
22:16 SaintAardvark looks like a bug, but we've already established I'm a noob. :-)
22:17 murrdoc the formula doesnt link to the nginx formula its using
22:17 iggy it's not a bug necessarily as an invalid/unclear assumption
22:17 murrdoc not your bad
22:17 murrdoc also people have changed the nginx config
22:17 SaintAardvark murrdoc: that's what I assumed
22:17 iggy I don't use aptly.nginx, so I didn't write that
22:18 murrdoc oh haha it usess the ng
22:18 SaintAardvark oh, didn't check ng; is there a config module/what have you in there?
22:18 murrdoc cos fuhget trying to commit to one way of doing things
22:18 murrdoc https://github.com/saltstack-formulas/nginx-formula/blob/master/nginx/ng/config.sls
22:19 SaintAardvark riiiiight
22:20 SaintAardvark is it worth filing a bug against?  Should the aptly formula be using "nginx.ng.config"?
22:21 murrdoc my recommendation
22:21 murrdoc make a simpler nginx formula
22:21 murrdoc and work with that
22:21 murrdoc there isnt a need to use the formula as is
22:22 murrdoc and do what u said
22:22 murrdoc why we have a ng formula
22:22 murrdoc shoe horned into a regular formula i dont know
22:23 SaintAardvark okay, thanks
22:24 murrdoc i have a muuuuch simpler nginx formula i use
22:24 murrdoc that i get the aptly working with
22:24 murrdoc same as iggy
22:25 iggy yeah, sorry, boss stopped by
22:25 ek6 iggy: wants your tps reports?
22:26 smcquay joined #salt
22:27 iggy wants me to order real hardware... sadist
22:28 rhodgin joined #salt
22:28 murrdoc for?
22:29 iggy so yeah, my repo server has our own in house nginx formula, and aptly.publish_repos assigned
22:30 iggy I _think_ forrest wrote that aptly.nginx state like a year ago... I imagine the nginx formula looked different then
22:31 iggy so you are probably just better off copying that or editing your own fork of the aptly formula to fix that
22:31 iggy if you feel like fixing it, we love contributions
22:31 slimmons joined #salt
22:31 iggy but I feel like nobody uses the nginx formula once they actually look at it
22:32 * murrdoc nods
22:32 Ahlee example of walking down pillars?
22:33 slimmons using salts cmd.run, I'm having problems with quotations and sql statemtns (psql) from a bash script with the salt-minion name as an argument.      salt $1 cmd.run 'sudo -u postgres psql -c "create user myuser with password 'mypassword';""
22:34 slimmons doesn't matter if I put double quotes on outside, or inside, it sets syntax error
22:34 slimmons any ideas?
22:38 JDiPierro joined #salt
22:40 ajw0100 joined #salt
22:40 iggy double quotes outside and \escape the inner double quotes?
22:41 pdayton joined #salt
22:41 iggy but... wtf salt.modules.mysql.user_create
22:42 conan_the_destro joined #salt
22:44 chandy joined #salt
22:46 beneggett joined #salt
22:48 kitplummer joined #salt
22:49 kitplummer is there a good way to accept a specific retcode for a cmd.run to be successful?
22:51 catpig joined #salt
22:53 baweaver joined #salt
22:54 murrdoc joined #salt
22:55 kitplummer joined #salt
22:55 enarciso joined #salt
22:57 Nazca__ joined #salt
22:58 enarciso joined #salt
23:02 APLU joined #salt
23:02 enarciso_ joined #salt
23:04 Nazca joined #salt
23:16 rogst joined #salt
23:16 yomilk joined #salt
23:18 enarciso joined #salt
23:19 markm joined #salt
23:19 baweaver joined #salt
23:26 iromli joined #salt
23:26 enarciso joined #salt
23:28 andrew_v joined #salt
23:28 ajw0100 joined #salt
23:32 enarciso joined #salt
23:36 enarciso_ joined #salt
23:36 smcquay joined #salt
23:38 clintber_ joined #salt
23:45 kusams joined #salt
23:45 rhodgin joined #salt
23:45 bhosmer_ joined #salt
23:47 nich0s joined #salt
23:49 crd joined #salt
23:50 crd Hi! anyone in here maintaining the docker-formula?
23:51 crd I've got a PR outstanding to add Debian support here https://github.com/saltstack-formulas/docker-formula/pull/13
23:52 crd I'd love to hear feedback and if anyone here has write access, it would be cool to get it merged
23:52 iggy the devs are pretty busy trying to get 2 releases out the door and the volunteers didn't do much with formulas today
23:53 iggy I'm waiting on a few myself
23:55 _JZ_ joined #salt
23:55 crd iggy: thanks for the update
23:55 crd I'm sort of new to the community, so I'll lurk some more
23:56 dalexander joined #salt
23:57 iggy it would be great if you could tie that into the map.jinja somehow instead of huge files completely if gated
23:59 crd oh, I've got a lot of improvements I'd like to make to that repo
23:59 crd just trying to bite off small chucks at a time
23:59 iggy ah, rgr
23:59 baweaver joined #salt
23:59 crd working on issue #12 now
23:59 iggy yeah, I imagine nitin will do some merges tomorrow... he's the only one I know of doing anything right now
23:59 rhodgin joined #salt

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary