Perl 6 - the future is here, just unevenly distributed

IRC log for #salt, 2015-04-01

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
00:00 vieira Is there any recommendation on the number of minions per worker_thread?
00:00 agliodbs sun and bass?
00:00 vieira I have about two dozen minions and with the default (5) worker_threads I am getting some timeouts
00:02 litwol Hello
00:02 iggy agliodbs: 1.5 week long music festival in Sardinia
00:02 litwol Salt documentation reads: Remember: conflicting keys will be overwritten in a non-deterministic manner!
00:02 agliodbs sounds awesome
00:03 litwol I would like to confirm: Is there no way to /merge/ conflicting keys into a list?
00:03 iggy vieira: that's probably less to do with worker_threads than other things (we have like 60 in production on the default settings)
00:03 litwol i'd like to specify something like org.[my org].users.user1.roles: [].
00:03 litwol and then in different pillars i'll reference user1.roles and "add" new roles
00:03 litwol i'd want them all to concatenate into a list.
00:03 iggy litwol: in newer versions you can tell it to merge... it's still effectively non-deterministic
00:04 litwol iggy: which version?
00:04 iggy at least 2015.2... don't know about 2014.7, I skipped it
00:04 litwol aww darn.
00:04 litwol portage installs 2014.7.4 as latest
00:05 iggy that wouldbe because 2015.2 hasn't been released
00:05 litwol iggy: in the new version does the merge override the conflicting key, or does it merge into a list.. if lets say the key was at some point referenced using an array/list format?
00:06 iggy if it's not a list already... I don't know (I don't think it's documented, which would say to me "non-deterministic")
00:06 litwol either way i think i'm overthinking/overcomplicating my approach
00:08 vieira iggy: I had ten and everything was working fine
00:08 vieira iggy: so I added some more to see how it would scale
00:08 vieira iggy: and started getting timeouts when doing state.highstate
00:08 vieira sometimes nothing is returned
00:08 vieira at all
00:08 vieira other times I get a timeout error
00:09 vieira have you hit something similar?
00:10 iggy vieira: the problem is it very much depends on what your master is doing... do you have 40 gitfs repositories? Do you have 30000 lines of states? Do you just do remote execution? etc...
00:11 iggy not since I upgraded to 2015.2
00:11 iggy before that, I lost minions all the time
00:11 vieira iggy: ten states total, no gitfs
00:12 vieira hmm I'm on 2014.7.2....
00:13 vieira I have set the timeout to 30s, is it too high/low?
00:14 vieira I have no reference when setting this options :S
00:14 iggy so you might actually be seeing another problem
00:14 iggy mine is 30
00:14 vieira ah ok, so 30 should be ok
00:14 vieira and 5 worker_threads...
00:14 litwol hmm
00:14 vieira I must investigate further :S
00:14 iggy the default
00:15 iggy vieira: what's your network setup look like?
00:15 litwol i don't know jinja very well yet, but from the way documentation /looks/ i may be able to extend variables/lists to store data using jinja
00:15 * litwol asumes a lot
00:15 robawt litwol: yes that's correct
00:15 iggy litwol: sketch up what you're thinking in a gist and we'll tell you if you're crazy or not
00:15 litwol robawt: ty.
00:16 * SheetiS1 is crazy.
00:16 litwol two "type" of players. provider organization (tech provider... the "base" for all formulas/pillars/etc), and the "clients"
00:16 vieira iggy: all the minions are in the same subnet, there is a dedicated physical ubuntu machine that acts as gateway/firewall/router
00:17 murrdoc joined #salt
00:17 vieira but inside the network there is no filtering or NATing going on
00:17 litwol i am envisioning "base" pillars&formulas to grow over time. and then be able to "configure" them/instantiate them in the client's "organizational pillars"
00:17 vieira all the minions and the master are inside this network
00:17 vieira nothing special, I think
00:17 iggy vieira: okay, so it wasn't the thing I was thinking (unless your switch is trying to do some sort of layer2 filtering)
00:18 forrest joined #salt
00:18 litwol such that i could say org.[client name].users.litwol.roles: ['git', 'ssh', 'mysql_root','....']
00:18 iggy in 2015.2 there's a fix to set keepalive on the socket from the minion to the master
00:18 litwol ^^ each "." is actually :\n in pillar file, or equivalent in jinja once i figure it out
00:19 iggy use :
00:19 iggy salt people will know what that means
00:19 beneggett joined #salt
00:19 litwol and then in each service pillar, lets say mysql pillar, or nginx pillar, i could say 'org.client.users.litwol.roles: mysql', or : nginx.
00:19 litwol and they would merge into a list
00:19 litwol such that my final roles have all the roles mentioned
00:19 iggy i.e pillar.get('salt:master:timeout')
00:20 litwol </crazy idea>
00:21 iggy http://docs.saltstack.com/en/latest/ref/configuration/master.html#pillar-source-merging-strategy
00:21 iggy should work in your version
00:21 litwol then in formulas i could use jinja, in appropriate formula such as "mysq", to loop over all organization users which have role "mysql_root" and perform necessary state control
00:22 TheLoeki joined #salt
00:22 ek6 joined #salt
00:22 litwol ooo this is interesting
00:22 ajw0100 joined #salt
00:25 litwol ah!!!
00:25 litwol i see
00:26 litwol What i've done: org:litwol:users:litwol:roles:git_admin, what i should have done: ...litwol:roles:git_admin: True
00:26 cmcmacken joined #salt
00:27 murrdoc joined #salt
00:27 litwol i wrongly assumed that "roles" would magically become a list if i specify further keys after it.. but those "keys" were treated as values
00:27 litwol and after putting ": True" at the end of those values "roles:" became a list as i needed.
00:27 iggy it would have to be a list everywhere
00:27 litwol hmm
00:27 litwol How can i define an empty list in this case?
00:28 litwol i've tried roles: []
00:28 litwol didnt work
00:28 murrdoc roles:
00:28 packeteer joined #salt
00:28 murrdoc -
00:28 kusams joined #salt
00:28 viq joined #salt
00:29 litwol didn't work
00:32 iggy roles: [] at the first occurence, then roles:\n  - foo\n  - bar therefter
00:32 jerematic joined #salt
00:33 baweaver joined #salt
00:33 iggy I suspect you missed a - somewhere and it converted it to a dict and then fubar'ed everything else
00:33 dimeshake joined #salt
00:33 dimeshake joined #salt
00:33 iggy whereas putting : True/False after everything makes them all dicts to begin with
00:34 agliodbs iggy: one more hard question: I need to deploy some passwords which need to be stored encrypted.  what's the best way to send a passphrase via an orchestration ?
00:35 iggy agliodbs: put it in a pillar (possibly with the gpg renderer if you are really paranoid) and look them up directly in the states that the orchestrate calls
00:35 agliodbs oh?  gpg renderer?
00:35 * agliodbs searches
00:36 agliodbs hmmm, that seems likely.  will work onit
00:39 litwol users/init.sls : https://bpaste.net/show/a33a555eb5d1, users/mysql.sls: https://bpaste.net/show/9a935fcf81eb, pillar/tol.sls: https://bpaste.net/show/db994cb1d6d1
00:40 litwol iggy: using roles: [] as you mentioned didn't work in my set up.
00:40 litwol oh
00:40 * litwol thinks
00:41 litwol i think i needed to include org.litwol.users in top.sls to make sure roles: [] gets processed first.
00:41 iggy protip: gist.github.com allows multiple files per post
00:41 litwol i wrongly assumed if i use include: org.litwol.users it will force roles to []
00:41 litwol i used wgetpaste from cli
00:41 iggy oh :/
00:42 iggy you got me this time...
00:42 litwol https://bpaste.net/show/7ba9fe34b1e5
00:42 litwol there. multi file post :)
00:42 litwol this dpaste lists files out of order. sry.
00:42 iggy an include isn't to a pillar key it's a file
00:43 hackel joined #salt
00:43 litwol iggy: sry i don't understand the implication of what you just said.
00:43 iggy so that include is looking for /srv/pillar/org/litwol/users.sls
00:43 iggy or /srv/pillar/org/litwol/users/init.sls
00:43 litwol i have that
00:44 litwol init.sls sets role: []
00:44 iggy oh, well you didn't paste it
00:44 litwol iggy: sry. here's the multi-file post: https://bpaste.net/show/7ba9fe34b1e5
00:44 litwol it is out of order. sry.
00:44 iggy I saw that, it's still not there
00:44 litwol org.litwol.users is the line 15
00:45 iggy up there you said it was users/init.sls
00:45 litwol /var/lib/salt/pillar/org/litwol/users/init.sls
00:46 litwol in the same folder as init.sls i have files git.sls and mysql.sls
00:46 seev what are you trying to do there litwol
00:46 litwol git and mysql sls files are meant to add new roles to individual users by merging new roles onto the roles list
00:46 seev that seems.. overly coomplicated
00:46 iggy okay... litwol you don't touch that list anywhere else?
00:47 litwol iggy: no. not yet. this is all of it.
00:47 litwol seev: single place to manage users. then individual formulas will use jinja to fets "gimme all users for mysql access" kind of thing.
00:48 iggy I'd say go look at how the users-formula and mysql formulas operate
00:48 seev why not use a dictionary keyed to username -> "role1|role2" with some kind of delimiter
00:48 seev then you could iterate through it easily
00:48 litwol seev: how do you merge new values onto the list in subsequent pillars?
00:48 iggy they are trying to get everything to merge down into one list at multiple levels
00:49 seev you must be operating at some gigantic scope that I've never encountered
00:49 litwol either that, or intellectual curiosity .
00:49 iggy I'm guessing multi-tenant
00:49 dalexander joined #salt
00:50 litwol users-formula is doing the same.
00:50 litwol well. not really
00:50 seev my pillar files only define some basic parameters like ports, environment names, etc.; and sensitive data like API keys
00:50 litwol i fully understand how to get pillar key:value. if i had just one "top.sls" to manage entire user hierarchy i could easily do it
00:51 litwol i am interested in different arpproach of splitting pillars
00:51 litwol and then "recombining" them via merging keys
00:51 jab416171 joined #salt
00:52 Brew joined #salt
00:52 litwol i guess i'll go with flat org.litwol.users (init.sls) instead of individual group-level sls files which right now i'm unable to merge.
00:53 litwol can't merge using lists that is. it DOES merge if i use ...:roles:foo:True, ...:roles:bar:True
00:53 litwol then ...:roles will have all the foo + bar + etc.
00:54 cmcmacken joined #salt
00:55 litwol This works: https://bpaste.net/show/1a44bbd23c8c
00:56 litwol That's a start. will call it a day.
00:56 litwol iggy: thx for help.
00:57 seev it looks like LDAP in YAML
00:57 seev except split across mutliple flat files
00:57 litwol lets see if i can get away with it :)
00:57 seev that seems like a horrible design
00:58 MatthewsFace joined #salt
00:58 iggy if you find deficiencies or incorrect docs make sure you open issues
00:58 litwol seev: i'd love to hear ideas how to improve, or completely different approach.
00:58 seev use LDAP as a back-end to store your information and simply query it
00:58 seev isn't that what directories are for, persisting objects like this?
00:59 litwol oh. i don't know how to run ldap yet.
00:59 seev I haven't done any work with salt and a directory service before but it might be worth investigating that
00:59 litwol i'm interested in learning salt only right now. ldap is way way on backburner
00:59 litwol besides, assuming this approach works it will be very easy to swap flat files in favor of ldap query
01:01 iggy famous last words
01:01 litwol lol
01:04 Guest3316 joined #salt
01:06 badon joined #salt
01:08 MindDrive Continuing from an earlier question... I have a module on my Salt masters in /srv/salt/_modules and a "salt '*' sync_modules" will get it to all the minions just fine, but I suspect if I build a new minion, it will require another such 'push' from the master, so I'm wondering... is there a way to do a 'pull' from the minion instead?  I'm not seeing anything obvious in the documentation.
01:09 iggy MindDrive: it'll automatically get synced on a highstate
01:09 MindDrive Iggy: Okay, so now a stupid question - when does a highstate happen? :)
01:09 iggy when you tell it to
01:10 iggy if you aren't using highstate very often (why not?), you can use a reactor to auto sync it on minion start up
01:14 dendazen joined #salt
01:16 MindDrive Iggy: I don't believe I'm using highstate at all right now, mainly because I'm not sure how it's used. :)  I just read http://docs.saltstack.com/en/latest/topics/tutorials/states_pt1.html but it didn't make things immediately obvious to me.
01:16 iggy sync_all:
01:16 iggy local.saltutil.sync_all:
01:16 iggy err... mispaster
01:16 iggy https://gist.github.com/iggy/80bd809c1557d8aa8d9e
01:17 MindDrive Looking...
01:17 MindDrive Okay, that's nice.  I like that.  Thank you. :)
01:19 aqua^mac joined #salt
01:19 iggy highstate's are kind of salt's wheelhouse
01:19 iggy if you don't mind my asking, how are you using salt?
01:20 Karlthane_ joined #salt
01:21 MTecknology basepi: I don't suppose you're able to s/Micheal/Michael/ on my talk?
01:22 MTecknology the toutube video
01:23 garthk MindDrive: I'm looking at regular automatic state.highstate with test=True to let ops know when to plan to run state.highstate with test=False
01:23 ITChap joined #salt
01:23 thayne_ joined #salt
01:24 robawt it's appearing to become more and more difficult to determine the return code of a salt run
01:24 catpig joined #salt
01:24 otter768 joined #salt
01:25 I3olle joined #salt
01:34 forrest joined #salt
01:35 catpigger joined #salt
01:38 iggy robawt: don't... it'll never be what you think it will
01:45 aqua^mac joined #salt
01:45 vieira [TRACE   ] Check main poller timeout 1
01:45 vieira is this normal?
01:45 vieira it happens every second or so :\
01:45 vieira I don't know what it means
01:45 iggy it means you have trace level logging enabled and your log files are probably huge
01:47 vieira hehe, nah, i just started the minion with -l trace to see if there was something wrong
01:47 nafg joined #salt
01:48 vieira the only weird think was that message
01:48 vieira do you know what it means?
01:48 vieira it prints that every second
01:50 iggy no, it's just the minion wakeup cycle
01:54 cmcmacken joined #salt
01:59 Furao joined #salt
01:59 scbunn joined #salt
02:03 MindDrive Iggy: Sorry, was away at dinner.  My current usage of Salt is from within a deploy application (in-house) and it's initially just a 'drop-in' replacement for MCollective, so I have a small Python program I'm turning into a Salt module which will be called programmatically on key servers to do software updates and restarts.  Eventually it will be used for more, but right now I'm keeping my changes minimized to avoid complex failure situation
02:03 MindDrive s.
02:11 sunkist joined #salt
02:25 new-salt joined #salt
02:25 evle joined #salt
02:26 iggy so... you're using remote execution? reactor?
02:26 iggy yeah, continuous deployment doesn't really lend itself to highstates
02:27 new-salt I have question regarding to use salt state to do setfacl. is it possible?
02:28 new-salt I only see salt.states.linux_acl.absent and salt.states.linux_acl.present.
02:29 iggy I want to say I saw an issue about that the other day
02:29 new-salt what I am trying to do is "setfacl -R -m g:developer:r-x /mydirectory"
02:29 iggy if not, cmd.run works as well as anything else
02:30 clintberry joined #salt
02:30 michelangelo joined #salt
02:31 new-salt I do see execution module has this "salt.modules.linux_acl.modfacl((acl_type, acl_name='', perms='', *args, **kwargs)¶)"
02:31 murrdoc yeah why not use file.directory with recurse
02:32 new-salt yes, cmd.run should work.
02:32 writtenoff joined #salt
02:32 malinoff joined #salt
02:33 MindDrive Iggy: I'm using salt.client.Caller() and <caller>.function('publish.full_data', *args)
02:33 writtenoff_ joined #salt
02:33 MindDrive (Where one of the args is my module and method from within the module (currently two - 'install' and 'restart'))
02:34 new-salt file.directory does not set facl.
02:35 murrdoc make a custom state that does
02:35 murrdoc use that
02:35 murrdoc anything  > cmd.run
02:36 iggy so much cmd.run hate
02:36 murrdoc no hate
02:36 murrdoc cmd.run reminds of bash scripts
02:36 murrdoc that i have currently
02:36 murrdoc for provisioning
02:37 murrdoc residual hate
02:37 malinoff murrdoc, sometimes cmd.run is the only choice
02:37 malinoff murrdoc, did you ever work with gerrit?
02:38 murrdoc yaarp
02:46 favadi joined #salt
02:48 glyf joined #salt
02:52 sunkist1 joined #salt
02:54 chandankumar joined #salt
02:56 sunkist joined #salt
03:03 StDiluted joined #salt
03:04 forrest joined #salt
03:07 forrest joined #salt
03:10 rhodgin joined #salt
03:11 beneggett joined #salt
03:13 jerematic joined #salt
03:21 forrest Hmm, has there been any update on reactor support for the minion?
03:23 raygunsix joined #salt
03:25 forrest nope still not supported, booo
03:25 otter768 joined #salt
03:27 loz-- joined #salt
03:28 thayne_ joined #salt
03:28 capricorn_1 joined #salt
03:29 catpiggest joined #salt
03:33 sunkist1 joined #salt
03:38 sunkist joined #salt
03:38 iggy forrest: at saltconf, they said 2015.8 (or whatever it's going to be called
03:38 forrest for reactor being in the minion
03:38 forrest *?
03:38 iggy also, thanks for your input on the salt-formula thing
03:38 iggy forrest: yes
03:39 forrest iggy: Awesome! That is super good to hear, I can update my blog post for a totally automated website.
03:39 forrest And yeah np on the salt-formula thing, I don't have much of a preference, I just like to keep it simple and clear when possible.
03:39 iggy they needed it for beacons, but it was too late to make it into 2015.2
03:40 iggy afaik, the already said it was in devel
03:40 forrest weird, there has been 0 update on the related issue.
03:41 bhosmer joined #salt
03:41 forrest why are you even around iggy? Shouldn't you be painting garage doors or something?
03:41 iggy nah, gotta wait a few days inbetween coats
03:42 iggy oh... and it's not even my garage (girlfriends)
03:42 forrest don't forget to cut the emergency release string short so people can't break into your garage
03:42 forrest lol
03:42 forrest should charge a garage door painting consulting fee
03:43 _JZ_ joined #salt
03:43 iggy well... it's worth it
03:43 sunkist1 joined #salt
03:43 iggy I mean aside from the obvious benefits, she's also a lawyer and got some tickets dismissed and warrants reversed ;)
03:43 forrest lol
03:44 forrest remember the chat is logged
03:44 forrest don't incriminate yourself
03:45 iggy good point
03:45 seev man, I just found out that you have to manually set a timezone in /etc/sysconfig/clock on CentOS
03:45 iggy seev: I think the installer asks that
03:45 seev my servers have kept reverting to UTC and it was maddening :/
03:45 seev not in Amazon...
03:46 forrest seev: They just wanted you to do what is right
03:46 iggy you should file a bug... they should set that per AZ
03:46 forrest it's not a bug
03:46 forrest lol
03:46 iggy (like DO, linode, gce, etc. do)
03:46 seev well, I would normally agree with you that UTC is fine, but I schedule crons and junk from the localtime
03:46 forrest seev: adjust to UTC
03:47 forrest screw local time
03:47 seev never
03:47 forrest as soon as you step into multiple time zones you are screwed.
03:47 forrest If I could I'd make everyone use UTC regardless of where they lived.
03:47 seev I run my database as UTC
03:47 iggy too much stuff out there doesn't handle UTC well
03:47 forrest but your other systems aren't? That's even worse
03:47 _JZ_ amen forrest
03:47 forrest then you have to coordinate logs
03:48 forrest 'oh wait, what about the 7 hour shift, whoops, DST? Only 6 hours now!'
03:48 forrest iggy: What doesn't handle UTC?
03:48 seev 'US/Eastern' handles that fine
03:48 forrest what terrible software is this
03:48 sunkist joined #salt
03:49 forrest seev: *shrug*, I'd rather blow a system away than deal with the shit I did in the past for reviewing logs in Europe, Singapore, and the States all on one crappy timezone.
03:49 seev you are free to lord over UTC on your own server farm, forrest, I am not telling you how to ru it
03:49 iggy "web apps" (crappy CMSes, etc.)
03:49 forrest iggy: pssssh, let 'em burn! ;P
03:49 forrest seev: It just makes me so sad, so sad.
03:49 forrest seev: Are you only in one DC?
03:50 seev you have to compensate on one end or the other
03:50 seev either the server stays local, and everything makes sense with an occasional conflict in logging timestamps or whatever
03:50 seev OR you schedule everything in some weird offset upfront
03:50 seev either way you have to adjust something somewhere
03:51 forrest yeah, just like to stick with iso 8601, then people don't have to convert to talk to your systems or vice versa.
03:51 seev I'd rather have my crontab readable without a calculator
03:52 forrest To each their own!
03:52 seev if we ever end up working together, I guess we can duel it out
03:52 seev but yes, I hope you enjoy your UTC everywhere
03:53 forrest I will just quote iso 8601 then dance victoriously :D
03:53 forrest I do, love it
03:53 forrest would set it on my clocks if I could
03:53 iggy start using metric then you can talk
03:53 forrest iggy: Ugh I wish we did
03:53 forrest I try to remember to use it when I can
03:54 iggy I live near a fairly large international airport... lots of metric speed limit signs
03:55 forrest Where are you at again iggy?
03:55 iggy houston
03:55 forrest Ahh okay
03:59 ITChap Hi everyone
04:00 ITChap is there a way to change how the minion_id file is generated ?
04:00 stanchan joined #salt
04:01 kusams_ joined #salt
04:01 ITChap ( I am trying to find a workaround for the solaris minion_id that always contains localhost.local)
04:01 forrest ITChap: isn't that localhost.local issue because of how the hosts file is generated on solaris or something?
04:02 ITChap If I remember well Salt take the first name of the /etc/host file right ?
04:03 echo Yeah, the first FQDN that appears there
04:03 forrest I believe it does a check via python first for the system host
04:03 forrest but yeah should pull from there
04:03 forrest there's a list somewhere that says
04:03 ITChap the issue being that on solaris it's localhost.local
04:04 ITChap the hostname is at the end of the line :/
04:04 iggy socket.get_fqdn
04:04 forrest yeah there we go
04:04 echo well, surely you can change the first entry to be the real FQDN, that's what I do on solaris
04:04 iggy but... you can put whatever you want in the id... just have to regen the key
04:05 forrest Yeah I was going to say, can you not provision the system with a proper name, then run salt?
04:05 iggy you may not even have to rekey... maybe just re-accept on the master
04:06 ITChap will it work with a lot of minion named localhost.local with different keys ?
04:06 seev how do you name your systems?
04:06 iggy no
04:06 MTecknology the id has to be different
04:06 iggy ^ SSCE said so
04:06 MTecknology :D
04:07 echo localhost.local is not a valid FQDN, you probably should not be having servers named that way. It is a placeholder
04:07 ITChap I didn't name them like this
04:07 ITChap it's the default entries in the hosts file
04:07 echo I understand, but you should change them when you provision them
04:08 echo Otherwise, things will get very confusing, as you can imagine.
04:08 seev ITChap, how do YOU name your systems
04:08 iggy how are you installing salt-minion?
04:08 ITChap I have an base image
04:08 forrest ITChap: http://docs.oracle.com/cd/E19253-01/821-0439/6nlg9b3v9/index.html
04:08 ITChap (I use SmartOS)
04:08 echo I name them based on their purpose / location / number in the load balancer pool.
04:08 forrest says right there you can set it
04:09 ITChap so during provisionning the hostname is updated
04:09 forrest so hooray fo solaris not being total crap
04:09 forrest if the hostname is updated it should be dropping that into /etc/hosts no?
04:09 forrest seems odd it wouldn't
04:09 ITChap it is
04:09 seev I name my systems based on their role and association to an autoscale group in Amazon
04:09 ITChap at the end of the 127.0.0.1 line ...
04:10 echo it is not just a matter of being in /etc/hosts in my experience, it has to be the first entry on the loopback line
04:10 ITChap so the first fqdn that salt encounter is not the hostname
04:10 seev there is a script that determines the next available hostname, ie. 'web01.prod.whatever', and cats that out to the minion file
04:10 seev you need to bake that sort of logic into your bootstrap process
04:11 ITChap that's sad
04:11 forrest Yes it is, but how else would you do it?
04:11 echo I had to figure that this exact thing out not long ago. You also need to delete that minion_id file when you change it.
04:11 forrest You can name the system so that get_fqdn() returns it
04:11 ITChap no idea that's why I came here
04:11 echo won't overwrite itself
04:12 forrest Your system should be named when it is provisioned
04:12 forrest I know on centos it's /etc/sysconfig/network
04:12 echo in centos you need to set it in 3 places typically
04:13 echo hostname cmd, /etc/hosts, /etc/sysconfig/network
04:13 forrest echo: Yeah but you should be able to get away with just /etc/sysconfig/network
04:13 echo Does salt pick it up if it is only there?
04:14 ITChap to be clear the system is named
04:14 jerematic joined #salt
04:14 ITChap it's just that on the loopback line of /etc/hosts it's the last entry
04:14 echo is it a problem to make it the first entry on that line?
04:14 ITChap like: '127.0.0.1       localhost localhost.local loghost myhostname'
04:15 ITChap this is the normal entry after provisionning
04:15 forrest echo: salt uses get_fqdn as the first check I believe, so whatever that returns
04:15 forrest ITChap: can you drop into the python shell?
04:15 forrest on one of your solaris boxes
04:15 forrest then do import socket
04:15 forrest socket.get_fqdn
04:15 ITChap if you give me the steps yeah
04:15 echo right, in my debugging last week, I ran that function on the python cmd line, and it seemed to only respond to the first entry on the 127.. line on /etc/hosts
04:16 forrest echo: Hmmm...
04:16 forrest echo: I thought that was the secondary method
04:16 forrest Having a hard time finding the docs with the order of operations
04:16 echo This was on a centos machine mind you, but nontheless, we are talking python now
04:16 forrest echo: Yeah agreed
04:16 forrest ITChap: So on your solaris machine call python
04:16 echo Applied the same logic on omniOS machine and worked first time
04:17 ITChap forrest: done
04:17 forrest echo: Okay
04:17 forrest ITChap: ok now import socket
04:17 forrest `import socket`
04:17 forrest man wish that formatted in irc a bit
04:17 echo So ITChamp, you would want this: 127.0.0.1       myhostname localhost localhost.local loghost
04:17 ITChap done
04:17 iggy it's socket.getfqdn()
04:17 iggy no _
04:17 forrest iggy: yeah
04:17 ITChap >>> socket.getfqdn()
04:17 ITChap 'localhost'
04:17 forrest iggy: Had to double check the help, was on an old ass system
04:17 MTecknology My deployment... I did a minimal debian install, stripped out a lot of junk packages, install salt-minion, and created a script at /root/deploy. In the script, I make sure /etc/salt/minion_id is gone, set up /etc/salt/minion.d/id.conf, delete the minion key, delete ssh keys, and make sure /etc/network/interfaces has a static address assigned and then reboot
04:18 forrest ITChap: okay, so now can you put something int your /etc/hosts file in front of localhost, and try the same set of commands.
04:18 ITChap forrest: ok
04:18 MTecknology then one of the states will set up the rest of the specifics
04:18 forrest MTecknology: So much work
04:18 forrest MTecknology: ;P
04:19 seev my boostrap script is about 125 lines of bash
04:19 ITChap forrest: stille same
04:19 seev it does a lot of heavy lifting
04:19 ITChap forrest: still same
04:19 forrest probably need to restart nscd
04:19 iggy ITChap: did you exit the python shell and reopen it?
04:19 forrest this isn't a production system right?
04:19 forrest also a good point from iggy
04:19 ITChap iggy: yeah
04:20 ITChap not production
04:20 forrest ITChap: try pkill nscd
04:20 forrest should automatically restart
04:20 ITChap still same
04:20 ITChap after killin nscd
04:21 echo mmm
04:21 ITChap I also changed the line of ipv6 just in case
04:21 forrest ITChap: what does the hostname command return?
04:21 ITChap the fqdn
04:21 __number5__ ITChap: use ipython if you want a interactive debugger, http://docs.saltstack.com/en/latest/topics/development/modular_systems.html?#interactive-debugging
04:22 forrest ITChap: the fqdn that we set in /etc/hosts?
04:22 forrest or the one from sysconfig, or whatever the solaris equivalent is
04:22 ITChap forrest: the one I defined during provisionning
04:22 MTecknology forrest: it's pretty simple overall. To deploy a new server, I right click "Template-Debian7", click deploy and give it a name. Then I boot it, set the IP address info in /etc/network/interfaces and run ./deploy fqdn; and then the rest is done in salt states
04:22 forrest MTecknology: I know I am just joking with you
04:22 MTecknology :)
04:22 seev sounds like XenServer MTeck
04:22 MTecknology vmware
04:23 seev ooh, close
04:23 iggy it appears that on my system it's grabbing the first fqdn (name with dots) in /etc/hosts, if there isn't one, it grabs the first name in that file
04:23 echo Just to be clear, the name you are wanting to show is an FQDN, hostname.domain.tld, correct? Not just a hostname alone?
04:23 forrest ITChap: is there a /etc/nodename file?
04:23 MTecknology iggy: 2 oz hendricks gin, 1 oz kettle one, 1/2 lillet blanc, put in a shaker, shake, pour .. take piece of lemon peel and then rub the lip of the glass with it and then drop it in the glass.
04:23 forrest just going off some random solaris forums now
04:23 ITChap echo: yeah
04:23 seev I had to bake my own loosely-coupled bootstrap process since nodes boot in an autoscale group and you never know how many there will be or what their role is
04:23 iggy MTecknology: sounds good
04:24 iggy not a gin fan... but you know me and my vodka
04:24 echo let me paste my /etc/hosts file
04:24 echo from solaris
04:24 forrest echo: can you throw it in a gist
04:24 forrest echo: just so you don't get rate limited, and it doesn't look like shit
04:24 ITChap looks like there is more than on file to change
04:24 ITChap /etc/hosts
04:24 ITChap /etc/nodename
04:24 ITChap /etc/hostname.<interface>
04:24 iggy just need the first line really
04:24 MTecknology iggy: you'd love this .. worth a try
04:24 echo haha, I won't literally pase the whole thing, just the relevant line
04:25 forrest MTecknology: I've got a great drink as well, 2 parts H, 1 part O, ehh ehh?
04:25 iggy weak
04:25 forrest ITChap: maybe try updating nodename and see if that helps?
04:25 forrest iggy: Gotta keep the jokes going
04:26 ITChap forrest: nodename contains the fqdn from the provisionning
04:26 forrest ITChap: Hmm
04:26 MTecknology forrest: I utilize that drink in order to transfer coldness to mine
04:26 forrest MTecknology: heh
04:26 echo I apologize, my solaris host does NOT have any such FQDN setting in the /etc/hosts file
04:26 catpigger joined #salt
04:26 MTecknology echo: do you have the hostname command?
04:26 MTecknology Do you have /etc/hostname?
04:26 forrest echo: Okay, so the fqdn is being set somewhere else. Can you enter the python shell, import socket, and run socket.getfqdn()
04:26 ITChap nop
04:26 echo yes, I am checking to see where it is set
04:26 forrest echo: Cool
04:26 forrest ugh SOOLARIIISSSS!
04:26 forrest Never again will I work with solaris
04:27 forrest flashbacks
04:27 forrest of horror
04:27 echo I love it
04:27 ITChap forrest: why so ?
04:27 echo ZFS
04:27 echo for one
04:27 echo zone
04:27 ITChap Dtrace ?
04:27 seev do you love oracle
04:27 MTecknology solaris is off my plate as well
04:27 echo zones, for another. Linux container wish they could be zone
04:27 echo zones, for another. Linux container wish they could be zones
04:27 forrest ITChap: We ran super super old solaris systems, and they were very expensive to license. I could have run 100 centos machines for what we paid.
04:27 __number5__ https://www.google.com/search?q=solaris+hostname lol
04:27 echo the newest linux technology would be a 10+ year old solaris tech
04:27 ITChap forrest: Ok I see
04:28 forrest echo: I will agree with the zones, not sure I am sold on zfs
04:28 ITChap we can run linux container on SmartOS :)
04:28 MTecknology zfs seems acceptable
04:28 __number5__ apparently there is difference for hostname even between differen versions of solaris
04:28 forrest __number5__: yeah I saw some of those, not sure where get_fqdn pulls from though
04:28 echo I am referring to OpenSolaris, now either SmartOS or OmniOS
04:28 forrest echo: Ahh
04:29 MTecknology SmartOS is decent. I wouldn't use it for running Linux, though.
04:29 MTecknology SmartOS is sexy as crap for it's target
04:29 __number5__ MTecknology: smartos is not an OS?
04:29 BretFisher joined #salt
04:29 MTecknology huh?
04:30 amkread joined #salt
04:30 __number5__ what do you mean by "wouldn't use it for running Linux"?
04:30 echo In Solaris, /etc/nodename appears to be the correct place to set it
04:31 MTecknology If I wanted to run mostly Linux machines, I wouldn't use SmartOS, I'd use ProxMox
04:31 echo Yeah, I find the performance on a KVM to be basically a 30% hit compared to a Zone
04:31 MTecknology For Linux VMs, you'll just be using KVM and KVM is basically just KVM regardless of where you run it
04:31 amkread Trying to run [salt 'minion-id' system.set_computer_name 'DavesComputer'] on Ubuntu 14.04 Master results on it hanging there. Anyone experience this?
04:31 echo especially IO bound
04:32 forrest ITChap: Did you see what echo said? /etc/nodename
04:32 MTecknology On the other hand, Proxmox gives you OpenVZ containers
04:32 forrest amkread: Haven't seen that before, you might want to run -l debug to see if there is any debug output
04:33 MTecknology If you want to run mostly Illumos and such, then you want SmartOS. If you want to run mostly Linux, then you want Proxmox. If you want to run mostly Windows, then you should shoot yourself.
04:33 echo God willing, Salt will allow me to move my companies XenServers to Zones...
04:33 echo hahahahahah
04:34 echo SmartOS can be a pain with its non-standard system layout, read only global zone etc, couldn't get Oracle DB installed there...
04:34 MTecknology I'll never touch xen or xenserver again.
04:34 echo Seems like 6.5 is supposed to be better... *shrugs*
04:35 thayne_ joined #salt
04:35 echo any luck with that hostname change?
04:36 beneggett joined #salt
04:39 rdas joined #salt
04:41 sunkist joined #salt
04:42 echo ITChap: This also seemed to be a supported way to make the change. Probably better, as typically Solaris uses command utlities as opposed to direct file manipulation to do administrate: https://blogs.oracle.com/VDIpier/entry/solaris_11_changing_the_hostname
04:44 echo Sorry, I am new to IRC... could someone tell me how you are directing your message "at" someone, so it appears to highlight them?
04:45 badon_ joined #salt
04:46 forrest echo: You just mention their name
04:46 forrest so when you write forrest why are you typing these stupid messages
04:46 forrest I see it highlighted
04:46 forrest depends on your irc client too
04:46 echo forrest testing
04:46 forrest echo: Yes I see it
04:46 echo did that work?
04:47 echo huh, cool
04:47 echo thx
04:47 forrest yup
04:47 forrest np
04:50 chandankumar joined #salt
04:51 Vynce state.highstate test=True tells me this file will be changed, but doesn't show the contents, adn it's template rendered.  How do i see what the new contents would be?
05:01 iggy it only shows diffs for some states
05:05 beneggett joined #salt
05:06 MTecknology test=True is probably as good as it can possibly be, but I still wish it were better
05:12 amkread joined #salt
05:17 beneggett joined #salt
05:20 Furao joined #salt
05:21 vstoniest joined #salt
05:21 ITChap back
05:21 ITChap echo: I will check with the doc you sent
05:22 ITChap echo: the thing is that my hostname is setup correctly from a solaris point of view
05:22 echo ok, it seemed to work on my omnios host, so I imagine it will work for you
05:22 echo oh, I see
05:22 ITChap svccfg -s system/identity:node setprop config/loopback="my-host-name" might do it
05:23 echo give it a shot, let's see
05:23 ITChap svccfg: No such property group "config".
05:24 echo interesting
05:24 iggy linux fragmentation...
05:26 echo are you using Joyent SDC or Joyent public cloud?
05:26 echo or just SmartOS
05:26 ITChap none
05:26 ITChap yeah just smartos
05:26 echo huh, you installed salt from bootstrap?
05:26 ITChap nop
05:26 ITChap pkgin
05:26 otter768 joined #salt
05:26 ITChap and added the smf manifest from the boostrap script
05:26 echo right, and you set the hostname in the JSON file?
05:26 ITChap yeah
05:26 echo for the zone
05:26 echo ok
05:27 echo Let me see if I still have the smart machine I was messing around with salt on around..
05:27 beneggett joined #salt
05:31 Guest3316 left #salt
05:33 totte joined #salt
05:34 forrest joined #salt
05:35 echo in your zone, in the bash command line, is the host showing up as a UUID, or FDQN?
05:35 _ale1_ joined #salt
05:38 __ale__ joined #salt
05:40 ITChap joined #salt
05:42 dopesong joined #salt
05:42 echo ok, so in order to get the python: socket.getfqdn() to return the correct hostname, I needed to run the following on the smartmachine, in the zone
05:43 echo sm-hostname my.domain.tld
05:43 echo sm-reboot
05:43 echo I tried several other combinations and nothing else seemed to work
05:43 echo ITChap those are for you
05:44 ITChap ok I will give it a try
05:44 echo After that, delete the minion_id file, restart the salt-minion and see it should regen a proper id
05:46 iggy python2 -c 'import socket; print socket.getfqdn()'
05:46 iggy before you bother re-config'ing salt-minion
05:54 ITChap joined #salt
05:54 ITChap it works
05:54 ITChap thanks
05:56 colttt joined #salt
05:56 echo glad to hear it
05:57 dopesong joined #salt
06:02 stoogenmeyer_ joined #salt
06:02 jerematic joined #salt
06:06 chandankumar joined #salt
06:08 pavy joined #salt
06:14 flyboy joined #salt
06:15 AndreasLutro joined #salt
06:18 beneggett joined #salt
06:18 yuhl_work_ left #salt
06:18 chandankumar joined #salt
06:23 spookah joined #salt
06:23 mens_ joined #salt
06:24 zip_kid joined #salt
06:29 catpiggest joined #salt
06:29 __gotcha joined #salt
06:33 forrest joined #salt
06:37 aqua^mac joined #salt
06:41 hebz0rl joined #salt
06:41 catpigger joined #salt
06:49 dopesong joined #salt
06:50 Auroch joined #salt
06:52 stoogenmeyer__ joined #salt
06:52 dopesong_ joined #salt
06:57 trikke joined #salt
06:57 cberndt joined #salt
06:59 aqua^mac joined #salt
07:01 blankspace joined #salt
07:01 KermitTheFragger joined #salt
07:02 I3olle joined #salt
07:04 kawa2014 joined #salt
07:07 Romlok joined #salt
07:10 Karlthane joined #salt
07:15 linjan joined #salt
07:16 eseyman joined #salt
07:20 Norbell_ joined #salt
07:25 eseyman joined #salt
07:26 Furao joined #salt
07:27 otter768 joined #salt
07:31 ingwaem joined #salt
07:34 dendazen joined #salt
07:34 Norbell_ joined #salt
07:36 wicope joined #salt
07:37 wicope joined #salt
07:37 MatthewsFace joined #salt
07:43 bhosmer joined #salt
07:49 illern joined #salt
07:51 jerematic joined #salt
08:10 linjan joined #salt
08:15 asaladin_ joined #salt
08:17 bluenemo joined #salt
08:17 ckao joined #salt
08:25 pf_moore joined #salt
08:25 jrluis joined #salt
08:26 linjan joined #salt
08:26 CeBe joined #salt
08:27 keimlink joined #salt
08:30 favadi joined #salt
08:30 Xevian joined #salt
08:31 keimlink joined #salt
08:32 ktosiek joined #salt
08:33 glyf joined #salt
08:33 jhauser joined #salt
08:42 Furao joined #salt
08:42 ITChap joined #salt
08:44 linjan joined #salt
08:44 losh joined #salt
08:47 rdas joined #salt
08:48 JlRd joined #salt
09:00 Grokzen joined #salt
09:03 dendazen joined #salt
09:15 sl_ joined #salt
09:15 markm_ joined #salt
09:16 slav0nic joined #salt
09:16 slav0nic_ joined #salt
09:18 illern joined #salt
09:19 Norbell_ joined #salt
09:20 satish joined #salt
09:22 N-Mi_ joined #salt
09:24 wnkz joined #salt
09:24 Vynce joined #salt
09:26 TyrfingMjolnir joined #salt
09:27 MatthewsFace joined #salt
09:27 rubenb joined #salt
09:28 otter768 joined #salt
09:38 __gotcha joined #salt
09:38 fredvd joined #salt
09:40 jerematic joined #salt
09:51 zerthimon joined #salt
10:07 cberndt joined #salt
10:10 o5k joined #salt
10:15 gunzl1ng3r joined #salt
10:18 Twiglet the docs on the site not being for the latest stable release is infuriating
10:19 gunzl1ng3r hi all, I am having trouble copying a file from master to minions using "salt-cp". it tells me "Failed to authenticate" copying another file works fine, which makes me think it has something to do with the filesize (177M)? any hints on that one? ( v2014.7.1 as root on master & minions )
10:20 dendazen joined #salt
10:39 Norbell_ joined #salt
10:40 Norbell_ joined #salt
10:41 MK_FG joined #salt
10:46 giantlock joined #salt
10:47 aquassaut joined #salt
10:47 jhauser joined #salt
10:54 dfduran joined #salt
10:55 dRiN joined #salt
10:58 jwaibel joined #salt
10:59 mzbotr joined #salt
11:00 linjan joined #salt
11:02 evle1 joined #salt
11:03 masterkorp Hello
11:06 masterkorp I have the {% from "myformula/map.jinja" import mymap with context %}
11:07 masterkorp and then {% if myformula["myvalue"] is not defined %}
11:07 Furao http://docs.saltstack.com/en/latest/ref/states/all/salt.states.boto_vpc.html#module-salt.states.boto_vpc is a documented state that don’t exists :)
11:08 mzbotr I found this room, I've read your archives... you people do stuff I really like.
11:08 masterkorp there {% mymap["myvalue"] = salt["grains.get"]("fqdn") %}
11:10 keyser joined #salt
11:11 jwaibel hi there
11:12 jwaibel any hint why salt '*' state.highstate --state-output=changes still outputs the full data?
11:12 jwaibel i have set state_verbose: False and state_output: terse in the confi file
11:13 masterkorp Rendering SLS 'base:sensu.client' failed: Jinja syntax error: Encountered unknown tag 'sensu'. Jinja was looking for the following tags: 'elif' or 'else' or 'endif'. The innermost block that needs to be closed is 'if'.; line 4
11:13 masterkorp any ideas ?
11:15 mzbotr Is it sensible to think I can use salt to manage some vms deployed to some cpu0 hotplug/PCI-IOV enabled guest kernels for... uh... bitcoin mining?
11:15 masterkorp https://www.zerobin.net/?2cd1ee4a0d7410b6#HxN0GV0nj3bHLocFeSJ3MfTAsqYGF2pQi1mIhuPeuxs=
11:15 masterkorp any ideas ?
11:16 MatthewsFace joined #salt
11:16 * babilen should have never rolled out 2014.7.2
11:16 babilen The problems just don't end
11:17 babilen And it'll be at least a month before there are .4 packages and it is questionable if they fix anything
11:19 masterkorp hmm
11:19 jwaibel that is directed to whom?
11:19 masterkorp i am stuck any ideas
11:20 babilen jwaibel: Nobody in particular, people idling in #salt obviously
11:20 jwaibel ah ok
11:21 masterkorp how can i set map variables inside a formula ?
11:21 jwaibel the 2014.7.2 is whats installed here so i thought you might point to me
11:21 peters-tx joined #salt
11:21 jwaibel its what is coming from the debian repo
11:21 jwaibel any version suggestion with less problems?
11:22 babilen I see constant problems with "Minion did not return. [No response]" or "TypeError: string indices must be integers, not str"
11:22 babilen .1 was a lot better
11:22 jwaibel yeah minion did not return errors i see alot to
11:22 babilen .2 essentially rendered my entire salt infrastructure unusable
11:23 jwaibel well i am still at a point to set up a new environment. so i can easy switch to .1 :-)
11:23 jwaibel still at a learning stage
11:24 babilen masterkorp: "map variable" ?
11:24 keimlink_ joined #salt
11:24 masterkorp let me paste you the code
11:25 babilen masterkorp: You did that, but it looks as if you have a missing endif somewhere
11:25 jwaibel ups i just realized the 2.5k open issues at github
11:25 keimlink_ joined #salt
11:25 babilen jwaibel: A lot of them are questions or trivial things, but a few of them are genuine bugs
11:27 masterkorp babilen: https://www.zerobin.net/?f84abd37a393c2e8#I8+v2KueAblRYg4FHdIfUtjlxt1ZLmKE4wjrTC25q+E=
11:27 masterkorp babilen: i think nor
11:27 babilen masterkorp: You did not paste your sensu/map.jinja
11:28 babilen Oh, and you can't use "set sensu["name"]"
11:28 jwaibel anyway. time for a quick lunchbreak. more time to spend later
11:29 bhosmer joined #salt
11:29 jerematic joined #salt
11:29 masterkorp sure
11:29 otter768 joined #salt
11:29 babilen masterkorp: You might get away with a "{% do sensu["name"] = salt["grains.get"]("fqdn") %}", but why would you want to do that anyway?
11:29 babilen masterkorp: That should be done in map.jinja and handled as default
11:29 masterkorp babilen: https://www.zerobin.net/?9385e7a3d4536786#sz49bZG8hHxduIPQi97PVcMwFpa6SzfJ1fvgvyaktJE=
11:30 masterkorp i had them inside the set
11:31 keimlink joined #salt
11:33 masterkorp but it does not work
11:39 masterkorp babilen: any ideas ?
11:41 bhosmer joined #salt
11:41 masterkorp weirdly enough this works with salt masterless but not on production
11:42 masterkorp exactly same version on helium
11:51 amcorreia joined #salt
11:56 jeddi joined #salt
11:58 __gotcha joined #salt
12:03 viq joined #salt
12:03 viq joined #salt
12:04 emptyspace joined #salt
12:05 yuhl_work_ joined #salt
12:07 bhosmer joined #salt
12:07 blankspace joined #salt
12:14 jerematic joined #salt
12:15 brayn joined #salt
12:16 simon___ joined #salt
12:19 sl_ joined #salt
12:19 simon___ So I've been trying to debug the masterless minion with remote gitfs issue. Posted some more debugging info here https://groups.google.com/forum/#!topic/salt-users/m_hLPG-H__g and wondered if anyone had more ideas on how I coudl debug this?
12:22 ekristen joined #salt
12:24 sunkist joined #salt
12:24 simon___ it looks like in theory this issue is solved with  https://github.com/saltstack/salt/issues/6660
12:28 cmcmacken joined #salt
12:33 thehaven joined #salt
12:37 JlRd joined #salt
12:38 pdayton joined #salt
12:44 andrew_v joined #salt
12:46 Ligthert I've just updated salt-stack and now file.managed IDs start complaining about AttributeError: 'module' object has no attribute 'get_accumulator_dir' :s
12:46 __gotcha joined #salt
12:47 diegows joined #salt
12:48 renoirb joined #salt
12:51 EvaSDK joined #salt
12:52 lytchi joined #salt
12:52 otter768 joined #salt
13:00 JDiPierro joined #salt
13:00 lietu joined #salt
13:01 murrdoc joined #salt
13:03 dopesong joined #salt
13:07 linjan joined #salt
13:08 I3olle joined #salt
13:08 FeatherKing joined #salt
13:08 dopesong_ joined #salt
13:11 mhawkins joined #salt
13:11 mhawkins joined #salt
13:12 dendazen joined #salt
13:17 niseak joined #salt
13:18 Furao joined #salt
13:19 denys joined #salt
13:19 niseak left #salt
13:21 aphor joined #salt
13:22 jdesilet joined #salt
13:23 cpowell joined #salt
13:25 thayne_ joined #salt
13:26 fusionx86 joined #salt
13:26 mpanetta joined #salt
13:27 Tecnico1931 joined #salt
13:28 kusams joined #salt
13:30 racooper joined #salt
13:30 subsignal joined #salt
13:32 losh joined #salt
13:33 redzaku joined #salt
13:33 zwi joined #salt
13:33 rhodgin joined #salt
13:38 elfixit joined #salt
13:39 huddy joined #salt
13:40 bhosmer joined #salt
13:42 bhosmer_ joined #salt
13:44 Schmidt I want to trigger a deploy job from jenkins with some parameters specified, how, if possible, can I access the environment variables that jenkins passes over to the job?
13:44 Schmidt In a sls file
13:45 manfred using cmd.run?
13:45 manfred Schmidt:  http://docs.saltstack.com/en/latest/ref/states/all/salt.states.cmd.html#salt.states.cmd.run
13:45 manfred env:
13:45 manfred - VAR: something
13:45 bhosmer joined #salt
13:46 manfred etc
13:46 manfred and set the environment variables in the cmd.run
13:46 manfred or is there an actual jenkins state?
13:46 diegows joined #salt
13:46 Schmidt It's the other way around though, i want to get some environment variables, not set them.
13:47 manfred get them from what?
13:47 manfred like, run the script and do stuff?
13:47 manfred or get variables after it has run?
13:47 Schmidt jenkins passes build parameters as environment variables
13:48 manfred I am not sure that it is going to be able to do that
13:48 Schmidt alright, I didn't find anything in the docs, that's why I asked :)
13:48 manfred yar
13:48 bhosmer_ joined #salt
13:48 Schmidt thanks for the help :)
13:48 manfred np
13:53 chandankumar joined #salt
13:53 InAnimaTe joined #salt
13:55 perfectsine joined #salt
13:56 timoguin joined #salt
13:56 wicope joined #salt
13:56 penguin_dan joined #salt
13:59 bhosmer joined #salt
14:02 I3olle_ joined #salt
14:06 bmac2 setting up salt-ssh to get data from some firewalls and switches.  set up the roster file with 3 items to test, and I keep getting retcode: 255 when I run stuff like test.ping
14:06 bmac2 is that a password issue?
14:07 murrdoc 255 is when you cant connect to the server
14:08 murrdoc try to ssh to the server, and ping
14:08 bmac2 I am betting the password I used isn't right
14:08 bmac2 I can ssh to switch
14:08 bmac2 I am in it now
14:08 bmac2 betting either the user or hte password in our keepass is wrong
14:08 murrdoc ooh a switch ?
14:09 bmac2 yep, we got salt all set up with minions on the servers, just trying to pull data from our pfsense firewalls and our cisco switches
14:09 murrdoc http://tldp.org/LDP/abs/html/exitcodes.html
14:09 bmac2 using salt-ssh
14:09 murrdoc that sounds pretty cool
14:09 murrdoc is the port always the same ?
14:09 murrdoc like does ssh goto 22 for switches and pfsense ?
14:09 bmac2 yes unless you change it
14:10 bmac2 my home pfsense is on a totally different port
14:10 bmac2 most cisco switches are on port 22
14:10 murrdoc are you running a script or a command ?
14:11 bmac2 salt-ssh  '*' test.ping
14:11 bmac2 just to test connection
14:12 JDiPierro joined #salt
14:13 murrdoc weird
14:13 murrdoc i mean it could be password
14:13 murrdoc but i do want to know what you find out man
14:13 AndreasLutro what version are you on bmac2 ?
14:13 murrdoc this is stupid interesting
14:14 bmac2 [root@ut-salt-01 salt]# salt-ssh --version
14:14 bmac2 salt-ssh 2014.7.1 (Helium)
14:14 bmac2 [root@ut-salt-01 salt]#
14:14 bmac2 on Centos
14:15 __ale__ left #salt
14:15 bmac2 [root@ut-salt-01 salt]# salt-ssh  '*' test.ping
14:15 bmac2 lehi-core2:
14:15 bmac2 ----------
14:15 bmac2 retcode:
14:15 bmac2 255
14:15 bmac2 stderr:
14:15 bmac2 Connection closed by 10.0.0.2
14:15 bmac2
14:15 bmac2 stdout:
14:15 bmac2 Password:
14:15 bmac2 Password:
14:15 bmac2 Password:
14:16 bmac2
14:16 bmac2 it is like it is trying the password 3 times
14:16 bmac2 and failing
14:16 Ligthert Just.. please.... use some pastebin like gist.gitbucket.com
14:16 StDiluted joined #salt
14:16 Schmidt bmac2: did you add the passwd: part to the roster file?
14:16 kaptk2 joined #salt
14:16 Schmidt or are you using keys?
14:16 bmac2 yep
14:17 bmac2 can't really upload a key file to a cisco switch
14:17 Schmidt have you specified the path to the key, or is it in ./salt-ssh.rsa ?
14:17 Schmidt ah alright, passwords it its
14:17 thayne_ joined #salt
14:17 murrdoc bmac2:  can u put the roster config on gist
14:17 murrdoc link in subject
14:18 iggy pasting here is fine
14:18 * iggy runs
14:18 murrdoc hahaha
14:18 Schmidt clogs the tubes to much :&
14:18 hasues joined #salt
14:18 murrdoc iggy getting his troll in Schmidt
14:18 murrdoc april 1 and all that
14:19 Schmidt =)
14:19 Schmidt Is there a introductory thing for using the salt api with python somewhere ?
14:20 murrdoc github.com/saltstack/pepper might be a good read
14:20 murrdoc also the doc on cherrypy and salt-api is +1
14:21 scoates if I have a whole bunch of nodes that are identical (for some value of identical), is there a good way to have the saltmaster manage the same-named nodes? can I use open mode for this, maybe, even though the docs suggest that open mode should be temporary?
14:21 hasues left #salt
14:24 debian112 joined #salt
14:25 dyasny joined #salt
14:26 emaninpa joined #salt
14:29 pdayton joined #salt
14:29 ccarney_ROCC joined #salt
14:30 fusionx86 joined #salt
14:30 bhosmer joined #salt
14:31 mt joined #salt
14:31 dude051 joined #salt
14:33 rojem joined #salt
14:35 pdayton1 joined #salt
14:37 niseak_ joined #salt
14:40 jalbretsen joined #salt
14:42 TheLoeki joined #salt
14:43 ek6 joined #salt
14:43 perfectsine joined #salt
14:45 Deevolution joined #salt
14:45 conan_the_destro joined #salt
14:46 ujjain joined #salt
14:46 murrdoc you could write a super simple reactor job scoates
14:46 murrdoc like the example in the docs
14:46 scoates link please? my concern was more for the idea that salt might not be able to deal with different nodes of the same name.
14:47 fusionx86 joined #salt
14:47 vieira joined #salt
14:48 murrdoc the nodes need to have different minion id
14:48 murrdoc http://docs.saltstack.com/en/latest/topics/reactor/#a-complete-example
14:50 vieira Hello, how should I structure my pillar/state to support multiple nagios servers?
14:51 vieira e.g., a group of minions have nrpe with one allowed_host, and other group has other allowed_host
14:53 iggy scoates: autosign (auto accept's minion_ids/hostnames based on patterns... note a minion can report it's minion_id as whatever it wants)
14:53 vieira would it be OK to structure by nagios pillar as nagios: <host1>: nrpe: configs; <host2>: nrpe: other configs
14:53 vieira or is this a bad practice
14:53 murrdoc yeah thats fine
14:53 * scoates nods
14:53 MatthewsFace joined #salt
14:53 scoates thanks iggy murrdoc
14:53 renoirb joined #salt
14:53 murrdoc other option is have nagios pillar have nagios: type1:configs and nagios:type2:configs
14:53 murrdoc and int he host pillar, pick the flavor you want
14:54 babilen vieira: It really depends on what you want to do. If you have two relatively static classes of nodes then I would simply target two completely different pillars to them (e.g. nagios/class1.sls and nagios/class2.sls)
14:55 babilen So they all use nagios: as pillar key and simply have the correct configuration in there
14:55 iggy ^
14:55 vieira :D thanks, I will do it that way
14:55 iggy that's what we do (not nagios, collectd/graphite, but same idea)
14:55 babilen Are you aware of https://github.com/saltstack-formulas/nagios-formula ?
14:55 timoguin joined #salt
14:56 vieira babilen: Yes, I am not using yet because I am still learning and want to understand the concepts better before jumping in something so complex (at least it looks complex to me now xD)
14:56 redzaku joined #salt
14:56 vieira although I go there to steal ideas :P
14:57 vieira but in this case I don't think it would solve the problem, right? it looks like it only supports one host, right?
14:58 teskew joined #salt
14:58 thayne_ joined #salt
14:58 iggy it's all about the pillar targeting
14:58 iggy you don't need specific support from the formula/states if your pillars are targeted correctly
14:59 zircote joined #salt
15:00 ipmb joined #salt
15:00 perfectsine joined #salt
15:00 murrdoc formula/states should be dumb
15:00 murrdoc and should be fully configured from the pillar
15:00 murrdoc that way any overrides u need, you put that logic in the pillar targeting
15:00 murrdoc like iggy said
15:00 babilen I use that with a relatively complex pillar that looks like: https://www.refheap.com/2a25f1a60f014f821a533c054
15:00 murrdoc i hate it
15:00 murrdoc (i dont)
15:00 babilen vieira: I use that with a relatively complex pillar that looks like: https://www.refheap.com/2a25f1a60f014f821a533c054
15:01 murrdoc you can do similar now in yaml, by using the !aggregate stuff
15:01 babilen Yeah
15:02 vieira that sounds very good, but for someone like me, who is still learning, it looks so complex :S
15:03 bhosmer joined #salt
15:04 babilen I will now have to debug all the painful things I am facing due to 2014.7.2 -- I am seeing plenty of "Minion did not return. [No response]" and "TypeError: string indices must be integers, not str" errors that essentially mean that salt is completely broken
15:04 babilen Did any of you guys run into that with .2 (.1 was fine) ? It seems to be hard to debug and the causes for these errors aren't clear yest so I am probably in for a long night/week
15:05 masterkorp On gitFS how do I salt to use a specific branch for a repository =?
15:05 Workflow joined #salt
15:05 clintberry joined #salt
15:06 Workflow Hi, is it possible to use yumpkg.group_install inside a state?
15:06 manfred masterkorp:  should correspond to the saltenv=
15:06 masterkorp manfred: can't i look to a tag ?
15:06 masterkorp *lock
15:06 manfred http://docs.saltstack.com/en/latest/topics/tutorials/gitfs.html#branches-environments-and-top-files
15:06 manfred that i do not know.
15:06 masterkorp thanks
15:06 manfred it might?
15:07 manfred i am not sure if the saltenv is locks to any ref, or just to branches
15:07 Eureka_ joined #salt
15:08 vieira babilen: "TypeError: string indices must be integers, not str" yep, but also in .1 so I don't know if it is the same bug you are hitting
15:09 vieira babilen: I have reported it here: https://github.com/saltstack/salt/issues/22152#issuecomment-87767905
15:09 Workflow Is it possible to use kg.group_install inside a state?
15:10 manfred Workflow:  check out the module.run state
15:10 scbunn joined #salt
15:10 manfred http://docs.saltstack.com/en/latest/ref/states/all/salt.states.module.html#salt.states.module.run
15:10 Workflow Thank you manfred
15:10 manfred if there isn't a state that directly applies to a module, you canuse module.run plus unless or onlyif or something else to make it idempotent
15:11 _JZ_ joined #salt
15:12 bmac2 murrdoc, that was a password issue
15:12 Workflow Much appreciated manfred (:
15:12 bmac2 when it threw the 255 error
15:12 manfred no problem :)
15:13 smcquay joined #salt
15:13 Qlus joined #salt
15:14 babilen vieira: It *must* be something more generic as it simply can't be a surprise that it is being triggered all the time now
15:14 wnkz joined #salt
15:14 babilen vieira: Confer https://github.com/saltstack/salt/issues/21480
15:15 murrdoc bmac2:  good call, thanks for leting me know
15:15 murrdoc bmac2:  what all are you doing with the cisco switches
15:15 murrdoc we are wroking on a proxy minion to talk to the junos switches
15:15 bmac2 I just want to figure out how to pull the basic info from them
15:15 bmac2 using salt
15:16 bmac2 this is more of a learning experience for me
15:16 babilen I'm consistently getting "Minion did not return. [No response]" on one setup now (and yes, ping before works fine, ...)
15:16 bmac2 we just started  using salt, so we just set up all the servers with minions
15:16 vieira babilen: I also have that problem
15:16 babilen Wonderful
15:17 vieira babilen: Increasing the number of CPUs on the master helped
15:17 arca joined #salt
15:17 vieira but I am new with salt, so I don't know if it is normal the amount of resources I allocated
15:17 vieira or if it some kind of regression
15:17 babilen vieira: I've done that already and also increased worker_threads - How many minions do you have and how many cores?
15:18 vieira about 30 minions
15:18 vieira 1gb ram
15:18 vieira 2 cores
15:18 babilen salt has been running fine on that hardware for a while, but the number of minions increased
15:18 vieira I had 768mb ram and one core with 10 minions, worked fine
15:18 vieira when I increased from 10 to about 30
15:18 vieira the problems started
15:18 babilen I have 8 cores for roughly 600 minions in that setup
15:19 babilen I might bump that up to 16
15:19 vieira wow at that kind of scale I have no idea
15:19 Qlus Hello, new salt user here, I am trying to apply a state but I get an error "    ID 'ldap_sync' in SLS 'ldap' contains a short declaration (file.managed) with a trailing colon. When not passing any arguments to a state, the colon must be omitted."
15:20 Qlus I am not sure what I am doing wrong
15:20 arca Hi everyone :) Anyone could take a look to my issue ? The comment isn't clear to me... : https://gist.github.com/arca223/6f545b8958944477765c     Thanks
15:21 dopesong joined #salt
15:22 Workflow Can someone give me some advise here? https://gist.github.com/anonymous/1bb73501bd6bf4a19a44
15:22 dopesong_ joined #salt
15:25 Eureka_ @workflow: you should have "Development Tools" where you have "Development tools".
15:26 Workflow Eureka_, I get the same issue, either way.
15:26 Eureka_ Darn =/ Ill look over it a little more.
15:27 Workflow Ill grab a trace, see what it's actually doing also. *sigh(
15:28 ndrei joined #salt
15:29 Workflow I found the issue Eureka_ *faceplam*
15:30 arca Nobody has an idea for : https://gist.github.com/arca223/6f545b8958944477765c ?
15:31 fusionx86 joined #salt
15:31 Eureka_ ;)
15:32 murrdoc arca u need to do
15:32 murrdoc - context:
15:33 murrdoc eth0: {{ salt['grains.get']('ip_interfaces:eth0') }}
15:33 arca Yea indeed !
15:33 arca it's context : ip:
15:33 arca Right, I forgot to put the context name from the file :)
15:33 arca Thanks!
15:33 murrdoc its in the error
15:33 murrdoc also http://yaml-online-parser.appspot.com/
15:34 murrdoc paste in your pure yamls there to make sure they render as valid yamls and dictionaries
15:34 murrdoc when possible
15:34 arca quite useful thx
15:34 arca i'll try it out
15:34 losh_ joined #salt
15:37 arca murrdoc, do you happen to know any other way to get my grain value ? It returns me ['VALUE'] instead of just value
15:38 babilen vieira: fwiw, increasing cores to 24 and bumping RAM to 12G lets me run relatively painless with a batch size of 25% (haven't tried larger batches yet)
15:38 murrdoc in the template ?
15:38 arca yep
15:38 Workflow arca, from the CLI you can do 'salt '$server' grains.item <grain>
15:38 babilen Now, if only those "TypeError encountered executing state.sls: string indices must be integers, not str." would go :)
15:39 vieira babilen: good to know :D
15:39 beneggett joined #salt
15:40 arca workflow, the result with item returns me {}, I did {{ salt['grains.item']('ip_interfaces:eth0') }}
15:41 arca I can't use the CLI commands
15:41 iggy {{ salt['grains.get']('ip_interfaces:eth0')|first }}
15:41 iggy maybe
15:41 arca nice iggy :)
15:41 babilen definitely
15:41 arca seems to work nice
15:42 arca yea perfect ^^ thanks
15:42 babilen I would, however, not use ip_interfaces, but use network.ip_addrs
15:42 babilen (unless you *really* care about that interface, but typically you want the address in a specific network and it really doesn't matter which interface it is)
15:43 arca I basically want the ip of my server
15:43 arca though it'd be good to pick it from the grains
15:43 babilen "the ip" ? Which one do you refer to?
15:44 iggy 127.0.0.1
15:44 babilen http://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.network.html#salt.modules.network.ipaddrs is what I am referring to
15:44 arca Nope, the one from my network
15:44 o5k_ joined #salt
15:45 arca which goes through the interface eth0
15:45 babilen Are you sure that it will, forevermore, be on eth0 ?
15:45 arca Ah right, it can also be on em1
15:45 arca Indeed, it's wrong to use eth0
15:46 babilen I've simply seen setups in which it was a massive pain because the people hardcoded interfaces everywhere, so they started with "but we need ip foo on interface bar!!!!"
15:46 babilen Which is why I would advocate to keep that information in the salt mine (for all minions) and filter by network
15:46 Ligthert ( I still have to play with salt mine :-( )
15:47 arca Never used the salt mine (i'm quite new)
15:47 babilen arca: Do you use a specific CIDR range for that network?
15:48 arca I got no idea sry ^^
15:48 arca I'm just editing the iptables
15:48 babilen arca: Are all your addresses from a specific IP range?
15:48 arca I don't have much info on the network, but yea i'm pretty sure it has a specific range
15:49 timoguin_ joined #salt
15:49 gladiatr joined #salt
15:49 rlarkin joined #salt
15:49 babilen arca: Okay, I'll give a generic example then
15:51 zircote joined #salt
15:51 kusams joined #salt
15:52 arca Well it's ok you don't need to explain me this much, I doubt I've knowledge to go this deep ^^'
15:52 jwaibel joined #salt
15:54 babilen arca: https://www.refheap.com/99128 is the idea here -- Read http://docs.saltstack.com/en/latest/topics/mine/ for more details
15:54 MatthewsFace joined #salt
15:54 arca Ok i'll take a look :) thanks for the help
15:54 Grokzen joined #salt
15:58 zwi joined #salt
16:00 RedundancyD joined #salt
16:01 clintberry joined #salt
16:04 cansis This is a very general question, but I can't seem to quickly get a read on it:
16:04 cansis I'm a puppet guy of several years, looking to switch to Salt
16:04 cansis one of the things I really like about puppet is the Forge - so much has already been written module-wise
16:05 cansis and most of it is so mature
16:05 Norbell_ joined #salt
16:05 cansis What would be the correlary of a "puppet module" in Salt, and is there some central location where I could go see what % of the modules I'm needing are already available?
16:06 timoguin cansis: check out the saltstacks-formulas organization on Github.
16:06 timoguin That's the closest you'll get for now.
16:06 timoguin http://github.com/saltstack-formulas
16:07 raygunsix joined #salt
16:07 mike25de left #salt
16:07 writtenoff joined #salt
16:08 cansis so a "formula" is the same general concept as a puppet module (if you're not familiar with puppet, a module is basically a plugin for working with a particular piece of software; say, installing apache and configuring vhosts and apache.conf settings)
16:08 cansis i'll take a look and hopefully answer my own question
16:08 cansis i'm looking for a good newbie tutorial on salt. already have salt-cloud and a master setup, but i have yet to start interacting with the minions i've spun up
16:08 timoguin cansis: correct. the idea is the should work across multiple distros and only need to be configured via Pillar data.
16:08 writtenoff_ joined #salt
16:09 timoguin They're not all like that yet. The design is still being figured out.
16:09 cansis Sounds like puppet's conversion to Hiera
16:10 cansis although I think hierarchical configuration / inheritance of roles seems to be better prepared for from the get-go with Salt (from my limited understanding)
16:10 timoguin Pillar would be the Hiera equivalent, kind of.
16:10 cansis or possibly more PuppetDB, now that I'm looking at it
16:10 timoguin There's actually a Hiera external pillar too, to allow pulling that data from Hiera.
16:11 iggy some of the formulas are top notch... some are dead simple... some of them should be taken out behind the shed and shot
16:11 o5k__ joined #salt
16:11 iggy we welcome suggestions, feature requests, PRs, etc.
16:11 cansis salt seems to include by default a lot of the add-ons that are required to make puppet really useful (PuppetDB, Hiera, MCollective)
16:11 cansis iggy: if i choose salt, i'll be contributing heavily
16:11 murrdoc1 joined #salt
16:12 cansis i just need to make sure there's enough there to not back myself in a corner for now with my existing infrastructure
16:12 murrdoc1 joined #salt
16:12 cansis the other concept i'm struggling with is how to leverage grains vs. pillar
16:12 basepi MTecknology: i can't, but I'll ping the guy who can. =)
16:13 iggy grains describe how a host exists currently (and are set by the minion itself)... pillars describe how you want the minion to look eventually (and are set by the master)
16:13 babilen cansis: Do you have any particular question or issue regarding grains or pillars ?
16:13 robothands cansis: pillar is also good for sensitive data as it can't be read by minions. so transferring passwords etc
16:13 babilen Or are you simply unsure as to what is what and what you would use them for in general?
16:13 iggy that's one way to look at it anyway
16:13 cansis babilen: yes. so, in my puppet setup, i would key off hostnames of clients instances (i.e. papp01 would be a production app server). i could then assign what's called a top scope variable ($::role and $::environment) based on that hostname alone
16:14 babilen go on
16:14 cansis then Hiera would apply configuration sets based on those two items
16:14 iggy pillars are also generally used for sensitive info (owing to their being targeted at specific minions and not accessible outside those minions)
16:14 tzero joined #salt
16:15 cansis That was on Google Compute Engine where everything is beautiful. I'm now on AWS where hostnames are pretty useless for determining anything about a new instance that is checking in with the saltmaster
16:15 murrdoc joined #salt
16:15 cansis (other than maybe which private CIDR block they're in, say 10.0.1.0/24 denotes a staging environment)
16:15 robothands you can just set the salt minion id though and the hostname is unecessary for targeting then
16:15 iggy you can set roles based off the hostname if you want (in the top file, assign the roles pillar to the host)
16:16 ek6 cansis: for me the only grounded reality is id  nothing else can be trusted... ymmv
16:16 babilen cansis: You'd do, more or less, the same in salt too. I have no experience with hiera, but you can use that as external pillar in salt so information in there would be available to you. The main problem arises if you don't want to target things based on hostnames, but on other groups.
16:16 cansis robothands: could you expand a bit on that? i did have a breakthrough yesterday when i realized that salt-cloud will provision a host and somehow that host is recognized by a useful name on the saltmaster, even though it still has the "ip-10-0-1-0" hostname format when you SSH in
16:17 iggy or you can use grains for roles if you trust your minions (i.e. minions set grains to whatever they want, and there are no checks to verify)
16:17 babilen cansis: One important thing to keep in mind is that grains are generated on the minion and therefore not trustworthy! You shouldn't make sensitive information available solely based on the value a minion reports for a grain
16:17 iggy cansis: if you are using aws https://github.com/saltstack/salt-contrib/tree/master/grains
16:17 murrdoc babilen:  u say that
16:17 robothands cansis: sure. you can change /etc/salt/minion_id and the salt-master will then use that ID for the server. that could be useful on your AWS environment
16:17 iggy custom grains modules to set roles equal to the ec2 tags, etc.
16:17 timoguin cansis: what robothands is getting at is that the minion id doesn't have to be the hostname
16:17 cansis babilen: ah! excellent point there. an intrusion could easily reveal all of your pillar data
16:17 murrdoc but i dont think its valid all the time
16:17 babilen Aren't there nice custom grains for EC2?
16:17 murrdoc grains are fine for decisions in pillars
16:18 murrdoc if you are enforcing the grains
16:18 babilen Ah, iggy linked that already :)
16:18 KyleG joined #salt
16:18 cansis iggy: looking...
16:18 KyleG joined #salt
16:19 babilen cansis: Salt is really quite powerful and with all the external pillars even more powerful and versatile. It is probably a bit daunting to wrap your head around it at first (and for some time to come), but a lot of things make sense and complement each other nicely
16:19 cansis haha, this gives me a kick: https://github.com/saltstack/salt-contrib/blob/master/grains/facter.py
16:20 cansis babilen: i have that feeling, which is why i'm investing lots of time to explore it. i feel that puppet is falling behind the curve rapidly
16:20 beneggett joined #salt
16:20 cansis and i'm avoiding chef because i really like everything to be idempotent by default
16:20 cansis ;)
16:20 iggy puppet is great if you want to pay for the enterprise version
16:21 dopesong joined #salt
16:21 iggy I like to think I pay for my software in other ways (such as spending entirely too much time in here answering questions)
16:21 KennethWilke joined #salt
16:21 * babilen chuckles
16:21 babilen guilty of that
16:21 murrdoc saltstacks gui is paid only
16:22 murrdoc the guys gotta paid somehow
16:22 babilen (or contributing back to formulas/salt even though it is a lot more work to do that than maintaining your own fork)
16:22 __gotcha joined #salt
16:22 murrdoc i dont mind the paid option
16:22 MTecknology basepi: thanks!
16:22 theologian joined #salt
16:23 iggy as long as it's just a gui (that wouldn't help me anyway as my setup is pretty weird) and some modules for a bunch of hardware I can't afford anyway... I'm cool
16:24 * timoguin wonders what the pricing for enterprise is like now.
16:24 iggy we were looking at that at the conf... I think the closest answer we came up with was... "silly"
16:25 iggy but less silly than puppet/chef
16:25 timoguin It was per minion when I asked about a year ago or so.
16:25 timoguin I do like how the enterprise version dumps all event data into a database, like salt-eventsd does.
16:25 aparsons joined #salt
16:25 iggy I dump it all in graphite
16:25 babilen god .. I want beacons
16:25 * iggy hugs his beacons on 2015.2
16:26 murrdoc salt-eventsd has a db behind it ?
16:26 murrdoc or can have a db behind it ?
16:26 timoguin murrdoc: well yea that's the whole idea.
16:26 babilen (context: http://docs.saltstack.com/en/latest/topics/releases/2015.2.0.html )
16:26 murrdoc nice
16:26 murrdoc thats one place where puppet and chef beat saltstack
16:26 murrdoc the data store with a rest interface
16:26 jeremyr joined #salt
16:27 murrdoc puppetdb is sweet, postgres backed, all interaction is rest and json
16:27 cpowell joined #salt
16:27 timoguin salt enterprise is mariadb in the back, from what i learned at the conference
16:27 murrdoc yeah
16:29 ndrei joined #salt
16:30 _prime_ joined #salt
16:31 MatthewsFace joined #salt
16:31 MatthewsFace joined #salt
16:33 cansis murrdoc: i have a lot of non-technical folks who would like a gui. is that out with 2014.7.2? or is that in the RC?
16:33 cansis *current RC
16:34 murrdoc cansis:  no guis as such, but you could explore salt-pad
16:34 cansis googling...
16:35 niseak joined #salt
16:37 bhosmer joined #salt
16:39 borgstrom joined #salt
16:40 amcorreia joined #salt
16:40 signull joined #salt
16:42 cansis Not bad. I'll have to contribute to that if I end up using it
16:42 spookah joined #salt
16:45 desposo joined #salt
16:45 wendall911 joined #salt
16:46 davet joined #salt
16:47 desposo joined #salt
16:49 jerematic joined #salt
16:54 scoates this is not super clear: http://docs.saltstack.com/en/latest/ref/states/startup.html should `startup_states: highstate` be in the minion config?
16:55 bluenemo joined #salt
16:55 bluenemo joined #salt
16:56 ek6 murrdoc: yes im easily amused but google decided to throw me ads for himalayan salt therapy's  for my salt-pad search
16:56 murrdoc :D
16:57 iggy scoates: yes
16:58 scoates thanks
16:59 chiui joined #salt
17:02 basepi MTecknology: should be fixed now. =)
17:05 rem5 joined #salt
17:05 rem5 hey folks. Is there a way to use static ip addresses in a salt-map?
17:06 patrek joined #salt
17:07 dude051 joined #salt
17:09 druonysus joined #salt
17:09 o5k_ joined #salt
17:10 sxar joined #salt
17:14 amcorreia joined #salt
17:14 wnkz joined #salt
17:20 kunit joined #salt
17:20 kunit does anyone have a example of a regex in a if statement in jinja2?
17:21 aparsons_ joined #salt
17:22 wnkz joined #salt
17:23 linjan joined #salt
17:24 StDiluted Does anyone have any ideas on how I might output a ‘System Configuration’ document that shows what salt does to a particular system when it’s highstated?
17:27 spookah joined #salt
17:28 rojem joined #salt
17:29 MTecknology basepi: Thanks! Considering it was my first presentation ever, I'm happy with how it went. :)
17:29 germs_ joined #salt
17:29 basepi MTecknology: I haven't watched it yet, but I'm sure you did awesome!
17:30 zircote StDiluted: have you looked at http://docs.saltstack.com/en/latest/ref/returners/
17:30 germs_ left #salt
17:30 StDiluted zircote: yeah, but I’m not looking to actually do a highstate to produce this
17:30 StDiluted so I don’t want it to be something that is returned from a highstate run
17:31 StDiluted more of a document that a layperson could read to understand what configuration changes are made to a computer by Salt
17:32 murrdoc joined #salt
17:32 Vynce joined #salt
17:32 MatthewsFace joined #salt
17:34 cpowell joined #salt
17:37 rem5 hey folks. Is there a way to use static ip addresses in a salt-cloud map?
17:37 diegows joined #salt
17:38 vieira Specified SLS 'nagios.nrpe.service1' in environment 'base' is not available on the salt master. I have nagios: nrpe: service1:    key: value in /srv/pillar/nagios/nrpe.sls
17:38 vieira do I need to do something else?
17:40 Vynce vieira: I suspect you're going to have to paste some config files
17:40 vieira Vynce: do the structure of pillars have to be the same of states?
17:41 vieira I only have one nagios state
17:41 vieira but I would like to have two different pillars applied to that state
17:41 vieira depending on the host
17:41 vieira I am thinking about it in a wrong way?
17:41 vieira *Am I
17:42 smcquay joined #salt
17:44 gasbakid joined #salt
17:45 Vynce dunno; out of my depth. but it sounds like your top is looking for an SLS file you don't have, and i suspect that for anybody to help you, they'll need to see the top.sls at least
17:46 aparsons joined #salt
17:46 vieira the pillar/top.sls
17:46 vieira ?
17:47 refnode_ joined #salt
17:47 timoguin joined #salt
17:49 jhauser joined #salt
17:49 refnode_ Hi, short question, is there a standard where to put python functions inside a formula to call it from sls files?
17:49 dude051 joined #salt
17:49 Eugene joined #salt
17:51 murrdoc _module or _state or _grains and so on
17:51 murrdoc assuming the formula dir is in your file roots
17:52 refnode_ Ok
17:57 aphor joined #salt
18:06 rickflare guys how do you declare a varible in a state and reference it in another state?
18:06 giantlock joined #salt
18:07 spookah joined #salt
18:08 Vynce1 joined #salt
18:08 spookah are there any stats on what percentage of fortune 500 companies are running salt vs puppet vs chef?
18:11 TyrfingMjolnir joined #salt
18:13 LtLefse I'd guess 100% are running Salt, 100% are running Puppet, and 100% are running Chef :)
18:14 rickflare guys how do you declare a varible in a state and reference it in another state?
18:15 baweaver joined #salt
18:16 timoguin joined #salt
18:16 ndrei joined #salt
18:16 murrdoc joined #salt
18:16 seev joined #salt
18:17 manfred rickflare: might be worth checking out __context__
18:17 manfred http://docs.saltstack.com/en/latest/topics/development/dunder_dictionaries.html#context
18:19 MatthewsFace joined #salt
18:19 rem5 joined #salt
18:19 rem5 hey folks. Is there a way to use static ip addresses in a salt-cloud map?
18:19 Edgan joined #salt
18:21 iggy kunit: you can't... what are you trying to do
18:21 murrdoc rem5:  you could email the mailing list, i dont think anyone here can hook u up
18:22 diegows joined #salt
18:22 ja-s joined #salt
18:22 rem5 will do. thanks @murrdoc
18:22 kunit iggy:  I'm trying to select a yum.repo file based on hostname
18:22 Gareth Deevolution: ping
18:22 spookah is a node a vm/server?
18:22 kunit yes
18:23 kunit now, I'm trying custom grains
18:23 msheiny joined #salt
18:24 bhosmer joined #salt
18:24 scbunn joined #salt
18:25 JDiPierro joined #salt
18:26 JDiPierro Is there a way to have salt render the jinja in an sls file and output the resulting yaml before parsing it? I'm getting 'render error: while parsing a block mapping' when salt tries to render a state.
18:26 aphor joined #salt
18:26 rickflare manfred
18:27 rickflare all I want to do is have a varible a=12 in my init.sls then in my layout.sls I want to be able to call the varible a
18:27 baweaver joined #salt
18:29 manfred that might work, if you are including the layout.sls file in the init.sls
18:29 manfred include:
18:29 manfred - .layout
18:29 KennethWilke rickflare i think the jinja import stuff can get you what you're looking for
18:29 manfred because then it would render the highstate and put them together maybe?
18:29 KennethWilke http://docs.saltstack.com/en/latest/topics/best_practices.html#modularity-within-states
18:29 forrest joined #salt
18:30 KennethWilke the 5th code block under this section has an example
18:31 KennethWilke also: http://jinja.pocoo.org/docs/dev/templates/#import-visibility
18:31 kusams joined #salt
18:31 andreyst joined #salt
18:31 rhodgin joined #salt
18:31 kusams joined #salt
18:32 iggy kunit: {{ if 'text' in grains['nodename'] }} {{ if grains['nodename'].beginswith('something') }} etc
18:33 kunit rgr, ty iggy
18:33 iggy you can use normal python constructs and string operators, but not regexes
18:40 Deevolution Gareth: Just got back.
18:41 Deevolution Gareth:  I saw your note.  I'll see if I can find any environmental issues with how my setup is running.
18:42 Gareth Deevolution: You don't see the jobs running at all right?  If you're running in Debug mode, you see nothing?
18:42 Deevolution Gareth:  The 'seconds' job runs fine.  No job I setup using a 'cron-based' definition shows up ever.
18:43 niseak_ joined #salt
18:43 Deevolution I guess I'm wondering if there's something in the way my server is setup is mucking with it?
18:43 Gareth Deevolution: shouldn't be...
18:46 Deevolution Not sure what else this could be...  It's pretty consistent for me.
18:46 Gareth Deevolution: probably unrelated, does schedule.list work for you on that machine?
18:47 aphor more https://youtu.be/hNVu55ZyC-Y something in the way or https://youtu.be/UKAp-jRUp2o something ?
18:49 Deevolution Gareth:  It does.  It's always worked.  But when I look at the code for that, it looks to me like it cribs the data from Pillar rather then looking at what is actually scheduled.
18:49 Gareth Deevolution: was just curious, I had an issue in the centos machine I spun up with schedule.list.
18:51 bhosmer joined #salt
18:51 rickflare im so confused
18:51 rickflare i feel like this should be easy to do
18:53 arthabaska joined #salt
18:53 kunit iggy: {% if 'string' in grains['nodename'] %}  worked prefect, ty again
18:53 kunit or perfect
18:53 perfectsine joined #salt
18:54 aphor rickflare: do you want every node to interpret the variable differently, or do you want the context to be global or environment-wide?
18:54 aphor grain or pillar?
18:55 aphor or does your variable *really* represent a boolean assertion that something is OK or not?
18:55 aphor (state)
18:55 timoguin basically what is variable
18:55 iggy rickflare: put it in a pillar instead...
18:55 redzaku joined #salt
18:55 o5k_ joined #salt
18:56 timoguin you don't know, iggy. because you don't know what is variable.
18:56 timoguin but probably you are right.
18:56 iggy yeah... ^ more info never killed anyone
18:57 murrdoc pillar it all
18:57 murrdoc and when u shave it off
18:57 murrdoc move it to a grain
18:57 murrdoc if u want to get soemthing from a minion
18:57 murrdoc 'mine' it out
19:01 dopesong_ joined #salt
19:02 iggy speaking of salty terms... I almost called my salt UI "Mrs Dash" (get it... dash... board) but I figured I'd get sued
19:03 arthabaska iggy that would be almost as clever as Dulwich
19:03 perfectsine joined #salt
19:06 aphor I'm going to call my salt dashboard "unbrella
19:06 aphor "umbrella"
19:06 aphor as a Chicago homage http://www.mortonsalt.com/our-history/history-of-the-morton-salt-girl
19:07 murrdoc i like it
19:07 murrdoc aphor:  join the saltstack meetup group in chicago, Ahlee runs it
19:07 aphor oyeah...
19:08 aphor I just got back from some work travel, and I need to get all hooked up.
19:08 timoguin Will have to drop by next time I'm in Chicago. I loves it there.
19:08 iggy I like umbrella too
19:10 aphor Maybe we can host a meetup at my office? https://www.google.com/search?q=hybris+chicago+office&amp;tbm=isch
19:10 aphor Feel free to use umbrella
19:10 aphor Maybe it should be a convention?
19:12 HotTopic joined #salt
19:14 murrdoc aphor:  hit up ahlee
19:14 perfectsine joined #salt
19:14 murrdoc hes running it
19:14 HotTopic left #salt
19:14 aphor murrdoc: clickin' the link now! thx.
19:15 murrdoc gawd
19:15 murrdoc hurry up awready
19:15 murrdoc lets be online buds
19:15 murrdoc :)
19:15 bash124512 joined #salt
19:20 aphor nothing on the calendar yet...
19:20 aphor http://www.meetup.com/SaltStack-Chicago/events/ <-- context
19:21 murrdoc might be because of lack of place
19:21 stoogenmeyer__ joined #salt
19:21 murrdoc i dont know much else outside of that he started it
19:22 aphor Um.. this is going to drive me crazy. Ahlee is also Jeremy.
19:22 aphor name collision
19:23 aphor from Alons import Jeremy as Ahlee
19:25 aphor Okay I'm in. Now let's get something on the calendar?
19:25 aphor Ahlee: you *here* ?
19:25 jasonrm joined #salt
19:25 rojem joined #salt
19:26 andrew_v joined #salt
19:27 scbunn joined #salt
19:27 LeProvokateur joined #salt
19:28 N-Mi_ joined #salt
19:29 aphor CloudFlare is 503'ing the meetup pages on me
19:29 aphor table that whole meetup thing.
19:30 refnode_1 joined #salt
19:33 forrest joined #salt
19:33 TyrfingMjolnir joined #salt
19:33 gasbakid_ joined #salt
19:34 murrdoc oh u know jeremy
19:34 murrdoc perfect
19:35 murrdoc lets do beers and talk salt
19:38 murrdoc aphor:  whats your real name, i ll start a conversation about having our first meetup
19:39 aphor murrdoc: "Jeremy McMillan" <jeremy.mcmillan@gmail.com>
19:39 murrdoc cloudflare is a p.o.s
19:39 aphor murrdoc: also "Jeremy McMillan" <jeremy.mcmillan@hybris.com>
19:39 murrdoc i started the convo
19:39 aphor thx
19:39 murrdoc whenever meetups' post page returns
19:39 murrdoc i ll link
19:40 baweaver joined #salt
19:40 aphor I need to talk to our facilities contact about guidelines for hosting/scheduling meetups.
19:40 murrdoc worst case
19:41 murrdoc we ll goto a bar
19:41 aphor hybris has beer...
19:41 murrdoc or the 1800 building
19:41 hackel joined #salt
19:41 murrdoc damn hybris
19:41 ajw0100 joined #salt
19:41 StDiluted that was a great game on the Amiga, Hybris.
19:42 aphor BTW: http://en.wikipedia.org/wiki/Metope_%28architecture%29 <-- spellcheck keeps changing "meetup" on me.
19:43 aphor https://youtu.be/-LPvi00WjMQ <-- HAHA!
19:44 gadams joined #salt
19:44 rbstewart joined #salt
19:47 perfectsine_ joined #salt
19:49 rojem joined #salt
19:52 timoguin joined #salt
19:53 _JZ_ joined #salt
19:54 bmac2 anyone know of any work that has been done with salt and pfsense firewalls?
19:55 bmac2 looking at using just the salt-ssh command, but don't want to reinvent the wheel if anyone has done it already
19:55 niseak joined #salt
19:56 timoguin bmac2: was just looking through this thread: https://forum.pfsense.org/index.php?topic=81267.0
19:56 timoguin Looks like the goal is for pfSense to have a proper API
19:56 aphor murrdoc: do you work downtown?
19:57 bmac2 yes but that is in version 3.0
19:57 bmac2 which isn't out yet
19:57 aphor timoguin: that is f'n awesome!
19:57 bmac2 that post has been out a while about the roadmap for version 3.0
19:57 bmac2 they are dumping ALL php and redoing everything in python
19:57 bmac2 cleaning up the code base
19:57 aphor A couple of years I almost started to write my own pfSense replacement using Twisted.
19:57 murrdoc aphor:  i work from my house , which currently is in downtown
19:57 bmac2 and adding several APIs
19:58 aphor Took them long enough to vomit puke-haich-pee
19:58 ajw0100_ joined #salt
19:58 jeremyalons I'm here now, aphor
19:58 timoguin bmac2: well I know a lot of people have talked about pfSense, but I don't know what level of support for it there is at this point.
19:58 aphor murrdoc: want to stop by hybris Tuesday or Wednesday 5PM-ish?
19:59 murrdoc jeremyalons:  who are u what have u done to ahlee
19:59 aphor jeremyalons: goes for you also.
19:59 murrdoc whats up at 5pm
19:59 iggy I want to go :(
19:59 jeremyalons we're hosting a c++ meetup, so I was waiting for our facilities to get htat all straightened out as I do'nt want to overburden them
20:00 murrdoc like i work with a team in pacific time, so i ll want to know whats up
20:00 murrdoc before i can commit aphor
20:00 jcockhren a c++ meetup?
20:00 jcockhren wow
20:00 jeremyalons that got scheduled Monday or Tuesday, and I've been busy so I haven't gotten further
20:00 rojem joined #salt
20:01 jcockhren I'd go if that was in my city. Just to see who admits to having working knowledge of c++
20:01 jeremyalons jcockhren: there are dozens of us! dozens!
20:01 aphor murrdoc: I'm flexible.
20:01 jcockhren it's funny, when I say "boost libraries" people used to go, "Ah cool!" now it's "huh?"
20:01 * KennethWilke cringes
20:01 murrdoc boost is the secret to my energy
20:01 murrdoc OUR ENERGY
20:02 KennethWilke boost kills!
20:02 jeremyalons so, only limitation is it can't be week of 4/28
20:02 murrdoc context https://www.youtube.com/watch?v=T16fEwxcAKo
20:03 aphor jeremyalons: I'm up for an informal chat over beers next week, no pressure.
20:03 jeremyalons murrdoc: is it like Tang?
20:03 jeremyalons aphor: word!  sounds good as well.
20:04 murrdoc its like chocolate milk
20:04 aphor omg.. I'm going to throw up!
20:05 MatthewsFace joined #salt
20:05 aphor That guy just sprinted the reflecting pool at the Taj Mahal and then chugged instant chocolate milk?
20:05 aphor *hork*
20:05 murrdoc hahah
20:05 murrdoc the drink is called boost
20:06 XenophonF joined #salt
20:06 aphor salt 'hybris0.*' state.highstate... BUILD SUCCESSFUL Total time: 2 minutes 39 seconds Succeeded: 16 (changed=1) Failed:     0
20:06 aphor THAT was my goal for today!
20:06 murrdoc are u here for salt training
20:06 XenophonF hey all - i'm struggling with salt-cloud, and i think it's my installation, not my configuration
20:06 edrocks joined #salt
20:07 XenophonF given some provider config, i can run "salt-cloud --list-locations=all" on my FreeBSD Salt master, and it works fine
20:07 XenophonF that's running py27-salt-2014.7.2
20:08 _1_michael joined #salt
20:08 XenophonF i take the same provider config, put it on my CentOS Salt Master, and I get "KeyError: 'provider'" when I try to run the same command
20:08 XenophonF that's running salt-cloud-2014.7.2-1.el7.centos.noarch
20:08 XenophonF lemme post the full stacktrace - just a sec
20:08 timoguin XenophonF: Do you have libcloud and everything installed on CentOS?
20:09 XenophonF https://bpaste.net/show/3af6b15709a1
20:09 XenophonF i'm trying to access EC2
20:09 XenophonF so that just needs the requests library, right?
20:10 perfectsine joined #salt
20:10 XenophonF does the salt-cloud RPM or salt-formula's salt.cloud SLS not pull in all dependencies?
20:10 murrdoc requests greater than some version
20:10 murrdoc i forget what it was
20:10 XenophonF python-requests-1.1.0-8.el7.noarch
20:14 murrdoc pip install --upgrade pip
20:14 murrdoc i dont know if its helps
20:14 murrdoc i thought salt.utils is now using urlib
20:15 iggy in 2015.2
20:15 timoguin Isn't it optional?
20:15 timoguin Like, it'll use urlib or requests depending on what's installed...
20:16 XenophonF let me see what my freebsd master has installed
20:16 XenophonF py27-requests-2.4.3
20:16 XenophonF _much_ newer
20:16 XenophonF so, hm
20:16 XenophonF what do
20:17 XenophonF hang on gonna re-rtfm
20:18 XenophonF freebsd master has py27-libcloud-0.15.1 installed
20:18 XenophonF the centos master doesn't have libcloud installed at all
20:19 murrdoc u need to install rvm
20:19 XenophonF what's rvm?
20:19 murrdoc and gem for requests
20:19 murrdoc https://rubygems.org/gems/requests/versions/1.0.0
20:19 murrdoc also its 04/01/2015
20:19 murrdoc so i am totes trolling u
20:20 XenophonF you totally got me
20:20 murrdoc :)
20:21 niseak_ joined #salt
20:23 XenophonF well i installed python-libcloud-0.17.0-1.el7.noarch
20:23 XenophonF do i need to reboot or something?
20:23 XenophonF god that's such a windoze thing to ask
20:24 XenophonF salt-cloud still throws the same error
20:24 aphor please don't reboot
20:24 timoguin It should start working after 10 reboots.
20:24 aphor If not, then just keep rebooting until it works.
20:24 ek6 joined #salt
20:25 timoguin Be sure to apply curse words liberally.
20:28 dopesong joined #salt
20:29 cansis Hmm... I'm having trouble understanding the difference between salt States and Formulas
20:29 MatthewsFace joined #salt
20:29 cansis or are formulas just a collection of states?
20:29 murrdoc yes
20:29 cansis okay, thanks
20:31 zircote joined #salt
20:31 pjs joined #salt
20:31 aphor formulas are *coherent* collections of related states
20:32 zircote joined #salt
20:33 iggy realistically, a lot of formulas should be refactored as state and execution modules
20:33 babilen That (try) to follow a single style and are completely configurable through pillars
20:33 murrdoc singular file names would be nice
20:33 MatthewsFace joined #salt
20:33 iggy yeah, not refactored completely down
20:34 murrdoc we should make them python states
20:34 murrdoc so its super leet
20:34 murrdoc amirite!
20:34 babilen Clojure!
20:34 murrdoc omg yes
20:34 KennethWilke formulas seem very tricky to make for the diverse needs people have for services
20:34 babilen Therein lies the challenge :)
20:34 iggy f.ex the aptly formula does a lot of stuff in cmd.run's that should be a module+state
20:35 murrdoc yes
20:35 murrdoc cmd.run is evil
20:35 babilen absolutely
20:35 iggy but it's easy to understand what's going on the way it is now... so...
20:35 KennethWilke what?! we don't use python to shell out to do stuff?
20:35 KennethWilke heresy!
20:35 t1495Gues joined #salt
20:35 schristensen joined #salt
20:35 murrdoc i actually write python to execute perl scripts
20:35 spookah why?
20:35 murrdoc perl is the best for executing bash code
20:35 kunit cmd.run ins't evil, just misunderstood
20:36 murrdoc i mean i love ``
20:36 KennethWilke as someone who learned perl before bash, hard to disagree
20:36 baweaver joined #salt
20:36 cmcmacken joined #salt
20:36 murrdoc ` is my screen escape character
20:36 murrdoc so its great to have that every where in my code
20:36 KennethWilke it's kinda like bash, but with more useful stuff
20:36 KennethWilke lol
20:36 murrdoc also no nesting
20:36 murrdoc who needs nesting
20:36 KennethWilke reading perl is very unfortunate though
20:37 murrdoc still better than reading java
20:37 murrdoc open file … oh this class is an extension!
20:37 murrdoc close file, open another file
20:37 murrdoc oh this one too
20:37 murrdoc WHERE THE … :D
20:37 KennethWilke well i'd rather read disassembly than java
20:37 spookah it's not too bad if you avoid $_ and the other short cuts that are impossible to follow a year later
20:37 KennethWilke at least it makes sense
20:38 iggy murrdoc: lol... salt's code isn't a whole lot better
20:38 murrdoc but its only 3 dirs deep
20:39 iggy I had 40 files open trying to figure out how to hack in pillar:// uri support
20:39 murrdoc unlike java where it can be upwards of 6 dirs deep
20:39 KennethWilke i don't think there's a lot of inheritance in salt
20:39 KennethWilke gotta have something subclassed off a subclassed that implements an interface and has annotation
20:40 murrdoc <3 collection classes
20:40 murrdoc configs are overrated
20:40 murrdoc lets use a class with variables and a getter
20:40 spookah joined #salt
20:40 KennethWilke but still, i've worked on very java-like python code
20:41 KennethWilke and it's just about as awful as java code, though i expect java to be java-like
20:42 forrest joined #salt
20:43 XenophonF anyone else out there running salt-cloud on centos 7 or rhel 7?
20:46 timoguin XenophonF: No luck after installing libcloud?
20:47 BtbN How does the pkg upgrades thing deal with interactive updates?
20:49 druonysus joined #salt
20:49 penguinpowernz joined #salt
20:49 mpanetta joined #salt
20:50 timoguin BtbN: It passes non-interactive flags for dpkg, including things like keeping old configs
20:50 iggy at least on debian it sets vars to disable interactivity
20:51 BtbN Hm, does it keep track of what configs it wanted to update?
20:51 timoguin No, not unless you are explicitly managing those config files.
20:52 timoguin Well, actually, it might log some of that info, but I don't think so.
20:55 baweaver joined #salt
20:55 penguinpowernz joined #salt
20:56 iggy there are state modules for debconf
20:57 scoates is there an intelligent way to prune keys from the master if the nodes aren't connected (assuming the nodes no longer exist)
20:57 scoates ?
20:58 bhosmer joined #salt
20:58 jcockhren scoates: http://docs.saltstack.com/en/latest/ref/runners/all/salt.runners.manage.html#salt.runners.manage.down
20:59 XenophonF timoguin: no, salt-cloud returns the same KeyError
20:59 scoates thanks!
21:00 timoguin XenophonF: Makes me wonder if you have some stale pyc files around. That's been an issue with the packages in the past.
21:00 timoguin At least I'd make sure all yours are cleared out
21:05 XenophonF timoguin: i'm not entirely sure how i'd check that
21:06 XenophonF it's a newly built server
21:06 XenophonF i think it's only had 2014.7.2 installed
21:06 timoguin find <python path> -iname '*.pyc' -delete
21:07 timoguin Maybe here? /usr/local/lib/python2.7/site-packages/
21:08 murrdoc rebuild vm
21:09 bhosmer joined #salt
21:10 keimlink joined #salt
21:11 cberndt joined #salt
21:11 tomh- joined #salt
21:12 XenophonF well here goes find /usr/lib -name '*.pyc' -delete
21:13 XenophonF worst case i rebuild my master
21:13 Vynce left #salt
21:13 XenophonF been meaning to switch from centos to rhel anyway
21:13 baweaver joined #salt
21:15 zircote joined #salt
21:16 niseak joined #salt
21:16 baweaver joined #salt
21:18 dleedyna joined #salt
21:19 XenophonF timoguin: deleting all pyc files made no difference
21:19 timoguin XenophonF: bummer
21:19 XenophonF yeah, really
21:21 scbunn joined #salt
21:34 zircote joined #salt
21:35 zircote joined #salt
21:36 jeremyalons to try to figure out how to get salt-api to work behind nginx, or go to the bar
21:36 jeremyalons decisions decisions
21:36 spookah bring your laptop to the bar?
21:37 basepi Salt hit 50,000 commits today! You are all awesome!
21:37 mpanetta Sweet!
21:37 jeremyalons spookah: I don't work off hours.
21:37 jeremyalons I'm too old and crotchety to put up with that nonsense any longer
21:38 elektrix_ +1
21:38 jeremyalons basepi: woo!
21:38 basepi jeremyalons: what happened to Ahlee? =P
21:38 murrdoc i too want to know this
21:39 jessie_ joined #salt
21:39 jessie_ iggy: how do good sir
21:39 igorwidl joined #salt
21:39 dopesong joined #salt
21:47 ek6 joined #salt
21:49 toastedpenguin joined #salt
21:50 jeremyalons basepi: branding™
21:50 renoirb joined #salt
21:50 giantlock joined #salt
21:51 jeremyalons as MSFT learned with IE, when you sully one name, just adopt a new one.
21:53 basepi jeremyalons: hahaha
21:53 basepi better be careful with that one, because if you sully it you'll have to legally change your name. =P
21:54 iggy ^ lol
21:54 iggy jessie_: ahoy!
21:55 babilen yeah, release date has been announced
21:56 jessie_ what for ? a baby
21:56 babilen jessie
21:56 jessie_ aye ?
21:56 babilen https://lists.debian.org/debian-devel-announce/2015/03/msg00002.html
21:57 babilen Ah, not
21:57 jessie_ yes
21:57 babilen https://lists.debian.org/debian-devel-announce/2015/03/msg00016.html that's the one
21:57 jessie_ named after a release... flattered
21:58 babilen Just don't hang out in #debian* if you care about meaningful highlights
21:58 iggy that's a bad idea in general
21:58 jessie_ aye yes i see what you mean
21:58 babilen iggy: What is?
21:58 jessie_ use irc for devops really
21:59 iggy hanging out in #debian*
21:59 jessie_ i concure with @ iggy  centos and ubuntu plz
21:59 babilen iggy: How so?
21:59 spicyWith joined #salt
21:59 iggy I use debian... I'd just rather castrate myself with rocks than go in their irc
21:59 babilen Just curious - I'm an op in there. What's the issue with the channel?
22:00 jessie_ i was joking babilen :)
22:00 iggy it's full of people like me (assholes)
22:00 iggy in here... it's mostly just murrdoc and I that are assholes... so it's okay... but when there are dozens/hundreds of assholes, well, it's not pretty
22:02 baweaver joined #salt
22:02 murrdoc uh hmm
22:02 murrdoc what he said
22:03 babilen iggy: When have you joined last? Also if this is mostly a trope or joke I don't necessarily want to continue it, but if I hear "hanging out in #debian* [is] a bad idea in general" I wonder why and how that can be addressed
22:04 iggy it's been a while, I'll give you that
22:05 babilen okay
22:05 murrdoc i havent ever hung out in debian
22:06 babilen right
22:06 murrdoc i was cosigning the 'sorta asshole' part of the statement
22:06 babilen Well, sorry if I've taken what you said a bit too seriously
22:06 jessie_ jeez....
22:06 murrdoc nope its respectable
22:06 murrdoc u care about your channel
22:06 * babilen hands everyone a nice beer
22:06 murrdoc what is this an ipa!
22:07 murrdoc :)
22:07 iggy it's hard to overcome the foibles of past chanops
22:08 murrdoc its easy
22:08 murrdoc once they leave
22:08 babilen Yes, you've got a Deuchar, iggy a Pilsner Urquell and I got myself a nice Gutmann Weizen
22:08 iggy nah, because you've still got people that years later remember how it was and refuse to even attempt a visit there
22:09 babilen yeah, we have quite a few new ops
22:09 babilen shit still happens, but trust me ... we try. And even with eight active ops it is a lot of work at times
22:10 murrdoc in an os channel its not surprising
22:10 babilen Hmm, do we need a #salt-offtopic ?
22:10 murrdoc uh this #salt-offtopic
22:10 babilen heh
22:10 jessie_ yes it is
22:11 murrdoc but we get work done all the time
22:12 baweaver joined #salt
22:13 mosen joined #salt
22:16 TheLoeki joined #salt
22:18 N-Mi_ joined #salt
22:18 iggy SSCEs: 6285 -- BUGS: 0
22:21 murrdoc how babilen passes the beer http://i.imgur.com/ENziLUz.gifv
22:24 babilen haha
22:26 jessie_ i think that was an enron employee before it colapsed
22:27 sunkist joined #salt
22:33 echo joined #salt
22:37 hasues joined #salt
22:38 hasues left #salt
22:40 dopesong joined #salt
22:44 pravka joined #salt
22:45 jessie_ iggy: you about a fair bit tonight ?
22:46 iggy probably not, got a ton of stuff to take care of before my flight leaves tomorrow, but I'm here now
22:46 jessie_ ahh fair enough
22:46 jessie_ wanna gonna pick your brain for a few hours
22:47 aquassaut joined #salt
22:47 iggy well, get cracking
22:47 jessie_ lol
22:48 jessie_ you wont be around for a few hours soooo
22:48 iggy there are other smart people here
22:48 iggy I mean theoretically...
22:48 jessie_ i question this..
22:49 baweaver joined #salt
22:50 iggy I won't be around again until next Tuesday... so you might want to get a head start now
22:51 MindDrive Just curious, anyone here heading to PyCon (Montreal) next week?
22:51 murrdoc would be nice
22:52 jessie_ i have a reinstall to do... to update... then understand the connection to source control.... then after that have to get my head around grains and high state etc
22:55 iggy my thoughts on the topic are... start off with a fairly normal (i.e. not tied to git) setup... get used to everything... then start adding things in
22:56 jessie_ i added cloud to create vms to then test the config management
22:56 jessie_ if i leave git for now, i will need to get my head around how salt handles cfg's and pushes
22:56 iggy you will have to do that anyway
22:57 iggy gitfs doesn't magically make all that stuff go away... it just makes the path from your desktop to the salt master's fileserver different
22:57 jessie_ yeah i know :) just dont know where to start with all that
22:59 mosen you can test stuff locally with salt-call if you want to learn the modules/states without the infrastructure part
23:00 jessie_ is there any youtube vids around getting started with this side of things
23:03 dleedyna joined #salt
23:03 iggy There are lots. None that I feel comfortable suggesting (as I don't generally learn much from videos)
23:05 jessie_ anyone used bamboo here
23:05 jessie_ for CI
23:06 murrdoc doesnt stand
23:07 jessie_ ?
23:09 melinath joined #salt
23:10 jessie_ feel like doing a 12 hour marathon... of salt :)
23:10 jessie_ have a feeling there will be lots of cursing
23:11 melinath My mysql minion config variables from my are being ignored by salt-call. Help?
23:11 melinath sudo salt-call --local mysql.db_exists 'db_name'
23:11 melinath [ERROR   ] MySQL Error 1044: Access denied for user ''@'localhost' to database 'mysql'
23:12 melinath Relevant configuration: https://gist.github.com/melinath/9a307c18aa70f3bc9318
23:13 jessie_ best version to run salt stack on ?
23:14 jessie_ ubuntu ?   14.04 ?
23:14 iggy jessie_: should be fine
23:14 iggy jessie_: you'll have to setup the ppa though... I want to say 14.04 had 0.17.5
23:15 vegardx With a name like that, and you're running ubuntu? D:
23:15 vegardx Debian Jessie is soooo close to release.
23:15 jessie_ sweet just gonna do a fresh install for sake of learning re learning etc.
23:15 jessie_ ubuntu ftw
23:15 mafrosis joined #salt
23:16 mafrosis lo, can anyone help me understand why a salt.client.Caller() function call doesn’t work?
23:16 __number5__ there is no "best linux verion" to run salt on, since salt supposed to manage all sorts of different versions of linux and other OS
23:16 murrdoc but ubuntu is the safest bet
23:16 __number5__ mafrosis: errors & code paste to somewhere
23:16 mafrosis caller.function('mysql.user_create', ‘dbuser’, host=‘blah.rds.amazonaws.com', connection_username=“rootuser”, connection_password=“rootpass”)
23:16 mafrosis this returns immediately with False
23:17 mafrosis it’s clearly not even connecting to the remote host
23:17 iggy you can't login to rds hosts?
23:17 jessie_ iggy:  ppa ! my breain already hurts, think i need some jack daniels... or mc donnalds
23:18 jessie_ woudl 14.10 be better
23:19 murrdoc you want to learn salt jessie_ ?
23:19 iggy not really... salt is a fast moving target... no distro is shipping the latest version
23:19 mafrosis iggy I can connect to the DB with the same creds elsewhere
23:19 jessie_ murrdoc: ya
23:19 murrdoc and u want to learn it for work or fun
23:20 jessie_ work
23:20 murrdoc what os do you use at work
23:20 __number5__ mafrosis: check your security groups for that RDS first to confirm
23:20 mafrosis __number5__ good idea
23:20 murrdoc jessie_:  what os do you use at work
23:21 iggy mafrosis: that's not how modules work
23:21 iggy or salt for that matter
23:21 mafrosis __number5__ can connect just fine
23:21 jessie_ murrdoc: AWS .net java house. so win and linux
23:21 mafrosis iggy this is the first time I’ve even tried to call salt this way
23:21 nickg any suggestions on what i can do to debug why my master always thinks my minions are down?
23:21 murrdoc ok jessie_
23:21 murrdoc follow the docs here
23:21 murrdoc https://github.com/komljen/sensu-salt
23:21 murrdoc test in vagrant
23:22 murrdoc the os is picked for you
23:22 __number5__ mafrosis: can you run that function with salt-call on command line?
23:22 murrdoc then jessie_ start working on salt-cloud
23:22 iggy mafrosis: nvm, that module works different than some of the other DB modules I've seen
23:22 murrdoc with the saltstack docs
23:22 jessie_ thats a monitoring tool?
23:22 kusams joined #salt
23:23 iggy mafrosis: start off with "salt-call -l debug mysql.version" on the host you are trying to work from
23:24 jessie_ murrdoc: am happy to use the cloud vms to do tests with... ?
23:24 murrdoc start with this first
23:25 jessie_ doesnt really help if your not telling me why, if i did everything someone said without any proper reason...
23:25 murrdoc true
23:26 jessie_ dont wanna be painful. :)
23:26 murrdoc it solves your salt bootstrap needs
23:26 murrdoc so you dont waste time picking an os
23:26 murrdoc and u get to play with decent code
23:27 iggy mafrosis: connection_user connection_pass
23:27 __number5__ just use salt-bootstrap script on any machine available now
23:27 __number5__ jessie_: ^
23:27 iggy mafrosis: not connection_username= connection_password=
23:27 murrdoc yeah
23:27 dude051 joined #salt
23:27 murrdoc and follow this http://docs.saltstack.com/en/latest/topics/tutorials/states_pt1.html
23:27 mafrosis good spot iggy
23:28 jessie_ thanks i will look into that for sure dude
23:28 iggy I always find things are easier if you have an actual useful goal, rather than just some vague notion of "I want to learn X software"
23:29 iggy So... set me up a replicated mongodb cluster using salt
23:29 jessie_ ability to auto scale, create a vm with cfg's to be installed on a linux system before ready for prod
23:29 iggy when you're done, paste all the code to gist so I can "check" it
23:29 jessie_ the steps will be small
23:30 iggy Can anybody guess what my boss asked me to do today?
23:31 jcockhren iggy: rewrite evrything in Go
23:31 jessie_ http://docs.saltstack.com/en/latest/topics/installation/ubuntu.html
23:31 jessie_ iggy: i assumed you said that cloud was apart of the main package ?
23:31 beneggett joined #salt
23:32 jessie_ not installing them manually
23:32 iggy we use java... they won't figure out what go is for some time to come
23:33 iggy it is... ubuntu packages just break everything apart (syndic, salt-ssh, salt-api, etc. are all part of salt, but they are separate packages)
23:34 keimlink_ joined #salt
23:34 jessie_ jeezaloo. ok so thats the actual reason why my current salt master needed cloud installed manually
23:34 jessie_ because it was on ubuntu... not due to the update need
23:35 subsignal joined #salt
23:36 jessie_ ok well the install of salt was easy enough anyways
23:38 jessie_ can someone give me an easy aspect to do just so i understand the cfg push, because grain and high states just not clear for me at mo
23:38 jessie_ so i think i need to test a small process in which i see that works locally
23:38 murrdoc i tried man
23:38 murrdoc u just didnt like the option i gave you
23:38 murrdoc so
23:39 jessie_ http://docs.saltstack.com/en/latest/topics/tutorials/states_pt1.html
23:39 jessie_ ?
23:39 jessie_ your talking about vagrant as well... inside that ... ?
23:40 jessie_ i wanna be testing this on the same machine its set up on.
23:43 iggy set it up on something you don't mind throwing away... just assume that you'll figure out better ways to do things as you go and/or you might make some mistake that renders the system useless
23:44 troyready joined #salt
23:44 jessie_ am starting with the states. iggy  thanks dude
23:45 bhosmer_ joined #salt
23:45 seev I never used grains
23:46 seev except {% grains['id'] %}
23:46 seev they're only necessary if you do some fancy stuff
23:46 iggy I use them frequently
23:46 seev are you writing states that must target multiple platforms?
23:47 baweaver joined #salt
23:47 jessie_ err. seriously... i wanna see salt in its full glory... meaning all methods
23:47 jessie_ that way i get a bigger picture
23:49 dingo https://github.com/diegows/elastic-mongodb
23:49 dingo i make to warranty of the quality of that repo
23:50 ajw0100 joined #salt
23:50 dingo no warranty, rather
23:56 pravka joined #salt
23:57 subsignal joined #salt
23:58 joshin What's the right way to keep a package up to date? I'm using pkg.latest (on 2014.7.4) and it gives an error about packages already being up to date.

| Channels | #salt index | Today | | Search | Google Search | Plain-Text | summary